From ae387d6900c02ba655bd970c8053103a1b3f1dcd Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 27 May 2008 09:46:30 +0200 Subject: client now provides cert even if it is not signed by one of the server's trusted CAs (gtls) --- runtime/nsd_gtls.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'runtime/nsd_gtls.h') diff --git a/runtime/nsd_gtls.h b/runtime/nsd_gtls.h index a88e34fc..bbd650a2 100644 --- a/runtime/nsd_gtls.h +++ b/runtime/nsd_gtls.h @@ -54,7 +54,11 @@ struct nsd_gtls_s { int bReportAuthErr; /* only the first auth error is to be reported, this var triggers it. Initially, it is * set to 1 and changed to 0 after the first report. It is changed back to 1 after * one successful authentication. */ - permittedPeers_t *pPermPeers; /* permitted senders */ + permittedPeers_t *pPermPeers; /* permitted peers */ + gnutls_x509_crt ourCert; /**< our certificate, if in client mode (unused in server mode) */ + gnutls_x509_privkey ourKey; /**< our private key, if in client mode (unused in server mode) */ + short bOurCertIsInit; /**< 1 if our certificate is initialized and must be deinit on destruction */ + short bOurKeyIsInit; /**< 1 if our private key is initialized and must be deinit on destruction */ }; /* interface is defined in nsd.h, we just implement it! */ -- cgit