Index: third_party/tlslite/tlslite/messages.py |
diff --git a/third_party/tlslite/tlslite/messages.py b/third_party/tlslite/tlslite/messages.py |
index fa4d8174c1aeb81f0ddd00af614e568dde22b450..fe4296be8fda20bd6bf60485a718019a5716ba5f 100644 |
--- a/third_party/tlslite/tlslite/messages.py |
+++ b/third_party/tlslite/tlslite/messages.py |
@@ -131,6 +131,7 @@ class ClientHello(HandshakeMsg): |
self.compression_methods = [] # a list of 8-bit values |
self.srp_username = None # a string |
self.channel_id = False |
+ self.support_signed_cert_timestamps = False |
def create(self, version, random, session_id, cipher_suites, |
certificate_types=None, srp_username=None): |
@@ -171,12 +172,20 @@ class ClientHello(HandshakeMsg): |
while soFar != totalExtLength: |
extType = p.get(2) |
extLength = p.get(2) |
+ # Note: the mapping of the following two types is not |
+ # RFC-compatible: |
+ # extension 6 is user_mapping |
+ # extension 7 is client_authz |
wtc
2013/11/26 22:46:12
Sorry about the confusion. I didn't mean to ask yo
ekasper
2013/11/27 14:09:04
Done.
|
if extType == 6: |
self.srp_username = bytesToString(p.getVarBytes(1)) |
elif extType == 7: |
self.certificate_types = p.getVarList(1, 1) |
elif extType == ExtensionType.channel_id: |
self.channel_id = True |
+ elif extType == ExtensionType.signed_cert_timestamps: |
+ if extLength: |
+ raise SyntaxError() |
+ self.support_signed_cert_timestamps = True |
else: |
p.getFixBytes(extLength) |
soFar += 4 + extLength |
@@ -224,6 +233,7 @@ class ServerHello(HandshakeMsg): |
self.certificate_type = CertificateType.x509 |
self.compression_method = 0 |
self.channel_id = False |
+ self.signed_cert_timestamps = None |
def create(self, version, random, session_id, cipher_suite, |
certificate_type): |
@@ -273,6 +283,9 @@ class ServerHello(HandshakeMsg): |
if self.channel_id: |
extLength += 4 |
+ if self.signed_cert_timestamps: |
+ extLength += 4 + len(self.signed_cert_timestamps) |
+ |
if extLength != 0: |
w.add(extLength, 2) |
@@ -286,6 +299,10 @@ class ServerHello(HandshakeMsg): |
w.add(ExtensionType.channel_id, 2) |
w.add(0, 2) |
+ if self.signed_cert_timestamps: |
+ w.add(ExtensionType.signed_cert_timestamps, 2) |
+ w.addVarSeq(stringToBytes(self.signed_cert_timestamps), 1, 2) |
+ |
return HandshakeMsg.postWrite(self, w, trial) |
class Certificate(HandshakeMsg): |