diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-10-03 15:59:14 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-02-19 15:29:35 +0100 |
commit | 7b555f9f01060e18ba9e61ed86ed0c17fb3858c2 (patch) | |
tree | e3cb2e2f0d7dccb128d7c1c295fdb1efc557edf7 /lib/auth.c | |
parent | ea307c51da038d0780e3d8ba0aa566d9fd1fef44 (diff) | |
download | gnutls-7b555f9f01060e18ba9e61ed86ed0c17fb3858c2.tar.gz |
gnutls_auth*_get_type: use gnutls_kx_get to retrieve key exchange
That allows the functions to operate under TLS 1.3 which have
no key exchange as part of the ciphersuite.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/auth.c')
-rw-r--r-- | lib/auth.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/lib/auth.c b/lib/auth.c index a117680260..1c5af27efb 100644 --- a/lib/auth.c +++ b/lib/auth.c @@ -201,6 +201,7 @@ gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session) /* This is not the credentials we must set, but the authentication data * we get by the peer, so it should be reversed. */ + gnutls_kx_algorithm_t kx; int server = session->security_parameters.entity == GNUTLS_SERVER ? 0 : 1; @@ -209,9 +210,10 @@ gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session) return 0; } + kx = gnutls_kx_get(session); + return - _gnutls_map_kx_get_cred(session->security_parameters. - cs->kx_algorithm, server); + _gnutls_map_kx_get_cred(kx, server); } /** @@ -228,14 +230,17 @@ gnutls_credentials_type_t gnutls_auth_get_type(gnutls_session_t session) gnutls_credentials_type_t gnutls_auth_server_get_type(gnutls_session_t session) { + gnutls_kx_algorithm_t kx; + if (!session->security_parameters.cs) { gnutls_assert(); return 0; } + kx = gnutls_kx_get(session); + return - _gnutls_map_kx_get_cred(session->security_parameters. - cs->kx_algorithm, 1); + _gnutls_map_kx_get_cred(kx, 1); } /** @@ -252,14 +257,17 @@ gnutls_auth_server_get_type(gnutls_session_t session) gnutls_credentials_type_t gnutls_auth_client_get_type(gnutls_session_t session) { + gnutls_kx_algorithm_t kx; + if (!session->security_parameters.cs) { gnutls_assert(); return 0; } + kx = gnutls_kx_get(session); + return - _gnutls_map_kx_get_cred(session->security_parameters. - cs->kx_algorithm, 0); + _gnutls_map_kx_get_cred(kx, 0); } |