commit 86f8eb7807aa265ed7eb803e6f4e2b546b84c1df
parent 470fc841c212fe9eefa5ad20dbbe792036ca34d4
Author: Christian Grothoff <christian@grothoff.org>
Date: Mon, 17 Nov 2008 08:06:55 +0000
dead
Diffstat:
4 files changed, 7 insertions(+), 112 deletions(-)
diff --git a/src/daemon/https/tls/gnutls_algorithms.c b/src/daemon/https/tls/gnutls_algorithms.c
@@ -1258,8 +1258,7 @@ MHD_gtls_supported_ciphersuites (MHD_gtls_session_t session,
{
/* remove private cipher suites, if requested.
*/
- if (tmp_ciphers[i].suite[0] == 0xFF && session->internals.enable_private
- == 0)
+ if (tmp_ciphers[i].suite[0] == 0xFF)
continue;
/* remove cipher suites which do not support the
@@ -1344,8 +1343,7 @@ MHD_gtls_supported_compression_methods (MHD_gtls_session_t session,
/* remove private compression algorithms, if requested.
*/
- if (tmp == -1 || (tmp >= MIN_PRIVATE_COMP_ALGO
- && session->internals.enable_private == 0))
+ if (tmp == -1 || (tmp >= MIN_PRIVATE_COMP_ALGO))
{
MHD_gnutls_assert ();
continue;
diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c
@@ -101,51 +101,6 @@ MHD__gnutls_handshake_hash_buffers_clear (MHD_gtls_session_t session)
MHD_gtls_handshake_buffer_clear (session);
}
-/* this will copy the required values for resuming to
- * internals, and to security_parameters.
- * this will keep as less data to security_parameters.
- */
-static void
-resume_copy_required_values (MHD_gtls_session_t session)
-{
- /* get the new random values */
- memcpy (session->internals.resumed_security_parameters.server_random,
- session->security_parameters.server_random, TLS_RANDOM_SIZE);
- memcpy (session->internals.resumed_security_parameters.client_random,
- session->security_parameters.client_random, TLS_RANDOM_SIZE);
-
- /* keep the ciphersuite and compression
- * That is because the client must see these in our
- * hello message.
- */
- memcpy (session->security_parameters.current_cipher_suite.suite,
- session->internals.resumed_security_parameters.current_cipher_suite.
- suite, 2);
-
- session->internals.compression_method =
- session->internals.resumed_security_parameters.read_compression_algorithm;
- /* or write_compression_algorithm
- * they are the same
- */
-
- session->security_parameters.entity =
- session->internals.resumed_security_parameters.entity;
-
- MHD_gtls_set_current_version (session,
- session->
- internals.resumed_security_parameters.
- version);
-
- session->security_parameters.cert_type =
- session->internals.resumed_security_parameters.cert_type;
-
- memcpy (session->security_parameters.session_id,
- session->internals.resumed_security_parameters.session_id,
- sizeof (session->security_parameters.session_id));
- session->security_parameters.session_id_size =
- session->internals.resumed_security_parameters.session_id_size;
-}
-
/**
* gnutls_handshake_set_max_packet_length - This function will set the maximum length of a handshake message
* @session: is a #gnutls_session_t structure.
@@ -347,33 +302,6 @@ MHD_gtls_negotiate_version (MHD_gtls_session_t session,
return ret;
}
-static int
-MHD_gtls_user_hello_func (MHD_gtls_session_t session,
- enum MHD_GNUTLS_Protocol adv_version)
-{
- int ret;
-
- if (session->internals.user_hello_func != NULL)
- {
- ret = session->internals.user_hello_func (session);
- if (ret < 0)
- {
- MHD_gnutls_assert ();
- return ret;
- }
- /* Here we need to renegotiate the version since the callee might
- * have disabled some TLS versions.
- */
- ret = MHD_gtls_negotiate_version (session, adv_version);
- if (ret < 0)
- {
- MHD_gnutls_assert ();
- return ret;
- }
- }
- return 0;
-}
-
/* Read a client hello packet.
* A client hello must be a known version client hello
* or version 2.0 client hello (only for compatibility
@@ -431,22 +359,11 @@ MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data,
pos += session_id_len;
- /* TODO rm if support for resumed sessions won't be supported */
- if (0)
- { /* resumed! */
- resume_copy_required_values (session);
- session->internals.resumed = RESUME_TRUE;
- return MHD_gtls_user_hello_func (session, adv_version);
- }
- else
- {
- MHD_gtls_generate_session_id (session->security_parameters.session_id,
- &session->
- security_parameters.session_id_size);
-
- session->internals.resumed = RESUME_FALSE;
- }
-
+ MHD_gtls_generate_session_id (session->security_parameters.session_id,
+ &session->
+ security_parameters.session_id_size);
+
+ session->internals.resumed = RESUME_FALSE;
/* Remember ciphersuites for later
*/
DECR_LEN (len, 2);
@@ -478,13 +395,6 @@ MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data,
}
}
- ret = MHD_gtls_user_hello_func (session, adv_version);
- if (ret < 0)
- {
- MHD_gnutls_assert ();
- return ret;
- }
-
if (neg_version >= MHD_GNUTLS_PROTOCOL_TLS1_0)
{
ret = MHD_gtls_parse_extensions (session, EXTENSION_TLS, &data[pos], len); /* len is the rest of the parsed length */
diff --git a/src/daemon/https/tls/gnutls_int.h b/src/daemon/https/tls/gnutls_int.h
@@ -537,10 +537,6 @@ typedef struct
MHD_gnutls_transport_ptr_t transport_recv_ptr;
MHD_gnutls_transport_ptr_t transport_send_ptr;
- /* post client hello callback (server side only)
- */
- MHD_gnutls_handshake_post_client_hello_func user_hello_func;
-
/* Holds the record size requested by the
* user.
*/
@@ -565,15 +561,8 @@ typedef struct
* record packet will have. */
opaque default_record_version[2];
- int cbc_protection_hack;
-
void *user_ptr;
- int enable_private; /* non zero to
- * enable cipher suites
- * which have 0xFF status.
- */
-
/* Holds 0 if the last called function was interrupted while
* receiving, and non zero otherwise.
*/
diff --git a/src/daemon/https/tls/gnutls_state.c b/src/daemon/https/tls/gnutls_state.c
@@ -247,8 +247,6 @@ MHD__gnutls_init (MHD_gtls_session_t * session,
(*session)->security_parameters.write_compression_algorithm
= MHD_GNUTLS_COMP_NULL;
- (*session)->internals.enable_private = 0;
-
/* Initialize buffers */
MHD_gtls_buffer_init (&(*session)->internals.application_data_buffer);
MHD_gtls_buffer_init (&(*session)->internals.handshake_data_buffer);
