From: Nikos Mavrogiannopoulos Date: Sun, 1 Nov 2009 12:57:24 +0000 (+0200) Subject: Do not output error if a server replies with a SignatureAlgorithms extension. X-Git-Tag: gnutls_2_9_8~28 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ac35cd8455b6043bdb2ddc1c46979d24b23a5bcf;p=thirdparty%2Fgnutls.git Do not output error if a server replies with a SignatureAlgorithms extension. --- diff --git a/lib/ext_signature.c b/lib/ext_signature.c index 828c006d32..fec09df710 100644 --- a/lib/ext_signature.c +++ b/lib/ext_signature.c @@ -216,7 +216,11 @@ _gnutls_signature_algorithm_recv_params (gnutls_session_t session, { /* nothing for now */ gnutls_assert (); - return GNUTLS_E_UNEXPECTED_PACKET; + /* Although TLS 1.2 mandates that we must not accept reply + * to this message, there are good reasons to just ignore it. Check + * http://www.ietf.org/mail-archive/web/tls/current/msg03880.html + */ + /* return GNUTLS_E_UNEXPECTED_PACKET; */ } else {