libmicrohttpd

HTTP/1.x server C library (MHD 1.x, stable)
Log | Files | Refs | Submodules | README | LICENSE
commit f54d4ac1f26d493562ec00c397a016c524978d51
parent dfbd5f48091d0064b765591288b7b542ad58dcb6
Author: lv-426 <oxcafebaby@yahoo.com>
Date:   Wed, 16 Jul 2008 01:19:39 +0000

implemented MHD_get_session_info

Diffstat:

Msrc/daemon/connection_https.c | 45+++++++++++++++++++++------------------------


Msrc/daemon/https/https_common.c | 6+++---


Msrc/include/microhttpsd.h | 214+++++++++++++++++++++++++++++++++++++++++++------------------------------------


Msrc/testcurl/https/mhds_session_info_test.c | 31+++++++++++++++++++++++++++----


4 files changed, 168 insertions(+), 128 deletions(-)

diff --git a/src/daemon/connection_https.c b/src/daemon/connection_https.c
@@ -70,29 +70,26 @@ MHD_tls_connection_close_err (struct MHD_Connection *connection)
   /* TODO impl */
 }
 
-/* get cipher spec for this connection */
-gnutls_cipher_algorithm_t
-MHDS_get_session_cipher (struct MHD_Connection *session)
+union MHD_SessionInfo
+MHD_get_session_info (struct MHD_Connection *con, enum MHD_InfoType infoType)
 {
-  return gnutls_cipher_get (session->tls_session);
-}
-
-gnutls_mac_algorithm_t
-MHDS_get_session_mac (struct MHD_Connection * session)
-{
-  return gnutls_mac_get (session->tls_session);
-}
-
-gnutls_compression_method_t
-MHDS_get_session_compression (struct MHD_Connection * session)
-{
-  return gnutls_compression_get (session->tls_session);
-}
-
-gnutls_certificate_type_t
-MHDS_get_session_cert_type (struct MHD_Connection * session)
-{
-  return gnutls_certificate_type_get (session->tls_session);
+  switch (infoType)
+    {
+    case MHS_INFO_CIPHER_ALGO:
+      return (union MHD_SessionInfo) con->tls_session->security_parameters.read_bulk_cipher_algorithm;
+    case MHD_INFO_KX_ALGO:
+      return (union MHD_SessionInfo) con->tls_session->security_parameters.kx_algorithm;
+    case MHD_INFO_CREDENTIALS_TYPE:
+      return (union MHD_SessionInfo) con->tls_session->key->cred->algorithm;
+    case MHD_INFO_MAC_ALGO:
+      return (union MHD_SessionInfo) con->tls_session->security_parameters.read_mac_algorithm;
+    case MHD_INFO_COMPRESSION_METHOD:
+      return (union MHD_SessionInfo) con->tls_session->security_parameters.read_compression_algorithm;
+    case MHD_INFO_PROTOCOL:
+      return (union MHD_SessionInfo) con->tls_session->security_parameters.version;
+    case MHD_INFO_CERT_TYPE:
+      return (union MHD_SessionInfo) con->tls_session->security_parameters.cert_type;
+    };
 }
 
 static ssize_t
@@ -286,8 +283,8 @@ MHD_tls_connection_handle_write (struct MHD_Connection *connection)
   while (1)
     {
 #if HAVE_MESSAGES
-      MHD_DLOG (connection->daemon, "MHD write: %d, l: %d, f: %s\n",
-                connection->state, __LINE__, __FUNCTION__);
+      MHD_DLOG (connection->daemon, "MHD write: %d. f: %s, l: %d\n",
+                connection->state, __FUNCTION__, __LINE__);
 #endif
       switch (connection->state)
         {
diff --git a/src/daemon/https/https_common.c b/src/daemon/https/https_common.c
@@ -22,9 +22,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+
 #include <gnutls.h>
 #include <extra.h>
-//#include "openpgp.h"
 #include <time.h>
 #include "https_common.h"
 
@@ -245,7 +245,7 @@ print_x509_info (gnutls_session_t session, const char *hostname)
 
 }
 
-#ifdef ENABLE_OPENPGP
+#if ENABLE_OPENPGP
 void
 print_openpgp_info (gnutls_session_t session, const char *hostname)
 {
@@ -523,7 +523,7 @@ print_cert_info (gnutls_session_t session, const char *hostname)
       printf ("X.509\n");
       print_x509_info (session, hostname);
       break;
-#ifdef ENABLE_OPENPGP
+#if ENABLE_OPENPGP
     case GNUTLS_CRT_OPENPGP:
       printf ("OpenPGP\n");
       print_openpgp_info (session, hostname);
diff --git a/src/include/microhttpsd.h b/src/include/microhttpsd.h
@@ -29,110 +29,130 @@
 
 #include "microhttpd.h"
 
- typedef enum gnutls_cipher_algorithm
-  {
-    GNUTLS_CIPHER_UNKNOWN = 0,
-    GNUTLS_CIPHER_NULL = 1,
-    GNUTLS_CIPHER_ARCFOUR_128,
-    GNUTLS_CIPHER_3DES_CBC,
-    GNUTLS_CIPHER_AES_128_CBC,
-    GNUTLS_CIPHER_AES_256_CBC,
-    GNUTLS_CIPHER_ARCFOUR_40,
-    GNUTLS_CIPHER_CAMELLIA_128_CBC,
-    GNUTLS_CIPHER_CAMELLIA_256_CBC,
-    GNUTLS_CIPHER_RC2_40_CBC = 90,
-    GNUTLS_CIPHER_DES_CBC
-  } gnutls_cipher_algorithm_t;
-
-  typedef enum
-  {
-    GNUTLS_KX_UNKNOWN = 0,
-    GNUTLS_KX_RSA = 1,
-    GNUTLS_KX_DHE_DSS,
-    GNUTLS_KX_DHE_RSA,
-    GNUTLS_KX_ANON_DH,
-    GNUTLS_KX_SRP,
-    GNUTLS_KX_RSA_EXPORT,
-    GNUTLS_KX_SRP_RSA,
-    GNUTLS_KX_SRP_DSS,
-  } gnutls_kx_algorithm_t;
-
-  typedef enum
-  {
-    GNUTLS_CRD_CERTIFICATE = 1,
-    GNUTLS_CRD_ANON,
-    GNUTLS_CRD_SRP,
-    GNUTLS_CRD_PSK,
-    GNUTLS_CRD_IA
-  } gnutls_credentials_type_t;
-
-  typedef enum
-  {
-    GNUTLS_MAC_UNKNOWN = 0,
-    GNUTLS_MAC_NULL = 1,
-    GNUTLS_MAC_MD5,
-    GNUTLS_MAC_SHA1,
-    GNUTLS_MAC_SHA256,
-    //GNUTLS_MAC_SHA384,
-    //GNUTLS_MAC_SHA512
-  } gnutls_mac_algorithm_t;
+typedef enum gnutls_cipher_algorithm
+{
+  GNUTLS_CIPHER_UNKNOWN = 0,
+  GNUTLS_CIPHER_NULL = 1,
+  GNUTLS_CIPHER_ARCFOUR_128,
+  GNUTLS_CIPHER_3DES_CBC,
+  GNUTLS_CIPHER_AES_128_CBC,
+  GNUTLS_CIPHER_AES_256_CBC,
+  GNUTLS_CIPHER_ARCFOUR_40,
+  GNUTLS_CIPHER_CAMELLIA_128_CBC,
+  GNUTLS_CIPHER_CAMELLIA_256_CBC,
+  GNUTLS_CIPHER_RC2_40_CBC = 90,
+  GNUTLS_CIPHER_DES_CBC
+} gnutls_cipher_algorithm_t;
+
+typedef enum
+{
+  GNUTLS_KX_UNKNOWN = 0,
+  GNUTLS_KX_RSA = 1,
+  GNUTLS_KX_DHE_DSS,
+  GNUTLS_KX_DHE_RSA,
+  GNUTLS_KX_ANON_DH,
+  GNUTLS_KX_SRP,
+  GNUTLS_KX_RSA_EXPORT,
+  GNUTLS_KX_SRP_RSA,
+  GNUTLS_KX_SRP_DSS,
+} gnutls_kx_algorithm_t;
+
+typedef enum
+{
+  GNUTLS_CRD_CERTIFICATE = 1,
+  GNUTLS_CRD_ANON,
+  GNUTLS_CRD_SRP,
+  GNUTLS_CRD_PSK,
+  GNUTLS_CRD_IA
+} gnutls_credentials_type_t;
+
+typedef enum
+{
+  GNUTLS_MAC_UNKNOWN = 0,
+  GNUTLS_MAC_NULL = 1,
+  GNUTLS_MAC_MD5,
+  GNUTLS_MAC_SHA1,
+  GNUTLS_MAC_SHA256,
+  //GNUTLS_MAC_SHA384,
+  //GNUTLS_MAC_SHA512
+} gnutls_mac_algorithm_t;
 
   /* The enumerations here should have the same value with
      gnutls_mac_algorithm_t.
    */
-  typedef enum
-  {
-    GNUTLS_DIG_NULL = GNUTLS_MAC_NULL,
-    GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5,
-    GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1,
-    GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256,
-  } gnutls_digest_algorithm_t;
-
-
-  typedef enum
-  {
-    GNUTLS_COMP_UNKNOWN = 0,
-    GNUTLS_COMP_NULL = 1,
-    GNUTLS_COMP_DEFLATE,
-    GNUTLS_COMP_LZO   /* only available if gnutls-extra has
-           been initialized
-         */
-  } gnutls_compression_method_t;
+typedef enum
+{
+  GNUTLS_DIG_NULL = GNUTLS_MAC_NULL,
+  GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5,
+  GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1,
+  GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256,
+} gnutls_digest_algorithm_t;
+
+
+typedef enum
+{
+  GNUTLS_COMP_UNKNOWN = 0,
+  GNUTLS_COMP_NULL = 1,
+  GNUTLS_COMP_DEFLATE,
+  GNUTLS_COMP_LZO               /* only available if gnutls-extra has
+                                   been initialized
+                                 */
+} gnutls_compression_method_t;
 
 #define GNUTLS_TLS1 GNUTLS_TLS1_0
-  typedef enum
-  {
-    GNUTLS_SSL3 = 1,
-    GNUTLS_TLS1_0,
-    GNUTLS_TLS1_1,
-    GNUTLS_TLS1_2,
-    GNUTLS_VERSION_UNKNOWN = 0xff
-  } gnutls_protocol_t;
-
-  typedef enum
-  {
-    GNUTLS_CRT_UNKNOWN = 0,
-    GNUTLS_CRT_X509 = 1,
-    GNUTLS_CRT_OPENPGP
-  } gnutls_certificate_type_t;
-
-  typedef enum
-  {
-    GNUTLS_PK_UNKNOWN = 0,
-    GNUTLS_PK_RSA = 1,
-    //GNUTLS_PK_DSA
-  } gnutls_pk_algorithm_t;
-
-/* get cipher spec for this connection */
-gnutls_cipher_algorithm_t MHDS_get_session_cipher (struct MHD_Connection * session );
-gnutls_kx_algorithm_t MHDS_get_session_kx (struct MHD_Connection * session );
-gnutls_mac_algorithm_t MHDS_get_session_mac (struct MHD_Connection * session );
-gnutls_compression_method_t MHDS_get_session_compression (struct MHD_Connection * session );
-gnutls_certificate_type_t MHDS_get_session_cert_type (struct MHD_Connection * session );
+typedef enum
+{
+  GNUTLS_SSL3 = 1,
+  GNUTLS_TLS1_0,
+  GNUTLS_TLS1_1,
+  GNUTLS_TLS1_2,
+  GNUTLS_VERSION_UNKNOWN = 0xff
+} gnutls_protocol_t;
+
+typedef enum
+{
+  GNUTLS_CRT_UNKNOWN = 0,
+  GNUTLS_CRT_X509 = 1,
+  GNUTLS_CRT_OPENPGP
+} gnutls_certificate_type_t;
+
+typedef enum
+{
+  GNUTLS_PK_UNKNOWN = 0,
+  GNUTLS_PK_RSA = 1,
+  //GNUTLS_PK_DSA
+} gnutls_pk_algorithm_t;
+
+union MHD_SessionInfo
+{
+  gnutls_cipher_algorithm_t cipher_algorithm;
+  gnutls_kx_algorithm_t kx_algorithm;
+  gnutls_credentials_type_t credentials_type;
+  gnutls_mac_algorithm_t mac_algorithm;
+  gnutls_compression_method_t compression_method;
+  gnutls_protocol_t protocol;
+  gnutls_certificate_type_t certificate_type;
+  gnutls_pk_algorithm_t pk_algorithm;
+};
+
+enum MHD_InfoType
+{
+  MHS_INFO_CIPHER_ALGO,
+  MHD_INFO_KX_ALGO,
+  MHD_INFO_CREDENTIALS_TYPE,
+  MHD_INFO_MAC_ALGO,
+  MHD_INFO_COMPRESSION_METHOD,
+  MHD_INFO_PROTOCOL,
+  MHD_INFO_CERT_TYPE,
+};
+
+union MHD_SessionInfo MHD_get_session_info (struct MHD_Connection *con,
+                                            enum MHD_InfoType infoType);
 
 //TODO impl
-size_t MHDS_get_key_size (struct MHD_Daemon * daemon, gnutls_cipher_algorithm_t algorithm);
-size_t MHDS_get_mac_key_size (struct MHD_Daemon * daemon, gnutls_mac_algorithm_t algorithm);
+size_t MHDS_get_key_size (struct MHD_Daemon *daemon,
+                          gnutls_cipher_algorithm_t algorithm);
+size_t MHDS_get_mac_key_size (struct MHD_Daemon *daemon,
+                              gnutls_mac_algorithm_t algorithm);
 
 #endif
-
diff --git a/src/testcurl/https/mhds_session_info_test.c b/src/testcurl/https/mhds_session_info_test.c
@@ -75,32 +75,55 @@ query_session_ahc (void *cls, struct MHD_Connection *connection,
   int ret;
 
   /* assert actual connection cipher is the one negotiated */
-  if (MHDS_get_session_cipher (connection) != GNUTLS_CIPHER_AES_256_CBC)
+  if (MHD_get_session_info (connection,MHS_INFO_CIPHER_ALGO).cipher_algorithm != GNUTLS_CIPHER_AES_256_CBC)
     {
       fprintf (stderr, "Error: requested cipher mismatch. %s\n",
                strerror (errno));
       return -1;
     }
 
-  if (MHDS_get_session_mac (connection) != GNUTLS_MAC_SHA1)
+  if (MHD_get_session_info (connection,MHD_INFO_KX_ALGO).kx_algorithm != GNUTLS_KX_RSA)
+      {
+        fprintf (stderr, "Error: requested key exchange mismatch. %s\n",
+                 strerror (errno));
+        return -1;
+      }
+
+  if (MHD_get_session_info (connection,MHD_INFO_MAC_ALGO).mac_algorithm != GNUTLS_MAC_SHA1)
     {
       fprintf (stderr, "Error: requested mac algorithm mismatch. %s\n",
                strerror (errno));
       return -1;
     }
-  if (MHDS_get_session_compression (connection) != GNUTLS_COMP_NULL)
+
+  if (MHD_get_session_info (connection,MHD_INFO_COMPRESSION_METHOD).compression_method != GNUTLS_COMP_NULL)
     {
       fprintf (stderr, "Error: requested compression mismatch. %s\n",
                strerror (errno));
       return -1;
     }
-  if (MHDS_get_session_cert_type (connection) != GNUTLS_CRT_X509)
+
+  if (MHD_get_session_info (connection,MHD_INFO_PROTOCOL).protocol != GNUTLS_SSL3)
+      {
+        fprintf (stderr, "Error: requested compression mismatch. %s\n",
+                 strerror (errno));
+        return -1;
+      }
+
+  if (MHD_get_session_info (connection,MHD_INFO_CERT_TYPE).certificate_type != GNUTLS_CRT_X509)
     {
       fprintf (stderr, "Error: requested certificate mismatch. %s\n",
                strerror (errno));
       return -1;
     }
 
+  if (MHD_get_session_info (connection,MHD_INFO_CREDENTIALS_TYPE).credentials_type != GNUTLS_CRD_CERTIFICATE)
+      {
+        fprintf (stderr, "Error: requested certificate mismatch. %s\n",
+                 strerror (errno));
+        return -1;
+      }
+
   response = MHD_create_response_from_data (strlen (EMPTY_PAGE),
                                             (void *) EMPTY_PAGE,
                                             MHD_NO, MHD_NO);