New policy methods. User provides lists of ciphers, hashes, etc they

would like to use, in order of preference. Client sorts list of known
ciphersuites by those preferences and sends them. Server now picks the
first client method it knows and that it can use (previously, it would
choose the one it liked the best out of what the client sent).

New policy callback returns list of CAs allowed for client auth.
Don't send certificate request unless we have at least one CA we want
signatures from. OpenSSL has a behavior (bug?) in TLS 1.2 mode such
that it will reject a connection if a certificate request is sent
without any names included.

1 files changed, 4 insertions, 7 deletions

diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index c2627ac23..90ce3bf88 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -9,7 +9,6 @@
 #include <botan/internal/tls_handshake_state.h>
 #include <botan/internal/tls_messages.h>
 #include <botan/internal/stl_util.h>
-#include <botan/rsa.h>
 #include <botan/dh.h>
 
 namespace Botan {
@@ -269,15 +268,13 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
          else
             state->kex_priv = PKCS8::copy_key(*private_key, rng);
 
-         if(policy.require_client_auth())
-            {
-            // FIXME: figure out the allowed CAs/cert types
-
-            std::vector<X509_Certificate> allowed_cas;
+         std::vector<X509_Certificate> client_auth_CAs = policy.client_auth_CAs();
 
+         if(!client_auth_CAs.empty() && state->suite.sig_algo() != "")
+            {
             state->cert_req = new Certificate_Req(writer,
                                                   state->hash,
-                                                  allowed_cas,
+                                                  client_auth_CAs,
                                                   state->version);
 
             state->set_expected_next(CERTIFICATE);