OLD | NEW |
(Empty) | |
| 1 diff --git a/tlslite/constants.py b/tlslite/constants.py |
| 2 index 8f2d559..04302c0 100644 |
| 3 --- a/tlslite/constants.py |
| 4 +++ b/tlslite/constants.py |
| 5 @@ -5,6 +5,12 @@ class CertificateType: |
| 6 openpgp = 1 |
| 7 cryptoID = 2 |
| 8 |
| 9 +class ClientCertificateType: |
| 10 + rsa_sign = 1 |
| 11 + dss_sign = 2 |
| 12 + rsa_fixed_dh = 3 |
| 13 + dss_fixed_dh = 4 |
| 14 + |
| 15 class HandshakeType: |
| 16 hello_request = 0 |
| 17 client_hello = 1 |
| 18 diff --git a/tlslite/messages.py b/tlslite/messages.py |
| 19 index 06c46b9..8bcec2c 100644 |
| 20 --- a/tlslite/messages.py |
| 21 +++ b/tlslite/messages.py |
| 22 @@ -346,7 +346,9 @@ class Certificate(HandshakeMsg): |
| 23 class CertificateRequest(HandshakeMsg): |
| 24 def __init__(self): |
| 25 self.contentType = ContentType.handshake |
| 26 - self.certificate_types = [] |
| 27 + #Apple's implementation rejects empty certificate_types, so |
| 28 + #default to rsa_sign. |
| 29 + self.certificate_types = [ClientCertificateType.rsa_sign] |
| 30 #treat as opaque bytes for now |
| 31 self.certificate_authorities = createByteArraySequence([]) |
| 32 |
OLD | NEW |