[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-81-g3fcb006
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-81-g3fcb006 |
|
Date: |
Mon, 05 Nov 2012 20:54:12 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=3fcb006e28f946fa73660c0dc6c844a76cbc0f84
The branch, master has been updated
via 3fcb006e28f946fa73660c0dc6c844a76cbc0f84 (commit)
via b47ec12f7ac7e08c4456ffa5cb513a408d8d962e (commit)
via f7be127256f35116abd462b614e2958963f09155 (commit)
via 970c5454e453d470d93715d96078c820043282dd (commit)
via 6fd98c0e5d558c9d00a51185799c8a1ec1ef929f (commit)
from 3a7536e2e12597b4e2831dd07f5dfba94a747aa9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3fcb006e28f946fa73660c0dc6c844a76cbc0f84
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Nov 5 21:44:44 2012 +0100
Added conditional to disable DTLS-SRTP support.
commit b47ec12f7ac7e08c4456ffa5cb513a408d8d962e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Nov 5 21:44:26 2012 +0100
updated
commit f7be127256f35116abd462b614e2958963f09155
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Nov 5 21:38:50 2012 +0100
corrected SRTP profile names
commit 970c5454e453d470d93715d96078c820043282dd
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Nov 5 21:35:50 2012 +0100
simplified profile selection
commit 6fd98c0e5d558c9d00a51185799c8a1ec1ef929f
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Nov 4 17:37:44 2012 +0100
better printing
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 1 +
doc/cha-library.texi | 1 +
doc/invoke-danetool.texi | 8 ++++----
lib/ext/Makefile.am | 5 ++++-
lib/ext/srtp.c | 24 +++++++++---------------
lib/gnutls_extensions.c | 2 ++
m4/hooks.m4 | 15 +++++++++++++++
src/cli.c | 2 ++
src/common.c | 2 ++
src/danetool.c | 3 ++-
src/serv.c | 2 ++
tests/mini-dtls-srtp.c | 12 ++++++------
12 files changed, 50 insertions(+), 27 deletions(-)
diff --git a/configure.ac b/configure.ac
index 736f815..0891360 100644
--- a/configure.ac
+++ b/configure.ac
@@ -640,6 +640,7 @@ AC_MSG_NOTICE([Optional features:
(note that included applications might not compile properly
if features are disabled)
+ DTLS-SRTP support:$ac_enable_srtp
OCSP support: $ac_enable_ocsp
OpenPGP support: $ac_enable_openpgp
SRP support: $ac_enable_srp
diff --git a/doc/cha-library.texi b/doc/cha-library.texi
index 338658a..4f2e16f 100644
--- a/doc/cha-library.texi
+++ b/doc/cha-library.texi
@@ -98,6 +98,7 @@ options are given.
--disable-libdane
--without-p11-kit
--without-tpm
+--disable-dtls-srtp-support
@end verbatim
For the complete list, refer to the output from @code{configure --help}.
diff --git a/doc/invoke-danetool.texi b/doc/invoke-danetool.texi
index e840936..9d99a89 100644
--- a/doc/invoke-danetool.texi
+++ b/doc/invoke-danetool.texi
@@ -7,13 +7,13 @@
#
# DO NOT EDIT THIS FILE (invoke-danetool.texi)
#
-# It has been AutoGen-ed November 1, 2012 at 07:51:08 PM by AutoGen 5.16
+# It has been AutoGen-ed November 4, 2012 at 05:36:02 PM by AutoGen 5.16
# From the definitions ../src/danetool-args.def
# and the template file agtexi-cmd.tpl
@end ignore
-Tool generate DNS resource records for the DANE protocol.
+Tool to generate DNS resource records for the DANE protocol.
This section was generated by @strong{AutoGen},
using the @code{agtexi-cmd} template and the option descriptions for the
@code{danetool} program.
@@ -73,7 +73,7 @@ hyphen and the flag character.
-Tool generate DNS resource records for the DANE protocol.
+Tool to generate DNS resource records for the DANE protocol.
please send bug reports to: bug-gnutls@@gnu.org
@end example
@@ -195,7 +195,7 @@ The operation failed or the command syntax was not valid.
@end table
@anchor{danetool See Also}
@subheading danetool See Also
- p11tool (1)
+ certtool (1)
@anchor{danetool Examples}
@subheading danetool Examples
diff --git a/lib/ext/Makefile.am b/lib/ext/Makefile.am
index 0d97132..1719fd7 100644
--- a/lib/ext/Makefile.am
+++ b/lib/ext/Makefile.am
@@ -39,5 +39,8 @@ libgnutls_ext_la_SOURCES = max_record.c cert_type.c \
max_record.h cert_type.h server_name.h srp.h \
session_ticket.h signature.h safe_renegotiation.h \
session_ticket.c srp.c ecc.c ecc.h heartbeat.c heartbeat.h \
- status_request.h status_request.c srtp.c srtp.h
+ status_request.h status_request.c
+if ENABLE_DTLS_SRTP
+libgnutls_ext_la_SOURCES += srtp.c srtp.h
+endif
diff --git a/lib/ext/srtp.c b/lib/ext/srtp.c
index 7cc41d8..485d429 100644
--- a/lib/ext/srtp.c
+++ b/lib/ext/srtp.c
@@ -171,15 +171,14 @@ static int
_gnutls_srtp_recv_params (gnutls_session_t session,
const uint8_t *data, size_t _data_size)
{
- unsigned int i, j;
+ unsigned int i;
int ret;
const uint8_t *p = data;
int len;
ssize_t data_size = _data_size;
srtp_ext_st *priv;
extension_priv_data_t epriv;
- uint16_t profiles[MAX_SRTP_PROFILES];
- unsigned int profiles_size = 0;
+ uint16_t profile;
ret =
_gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_SRTP,
@@ -195,24 +194,19 @@ _gnutls_srtp_recv_params (gnutls_session_t session,
while (len > 0)
{
- DECR_LENGTH_RET (data_size, 2, 0);
- if (profiles_size < MAX_SRTP_PROFILES)
- profiles_size++;
- profiles[profiles_size - 1] = _gnutls_read_uint16 (p);
- p += 2;
- len -= 2;
- }
+ DECR_LEN (data_size, 2);
+ profile = _gnutls_read_uint16 (p);
- for (i = 0; i < priv->profiles_size && priv->selected_profile == 0; i++)
- {
- for (j = 0; j < profiles_size; j++)
+ for (i = 0; i < priv->profiles_size;i++)
{
- if (priv->profiles[i] == profiles[j])
+ if (priv->profiles[i] == profile)
{
- priv->selected_profile = profiles[j];
+ priv->selected_profile = profile;
break;
}
}
+ p += 2;
+ len -= 2;
}
return 0;
diff --git a/lib/gnutls_extensions.c b/lib/gnutls_extensions.c
index 28a852b..2cf9c26 100644
--- a/lib/gnutls_extensions.c
+++ b/lib/gnutls_extensions.c
@@ -355,9 +355,11 @@ _gnutls_ext_init (void)
if (ret != GNUTLS_E_SUCCESS)
return ret;
+#ifdef ENABLE_DTLS_SRTP
ret = _gnutls_ext_register (&ext_mod_srtp);
if (ret != GNUTLS_E_SUCCESS)
return ret;
+#endif
return GNUTLS_E_SUCCESS;
}
diff --git a/m4/hooks.m4 b/m4/hooks.m4
index 6117e83..3ec5044 100644
--- a/m4/hooks.m4
+++ b/m4/hooks.m4
@@ -134,6 +134,21 @@ fi
AC_MSG_WARN([C99 macros not supported. This may affect compiling.])
])
+ ac_enable_srtp=yes
+ AC_MSG_CHECKING([whether to disable DTLS-SRTP extension])
+ AC_ARG_ENABLE(dtls-srtp-support,
+ AS_HELP_STRING([--disable-dtls-srtp-support],
+ [disable support for the DTLS-SRTP extension]),
+ ac_enable_srtp=no)
+ if test x$ac_enable_srtp != xno; then
+ AC_MSG_RESULT(no)
+ AC_DEFINE([ENABLE_DTLS_SRTP], 1, [enable DTLS-SRTP support])
+ else
+ ac_full=0
+ AC_MSG_RESULT(yes)
+ fi
+ AM_CONDITIONAL(ENABLE_DTLS_SRTP, test "$ac_enable_srtp" != "no")
+
ac_enable_srp=yes
AC_MSG_CHECKING([whether to disable SRP authentication support])
AC_ARG_ENABLE(srp-authentication,
diff --git a/src/cli.c b/src/cli.c
index 954cde1..074adeb 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -673,6 +673,7 @@ init_tls_session (const char *hostname)
if (HAVE_OPT(HEARTBEAT))
gnutls_heartbeat_enable (session, GNUTLS_HB_PEER_ALLOWED_TO_SEND);
+#ifdef ENABLE_DTLS_SRTP
if (HAVE_OPT(SRTP_PROFILES))
{
ret = gnutls_srtp_set_profile_direct (session, OPT_ARG(SRTP_PROFILES),
&err);
@@ -681,6 +682,7 @@ init_tls_session (const char *hostname)
fprintf(stderr, "Error in profiles: %s\n", gnutls_strerror(ret));
exit (1);
}
+#endif
return session;
}
diff --git a/src/common.c b/src/common.c
index 9836125..7eca925 100644
--- a/src/common.c
+++ b/src/common.c
@@ -553,9 +553,11 @@ print_info (gnutls_session_t session, int verbose, int
print_cert)
(gnutls_compression_get (session)));
printf ("- Compression: %s\n", tmp);
+#ifdef ENABLE_DTLS_SRTP
rc = gnutls_srtp_get_selected_profile (session, &srtp_profile);
if (rc == 0)
printf ("- SRTP profile: %s\n", gnutls_srtp_get_profile_name
(srtp_profile));
+#endif
if (verbose)
{
diff --git a/src/danetool.c b/src/danetool.c
index 1cf92ff..f0213d4 100644
--- a/src/danetool.c
+++ b/src/danetool.c
@@ -213,7 +213,8 @@ size_t size;
if (ret < 0)
error (EXIT_FAILURE, 0, "gnutls_hex_encode: %s", dane_strerror (ret));
- fprintf(outfile, "\nEntry %d:\n_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s
)\n", i+1, port, proto, host, usage, type, match, buffer);
+ printf("\nEntry %d:\n", i+1);
+ fprintf(outfile, "_%u._%s.%s. IN TLSA ( %.2x %.2x %.2x %s )\n", port,
proto, host, usage, type, match, buffer);
printf("\nCertificate usage: %s\n", dane_cert_usage_name(usage));
printf("Certificate type: %s\n", dane_cert_type_name(type));
diff --git a/src/serv.c b/src/serv.c
index 3541fbd..3fc9845 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -394,6 +394,7 @@ gnutls_session_t initialize_session (int dtls)
if (HAVE_OPT (HEARTBEAT))
gnutls_heartbeat_enable(session, GNUTLS_HB_PEER_ALLOWED_TO_SEND);
+#ifdef ENABLE_DTLS_SRTP
if (HAVE_OPT (SRTP_PROFILES))
{
ret = gnutls_srtp_set_profile_direct (session, OPT_ARG(SRTP_PROFILES),
&err);
@@ -402,6 +403,7 @@ gnutls_session_t initialize_session (int dtls)
fprintf(stderr, "Error in profiles: %s\n", gnutls_strerror(ret));
exit (1);
}
+#endif
return session;
}
diff --git a/tests/mini-dtls-srtp.c b/tests/mini-dtls-srtp.c
index 76edfdf..11bf746 100644
--- a/tests/mini-dtls-srtp.c
+++ b/tests/mini-dtls-srtp.c
@@ -27,10 +27,10 @@
#include <stdio.h>
#include <stdlib.h>
-#if defined(_WIN32)
+#if defined(_WIN32) || !defined(ENABLE_DTLS_SRTP)
int
-main ()
+main (int argc, char** argv)
{
exit (77);
}
@@ -105,10 +105,10 @@ client (int fd, int profile)
"NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL",
NULL);
if (profile)
- ret = gnutls_srtp_set_profile_direct(session, "SRTP_AES128_CM_SHA1_80",
+ ret = gnutls_srtp_set_profile_direct(session,
"SRTP_AES128_CM_HMAC_SHA1_80",
NULL);
else
- ret = gnutls_srtp_set_profile_direct(session, "SRTP_NULL_SHA1_80",
+ ret = gnutls_srtp_set_profile_direct(session, "SRTP_NULL_HMAC_SHA1_80",
NULL);
if (ret < 0)
{
@@ -230,10 +230,10 @@ server (int fd, int profile)
NULL);
if (profile)
- ret = gnutls_srtp_set_profile_direct(session, "SRTP_AES128_CM_SHA1_80",
+ ret = gnutls_srtp_set_profile_direct(session,
"SRTP_AES128_CM_HMAC_SHA1_80",
NULL);
else
- ret = gnutls_srtp_set_profile_direct(session, "SRTP_NULL_SHA1_80",
+ ret = gnutls_srtp_set_profile_direct(session, "SRTP_NULL_HMAC_SHA1_80",
NULL);
if (ret < 0)
{
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_3-81-g3fcb006,
Nikos Mavrogiannopoulos <=