diff options
-rw-r--r-- | src/block/plugin_block_test.c | 8 | ||||
-rw-r--r-- | src/gns/gnunet-gns-proxy.c | 53 | ||||
-rw-r--r-- | src/include/gnunet_block_lib.h | 76 |
3 files changed, 73 insertions, 64 deletions
diff --git a/src/block/plugin_block_test.c b/src/block/plugin_block_test.c index dacf04535..eaffa361f 100644 --- a/src/block/plugin_block_test.c +++ b/src/block/plugin_block_test.c | |||
@@ -43,11 +43,11 @@ | |||
43 | * @param type block type | 43 | * @param type block type |
44 | * @param query original query (hash) | 44 | * @param query original query (hash) |
45 | * @param bf pointer to bloom filter associated with query; possibly updated (!) | 45 | * @param bf pointer to bloom filter associated with query; possibly updated (!) |
46 | * @param bf_mutator mutation value for bf | 46 | * @param bf_mutator mutation value for @a bf |
47 | * @param xquery extrended query data (can be NULL, depending on type) | 47 | * @param xquery extrended query data (can be NULL, depending on type) |
48 | * @param xquery_size number of bytes in xquery | 48 | * @param xquery_size number of bytes in @a xquery |
49 | * @param reply_block response to validate | 49 | * @param reply_block response to validate |
50 | * @param reply_block_size number of bytes in reply block | 50 | * @param reply_block_size number of bytes in @a reply_block |
51 | * @return characterization of result | 51 | * @return characterization of result |
52 | */ | 52 | */ |
53 | static enum GNUNET_BLOCK_EvaluationResult | 53 | static enum GNUNET_BLOCK_EvaluationResult |
@@ -96,7 +96,7 @@ block_plugin_test_evaluate (void *cls, enum GNUNET_BLOCK_Type type, | |||
96 | * @param cls closure | 96 | * @param cls closure |
97 | * @param type block type | 97 | * @param type block type |
98 | * @param block block to get the key for | 98 | * @param block block to get the key for |
99 | * @param block_size number of bytes in block | 99 | * @param block_size number of bytes in @a block |
100 | * @param key set to the key (query) for the given block | 100 | * @param key set to the key (query) for the given block |
101 | * @return GNUNET_OK on success, GNUNET_SYSERR if type not supported | 101 | * @return GNUNET_OK on success, GNUNET_SYSERR if type not supported |
102 | * (or if extracting a key from a block of this type does not work) | 102 | * (or if extracting a key from a block of this type does not work) |
diff --git a/src/gns/gnunet-gns-proxy.c b/src/gns/gnunet-gns-proxy.c index 140deaafd..b46d6df3c 100644 --- a/src/gns/gnunet-gns-proxy.c +++ b/src/gns/gnunet-gns-proxy.c | |||
@@ -791,33 +791,42 @@ mhd_content_cb (void *cls, | |||
791 | static int | 791 | static int |
792 | check_ssl_certificate (struct Socks5Request *s5r) | 792 | check_ssl_certificate (struct Socks5Request *s5r) |
793 | { | 793 | { |
794 | unsigned int i; | ||
794 | union { | 795 | union { |
795 | struct curl_slist *to_info; | 796 | gnutls_session session; |
796 | struct curl_certinfo *to_certinfo; | 797 | struct curl_slist * to_slist; |
797 | } ptr; | 798 | } gptr; |
798 | int i; | 799 | unsigned int cert_list_size; |
799 | struct curl_slist *slist; | 800 | const gnutls_datum *chainp; |
800 | 801 | ||
801 | ptr.to_info = NULL; | 802 | gptr.to_slist = NULL; |
802 | if (CURLE_OK != | 803 | if (CURLE_OK != |
803 | curl_easy_getinfo (s5r->curl, | 804 | curl_easy_getinfo (s5r->curl, |
804 | CURLINFO_CERTINFO, | 805 | CURLINFO_GNUTLS_SESSION, |
805 | &ptr.to_info)) | 806 | &gptr)) |
806 | return GNUNET_SYSERR; | 807 | return GNUNET_SYSERR; |
807 | /* FIXME: for now, we just output the certs to stderr, we should | 808 | |
808 | check them against LEHO / TLSA record information here! (#3038) */ | 809 | chainp = gnutls_certificate_get_peers(gptr.session, &cert_list_size); |
809 | if(NULL != ptr.to_info) | 810 | if(!chainp) |
810 | { | 811 | return GNUNET_SYSERR; |
811 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 812 | |
812 | "Got %d certs!\n", | 813 | for(i=0;i<cert_list_size;i++) { |
813 | ptr.to_certinfo->num_of_certs); | 814 | gnutls_x509_crt_t cert; |
814 | for (i = 0; i < ptr.to_certinfo->num_of_certs; i++) | 815 | gnutls_datum_t dn; |
815 | { | 816 | |
816 | for (slist = ptr.to_certinfo->certinfo[i]; NULL != slist; slist = slist->next) | 817 | if(GNUTLS_E_SUCCESS == gnutls_x509_crt_init (&cert)) { |
818 | if((GNUTLS_E_SUCCESS == | ||
819 | gnutls_x509_crt_import (cert, &chainp[i], | ||
820 | GNUTLS_X509_FMT_DER)) && | ||
821 | (GNUTLS_E_SUCCESS == | ||
822 | gnutls_x509_crt_print (cert, | ||
823 | GNUTLS_CRT_PRINT_FULL, | ||
824 | &dn))) { | ||
817 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 825 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
818 | "Certificate #%d: %s\n", | 826 | "Certificate #%d: %.*s", i, dn.size, dn.data); |
819 | i, | 827 | gnutls_free (dn.data); |
820 | slist->data); | 828 | gnutls_x509_crt_deinit (cert); |
829 | } | ||
821 | } | 830 | } |
822 | } | 831 | } |
823 | return GNUNET_OK; | 832 | return GNUNET_OK; |
diff --git a/src/include/gnunet_block_lib.h b/src/include/gnunet_block_lib.h index 95b499f13..38ad78686 100644 --- a/src/include/gnunet_block_lib.h +++ b/src/include/gnunet_block_lib.h | |||
@@ -52,9 +52,9 @@ enum GNUNET_BLOCK_Type | |||
52 | */ | 52 | */ |
53 | GNUNET_BLOCK_TYPE_FS_DBLOCK = 1, | 53 | GNUNET_BLOCK_TYPE_FS_DBLOCK = 1, |
54 | 54 | ||
55 | /** | 55 | /** |
56 | * Inner block in the CHK tree. | 56 | * Inner block in the CHK tree. |
57 | */ | 57 | */ |
58 | GNUNET_BLOCK_TYPE_FS_IBLOCK = 2, | 58 | GNUNET_BLOCK_TYPE_FS_IBLOCK = 2, |
59 | 59 | ||
60 | /** | 60 | /** |
@@ -128,46 +128,46 @@ enum GNUNET_BLOCK_Type | |||
128 | */ | 128 | */ |
129 | enum GNUNET_BLOCK_EvaluationResult | 129 | enum GNUNET_BLOCK_EvaluationResult |
130 | { | 130 | { |
131 | /** | 131 | /** |
132 | * Valid result, and there may be more. | 132 | * Valid result, and there may be more. |
133 | */ | 133 | */ |
134 | GNUNET_BLOCK_EVALUATION_OK_MORE = 0, | 134 | GNUNET_BLOCK_EVALUATION_OK_MORE = 0, |
135 | 135 | ||
136 | /** | 136 | /** |
137 | * Last possible valid result. | 137 | * Last possible valid result. |
138 | */ | 138 | */ |
139 | GNUNET_BLOCK_EVALUATION_OK_LAST = 1, | 139 | GNUNET_BLOCK_EVALUATION_OK_LAST = 1, |
140 | 140 | ||
141 | /** | 141 | /** |
142 | * Valid result, but suppressed because it is a duplicate. | 142 | * Valid result, but suppressed because it is a duplicate. |
143 | */ | 143 | */ |
144 | GNUNET_BLOCK_EVALUATION_OK_DUPLICATE = 2, | 144 | GNUNET_BLOCK_EVALUATION_OK_DUPLICATE = 2, |
145 | 145 | ||
146 | /** | 146 | /** |
147 | * Block does not match query (invalid result) | 147 | * Block does not match query (invalid result) |
148 | */ | 148 | */ |
149 | GNUNET_BLOCK_EVALUATION_RESULT_INVALID = 3, | 149 | GNUNET_BLOCK_EVALUATION_RESULT_INVALID = 3, |
150 | 150 | ||
151 | /** | 151 | /** |
152 | * Block does not match xquery (valid result, not relevant for the request) | 152 | * Block does not match xquery (valid result, not relevant for the request) |
153 | */ | 153 | */ |
154 | GNUNET_BLOCK_EVALUATION_RESULT_IRRELEVANT = 4, | 154 | GNUNET_BLOCK_EVALUATION_RESULT_IRRELEVANT = 4, |
155 | 155 | ||
156 | /** | 156 | /** |
157 | * Query is valid, no reply given. | 157 | * Query is valid, no reply given. |
158 | */ | 158 | */ |
159 | GNUNET_BLOCK_EVALUATION_REQUEST_VALID = 10, | 159 | GNUNET_BLOCK_EVALUATION_REQUEST_VALID = 10, |
160 | 160 | ||
161 | /** | 161 | /** |
162 | * Query format does not match block type (invalid query). For | 162 | * Query format does not match block type (invalid query). For |
163 | * example, xquery not given or xquery_size not appropriate for | 163 | * example, xquery not given or xquery_size not appropriate for |
164 | * type. | 164 | * type. |
165 | */ | 165 | */ |
166 | GNUNET_BLOCK_EVALUATION_REQUEST_INVALID = 11, | 166 | GNUNET_BLOCK_EVALUATION_REQUEST_INVALID = 11, |
167 | 167 | ||
168 | /** | 168 | /** |
169 | * Specified block type not supported by this plugin. | 169 | * Specified block type not supported by this plugin. |
170 | */ | 170 | */ |
171 | GNUNET_BLOCK_EVALUATION_TYPE_NOT_SUPPORTED = 20 | 171 | GNUNET_BLOCK_EVALUATION_TYPE_NOT_SUPPORTED = 20 |
172 | }; | 172 | }; |
173 | 173 | ||
@@ -220,11 +220,11 @@ GNUNET_BLOCK_context_destroy (struct GNUNET_BLOCK_Context *ctx); | |||
220 | * @param type block type | 220 | * @param type block type |
221 | * @param query original query (hash) | 221 | * @param query original query (hash) |
222 | * @param bf pointer to bloom filter associated with query; possibly updated (!) | 222 | * @param bf pointer to bloom filter associated with query; possibly updated (!) |
223 | * @param bf_mutator mutation value for bf | 223 | * @param bf_mutator mutation value for @a bf |
224 | * @param xquery extrended query data (can be NULL, depending on type) | 224 | * @param xquery extrended query data (can be NULL, depending on type) |
225 | * @param xquery_size number of bytes in xquery | 225 | * @param xquery_size number of bytes in @a xquery |
226 | * @param reply_block response to validate | 226 | * @param reply_block response to validate |
227 | * @param reply_block_size number of bytes in reply block | 227 | * @param reply_block_size number of bytes in @a reply_block |
228 | * @return characterization of result | 228 | * @return characterization of result |
229 | */ | 229 | */ |
230 | enum GNUNET_BLOCK_EvaluationResult | 230 | enum GNUNET_BLOCK_EvaluationResult |
@@ -243,11 +243,11 @@ GNUNET_BLOCK_evaluate (struct GNUNET_BLOCK_Context *ctx, | |||
243 | * @param ctx block context | 243 | * @param ctx block context |
244 | * @param type block type | 244 | * @param type block type |
245 | * @param block block to get the key for | 245 | * @param block block to get the key for |
246 | * @param block_size number of bytes in block | 246 | * @param block_size number of bytes in @a block |
247 | * @param key set to the key (query) for the given block | 247 | * @param key set to the key (query) for the given block |
248 | * @return GNUNET_YES on success, | 248 | * @return #GNUNET_YES on success, |
249 | * GNUNET_NO if the block is malformed | 249 | * #GNUNET_NO if the block is malformed |
250 | * GNUNET_SYSERR if type not supported | 250 | * #GNUNET_SYSERR if type not supported |
251 | * (or if extracting a key from a block of this type does not work) | 251 | * (or if extracting a key from a block of this type does not work) |
252 | */ | 252 | */ |
253 | int | 253 | int |
@@ -263,7 +263,7 @@ GNUNET_BLOCK_get_key (struct GNUNET_BLOCK_Context *ctx, | |||
263 | * | 263 | * |
264 | * @param bf_mutator mutation value to use | 264 | * @param bf_mutator mutation value to use |
265 | * @param seen_results results already seen | 265 | * @param seen_results results already seen |
266 | * @param seen_results_count number of entries in 'seen_results' | 266 | * @param seen_results_count number of entries in @a seen_results |
267 | * @return NULL if seen_results_count is 0, otherwise a BF | 267 | * @return NULL if seen_results_count is 0, otherwise a BF |
268 | * that would match the given results. | 268 | * that would match the given results. |
269 | */ | 269 | */ |