]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Made _gnutls_get_auth_info() safer to use.
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Fri, 18 Apr 2014 09:25:47 +0000 (11:25 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Fri, 18 Apr 2014 09:25:47 +0000 (11:25 +0200)
16 files changed:
lib/auth/cert.c
lib/auth/dhe_psk.c
lib/auth/psk.c
lib/auth/rsa.c
lib/auth/rsa_psk.c
lib/auth/srp.c
lib/auth/srp_rsa.c
lib/gnutls_auth.c
lib/gnutls_auth.h
lib/gnutls_cert.c
lib/gnutls_psk.c
lib/gnutls_session_pack.c
lib/gnutls_srp.c
lib/gnutls_state.c
lib/gnutls_ui.c
lib/gnutls_x509.c

index c0f3ccf59d184d233d5171fd4136e4e43fd1442e..e89d618e2896d3c225d150c5ee2778be0baa52b3 100644 (file)
@@ -1041,7 +1041,7 @@ _gnutls_proc_x509_server_crt(gnutls_session_t session,
                return ret;
        }
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
 
        if (data == NULL || data_size == 0) {
                gnutls_assert();
@@ -1179,7 +1179,7 @@ _gnutls_proc_openpgp_server_crt(gnutls_session_t session,
                return ret;
        }
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
 
        if (data == NULL || data_size == 0) {
                gnutls_assert();
@@ -1573,7 +1573,7 @@ _gnutls_proc_cert_client_crt_vrfy(gnutls_session_t session,
        ssize_t dsize = data_size;
        uint8_t *pdata = data;
        gnutls_datum_t sig;
-       cert_auth_info_t info = _gnutls_get_auth_info(session);
+       cert_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        gnutls_pcert_st peer_cert;
        gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN;
        const version_entry_st *ver = get_version(session);
@@ -2207,7 +2207,7 @@ _gnutls_proc_dhe_signature(gnutls_session_t session, uint8_t * data,
        int sigsize;
        gnutls_datum_t signature;
        int ret;
-       cert_auth_info_t info = _gnutls_get_auth_info(session);
+       cert_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        ssize_t data_size = _data_size;
        gnutls_pcert_st peer_cert;
        gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN;
index 66e741c9e3d5d971440fe45cd32b69fad3f14afa..839c22419ad3175368738714a6fd0a4ea8d75cfe 100644 (file)
@@ -310,7 +310,11 @@ proc_dhe_psk_client_kx(gnutls_session_t session, uint8_t * data,
 
        /* copy the username to the auth info structures
         */
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+       if (info == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INTERNAL_ERROR;
+       }
 
        if (username.size > MAX_USERNAME_SIZE) {
                gnutls_assert();
@@ -372,7 +376,12 @@ proc_ecdhe_psk_client_kx(gnutls_session_t session, uint8_t * data,
 
        /* copy the username to the auth info structures
         */
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+       if (info == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INTERNAL_ERROR;
+       }
+
 
        if (username.size > MAX_USERNAME_SIZE) {
                gnutls_assert();
index ce97c49db1d32ef617ddd0094eb7cb694ae9b75d..1124c9454525a5178dbee377ae069df542b36c02 100644 (file)
@@ -234,7 +234,11 @@ _gnutls_proc_psk_client_kx(gnutls_session_t session, uint8_t * data,
 
        /* copy the username to the auth info structures
         */
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+       if (info == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INTERNAL_ERROR;
+       }
 
        if (username.size > MAX_USERNAME_SIZE) {
                gnutls_assert();
@@ -340,7 +344,11 @@ _gnutls_proc_psk_server_kx(gnutls_session_t session, uint8_t * data,
 
        /* copy the hint to the auth info structures
         */
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+       if (info == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INTERNAL_ERROR;
+       }
 
        if (hint.size > MAX_USERNAME_SIZE) {
                gnutls_assert();
index aaaeb95888c13f7b680693d91ac098f7dc079599..128e7b4b8763a9c13d0c86578380ec0b6947deb6 100644 (file)
@@ -74,7 +74,7 @@ _gnutls_get_public_rsa_params(gnutls_session_t session,
 
        /* normal non export case */
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
 
        if (info == NULL || info->ncerts == 0) {
                gnutls_assert();
index b151874f8777e78c9cba9cb2ac7fb4f5ae8a2bac..ae15a5a19a3958f1d5c05f9cb4e12656b98d0caa 100644 (file)
@@ -293,7 +293,11 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, uint8_t * data,
 
        /* copy the username to the auth info structures
         */
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
+       if (info == NULL) {
+               gnutls_assert();
+               return GNUTLS_E_INTERNAL_ERROR;
+       }
 
        if (username.size > MAX_USERNAME_SIZE) {
                gnutls_assert();
index 418469dd73aa419f981177320328907f5fcb81e9..df1c4525e234af71e562ebd9fc9e61e940508e24 100644 (file)
@@ -144,7 +144,10 @@ _gnutls_gen_srp_server_kx(gnutls_session_t session,
                return ret;
        }
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
+       if (info == NULL)
+               return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+
        username = info->username;
 
        _gnutls_str_cpy(username, MAX_USERNAME_SIZE, priv->username);
index 83799ee388e3f6c43d3723832b23ab3455433072..0903fb5a134f4d29373910b3582445a04f67af3d 100644 (file)
@@ -189,7 +189,7 @@ proc_srp_cert_server_kx(gnutls_session_t session, uint8_t * data,
 
        data_size = _data_size - ret;
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
        if (info == NULL || info->ncerts == 0) {
                gnutls_assert();
                /* we need this in order to get peer's certificate */
index 106739d41d948e454e96302cbea3a8fd35cc5980..5f001ad296ede4fd60adafc06938db7002037d4e 100644 (file)
@@ -252,24 +252,6 @@ const void *_gnutls_get_cred(gnutls_session_t session,
        return retval;
 }
 
-/*-
- * _gnutls_get_auth_info - Returns a pointer to authentication information.
- * @session: is a #gnutls_session_t structure.
- *
- * This function must be called after a successful gnutls_handshake().
- * Returns a pointer to authentication information. That information
- * is data obtained by the handshake protocol, the key exchange algorithm,
- * and the TLS extensions messages.
- *
- * In case of GNUTLS_CRD_ANON returns a type of &anon_(server/client)_auth_info_t;
- * In case of GNUTLS_CRD_CERTIFICATE returns a type of &cert_auth_info_t;
- * In case of GNUTLS_CRD_SRP returns a type of &srp_(server/client)_auth_info_t;
- -*/
-void *_gnutls_get_auth_info(gnutls_session_t session)
-{
-       return session->key.auth_info;
-}
-
 /*-
  * _gnutls_free_auth_info - Frees the auth info structure
  * @session: is a #gnutls_session_t structure.
@@ -293,7 +275,7 @@ void _gnutls_free_auth_info(gnutls_session_t session)
        case GNUTLS_CRD_ANON:
                {
                        anon_auth_info_t info =
-                           _gnutls_get_auth_info(session);
+                           _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
 
                        if (info == NULL)
                                break;
@@ -305,7 +287,7 @@ void _gnutls_free_auth_info(gnutls_session_t session)
        case GNUTLS_CRD_PSK:
                {
                        psk_auth_info_t info =
-                           _gnutls_get_auth_info(session);
+                           _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
 
                        if (info == NULL)
                                break;
@@ -318,7 +300,7 @@ void _gnutls_free_auth_info(gnutls_session_t session)
                {
                        unsigned int i;
                        cert_auth_info_t info =
-                           _gnutls_get_auth_info(session);
+                           _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
 
                        if (info == NULL)
                                break;
index 31c1b5efc49bc04cdc5cd9a8c8067762beeebba0..d25c61b4ad82bba80f12af0b5b106f2af8c598e3 100644 (file)
@@ -57,9 +57,30 @@ const void *_gnutls_get_cred(gnutls_session_t session,
                             gnutls_credentials_type_t kx, int *err);
 const void *_gnutls_get_kx_cred(gnutls_session_t session,
                                gnutls_kx_algorithm_t algo, int *err);
-void *_gnutls_get_auth_info(gnutls_session_t session);
 int _gnutls_auth_info_set(gnutls_session_t session,
                          gnutls_credentials_type_t type, int size,
                          int allow_change);
 
+/*-
+ * _gnutls_get_auth_info - Returns a pointer to authentication information.
+ * @session: is a #gnutls_session_t structure.
+ *
+ * This function must be called after a successful gnutls_handshake().
+ * Returns a pointer to authentication information. That information
+ * is data obtained by the handshake protocol, the key exchange algorithm,
+ * and the TLS extensions messages.
+ *
+ * In case of GNUTLS_CRD_ANON returns a type of &anon_(server/client)_auth_info_t;
+ * In case of GNUTLS_CRD_CERTIFICATE returns a type of &cert_auth_info_t;
+ * In case of GNUTLS_CRD_SRP returns a type of &srp_(server/client)_auth_info_t;
+ -*/
+inline static
+void *_gnutls_get_auth_info(gnutls_session_t session, gnutls_credentials_type_t type)
+{
+       if (type == session->key.auth_info_type)
+               return session->key.auth_info;
+       else
+               return NULL;
+}
+
 #endif
index 40f54694f6e7c133b64781ff5abc12f2570a86ef..cabdf4e42d618e5951484fbd7d9d1b021e2af3a8 100644 (file)
@@ -579,7 +579,7 @@ _gnutls_openpgp_crt_verify_peers(gnutls_session_t session,
 
        CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        if (info == NULL)
                return GNUTLS_E_INVALID_REQUEST;
 
@@ -744,7 +744,7 @@ gnutls_certificate_verify_peers(gnutls_session_t session,
 
        CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        if (info == NULL) {
                return GNUTLS_E_NO_CERTIFICATE_FOUND;
        }
@@ -793,7 +793,7 @@ time_t gnutls_certificate_expiration_time_peers(gnutls_session_t session)
 
        CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        if (info == NULL) {
                return (time_t) - 1;
        }
@@ -837,7 +837,7 @@ time_t gnutls_certificate_activation_time_peers(gnutls_session_t session)
 
        CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        if (info == NULL) {
                return (time_t) - 1;
        }
index 5765e86050cdb835ac4df4f4e6f600d33cfba213..f89ea078b593ec1d717f17e0ac6fe90ec359cc15 100644 (file)
@@ -316,7 +316,7 @@ const char *gnutls_psk_server_get_username(gnutls_session_t session)
 
        CHECK_AUTH(GNUTLS_CRD_PSK, NULL);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
        if (info == NULL)
                return NULL;
 
@@ -344,7 +344,7 @@ const char *gnutls_psk_client_get_hint(gnutls_session_t session)
 
        CHECK_AUTH(GNUTLS_CRD_PSK, NULL);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
        if (info == NULL)
                return NULL;
 
index 03aecc3b1b218f895bce16e2201dcbe785c7bd96..7f4111d1a688abaaf1f7a6247979895fa7180d2a 100644 (file)
@@ -189,7 +189,7 @@ _gnutls_session_unpack(gnutls_session_t session,
                return ret;
        }
 
-       if (_gnutls_get_auth_info(session) != NULL) {
+       if (session->key.auth_info != NULL) {
                _gnutls_free_auth_info(session);
        }
 
@@ -298,7 +298,7 @@ pack_certificate_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
 {
        unsigned int i;
        int cur_size, ret;
-       cert_auth_info_t info = _gnutls_get_auth_info(session);
+       cert_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        int size_offset;
 
        size_offset = ps->length;
@@ -359,7 +359,7 @@ unpack_certificate_auth_info(gnutls_session_t session,
                return ret;
        }
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        if (info == NULL)
                return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 
@@ -415,7 +415,7 @@ unpack_certificate_auth_info(gnutls_session_t session,
 static int
 pack_srp_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
 {
-       srp_server_auth_info_t info = _gnutls_get_auth_info(session);
+       srp_server_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
        int len, ret;
        int size_offset;
        size_t cur_size;
@@ -462,7 +462,7 @@ unpack_srp_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
                return ret;
        }
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
        if (info == NULL)
                return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 
@@ -497,7 +497,7 @@ static int
 pack_anon_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
 {
        int cur_size, ret;
-       anon_auth_info_t info = _gnutls_get_auth_info(session);
+       anon_auth_info_t info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
        int size_offset;
 
        size_offset = ps->length;
@@ -544,7 +544,7 @@ unpack_anon_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
                return ret;
        }
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
        if (info == NULL)
                return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 
@@ -594,7 +594,7 @@ pack_psk_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
        int size_offset;
        size_t cur_size;
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
        if (info == NULL)
                return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 
@@ -637,7 +637,7 @@ unpack_psk_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
                return ret;
        }
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
        if (info == NULL)
                return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
 
index 8a7f49d5e07ba5f884ac1e1e043b4b296278eb9f..0423435093850c1f0a33a7c70eacbcc5444be12c 100644 (file)
@@ -696,7 +696,7 @@ const char *gnutls_srp_server_get_username(gnutls_session_t session)
 
        CHECK_AUTH(GNUTLS_CRD_SRP, NULL);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_SRP);
        if (info == NULL)
                return NULL;
        return info->username;
index b9cbc3af86d220a6dd617ae1efba16bb4369a74c..1429a0dabc72dc5c0b011dd67714b0a5d323340f 100644 (file)
@@ -507,7 +507,7 @@ int _gnutls_dh_set_peer_public(gnutls_session_t session, bigint_t public)
        case GNUTLS_CRD_ANON:
                {
                        anon_auth_info_t info;
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -517,7 +517,7 @@ int _gnutls_dh_set_peer_public(gnutls_session_t session, bigint_t public)
        case GNUTLS_CRD_PSK:
                {
                        psk_auth_info_t info;
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -528,7 +528,7 @@ int _gnutls_dh_set_peer_public(gnutls_session_t session, bigint_t public)
                {
                        cert_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -558,7 +558,7 @@ int _gnutls_dh_set_secret_bits(gnutls_session_t session, unsigned bits)
        case GNUTLS_CRD_ANON:
                {
                        anon_auth_info_t info;
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
                        info->dh.secret_bits = bits;
@@ -567,7 +567,7 @@ int _gnutls_dh_set_secret_bits(gnutls_session_t session, unsigned bits)
        case GNUTLS_CRD_PSK:
                {
                        psk_auth_info_t info;
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
                        info->dh.secret_bits = bits;
@@ -577,7 +577,7 @@ int _gnutls_dh_set_secret_bits(gnutls_session_t session, unsigned bits)
                {
                        cert_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -605,7 +605,7 @@ _gnutls_dh_set_group(gnutls_session_t session, bigint_t gen,
        case GNUTLS_CRD_ANON:
                {
                        anon_auth_info_t info;
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -615,7 +615,7 @@ _gnutls_dh_set_group(gnutls_session_t session, bigint_t gen,
        case GNUTLS_CRD_PSK:
                {
                        psk_auth_info_t info;
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -626,7 +626,7 @@ _gnutls_dh_set_group(gnutls_session_t session, bigint_t gen,
                {
                        cert_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
index 811927ae0f858dfa8aaf8c5252d2008a1c4e8c7f..3c22d1467f327a81e9b581c5247ad4da80140995 100644 (file)
@@ -138,19 +138,19 @@ gnutls_dh_get_group(gnutls_session_t session,
 
        switch (gnutls_auth_get_type(session)) {
        case GNUTLS_CRD_ANON:
-               anon_info = _gnutls_get_auth_info(session);
+               anon_info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
                if (anon_info == NULL)
                        return GNUTLS_E_INTERNAL_ERROR;
                dh = &anon_info->dh;
                break;
        case GNUTLS_CRD_PSK:
-               psk_info = _gnutls_get_auth_info(session);
+               psk_info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
                if (psk_info == NULL)
                        return GNUTLS_E_INTERNAL_ERROR;
                dh = &psk_info->dh;
                break;
        case GNUTLS_CRD_CERTIFICATE:
-               cert_info = _gnutls_get_auth_info(session);
+               cert_info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
                if (cert_info == NULL)
                        return GNUTLS_E_INTERNAL_ERROR;
                dh = &cert_info->dh;
@@ -202,7 +202,7 @@ gnutls_dh_get_pubkey(gnutls_session_t session, gnutls_datum_t * raw_key)
        switch (gnutls_auth_get_type(session)) {
        case GNUTLS_CRD_ANON:
                {
-                       anon_info = _gnutls_get_auth_info(session);
+                       anon_info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
                        if (anon_info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
                        dh = &anon_info->dh;
@@ -210,7 +210,7 @@ gnutls_dh_get_pubkey(gnutls_session_t session, gnutls_datum_t * raw_key)
                }
        case GNUTLS_CRD_PSK:
                {
-                       psk_info = _gnutls_get_auth_info(session);
+                       psk_info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
                        if (psk_info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
                        dh = &psk_info->dh;
@@ -219,7 +219,7 @@ gnutls_dh_get_pubkey(gnutls_session_t session, gnutls_datum_t * raw_key)
        case GNUTLS_CRD_CERTIFICATE:
                {
 
-                       cert_info = _gnutls_get_auth_info(session);
+                       cert_info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
                        if (cert_info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
                        dh = &cert_info->dh;
@@ -252,7 +252,7 @@ int gnutls_dh_get_secret_bits(gnutls_session_t session)
                {
                        anon_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
                        return info->dh.secret_bits;
@@ -261,7 +261,7 @@ int gnutls_dh_get_secret_bits(gnutls_session_t session)
                {
                        psk_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
                        return info->dh.secret_bits;
@@ -270,7 +270,7 @@ int gnutls_dh_get_secret_bits(gnutls_session_t session)
                {
                        cert_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -323,7 +323,7 @@ int gnutls_dh_get_prime_bits(gnutls_session_t session)
                {
                        anon_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
                        dh = &info->dh;
@@ -333,7 +333,7 @@ int gnutls_dh_get_prime_bits(gnutls_session_t session)
                {
                        psk_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
                        dh = &info->dh;
@@ -343,7 +343,7 @@ int gnutls_dh_get_prime_bits(gnutls_session_t session)
                {
                        cert_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -378,7 +378,7 @@ int gnutls_dh_get_peers_public_bits(gnutls_session_t session)
                {
                        anon_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -389,7 +389,7 @@ int gnutls_dh_get_peers_public_bits(gnutls_session_t session)
                {
                        psk_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -400,7 +400,7 @@ int gnutls_dh_get_peers_public_bits(gnutls_session_t session)
                {
                        cert_auth_info_t info;
 
-                       info = _gnutls_get_auth_info(session);
+                       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
                        if (info == NULL)
                                return GNUTLS_E_INTERNAL_ERROR;
 
@@ -495,7 +495,7 @@ const gnutls_datum_t *gnutls_certificate_get_peers(gnutls_session_t
 
        CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, NULL);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        if (info == NULL)
                return NULL;
 
@@ -524,7 +524,7 @@ int gnutls_certificate_get_peers_subkey_id(gnutls_session_t session,
 
        CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        if (info == NULL)
                return GNUTLS_E_INVALID_REQUEST;
 
index e45a91e35a219e2b06a2da3c92de75821a5c1bed..ef126ba4ac920ce86110dacfb7a0d704b9f0e1dc 100644 (file)
@@ -200,7 +200,7 @@ _gnutls_x509_cert_verify_peers(gnutls_session_t session,
 
        CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, GNUTLS_E_INVALID_REQUEST);
 
-       info = _gnutls_get_auth_info(session);
+       info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
        if (info == NULL) {
                gnutls_assert();
                return GNUTLS_E_INVALID_REQUEST;