Add mbedtls_ssl_set_hs_authmode While at it, fix the following: - on server with RSA_PSK, we don't want to set flags (client auth happens via the PSK, no cert is expected). - use safer tests (eg == OPTIONAL vs != REQUIRED)

commit: cdc26ae099ff89a6184eebfcffd7414acd54c424 [log] [tgz]
author: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Fri Jun 19 12:16:31 2015 +0200
committer: Manuel Pégourié-Gonnard <mpg@elzevir.fr> Mon Jun 22 14:52:40 2015 +0200
tree: 5f0a8459c6d2ff6a273a3faed0138ef39973ab0d
parent: a752d8780ceac07146b9b8b4620f82913034c4de [diff] [blame]
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index f9b0017..8d3a380 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h

@@ -183,6 +183,7 @@
 #if defined(MBEDTLS_X509_CRT_PARSE_C)
     mbedtls_ssl_key_cert *key_cert;     /*!< chosen key/cert pair (server)  */
 #if defined(MBEDTLS_SSL_SERVER_NAME_INDICATION)
+    int sni_authmode;                   /*!< authmode from SNI callback     */
     mbedtls_ssl_key_cert *sni_key_cert; /*!< key/cert list from SNI         */
     mbedtls_x509_crt *sni_ca_chain;     /*!< trusted CAs from SNI callback  */
     mbedtls_x509_crl *sni_ca_crl;       /*!< trusted CAs CRLs from SNI      */
commit	cdc26ae099ff89a6184eebfcffd7414acd54c424	[log] [tgz]
author	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Fri Jun 19 12:16:31 2015 +0200
committer	Manuel Pégourié-Gonnard <mpg@elzevir.fr>	Mon Jun 22 14:52:40 2015 +0200
tree	5f0a8459c6d2ff6a273a3faed0138ef39973ab0d
parent	a752d8780ceac07146b9b8b4620f82913034c4de [diff] [blame]