[Help-gnutls] Re: Authentication during Handshake

[Nikos Mavrogiannopoulos]

Simon Josefsson wrote:

>> I still would see a lot of benefit in being able to check the remote
>> peers identity BEFORE the Finished message is sent. That way, I could
>> block access to not permitted peers at the risk of the DoS outlined
>> above. Am I still overlooking something?
> 
> No, I think that is correct.  Nikos, any thoughts?  You added some
> callbacks during the handshake earlier, are any of those useful here?

No unfortunately not. The callbacks I added are called after client
hello is received. The callbacks you discuss need to be called after the
certificate message is received.

regards,
Nikos