diff options
Diffstat (limited to 'lib/includes/gnutls/gnutls.h.in')
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index ec8d6f4efc..01cf9a880e 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -411,6 +411,12 @@ typedef enum { * are already taking steps to hide the data processing time. This comes at a performance * penalty. * @GNUTLS_ENABLE_CERT_TYPE_NEG: Enable certificate type negotiation extensions (RFC7250). + * @GNUTLS_AUTO_REAUTH: Enable transparent re-authentication in client side when the server + * requests to. That is, reauthentication is handled within gnutls_record_recv(), and + * the %GNUTLS_E_REHANDSHAKE or %GNUTLS_E_REAUTH_REQUEST are not returned. This must be + * enabled with %GNUTLS_POST_HANDSHAKE_AUTH for TLS1.3, and it requires to restore interrupted + * calls to gnutls_record_recv() based on the output of gnutls_record_get_direction(), i.e., + * gnutls_record_recv() could also be interrupted when sending when this flag is enabled. * * Enumeration of different flags for gnutls_init() function. All the flags * can be combined except @GNUTLS_SERVER and @GNUTLS_CLIENT which are mutually @@ -439,7 +445,8 @@ typedef enum { GNUTLS_NO_AUTO_REKEY = (1<<15), GNUTLS_SAFE_PADDING_CHECK = (1<<16), GNUTLS_ENABLE_EARLY_START = (1<<17), - GNUTLS_ENABLE_CERT_TYPE_NEG = (1<<18) + GNUTLS_ENABLE_CERT_TYPE_NEG = (1<<18), + GNUTLS_AUTO_REAUTH = (1<<19) } gnutls_init_flags_t; /* compatibility defines (previous versions of gnutls |