diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-06-27 13:41:13 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-07-02 08:39:50 +0000 |
commit | 93cc44b19242819a32b29a381d220e96a3c0fc41 (patch) | |
tree | 7253224be2f64c77a686e784aacdd2443e2de15d /lib/tls13 | |
parent | a8dc7ba3c19dca4db30f336c54e2f9191b0beae6 (diff) | |
download | gnutls-93cc44b19242819a32b29a381d220e96a3c0fc41.tar.gz |
gnutls_session_get_flags: introduced GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH
This allows a server application to detect whether the client
would support post handshake authentication or not without initiating
via gnutls_reauth().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'lib/tls13')
-rw-r--r-- | lib/tls13/post_handshake.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/tls13/post_handshake.c b/lib/tls13/post_handshake.c index 9543ca896e..b12c0ba221 100644 --- a/lib/tls13/post_handshake.c +++ b/lib/tls13/post_handshake.c @@ -219,7 +219,9 @@ int _gnutls13_reauth_server(gnutls_session_t session) * When this function is called under TLS1.2 or earlier or the peer didn't * advertise post-handshake auth, it always fails with * %GNUTLS_E_INVALID_REQUEST. The verification of the received peers certificate - * is delegated to the session or credentials verification callbacks. + * is delegated to the session or credentials verification callbacks. A + * server can check whether post handshake authentication is supported + * by the client by checking the session flags with gnutls_session_get_flags(). * * Prior to calling this function in server side, the function * gnutls_certificate_server_set_request() must be called setting expectations |