diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-10-03 15:59:14 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-11-16 14:24:35 +0100 |
commit | dbf57ecf4922830968655530d46f95834b7ba722 (patch) | |
tree | dc67f69994098edda4ed703eb470c4e7ed87b338 | |
parent | d1d8158f81bf578b02167176aa70aa6d4515f447 (diff) | |
download | gnutls-dbf57ecf4922830968655530d46f95834b7ba722.tar.gz |
gnutls_auth*_get_type: use gnutls_kx_get to retrieve key exchange
That allows the functions to operate under TLS 1.3 which have
no key exchange as part of the ciphersuite.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/auth.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/lib/auth.c b/lib/auth.c index a117680260..1c5af27efb 100644 --- a/lib/auth.c +++ b/lib/auth.c @@ -201,6 +201,7 @@ gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session) /* This is not the credentials we must set, but the authentication data * we get by the peer, so it should be reversed. */ + gnutls_kx_algorithm_t kx; int server = session->security_parameters.entity == GNUTLS_SERVER ? 0 : 1; @@ -209,9 +210,10 @@ gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session) return 0; } + kx = gnutls_kx_get(session); + return - _gnutls_map_kx_get_cred(session->security_parameters. - cs->kx_algorithm, server); + _gnutls_map_kx_get_cred(kx, server); } /** @@ -228,14 +230,17 @@ gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session) gnutls_credentials_type_t gnutls_auth_server_get_type(gnutls_session_t session) { + gnutls_kx_algorithm_t kx; + if (!session->security_parameters.cs) { gnutls_assert(); return 0; } + kx = gnutls_kx_get(session); + return - _gnutls_map_kx_get_cred(session->security_parameters. - cs->kx_algorithm, 1); + _gnutls_map_kx_get_cred(kx, 1); } /** @@ -252,14 +257,17 @@ gnutls_auth_server_get_type(gnutls_session_t session) gnutls_credentials_type_t gnutls_auth_client_get_type(gnutls_session_t session) { + gnutls_kx_algorithm_t kx; + if (!session->security_parameters.cs) { gnutls_assert(); return 0; } + kx = gnutls_kx_get(session); + return - _gnutls_map_kx_get_cred(session->security_parameters. - cs->kx_algorithm, 0); + _gnutls_map_kx_get_cred(kx, 0); } |