From 2f4cd8b95661ad5ad761bb03fcb7a4fba6d2289c Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Thu, 14 Sep 2017 10:22:36 +0200
Subject: handshake: added basic support for TLS 1.3 handshake in client side

That does not include support for client certificates as it
requires extension handling improvements in order for extensions
to be context sensitive (now they cannot distinguish whether the
parsing routine is called during client hello or certificate request
reading)

This does not include proper parsing of extensions present in
the certificate message.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 lib/auth/cert.c | 11 +++++------
 lib/auth/cert.h |  2 ++
 2 files changed, 7 insertions(+), 6 deletions(-)

(limited to 'lib/auth')

diff --git a/lib/auth/cert.c b/lib/auth/cert.c
index 86df597616..1025ac2f52 100644
--- a/lib/auth/cert.c
+++ b/lib/auth/cert.c
@@ -72,8 +72,7 @@ typedef enum CertificateSigType { RSA_SIGN = 1, DSA_SIGN = 2, ECDSA_SIGN = 64
 /* Copies data from a internal certificate struct (gnutls_pcert_st) to 
  * exported certificate struct (cert_auth_info_t)
  */
-static int copy_certificate_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts,	/* openpgp only */
-				      void *keyid)
+int _gnutls_copy_certificate_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts)
 {
 	/* Copy peer's information to auth_info_t
 	 */
@@ -836,11 +835,11 @@ _gnutls_proc_x509_server_crt(gnutls_session_t session,
 		goto cleanup;
 	}
 
-	if ((ret =
-	     copy_certificate_auth_info(info,
+	ret =
+	     _gnutls_copy_certificate_auth_info(info,
 					peer_certificate_list,
-					peer_certificate_list_size,
-					NULL)) < 0) {
+					peer_certificate_list_size);
+	if (ret < 0) {
 		gnutls_assert();
 		goto cleanup;
 	}
diff --git a/lib/auth/cert.h b/lib/auth/cert.h
index 9383c2e2cb..1c89ebe1a8 100644
--- a/lib/auth/cert.h
+++ b/lib/auth/cert.h
@@ -130,6 +130,8 @@ int _gnutls_get_selected_cert(gnutls_session_t session,
 			      int *apr_cert_list_length,
 			      gnutls_privkey_t * apr_pkey);
 
+int _gnutls_copy_certificate_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts);
+
 int
 _gnutls_server_select_cert(gnutls_session_t session, const gnutls_cipher_suite_entry_st *cs);
 void _gnutls_selected_certs_deinit(gnutls_session_t session);
-- 
cgit v1.2.1