Partial bits of the server side of client auth. Incomplete.

Pass a session manager to TLS_Client's constructor. Currently unused. Add time-based session expiration to the in-memory session cache.
author: lloyd <[email protected]> 2011-12-28 01:05:29 +0000
committer: lloyd <[email protected]> 2011-12-28 01:05:29 +0000
commit: e2f2809a421c8e9d60217cefdf2503a887e582ca (patch)
tree: e724983ce161813c8578599b368d0b612a3a7409 /src/tls/cert_req.cpp
parent: 065187289ea2c47f507b99a429dcf62a19d48f30 (diff)
1 files changed, 11 insertions, 6 deletions
diff --git a/src/tls/cert_req.cpp b/src/tls/cert_req.cpp
index 74398a59f..cc77509df 100644
--- a/src/tls/cert_req.cpp
+++ b/src/tls/cert_req.cpp
@@ -19,14 +19,19 @@ namespace Botan {
 */
 Certificate_Req::Certificate_Req(Record_Writer& writer,
                                  HandshakeHash& hash,
-                                 const std::vector<X509_Certificate>& certs)
+                                 const std::vector<X509_Certificate>& ca_certs,
+                                 const std::vector<Certificate_Type>& cert_types)
    {
-   for(size_t i = 0; i != certs.size(); ++i)
-      names.push_back(certs[i].subject_dn());
+   for(size_t i = 0; i != ca_certs.size(); ++i)
+      names.push_back(ca_certs[i].subject_dn());
 
-   // FIXME: should be able to choose what to ask for
-   types.push_back(RSA_CERT);
-   types.push_back(DSS_CERT);
+   if(cert_types.empty()) // default is RSA/DSA is OK
+      {
+      types.push_back(RSA_CERT);
+      types.push_back(DSS_CERT);
+      }
+   else
+      types = cert_types;
 
    send(writer, hash);
    }
author	lloyd <[email protected]>	2011-12-28 01:05:29 +0000
committer	lloyd <[email protected]>	2011-12-28 01:05:29 +0000
commit	e2f2809a421c8e9d60217cefdf2503a887e582ca (patch)
tree	e724983ce161813c8578599b368d0b612a3a7409 /src/tls/cert_req.cpp
parent	065187289ea2c47f507b99a429dcf62a19d48f30 (diff)