diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-04-02 20:08:42 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-04-02 21:51:12 +0200 |
| commit | 06fdfbb767d2adf18ac5c44b72eb37e96830d3fe (patch) | |
| tree | a85aba210c1fb659998915986ea48bcd0fb6fd98 | |
| parent | babf9dfb4f29a69525eca3d8905e5d1ac88a0459 (diff) | |
| download | gnutls-06fdfbb767d2adf18ac5c44b72eb37e96830d3fe.tar.gz | |
make a short list of the available PK algorithms
| -rw-r--r-- | lib/gnutls_handshake.c | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 39b67ee8e9..5074e10ade 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -824,8 +824,10 @@ server_find_pk_algos_in_ciphersuites (const uint8_t * gnutls_pk_algorithm_t * algos, size_t* algos_size) { - unsigned int j; + unsigned int j, x; gnutls_kx_algorithm_t kx; + gnutls_pk_algorithm_t pk; + unsigned found; unsigned int max = *algos_size; if (datalen % 2 != 0) @@ -840,10 +842,23 @@ server_find_pk_algos_in_ciphersuites (const uint8_t * kx = _gnutls_cipher_suite_get_kx_algo (&data[j]); if (_gnutls_map_kx_get_cred (kx, 1) == GNUTLS_CRD_CERTIFICATE) { - algos[(*algos_size)++] = _gnutls_map_pk_get_pk (kx); + pk = _gnutls_map_pk_get_pk (kx); + found = 0; + for (x=0;x<*algos_size;x++) + { + if (algos[x] == pk) + { + found = 1; + break; + } + } - if ((*algos_size) >= max) - return 0; + if (found == 0) + { + algos[(*algos_size)++] = _gnutls_map_pk_get_pk (kx); + if ((*algos_size) >= max) + return 0; + } } } @@ -899,7 +914,7 @@ _gnutls_server_select_suite (gnutls_session_t session, uint8_t * data, ret = _gnutls_supported_ciphersuites (session, cipher_suites, sizeof(cipher_suites)); if (ret < 0) return gnutls_assert_val(ret); - + cipher_suites_size = ret; /* Here we remove any ciphersuite that does not conform @@ -3292,7 +3307,6 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t session, * by that certificate and are on the same authentication * method (CERTIFICATE). */ - cert_cred = (gnutls_certificate_credentials_t) _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, |