diff options
| author | Simon Josefsson <simon@josefsson.org> | 2008-06-03 17:28:31 +0200 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2008-06-03 17:28:31 +0200 |
| commit | 97e2fde192482d79fd836f9289ae5ff7bf96789f (patch) | |
| tree | b5b5fbe20149bc457aee016fea15bc099e4e1d58 | |
| parent | 829ef4ba4463b65d7db54401544a91a931707385 (diff) | |
| download | gnutls-97e2fde192482d79fd836f9289ae5ff7bf96789f.tar.gz | |
Add gnutls_psk_client_get_hint function. Use it.
| -rw-r--r-- | NEWS | 6 | ||||
| -rw-r--r-- | includes/gnutls/gnutls.h.in | 1 | ||||
| -rw-r--r-- | lib/gnutls_psk.c | 27 | ||||
| -rw-r--r-- | src/common.c | 8 |
4 files changed, 40 insertions, 2 deletions
@@ -5,9 +5,15 @@ See the end for copying conditions. * Version 2.3.4.netconf.2 (unreleased) +** libgnutls [PSK]: New API to retrieve PSK identity hint in client. +The function is gnutls_psk_client_get_hint. + ** psktool: Support new --netconf-hint to generate PSK key from password. Uses the Netconf algorithm to derive PSK key from password. +** API and ABI modifications: +gnutls_psk_client_get_hint: ADDED. + * Version 2.3.4.netconf.1 (released 2008-05-15) ** Handle psk_identity_hint field in client. diff --git a/includes/gnutls/gnutls.h.in b/includes/gnutls/gnutls.h.in index 8ec9bedc57..9864d84b7c 100644 --- a/includes/gnutls/gnutls.h.in +++ b/includes/gnutls/gnutls.h.in @@ -969,6 +969,7 @@ extern "C" res, const char *password_file); const char *gnutls_psk_server_get_username (gnutls_session_t session); + const char *gnutls_psk_client_get_hint (gnutls_session_t session); typedef int gnutls_psk_server_credentials_function (gnutls_session_t, const char *username, diff --git a/lib/gnutls_psk.c b/lib/gnutls_psk.c index abfc4e56ca..e29bd2a5c7 100644 --- a/lib/gnutls_psk.c +++ b/lib/gnutls_psk.c @@ -307,6 +307,33 @@ gnutls_psk_server_get_username (gnutls_session_t session) } /** + * gnutls_psk_client_get_hint - return the PSK identity hint of the peer + * @session: is a gnutls session + * + * The PSK identity hint may give the client help in deciding which + * username to use. This should only be called in case of PSK + * authentication and in case of a client. + * + * Returns: the identity hint of the peer, or %NULL in case of an error. + **/ +const char * +gnutls_psk_client_get_hint (gnutls_session_t session) +{ + psk_auth_info_t info; + + CHECK_AUTH (GNUTLS_CRD_PSK, NULL); + + info = _gnutls_get_auth_info (session); + if (info == NULL) + return NULL; + + if (info->hint[0] != 0) + return info->hint; + + return NULL; +} + +/** * gnutls_hex_decode - decode hex encoded data * @hex_data: contain the encoded data * @result: the place where decoded data will be copied diff --git a/src/common.c b/src/common.c index aec6966299..13cf549a8f 100644 --- a/src/common.c +++ b/src/common.c @@ -548,8 +548,12 @@ print_info (gnutls_session_t session, const char *hostname) #endif #ifdef ENABLE_PSK case GNUTLS_CRD_PSK: - /* This should be only called in server - * side. + /* This returns NULL in server side. + */ + if (gnutls_psk_client_get_hint (session) != NULL) + printf ("- PSK authentication. PSK hint '%s'\n", + gnutls_psk_client_get_hint (session)); + /* This returns NULL in client side. */ if (gnutls_psk_server_get_username (session) != NULL) printf ("- PSK authentication. Connected as '%s'\n", |