You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the peer's signature schemes are read into the iana_list buffer. This limits the number of possible signature schemes the peer is allowed to send, since the buffer has a fixed size. If too many signature schemes are received, the connection fails.
Solution:
Rather than copy the signature schemes into a separate buffer, the signature schemes should instead be read straight from the client hello/certificate request.
The text was updated successfully, but these errors were encountered:
In case it helps: I started on but I guess never finished this last year e088cb7 I'm not sure why I thought skipping extensions was necessary there though, we should just be able to have a separate "process" method we call after receiving the extension, like we do to calculate the PSK binders.
Problem:
Currently the peer's signature schemes are read into the iana_list buffer. This limits the number of possible signature schemes the peer is allowed to send, since the buffer has a fixed size. If too many signature schemes are received, the connection fails.
Solution:
Rather than copy the signature schemes into a separate buffer, the signature schemes should instead be read straight from the client hello/certificate request.
The text was updated successfully, but these errors were encountered: