[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r7676 - in libmicrohttpd/src/daemon/https: . tls
From: |
gnunet |
Subject: |
[GNUnet-SVN] r7676 - in libmicrohttpd/src/daemon/https: . tls |
Date: |
Wed, 10 Sep 2008 14:12:49 -0600 (MDT) |
Author: lv-426
Date: 2008-09-10 14:12:49 -0600 (Wed, 10 Sep 2008)
New Revision: 7676
Modified:
libmicrohttpd/src/daemon/https/gnutls.h
libmicrohttpd/src/daemon/https/tls/ext_cert_type.c
libmicrohttpd/src/daemon/https/tls/ext_oprfi.c
libmicrohttpd/src/daemon/https/tls/ext_server_name.c
libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c
libmicrohttpd/src/daemon/https/tls/gnutls_constate.c
libmicrohttpd/src/daemon/https/tls/gnutls_extensions.c
libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c
libmicrohttpd/src/daemon/https/tls/gnutls_record.c
libmicrohttpd/src/daemon/https/tls/gnutls_state.c
Log:
resurrected some client side code
Modified: libmicrohttpd/src/daemon/https/gnutls.h
===================================================================
--- libmicrohttpd/src/daemon/https/gnutls.h 2008-09-10 14:10:42 UTC (rev
7675)
+++ libmicrohttpd/src/daemon/https/gnutls.h 2008-09-10 20:12:49 UTC (rev
7676)
@@ -225,6 +225,9 @@
int MHD_gnutls_bye (mhd_gtls_session_t session, gnutls_close_request_t how);
int MHD_gnutls_handshake (mhd_gtls_session_t session);
int MHD_gnutls_rehandshake (mhd_gtls_session_t session);
+
+ int mhd_gtls_handshake_client (mhd_gtls_session_t session);
+
gnutls_alert_description_t gnutls_alert_get (mhd_gtls_session_t session);
int MHD_gnutls_alert_send (mhd_gtls_session_t session,
gnutls_alert_level_t level,
@@ -232,11 +235,11 @@
int MHD_gnutls_alert_send_appropriate (mhd_gtls_session_t session, int err);
const char *MHD_gnutls_alert_get_name (gnutls_alert_description_t alert);
+ enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get
(mhd_gtls_session_t
+ session);
// enum MHD_GNUTLS_CipherAlgorithm gnutls_cipher_get (mhd_gtls_session_t
session);
// enum MHD_GNUTLS_KeyExchangeAlgorithm gnutls_kx_get (mhd_gtls_session_t
session);
// enum MHD_GNUTLS_HashAlgorithm gnutls_mac_get (mhd_gtls_session_t session);
-// enum MHD_GNUTLS_CompressionMethod gnutls_compression_get
(mhd_gtls_session_t
-// session);
// enum MHD_GNUTLS_CertificateType gnutls_certificate_type_get
(mhd_gtls_session_t
// session);
@@ -250,7 +253,7 @@
algorithm);
const char *MHD_gnutls_mac_get_name (enum MHD_GNUTLS_HashAlgorithm
algorithm);
- const char *MHD_gnutls_compression_get_name (enum
+ const char *MHD_gtls_compression_get_name (enum
MHD_GNUTLS_CompressionMethod
algorithm);
const char *MHD_gnutls_kx_get_name (enum MHD_GNUTLS_KeyExchangeAlgorithm
Modified: libmicrohttpd/src/daemon/https/tls/ext_cert_type.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/ext_cert_type.c 2008-09-10 14:10:42 UTC
(rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/ext_cert_type.c 2008-09-10 20:12:49 UTC
(rev 7676)
@@ -84,6 +84,7 @@
}
else
#endif
+
{ /* SERVER SIDE - we must check if the sent
cert type is the right one
*/
if (data_size > 1)
Modified: libmicrohttpd/src/daemon/https/tls/ext_oprfi.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/ext_oprfi.c 2008-09-10 14:10:42 UTC
(rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/ext_oprfi.c 2008-09-10 20:12:49 UTC
(rev 7676)
@@ -27,12 +27,13 @@
*
*/
+#include "MHD_config.h"
#include <ext_oprfi.h>
#include <gnutls_errors.h>
#include <gnutls_num.h>
-int
+static int
oprfi_recv_server (mhd_gtls_session_t session,
const opaque * data, size_t _data_size)
{
@@ -68,7 +69,7 @@
return 0;
}
-int
+static int
oprfi_recv_client (mhd_gtls_session_t session,
const opaque * data, size_t _data_size)
{
@@ -122,7 +123,7 @@
return oprfi_recv_server (session, data, data_size);
}
-int
+static int
oprfi_send_client (mhd_gtls_session_t session, opaque * data,
size_t _data_size)
{
@@ -144,7 +145,7 @@
return 2 + oprf_size;
}
-int
+static int
oprfi_send_server (mhd_gtls_session_t session, opaque * data,
size_t _data_size)
{
@@ -199,7 +200,12 @@
mhd_gtls_oprfi_send_params (mhd_gtls_session_t session,
opaque * data, size_t data_size)
{
- return oprfi_send_server (session, data, data_size);
+#if MHD_DEBUG_TLS
+ if (session->security_parameters.entity == GNUTLS_CLIENT)
+ return oprfi_send_client (session, data, data_size);
+ else
+#endif
+ return oprfi_send_server (session, data, data_size);
}
/**
Modified: libmicrohttpd/src/daemon/https/tls/ext_server_name.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/ext_server_name.c 2008-09-10
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/ext_server_name.c 2008-09-10
20:12:49 UTC (rev 7676)
@@ -128,12 +128,13 @@
opaque * data, size_t _data_size)
{
int total_size = 0;
-#if MHD_DEBUG_TLS
+
uint16_t len;
opaque *p;
unsigned i;
ssize_t data_size = _data_size;
+#if MHD_DEBUG_TLS
/* this function sends the client extension data (dnsname) */
if (session->security_parameters.entity == GNUTLS_CLIENT)
{
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c 2008-09-10
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c 2008-09-10
20:12:49 UTC (rev 7676)
@@ -914,7 +914,7 @@
* specified compression algorithm, or %NULL.
**/
const char *
-MHD_gnutls_compression_get_name (enum MHD_GNUTLS_CompressionMethod algorithm)
+MHD_gtls_compression_get_name (enum MHD_GNUTLS_CompressionMethod algorithm)
{
const char *ret = NULL;
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_constate.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_constate.c 2008-09-10
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_constate.c 2008-09-10
20:12:49 UTC (rev 7676)
@@ -26,6 +26,7 @@
* finished. These functions activate the established security parameters.
*/
+#include "MHD_config.h"
#include <gnutls_int.h>
#include <gnutls_constate.h>
#include <gnutls_errors.h>
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_extensions.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_extensions.c 2008-09-10
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_extensions.c 2008-09-10
20:12:49 UTC (rev 7676)
@@ -27,6 +27,7 @@
* allow for extra functionality.
*/
+#include "MHD_config.h"
#include "gnutls_int.h"
#include "gnutls_extensions.h"
#include "gnutls_errors.h"
@@ -147,7 +148,7 @@
mhd_gtls_ext_recv_func ext_recv;
uint16_t size;
-#ifdef DEBUG
+#if MHD_DEBUG_TLS
int i;
if (session->security_parameters.entity == GNUTLS_CLIENT)
for (i = 0; i < session->internals.extensions_sent_size; i++)
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c 2008-09-10
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c 2008-09-10
20:12:49 UTC (rev 7676)
@@ -25,6 +25,7 @@
/* Functions that relate to the TLS handshake procedure.
*/
+#include "MHD_config.h"
#include "gnutls_int.h"
#include "gnutls_errors.h"
#include "gnutls_dh.h"
@@ -825,7 +826,7 @@
_gnutls_handshake_log
("HSK[%x]: Selected Compression Method: %s\n", session,
- MHD_gnutls_compression_get_name (session->internals.
+ MHD_gtls_compression_get_name (session->internals.
compression_method));
@@ -1096,8 +1097,6 @@
#define _gnutls_handshake_header_buffer_clear( session)
session->internals.handshake_header_buffer.header_size = 0
-
-
/* This function will hash the handshake headers and the
* handshake data.
*/
@@ -1144,7 +1143,6 @@
return 0;
}
-
/* This function will receive handshake messages of the given types,
* and will pass the message to the right place in order to be processed.
* E.g. for the SERVER_HELLO message (if it is expected), it will be
@@ -1612,7 +1610,6 @@
return datalen;
}
-
/* This function copies the appropriate compression methods, to a locally
allocated buffer
* Needed in hello messages. Returns the new data length.
*/
@@ -1660,6 +1657,7 @@
*/
#define MAX_EXT_DATA_LENGTH 1024
+#if MHD_DEBUG_TLS
/* This function sends the client hello handshake message.
*/
static int
@@ -1844,6 +1842,7 @@
return ret;
}
+#endif
static int
_gnutls_send_server_hello (mhd_gtls_session_t session, int again)
@@ -2061,10 +2060,6 @@
{
int ret;
- /* only server sends that handshake packet */
- if (session->security_parameters.entity == GNUTLS_CLIENT)
- return GNUTLS_E_INVALID_REQUEST;
-
ret =
_gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST,
AGAIN (STATE50));
@@ -2092,7 +2087,6 @@
return GNUTLS_E_INTERNAL_ERROR;
}
-
/* This function initialized the handshake hash session.
* required for finished messages.
*/
@@ -2223,12 +2217,17 @@
gnutls_assert ();
return ret;
}
+#if MHD_DEBUG_TLS
if (session->security_parameters.entity == GNUTLS_CLIENT)
- {
- gnutls_assert ();
- return GNUTLS_E_UNIMPLEMENTED_FEATURE;
- }
- ret = mhd_gtls_handshake_server (session);
+ {
+ ret = mhd_gtls_handshake_client (session);
+ }
+ else
+#endif
+ {
+ ret = mhd_gtls_handshake_server (session);
+ }
+
if (ret < 0)
{
/* In the case of a rehandshake abort
@@ -2268,7 +2267,128 @@
} } while (0)
+#if MHD_DEBUG_TLS
+/*
+ * mhd_gtls_handshake_client
+ * This function performs the client side of the handshake of the TLS/SSL
protocol.
+ */
+int
+mhd_gtls_handshake_client (mhd_gtls_session_t session)
+{
+ int ret = 0;
+#ifdef HANDSHAKE_DEBUG
+ char buf[64];
+
+ if (session->internals.resumed_security_parameters.session_id_size > 0)
+ _gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session,
+ mhd_gtls_bin2hex (session->internals.
+ resumed_security_parameters.
+ session_id,
+ session->internals.
+ resumed_security_parameters.
+ session_id_size, buf,
+ sizeof (buf)));
+#endif
+
+ switch (STATE)
+ {
+ case STATE0:
+ case STATE1:
+ ret = mhd_gtls_send_hello (session, AGAIN (STATE1));
+ STATE = STATE1;
+ IMED_RET ("send hello", ret);
+
+ case STATE2:
+ /* receive the server hello */
+ ret =
+ mhd_gtls_recv_handshake (session, NULL, NULL,
+ GNUTLS_HANDSHAKE_SERVER_HELLO,
+ MANDATORY_PACKET);
+ STATE = STATE2;
+ IMED_RET ("recv hello", ret);
+
+ case STATE70:
+ if (session->security_parameters.extensions.do_recv_supplemental)
+ {
+ ret = _gnutls_recv_supplemental (session);
+ STATE = STATE70;
+ IMED_RET ("recv supplemental", ret);
+ }
+
+ case STATE3:
+ /* RECV CERTIFICATE */
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
+ ret = mhd_gtls_recv_server_certificate (session);
+ STATE = STATE3;
+ IMED_RET ("recv server certificate", ret);
+
+ case STATE4:
+ /* receive the server key exchange */
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
+ ret = mhd_gtls_recv_server_kx_message (session);
+ STATE = STATE4;
+ IMED_RET ("recv server kx message", ret);
+
+ case STATE5:
+ /* receive the server certificate request - if any
+ */
+
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
+ ret = mhd_gtls_recv_server_certificate_request (session);
+ STATE = STATE5;
+ IMED_RET ("recv server certificate request message", ret);
+
+ case STATE6:
+ /* receive the server hello done */
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
+ ret =
+ mhd_gtls_recv_handshake (session, NULL, NULL,
+ GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
+ MANDATORY_PACKET);
+ STATE = STATE6;
+ IMED_RET ("recv server hello done", ret);
+
+ case STATE71:
+ if (session->security_parameters.extensions.do_send_supplemental)
+ {
+ ret = _gnutls_send_supplemental (session, AGAIN (STATE71));
+ STATE = STATE71;
+ IMED_RET ("send supplemental", ret);
+ }
+
+ case STATE7:
+ /* send our certificate - if any and if requested
+ */
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
+ ret = mhd_gtls_send_client_certificate (session, AGAIN (STATE7));
+ STATE = STATE7;
+ IMED_RET ("send client certificate", ret);
+
+ case STATE8:
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
+ ret = mhd_gtls_send_client_kx_message (session, AGAIN (STATE8));
+ STATE = STATE8;
+ IMED_RET ("send client kx", ret);
+
+ case STATE9:
+ /* send client certificate verify */
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
+ ret =
+ mhd_gtls_send_client_certificate_verify (session, AGAIN (STATE9));
+ STATE = STATE9;
+ IMED_RET ("send client certificate verify", ret);
+
+ STATE = STATE0;
+ default:
+ break;
+ }
+
+
+ return 0;
+}
+#endif
+
/* This function sends the final handshake packets and initializes connection
*/
static int
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_record.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_record.c 2008-09-10 14:10:42 UTC
(rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_record.c 2008-09-10 20:12:49 UTC
(rev 7676)
@@ -751,7 +751,7 @@
{
size_t max_record_size;
- if (gnutls_compression_get (session) != MHD_GNUTLS_COMP_NULL)
+ if (MHD_gtls_compression_get (session) != MHD_GNUTLS_COMP_NULL)
max_record_size = MAX_RECORD_RECV_SIZE + EXTRA_COMP_SIZE;
else
max_record_size = MAX_RECORD_RECV_SIZE;
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_state.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_state.c 2008-09-10 14:10:42 UTC
(rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_state.c 2008-09-10 20:12:49 UTC
(rev 7676)
@@ -108,7 +108,7 @@
* Returns: the currently used compression method.
**/
enum MHD_GNUTLS_CompressionMethod
-gnutls_compression_get (mhd_gtls_session_t session)
+MHD_gtls_compression_get (mhd_gtls_session_t session)
{
return session->security_parameters.read_compression_algorithm;
}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r7676 - in libmicrohttpd/src/daemon/https: . tls,
gnunet <=