commit 470fc841c212fe9eefa5ad20dbbe792036ca34d4
parent ff8f2f43c2cb44ae1f77ce887dff5199f90ba6c4
Author: Christian Grothoff <christian@grothoff.org>
Date: Mon, 17 Nov 2008 07:59:38 +0000
dead
Diffstat:
4 files changed, 0 insertions(+), 99 deletions(-)
diff --git a/src/daemon/https/gnutls.h b/src/daemon/https/gnutls.h
@@ -275,17 +275,6 @@ typedef enum
GNUTLS_NAME_DNS = 1
} MHD_gnutls_server_name_type_t;
- /* Opaque PRF Input
- * http://tools.ietf.org/id/draft-rescorla-tls-opaque-prf-input-00.txt
- */
-
-typedef int (*MHD_gnutls_oprfi_callback_func) (MHD_gtls_session_t session,
- void *userdata,
- size_t oprfi_len,
- const unsigned char
- *in_oprfi,
- unsigned char *out_oprfi);
-
/* Supplemental data, RFC 4680. */
typedef enum
{
diff --git a/src/daemon/https/tls/gnutls_int.h b/src/daemon/https/tls/gnutls_int.h
@@ -56,7 +56,6 @@
#define MAX_HASH_SIZE 64
#define MAX_LOG_SIZE 1024 /* maximum size of log message */
-#define MAX_SRP_USERNAME 128
#define MAX_SERVER_NAME_SIZE 128
/* we can receive up to MAX_EXT_TYPES extensions.
@@ -146,9 +145,6 @@ typedef enum extensions_t
{ GNUTLS_EXTENSION_SERVER_NAME = 0,
GNUTLS_EXTENSION_MAX_RECORD_SIZE = 1,
GNUTLS_EXTENSION_CERT_TYPE = 9,
-#ifdef ENABLE_OPRFI
- GNUTLS_EXTENSION_OPAQUE_PRF_INPUT = ENABLE_OPRFI,
-#endif
GNUTLS_EXTENSION_SRP = 12,
GNUTLS_EXTENSION_INNER_APPLICATION = 37703
} extensions_t;
@@ -264,8 +260,6 @@ typedef struct
/* limit server_name extensions */
unsigned server_names_size;
- opaque srp_username[MAX_SRP_USERNAME + 1];
-
/* TLS/IA data. */
int MHD_gnutls_ia_enable, MHD_gnutls_ia_peer_enable;
int MHD_gnutls_ia_allowskip, MHD_gnutls_ia_peer_allowskip;
@@ -273,13 +267,6 @@ typedef struct
/* Used by extensions that enable supplemental data. */
int do_recv_supplemental, do_send_supplemental;
- /* Opaque PRF input. */
- MHD_gnutls_oprfi_callback_func oprfi_cb;
- void *oprfi_userdata;
- opaque *oprfi_client;
- uint16_t oprfi_client_len;
- opaque *oprfi_server;
- uint16_t oprfi_server_len;
} MHD_gtls_ext_st;
/* This flag indicates for an extension whether
@@ -574,11 +561,6 @@ typedef struct
uint16_t extensions_sent[MAX_EXT_TYPES];
uint16_t extensions_sent_size;
- /* is 0 if we are to send the whole PGP key, or non zero
- * if the fingerprint is to be sent.
- */
- int pgp_fingerprint;
-
/* This holds the default version that our first
* record packet will have. */
opaque default_record_version[2];
@@ -608,9 +590,6 @@ typedef struct
*/
opaque rsa_pms_version[2];
- char *srp_username;
- char *srp_password;
-
/* Here we cache the DH or RSA parameters got from the
* credentials structure, or from a callback. That is to
* minimize external calls.
diff --git a/src/daemon/https/tls/gnutls_kx.c b/src/daemon/https/tls/gnutls_kx.c
@@ -90,64 +90,6 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster)
security_parameters.master_secret);
}
- else if (session->security_parameters.extensions.oprfi_client_len > 0 &&
- session->security_parameters.extensions.oprfi_server_len > 0)
- {
- opaque *rnd;
- size_t rndlen = 2 * TLS_RANDOM_SIZE;
-
- rndlen += session->security_parameters.extensions.oprfi_client_len;
- rndlen += session->security_parameters.extensions.oprfi_server_len;
-
- rnd = MHD_gnutls_malloc (rndlen + 1);
- if (!rnd)
- {
- MHD_gnutls_assert ();
- return GNUTLS_E_MEMORY_ERROR;
- }
-
- MHD__gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n",
- session->security_parameters.extensions.
- oprfi_server_len,
- MHD_gtls_bin2hex (session->
- security_parameters.extensions.
- oprfi_client,
- session->
- security_parameters.extensions.
- oprfi_client_len, buf,
- sizeof (buf)));
- MHD__gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n",
- session->security_parameters.extensions.
- oprfi_server_len,
- MHD_gtls_bin2hex (session->
- security_parameters.extensions.
- oprfi_server,
- session->
- security_parameters.extensions.
- oprfi_server_len, buf,
- sizeof (buf)));
-
- memcpy (rnd, session->security_parameters.client_random,
- TLS_RANDOM_SIZE);
- memcpy (rnd + TLS_RANDOM_SIZE,
- session->security_parameters.extensions.oprfi_client,
- session->security_parameters.extensions.oprfi_client_len);
- memcpy (rnd + TLS_RANDOM_SIZE +
- session->security_parameters.extensions.oprfi_client_len,
- session->security_parameters.server_random, TLS_RANDOM_SIZE);
- memcpy (rnd + TLS_RANDOM_SIZE +
- session->security_parameters.extensions.oprfi_client_len +
- TLS_RANDOM_SIZE,
- session->security_parameters.extensions.oprfi_server,
- session->security_parameters.extensions.oprfi_server_len);
-
- ret = MHD_gtls_PRF (session, PREMASTER.data, PREMASTER.size,
- MASTER_SECRET, strlen (MASTER_SECRET),
- rnd, rndlen, TLS_MASTER_SIZE,
- session->security_parameters.master_secret);
-
- MHD_gnutls_free (rnd);
- }
else
{
opaque rnd[2 * TLS_RANDOM_SIZE + 1];
diff --git a/src/daemon/https/tls/gnutls_state.c b/src/daemon/https/tls/gnutls_state.c
@@ -388,15 +388,6 @@ MHD__gnutls_deinit (MHD_gtls_session_t session)
session->key = NULL;
}
- MHD_gnutls_free (session->internals.srp_username);
-
- if (session->internals.srp_password)
- {
- memset (session->internals.srp_password, 0,
- strlen (session->internals.srp_password));
- MHD_gnutls_free (session->internals.srp_password);
- }
-
memset (session, 0, sizeof (struct MHD_gtls_session_int));
MHD_gnutls_free (session);
}
