Added gnutls_auth_client_get_type() and gnutls_auth_server_get_type().

6 files changed, 42 insertions, 3 deletions

diff --git a/NEWS b/NEWS
index b14a23c6d7..cba7273aa6 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,7 @@ Version 1.1.10
 - Allow handshake requests by the client.
 - Automatically disable certificate types that do not have corresponding
   certificates.
+- Added gnutls_auth_client_get_type() and gnutls_auth_server_get_type()
 
 Version 1.1.9 (14/04/2004)
 - Added support for authority key identifier and the extended key usage
diff --git a/lib/gnutls_auth.c b/lib/gnutls_auth.c
index 60ee3558d1..a3860e0bf4 100644
--- a/lib/gnutls_auth.c
+++ b/lib/gnutls_auth.c
@@ -153,6 +153,39 @@ int server = session->security_parameters.entity==GNUTLS_SERVER?0:1;
                          &session->security_parameters.current_cipher_suite), server);
 }
 
+/**
+  * gnutls_auth_server_get_type - Returns the type of credentials for the server authentication schema.
+  * @session: is a &gnutls_session structure.
+  *
+  * Returns the type of credentials that were used for server authentication.
+  * The returned information is to be used to distinguish the function used
+  * to access authentication data.
+  * 
+  **/
+gnutls_credentials_type gnutls_auth_server_get_type( gnutls_session session) 
+{
+	return _gnutls_map_kx_get_cred(
+		 _gnutls_cipher_suite_get_kx_algo(
+                         &session->security_parameters.current_cipher_suite), 1);
+}
+
+/**
+  * gnutls_auth_client_get_type - Returns the type of credentials for the client authentication schema.
+  * @session: is a &gnutls_session structure.
+  *
+  * Returns the type of credentials that were used for client authentication.
+  * The returned information is to be used to distinguish the function used
+  * to access authentication data.
+  * 
+  **/
+gnutls_credentials_type gnutls_auth_client_get_type( gnutls_session session) 
+{
+	return _gnutls_map_kx_get_cred(
+		 _gnutls_cipher_suite_get_kx_algo(
+                         &session->security_parameters.current_cipher_suite), 0);
+}
+
+
 /* 
  * This returns a pointer to the linked list. Don't
  * free that!!!
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 31f6f61658..616f42fa30 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -1040,10 +1040,11 @@ int _gnutls_recv_handshake(gnutls_session session, uint8 ** data,
 		*data = dataptr;
 
 
-	if ( (ret=_gnutls_handshake_hash_add_recvd( session, recv_type, 
+	ret = _gnutls_handshake_hash_add_recvd( session, recv_type, 
 		session->internals.handshake_header_buffer.header,
 		session->internals.handshake_header_buffer.header_size,
-		dataptr, length32)) < 0) {
+		dataptr, length32);
+	if (ret < 0) {
 		gnutls_assert();
 		_gnutls_handshake_header_buffer_clear(session);
 		return ret;
diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c
index 0a2337c5b3..59ae665333 100644
--- a/lib/gnutls_kx.c
+++ b/lib/gnutls_kx.c
@@ -478,7 +478,8 @@ int _gnutls_recv_client_certificate( gnutls_session session)
 		}
 
 		if (ret == 0 && datasize == 0 && optional == OPTIONAL_PACKET) {
-			/* well I'm not sure we should accept this
+			/* Client has not sent the certificate message.
+			 * well I'm not sure we should accept this
 			 * behaviour.
 			 */
 			gnutls_assert();
diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c
index 62804eb0fc..241ebd0c80 100644
--- a/lib/gnutls_pk.c
+++ b/lib/gnutls_pk.c
@@ -282,6 +282,7 @@ int _gnutls_pkcs1_rsa_decrypt(gnutls_datum * plaintext,
 				break;
 			}
 			if (edata[i] != 0xff) {
+				_gnutls_handshake_log("PKCS #1 padding error");
 				ret = GNUTLS_E_PKCS1_WRONG_PAD;
 				break;
 			}
diff --git a/lib/gnutls_ui.h b/lib/gnutls_ui.h
index 2a97209d8d..db98b4c73f 100644
--- a/lib/gnutls_ui.h
+++ b/lib/gnutls_ui.h
@@ -42,6 +42,8 @@ typedef int gnutls_certificate_server_retrieve_function(gnutls_session,
  */
 
 gnutls_credentials_type gnutls_auth_get_type(gnutls_session session);
+gnutls_credentials_type gnutls_auth_server_get_type(gnutls_session session);
+gnutls_credentials_type gnutls_auth_client_get_type(gnutls_session session);
 
 /* DH */