[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-131-gfd5ca1a
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-131-gfd5ca1a |
|
Date: |
Thu, 07 Jun 2012 16:13:30 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=fd5ca1afb7b223f1ce0c5330f2611996491c6aae
The branch, master has been updated
via fd5ca1afb7b223f1ce0c5330f2611996491c6aae (commit)
via bbc563171aa4d3e8afae7d7fa2becbb36214fbaa (commit)
via 022431ce6c2f05acdfc5c1030a3b51b75edd5074 (commit)
via ac25cc3d1568d3409db14e09ca3c684e787401eb (commit)
via 3ec123fca5afc6dda4f23eb6acbb377bcb5500c3 (commit)
via 132a5e6fa2f66d8f19ce58866219c963b31e215f (commit)
via 374eb82b1f3a7edbecda0113e52b9070b44b6ef7 (commit)
from dc773988cff9e34db3eec286e2132223cacf6f78 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit fd5ca1afb7b223f1ce0c5330f2611996491c6aae
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Thu Jun 7 18:12:59 2012 +0200
Added support for an old version of the DTLS protocol
used by openconnect vpn client for compatibility with Cisco's AnyConnect
SSL VPN. It is marked as GNUTLS_DTLS0_9. Do not use it for newer protocols
as it has issues.
commit bbc563171aa4d3e8afae7d7fa2becbb36214fbaa
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jun 6 21:17:13 2012 +0200
corrected function name
commit 022431ce6c2f05acdfc5c1030a3b51b75edd5074
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jun 6 21:11:48 2012 +0200
Options --benchmark-tls was split to --benchmark-tls-kx
commit ac25cc3d1568d3409db14e09ca3c684e787401eb
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Jun 6 21:04:51 2012 +0200
Added keys of equivalent security levels.
commit 3ec123fca5afc6dda4f23eb6acbb377bcb5500c3
Author: Mark Brand <address@hidden>
Date: Wed Jun 6 10:09:48 2012 +0200
add missing include wincrypt.h
Signed-off-by: Nikos Mavrogiannopoulos <address@hidden>
commit 132a5e6fa2f66d8f19ce58866219c963b31e215f
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Jun 5 23:00:59 2012 +0200
mention retrieve_function2
commit 374eb82b1f3a7edbecda0113e52b9070b44b6ef7
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Jun 5 22:41:24 2012 +0200
corrected invalid char
-----------------------------------------------------------------------
Summary of changes:
NEWS | 9 ++
doc/Makefile.am | 1 +
doc/cha-gtls-app.texi | 2 +-
doc/invoke-gnutls-cli.texi | 5 +-
lib/algorithms.h | 5 +
lib/algorithms/ciphersuites.c | 29 +++++
lib/algorithms/protocols.c | 3 +
lib/gnutls_constate.c | 2 +-
lib/gnutls_handshake.c | 57 ++++++++--
lib/gnutls_int.h | 4 +
lib/gnutls_kx.c | 25 +++--
lib/gnutls_session_pack.c | 70 ++++++++++++
lib/gnutls_x509.c | 3 +
lib/includes/gnutls/gnutls.h.in | 15 ++-
lib/libgnutls.map | 3 +-
src/benchmark-tls.c | 230 ++++++++++++++++-----------------------
src/benchmark.h | 2 +-
src/cli-args.c | 123 ++++++++++++---------
src/cli-args.def | 10 ++-
src/cli-args.h | 18 ++--
src/cli.c | 10 ++-
21 files changed, 399 insertions(+), 227 deletions(-)
diff --git a/NEWS b/NEWS
index fbcee70..a62b9c2 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,14 @@ See the end for copying conditions.
* Version 3.1.0 (unreleased)
+** gnutls-cli: --benchmark-tls was split to --benchmark-tls-kx
+and --benchmark-tls-ciphers
+
+** libgnutls: Added support for an old version of the DTLS protocol
+used by openconnect vpn client for compatibility with Cisco's AnyConnect
+SSL VPN. It is marked as GNUTLS_DTLS0_9. Do not use it for newer protocols
+as it has issues.
+
** libgnutls: requires libnettle 2.5.
** libgnutls: Use the PKCS #1 1.5 encoding provided by nettle (2.5)
@@ -45,6 +53,7 @@ gnutls_x509_trust_list_add_system_trust: Added
gnutls_x509_trust_list_add_trust_file: Added
gnutls_x509_trust_list_add_trust_mem: Added
gnutls_pk_to_sign: Added
+gnutls_session_set_premaster: Added
gnutls_pubkey_verify_hash: Deprecated (use gnutls_pubkey_verify_hash2)
gnutls_pubkey_verify_data: Deprecated (use gnutls_pubkey_verify_data2)
diff --git a/doc/Makefile.am b/doc/Makefile.am
index c7346f5..65141c8 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -686,6 +686,7 @@ FUNCS += functions/gnutls_session_set_data
FUNCS += functions/gnutls_session_get_data
FUNCS += functions/gnutls_session_get_data2
FUNCS += functions/gnutls_session_get_random
+FUNCS += functions/gnutls_session_set_premaster
FUNCS += functions/gnutls_session_get_id
FUNCS += functions/gnutls_session_channel_binding
FUNCS += functions/gnutls_session_is_resumed
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 9f2c8bf..35f705f 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -425,7 +425,7 @@ In that case a certificate should be selected according the
peer's signature
algorithm preferences. To get those preferences use
@funcref{gnutls_sign_algorithm_get_requested}. Both functions are shown below.
address@hidden,gnutls_sign_algorithm_get_requested}
address@hidden,gnutls_certificate_set_retrieve_function2,gnutls_sign_algorithm_get_requested}
The functions above do not handle the requested server name automatically.
A server would need to check the name requested by the client
diff --git a/doc/invoke-gnutls-cli.texi b/doc/invoke-gnutls-cli.texi
index c077aec..b7c35c9 100644
--- a/doc/invoke-gnutls-cli.texi
+++ b/doc/invoke-gnutls-cli.texi
@@ -7,7 +7,7 @@
#
# DO NOT EDIT THIS FILE (invoke-gnutls-cli.texi)
#
-# It has been AutoGen-ed May 25, 2012 at 10:22:22 PM by AutoGen 5.16
+# It has been AutoGen-ed June 6, 2012 at 09:11:09 PM by AutoGen 5.16
# From the definitions ../src/cli-args.def
# and the template file agtexi-cmd.tpl
@end ignore
@@ -85,7 +85,8 @@ USAGE: gnutls-cli [ -<flag> [<val>] |
--<name>address@hidden| @}<val>] ]... [hostname]
--insecure Don't abort program if server certificate can't
be validated
--benchmark-ciphers Benchmark individual ciphers
--benchmark-soft-ciphers Benchmark individual software ciphers (no hw
acceleration)
- --benchmark-tls Benchmark ciphers and key exchange methods in TLS
+ --benchmark-tls-kx Benchmark TLS key exchange methods
+ --benchmark-tls-ciphers Benchmark TLS ciphers
-l, --list Print a list of the supported algorithms and
modes
-v, --version[=arg] Output version information and exit
-h, --help Display extended usage information and exit
diff --git a/lib/algorithms.h b/lib/algorithms.h
index 9fe0272..748629c 100644
--- a/lib/algorithms.h
+++ b/lib/algorithms.h
@@ -69,6 +69,11 @@ gnutls_kx_algorithm_t _gnutls_cipher_suite_get_kx_algo
(const uint8_t suite[2]);
gnutls_mac_algorithm_t _gnutls_cipher_suite_get_mac_algo (const
uint8_t suite[2]);
+int
+_gnutls_cipher_suite_get_id (gnutls_kx_algorithm_t kx_algorithm,
+ gnutls_cipher_algorithm_t cipher_algorithm,
+ gnutls_mac_algorithm_t mac_algorithm, uint8_t
suite[2]);
+
/* Functions for ciphers. */
int _gnutls_cipher_is_block (gnutls_cipher_algorithm_t algorithm);
int _gnutls_cipher_algo_is_aead (gnutls_cipher_algorithm_t algorithm);
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c
index 3c5a79d..678812e 100644
--- a/lib/algorithms/ciphersuites.c
+++ b/lib/algorithms/ciphersuites.c
@@ -726,6 +726,35 @@ const gnutls_cipher_suite_entry * ce;
return ce->name + sizeof ("GNUTLS_") - 1;
}
+/*-
+ * _gnutls_cipher_suite_get_id:
+ * @kx_algorithm: is a Key exchange algorithm
+ * @cipher_algorithm: is a cipher algorithm
+ * @mac_algorithm: is a MAC algorithm
+ * @suite: The id to be returned
+ *
+ * It fills @suite with the ID of the ciphersuite of the provided parameters.
+ *
+ * Returns: 0 on success or a negative error code otherwise.
+ -*/
+int
+_gnutls_cipher_suite_get_id (gnutls_kx_algorithm_t kx_algorithm,
+ gnutls_cipher_algorithm_t cipher_algorithm,
+ gnutls_mac_algorithm_t mac_algorithm, uint8_t
suite[2])
+{
+const gnutls_cipher_suite_entry * ce;
+
+ ce = cipher_suite_get (kx_algorithm, cipher_algorithm, mac_algorithm);
+ if (ce == NULL)
+ return GNUTLS_E_INVALID_REQUEST;
+ else
+ {
+ suite[0] = ce->id[0];
+ suite[1] = ce->id[1];
+ }
+ return 0;
+}
+
/**
* gnutls_cipher_suite_info:
* @idx: index of cipher suite to get information about, starts on 0.
diff --git a/lib/algorithms/protocols.c b/lib/algorithms/protocols.c
index a152901..01203d8 100644
--- a/lib/algorithms/protocols.c
+++ b/lib/algorithms/protocols.c
@@ -43,6 +43,7 @@ static const gnutls_version_entry sup_versions[] = {
{"TLS1.0", GNUTLS_TLS1, 3, 1, GNUTLS_STREAM, 1},
{"TLS1.1", GNUTLS_TLS1_1, 3, 2, GNUTLS_STREAM, 1},
{"TLS1.2", GNUTLS_TLS1_2, 3, 3, GNUTLS_STREAM, 1},
+ {"DTLS0.9", GNUTLS_DTLS0_9, 1, 0, GNUTLS_DGRAM, 1}, /* Cisco AnyConnect
(based on about OpenSSL 0.9.8e) */
{"DTLS1.0", GNUTLS_DTLS1_0, 254, 255, GNUTLS_DGRAM, 1}, /* 1.1 over datagram
*/
{0, 0, 0, 0, 0}
};
@@ -242,6 +243,7 @@ _gnutls_version_has_selectable_prf (gnutls_protocol_t
version)
{
switch (version)
{
+ case GNUTLS_DTLS0_9:
case GNUTLS_DTLS1_0:
case GNUTLS_TLS1_1:
case GNUTLS_TLS1_0:
@@ -259,6 +261,7 @@ _gnutls_version_has_selectable_sighash (gnutls_protocol_t
version)
{
switch (version)
{
+ case GNUTLS_DTLS0_9:
case GNUTLS_DTLS1_0:
case GNUTLS_TLS1_1:
case GNUTLS_TLS1_0:
diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c
index 5ef0c74..c4aa4bc 100644
--- a/lib/gnutls_constate.c
+++ b/lib/gnutls_constate.c
@@ -466,7 +466,7 @@ _gnutls_epoch_set_keys (gnutls_session_t session, uint16_t
epoch)
dst->timestamp = src->timestamp; \
dst->max_record_recv_size = src->max_record_recv_size; \
dst->max_record_send_size = src->max_record_send_size; \
- dst->version = src->version
+ dst->version = src->version;
static void
_gnutls_set_resumed_parameters (gnutls_session_t session)
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 25520c4..8256e14 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -1191,7 +1191,8 @@ _gnutls_handshake_hash_add_recvd (gnutls_session_t
session,
{
int ret;
- if (recv_type == GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST ||
+ if ((gnutls_protocol_get_version (session) != GNUTLS_DTLS0_9 &&
+ recv_type == GNUTLS_HANDSHAKE_HELLO_VERIFY_REQUEST) ||
recv_type == GNUTLS_HANDSHAKE_HELLO_REQUEST)
return 0;
@@ -1199,11 +1200,13 @@ _gnutls_handshake_hash_add_recvd (gnutls_session_t
session,
session->internals.handshake_hash_buffer_prev_len =
session->internals.handshake_hash_buffer.length;
- ret = _gnutls_buffer_append_data(&session->internals.handshake_hash_buffer,
- header, header_size);
- if (ret < 0)
- return gnutls_assert_val(ret);
-
+ if (gnutls_protocol_get_version (session) != GNUTLS_DTLS0_9)
+ {
+ ret =
_gnutls_buffer_append_data(&session->internals.handshake_hash_buffer,
+ header, header_size);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+ }
if (datalen > 0)
{
ret =
_gnutls_buffer_append_data(&session->internals.handshake_hash_buffer,
@@ -1231,6 +1234,18 @@ _gnutls_handshake_hash_add_sent (gnutls_session_t
session,
{
CHECK_SIZE(datalen);
+ if (gnutls_protocol_get_version (session) == GNUTLS_DTLS0_9)
+ {
+ /* Old DTLS doesn't include the header in the MAC */
+ if (datalen <= 12)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+ dataptr += 12;
+ datalen -= 12;
+ }
+
ret =
_gnutls_buffer_append_data(&session->internals.handshake_hash_buffer,
dataptr, datalen);
if (ret < 0)
@@ -1402,7 +1417,8 @@ _gnutls_client_set_ciphersuite (gnutls_session_t session,
uint8_t suite[2])
/* check if the credentials (username, public key etc.) are ok.
* Actually checks if they exist.
*/
- if (_gnutls_get_kx_cred
+ if (!session->internals.premaster_set &&
+ _gnutls_get_kx_cred
(session,
_gnutls_cipher_suite_get_kx_algo
(session->security_parameters.cipher_suite), &err) == NULL
@@ -1823,6 +1839,8 @@ _gnutls_send_client_hello (gnutls_session_t session, int
again)
*/
if (!IS_DTLS(session))
_gnutls_record_set_default_version (session, 3, 0);
+ else if (gnutls_protocol_get_version (session) == GNUTLS_DTLS0_9)
+ _gnutls_record_set_default_version (session, 1, 0);
else
_gnutls_record_set_default_version (session, 254, 255);
}
@@ -2580,12 +2598,20 @@ send_change_cipher_spec (gnutls_session_t session, int
again)
if (bufel == NULL)
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
- _mbuffer_set_uhead_size(bufel, 1);
+ if (gnutls_protocol_get_version (session) == GNUTLS_DTLS0_9)
+ _mbuffer_set_uhead_size(bufel, 3);
+ else
+ _mbuffer_set_uhead_size(bufel, 1);
_mbuffer_set_udata_size(bufel, 0);
data = _mbuffer_get_uhead_ptr (bufel);
data[0] = 1;
+ if (gnutls_protocol_get_version (session) == GNUTLS_DTLS0_9)
+ {
+ _gnutls_write_uint16 (session->internals.dtls.hsk_write_seq,
&data[1]);
+ session->internals.dtls.hsk_write_seq++;
+ }
ret = _gnutls_handshake_io_cache_int (session,
GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC, bufel);
if (ret < 0)
@@ -2669,7 +2695,7 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
{
int ret = 0;
uint8_t ch;
-
+ unsigned int ccs_len = 1;
switch (STATE)
{
@@ -2689,7 +2715,10 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
return gnutls_assert_val(ret);
}
- ret = _gnutls_recv_int (session, GNUTLS_CHANGE_CIPHER_SPEC, -1, &ch, 1,
NULL);
+ if (gnutls_protocol_get_version (session) == GNUTLS_DTLS0_9)
+ ccs_len = 3;
+
+ ret = _gnutls_recv_int (session, GNUTLS_CHANGE_CIPHER_SPEC, -1, &ch,
ccs_len, NULL);
if (ret <= 0)
{
ERR ("recv ChangeCipherSpec", ret);
@@ -2697,6 +2726,9 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
return (ret < 0) ? ret : GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
}
+ if (gnutls_protocol_get_version (session) == GNUTLS_DTLS0_9)
+ session->internals.dtls.hsk_read_seq++;
+
/* Initialize the connection session (start encryption) - in case of
server */
if (init == TRUE)
{
@@ -2714,7 +2746,7 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
gnutls_assert ();
return ret;
}
-
+
case STATE31:
STATE = STATE31;
@@ -3149,7 +3181,8 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t
session,
/* if it is defined but had no credentials
*/
- if (_gnutls_get_kx_cred (session, kx, NULL) == NULL)
+ if (!session->internals.premaster_set &&
+ _gnutls_get_kx_cred (session, kx, NULL) == NULL)
{
delete = 1;
}
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 4a60ae0..02c4f95 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -863,6 +863,10 @@ typedef struct
/* DTLS session state */
dtls_st dtls;
+
+ /* if set it means that the master key was set using
+ * gnutls_session_set_master() rather than being negotiated. */
+ unsigned int premaster_set:1;
unsigned int cb_tls_unique_len;
unsigned char cb_tls_unique[MAX_VERIFY_DATA_SIZE];
diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c
index c38de18..0cebd38 100644
--- a/lib/gnutls_kx.c
+++ b/lib/gnutls_kx.c
@@ -73,27 +73,34 @@ send_handshake (gnutls_session_t session, uint8_t * data,
size_t size,
#define MASTER_SECRET "master secret"
#define MASTER_SECRET_SIZE (sizeof(MASTER_SECRET)-1)
-static int generate_normal_master (gnutls_session_t session, int);
+static int generate_normal_master (gnutls_session_t session, gnutls_datum_t*,
int);
int
_gnutls_generate_master (gnutls_session_t session, int keep_premaster)
{
if (session->internals.resumed == RESUME_FALSE)
- return generate_normal_master (session, keep_premaster);
+ return generate_normal_master (session, &session->key->key,
keep_premaster);
+ else if (session->internals.premaster_set)
+ {
+ gnutls_datum_t premaster;
+ premaster.size =
sizeof(session->internals.resumed_security_parameters.master_secret);
+ premaster.data =
session->internals.resumed_security_parameters.master_secret;
+ return generate_normal_master(session, &premaster, 1);
+ }
return 0;
}
/* here we generate the TLS Master secret.
*/
-#define PREMASTER session->key->key
static int
-generate_normal_master (gnutls_session_t session, int keep_premaster)
+generate_normal_master (gnutls_session_t session, gnutls_datum_t *premaster,
+ int keep_premaster)
{
int ret = 0;
char buf[512];
- _gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size,
- _gnutls_bin2hex (PREMASTER.data, PREMASTER.size, buf,
+ _gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", premaster->size,
+ _gnutls_bin2hex (premaster->data, premaster->size, buf,
sizeof (buf), NULL));
_gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32,
_gnutls_bin2hex (session->
@@ -114,7 +121,7 @@ generate_normal_master (gnutls_session_t session, int
keep_premaster)
session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
ret =
- _gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size,
+ _gnutls_ssl3_generate_random (premaster->data, premaster->size,
rnd, 2 * GNUTLS_RANDOM_SIZE,
GNUTLS_MASTER_SIZE,
session->
@@ -131,14 +138,14 @@ generate_normal_master (gnutls_session_t session, int
keep_premaster)
session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
ret =
- _gnutls_PRF (session, PREMASTER.data, PREMASTER.size,
+ _gnutls_PRF (session, premaster->data, premaster->size,
MASTER_SECRET, MASTER_SECRET_SIZE,
rnd, 2 * GNUTLS_RANDOM_SIZE, GNUTLS_MASTER_SIZE,
session->security_parameters.master_secret);
}
if (!keep_premaster)
- _gnutls_free_datum (&PREMASTER);
+ _gnutls_free_datum (premaster);
if (ret < 0)
return ret;
diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c
index 3e89b98..2588873 100644
--- a/lib/gnutls_session_pack.c
+++ b/lib/gnutls_session_pack.c
@@ -40,6 +40,7 @@
#include <gnutls_num.h>
#include <gnutls_extensions.h>
#include <gnutls_constate.h>
+#include <algorithms.h>
static int pack_certificate_auth_info (gnutls_session_t,
gnutls_buffer_st * packed_session);
@@ -860,3 +861,72 @@ unpack_security_parameters (gnutls_session_t session,
gnutls_buffer_st * ps)
error:
return ret;
}
+
+/**
+ * gnutls_session_set_premaster:
+ * @session: is a #gnutls_session_t structure.
+ * @entity: GNUTLS_SERVER or GNUTLS_CLIENT
+ * @version: the TLS protocol version
+ * @kx: the key exchange method
+ * @cipher: the cipher
+ * @mac: the MAC algorithm
+ * @comp: the compression method
+ * @master: the master key to use
+ * @session_id: the session identifier
+ *
+ * This function sets the premaster secret in a session. This is
+ * a function intended for exceptional uses. Do not use this
+ * function unless you are implementing a legacy protocol.
+ * Use gnutls_session_set_data() instead.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
+ * an error code is returned.
+ **/
+int
+gnutls_session_set_premaster (gnutls_session_t session, unsigned int entity,
+ gnutls_protocol_t version,
+ gnutls_kx_algorithm_t kx,
+ gnutls_cipher_algorithm_t cipher,
+ gnutls_mac_algorithm_t mac,
+ gnutls_compression_method_t comp,
+ const gnutls_datum_t* master,
+ const gnutls_datum_t * session_id)
+{
+ int ret;
+
+ memset (&session->internals.resumed_security_parameters, 0,
+ sizeof (session->internals.resumed_security_parameters));
+
+ session->internals.resumed_security_parameters.entity = entity;
+ session->internals.resumed_security_parameters.kx_algorithm = kx;
+
+ ret = _gnutls_cipher_suite_get_id(kx, cipher, mac,
session->internals.resumed_security_parameters.cipher_suite);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+ session->internals.resumed_security_parameters.compression_method = comp;
+ session->internals.resumed_security_parameters.cert_type =
GNUTLS_CRT_UNKNOWN;
+ session->internals.resumed_security_parameters.version = version;
+
+ if (master->size != GNUTLS_MASTER_SIZE)
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+ memcpy(session->internals.resumed_security_parameters.master_secret,
master->data, master->size);
+
+ if (session_id->size > GNUTLS_MAX_SESSION_ID)
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+ session->internals.resumed_security_parameters.session_id_size =
session_id->size;
+ memcpy(session->internals.resumed_security_parameters.session_id,
session_id->data, session_id->size);
+
+ session->internals.resumed_security_parameters.max_record_send_size =
+ session->internals.resumed_security_parameters.max_record_recv_size =
DEFAULT_MAX_RECORD_SIZE;
+
+ session->internals.resumed_security_parameters.timestamp = time(0);
+
+ session->internals.resumed_security_parameters.ecc_curve =
GNUTLS_ECC_CURVE_INVALID;
+
+ session->internals.premaster_set = 1;
+
+ return 0;
+}
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index 7bf2a2b..407568c 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -42,6 +42,9 @@
#include "x509/x509_int.h"
#include <gnutls_str_array.h>
#include "read-file.h"
+#if defined _WIN32 || defined __WIN32__
+#include <wincrypt.h>
+#endif
/*
* some x509 certificate parsing functions.
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 1a58a53..3885e56 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -431,7 +431,7 @@ extern "C"
* set only if CRLs are checked.
* @GNUTLS_CERT_SIGNER_NOT_FOUND: The certificate's issuer is not known.
* This is the case if the issuer is not included in the trusted certificate
list.
- * @GNUTLS_CERT_SIGNER_NOT_CA: The certificateâs signer was not a CA. This
+ * @GNUTLS_CERT_SIGNER_NOT_CA: The certificate's signer was not a CA. This
* may happen if this was a version 1 certificate, which is common with
* some CAs, or a version 3 certificate without the basic constrains
extension.
* @GNUTLS_CERT_INSECURE_ALGORITHM: The certificate was signed using an
insecure
@@ -505,6 +505,7 @@ extern "C"
* @GNUTLS_TLS1_1: TLS version 1.1.
* @GNUTLS_TLS1_2: TLS version 1.2.
* @GNUTLS_DTLS1_0: DTLS version 1.0.
+ * @GNUTLS_DTLS0_9: DTLS version 0.9 (Cisco AnyConnect / OpenSSL 0.9.8e).
* @GNUTLS_VERSION_MAX: Maps to the highest supported TLS version.
* @GNUTLS_VERSION_UNKNOWN: Unknown SSL/TLS version.
*
@@ -518,7 +519,8 @@ extern "C"
GNUTLS_TLS1_1 = 3,
GNUTLS_TLS1_2 = 4,
GNUTLS_DTLS1_0 = 5,
- GNUTLS_VERSION_MAX = GNUTLS_DTLS1_0,
+ GNUTLS_DTLS0_9 = 6,
+ GNUTLS_VERSION_MAX = GNUTLS_DTLS0_9,
GNUTLS_VERSION_UNKNOWN = 0xff
} gnutls_protocol_t;
@@ -969,6 +971,15 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t
session);
void gnutls_session_get_random (gnutls_session_t session, gnutls_datum_t*
client,
gnutls_datum_t* server);
+ int gnutls_session_set_premaster (gnutls_session_t session, unsigned int
entity,
+ gnutls_protocol_t version,
+ gnutls_kx_algorithm_t kx,
+ gnutls_cipher_algorithm_t cipher,
+ gnutls_mac_algorithm_t mac,
+ gnutls_compression_method_t comp,
+ const gnutls_datum_t* master,
+ const gnutls_datum_t * session_id);
+
/* returns the session ID */
#define GNUTLS_MAX_SESSION_ID 32
int gnutls_session_get_id (gnutls_session_t session, void *session_id,
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 23dc1a1..9faa8cc 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -787,16 +787,17 @@ GNUTLS_3_0_0 {
gnutls_session_get_random;
gnutls_pubkey_verify_hash2;
gnutls_pk_to_sign;
+ gnutls_certificate_set_x509_system_trust;
} GNUTLS_2_12;
GNUTLS_3_1_0 {
global:
- gnutls_certificate_set_x509_system_trust;
gnutls_pkcs11_obj_list_import_url2;
gnutls_x509_trust_list_add_system_trust;
gnutls_x509_trust_list_add_trust_file;
gnutls_x509_trust_list_add_trust_mem;
gnutls_pkcs12_simple_parse;
+ gnutls_session_set_premaster;
} GNUTLS_3_0_0;
GNUTLS_PRIVATE {
diff --git a/src/benchmark-tls.c b/src/benchmark-tls.c
index 10bcf63..b941c5c 100644
--- a/src/benchmark-tls.c
+++ b/src/benchmark-tls.c
@@ -52,122 +52,75 @@ const char* side = "";
#define PRIO_AES_GCM
"NONE:+VERS-TLS1.2:+AES-128-GCM:+AEAD:+SIGN-ALL:+COMP-NULL:+ANON-DH"
#define PRIO_CAMELLIA_CBC_SHA1
"NONE:+VERS-TLS1.0:+CAMELLIA-128-CBC:+SHA1:+SIGN-ALL:+COMP-NULL:+ANON-DH"
-// #define PARAMS_1024
-
-#ifdef PARAMS_1024
-
-static const int rsa_bits = 1024, ec_bits = 192;
-
-const char *pkcs3 =
- "-----BEGIN DH PARAMETERS-----\n"
- "MIIBCwKBgQCsIrA9BK23OUVIwrC4c65YJ2t8bqoGpJpuISjO07lAbWHWa47Kf9/t\n"
- "F9ckO2AF6Yj1Y7xS+FSCDeoIZsp0LCq3nAP9Ls25fgHrKSMPQBJt2vd5mUdm90Wr\n"
- "wCK2YjogQ7YVQlovVHsnJWC6Kf0P+OQ4hrihoBCGSj9sGK3wH57m+wKBgH5xlPNR\n"
- "pI8E2WBNqB6y4sV3eMGRvygScbbFUFFO1ccmNJl5Y5L/O+fP0ZXtmUJVsSvlY0fp\n"
- "Kcl6k5WCWMY8h6iHlJ9teHmC4s2jifXtaV759kJXdqrGEjRPEku50y3ANzDLzklW\n"
- "8R7HcSO397vIdouaUt38FbQESnIWOIZqDtq6AgIAnw==\n"
- "-----END DH PARAMETERS-----\n";
-
-/* RSA key of 1024 bits */
-static unsigned char server_cert_pem[] =
- "-----BEGIN CERTIFICATE-----\n"
- "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n"
- "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n"
- "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n"
- "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n"
- "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n"
- "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n"
- "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n"
- "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n"
- "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n"
- "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n"
- "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n"
- "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n"
- "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n";
-static unsigned char server_key_pem[] =
- "-----BEGIN RSA PRIVATE KEY-----\n"
- "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n"
- "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n"
- "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n"
- "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n"
- "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n"
- "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n"
- "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n"
- "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n"
- "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n"
- "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n"
- "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n"
- "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n"
- "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n"
- "-----END RSA PRIVATE KEY-----\n";
-
-#else
-
-static const int rsa_bits = 1840, ec_bits = 192;
+static const int rsa_bits = 1776, ec_bits = 192;
/* DH of 1840 bits that is pretty close equivalent to 192 bits of ECDH.
*/
const char *pkcs3 =
- "-----BEGIN DH PARAMETERS-----\n"
- "MIIB1gKB5kX/Dun+gVTZ1WXWxpS5efQUQY8XNGxi2V0IYHSqKMkrt8UGruv4Gqop\n"
- "vAoG/+llD/t84cIdUxNwHtLd5y/ae7lFOKFNhP+glvK/GsCfTcACRy9OFKphWi6E\n"
- "NDMyWV0miiZgIc/LrXgC4RcDMlmxRR3UW/+eVu1ti6PLMLYSooMwn60K6CWmgaM6\n"
- "VZaiD++gQtsgJdJv2+eNiVotodBPItJ5KcaPNVEdP1D8MzljO98UIOBR3YnalIAW\n"
- "oyTjWMcX5oxwIR4eSywPeUQokMFFAKxZfo6/IUv05sQ9semagqAilg52Q5CfAoHm\n"
- "RL1euKirrpaXqUtrV8r0l962oVFlLD92ReJOcjHFni8FY26qZ4IZba1lLP2Q4DTX\n"
- "ovR7HPMaa6Ss6EdR2hba8Q1LAiCCUFH5jiKjMU8bSM2Zi23GOdoHqYpHMbcSKkpX\n"
- "IQpbHHNap53/VxcPj4PK9SbQLt0KWe/253l8Ib5zivb6jKSOY/KzwoXO+MiPae01\n"
- "BdQhrMtsdntRWo5jChSBUidGP7orra3gPBOXhWdNeeTTshc0AZdSWP3NicokW/q7\n"
- "jHBuaadmhVv3yd6BvFkSePhVWcSKXXG27K9d3RNsXmaBasNYIhsCAgDf\n"
- "-----END DH PARAMETERS-----\n";
+"-----BEGIN DH PARAMETERS-----\n"
+"MIIBxgKB3gNZMD2odqYk7HGnT+kh72vcnGrDhFMad1m4VlYZoLClkRUOH05W9gKF\n"
+"hjBzlg5zO1Pp14hpSNWdfXcd2glWE2wzkxxxztzt23gdXK1GjfupnALyPS2Q0Oj7\n"
+"UiLDfos46vXOSzqO3vBElM2HJQ6N1TRU+EqD5t/6aTAV6iAD+yz2Fyv4Xs+rgJC2\n"
+"IbpunLzM2IhH2u9tLUXGkBzHPW/6Q+fJRhn88OLBC9vwOHPQvw779+FB0NPue1Qs\n"
+"vb+4HSywpOr4BtNLWST2MzhCYBApvV1dKcZLI5k5Cfmp5ryV+wKB3gEUe9uAk+5I\n"
+"ENkTLC7XLLNGjPEKwQhBzE7Nh7RKWlZRX+B/cX5/iT7ZF9+N83O/wf2AxEV6CRWV\n"
+"WiCjvML/wbskpGoGmrPyef7bLHI62x4/nNacGGWEichPW8Sn/qaT80FHyYM0m7Ha\n"
+"+Q9kYUSx0u1CW//3nGvma5dh/c2iiq8r7J9w2PSYynHts4bYMrRRx2PVeGhvU8+X\n"
+"nRkYOqptEqoB6NG5kPRL8b5jJSp7J2hN7shDjQB/s9/N8rvF8tRmMUTJpk3Fwr9F\n"
+"LVdX3640cbukwFTKlkqZ1evymVzx0wICAL0=\n"
+"-----END DH PARAMETERS-----\n";
static unsigned char server_cert_pem[] =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIC3TCCAeCgAwIBAgIETwIyNzANBgkqhkiG9w0BAQsFADAhMQswCQYDVQQGEwJH\n"
- "UjESMBAGA1UEAxMJbG9jYWxob3N0MB4XDTEyMDEwMjIyMzk1MloXDTE3MDYwNjIy\n"
- "Mzk1NlowITELMAkGA1UEBhMCR1IxEjAQBgNVBAMTCWxvY2FsaG9zdDCCAQUwDQYJ\n"
- "KoZIhvcNAQEBBQADgfMAMIHvAoHnAMnMTaYe76aNxyhPDDZ1YWuj8SQh9PC7PRDD\n"
- "8qL+G8se+DwiJOL3fjRCXi2R1zt6gUrJmycmW+1xc9GdVST6oO09ZG6NQ8CRvU+K\n"
- "EcaDRQojUFM9QLmkDO1MyEZDMuXBpM+9TFkyDWgrsgYgcNU+Y9FN9Y45OT780+kl\n"
- "DjZItjl1jnD3tfWaYORQE//Xy4i2HrxTgikP26PB+3ynI+SDj7Sdt4oasgUo1Fpd\n"
- "OWDQ0hYQ6sn51mOYUnhYZax5y4lI6Cm4KOQc1NMn3iaX5+nS5YGcFhS/Usb8KsX1\n"
- "fHGsvePSyS/oxTMlAgMBAAGjVTBTMAwGA1UdEwEB/wQCMAAwEwYDVR0lBAwwCgYI\n"
- "KwYBBQUHAwEwDwYDVR0PAQH/BAUDAwegADAdBgNVHQ4EFgQUgQI1pnj7olEUcUu3\n"
- "SVCbJwYyuF4wDQYJKoZIhvcNAQELBQADgecAs2veVEtkSIlj2nEy1NI/lr0Wf51K\n"
- "0E2/oAeZJGoGo4wK5HUDfW2HlO+UVTkPei2Zk5Kjl/hpd9zG4BhTurL5mncPntXx\n"
- "Q6F3FMklBld4AYKeq5SSl+GG/PoEDzEJjazABCWgLa/U3EYjuwSXZj9RMibB6NQX\n"
- "bKCaj4cjRZSa1UmdLl2KTgRfG1ZDU4EBObagkdaOGD0XJ8EEZaBRktMtT8byxM8A\n"
- "m2pRMdwPvbxENmMhLXcIPQTaPaEYZyq9LA8Pee5wJosN66l8JVlsz2XEcH35DcG0\n"
- "bSUX8CSDmUPyHRyzVNeEcHc=\n"
- "-----END CERTIFICATE-----\n";
+"-----BEGIN CERTIFICATE-----\n"
+"MIIEEzCCAx6gAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBuDELMAkGA1UEBhMCR1Ix\n"
+"EjAQBgNVBAoTCUtva28gaW5jLjEXMBUGA1UECxMOc2xlZXBpbmcgZGVwdC4xDzAN\n"
+"BgNVBAgTBkF0dGlraTEVMBMGA1UEAxMMQ2luZHkgTGF1cGVyMRcwFQYKCZImiZPy\n"
+"LGQBARMHY2xhdXBlcjEMMAoGA1UEDBMDRHIuMQ8wDQYDVQRBEwZqYWNrYWwxHDAa\n"
+"BgkqhkiG9w0BCQEWDW5vbmVAbm9uZS5vcmcwIhgPMjAxMjA2MDYxOTAxMjdaGA8y\n"
+"MDE5MDcxMDE5MDEyN1owgbgxCzAJBgNVBAYTAkdSMRIwEAYDVQQKEwlLb2tvIGlu\n"
+"Yy4xFzAVBgNVBAsTDnNsZWVwaW5nIGRlcHQuMQ8wDQYDVQQIEwZBdHRpa2kxFTAT\n"
+"BgNVBAMTDENpbmR5IExhdXBlcjEXMBUGCgmSJomT8ixkAQETB2NsYXVwZXIxDDAK\n"
+"BgNVBAwTA0RyLjEPMA0GA1UEQRMGamFja2FsMRwwGgYJKoZIhvcNAQkBFg1ub25l\n"
+"QG5vbmUub3JnMIH9MA0GCSqGSIb3DQEBAQUAA4HrADCB5wKB3wC/VSBHG5adM0r0\n"
+"E80dgVvt+oVnnDcKYcm9q2WbknTL6dFgjjcEbiHDKmnr1hgyT9jfQVE/ve2XnZqA\n"
+"kbpYMNrQbdieclNycjoXCj3BJSJXXz3Ra6O4DLNh0/XwsxbVd/tMSQvwAK0MR60K\n"
+"/yfruL2oxe8j7uDmS5oY8b5O9nP/EVW2u7P1KVhrNxC2rGoaK6iRpgkAX3oP2YVM\n"
+"hLfPONpDgYGxBvrO0tlpHCYL+miWdRzIDPMYtdcU1v1zVSKAsvJ2dgEwP6FoSiWP\n"
+"nkw3U41i4oe+T7kVEk1F9QLCnXsCAwEAAaNrMGkwDAYDVR0TAQH/BAIwADAUBgNV\n"
+"HREEDTALgglsb2NhbGhvc3QwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0PAQH/\n"
+"BAUDAwegADAdBgNVHQ4EFgQUMwvofEmn5CtM4GygipfIuebOssgwDQYJKoZIhvcN\n"
+"AQELBQADgd8AdP87xzJGv3ddODGoCaVNipkO96HDwt1fC4Jtp1VTn1V4JRaL4e4D\n"
+"0dlFMq30kmrLTxNSET7MJ5l2m0XZS7jhbl5UW9jLCv1GurMaVuYK4v0LGGezODoH\n"
+"8naZkxWYGS16kssPu0SDE0V9gWF31IXs2qs0PHvvpI5WFmjrOPX3RfFeVNhmc5sv\n"
+"1cy+hnM9wxcT2r+jpKn3mYVVcnG7ANZyLKzLwN/PGkYB+tv8sS0ojxMKZLQjr9xs\n"
+"z1plHeDzm0/t7gsAkrL8ynSkBBJ1SLqaKMmlP1DmgU/zTlMTyKrG\n"
+"-----END CERTIFICATE-----\n";
static unsigned char server_key_pem[] =
- "-----BEGIN RSA PRIVATE KEY-----\n"
- "MIIEKQIBAAKB5wDJzE2mHu+mjccoTww2dWFro/EkIfTwuz0Qw/Ki/hvLHvg8IiTi\n"
- "9340Ql4tkdc7eoFKyZsnJlvtcXPRnVUk+qDtPWRujUPAkb1PihHGg0UKI1BTPUC5\n"
- "pAztTMhGQzLlwaTPvUxZMg1oK7IGIHDVPmPRTfWOOTk+/NPpJQ42SLY5dY5w97X1\n"
- "mmDkUBP/18uIth68U4IpD9ujwft8pyPkg4+0nbeKGrIFKNRaXTlg0NIWEOrJ+dZj\n"
- "mFJ4WGWsecuJSOgpuCjkHNTTJ94ml+fp0uWBnBYUv1LG/CrF9XxxrL3j0skv6MUz\n"
- "JQIDAQABAoHnALSPqarKY4STt2/JyxOvU8wMlOfPumrsHmex7JkK5bOJsnOb2YV8\n"
- "DeCUwc/kfsEpjCZu3fTZzcdXjFoyfMzptLSSChshK05TGSDiWaVWL6AymNziIdf5\n"
- "gdeSrGCyIAiUi/OVXYsxze03q8LvpAYqHQZayysto69IOe6P5Qt17xYPgsRIA6k9\n"
- "LAgBIjCN2ukgR/fWERGSn2jC/aBlO3jwmG80LsdPNaQ6+esQcwjwMjFajkf5A1XE\n"
- "OiYlIdmUS2liuWnUQK+D76WSUTrlwKKjxQiB0A9wugCN43BWHfV/Kf6ohIM1kIAB\n"
- "AnQA/g8rrF0cTe6ZsiZU0m7nyIQkmATENlLhu37DtcsdqTAwV3+UqzLIh46sHiRa\n"
- "D3SKlhhNs6iTqw/Wv02ZHy+//pxCmWWNAxhhwPCM6/OO6i5oEYU4uH+llEcu5Flh\n"
- "udFt7fMy/tzpwPsZRFpXaO1wScU2AQJ0AMtW7rsVrdqZqOdVGNI7vRsLC1SM26j4\n"
- "2bouNvKPuaLOsLBSlFopSpFRDgOxe+OOqk9Reg6RzO/q+496bEOqixofCE5Gfc/I\n"
- "pwlwwRGTP7sA0w6Y+Vo+qiATht/YaruscXL3AdQ3BulaqunAzsKN0Iz2ZSUCdACu\n"
- "bTX74fVj4BPvxvdnfrNt7KO/J06bSW4nr1GpB6n2ldoqyLIGlBgvUZoEG8slX0si\n"
- "387BMVUpFffHYfxl9/+mTBxBewJEhMHgmIb4HEEbsP7MQJ3/tcu1sOWV63P4Aryp\n"
- "qNZzOrLWRs9DKY9nv9TfISIBAnMFNzCeadrwvXpAnMUrN08Nb4YV4BsORXvIM8FD\n"
- "DX60d1q+2w9lFKQOACc83wOPfaxOpodb8k9wY/WZ44j9X1V8EQm0gEhf2QS30EWT\n"
- "ftRmponDWRckQnE4q2eNPE7Yi37JdR594/9wYtv5bPGgueR8iSFlAnQAjinshgPe\n"
- "kfAYhgSBbyJJvmCCp3jSra5JzoBnmMy2JyEJT+trCs9pmaP79GP/6BjPXHImnN0w\n"
- "PsTvmNPD3U2BqsGRuu6OGg9VRP/LDLpPGmV7j8nTraVJCkc4w/n/gazAbPydZZbz\n"
- "qRP/3et96JUHZnmn6g==\n"
- "-----END RSA PRIVATE KEY-----\n";
-#endif
+"-----BEGIN RSA PRIVATE KEY-----\n"
+"MIIEBAIBAAKB3wC/VSBHG5adM0r0E80dgVvt+oVnnDcKYcm9q2WbknTL6dFgjjcE\n"
+"biHDKmnr1hgyT9jfQVE/ve2XnZqAkbpYMNrQbdieclNycjoXCj3BJSJXXz3Ra6O4\n"
+"DLNh0/XwsxbVd/tMSQvwAK0MR60K/yfruL2oxe8j7uDmS5oY8b5O9nP/EVW2u7P1\n"
+"KVhrNxC2rGoaK6iRpgkAX3oP2YVMhLfPONpDgYGxBvrO0tlpHCYL+miWdRzIDPMY\n"
+"tdcU1v1zVSKAsvJ2dgEwP6FoSiWPnkw3U41i4oe+T7kVEk1F9QLCnXsCAwEAAQKB\n"
+"3iYR2gpMAvvkaNWH2xgz1QbVAhZLjugR7QJASEdcLMEmFPMRWQEYqL8cgVbbkpTw\n"
+"Lka9yFzWfZ/dTBCo7lr93Yv7T063kMME12oeL4tuyBZ6bOJueHT2kfq1Igpyl+iB\n"
+"pw7WuflXKRd4a4X0nwzYBQxYWH7bKkQRZDlViKuOXKVzgT7GqD6cbTZbc/8wUTi7\n"
+"HoyMlz4d+YH/XL5Zt6SM7cMuJ/VOGGUcBiXqlixzulloihkPwJeg6zxx0e1dVy4q\n"
+"jvVhb+hmypWajjBDPUwIGFih0lZJ6rqIDyls/ZK2AQJwAPFeAMubo1KWcFU+nHoK\n"
+"Q/jdOjpuAt7fwczkqhb6uOrJtS4RUtF3x3jfESFYf6Btnt6Slj1HpNKHbud2Weyw\n"
+"i3lIkkmQq4+8uRjZXlNtp2Sd33NFeYE1D8ll3V2wiwiCOPJxYWpOOwHs7pkcOsAD\n"
+"ywJwAMruluGFAUhoCxXOGzbJeXOC0U+LbwU72Xgk9zhEX6chaklKgdSnJ8DlHnYe\n"
+"R+wc2vXRfSGlT1OH0X8ezn82QV8UmYo6cNpMTNarW0rzpFir51owvYSBPnPB+DLX\n"
+"0JausRZoI6fyZSw4Vxt9PN13EQJwANnEX2FUfcmQs68le1ZclrEdIGEBSpO9PARZ\n"
+"tuBeu6IR9OaoeJlGwXDbiYAVcajT3oefp++ICTxtNvGchUuYiW4WvO2kmjVoJ3Q1\n"
+"Afaxs1qDWcyNvS+HKUQjJNNX6kj1/N040JRyGqkFFMyNfLArewJwAL/KfLkJjmvT\n"
+"QV7LW3cNNYbRRWdLXZLxvJfLQAdiv5BiiWRZUZkcnfq10HNMLSdfIiYfZocNCIrm\n"
+"mz3sbLdYHLJy8qXsk8oNQLXGX9LXsCTJ2y6nUAZSbCbVVPEgfRhcZCvMIp7Q/YOs\n"
+"f88QLx0UMQJvYsEnYagLe9EfC0d8fXTKJr143FMxas7j3eftxLEBnx7ZsqCbJD1o\n"
+"UsvWkp5I3kqIABEqY1ZJV/gU41MceuWURSVADpuuRDLzv8WPdeffad9o2hX/bkI6\n"
+"2INKeuq1nILiEHAZLloH6/fdjpWZYF0D\n"
+"-----END RSA PRIVATE KEY-----\n";
static unsigned char server_ecc_key_pem[] =
"-----BEGIN EC PRIVATE KEY-----\n"
@@ -403,39 +356,44 @@ static void test_ciphersuite_kx(const char *cipher_prio)
}
-void benchmark_tls(int debug_level)
+void benchmark_tls(int debug_level, int ciphers)
{
gnutls_global_set_log_function(tls_log_func);
gnutls_global_set_log_level(debug_level);
gnutls_global_init();
- printf("Testing throughput in cipher/MAC combinations:\n");
-
- test_ciphersuite(PRIO_ARCFOUR_128_MD5, 1024);
- test_ciphersuite(PRIO_ARCFOUR_128_MD5, 4096);
- test_ciphersuite(PRIO_ARCFOUR_128_MD5, 8 * 1024);
- test_ciphersuite(PRIO_ARCFOUR_128_MD5, 15 * 1024);
-
- test_ciphersuite(PRIO_AES_GCM, 1024);
- test_ciphersuite(PRIO_AES_GCM, 4096);
- test_ciphersuite(PRIO_AES_GCM, 8 * 1024);
- test_ciphersuite(PRIO_AES_GCM, 15 * 1024);
-
- test_ciphersuite(PRIO_AES_CBC_SHA1, 1024);
- test_ciphersuite(PRIO_AES_CBC_SHA1, 4096);
- test_ciphersuite(PRIO_AES_CBC_SHA1, 8 * 1024);
- test_ciphersuite(PRIO_AES_CBC_SHA1, 15 * 1024);
-
- test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 1024);
- test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 4096);
- test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 8 * 1024);
- test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 15 * 1024);
-
- printf("\nTesting key exchanges (RSA/DH bits: %d, EC bits: %d):\n",
rsa_bits, ec_bits);
- test_ciphersuite_kx(PRIO_DH);
- test_ciphersuite_kx(PRIO_ECDH);
- test_ciphersuite_kx(PRIO_ECDHE_ECDSA);
- test_ciphersuite_kx(PRIO_RSA);
+ if (ciphers != 0)
+ {
+ printf("Testing throughput in cipher/MAC combinations:\n");
+
+ test_ciphersuite(PRIO_ARCFOUR_128_MD5, 1024);
+ test_ciphersuite(PRIO_ARCFOUR_128_MD5, 4096);
+ test_ciphersuite(PRIO_ARCFOUR_128_MD5, 8 * 1024);
+ test_ciphersuite(PRIO_ARCFOUR_128_MD5, 15 * 1024);
+
+ test_ciphersuite(PRIO_AES_GCM, 1024);
+ test_ciphersuite(PRIO_AES_GCM, 4096);
+ test_ciphersuite(PRIO_AES_GCM, 8 * 1024);
+ test_ciphersuite(PRIO_AES_GCM, 15 * 1024);
+
+ test_ciphersuite(PRIO_AES_CBC_SHA1, 1024);
+ test_ciphersuite(PRIO_AES_CBC_SHA1, 4096);
+ test_ciphersuite(PRIO_AES_CBC_SHA1, 8 * 1024);
+ test_ciphersuite(PRIO_AES_CBC_SHA1, 15 * 1024);
+
+ test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 1024);
+ test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 4096);
+ test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 8 * 1024);
+ test_ciphersuite(PRIO_CAMELLIA_CBC_SHA1, 15 * 1024);
+ }
+ else
+ {
+ printf("\nTesting key exchanges (RSA/DH bits: %d, EC bits: %d):\n",
rsa_bits, ec_bits);
+ test_ciphersuite_kx(PRIO_DH);
+ test_ciphersuite_kx(PRIO_ECDH);
+ test_ciphersuite_kx(PRIO_ECDHE_ECDSA);
+ test_ciphersuite_kx(PRIO_RSA);
+ }
gnutls_global_deinit();
diff --git a/src/benchmark.h b/src/benchmark.h
index 228a960..40bd602 100644
--- a/src/benchmark.h
+++ b/src/benchmark.h
@@ -28,7 +28,7 @@
typedef void (*sighandler_t)(int);
void benchmark_cipher (int init, int debug_level);
-void benchmark_tls (int debug_level);
+void benchmark_tls (int debug_level, int ciphers);
struct benchmark_st
{
diff --git a/src/cli-args.c b/src/cli-args.c
index 027ef00..09e65e5 100644
--- a/src/cli-args.c
+++ b/src/cli-args.c
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (cli-args.c)
*
- * It has been AutoGen-ed May 23, 2012 at 08:55:14 PM by AutoGen 5.16
+ * It has been AutoGen-ed June 6, 2012 at 09:09:25 PM by AutoGen 5.16
* From the definitions cli-args.def
* and the template file options
*
@@ -67,7 +67,7 @@ extern FILE * option_usage_fp;
/*
* gnutls-cli option static const strings
*/
-static char const gnutls_cli_opt_strs[3434] =
+static char const gnutls_cli_opt_strs[3491] =
/* 0 */ "gnutls-cli @address@hidden"
"Copyright (C) 2000-2012 Free Software Foundation, all rights
reserved.\n"
"This is free software. It is licensed for use, modification and\n"
@@ -187,29 +187,32 @@ static char const gnutls_cli_opt_strs[3434] =
/* 2611 */ "Benchmark individual software ciphers (no hw acceleration)\0"
/* 2670 */ "BENCHMARK_SOFT_CIPHERS\0"
/* 2693 */ "benchmark-soft-ciphers\0"
-/* 2716 */ "Benchmark ciphers and key exchange methods in TLS\0"
-/* 2766 */ "BENCHMARK_TLS\0"
-/* 2780 */ "benchmark-tls\0"
-/* 2794 */ "Print a list of the supported algorithms and modes\0"
-/* 2845 */ "LIST\0"
-/* 2850 */ "list\0"
-/* 2855 */ "Display extended usage information and exit\0"
-/* 2899 */ "help\0"
-/* 2904 */ "Extended usage information passed thru pager\0"
-/* 2949 */ "more-help\0"
-/* 2959 */ "Output version information and exit\0"
-/* 2995 */ "version\0"
-/* 3003 */ "GNUTLS_CLI\0"
-/* 3014 */ "gnutls-cli - GnuTLS client - Ver. @address@hidden"
+/* 2716 */ "Benchmark TLS key exchange methods\0"
+/* 2751 */ "BENCHMARK_TLS_KX\0"
+/* 2768 */ "benchmark-tls-kx\0"
+/* 2785 */ "Benchmark TLS ciphers\0"
+/* 2807 */ "BENCHMARK_TLS_CIPHERS\0"
+/* 2829 */ "benchmark-tls-ciphers\0"
+/* 2851 */ "Print a list of the supported algorithms and modes\0"
+/* 2902 */ "LIST\0"
+/* 2907 */ "list\0"
+/* 2912 */ "Display extended usage information and exit\0"
+/* 2956 */ "help\0"
+/* 2961 */ "Extended usage information passed thru pager\0"
+/* 3006 */ "more-help\0"
+/* 3016 */ "Output version information and exit\0"
+/* 3052 */ "version\0"
+/* 3060 */ "GNUTLS_CLI\0"
+/* 3071 */ "gnutls-cli - GnuTLS client - Ver. @address@hidden"
"USAGE: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...
[hostname]\n\0"
-/* 3127 */ "address@hidden"
-/* 3146 */ "\n\n\0"
-/* 3149 */ "\n"
+/* 3184 */ "address@hidden"
+/* 3203 */ "\n\n\0"
+/* 3206 */ "\n"
"Simple client program to set up a TLS connection to some other
computer. It\n"
"sets up a TLS connection and forwards data from the standard
input to the\n"
"secured socket and vice versa.\n\0"
-/* 3333 */ "gnutls-cli @address@hidden"
-/* 3354 */ "Usage: gnutls-cli [options] hostname\n"
+/* 3390 */ "gnutls-cli @address@hidden"
+/* 3411 */ "Usage: gnutls-cli [options] hostname\n"
"gnutls-cli --help for usage instructions.\n";
/*
@@ -507,29 +510,37 @@ static char const gnutls_cli_opt_strs[3434] =
#define BENCHMARK_SOFT_CIPHERS_FLAGS (OPTST_DISABLED)
/*
- * benchmark-tls option description:
+ * benchmark-tls-kx option description:
*/
-#define BENCHMARK_TLS_DESC (gnutls_cli_opt_strs+2716)
-#define BENCHMARK_TLS_NAME (gnutls_cli_opt_strs+2766)
-#define BENCHMARK_TLS_name (gnutls_cli_opt_strs+2780)
-#define BENCHMARK_TLS_FLAGS (OPTST_DISABLED)
+#define BENCHMARK_TLS_KX_DESC (gnutls_cli_opt_strs+2716)
+#define BENCHMARK_TLS_KX_NAME (gnutls_cli_opt_strs+2751)
+#define BENCHMARK_TLS_KX_name (gnutls_cli_opt_strs+2768)
+#define BENCHMARK_TLS_KX_FLAGS (OPTST_DISABLED)
+
+/*
+ * benchmark-tls-ciphers option description:
+ */
+#define BENCHMARK_TLS_CIPHERS_DESC (gnutls_cli_opt_strs+2785)
+#define BENCHMARK_TLS_CIPHERS_NAME (gnutls_cli_opt_strs+2807)
+#define BENCHMARK_TLS_CIPHERS_name (gnutls_cli_opt_strs+2829)
+#define BENCHMARK_TLS_CIPHERS_FLAGS (OPTST_DISABLED)
/*
* list option description:
*/
-#define LIST_DESC (gnutls_cli_opt_strs+2794)
-#define LIST_NAME (gnutls_cli_opt_strs+2845)
-#define LIST_name (gnutls_cli_opt_strs+2850)
+#define LIST_DESC (gnutls_cli_opt_strs+2851)
+#define LIST_NAME (gnutls_cli_opt_strs+2902)
+#define LIST_name (gnutls_cli_opt_strs+2907)
#define LIST_FLAGS (OPTST_DISABLED)
/*
* Help/More_Help/Version option descriptions:
*/
-#define HELP_DESC (gnutls_cli_opt_strs+2855)
-#define HELP_name (gnutls_cli_opt_strs+2899)
+#define HELP_DESC (gnutls_cli_opt_strs+2912)
+#define HELP_name (gnutls_cli_opt_strs+2956)
#ifdef HAVE_WORKING_FORK
-#define MORE_HELP_DESC (gnutls_cli_opt_strs+2904)
-#define MORE_HELP_name (gnutls_cli_opt_strs+2949)
+#define MORE_HELP_DESC (gnutls_cli_opt_strs+2961)
+#define MORE_HELP_name (gnutls_cli_opt_strs+3006)
#define MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT)
#else
#define MORE_HELP_DESC NULL
@@ -542,8 +553,8 @@ static char const gnutls_cli_opt_strs[3434] =
# define VER_FLAGS (OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \
OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT)
#endif
-#define VER_DESC (gnutls_cli_opt_strs+2959)
-#define VER_name (gnutls_cli_opt_strs+2995)
+#define VER_DESC (gnutls_cli_opt_strs+3016)
+#define VER_name (gnutls_cli_opt_strs+3052)
/*
* Declare option callback procedures
*/
@@ -972,20 +983,32 @@ static tOptDesc optDesc[OPTION_CT] = {
/* desc, NAME, name */ BENCHMARK_SOFT_CIPHERS_DESC,
BENCHMARK_SOFT_CIPHERS_NAME, BENCHMARK_SOFT_CIPHERS_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 34, VALUE_OPT_BENCHMARK_TLS,
- /* equiv idx, value */ 34, VALUE_OPT_BENCHMARK_TLS,
+ { /* entry idx, value */ 34, VALUE_OPT_BENCHMARK_TLS_KX,
+ /* equiv idx, value */ 34, VALUE_OPT_BENCHMARK_TLS_KX,
+ /* equivalenced to */ NO_EQUIVALENT,
+ /* min, max, act ct */ 0, 1, 0,
+ /* opt state flags */ BENCHMARK_TLS_KX_FLAGS, 0,
+ /* last opt argumnt */ { NULL }, /* --benchmark-tls-kx */
+ /* arg list/cookie */ NULL,
+ /* must/cannot opts */ NULL, NULL,
+ /* option proc */ NULL,
+ /* desc, NAME, name */ BENCHMARK_TLS_KX_DESC, BENCHMARK_TLS_KX_NAME,
BENCHMARK_TLS_KX_name,
+ /* disablement strs */ NULL, NULL },
+
+ { /* entry idx, value */ 35, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
+ /* equiv idx, value */ 35, VALUE_OPT_BENCHMARK_TLS_CIPHERS,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
- /* opt state flags */ BENCHMARK_TLS_FLAGS, 0,
- /* last opt argumnt */ { NULL }, /* --benchmark-tls */
+ /* opt state flags */ BENCHMARK_TLS_CIPHERS_FLAGS, 0,
+ /* last opt argumnt */ { NULL }, /* --benchmark-tls-ciphers */
/* arg list/cookie */ NULL,
/* must/cannot opts */ NULL, NULL,
/* option proc */ NULL,
- /* desc, NAME, name */ BENCHMARK_TLS_DESC, BENCHMARK_TLS_NAME,
BENCHMARK_TLS_name,
+ /* desc, NAME, name */ BENCHMARK_TLS_CIPHERS_DESC,
BENCHMARK_TLS_CIPHERS_NAME, BENCHMARK_TLS_CIPHERS_name,
/* disablement strs */ NULL, NULL },
- { /* entry idx, value */ 35, VALUE_OPT_LIST,
- /* equiv idx, value */ 35, VALUE_OPT_LIST,
+ { /* entry idx, value */ 36, VALUE_OPT_LIST,
+ /* equiv idx, value */ 36, VALUE_OPT_LIST,
/* equivalenced to */ NO_EQUIVALENT,
/* min, max, act ct */ 0, 1, 0,
/* opt state flags */ LIST_FLAGS, 0,
@@ -1040,14 +1063,14 @@ static tOptDesc optDesc[OPTION_CT] = {
*
* Define the gnutls-cli Option Environment
*/
-#define zPROGNAME (gnutls_cli_opt_strs+3003)
-#define zUsageTitle (gnutls_cli_opt_strs+3014)
+#define zPROGNAME (gnutls_cli_opt_strs+3060)
+#define zUsageTitle (gnutls_cli_opt_strs+3071)
#define zRcName NULL
#define apzHomeList NULL
-#define zBugsAddr (gnutls_cli_opt_strs+3127)
-#define zExplain (gnutls_cli_opt_strs+3146)
-#define zDetail (gnutls_cli_opt_strs+3149)
-#define zFullVersion (gnutls_cli_opt_strs+3333)
+#define zBugsAddr (gnutls_cli_opt_strs+3184)
+#define zExplain (gnutls_cli_opt_strs+3203)
+#define zDetail (gnutls_cli_opt_strs+3206)
+#define zFullVersion (gnutls_cli_opt_strs+3390)
/* extracted from optcode.tlib near line 350 */
#if defined(ENABLE_NLS)
@@ -1061,7 +1084,7 @@ static tOptDesc optDesc[OPTION_CT] = {
#define gnutls_cli_full_usage (NULL)
-#define gnutls_cli_short_usage (gnutls_cli_opt_strs+3354)
+#define gnutls_cli_short_usage (gnutls_cli_opt_strs+3411)
#endif /* not defined __doxygen__ */
@@ -1339,7 +1362,7 @@ tOptions gnutls_cliOptions = {
NO_EQUIVALENT, /* '-#' option index */
NO_EQUIVALENT /* index of default opt */
},
- 39 /* full option count */, 36 /* user option count */,
+ 40 /* full option count */, 37 /* user option count */,
gnutls_cli_full_usage, gnutls_cli_short_usage,
NULL, NULL,
PKGDATADIR, gnutls_cli_packager_info
diff --git a/src/cli-args.def b/src/cli-args.def
index 35508d8..5e2d6c6 100644
--- a/src/cli-args.def
+++ b/src/cli-args.def
@@ -243,8 +243,14 @@ flag = {
};
flag = {
- name = benchmark-tls;
- descrip = "Benchmark ciphers and key exchange methods in TLS";
+ name = benchmark-tls-kx;
+ descrip = "Benchmark TLS key exchange methods";
+ doc = "";
+};
+
+flag = {
+ name = benchmark-tls-ciphers;
+ descrip = "Benchmark TLS ciphers";
doc = "";
};
diff --git a/src/cli-args.h b/src/cli-args.h
index 86562fd..e8c9dac 100644
--- a/src/cli-args.h
+++ b/src/cli-args.h
@@ -2,7 +2,7 @@
*
* DO NOT EDIT THIS FILE (cli-args.h)
*
- * It has been AutoGen-ed May 23, 2012 at 08:55:13 PM by AutoGen 5.16
+ * It has been AutoGen-ed June 6, 2012 at 09:09:25 PM by AutoGen 5.16
* From the definitions cli-args.def
* and the template file options
*
@@ -101,14 +101,15 @@ typedef enum {
INDEX_OPT_INSECURE = 31,
INDEX_OPT_BENCHMARK_CIPHERS = 32,
INDEX_OPT_BENCHMARK_SOFT_CIPHERS = 33,
- INDEX_OPT_BENCHMARK_TLS = 34,
- INDEX_OPT_LIST = 35,
- INDEX_OPT_VERSION = 36,
- INDEX_OPT_HELP = 37,
- INDEX_OPT_MORE_HELP = 38
+ INDEX_OPT_BENCHMARK_TLS_KX = 34,
+ INDEX_OPT_BENCHMARK_TLS_CIPHERS = 35,
+ INDEX_OPT_LIST = 36,
+ INDEX_OPT_VERSION = 37,
+ INDEX_OPT_HELP = 38,
+ INDEX_OPT_MORE_HELP = 39
} teOptIndex;
-#define OPTION_CT 39
+#define OPTION_CT 40
#define GNUTLS_CLI_VERSION "@VERSION@"
#define GNUTLS_CLI_FULL_VERSION "gnutls-cli @VERSION@"
@@ -188,7 +189,8 @@ typedef enum {
#define VALUE_OPT_INSECURE 31
#define VALUE_OPT_BENCHMARK_CIPHERS 32
#define VALUE_OPT_BENCHMARK_SOFT_CIPHERS 129
-#define VALUE_OPT_BENCHMARK_TLS 130
+#define VALUE_OPT_BENCHMARK_TLS_KX 130
+#define VALUE_OPT_BENCHMARK_TLS_CIPHERS 131
#define VALUE_OPT_LIST 'l'
#define VALUE_OPT_HELP 'h'
#define VALUE_OPT_MORE_HELP '!'
diff --git a/src/cli.c b/src/cli.c
index b66b775..bc4d731 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -1124,9 +1124,15 @@ const char* rest = NULL;
exit(0);
}
- if (HAVE_OPT(BENCHMARK_TLS))
+ if (HAVE_OPT(BENCHMARK_TLS_CIPHERS))
{
- benchmark_tls(OPT_VALUE_DEBUG);
+ benchmark_tls(OPT_VALUE_DEBUG, 1);
+ exit(0);
+ }
+
+ if (HAVE_OPT(BENCHMARK_TLS_KX))
+ {
+ benchmark_tls(OPT_VALUE_DEBUG, 0);
exit(0);
}
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-131-gfd5ca1a,
Nikos Mavrogiannopoulos <=