doc: document the GNUTLS_E_NO_COMMON_KEY_SHARE usage

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2017-11-13 08:45:09 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2017-11-14 15:00:33 +0100
commit: dda375c3c1edfa32793c51c5a07e2c61d1b05cc1 (patch)
tree: 6f4792e784d41c4b3fe7fe67077b6dff53453656
parent: 75240d361efbc162688f2b8ccba0a0e82183ba25 (diff)
download: gnutls-dda375c3c1edfa32793c51c5a07e2c61d1b05cc1.tar.gz
1 files changed, 14 insertions, 1 deletions
diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
index d3ca155e27..411b10e9bf 100644
--- a/lib/ext/key_share.c
+++ b/lib/ext/key_share.c
@@ -547,7 +547,20 @@ key_share_recv_params(gnutls_session_t session,
 		}
 
 		if (used_share == 0) {
-			/* we signal for hello-retry-request */
+			/* we utilize GNUTLS_E_NO_COMMON_KEY_SHARE for:
+			 * 1. signal for hello-retry-request in the handshake
+			 *    layer during first client hello parsing (server side - here).
+			 *    This does not result to error code being
+			 *    propagated to app layer.
+			 * 2. Propagate to application error code that no
+			 *    common key share was found after an HRR was
+			 *    received (client side)
+			 * 3. Propagate to application error code that no
+			 *    common key share was found after an HRR was
+			 *    sent (server side).
+			 * In cases (2,3) the error is translated to illegal
+			 * parameter alert.
+			 */
 			return gnutls_assert_val(GNUTLS_E_NO_COMMON_KEY_SHARE);
 		}
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2017-11-13 08:45:09 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2017-11-14 15:00:33 +0100
commit	dda375c3c1edfa32793c51c5a07e2c61d1b05cc1 (patch)
tree	6f4792e784d41c4b3fe7fe67077b6dff53453656
parent	75240d361efbc162688f2b8ccba0a0e82183ba25 (diff)
download	gnutls-dda375c3c1edfa32793c51c5a07e2c61d1b05cc1.tar.gz