Improved TLS 1.2 support. Added support for the SignatureAlgorithm extension

as well for the SignatureAlgorithm in certificate request.

Limitation for TLS 1.2 clients:
 Only SHA1 or SHA256 are supported for generating signatures in
certificate verify message. That is to avoid storing all handshake
messages in memory. To be reconsidered in the future.

1 files changed, 2 insertions, 1 deletions

diff --git a/lib/gnutls_state.h b/lib/gnutls_state.h
index dbb2a51a09..bff0022820 100644
--- a/lib/gnutls_state.h
+++ b/lib/gnutls_state.h
@@ -41,7 +41,8 @@ void _gnutls_session_cert_type_set (gnutls_session_t session,
 
 int _gnutls_session_cert_type_supported (gnutls_session_t,
 					 gnutls_certificate_type_t);
-
+int _gnutls_session_sign_algo_supported (gnutls_session_t session,
+                                     gnutls_sign_algorithm_t sig, int check_certs);
 int _gnutls_dh_set_secret_bits (gnutls_session_t session, unsigned bits);
 
 int _gnutls_dh_set_peer_public (gnutls_session_t session, bigint_t public);