[gnutls-devel] GnuTLS | RFC7250 Raw public keys (!650)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue Nov 20 22:15:58 CET 2018


Tom commented on a discussion on lib/auth/cert.c:

> +}
> +
> +
>  int
>  _gnutls_gen_cert_client_crt(gnutls_session_t session, gnutls_buffer_st * data)
>  {
> -	switch (session->security_parameters.client_ctype) {
> -	case GNUTLS_CRT_X509:
> -		return gen_x509_crt(session, data);
> -	default:
> -		gnutls_assert();
> -		return GNUTLS_E_INTERNAL_ERROR;
> +	gnutls_certificate_type_t cert_type;
> +
> +	// Retrieve the (negotiated) certificate type for the client
> +	cert_type = gnutls_certificate_type_get2(session, GNUTLS_CTYPE_CLIENT);

I don't see this function as an external API only. The benefit of calling this function is that if we decide to change the internal structure of the values that this function retrieves we don't have to update all the parts of the code that access these values but only have to update this function.

Since I've dealt with internal structure changes a couple of times since I've been working on this project I see a great benefit of my approach ;-). What do see as a disadvantage of calling this function?

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/650#note_118863719
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20181120/81c9793d/attachment.html>


More information about the Gnutls-devel mailing list