Implemented RFC7250 certificate type negotiation extensions.

Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>

3 files changed, 19 insertions, 0 deletions

diff --git a/doc/Makefile.am b/doc/Makefile.am
index 5d6cd0c1bc..782b3cf55f 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -547,6 +547,7 @@ ENUMS += enums/gnutls_cipher_algorithm_t
 ENUMS += enums/gnutls_close_request_t
 ENUMS += enums/gnutls_compression_method_t
 ENUMS += enums/gnutls_credentials_type_t
+ENUMS += enums/gnutls_ctype_target_t
 ENUMS += enums/gnutls_digest_algorithm_t
 ENUMS += enums/gnutls_ecc_curve_t
 ENUMS += enums/gnutls_ext_flags_t
@@ -796,6 +797,8 @@ FUNCS += functions/gnutls_certificate_set_x509_trust_mem
 FUNCS += functions/gnutls_certificate_set_x509_trust_mem.short
 FUNCS += functions/gnutls_certificate_type_get
 FUNCS += functions/gnutls_certificate_type_get.short
+FUNCS += functions/gnutls_certificate_type_get2
+FUNCS += functions/gnutls_certificate_type_get2.short
 FUNCS += functions/gnutls_certificate_type_get_id
 FUNCS += functions/gnutls_certificate_type_get_id.short
 FUNCS += functions/gnutls_certificate_type_get_name
@@ -1528,6 +1531,8 @@ FUNCS += functions/gnutls_prf_rfc5705
 FUNCS += functions/gnutls_prf_rfc5705.short
 FUNCS += functions/gnutls_priority_certificate_type_list
 FUNCS += functions/gnutls_priority_certificate_type_list.short
+FUNCS += functions/gnutls_priority_certificate_type_list2
+FUNCS += functions/gnutls_priority_certificate_type_list2.short
 FUNCS += functions/gnutls_priority_cipher_list
 FUNCS += functions/gnutls_priority_cipher_list.short
 FUNCS += functions/gnutls_priority_compression_list
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 8fd31b2add..9a4cf29933 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -1292,6 +1292,18 @@ Catch all which enables all curves from NORMAL priority is CURVE-ALL. Note
 that the CURVE keyword is kept for backwards compatibility only, for new
 applications see the GROUP keyword above.
 
+@item Certificate types @tab
+Certificate type negotitation must be explicitly enabled via the
+GNUTLS_ENABLE_CERT_TYPE_NEG flag in gnutls_init().
+Certificate types can be given in a symmetric fashion (i.e. the same for
+both client and server) or, as of GnuTLS 3.6.4, in an asymmetric fashion
+(i.e. different for the client than for the server).
+
+Currently supported types are:
+CTYPE-X509 or CTYPE-X.509. Catch all is CTYPE-ALL.
+CTYPE-CLI-X509 or CTYPE-CLI-X.509, CTYPE-SRV-X509 or CTYPE-SRV-X.509.
+Catch all is CTYPE-CLI-ALL and CTYPE-SRV-ALL.
+
 @end multitable
 @caption{The supported algorithm keywords in priority strings.}
 @end float
diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am
index b4dc4ae8c9..241d9870af 100644
--- a/doc/manpages/Makefile.am
+++ b/doc/manpages/Makefile.am
@@ -193,6 +193,7 @@ APIMANS += gnutls_certificate_set_x509_trust_dir.3
 APIMANS += gnutls_certificate_set_x509_trust_file.3
 APIMANS += gnutls_certificate_set_x509_trust_mem.3
 APIMANS += gnutls_certificate_type_get.3
+APIMANS += gnutls_certificate_type_get2.3
 APIMANS += gnutls_certificate_type_get_id.3
 APIMANS += gnutls_certificate_type_get_name.3
 APIMANS += gnutls_certificate_type_list.3
@@ -559,6 +560,7 @@ APIMANS += gnutls_prf.3
 APIMANS += gnutls_prf_raw.3
 APIMANS += gnutls_prf_rfc5705.3
 APIMANS += gnutls_priority_certificate_type_list.3
+APIMANS += gnutls_priority_certificate_type_list2.3
 APIMANS += gnutls_priority_cipher_list.3
 APIMANS += gnutls_priority_compression_list.3
 APIMANS += gnutls_priority_deinit.3