diff options
| author | Jack Lloyd <[email protected]> | 2016-01-06 19:36:07 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2016-03-06 05:43:56 -0500 |
| commit | 2f7225c5f56feab172978a0182ac27c20b02c080 (patch) | |
| tree | 58c9d5d45f3772cd759cd0a52f9ccaa7891b7667 /src/lib/tls/tls_policy.cpp | |
| parent | 027733a7d7ae44e8eb0c96cef371ba592f4cd386 (diff) | |
Check that TLS signature type is accepted by the policy.
Previously the signature hashes and algos info was used to set the v1.2
signature_algorithms extension, but if the counterparty ignored the
extension and sent something else, we wouldn't notice.
Diffstat (limited to 'src/lib/tls/tls_policy.cpp')
| -rw-r--r-- | src/lib/tls/tls_policy.cpp | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp index 3100db50d..be4c61b16 100644 --- a/src/lib/tls/tls_policy.cpp +++ b/src/lib/tls/tls_policy.cpp @@ -84,6 +84,11 @@ std::vector<std::string> Policy::allowed_signature_methods() const }; } +bool Policy::allowed_signature_method(const std::string& sig_method) const + { + return value_exists(allowed_signature_methods(), sig_method); + } + std::vector<std::string> Policy::allowed_ecc_curves() const { return { |