diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-06-27 13:41:13 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-07-02 08:39:50 +0000 |
commit | 93cc44b19242819a32b29a381d220e96a3c0fc41 (patch) | |
tree | 7253224be2f64c77a686e784aacdd2443e2de15d /tests/tls13 | |
parent | a8dc7ba3c19dca4db30f336c54e2f9191b0beae6 (diff) | |
download | gnutls-93cc44b19242819a32b29a381d220e96a3c0fc41.tar.gz |
gnutls_session_get_flags: introduced GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH
This allows a server application to detect whether the client
would support post handshake authentication or not without initiating
via gnutls_reauth().
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Diffstat (limited to 'tests/tls13')
-rw-r--r-- | tests/tls13/post-handshake-with-cert.c | 5 | ||||
-rw-r--r-- | tests/tls13/post-handshake-without-cert.c | 3 |
2 files changed, 8 insertions, 0 deletions
diff --git a/tests/tls13/post-handshake-with-cert.c b/tests/tls13/post-handshake-with-cert.c index 39565de6d2..e9940e79cb 100644 --- a/tests/tls13/post-handshake-with-cert.c +++ b/tests/tls13/post-handshake-with-cert.c @@ -234,6 +234,11 @@ static void server(int fd, int err, int type, unsigned max_auths) if (ret != 0) fail("handshake failed: %s\n", gnutls_strerror(ret)); + if (!(gnutls_session_get_flags(session) & GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { + fail("server: session flags did not contain GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH\n"); + } + + if (client_hello_ok == 0) { fail("server: did not verify the client hello\n"); } diff --git a/tests/tls13/post-handshake-without-cert.c b/tests/tls13/post-handshake-without-cert.c index 4ee821b413..827fbc8495 100644 --- a/tests/tls13/post-handshake-without-cert.c +++ b/tests/tls13/post-handshake-without-cert.c @@ -193,6 +193,9 @@ static void server(int fd) } } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); + if ((gnutls_session_get_flags(session) & GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH)) { + fail("server: session flags did contain GNUTLS_SFLAGS_POST_HANDSHAKE_AUTH\n"); + } if (server_hello_ok == 0) { fail("server: did not verify the server hello contents\n"); |