diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-10-01 11:58:15 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-10-16 09:02:27 +0200 |
| commit | 8dd5b32b5a1a709d90bced2959b80a16af66389f (patch) | |
| tree | be0b1fca2f8d3bbea230d41ecdd8cd284eba9d41 /lib/handshake-tls13.c | |
| parent | 20abfc36bec4de2ad9f2e4682be7f93f61f6419d (diff) | |
| download | gnutls-8dd5b32b5a1a709d90bced2959b80a16af66389f.tar.gz | |
gnutls_init: added flag for automatic re-authentication
This introduces the GNUTLS_AUTO_REAUTH gnutls_init() flag and makes
re-authentication under TLS simpler to enable and use.
Resolves #571
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/handshake-tls13.c')
| -rw-r--r-- | lib/handshake-tls13.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c index 06c7c01d29..5fed553310 100644 --- a/lib/handshake-tls13.c +++ b/lib/handshake-tls13.c @@ -527,6 +527,7 @@ _gnutls13_recv_async_handshake(gnutls_session_t session) { int ret; handshake_buffer_st hsk; + recv_state_t next_state = RECV_STATE_0; /* The following messages are expected asynchronously after * the handshake process is complete */ @@ -576,9 +577,20 @@ _gnutls13_recv_async_handshake(gnutls_session_t session) goto cleanup; } - /* Application is expected to handle re-authentication - * explicitly. */ - ret = GNUTLS_E_REAUTH_REQUEST; + if (session->internals.flags & GNUTLS_AUTO_REAUTH) { + ret = gnutls_reauth(session, 0); + if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) { + next_state = RECV_STATE_REAUTH; + } else if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + } else { + /* Application is expected to handle re-authentication + * explicitly. */ + ret = GNUTLS_E_REAUTH_REQUEST; + } + goto cleanup; case GNUTLS_HANDSHAKE_KEY_UPDATE: @@ -630,7 +642,7 @@ _gnutls13_recv_async_handshake(gnutls_session_t session) } while (_gnutls_record_buffer_get_size(session) > 0); - session->internals.recv_state = RECV_STATE_0; + session->internals.recv_state = next_state; return 0; @@ -640,7 +652,7 @@ _gnutls13_recv_async_handshake(gnutls_session_t session) if (_gnutls_record_buffer_get_size(session) > 0) session->internals.recv_state = RECV_STATE_ASYNC_HANDSHAKE; else - session->internals.recv_state = RECV_STATE_0; + session->internals.recv_state = next_state; _gnutls_handshake_buffer_clear(&hsk); return ret; |