gnunet-svn
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] r7676 - in libmicrohttpd/src/daemon/https: . tls


From: gnunet
Subject: [GNUnet-SVN] r7676 - in libmicrohttpd/src/daemon/https: . tls
Date: Wed, 10 Sep 2008 14:12:49 -0600 (MDT)

Author: lv-426
Date: 2008-09-10 14:12:49 -0600 (Wed, 10 Sep 2008)
New Revision: 7676

Modified:
   libmicrohttpd/src/daemon/https/gnutls.h
   libmicrohttpd/src/daemon/https/tls/ext_cert_type.c
   libmicrohttpd/src/daemon/https/tls/ext_oprfi.c
   libmicrohttpd/src/daemon/https/tls/ext_server_name.c
   libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c
   libmicrohttpd/src/daemon/https/tls/gnutls_constate.c
   libmicrohttpd/src/daemon/https/tls/gnutls_extensions.c
   libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c
   libmicrohttpd/src/daemon/https/tls/gnutls_record.c
   libmicrohttpd/src/daemon/https/tls/gnutls_state.c
Log:
resurrected some client side code

Modified: libmicrohttpd/src/daemon/https/gnutls.h
===================================================================
--- libmicrohttpd/src/daemon/https/gnutls.h     2008-09-10 14:10:42 UTC (rev 
7675)
+++ libmicrohttpd/src/daemon/https/gnutls.h     2008-09-10 20:12:49 UTC (rev 
7676)
@@ -225,6 +225,9 @@
   int MHD_gnutls_bye (mhd_gtls_session_t session, gnutls_close_request_t how);
   int MHD_gnutls_handshake (mhd_gtls_session_t session);
   int MHD_gnutls_rehandshake (mhd_gtls_session_t session);
+
+  int mhd_gtls_handshake_client (mhd_gtls_session_t session);
+
   gnutls_alert_description_t gnutls_alert_get (mhd_gtls_session_t session);
   int MHD_gnutls_alert_send (mhd_gtls_session_t session,
                              gnutls_alert_level_t level,
@@ -232,11 +235,11 @@
   int MHD_gnutls_alert_send_appropriate (mhd_gtls_session_t session, int err);
   const char *MHD_gnutls_alert_get_name (gnutls_alert_description_t alert);
 
+  enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get 
(mhd_gtls_session_t
+                                                        session);
 //  enum MHD_GNUTLS_CipherAlgorithm gnutls_cipher_get (mhd_gtls_session_t 
session);
 //  enum MHD_GNUTLS_KeyExchangeAlgorithm gnutls_kx_get (mhd_gtls_session_t 
session);
 //  enum MHD_GNUTLS_HashAlgorithm gnutls_mac_get (mhd_gtls_session_t session);
-//  enum MHD_GNUTLS_CompressionMethod gnutls_compression_get 
(mhd_gtls_session_t
-//                                                      session);
 //  enum MHD_GNUTLS_CertificateType gnutls_certificate_type_get 
(mhd_gtls_session_t
 //                                                         session);
 
@@ -250,7 +253,7 @@
                                           algorithm);
   const char *MHD_gnutls_mac_get_name (enum MHD_GNUTLS_HashAlgorithm
                                        algorithm);
-  const char *MHD_gnutls_compression_get_name (enum
+  const char *MHD_gtls_compression_get_name (enum
                                                MHD_GNUTLS_CompressionMethod
                                                algorithm);
   const char *MHD_gnutls_kx_get_name (enum MHD_GNUTLS_KeyExchangeAlgorithm

Modified: libmicrohttpd/src/daemon/https/tls/ext_cert_type.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/ext_cert_type.c  2008-09-10 14:10:42 UTC 
(rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/ext_cert_type.c  2008-09-10 20:12:49 UTC 
(rev 7676)
@@ -84,6 +84,7 @@
     }
   else
 #endif
+
     {                           /* SERVER SIDE - we must check if the sent 
cert type is the right one
                                  */
       if (data_size > 1)

Modified: libmicrohttpd/src/daemon/https/tls/ext_oprfi.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/ext_oprfi.c      2008-09-10 14:10:42 UTC 
(rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/ext_oprfi.c      2008-09-10 20:12:49 UTC 
(rev 7676)
@@ -27,12 +27,13 @@
  *
  */
 
+#include "MHD_config.h"
 #include <ext_oprfi.h>
 
 #include <gnutls_errors.h>
 #include <gnutls_num.h>
 
-int
+static int
 oprfi_recv_server (mhd_gtls_session_t session,
                    const opaque * data, size_t _data_size)
 {
@@ -68,7 +69,7 @@
   return 0;
 }
 
-int
+static int
 oprfi_recv_client (mhd_gtls_session_t session,
                    const opaque * data, size_t _data_size)
 {
@@ -122,7 +123,7 @@
     return oprfi_recv_server (session, data, data_size);
 }
 
-int
+static int
 oprfi_send_client (mhd_gtls_session_t session, opaque * data,
                    size_t _data_size)
 {
@@ -144,7 +145,7 @@
   return 2 + oprf_size;
 }
 
-int
+static int
 oprfi_send_server (mhd_gtls_session_t session, opaque * data,
                    size_t _data_size)
 {
@@ -199,7 +200,12 @@
 mhd_gtls_oprfi_send_params (mhd_gtls_session_t session,
                             opaque * data, size_t data_size)
 {
-  return oprfi_send_server (session, data, data_size);
+#if MHD_DEBUG_TLS
+  if (session->security_parameters.entity == GNUTLS_CLIENT)
+          return oprfi_send_client (session, data, data_size);
+  else
+#endif
+       return oprfi_send_server (session, data, data_size);
 }
 
 /**

Modified: libmicrohttpd/src/daemon/https/tls/ext_server_name.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/ext_server_name.c        2008-09-10 
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/ext_server_name.c        2008-09-10 
20:12:49 UTC (rev 7676)
@@ -128,12 +128,13 @@
                                   opaque * data, size_t _data_size)
 {
   int total_size = 0;
-#if MHD_DEBUG_TLS
+
   uint16_t len;
   opaque *p;
   unsigned i;
   ssize_t data_size = _data_size;
 
+#if MHD_DEBUG_TLS
   /* this function sends the client extension data (dnsname) */
   if (session->security_parameters.entity == GNUTLS_CLIENT)
     {

Modified: libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c      2008-09-10 
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c      2008-09-10 
20:12:49 UTC (rev 7676)
@@ -914,7 +914,7 @@
  * specified compression algorithm, or %NULL.
  **/
 const char *
-MHD_gnutls_compression_get_name (enum MHD_GNUTLS_CompressionMethod algorithm)
+MHD_gtls_compression_get_name (enum MHD_GNUTLS_CompressionMethod algorithm)
 {
   const char *ret = NULL;
 

Modified: libmicrohttpd/src/daemon/https/tls/gnutls_constate.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_constate.c        2008-09-10 
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_constate.c        2008-09-10 
20:12:49 UTC (rev 7676)
@@ -26,6 +26,7 @@
  * finished. These functions activate the established security parameters.
  */
 
+#include "MHD_config.h"
 #include <gnutls_int.h>
 #include <gnutls_constate.h>
 #include <gnutls_errors.h>

Modified: libmicrohttpd/src/daemon/https/tls/gnutls_extensions.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_extensions.c      2008-09-10 
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_extensions.c      2008-09-10 
20:12:49 UTC (rev 7676)
@@ -27,6 +27,7 @@
  * allow for extra functionality.
  */
 
+#include "MHD_config.h"
 #include "gnutls_int.h"
 #include "gnutls_extensions.h"
 #include "gnutls_errors.h"
@@ -147,7 +148,7 @@
   mhd_gtls_ext_recv_func ext_recv;
   uint16_t size;
 
-#ifdef DEBUG
+#if MHD_DEBUG_TLS
   int i;
   if (session->security_parameters.entity == GNUTLS_CLIENT)
     for (i = 0; i < session->internals.extensions_sent_size; i++)

Modified: libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c       2008-09-10 
14:10:42 UTC (rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c       2008-09-10 
20:12:49 UTC (rev 7676)
@@ -25,6 +25,7 @@
 /* Functions that relate to the TLS handshake procedure.
  */
 
+#include "MHD_config.h"
 #include "gnutls_int.h"
 #include "gnutls_errors.h"
 #include "gnutls_dh.h"
@@ -825,7 +826,7 @@
 
               _gnutls_handshake_log
                 ("HSK[%x]: Selected Compression Method: %s\n", session,
-                 MHD_gnutls_compression_get_name (session->internals.
+                 MHD_gtls_compression_get_name (session->internals.
                                                   compression_method));
 
 
@@ -1096,8 +1097,6 @@
 
 #define _gnutls_handshake_header_buffer_clear( session) 
session->internals.handshake_header_buffer.header_size = 0
 
-
-
 /* This function will hash the handshake headers and the
  * handshake data.
  */
@@ -1144,7 +1143,6 @@
   return 0;
 }
 
-
 /* This function will receive handshake messages of the given types,
  * and will pass the message to the right place in order to be processed.
  * E.g. for the SERVER_HELLO message (if it is expected), it will be
@@ -1612,7 +1610,6 @@
   return datalen;
 }
 
-
 /* This function copies the appropriate compression methods, to a locally 
allocated buffer
  * Needed in hello messages. Returns the new data length.
  */
@@ -1660,6 +1657,7 @@
  */
 #define MAX_EXT_DATA_LENGTH 1024
 
+#if MHD_DEBUG_TLS
 /* This function sends the client hello handshake message.
  */
 static int
@@ -1844,6 +1842,7 @@
 
   return ret;
 }
+#endif
 
 static int
 _gnutls_send_server_hello (mhd_gtls_session_t session, int again)
@@ -2061,10 +2060,6 @@
 {
   int ret;
 
-  /* only server sends that handshake packet */
-  if (session->security_parameters.entity == GNUTLS_CLIENT)
-    return GNUTLS_E_INVALID_REQUEST;
-
   ret =
     _gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST,
                                   AGAIN (STATE50));
@@ -2092,7 +2087,6 @@
   return GNUTLS_E_INTERNAL_ERROR;
 }
 
-
 /* This function initialized the handshake hash session.
  * required for finished messages.
  */
@@ -2223,12 +2217,17 @@
       gnutls_assert ();
       return ret;
     }
+#if MHD_DEBUG_TLS
   if (session->security_parameters.entity == GNUTLS_CLIENT)
-    {
-      gnutls_assert ();
-      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
-    }
-  ret = mhd_gtls_handshake_server (session);
+      {
+        ret = mhd_gtls_handshake_client (session);
+      }
+    else
+#endif
+      {
+        ret = mhd_gtls_handshake_server (session);
+      }
+
   if (ret < 0)
     {
       /* In the case of a rehandshake abort
@@ -2268,7 +2267,128 @@
        } } while (0)
 
 
+#if MHD_DEBUG_TLS
+/*
+ * mhd_gtls_handshake_client
+ * This function performs the client side of the handshake of the TLS/SSL 
protocol.
+ */
+int
+mhd_gtls_handshake_client (mhd_gtls_session_t session)
+{
+  int ret = 0;
 
+#ifdef HANDSHAKE_DEBUG
+  char buf[64];
+
+  if (session->internals.resumed_security_parameters.session_id_size > 0)
+    _gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session,
+                           mhd_gtls_bin2hex (session->internals.
+                                             resumed_security_parameters.
+                                             session_id,
+                                             session->internals.
+                                             resumed_security_parameters.
+                                             session_id_size, buf,
+                                             sizeof (buf)));
+#endif
+
+  switch (STATE)
+    {
+    case STATE0:
+    case STATE1:
+      ret = mhd_gtls_send_hello (session, AGAIN (STATE1));
+      STATE = STATE1;
+      IMED_RET ("send hello", ret);
+
+    case STATE2:
+      /* receive the server hello */
+      ret =
+        mhd_gtls_recv_handshake (session, NULL, NULL,
+                                 GNUTLS_HANDSHAKE_SERVER_HELLO,
+                                 MANDATORY_PACKET);
+      STATE = STATE2;
+      IMED_RET ("recv hello", ret);
+
+    case STATE70:
+      if (session->security_parameters.extensions.do_recv_supplemental)
+        {
+          ret = _gnutls_recv_supplemental (session);
+          STATE = STATE70;
+          IMED_RET ("recv supplemental", ret);
+        }
+
+    case STATE3:
+      /* RECV CERTIFICATE */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not 
resuming */
+        ret = mhd_gtls_recv_server_certificate (session);
+      STATE = STATE3;
+      IMED_RET ("recv server certificate", ret);
+
+    case STATE4:
+      /* receive the server key exchange */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not 
resuming */
+        ret = mhd_gtls_recv_server_kx_message (session);
+      STATE = STATE4;
+      IMED_RET ("recv server kx message", ret);
+
+    case STATE5:
+      /* receive the server certificate request - if any
+       */
+
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not 
resuming */
+        ret = mhd_gtls_recv_server_certificate_request (session);
+      STATE = STATE5;
+      IMED_RET ("recv server certificate request message", ret);
+
+    case STATE6:
+      /* receive the server hello done */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not 
resuming */
+        ret =
+          mhd_gtls_recv_handshake (session, NULL, NULL,
+                                   GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
+                                   MANDATORY_PACKET);
+      STATE = STATE6;
+      IMED_RET ("recv server hello done", ret);
+
+    case STATE71:
+      if (session->security_parameters.extensions.do_send_supplemental)
+        {
+          ret = _gnutls_send_supplemental (session, AGAIN (STATE71));
+          STATE = STATE71;
+          IMED_RET ("send supplemental", ret);
+        }
+
+    case STATE7:
+      /* send our certificate - if any and if requested
+       */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not 
resuming */
+        ret = mhd_gtls_send_client_certificate (session, AGAIN (STATE7));
+      STATE = STATE7;
+      IMED_RET ("send client certificate", ret);
+
+    case STATE8:
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not 
resuming */
+        ret = mhd_gtls_send_client_kx_message (session, AGAIN (STATE8));
+      STATE = STATE8;
+      IMED_RET ("send client kx", ret);
+
+    case STATE9:
+      /* send client certificate verify */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not 
resuming */
+        ret =
+          mhd_gtls_send_client_certificate_verify (session, AGAIN (STATE9));
+      STATE = STATE9;
+      IMED_RET ("send client certificate verify", ret);
+
+      STATE = STATE0;
+    default:
+      break;
+    }
+
+
+  return 0;
+}
+#endif
+
 /* This function sends the final handshake packets and initializes connection
  */
 static int

Modified: libmicrohttpd/src/daemon/https/tls/gnutls_record.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_record.c  2008-09-10 14:10:42 UTC 
(rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_record.c  2008-09-10 20:12:49 UTC 
(rev 7676)
@@ -751,7 +751,7 @@
 {
   size_t max_record_size;
 
-  if (gnutls_compression_get (session) != MHD_GNUTLS_COMP_NULL)
+  if (MHD_gtls_compression_get (session) != MHD_GNUTLS_COMP_NULL)
     max_record_size = MAX_RECORD_RECV_SIZE + EXTRA_COMP_SIZE;
   else
     max_record_size = MAX_RECORD_RECV_SIZE;

Modified: libmicrohttpd/src/daemon/https/tls/gnutls_state.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_state.c   2008-09-10 14:10:42 UTC 
(rev 7675)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_state.c   2008-09-10 20:12:49 UTC 
(rev 7676)
@@ -108,7 +108,7 @@
  * Returns: the currently used compression method.
  **/
 enum MHD_GNUTLS_CompressionMethod
-gnutls_compression_get (mhd_gtls_session_t session)
+MHD_gtls_compression_get (mhd_gtls_session_t session)
 {
   return session->security_parameters.read_compression_algorithm;
 }





reply via email to

[Prev in Thread] Current Thread [Next in Thread]