Commit a8432661 authored by Paul Eggert's avatar Paul Eggert Committed by Robert Pluim

Don’t mention :safe-renegotiation in TLS 1.3

* src/gnutls.c (Fgnutls_peer_status): Don’t put the
safe-renegotiation indication into the status in TLS 1.3, which
removed support for renegotiation.
parent fc9ed61a
......@@ -1487,10 +1487,10 @@ returned as the :certificate entry. */)
(gnutls_kx_get (state)))));
/* Protocol name. */
gnutls_protocol_t proto = gnutls_protocol_get_version (state);
result = nconc2
(result, list2 (intern (":protocol"),
build_string (gnutls_protocol_get_name
(gnutls_protocol_get_version (state)))));
build_string (gnutls_protocol_get_name (proto))));
/* Cipher name. */
result = nconc2
......@@ -1520,9 +1520,15 @@ returned as the :certificate entry. */)
#endif
/* Renegotiation Indication */
result = nconc2
(result, list2 (intern (":safe-renegotiation"),
gnutls_safe_renegotiation_status (state) ? Qt : Qnil));
#ifdef GNUTLS_TLS1_3
bool older_proto = proto < GNUTLS_TLS1_3;
#else
bool older_proto = true;
#endif
if (older_proto)
result = nconc2
(result, list2 (intern (":safe-renegotiation"),
gnutls_safe_renegotiation_status (state) ? Qt : Qnil));
return result;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment