From 97e2fde192482d79fd836f9289ae5ff7bf96789f Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Tue, 3 Jun 2008 17:28:31 +0200
Subject: [PATCH] Add gnutls_psk_client_get_hint function.  Use it.

---
 NEWS                        |  6 ++++++
 includes/gnutls/gnutls.h.in |  1 +
 lib/gnutls_psk.c            | 27 +++++++++++++++++++++++++++
 src/common.c                |  8 ++++++--
 4 files changed, 40 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 43928ddfd..9b0fbd3db 100644
--- a/NEWS
+++ b/NEWS
@@ -5,9 +5,15 @@ See the end for copying conditions.
 
 * Version 2.3.4.netconf.2 (unreleased)
 
+** libgnutls [PSK]: New API to retrieve PSK identity hint in client.
+The function is gnutls_psk_client_get_hint.
+
 ** psktool: Support new --netconf-hint to generate PSK key from password.
 Uses the Netconf algorithm to derive PSK key from password.
 
+** API and ABI modifications:
+gnutls_psk_client_get_hint: ADDED.
+
 * Version 2.3.4.netconf.1 (released 2008-05-15)
 
 ** Handle psk_identity_hint field in client.
diff --git a/includes/gnutls/gnutls.h.in b/includes/gnutls/gnutls.h.in
index 8ec9bedc5..9864d84b7 100644
--- a/includes/gnutls/gnutls.h.in
+++ b/includes/gnutls/gnutls.h.in
@@ -969,6 +969,7 @@ extern "C"
 					      res, const char *password_file);
 
   const char *gnutls_psk_server_get_username (gnutls_session_t session);
+  const char *gnutls_psk_client_get_hint (gnutls_session_t session);
 
   typedef int gnutls_psk_server_credentials_function (gnutls_session_t,
 						      const char *username,
diff --git a/lib/gnutls_psk.c b/lib/gnutls_psk.c
index abfc4e56c..e29bd2a5c 100644
--- a/lib/gnutls_psk.c
+++ b/lib/gnutls_psk.c
@@ -307,6 +307,33 @@ gnutls_psk_server_get_username (gnutls_session_t session)
 }
 
 /**
+ * gnutls_psk_client_get_hint - return the PSK identity hint of the peer
+ * @session: is a gnutls session
+ *
+ * The PSK identity hint may give the client help in deciding which
+ * username to use.  This should only be called in case of PSK
+ * authentication and in case of a client.
+ *
+ * Returns: the identity hint of the peer, or %NULL in case of an error.
+ **/
+const char *
+gnutls_psk_client_get_hint (gnutls_session_t session)
+{
+  psk_auth_info_t info;
+
+  CHECK_AUTH (GNUTLS_CRD_PSK, NULL);
+
+  info = _gnutls_get_auth_info (session);
+  if (info == NULL)
+    return NULL;
+
+  if (info->hint[0] != 0)
+    return info->hint;
+
+  return NULL;
+}
+
+/**
   * gnutls_hex_decode - decode hex encoded data
   * @hex_data: contain the encoded data
   * @result: the place where decoded data will be copied
diff --git a/src/common.c b/src/common.c
index aec696629..13cf549a8 100644
--- a/src/common.c
+++ b/src/common.c
@@ -548,8 +548,12 @@ print_info (gnutls_session_t session, const char *hostname)
 #endif
 #ifdef ENABLE_PSK
     case GNUTLS_CRD_PSK:
-      /* This should be only called in server
-       * side.
+      /* This returns NULL in server side.
+       */
+      if (gnutls_psk_client_get_hint (session) != NULL)
+	printf ("- PSK authentication. PSK hint '%s'\n",
+		gnutls_psk_client_get_hint (session));
+      /* This returns NULL in client side.
        */
       if (gnutls_psk_server_get_username (session) != NULL)
 	printf ("- PSK authentication. Connected as '%s'\n",
-- 
2.11.4.GIT