diff options
author | Paul Eggert <eggert@cs.ucla.edu> | 2019-09-03 12:16:21 -0700 |
---|---|---|
committer | Robert Pluim <rpluim@gmail.com> | 2019-09-04 23:46:31 +0200 |
commit | a8432661130ac73ecf7606b1132e9b0d388ab60f (patch) | |
tree | cb7c2d296c36d48a5b59a603d1575d8266b3fb4b /src/gnutls.c | |
parent | fc9ed61a4357f766292d157ad89e0c1ffb1fa1e2 (diff) | |
download | emacs-a8432661130ac73ecf7606b1132e9b0d388ab60f.tar.gz |
Don’t mention :safe-renegotiation in TLS 1.3
* src/gnutls.c (Fgnutls_peer_status): Don’t put the
safe-renegotiation indication into the status in TLS 1.3, which
removed support for renegotiation.
Diffstat (limited to 'src/gnutls.c')
-rw-r--r-- | src/gnutls.c | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/src/gnutls.c b/src/gnutls.c index 042f43e2912..c74936c840f 100644 --- a/src/gnutls.c +++ b/src/gnutls.c @@ -1487,10 +1487,10 @@ returned as the :certificate entry. */) (gnutls_kx_get (state))))); /* Protocol name. */ + gnutls_protocol_t proto = gnutls_protocol_get_version (state); result = nconc2 (result, list2 (intern (":protocol"), - build_string (gnutls_protocol_get_name - (gnutls_protocol_get_version (state))))); + build_string (gnutls_protocol_get_name (proto)))); /* Cipher name. */ result = nconc2 @@ -1520,9 +1520,15 @@ returned as the :certificate entry. */) #endif /* Renegotiation Indication */ - result = nconc2 - (result, list2 (intern (":safe-renegotiation"), - gnutls_safe_renegotiation_status (state) ? Qt : Qnil)); +#ifdef GNUTLS_TLS1_3 + bool older_proto = proto < GNUTLS_TLS1_3; +#else + bool older_proto = true; +#endif + if (older_proto) + result = nconc2 + (result, list2 (intern (":safe-renegotiation"), + gnutls_safe_renegotiation_status (state) ? Qt : Qnil)); return result; } |