Imported Upstream version 5.0.3

author: Yves-Alexis Perez <corsac@debian.org> 2013-04-26 14:57:47 +0200
committer: Yves-Alexis Perez <corsac@debian.org> 2013-04-26 14:57:47 +0200
commit: 10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43 (patch)
tree: bf1d05a2e37dbd1911b86fcc026fbe49b0239c71 /src/libtls/tls_server.h
parent: 7585facf05d927eb6df3929ce09ed5e60d905437 (diff)
download: vyos-strongswan-10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43.tar.gz
vyos-strongswan-10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/src/libtls/tls_server.h b/src/libtls/tls_server.h
index 6289dc8eb..d6b8de153 100644
--- a/src/libtls/tls_server.h
+++ b/src/libtls/tls_server.h
@@ -42,11 +42,16 @@ struct tls_server_t {
 /**
  * Create a tls_server instance.
  *
+ * If a peer identity is given, the client must authenticate with a valid
+ * certificate for this identity, or the connection fails. If peer is NULL,
+ * but the client authenticates nonetheless, the authenticated identity
+ * gets returned by tls_handshake_t.get_peer_id().
+ *
  * @param tls		TLS stack
  * @param crypto	TLS crypto helper
  * @param alert		TLS alert handler
  * @param server	server identity
- * @param peer		peer identity
+ * @param peer		peer identity, or NULL
  */
 tls_server_t *tls_server_create(tls_t *tls,
 						tls_crypto_t *crypto, tls_alert_t *alert,
author	Yves-Alexis Perez <corsac@debian.org>	2013-04-26 14:57:47 +0200
committer	Yves-Alexis Perez <corsac@debian.org>	2013-04-26 14:57:47 +0200
commit	10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43 (patch)
tree	bf1d05a2e37dbd1911b86fcc026fbe49b0239c71 /src/libtls/tls_server.h
parent	7585facf05d927eb6df3929ce09ed5e60d905437 (diff)
download	vyos-strongswan-10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43.tar.gz vyos-strongswan-10e5fb2b9b2f27c83b3e5a1d048b158d5cf42a43.zip