diff options
author | Christian Grothoff <christian@grothoff.org> | 2008-11-16 01:19:13 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2008-11-16 01:19:13 +0000 |
commit | 42abf1bd87d3988c3e08feb93a2cc989c225cc36 (patch) | |
tree | 41e902d139e40a4d7fc127048176f73d950b8f71 | |
parent | b83c672f3e2656ad33dae2c38d1cc1a7eb4f106b (diff) | |
download | libmicrohttpd-42abf1bd87d3988c3e08feb93a2cc989c225cc36.tar.gz libmicrohttpd-42abf1bd87d3988c3e08feb93a2cc989c225cc36.zip |
dead code elimination
30 files changed, 67 insertions, 2278 deletions
@@ -1,3 +1,6 @@ | |||
1 | Sat Nov 15 17:34:24 MST 2008 | ||
2 | Added build support for code coverage analysis. -CG | ||
3 | |||
1 | Sat Nov 15 00:31:33 MST 2008 | 4 | Sat Nov 15 00:31:33 MST 2008 |
2 | Removing (broken) support for HTTPS servers with | 5 | Removing (broken) support for HTTPS servers with |
3 | anonymous (aka "no") certificates as well as | 6 | anonymous (aka "no") certificates as well as |
diff --git a/configure.ac b/configure.ac index b2b9d2bc..97a5263a 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -335,9 +335,16 @@ AC_DEFINE([ENABLE_PKI],[0],[Include PKI support]) | |||
335 | AC_DEFINE([DEBUG],[1],[Include gnutls debug message support]) | 335 | AC_DEFINE([DEBUG],[1],[Include gnutls debug message support]) |
336 | AC_DEFINE([C99_MACROS],[1],[Include gnutls debug message support]) | 336 | AC_DEFINE([C99_MACROS],[1],[Include gnutls debug message support]) |
337 | 337 | ||
338 | AC_DEFINE([ENABLE_OPENSSL],[0],[Include ENABLE_OPENSSL support]) | 338 | |
339 | AC_DEFINE([HAVE_LD_OUTPUT_DEF],[0],[Include HAVE_LD_OUTPUT_DEF support]) | 339 | |
340 | AC_DEFINE([HAVE_LD_VERSION_SCRIPT],[0],[Include HAVE_LD_VERSION_SCRIPT support]) | 340 | # gcov compilation |
341 | use_gcov=no | ||
342 | AC_ARG_ENABLE([coverage], AS_HELP_STRING([--enable-coverage], | ||
343 | [Compile the library with code coverage support (default is NO)]), | ||
344 | [use_gcov=yes], [use_gcov=no]) | ||
345 | AM_CONDITIONAL([USE_COVERAGE], [test "x$use_gcov" = "xyes"]) | ||
346 | |||
347 | |||
341 | 348 | ||
342 | 349 | ||
343 | AC_SUBST(CPPFLAGS) | 350 | AC_SUBST(CPPFLAGS) |
diff --git a/contrib/coverage.sh b/contrib/coverage.sh new file mode 100755 index 00000000..8d5787b2 --- /dev/null +++ b/contrib/coverage.sh | |||
@@ -0,0 +1,7 @@ | |||
1 | #!/bin/sh | ||
2 | # make sure configure was run with coverage enabled... | ||
3 | lcov --directory . --zerocounters | ||
4 | make check | ||
5 | lcov --directory . --capture --output-file app.info | ||
6 | mkdir /tmp/coverage | ||
7 | genhtml -o /tmp/coverage app.info | ||
diff --git a/src/daemon/Makefile.am b/src/daemon/Makefile.am index b26c3df5..c52e2610 100644 --- a/src/daemon/Makefile.am +++ b/src/daemon/Makefile.am | |||
@@ -1,6 +1,10 @@ | |||
1 | # including '.' mixes up build order when HTTPS is enabled. | 1 | # including '.' mixes up build order when HTTPS is enabled. |
2 | SUBDIRS = | 2 | SUBDIRS = |
3 | 3 | ||
4 | if USE_COVERAGE | ||
5 | AM_CFLAGS = -fprofile-arcs -ftest-coverage | ||
6 | endif | ||
7 | |||
4 | AM_CPPFLAGS = \ | 8 | AM_CPPFLAGS = \ |
5 | -I$(top_srcdir)/src/include \ | 9 | -I$(top_srcdir)/src/include \ |
6 | -I$(top_srcdir)/src/daemon \ | 10 | -I$(top_srcdir)/src/daemon \ |
diff --git a/src/daemon/https/Makefile.am b/src/daemon/https/Makefile.am index e022e45b..8b4c1aa1 100644 --- a/src/daemon/https/Makefile.am +++ b/src/daemon/https/Makefile.am | |||
@@ -1,2 +1,3 @@ | |||
1 | EXTRA_DIST = gnutls.h | 1 | EXTRA_DIST = gnutls.h |
2 | |||
2 | SUBDIRS = minitasn1 lgl x509 tls . | 3 | SUBDIRS = minitasn1 lgl x509 tls . |
diff --git a/src/daemon/https/lgl/Makefile.am b/src/daemon/https/lgl/Makefile.am index 6ab8ea25..2caab931 100644 --- a/src/daemon/https/lgl/Makefile.am +++ b/src/daemon/https/lgl/Makefile.am | |||
@@ -6,6 +6,10 @@ AM_CPPFLAGS = -std=c99 \ | |||
6 | 6 | ||
7 | # gc-gnulib.c | 7 | # gc-gnulib.c |
8 | 8 | ||
9 | if USE_COVERAGE | ||
10 | AM_CFLAGS = -fprofile-arcs -ftest-coverage | ||
11 | endif | ||
12 | |||
9 | noinst_LTLIBRARIES = liblgl.la | 13 | noinst_LTLIBRARIES = liblgl.la |
10 | 14 | ||
11 | liblgl_la_LDFLAGS = -lgcrypt | 15 | liblgl_la_LDFLAGS = -lgcrypt |
diff --git a/src/daemon/https/minitasn1/Makefile.am b/src/daemon/https/minitasn1/Makefile.am index 34e56d13..16ba08b2 100644 --- a/src/daemon/https/minitasn1/Makefile.am +++ b/src/daemon/https/minitasn1/Makefile.am | |||
@@ -4,6 +4,10 @@ AM_CPPFLAGS = \ | |||
4 | -I$(top_srcdir)/src/daemon/https/lgl \ | 4 | -I$(top_srcdir)/src/daemon/https/lgl \ |
5 | -I$(top_srcdir)/src/daemon/https/tls | 5 | -I$(top_srcdir)/src/daemon/https/tls |
6 | 6 | ||
7 | if USE_COVERAGE | ||
8 | AM_CFLAGS = -fprofile-arcs -ftest-coverage | ||
9 | endif | ||
10 | |||
7 | noinst_LTLIBRARIES = libasn1.la | 11 | noinst_LTLIBRARIES = libasn1.la |
8 | 12 | ||
9 | libasn1_la_SOURCES = \ | 13 | libasn1_la_SOURCES = \ |
diff --git a/src/daemon/https/minitasn1/libtasn1.h b/src/daemon/https/minitasn1/libtasn1.h index 7cc3672b..fdf0b306 100644 --- a/src/daemon/https/minitasn1/libtasn1.h +++ b/src/daemon/https/minitasn1/libtasn1.h | |||
@@ -156,9 +156,6 @@ extern "C" | |||
156 | 156 | ||
157 | MHD__asn1_retCode MHD__asn1_delete_structure (ASN1_TYPE * structure); | 157 | MHD__asn1_retCode MHD__asn1_delete_structure (ASN1_TYPE * structure); |
158 | 158 | ||
159 | MHD__asn1_retCode MHD__asn1_delete_element (ASN1_TYPE structure, | ||
160 | const char *element_name); | ||
161 | |||
162 | MHD__asn1_retCode MHD__asn1_write_value (ASN1_TYPE node_root, | 159 | MHD__asn1_retCode MHD__asn1_write_value (ASN1_TYPE node_root, |
163 | const char *name, | 160 | const char *name, |
164 | const void *ivalue, int len); | 161 | const void *ivalue, int len); |
@@ -218,9 +215,6 @@ extern "C" | |||
218 | 215 | ||
219 | ASN1_TYPE MHD__asn1_find_node (ASN1_TYPE pointer, const char *name); | 216 | ASN1_TYPE MHD__asn1_find_node (ASN1_TYPE pointer, const char *name); |
220 | 217 | ||
221 | MHD__asn1_retCode MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name, | ||
222 | ASN1_TYPE src, const char *src_name); | ||
223 | |||
224 | #ifdef __cplusplus | 218 | #ifdef __cplusplus |
225 | } | 219 | } |
226 | #endif | 220 | #endif |
diff --git a/src/daemon/https/minitasn1/structure.c b/src/daemon/https/minitasn1/structure.c index 7f72661f..e0abe594 100644 --- a/src/daemon/https/minitasn1/structure.c +++ b/src/daemon/https/minitasn1/structure.c | |||
@@ -267,49 +267,6 @@ MHD__asn1_delete_structure (ASN1_TYPE * structure) | |||
267 | return ASN1_SUCCESS; | 267 | return ASN1_SUCCESS; |
268 | } | 268 | } |
269 | 269 | ||
270 | |||
271 | |||
272 | /** | ||
273 | * MHD__asn1_delete_element - Deletes the element of a structure. | ||
274 | * @structure: pointer to the structure that contains the element you | ||
275 | * want to delete. | ||
276 | * @element_name: element's name you want to delete. | ||
277 | * | ||
278 | * Deletes the element named *@element_name inside *@structure. | ||
279 | * | ||
280 | * Returns: | ||
281 | * | ||
282 | * ASN1_SUCCESS: Everything OK. | ||
283 | * | ||
284 | * ASN1_ELEMENT_NOT_FOUND: The name element was not found. | ||
285 | * | ||
286 | **/ | ||
287 | MHD__asn1_retCode | ||
288 | MHD__asn1_delete_element (ASN1_TYPE structure, const char *element_name) | ||
289 | { | ||
290 | node_asn *p2, *p3, *source_node; | ||
291 | |||
292 | source_node = MHD__asn1_find_node (structure, element_name); | ||
293 | |||
294 | if (source_node == ASN1_TYPE_EMPTY) | ||
295 | return ASN1_ELEMENT_NOT_FOUND; | ||
296 | |||
297 | p2 = source_node->right; | ||
298 | p3 = MHD__asn1_find_left (source_node); | ||
299 | if (!p3) | ||
300 | { | ||
301 | p3 = MHD__asn1_find_up (source_node); | ||
302 | if (p3) | ||
303 | MHD__asn1_set_down (p3, p2); | ||
304 | else if (source_node->right) | ||
305 | source_node->right->left = NULL; | ||
306 | } | ||
307 | else | ||
308 | MHD__asn1_set_right (p3, p2); | ||
309 | |||
310 | return MHD__asn1_delete_structure (&source_node); | ||
311 | } | ||
312 | |||
313 | node_asn * | 270 | node_asn * |
314 | MHD__asn1_copy_structure3 (node_asn * source_node) | 271 | MHD__asn1_copy_structure3 (node_asn * source_node) |
315 | { | 272 | { |
@@ -730,54 +687,3 @@ MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions, | |||
730 | return NULL; /* ASN1_ELEMENT_NOT_FOUND; */ | 687 | return NULL; /* ASN1_ELEMENT_NOT_FOUND; */ |
731 | } | 688 | } |
732 | 689 | ||
733 | /** | ||
734 | * MHD__asn1_copy_node: | ||
735 | * @dst: Destination ASN1_TYPE node. | ||
736 | * @dst_name: Field name in destination node. | ||
737 | * @src: Source ASN1_TYPE node. | ||
738 | * @src_name: Field name in source node. | ||
739 | * | ||
740 | * Create a deep copy of a ASN1_TYPE variable. | ||
741 | * | ||
742 | * Return value: Return ASN1_SUCCESS on success. | ||
743 | **/ | ||
744 | MHD__asn1_retCode | ||
745 | MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name, | ||
746 | ASN1_TYPE src, const char *src_name) | ||
747 | { | ||
748 | /* FIXME: rewrite using copy_structure(). | ||
749 | * It seems quite hard to do. | ||
750 | */ | ||
751 | int result; | ||
752 | ASN1_TYPE dst_node; | ||
753 | void *data = NULL; | ||
754 | int size = 0; | ||
755 | |||
756 | result = MHD__asn1_der_coding (src, src_name, NULL, &size, NULL); | ||
757 | if (result != ASN1_MEM_ERROR) | ||
758 | return result; | ||
759 | |||
760 | data = MHD__asn1_malloc (size); | ||
761 | if (data == NULL) | ||
762 | return ASN1_MEM_ERROR; | ||
763 | |||
764 | result = MHD__asn1_der_coding (src, src_name, data, &size, NULL); | ||
765 | if (result != ASN1_SUCCESS) | ||
766 | { | ||
767 | MHD__asn1_free (data); | ||
768 | return result; | ||
769 | } | ||
770 | |||
771 | dst_node = MHD__asn1_find_node (dst, dst_name); | ||
772 | if (dst_node == NULL) | ||
773 | { | ||
774 | MHD__asn1_free (data); | ||
775 | return ASN1_ELEMENT_NOT_FOUND; | ||
776 | } | ||
777 | |||
778 | result = MHD__asn1_der_decoding (&dst_node, data, size, NULL); | ||
779 | |||
780 | MHD__asn1_free (data); | ||
781 | |||
782 | return result; | ||
783 | } | ||
diff --git a/src/daemon/https/tls/Makefile.am b/src/daemon/https/tls/Makefile.am index 420307fc..23ec8d7b 100644 --- a/src/daemon/https/tls/Makefile.am +++ b/src/daemon/https/tls/Makefile.am | |||
@@ -1,5 +1,9 @@ | |||
1 | SUBDIRS = . | 1 | SUBDIRS = . |
2 | 2 | ||
3 | if USE_COVERAGE | ||
4 | AM_CFLAGS = -fprofile-arcs -ftest-coverage | ||
5 | endif | ||
6 | |||
3 | AM_CPPFLAGS = \ | 7 | AM_CPPFLAGS = \ |
4 | -I$(top_srcdir)/src/include \ | 8 | -I$(top_srcdir)/src/include \ |
5 | -I$(top_srcdir)/src/daemon/ \ | 9 | -I$(top_srcdir)/src/daemon/ \ |
diff --git a/src/daemon/https/tls/debug.c b/src/daemon/https/tls/debug.c index ac657504..a0a4953a 100644 --- a/src/daemon/https/tls/debug.c +++ b/src/daemon/https/tls/debug.c | |||
@@ -28,30 +28,6 @@ | |||
28 | #include <stdlib.h> | 28 | #include <stdlib.h> |
29 | #include <gcrypt.h> | 29 | #include <gcrypt.h> |
30 | 30 | ||
31 | #ifdef DEBUG | ||
32 | |||
33 | |||
34 | void | ||
35 | MHD__gnutls_print_state (MHD_gtls_session_t session) | ||
36 | { | ||
37 | |||
38 | MHD__gnutls_debug_log ("GNUTLS State:\n"); | ||
39 | MHD__gnutls_debug_log ("Connection End: %d\n", | ||
40 | session->security_parameters.entity); | ||
41 | MHD__gnutls_debug_log ("Cipher Algorithm: %d\n", | ||
42 | session->security_parameters. | ||
43 | read_bulk_cipher_algorithm); | ||
44 | MHD__gnutls_debug_log ("MAC algorithm: %d\n", | ||
45 | session->security_parameters.read_mac_algorithm); | ||
46 | MHD__gnutls_debug_log ("Compression Algorithm: %d\n", | ||
47 | session->security_parameters. | ||
48 | read_compression_algorithm); | ||
49 | MHD__gnutls_debug_log ("\n"); | ||
50 | |||
51 | } | ||
52 | |||
53 | #endif | ||
54 | |||
55 | const char * | 31 | const char * |
56 | MHD__gnutls_packet2str (content_type_t packet) | 32 | MHD__gnutls_packet2str (content_type_t packet) |
57 | { | 33 | { |
diff --git a/src/daemon/https/tls/debug.h b/src/daemon/https/tls/debug.h index 69c6a06e..0ecce182 100644 --- a/src/daemon/https/tls/debug.h +++ b/src/daemon/https/tls/debug.h | |||
@@ -22,9 +22,6 @@ | |||
22 | * | 22 | * |
23 | */ | 23 | */ |
24 | 24 | ||
25 | #ifdef DEBUG | ||
26 | void MHD__gnutls_print_state (MHD_gtls_session_t session); | ||
27 | #endif | ||
28 | const char *MHD__gnutls_packet2str (content_type_t packet); | 25 | const char *MHD__gnutls_packet2str (content_type_t packet); |
29 | const char *MHD__gnutls_handshake2str (MHD_gnutls_handshake_description_t | 26 | const char *MHD__gnutls_handshake2str (MHD_gnutls_handshake_description_t |
30 | handshake); | 27 | handshake); |
diff --git a/src/daemon/https/tls/gnutls_algorithms.c b/src/daemon/https/tls/gnutls_algorithms.c index 89ca70bc..02be3637 100644 --- a/src/daemon/https/tls/gnutls_algorithms.c +++ b/src/daemon/https/tls/gnutls_algorithms.c | |||
@@ -1549,15 +1549,6 @@ MHD__gnutls_qsort (MHD_gtls_session_t session, | |||
1549 | char *base = _base; | 1549 | char *base = _base; |
1550 | size_t snmemb = nmemb; | 1550 | size_t snmemb = nmemb; |
1551 | 1551 | ||
1552 | #ifdef DEBUG | ||
1553 | if (size > MAX_ELEM_SIZE) | ||
1554 | { | ||
1555 | MHD_gnutls_assert (); | ||
1556 | MHD__gnutls_debug_log ("QSORT BUG\n"); | ||
1557 | exit (1); | ||
1558 | } | ||
1559 | #endif | ||
1560 | |||
1561 | if (snmemb <= 1) | 1552 | if (snmemb <= 1) |
1562 | return; | 1553 | return; |
1563 | pivot = MHD__gnutls_partition (session, _base, nmemb, size, compar); | 1554 | pivot = MHD__gnutls_partition (session, _base, nmemb, size, compar); |
diff --git a/src/daemon/https/tls/gnutls_errors.c b/src/daemon/https/tls/gnutls_errors.c index 51fdb707..bf6a1d0d 100644 --- a/src/daemon/https/tls/gnutls_errors.c +++ b/src/daemon/https/tls/gnutls_errors.c | |||
@@ -398,17 +398,3 @@ MHD_gtls_log (int level, const char *fmt, ...) | |||
398 | log_func (level, str); | 398 | log_func (level, str); |
399 | } | 399 | } |
400 | 400 | ||
401 | #ifndef DEBUG | ||
402 | # ifndef C99_MACROS | ||
403 | |||
404 | /* Without C99 macros these functions have to | ||
405 | * be called. This may affect performance. | ||
406 | */ | ||
407 | void | ||
408 | MHD__gnutls_null_log (void *x, ...) | ||
409 | { | ||
410 | return; | ||
411 | } | ||
412 | |||
413 | # endif /* C99_MACROS */ | ||
414 | #endif /* DEBUG */ | ||
diff --git a/src/daemon/https/tls/gnutls_global.c b/src/daemon/https/tls/gnutls_global.c index 635b01eb..6f7e46bf 100644 --- a/src/daemon/https/tls/gnutls_global.c +++ b/src/daemon/https/tls/gnutls_global.c | |||
@@ -145,15 +145,6 @@ MHD_gtls_global_set_mem_functions (MHD_gnutls_alloc_function alloc_func, | |||
145 | 145 | ||
146 | } | 146 | } |
147 | 147 | ||
148 | #ifdef DEBUG | ||
149 | static void | ||
150 | MHD__gnutls_gcry_log_handler (void *dummy, int level, | ||
151 | const char *fmt, va_list list) | ||
152 | { | ||
153 | MHD_gtls_log (level, fmt, list); | ||
154 | } | ||
155 | #endif | ||
156 | |||
157 | static int MHD__gnutls_init_level = 0; | 148 | static int MHD__gnutls_init_level = 0; |
158 | 149 | ||
159 | /** | 150 | /** |
@@ -254,12 +245,6 @@ MHD__gnutls_global_init (void) | |||
254 | 245 | ||
255 | gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL, 0); | 246 | gcry_control (GCRYCTL_INITIALIZATION_FINISHED, NULL, 0); |
256 | 247 | ||
257 | #ifdef DEBUG | ||
258 | /* applications may want to override that, so we only use | ||
259 | * it in debugging mode. | ||
260 | */ | ||
261 | gcry_set_log_handler (MHD__gnutls_gcry_log_handler, NULL); | ||
262 | #endif | ||
263 | } | 248 | } |
264 | 249 | ||
265 | if (MHD_gc_init () != GC_OK) | 250 | if (MHD_gc_init () != GC_OK) |
@@ -269,10 +254,6 @@ MHD__gnutls_global_init (void) | |||
269 | return GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY; | 254 | return GNUTLS_E_INCOMPATIBLE_CRYPTO_LIBRARY; |
270 | } | 255 | } |
271 | 256 | ||
272 | #ifdef DEBUG | ||
273 | MHD_gtls_global_set_log_function (MHD_tls_log_func); | ||
274 | #endif | ||
275 | |||
276 | /* initialize parser | 257 | /* initialize parser |
277 | * This should not deal with files in the final | 258 | * This should not deal with files in the final |
278 | * version. | 259 | * version. |
diff --git a/src/daemon/https/x509/Makefile.am b/src/daemon/https/x509/Makefile.am index 4156d2e3..65d9594f 100644 --- a/src/daemon/https/x509/Makefile.am +++ b/src/daemon/https/x509/Makefile.am | |||
@@ -1,3 +1,8 @@ | |||
1 | SUBDIRS = . | ||
2 | |||
3 | if USE_COVERAGE | ||
4 | AM_CFLAGS = -fprofile-arcs -ftest-coverage | ||
5 | endif | ||
1 | 6 | ||
2 | AM_CPPFLAGS = \ | 7 | AM_CPPFLAGS = \ |
3 | -I$(top_srcdir)/src/include \ | 8 | -I$(top_srcdir)/src/include \ |
@@ -10,14 +15,11 @@ AM_CPPFLAGS = \ | |||
10 | noinst_LTLIBRARIES = libx509.la | 15 | noinst_LTLIBRARIES = libx509.la |
11 | 16 | ||
12 | libx509_la_LDFLAGS = -lgcrypt | 17 | libx509_la_LDFLAGS = -lgcrypt |
13 | # -l $(top_srcdir)/src/daemon/https/lgl/liblgl.la | ||
14 | 18 | ||
15 | libx509_la_SOURCES = \ | 19 | libx509_la_SOURCES = \ |
16 | common.c common.h \ | 20 | common.c common.h \ |
17 | crq.c crq.h \ | ||
18 | crl.c \ | 21 | crl.c \ |
19 | dn.c dn.h \ | 22 | dn.c dn.h \ |
20 | dsa.c dsa.h \ | ||
21 | extensions.c extensions.h \ | 23 | extensions.c extensions.h \ |
22 | mpi.c mpi.h \ | 24 | mpi.c mpi.h \ |
23 | pkcs12_encr.c pkcs12.h \ | 25 | pkcs12_encr.c pkcs12.h \ |
diff --git a/src/daemon/https/x509/common.h b/src/daemon/https/x509/common.h index 7ddb4b08..a35bbc0b 100644 --- a/src/daemon/https/x509/common.h +++ b/src/daemon/https/x509/common.h | |||
@@ -94,11 +94,6 @@ int MHD__gnutls_x509_read_value (ASN1_TYPE c, const char *root, | |||
94 | int MHD__gnutls_x509_write_value (ASN1_TYPE c, const char *root, | 94 | int MHD__gnutls_x509_write_value (ASN1_TYPE c, const char *root, |
95 | const MHD_gnutls_datum_t * data, int str); | 95 | const MHD_gnutls_datum_t * data, int str); |
96 | 96 | ||
97 | int MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, | ||
98 | ASN1_TYPE MHD__asn1_struct, | ||
99 | const char *where, | ||
100 | const void *data, | ||
101 | int sizeof_data, int multi); | ||
102 | int MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, | 97 | int MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, |
103 | const char *where, char *oid, | 98 | const char *where, char *oid, |
104 | int oid_size, | 99 | int oid_size, |
diff --git a/src/daemon/https/x509/crl.c b/src/daemon/https/x509/crl.c index e023a193..98a9748b 100644 --- a/src/daemon/https/x509/crl.c +++ b/src/daemon/https/x509/crl.c | |||
@@ -164,113 +164,6 @@ cleanup: | |||
164 | 164 | ||
165 | 165 | ||
166 | /** | 166 | /** |
167 | * MHD_gnutls_x509_crl_get_issuer_dn - This function returns the CRL's issuer distinguished name | ||
168 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
169 | * @buf: a pointer to a structure to hold the peer's name (may be null) | ||
170 | * @sizeof_buf: initially holds the size of @buf | ||
171 | * | ||
172 | * This function will copy the name of the CRL issuer in the provided buffer. The name | ||
173 | * will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output | ||
174 | * string will be ASCII or UTF-8 encoded, depending on the certificate data. | ||
175 | * | ||
176 | * If buf is null then only the size will be filled. | ||
177 | * | ||
178 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and | ||
179 | * in that case the sizeof_buf will be updated with the required size, and | ||
180 | * 0 on success. | ||
181 | * | ||
182 | **/ | ||
183 | int | ||
184 | MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf, | ||
185 | size_t * sizeof_buf) | ||
186 | { | ||
187 | if (crl == NULL) | ||
188 | { | ||
189 | MHD_gnutls_assert (); | ||
190 | return GNUTLS_E_INVALID_REQUEST; | ||
191 | } | ||
192 | |||
193 | return MHD__gnutls_x509_parse_dn (crl->crl, | ||
194 | "tbsCertList.issuer.rdnSequence", | ||
195 | buf, sizeof_buf); | ||
196 | } | ||
197 | |||
198 | /** | ||
199 | * MHD_gnutls_x509_crl_get_issuer_dn_by_oid - This function returns the CRL's issuer distinguished name | ||
200 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
201 | * @oid: holds an Object Identified in null terminated string | ||
202 | * @indx: In case multiple same OIDs exist in the RDN, this specifies which to send. Use zero to get the first one. | ||
203 | * @raw_flag: If non zero returns the raw DER data of the DN part. | ||
204 | * @buf: a pointer to a structure to hold the peer's name (may be null) | ||
205 | * @sizeof_buf: initially holds the size of @buf | ||
206 | * | ||
207 | * This function will extract the part of the name of the CRL issuer specified | ||
208 | * by the given OID. The output will be encoded as described in RFC2253. The output | ||
209 | * string will be ASCII or UTF-8 encoded, depending on the certificate data. | ||
210 | * | ||
211 | * Some helper macros with popular OIDs can be found in gnutls/x509.h | ||
212 | * If raw flag is zero, this function will only return known OIDs as text. Other OIDs | ||
213 | * will be DER encoded, as described in RFC2253 -- in hex format with a '\#' prefix. | ||
214 | * You can check about known OIDs using MHD_gnutls_x509_dn_oid_known(). | ||
215 | * | ||
216 | * If buf is null then only the size will be filled. | ||
217 | * | ||
218 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and | ||
219 | * in that case the sizeof_buf will be updated with the required size, | ||
220 | * and 0 on success. | ||
221 | * | ||
222 | **/ | ||
223 | int | ||
224 | MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, | ||
225 | const char *oid, int indx, | ||
226 | unsigned int raw_flag, void *buf, | ||
227 | size_t * sizeof_buf) | ||
228 | { | ||
229 | if (crl == NULL) | ||
230 | { | ||
231 | MHD_gnutls_assert (); | ||
232 | return GNUTLS_E_INVALID_REQUEST; | ||
233 | } | ||
234 | |||
235 | return MHD__gnutls_x509_parse_dn_oid (crl->crl, | ||
236 | "tbsCertList.issuer.rdnSequence", | ||
237 | oid, indx, raw_flag, buf, sizeof_buf); | ||
238 | } | ||
239 | |||
240 | /** | ||
241 | * MHD_gnutls_x509_crl_get_dn_oid - This function returns the Certificate request issuer's distinguished name OIDs | ||
242 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
243 | * @indx: Specifies which DN OID to send. Use zero to get the first one. | ||
244 | * @oid: a pointer to a structure to hold the name (may be null) | ||
245 | * @sizeof_oid: initially holds the size of 'oid' | ||
246 | * | ||
247 | * This function will extract the requested OID of the name of the CRL issuer, specified | ||
248 | * by the given index. | ||
249 | * | ||
250 | * If oid is null then only the size will be filled. | ||
251 | * | ||
252 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not long enough, and | ||
253 | * in that case the sizeof_oid will be updated with the required size. | ||
254 | * On success 0 is returned. | ||
255 | * | ||
256 | **/ | ||
257 | int | ||
258 | MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, | ||
259 | int indx, void *oid, size_t * sizeof_oid) | ||
260 | { | ||
261 | if (crl == NULL) | ||
262 | { | ||
263 | MHD_gnutls_assert (); | ||
264 | return GNUTLS_E_INVALID_REQUEST; | ||
265 | } | ||
266 | |||
267 | return MHD__gnutls_x509_get_dn_oid (crl->crl, | ||
268 | "tbsCertList.issuer.rdnSequence", indx, | ||
269 | oid, sizeof_oid); | ||
270 | } | ||
271 | |||
272 | |||
273 | /** | ||
274 | * MHD_gnutls_x509_crl_get_signature_algorithm - This function returns the CRL's signature algorithm | 167 | * MHD_gnutls_x509_crl_get_signature_algorithm - This function returns the CRL's signature algorithm |
275 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | 168 | * @crl: should contain a MHD_gnutls_x509_crl_t structure |
276 | * | 169 | * |
@@ -368,82 +261,6 @@ MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, | |||
368 | return 0; | 261 | return 0; |
369 | } | 262 | } |
370 | 263 | ||
371 | /** | ||
372 | * MHD_gnutls_x509_crl_get_version - This function returns the CRL's version number | ||
373 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
374 | * | ||
375 | * This function will return the version of the specified CRL. | ||
376 | * | ||
377 | * Returns a negative value on error. | ||
378 | * | ||
379 | **/ | ||
380 | int | ||
381 | MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl) | ||
382 | { | ||
383 | opaque version[5]; | ||
384 | int len, result; | ||
385 | |||
386 | if (crl == NULL) | ||
387 | { | ||
388 | MHD_gnutls_assert (); | ||
389 | return GNUTLS_E_INVALID_REQUEST; | ||
390 | } | ||
391 | |||
392 | len = sizeof (version); | ||
393 | if ((result = | ||
394 | MHD__asn1_read_value (crl->crl, "tbsCertList.version", version, | ||
395 | &len)) != ASN1_SUCCESS) | ||
396 | { | ||
397 | MHD_gnutls_assert (); | ||
398 | return MHD_gtls_asn2err (result); | ||
399 | } | ||
400 | |||
401 | return (int) version[0] + 1; | ||
402 | } | ||
403 | |||
404 | /** | ||
405 | * MHD_gnutls_x509_crl_get_this_update - This function returns the CRL's thisUpdate time | ||
406 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
407 | * | ||
408 | * This function will return the time this CRL was issued. | ||
409 | * | ||
410 | * Returns (time_t)-1 on error. | ||
411 | * | ||
412 | **/ | ||
413 | time_t | ||
414 | MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl) | ||
415 | { | ||
416 | if (crl == NULL) | ||
417 | { | ||
418 | MHD_gnutls_assert (); | ||
419 | return (time_t) - 1; | ||
420 | } | ||
421 | |||
422 | return MHD__gnutls_x509_get_time (crl->crl, "tbsCertList.thisUpdate"); | ||
423 | } | ||
424 | |||
425 | /** | ||
426 | * MHD_gnutls_x509_crl_get_next_update - This function returns the CRL's nextUpdate time | ||
427 | * @crl: should contain a MHD_gnutls_x509_crl_t structure | ||
428 | * | ||
429 | * This function will return the time the next CRL will be issued. | ||
430 | * This field is optional in a CRL so it might be normal to get | ||
431 | * an error instead. | ||
432 | * | ||
433 | * Returns (time_t)-1 on error. | ||
434 | * | ||
435 | **/ | ||
436 | time_t | ||
437 | MHD_gnutls_x509_crl_get_next_update (MHD_gnutls_x509_crl_t crl) | ||
438 | { | ||
439 | if (crl == NULL) | ||
440 | { | ||
441 | MHD_gnutls_assert (); | ||
442 | return (time_t) - 1; | ||
443 | } | ||
444 | |||
445 | return MHD__gnutls_x509_get_time (crl->crl, "tbsCertList.nextUpdate"); | ||
446 | } | ||
447 | 264 | ||
448 | /** | 265 | /** |
449 | * MHD_gnutls_x509_crl_get_crt_count - This function returns the number of revoked certificates in a CRL | 266 | * MHD_gnutls_x509_crl_get_crt_count - This function returns the number of revoked certificates in a CRL |
@@ -617,95 +434,4 @@ cleanup: | |||
617 | return result; | 434 | return result; |
618 | } | 435 | } |
619 | 436 | ||
620 | /** | ||
621 | * MHD_gnutls_x509_crl_export - This function will export the CRL | ||
622 | * @crl: Holds the revocation list | ||
623 | * @format: the format of output params. One of PEM or DER. | ||
624 | * @output_data: will contain a private key PEM or DER encoded | ||
625 | * @output_data_size: holds the size of output_data (and will be replaced by the actual size of parameters) | ||
626 | * | ||
627 | * This function will export the revocation list to DER or PEM format. | ||
628 | * | ||
629 | * If the buffer provided is not long enough to hold the output, then | ||
630 | * GNUTLS_E_SHORT_MEMORY_BUFFER will be returned. | ||
631 | * | ||
632 | * If the structure is PEM encoded, it will have a header | ||
633 | * of "BEGIN X509 CRL". | ||
634 | * | ||
635 | * Returns 0 on success, and a negative value on failure. | ||
636 | * | ||
637 | **/ | ||
638 | int | ||
639 | MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, | ||
640 | MHD_gnutls_x509_crt_fmt_t format, | ||
641 | void *output_data, size_t * output_data_size) | ||
642 | { | ||
643 | if (crl == NULL) | ||
644 | { | ||
645 | MHD_gnutls_assert (); | ||
646 | return GNUTLS_E_INVALID_REQUEST; | ||
647 | } | ||
648 | |||
649 | return MHD__gnutls_x509_export_int (crl->crl, format, PEM_CRL, | ||
650 | output_data, output_data_size); | ||
651 | } | ||
652 | |||
653 | /*- | ||
654 | * MHD__gnutls_x509_crl_cpy - This function copies a MHD_gnutls_x509_crl_t structure | ||
655 | * @dest: The structure where to copy | ||
656 | * @src: The structure to be copied | ||
657 | * | ||
658 | * This function will copy an X.509 certificate structure. | ||
659 | * | ||
660 | * Returns 0 on success. | ||
661 | * | ||
662 | -*/ | ||
663 | int | ||
664 | MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest, | ||
665 | MHD_gnutls_x509_crl_t src) | ||
666 | { | ||
667 | int ret; | ||
668 | size_t der_size; | ||
669 | opaque *der; | ||
670 | MHD_gnutls_datum_t tmp; | ||
671 | |||
672 | ret = | ||
673 | MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, NULL, &der_size); | ||
674 | if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) | ||
675 | { | ||
676 | MHD_gnutls_assert (); | ||
677 | return ret; | ||
678 | } | ||
679 | |||
680 | der = MHD_gnutls_alloca (der_size); | ||
681 | if (der == NULL) | ||
682 | { | ||
683 | MHD_gnutls_assert (); | ||
684 | return GNUTLS_E_MEMORY_ERROR; | ||
685 | } | ||
686 | |||
687 | ret = MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, der, &der_size); | ||
688 | if (ret < 0) | ||
689 | { | ||
690 | MHD_gnutls_assert (); | ||
691 | MHD_gnutls_afree (der); | ||
692 | return ret; | ||
693 | } | ||
694 | |||
695 | tmp.data = der; | ||
696 | tmp.size = der_size; | ||
697 | ret = MHD_gnutls_x509_crl_import (dest, &tmp, GNUTLS_X509_FMT_DER); | ||
698 | |||
699 | MHD_gnutls_afree (der); | ||
700 | |||
701 | if (ret < 0) | ||
702 | { | ||
703 | MHD_gnutls_assert (); | ||
704 | return ret; | ||
705 | } | ||
706 | |||
707 | return 0; | ||
708 | |||
709 | } | ||
710 | |||
711 | #endif | 437 | #endif |
diff --git a/src/daemon/https/x509/crq.c b/src/daemon/https/x509/crq.c deleted file mode 100644 index 88ac349d..00000000 --- a/src/daemon/https/x509/crq.c +++ /dev/null | |||
@@ -1,898 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2003, 2004, 2005 Free Software Foundation | ||
3 | * | ||
4 | * Author: Nikos Mavrogiannopoulos | ||
5 | * | ||
6 | * This file is part of GNUTLS. | ||
7 | * | ||
8 | * The GNUTLS library is free software; you can redistribute it and/or | ||
9 | * modify it under the terms of the GNU Lesser General Public License | ||
10 | * as published by the Free Software Foundation; either version 2.1 of | ||
11 | * the License, or (at your option) any later version. | ||
12 | * | ||
13 | * This library is distributed in the hope that it will be useful, but | ||
14 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
16 | * Lesser General Public License for more details. | ||
17 | * | ||
18 | * You should have received a copy of the GNU Lesser General Public | ||
19 | * License along with this library; if not, write to the Free Software | ||
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, | ||
21 | * USA | ||
22 | * | ||
23 | */ | ||
24 | |||
25 | /* This file contains functions to handle PKCS #10 certificate requests. | ||
26 | */ | ||
27 | |||
28 | #include <gnutls_int.h> | ||
29 | |||
30 | #ifdef ENABLE_PKI | ||
31 | |||
32 | #include <gnutls_datum.h> | ||
33 | #include <gnutls_global.h> | ||
34 | #include <gnutls_errors.h> | ||
35 | #include <common.h> | ||
36 | #include <gnutls_x509.h> | ||
37 | #include <x509_b64.h> | ||
38 | #include <crq.h> | ||
39 | #include <dn.h> | ||
40 | #include <mpi.h> | ||
41 | #include <sign.h> | ||
42 | #include <extensions.h> | ||
43 | #include <libtasn1.h> | ||
44 | |||
45 | /** | ||
46 | * MHD_gnutls_x509_crq_init - This function initializes a MHD_gnutls_x509_crq_t structure | ||
47 | * @crq: The structure to be initialized | ||
48 | * | ||
49 | * This function will initialize a PKCS10 certificate request structure. | ||
50 | * | ||
51 | * Returns 0 on success. | ||
52 | * | ||
53 | **/ | ||
54 | int | ||
55 | MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq) | ||
56 | { | ||
57 | *crq = MHD_gnutls_calloc (1, sizeof (MHD_gnutls_x509_crq_int)); | ||
58 | |||
59 | if (*crq) | ||
60 | { | ||
61 | int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), | ||
62 | "PKIX1.pkcs-10-CertificationRequest", | ||
63 | &((*crq)->crq)); | ||
64 | if (result != ASN1_SUCCESS) | ||
65 | { | ||
66 | MHD_gnutls_assert (); | ||
67 | MHD_gnutls_free (*crq); | ||
68 | return MHD_gtls_asn2err (result); | ||
69 | } | ||
70 | return 0; /* success */ | ||
71 | } | ||
72 | return GNUTLS_E_MEMORY_ERROR; | ||
73 | } | ||
74 | |||
75 | /** | ||
76 | * MHD_gnutls_x509_crq_deinit - This function deinitializes memory used by a MHD_gnutls_x509_crq_t structure | ||
77 | * @crq: The structure to be initialized | ||
78 | * | ||
79 | * This function will deinitialize a CRL structure. | ||
80 | * | ||
81 | **/ | ||
82 | void | ||
83 | MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq) | ||
84 | { | ||
85 | if (!crq) | ||
86 | return; | ||
87 | |||
88 | if (crq->crq) | ||
89 | MHD__asn1_delete_structure (&crq->crq); | ||
90 | |||
91 | MHD_gnutls_free (crq); | ||
92 | } | ||
93 | |||
94 | #define PEM_CRQ "NEW CERTIFICATE REQUEST" | ||
95 | #define PEM_CRQ2 "CERTIFICATE REQUEST" | ||
96 | |||
97 | /** | ||
98 | * MHD_gnutls_x509_crq_import - This function will import a DER or PEM encoded Certificate request | ||
99 | * @crq: The structure to store the parsed certificate request. | ||
100 | * @data: The DER or PEM encoded certificate. | ||
101 | * @format: One of DER or PEM | ||
102 | * | ||
103 | * This function will convert the given DER or PEM encoded Certificate | ||
104 | * to the native MHD_gnutls_x509_crq_t format. The output will be stored in @cert. | ||
105 | * | ||
106 | * If the Certificate is PEM encoded it should have a header of "NEW CERTIFICATE REQUEST". | ||
107 | * | ||
108 | * Returns 0 on success. | ||
109 | * | ||
110 | **/ | ||
111 | int | ||
112 | MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq, | ||
113 | const MHD_gnutls_datum_t * data, | ||
114 | MHD_gnutls_x509_crt_fmt_t format) | ||
115 | { | ||
116 | int result = 0, need_free = 0; | ||
117 | MHD_gnutls_datum_t _data; | ||
118 | |||
119 | if (crq == NULL) | ||
120 | { | ||
121 | MHD_gnutls_assert (); | ||
122 | return GNUTLS_E_INVALID_REQUEST; | ||
123 | } | ||
124 | |||
125 | _data.data = data->data; | ||
126 | _data.size = data->size; | ||
127 | |||
128 | /* If the Certificate is in PEM format then decode it | ||
129 | */ | ||
130 | if (format == GNUTLS_X509_FMT_PEM) | ||
131 | { | ||
132 | opaque *out; | ||
133 | |||
134 | /* Try the first header */ | ||
135 | result = | ||
136 | MHD__gnutls_fbase64_decode (PEM_CRQ, data->data, data->size, &out); | ||
137 | |||
138 | if (result <= 0) /* Go for the second header */ | ||
139 | result = | ||
140 | MHD__gnutls_fbase64_decode (PEM_CRQ2, data->data, data->size, &out); | ||
141 | |||
142 | if (result <= 0) | ||
143 | { | ||
144 | if (result == 0) | ||
145 | result = GNUTLS_E_INTERNAL_ERROR; | ||
146 | MHD_gnutls_assert (); | ||
147 | return result; | ||
148 | } | ||
149 | |||
150 | _data.data = out; | ||
151 | _data.size = result; | ||
152 | |||
153 | need_free = 1; | ||
154 | } | ||
155 | |||
156 | result = MHD__asn1_der_decoding (&crq->crq, _data.data, _data.size, NULL); | ||
157 | if (result != ASN1_SUCCESS) | ||
158 | { | ||
159 | result = MHD_gtls_asn2err (result); | ||
160 | MHD_gnutls_assert (); | ||
161 | goto cleanup; | ||
162 | } | ||
163 | |||
164 | result = 0; | ||
165 | |||
166 | cleanup: | ||
167 | if (need_free) | ||
168 | MHD__gnutls_free_datum (&_data); | ||
169 | return result; | ||
170 | } | ||
171 | |||
172 | |||
173 | |||
174 | /** | ||
175 | * MHD_gnutls_x509_crq_get_dn - This function returns the Certificate request subject's distinguished name | ||
176 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
177 | * @buf: a pointer to a structure to hold the name (may be null) | ||
178 | * @sizeof_buf: initially holds the size of @buf | ||
179 | * | ||
180 | * This function will copy the name of the Certificate request | ||
181 | * subject in the provided buffer. The name will be in the form | ||
182 | * "C=xxxx,O=yyyy,CN=zzzz" as described in RFC2253. The output string | ||
183 | * will be ASCII or UTF-8 encoded, depending on the certificate data. | ||
184 | * | ||
185 | * If @buf is null then only the size will be filled. | ||
186 | * | ||
187 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not | ||
188 | * long enough, and in that case the *sizeof_buf will be updated with | ||
189 | * the required size. On success 0 is returned. | ||
190 | * | ||
191 | **/ | ||
192 | int | ||
193 | MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf, | ||
194 | size_t * sizeof_buf) | ||
195 | { | ||
196 | if (crq == NULL) | ||
197 | { | ||
198 | MHD_gnutls_assert (); | ||
199 | return GNUTLS_E_INVALID_REQUEST; | ||
200 | } | ||
201 | |||
202 | return MHD__gnutls_x509_parse_dn (crq->crq, | ||
203 | "certificationRequestInfo.subject.rdnSequence", | ||
204 | buf, sizeof_buf); | ||
205 | } | ||
206 | |||
207 | /** | ||
208 | * MHD_gnutls_x509_crq_get_dn_by_oid - This function returns the Certificate request subject's distinguished name | ||
209 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
210 | * @oid: holds an Object Identified in null terminated string | ||
211 | * @indx: In case multiple same OIDs exist in the RDN, this specifies | ||
212 | * which to send. Use zero to get the first one. | ||
213 | * @raw_flag: If non zero returns the raw DER data of the DN part. | ||
214 | * @buf: a pointer to a structure to hold the name (may be null) | ||
215 | * @sizeof_buf: initially holds the size of @buf | ||
216 | * | ||
217 | * This function will extract the part of the name of the Certificate | ||
218 | * request subject, specified by the given OID. The output will be | ||
219 | * encoded as described in RFC2253. The output string will be ASCII | ||
220 | * or UTF-8 encoded, depending on the certificate data. | ||
221 | * | ||
222 | * Some helper macros with popular OIDs can be found in gnutls/x509.h | ||
223 | * If raw flag is zero, this function will only return known OIDs as | ||
224 | * text. Other OIDs will be DER encoded, as described in RFC2253 -- | ||
225 | * in hex format with a '\#' prefix. You can check about known OIDs | ||
226 | * using MHD_gnutls_x509_dn_oid_known(). | ||
227 | * | ||
228 | * If @buf is null then only the size will be filled. | ||
229 | * | ||
230 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not | ||
231 | * long enough, and in that case the *sizeof_buf will be updated with | ||
232 | * the required size. On success 0 is returned. | ||
233 | * | ||
234 | **/ | ||
235 | int | ||
236 | MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, | ||
237 | int indx, unsigned int raw_flag, | ||
238 | void *buf, size_t * sizeof_buf) | ||
239 | { | ||
240 | if (crq == NULL) | ||
241 | { | ||
242 | MHD_gnutls_assert (); | ||
243 | return GNUTLS_E_INVALID_REQUEST; | ||
244 | } | ||
245 | |||
246 | return MHD__gnutls_x509_parse_dn_oid (crq->crq, | ||
247 | "certificationRequestInfo.subject.rdnSequence", | ||
248 | oid, indx, raw_flag, buf, sizeof_buf); | ||
249 | } | ||
250 | |||
251 | /** | ||
252 | * MHD_gnutls_x509_crq_get_dn_oid - This function returns the Certificate request subject's distinguished name OIDs | ||
253 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
254 | * @indx: Specifies which DN OID to send. Use zero to get the first one. | ||
255 | * @oid: a pointer to a structure to hold the name (may be null) | ||
256 | * @sizeof_oid: initially holds the size of @oid | ||
257 | * | ||
258 | * This function will extract the requested OID of the name of the | ||
259 | * Certificate request subject, specified by the given index. | ||
260 | * | ||
261 | * If oid is null then only the size will be filled. | ||
262 | * | ||
263 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER if the provided buffer is not | ||
264 | * long enough, and in that case the *sizeof_oid will be updated with | ||
265 | * the required size. On success 0 is returned. | ||
266 | * | ||
267 | **/ | ||
268 | int | ||
269 | MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq, | ||
270 | int indx, void *oid, size_t * sizeof_oid) | ||
271 | { | ||
272 | if (crq == NULL) | ||
273 | { | ||
274 | MHD_gnutls_assert (); | ||
275 | return GNUTLS_E_INVALID_REQUEST; | ||
276 | } | ||
277 | |||
278 | return MHD__gnutls_x509_get_dn_oid (crq->crq, | ||
279 | "certificationRequestInfo.subject.rdnSequence", | ||
280 | indx, oid, sizeof_oid); | ||
281 | } | ||
282 | |||
283 | /* Parses an Attribute list in the MHD__asn1_struct, and searches for the | ||
284 | * given OID. The index indicates the attribute value to be returned. | ||
285 | * | ||
286 | * If raw==0 only printable data are returned, or GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE. | ||
287 | * | ||
288 | * MHD__asn1_attr_name must be a string in the form "certificationRequestInfo.attributes" | ||
289 | * | ||
290 | */ | ||
291 | static int | ||
292 | parse_attribute (ASN1_TYPE MHD__asn1_struct, | ||
293 | const char *attr_name, const char *given_oid, int indx, | ||
294 | int raw, char *buf, size_t * sizeof_buf) | ||
295 | { | ||
296 | int k1, result; | ||
297 | char tmpbuffer1[MAX_NAME_SIZE]; | ||
298 | char tmpbuffer3[MAX_NAME_SIZE]; | ||
299 | char value[200]; | ||
300 | char oid[128]; | ||
301 | int len, printable; | ||
302 | |||
303 | if (*sizeof_buf == 0) | ||
304 | { | ||
305 | MHD_gnutls_assert (); | ||
306 | return GNUTLS_E_INVALID_REQUEST; | ||
307 | } | ||
308 | |||
309 | buf[0] = 0; | ||
310 | |||
311 | k1 = 0; | ||
312 | do | ||
313 | { | ||
314 | |||
315 | k1++; | ||
316 | /* create a string like "attribute.?1" | ||
317 | */ | ||
318 | if (attr_name[0] != 0) | ||
319 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", attr_name, k1); | ||
320 | else | ||
321 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); | ||
322 | |||
323 | len = sizeof (value) - 1; | ||
324 | result = | ||
325 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | ||
326 | |||
327 | if (result == ASN1_ELEMENT_NOT_FOUND) | ||
328 | { | ||
329 | MHD_gnutls_assert (); | ||
330 | break; | ||
331 | } | ||
332 | |||
333 | if (result != ASN1_VALUE_NOT_FOUND) | ||
334 | { | ||
335 | MHD_gnutls_assert (); | ||
336 | result = MHD_gtls_asn2err (result); | ||
337 | goto cleanup; | ||
338 | } | ||
339 | |||
340 | /* Move to the attibute type and values | ||
341 | */ | ||
342 | /* Read the OID | ||
343 | */ | ||
344 | MHD_gtls_str_cpy (tmpbuffer3, sizeof (tmpbuffer3), tmpbuffer1); | ||
345 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); | ||
346 | |||
347 | len = sizeof (oid) - 1; | ||
348 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); | ||
349 | |||
350 | if (result == ASN1_ELEMENT_NOT_FOUND) | ||
351 | break; | ||
352 | else if (result != ASN1_SUCCESS) | ||
353 | { | ||
354 | MHD_gnutls_assert (); | ||
355 | result = MHD_gtls_asn2err (result); | ||
356 | goto cleanup; | ||
357 | } | ||
358 | |||
359 | if (strcmp (oid, given_oid) == 0) | ||
360 | { /* Found the OID */ | ||
361 | |||
362 | /* Read the Value | ||
363 | */ | ||
364 | snprintf (tmpbuffer3, sizeof (tmpbuffer3), "%s.values.?%u", | ||
365 | tmpbuffer1, indx + 1); | ||
366 | |||
367 | len = sizeof (value) - 1; | ||
368 | result = | ||
369 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value, &len); | ||
370 | |||
371 | if (result != ASN1_SUCCESS) | ||
372 | { | ||
373 | MHD_gnutls_assert (); | ||
374 | result = MHD_gtls_asn2err (result); | ||
375 | goto cleanup; | ||
376 | } | ||
377 | |||
378 | if (raw == 0) | ||
379 | { | ||
380 | printable = MHD__gnutls_x509_oid_data_printable (oid); | ||
381 | if (printable == 1) | ||
382 | { | ||
383 | if ((result = | ||
384 | MHD__gnutls_x509_oid_data2string | ||
385 | (oid, value, len, buf, sizeof_buf)) < 0) | ||
386 | { | ||
387 | MHD_gnutls_assert (); | ||
388 | goto cleanup; | ||
389 | } | ||
390 | return 0; | ||
391 | } | ||
392 | else | ||
393 | { | ||
394 | MHD_gnutls_assert (); | ||
395 | return GNUTLS_E_X509_UNSUPPORTED_ATTRIBUTE; | ||
396 | } | ||
397 | } | ||
398 | else | ||
399 | { /* raw!=0 */ | ||
400 | if (*sizeof_buf > (size_t) len) | ||
401 | { | ||
402 | *sizeof_buf = len; | ||
403 | memcpy (buf, value, len); | ||
404 | |||
405 | return 0; | ||
406 | } | ||
407 | else | ||
408 | { | ||
409 | *sizeof_buf = len; | ||
410 | MHD_gnutls_assert (); | ||
411 | return GNUTLS_E_SHORT_MEMORY_BUFFER; | ||
412 | } | ||
413 | } | ||
414 | } | ||
415 | |||
416 | } | ||
417 | while (1); | ||
418 | |||
419 | MHD_gnutls_assert (); | ||
420 | |||
421 | result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; | ||
422 | |||
423 | cleanup: | ||
424 | return result; | ||
425 | } | ||
426 | |||
427 | /** | ||
428 | * MHD_gnutls_x509_crq_get_challenge_password - This function will get the challenge password | ||
429 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
430 | * @pass: will hold a null terminated password | ||
431 | * @sizeof_pass: Initially holds the size of @pass. | ||
432 | * | ||
433 | * This function will return the challenge password in the | ||
434 | * request. | ||
435 | * | ||
436 | * Returns 0 on success. | ||
437 | * | ||
438 | **/ | ||
439 | int | ||
440 | MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq, | ||
441 | char *pass, size_t * sizeof_pass) | ||
442 | { | ||
443 | if (crq == NULL) | ||
444 | { | ||
445 | MHD_gnutls_assert (); | ||
446 | return GNUTLS_E_INVALID_REQUEST; | ||
447 | } | ||
448 | |||
449 | return parse_attribute (crq->crq, "certificationRequestInfo.attributes", | ||
450 | "1.2.840.113549.1.9.7", 0, 0, pass, sizeof_pass); | ||
451 | } | ||
452 | |||
453 | /** | ||
454 | * MHD_gnutls_x509_crq_set_attribute_by_oid - This function will set an attribute in the request | ||
455 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
456 | * @oid: holds an Object Identified in null terminated string | ||
457 | * @buf: a pointer to a structure that holds the attribute data | ||
458 | * @sizeof_buf: holds the size of @buf | ||
459 | * | ||
460 | * This function will set the attribute in the certificate request specified | ||
461 | * by the given Object ID. The attribute must be be DER encoded. | ||
462 | * | ||
463 | * Returns 0 on success. | ||
464 | * | ||
465 | **/ | ||
466 | int | ||
467 | MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | ||
468 | const char *oid, void *buf, | ||
469 | size_t sizeof_buf) | ||
470 | { | ||
471 | int result; | ||
472 | |||
473 | if (crq == NULL) | ||
474 | { | ||
475 | MHD_gnutls_assert (); | ||
476 | return GNUTLS_E_INVALID_REQUEST; | ||
477 | } | ||
478 | |||
479 | /* Add the attribute. | ||
480 | */ | ||
481 | result = | ||
482 | MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes", | ||
483 | "NEW", 1); | ||
484 | if (result != ASN1_SUCCESS) | ||
485 | { | ||
486 | MHD_gnutls_assert (); | ||
487 | return MHD_gtls_asn2err (result); | ||
488 | } | ||
489 | |||
490 | result = | ||
491 | MHD__gnutls_x509_encode_and_write_attribute (oid, | ||
492 | crq->crq, | ||
493 | "certificationRequestInfo.attributes.?LAST", | ||
494 | buf, sizeof_buf, 1); | ||
495 | |||
496 | if (result < 0) | ||
497 | { | ||
498 | MHD_gnutls_assert (); | ||
499 | return result; | ||
500 | } | ||
501 | |||
502 | return 0; | ||
503 | } | ||
504 | |||
505 | /** | ||
506 | * MHD_gnutls_x509_crq_get_attribute_by_oid - This function will get an attribute of the request | ||
507 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
508 | * @oid: holds an Object Identified in null terminated string | ||
509 | * @indx: In case multiple same OIDs exist in the attribute list, this specifies | ||
510 | * which to send. Use zero to get the first one. | ||
511 | * @buf: a pointer to a structure to hold the attribute data (may be null) | ||
512 | * @sizeof_buf: initially holds the size of @buf | ||
513 | * | ||
514 | * This function will return the attribute in the certificate request specified | ||
515 | * by the given Object ID. The attribute will be DER encoded. | ||
516 | * | ||
517 | * Returns 0 on success. | ||
518 | * | ||
519 | **/ | ||
520 | int | ||
521 | MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | ||
522 | const char *oid, int indx, | ||
523 | void *buf, size_t * sizeof_buf) | ||
524 | { | ||
525 | if (crq == NULL) | ||
526 | { | ||
527 | MHD_gnutls_assert (); | ||
528 | return GNUTLS_E_INVALID_REQUEST; | ||
529 | } | ||
530 | |||
531 | return parse_attribute (crq->crq, "certificationRequestInfo.attributes", | ||
532 | oid, indx, 1, buf, sizeof_buf); | ||
533 | } | ||
534 | |||
535 | /** | ||
536 | * MHD_gnutls_x509_crq_set_dn_by_oid - This function will set the Certificate request subject's distinguished name | ||
537 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
538 | * @oid: holds an Object Identifier in a null terminated string | ||
539 | * @raw_flag: must be 0, or 1 if the data are DER encoded | ||
540 | * @data: a pointer to the input data | ||
541 | * @sizeof_data: holds the size of @data | ||
542 | * | ||
543 | * This function will set the part of the name of the Certificate request subject, specified | ||
544 | * by the given OID. The input string should be ASCII or UTF-8 encoded. | ||
545 | * | ||
546 | * Some helper macros with popular OIDs can be found in gnutls/x509.h | ||
547 | * With this function you can only set the known OIDs. You can test | ||
548 | * for known OIDs using MHD_gnutls_x509_dn_oid_known(). For OIDs that are | ||
549 | * not known (by gnutls) you should properly DER encode your data, and | ||
550 | * call this function with raw_flag set. | ||
551 | * | ||
552 | * Returns 0 on success. | ||
553 | * | ||
554 | **/ | ||
555 | int | ||
556 | MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, | ||
557 | unsigned int raw_flag, const void *data, | ||
558 | unsigned int sizeof_data) | ||
559 | { | ||
560 | if (sizeof_data == 0 || data == NULL || crq == NULL) | ||
561 | { | ||
562 | return GNUTLS_E_INVALID_REQUEST; | ||
563 | } | ||
564 | |||
565 | return MHD__gnutls_x509_set_dn_oid (crq->crq, | ||
566 | "certificationRequestInfo.subject", oid, | ||
567 | raw_flag, data, sizeof_data); | ||
568 | } | ||
569 | |||
570 | /** | ||
571 | * MHD_gnutls_x509_crq_set_version - This function will set the Certificate request version | ||
572 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
573 | * @version: holds the version number. For v1 Requests must be 1. | ||
574 | * | ||
575 | * This function will set the version of the certificate request. For | ||
576 | * version 1 requests this must be one. | ||
577 | * | ||
578 | * Returns 0 on success. | ||
579 | * | ||
580 | **/ | ||
581 | int | ||
582 | MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, | ||
583 | unsigned int version) | ||
584 | { | ||
585 | int result; | ||
586 | unsigned char null = version; | ||
587 | |||
588 | if (crq == NULL) | ||
589 | { | ||
590 | MHD_gnutls_assert (); | ||
591 | return GNUTLS_E_INVALID_REQUEST; | ||
592 | } | ||
593 | |||
594 | if (null > 0) | ||
595 | null--; | ||
596 | |||
597 | result = | ||
598 | MHD__asn1_write_value (crq->crq, "certificationRequestInfo.version", | ||
599 | &null, 1); | ||
600 | if (result != ASN1_SUCCESS) | ||
601 | { | ||
602 | MHD_gnutls_assert (); | ||
603 | return MHD_gtls_asn2err (result); | ||
604 | } | ||
605 | |||
606 | return 0; | ||
607 | } | ||
608 | |||
609 | /** | ||
610 | * MHD_gnutls_x509_crq_get_version - This function returns the Certificate request's version number | ||
611 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
612 | * | ||
613 | * This function will return the version of the specified Certificate request. | ||
614 | * | ||
615 | * Returns a negative value on error. | ||
616 | * | ||
617 | **/ | ||
618 | int | ||
619 | MHD_gnutls_x509_crq_get_version (MHD_gnutls_x509_crq_t crq) | ||
620 | { | ||
621 | opaque version[5]; | ||
622 | int len, result; | ||
623 | |||
624 | if (crq == NULL) | ||
625 | { | ||
626 | MHD_gnutls_assert (); | ||
627 | return GNUTLS_E_INVALID_REQUEST; | ||
628 | } | ||
629 | |||
630 | len = sizeof (version); | ||
631 | if ((result = | ||
632 | MHD__asn1_read_value (crq->crq, "certificationRequestInfo.version", | ||
633 | version, &len)) != ASN1_SUCCESS) | ||
634 | { | ||
635 | |||
636 | if (result == ASN1_ELEMENT_NOT_FOUND) | ||
637 | return 1; /* the DEFAULT version */ | ||
638 | MHD_gnutls_assert (); | ||
639 | return MHD_gtls_asn2err (result); | ||
640 | } | ||
641 | |||
642 | return (int) version[0] + 1; | ||
643 | } | ||
644 | |||
645 | /** | ||
646 | * MHD_gnutls_x509_crq_set_key - This function will associate the Certificate request with a key | ||
647 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
648 | * @key: holds a private key | ||
649 | * | ||
650 | * This function will set the public parameters from the given private key to the | ||
651 | * request. Only RSA keys are currently supported. | ||
652 | * | ||
653 | * Returns 0 on success. | ||
654 | * | ||
655 | **/ | ||
656 | int | ||
657 | MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, | ||
658 | MHD_gnutls_x509_privkey_t key) | ||
659 | { | ||
660 | int result; | ||
661 | |||
662 | if (crq == NULL) | ||
663 | { | ||
664 | MHD_gnutls_assert (); | ||
665 | return GNUTLS_E_INVALID_REQUEST; | ||
666 | } | ||
667 | |||
668 | result = MHD__gnutls_x509_encode_and_copy_PKI_params (crq->crq, | ||
669 | "certificationRequestInfo.subjectPKInfo", | ||
670 | key->pk_algorithm, | ||
671 | key->params, | ||
672 | key->params_size); | ||
673 | |||
674 | if (result < 0) | ||
675 | { | ||
676 | MHD_gnutls_assert (); | ||
677 | return result; | ||
678 | } | ||
679 | |||
680 | return 0; | ||
681 | } | ||
682 | |||
683 | /** | ||
684 | * MHD_gnutls_x509_crq_set_challenge_password - This function will set a challenge password | ||
685 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
686 | * @pass: holds a null terminated password | ||
687 | * | ||
688 | * This function will set a challenge password to be used when revoking the request. | ||
689 | * | ||
690 | * Returns 0 on success. | ||
691 | * | ||
692 | **/ | ||
693 | int | ||
694 | MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, | ||
695 | const char *pass) | ||
696 | { | ||
697 | int result; | ||
698 | |||
699 | if (crq == NULL) | ||
700 | { | ||
701 | MHD_gnutls_assert (); | ||
702 | return GNUTLS_E_INVALID_REQUEST; | ||
703 | } | ||
704 | |||
705 | /* Add the attribute. | ||
706 | */ | ||
707 | result = | ||
708 | MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes", | ||
709 | "NEW", 1); | ||
710 | if (result != ASN1_SUCCESS) | ||
711 | { | ||
712 | MHD_gnutls_assert (); | ||
713 | return MHD_gtls_asn2err (result); | ||
714 | } | ||
715 | |||
716 | result = | ||
717 | MHD__gnutls_x509_encode_and_write_attribute ("1.2.840.113549.1.9.7", | ||
718 | crq->crq, | ||
719 | "certificationRequestInfo.attributes.?LAST", | ||
720 | pass, strlen (pass), 1); | ||
721 | |||
722 | if (result < 0) | ||
723 | { | ||
724 | MHD_gnutls_assert (); | ||
725 | return result; | ||
726 | } | ||
727 | |||
728 | return 0; | ||
729 | } | ||
730 | |||
731 | /** | ||
732 | * MHD_gnutls_x509_crq_sign2 - This function will sign a Certificate request with a key | ||
733 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
734 | * @key: holds a private key | ||
735 | * @dig: The message digest to use. GNUTLS_DIG_SHA1 is the safe choice unless you know what you're doing. | ||
736 | * @flags: must be 0 | ||
737 | * | ||
738 | * This function will sign the certificate request with a private key. | ||
739 | * This must be the same key as the one used in MHD_gnutls_x509_crt_set_key() since a | ||
740 | * certificate request is self signed. | ||
741 | * | ||
742 | * This must be the last step in a certificate request generation since all | ||
743 | * the previously set parameters are now signed. | ||
744 | * | ||
745 | * Returns 0 on success. | ||
746 | * | ||
747 | **/ | ||
748 | int | ||
749 | MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, | ||
750 | MHD_gnutls_x509_privkey_t key, | ||
751 | enum MHD_GNUTLS_HashAlgorithm dig, | ||
752 | unsigned int flags) | ||
753 | { | ||
754 | int result; | ||
755 | MHD_gnutls_datum_t signature; | ||
756 | |||
757 | if (crq == NULL) | ||
758 | { | ||
759 | MHD_gnutls_assert (); | ||
760 | return GNUTLS_E_INVALID_REQUEST; | ||
761 | } | ||
762 | |||
763 | /* Step 1. Self sign the request. | ||
764 | */ | ||
765 | result = | ||
766 | MHD__gnutls_x509_sign_tbs (crq->crq, "certificationRequestInfo", | ||
767 | dig, key, &signature); | ||
768 | |||
769 | if (result < 0) | ||
770 | { | ||
771 | MHD_gnutls_assert (); | ||
772 | return result; | ||
773 | } | ||
774 | |||
775 | /* Step 2. write the signature (bits) | ||
776 | */ | ||
777 | result = | ||
778 | MHD__asn1_write_value (crq->crq, "signature", signature.data, | ||
779 | signature.size * 8); | ||
780 | |||
781 | MHD__gnutls_free_datum (&signature); | ||
782 | |||
783 | if (result != ASN1_SUCCESS) | ||
784 | { | ||
785 | MHD_gnutls_assert (); | ||
786 | return MHD_gtls_asn2err (result); | ||
787 | } | ||
788 | |||
789 | /* Step 3. Write the signatureAlgorithm field. | ||
790 | */ | ||
791 | result = MHD__gnutls_x509_write_sig_params (crq->crq, "signatureAlgorithm", | ||
792 | key->pk_algorithm, dig, | ||
793 | key->params, key->params_size); | ||
794 | if (result < 0) | ||
795 | { | ||
796 | MHD_gnutls_assert (); | ||
797 | return result; | ||
798 | } | ||
799 | |||
800 | return 0; | ||
801 | } | ||
802 | |||
803 | /** | ||
804 | * MHD_gnutls_x509_crq_sign - This function will sign a Certificate request with a key | ||
805 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
806 | * @key: holds a private key | ||
807 | * | ||
808 | * This function is the same a MHD_gnutls_x509_crq_sign2() with no flags, and | ||
809 | * SHA1 as the hash algorithm. | ||
810 | * | ||
811 | * Returns 0 on success. | ||
812 | * | ||
813 | **/ | ||
814 | int | ||
815 | MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, | ||
816 | MHD_gnutls_x509_privkey_t key) | ||
817 | { | ||
818 | return MHD_gnutls_x509_crq_sign2 (crq, key, MHD_GNUTLS_MAC_SHA1, 0); | ||
819 | } | ||
820 | |||
821 | /** | ||
822 | * MHD_gnutls_x509_crq_export - Export the generated certificate request | ||
823 | * @crq: Holds the request | ||
824 | * @format: the format of output params. One of PEM or DER. | ||
825 | * @output_data: will contain a certificate request PEM or DER encoded | ||
826 | * @output_data_size: holds the size of output_data (and will be | ||
827 | * replaced by the actual size of parameters) | ||
828 | * | ||
829 | * This function will export the certificate request to a PKCS10 | ||
830 | * | ||
831 | * If the buffer provided is not long enough to hold the output, then | ||
832 | * GNUTLS_E_SHORT_MEMORY_BUFFER will be returned and | ||
833 | * *output_data_size will be updated. | ||
834 | * | ||
835 | * If the structure is PEM encoded, it will have a header of "BEGIN | ||
836 | * NEW CERTIFICATE REQUEST". | ||
837 | * | ||
838 | * Return value: In case of failure a negative value will be | ||
839 | * returned, and 0 on success. | ||
840 | * | ||
841 | **/ | ||
842 | int | ||
843 | MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, | ||
844 | MHD_gnutls_x509_crt_fmt_t format, | ||
845 | void *output_data, size_t * output_data_size) | ||
846 | { | ||
847 | if (crq == NULL) | ||
848 | { | ||
849 | MHD_gnutls_assert (); | ||
850 | return GNUTLS_E_INVALID_REQUEST; | ||
851 | } | ||
852 | |||
853 | return MHD__gnutls_x509_export_int (crq->crq, format, PEM_CRQ, | ||
854 | output_data, output_data_size); | ||
855 | } | ||
856 | |||
857 | /** | ||
858 | * MHD_gnutls_x509_crq_get_pk_algorithm - This function returns the certificate request's PublicKey algorithm | ||
859 | * @crq: should contain a MHD_gnutls_x509_crq_t structure | ||
860 | * @bits: if bits is non null it will hold the size of the parameters' in bits | ||
861 | * | ||
862 | * This function will return the public key algorithm of a PKCS \#10 | ||
863 | * certificate request. | ||
864 | * | ||
865 | * If bits is non null, it should have enough size to hold the parameters | ||
866 | * size in bits. For RSA the bits returned is the modulus. | ||
867 | * For DSA the bits returned are of the public | ||
868 | * exponent. | ||
869 | * | ||
870 | * Returns a member of the enum MHD_GNUTLS_PublicKeyAlgorithm enumeration on success, | ||
871 | * or a negative value on error. | ||
872 | * | ||
873 | **/ | ||
874 | int | ||
875 | MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, | ||
876 | unsigned int *bits) | ||
877 | { | ||
878 | int result; | ||
879 | |||
880 | if (crq == NULL) | ||
881 | { | ||
882 | MHD_gnutls_assert (); | ||
883 | return GNUTLS_E_INVALID_REQUEST; | ||
884 | } | ||
885 | |||
886 | result = | ||
887 | MHD__gnutls_x509_get_pk_algorithm (crq->crq, | ||
888 | "certificationRequestInfo.subjectPKInfo", | ||
889 | bits); | ||
890 | if (result < 0) | ||
891 | { | ||
892 | MHD_gnutls_assert (); | ||
893 | } | ||
894 | |||
895 | return result; | ||
896 | } | ||
897 | |||
898 | #endif /* ENABLE_PKI */ | ||
diff --git a/src/daemon/https/x509/crq.h b/src/daemon/https/x509/crq.h deleted file mode 100644 index 661701bd..00000000 --- a/src/daemon/https/x509/crq.h +++ /dev/null | |||
@@ -1,30 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2003, 2004, 2005 Free Software Foundation | ||
3 | * | ||
4 | * Author: Nikos Mavrogiannopoulos | ||
5 | * | ||
6 | * This file is part of GNUTLS. | ||
7 | * | ||
8 | * The GNUTLS library is free software; you can redistribute it and/or | ||
9 | * modify it under the terms of the GNU Lesser General Public License | ||
10 | * as published by the Free Software Foundation; either version 2.1 of | ||
11 | * the License, or (at your option) any later version. | ||
12 | * | ||
13 | * This library is distributed in the hope that it will be useful, but | ||
14 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
16 | * Lesser General Public License for more details. | ||
17 | * | ||
18 | * You should have received a copy of the GNU Lesser General Public | ||
19 | * License along with this library; if not, write to the Free Software | ||
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, | ||
21 | * USA | ||
22 | * | ||
23 | */ | ||
24 | |||
25 | #include <x509.h> | ||
26 | |||
27 | typedef struct MHD_gnutls_x509_crq_int | ||
28 | { | ||
29 | ASN1_TYPE crq; | ||
30 | } MHD_gnutls_x509_crq_int; | ||
diff --git a/src/daemon/https/x509/dn.c b/src/daemon/https/x509/dn.c index 17b4ed76..fb4fa57e 100644 --- a/src/daemon/https/x509/dn.c +++ b/src/daemon/https/x509/dn.c | |||
@@ -518,618 +518,6 @@ cleanup: | |||
518 | return result; | 518 | return result; |
519 | } | 519 | } |
520 | 520 | ||
521 | |||
522 | /* Parses an X509 DN in the MHD__asn1_struct, and returns the requested | ||
523 | * DN OID. | ||
524 | * | ||
525 | * MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer.rdnSequence". | ||
526 | * That is to point in the rndSequence. | ||
527 | * | ||
528 | * indx specifies which OID to return. Ie 0 means return the first specified | ||
529 | * OID found, 1 the second etc. | ||
530 | */ | ||
531 | int | ||
532 | MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, | ||
533 | const char *MHD__asn1_rdn_name, | ||
534 | int indx, void *_oid, size_t * sizeof_oid) | ||
535 | { | ||
536 | int k2, k1, result; | ||
537 | char tmpbuffer1[MAX_NAME_SIZE]; | ||
538 | char tmpbuffer2[MAX_NAME_SIZE]; | ||
539 | char tmpbuffer3[MAX_NAME_SIZE]; | ||
540 | char value[256]; | ||
541 | char oid[128]; | ||
542 | int len; | ||
543 | int i = 0; | ||
544 | |||
545 | k1 = 0; | ||
546 | do | ||
547 | { | ||
548 | |||
549 | k1++; | ||
550 | /* create a string like "tbsCertList.issuer.rdnSequence.?1" | ||
551 | */ | ||
552 | if (MHD__asn1_rdn_name[0] != 0) | ||
553 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", | ||
554 | MHD__asn1_rdn_name, k1); | ||
555 | else | ||
556 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); | ||
557 | |||
558 | len = sizeof (value) - 1; | ||
559 | result = | ||
560 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | ||
561 | |||
562 | if (result == ASN1_ELEMENT_NOT_FOUND) | ||
563 | { | ||
564 | MHD_gnutls_assert (); | ||
565 | break; | ||
566 | } | ||
567 | |||
568 | if (result != ASN1_VALUE_NOT_FOUND) | ||
569 | { | ||
570 | MHD_gnutls_assert (); | ||
571 | result = MHD_gtls_asn2err (result); | ||
572 | goto cleanup; | ||
573 | } | ||
574 | |||
575 | k2 = 0; | ||
576 | |||
577 | do | ||
578 | { /* Move to the attibute type and values | ||
579 | */ | ||
580 | k2++; | ||
581 | |||
582 | if (tmpbuffer1[0] != 0) | ||
583 | snprintf (tmpbuffer2, sizeof (tmpbuffer2), "%s.?%u", tmpbuffer1, | ||
584 | k2); | ||
585 | else | ||
586 | snprintf (tmpbuffer2, sizeof (tmpbuffer2), "?%u", k2); | ||
587 | |||
588 | /* Try to read the RelativeDistinguishedName attributes. | ||
589 | */ | ||
590 | |||
591 | len = sizeof (value) - 1; | ||
592 | result = | ||
593 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); | ||
594 | |||
595 | if (result == ASN1_ELEMENT_NOT_FOUND) | ||
596 | { | ||
597 | break; | ||
598 | } | ||
599 | if (result != ASN1_VALUE_NOT_FOUND) | ||
600 | { | ||
601 | MHD_gnutls_assert (); | ||
602 | result = MHD_gtls_asn2err (result); | ||
603 | goto cleanup; | ||
604 | } | ||
605 | |||
606 | /* Read the OID | ||
607 | */ | ||
608 | MHD_gtls_str_cpy (tmpbuffer3, sizeof (tmpbuffer3), tmpbuffer2); | ||
609 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); | ||
610 | |||
611 | len = sizeof (oid) - 1; | ||
612 | result = | ||
613 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); | ||
614 | |||
615 | if (result == ASN1_ELEMENT_NOT_FOUND) | ||
616 | break; | ||
617 | else if (result != ASN1_SUCCESS) | ||
618 | { | ||
619 | MHD_gnutls_assert (); | ||
620 | result = MHD_gtls_asn2err (result); | ||
621 | goto cleanup; | ||
622 | } | ||
623 | |||
624 | if (indx == i++) | ||
625 | { /* Found the OID */ | ||
626 | |||
627 | len = strlen (oid) + 1; | ||
628 | |||
629 | if (*sizeof_oid < (unsigned) len) | ||
630 | { | ||
631 | *sizeof_oid = len; | ||
632 | MHD_gnutls_assert (); | ||
633 | return GNUTLS_E_SHORT_MEMORY_BUFFER; | ||
634 | } | ||
635 | |||
636 | memcpy (_oid, oid, len); | ||
637 | *sizeof_oid = len - 1; | ||
638 | |||
639 | return 0; | ||
640 | } | ||
641 | } | ||
642 | while (1); | ||
643 | |||
644 | } | ||
645 | while (1); | ||
646 | |||
647 | MHD_gnutls_assert (); | ||
648 | |||
649 | result = GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE; | ||
650 | |||
651 | cleanup: | ||
652 | return result; | ||
653 | } | ||
654 | |||
655 | /* This will encode and write the AttributeTypeAndValue field. | ||
656 | * 'multi' must be zero if writing an AttributeTypeAndValue, and 1 if Attribute. | ||
657 | * In all cases only one value is written. | ||
658 | */ | ||
659 | int | ||
660 | MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, | ||
661 | ASN1_TYPE MHD__asn1_struct, | ||
662 | const char *where, | ||
663 | const void *_data, | ||
664 | int sizeof_data, int multi) | ||
665 | { | ||
666 | const char *val_name; | ||
667 | const opaque *data = _data; | ||
668 | char tmp[128]; | ||
669 | ASN1_TYPE c2; | ||
670 | int result; | ||
671 | |||
672 | |||
673 | /* Find how to encode the data. | ||
674 | */ | ||
675 | val_name = | ||
676 | MHD__asn1_find_structure_from_oid (MHD__gnutls_get_pkix (), given_oid); | ||
677 | if (val_name == NULL) | ||
678 | { | ||
679 | MHD_gnutls_assert (); | ||
680 | return GNUTLS_E_X509_UNSUPPORTED_OID; | ||
681 | } | ||
682 | |||
683 | MHD_gtls_str_cpy (tmp, sizeof (tmp), "PKIX1."); | ||
684 | MHD_gtls_str_cat (tmp, sizeof (tmp), val_name); | ||
685 | |||
686 | result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), tmp, &c2); | ||
687 | if (result != ASN1_SUCCESS) | ||
688 | { | ||
689 | MHD_gnutls_assert (); | ||
690 | return MHD_gtls_asn2err (result); | ||
691 | } | ||
692 | |||
693 | tmp[0] = 0; | ||
694 | |||
695 | if ((result = MHD__gnutls_x509_oid_data_choice (given_oid)) > 0) | ||
696 | { | ||
697 | char *string_type; | ||
698 | int i; | ||
699 | |||
700 | string_type = "printableString"; | ||
701 | |||
702 | /* Check if the data is plain ascii, and use | ||
703 | * the UTF8 string type if not. | ||
704 | */ | ||
705 | for (i = 0; i < sizeof_data; i++) | ||
706 | { | ||
707 | if (!isascii (data[i])) | ||
708 | { | ||
709 | string_type = "utf8String"; | ||
710 | break; | ||
711 | } | ||
712 | } | ||
713 | |||
714 | /* if the type is a CHOICE then write the | ||
715 | * type we'll use. | ||
716 | */ | ||
717 | result = MHD__asn1_write_value (c2, "", string_type, 1); | ||
718 | if (result != ASN1_SUCCESS) | ||
719 | { | ||
720 | MHD_gnutls_assert (); | ||
721 | MHD__asn1_delete_structure (&c2); | ||
722 | return MHD_gtls_asn2err (result); | ||
723 | } | ||
724 | |||
725 | MHD_gtls_str_cpy (tmp, sizeof (tmp), string_type); | ||
726 | } | ||
727 | |||
728 | result = MHD__asn1_write_value (c2, tmp, data, sizeof_data); | ||
729 | if (result != ASN1_SUCCESS) | ||
730 | { | ||
731 | MHD_gnutls_assert (); | ||
732 | MHD__asn1_delete_structure (&c2); | ||
733 | return MHD_gtls_asn2err (result); | ||
734 | } | ||
735 | |||
736 | |||
737 | /* write the data (value) | ||
738 | */ | ||
739 | |||
740 | MHD_gtls_str_cpy (tmp, sizeof (tmp), where); | ||
741 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".value"); | ||
742 | |||
743 | if (multi != 0) | ||
744 | { /* if not writing an AttributeTypeAndValue, but an Attribute */ | ||
745 | MHD_gtls_str_cat (tmp, sizeof (tmp), "s"); /* values */ | ||
746 | |||
747 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1); | ||
748 | if (result != ASN1_SUCCESS) | ||
749 | { | ||
750 | MHD_gnutls_assert (); | ||
751 | return MHD_gtls_asn2err (result); | ||
752 | } | ||
753 | |||
754 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST"); | ||
755 | |||
756 | } | ||
757 | |||
758 | result = | ||
759 | MHD__gnutls_x509_der_encode_and_copy (c2, "", MHD__asn1_struct, tmp, 0); | ||
760 | if (result < 0) | ||
761 | { | ||
762 | MHD_gnutls_assert (); | ||
763 | return result; | ||
764 | } | ||
765 | |||
766 | /* write the type | ||
767 | */ | ||
768 | MHD_gtls_str_cpy (tmp, sizeof (tmp), where); | ||
769 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".type"); | ||
770 | |||
771 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1); | ||
772 | if (result != ASN1_SUCCESS) | ||
773 | { | ||
774 | MHD_gnutls_assert (); | ||
775 | return MHD_gtls_asn2err (result); | ||
776 | } | ||
777 | |||
778 | return 0; | ||
779 | } | ||
780 | |||
781 | /* This will write the AttributeTypeAndValue field. The data must be already DER encoded. | ||
782 | * In all cases only one value is written. | ||
783 | */ | ||
784 | static int | ||
785 | MHD__gnutls_x509_write_attribute (const char *given_oid, | ||
786 | ASN1_TYPE MHD__asn1_struct, | ||
787 | const char *where, const void *_data, | ||
788 | int sizeof_data) | ||
789 | { | ||
790 | char tmp[128]; | ||
791 | int result; | ||
792 | |||
793 | /* write the data (value) | ||
794 | */ | ||
795 | |||
796 | MHD_gtls_str_cpy (tmp, sizeof (tmp), where); | ||
797 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".value"); | ||
798 | |||
799 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, _data, sizeof_data); | ||
800 | if (result < 0) | ||
801 | { | ||
802 | MHD_gnutls_assert (); | ||
803 | return MHD_gtls_asn2err (result); | ||
804 | } | ||
805 | |||
806 | /* write the type | ||
807 | */ | ||
808 | MHD_gtls_str_cpy (tmp, sizeof (tmp), where); | ||
809 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".type"); | ||
810 | |||
811 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, given_oid, 1); | ||
812 | if (result != ASN1_SUCCESS) | ||
813 | { | ||
814 | MHD_gnutls_assert (); | ||
815 | return MHD_gtls_asn2err (result); | ||
816 | } | ||
817 | |||
818 | return 0; | ||
819 | } | ||
820 | |||
821 | |||
822 | /* Decodes an X.509 Attribute (if multi==1) or an AttributeTypeAndValue | ||
823 | * otherwise. | ||
824 | * | ||
825 | * octet_string should be non zero if we are to decode octet strings after | ||
826 | * decoding. | ||
827 | * | ||
828 | * The output is allocated and stored in value. | ||
829 | */ | ||
830 | int | ||
831 | MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, | ||
832 | const char *where, char *oid, | ||
833 | int oid_size, | ||
834 | MHD_gnutls_datum_t * value, | ||
835 | int multi, int octet_string) | ||
836 | { | ||
837 | char tmpbuffer[128]; | ||
838 | int len, result; | ||
839 | |||
840 | /* Read the OID | ||
841 | */ | ||
842 | MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where); | ||
843 | MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".type"); | ||
844 | |||
845 | len = oid_size - 1; | ||
846 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer, oid, &len); | ||
847 | |||
848 | if (result != ASN1_SUCCESS) | ||
849 | { | ||
850 | MHD_gnutls_assert (); | ||
851 | result = MHD_gtls_asn2err (result); | ||
852 | return result; | ||
853 | } | ||
854 | |||
855 | /* Read the Value | ||
856 | */ | ||
857 | |||
858 | MHD_gtls_str_cpy (tmpbuffer, sizeof (tmpbuffer), where); | ||
859 | MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), ".value"); | ||
860 | |||
861 | if (multi) | ||
862 | MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), "s.?1"); /* .values.?1 */ | ||
863 | |||
864 | result = | ||
865 | MHD__gnutls_x509_read_value (MHD__asn1_struct, tmpbuffer, value, | ||
866 | octet_string); | ||
867 | if (result < 0) | ||
868 | { | ||
869 | MHD_gnutls_assert (); | ||
870 | return result; | ||
871 | } | ||
872 | |||
873 | return 0; | ||
874 | |||
875 | } | ||
876 | |||
877 | /* Sets an X509 DN in the MHD__asn1_struct, and puts the given OID in the DN. | ||
878 | * The input is assumed to be raw data. | ||
879 | * | ||
880 | * MHD__asn1_rdn_name must be a string in the form "tbsCertificate.issuer". | ||
881 | * That is to point before the rndSequence. | ||
882 | * | ||
883 | */ | ||
884 | int | ||
885 | MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, | ||
886 | const char *MHD__asn1_name, | ||
887 | const char *given_oid, int raw_flag, | ||
888 | const char *name, int sizeof_name) | ||
889 | { | ||
890 | int result; | ||
891 | char tmp[MAX_NAME_SIZE], MHD__asn1_rdn_name[MAX_NAME_SIZE]; | ||
892 | |||
893 | if (sizeof_name == 0 || name == NULL) | ||
894 | { | ||
895 | MHD_gnutls_assert (); | ||
896 | return GNUTLS_E_INVALID_REQUEST; | ||
897 | } | ||
898 | |||
899 | /* create the rdnSequence | ||
900 | */ | ||
901 | result = | ||
902 | MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_name, "rdnSequence", | ||
903 | 1); | ||
904 | if (result != ASN1_SUCCESS) | ||
905 | { | ||
906 | MHD_gnutls_assert (); | ||
907 | return MHD_gtls_asn2err (result); | ||
908 | } | ||
909 | |||
910 | MHD_gtls_str_cpy (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), | ||
911 | MHD__asn1_name); | ||
912 | MHD_gtls_str_cat (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), | ||
913 | ".rdnSequence"); | ||
914 | |||
915 | /* create a new element | ||
916 | */ | ||
917 | result = | ||
918 | MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_rdn_name, "NEW", 1); | ||
919 | if (result != ASN1_SUCCESS) | ||
920 | { | ||
921 | MHD_gnutls_assert (); | ||
922 | return MHD_gtls_asn2err (result); | ||
923 | } | ||
924 | |||
925 | MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name); | ||
926 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST"); | ||
927 | |||
928 | /* create the set with only one element | ||
929 | */ | ||
930 | result = MHD__asn1_write_value (MHD__asn1_struct, tmp, "NEW", 1); | ||
931 | if (result != ASN1_SUCCESS) | ||
932 | { | ||
933 | MHD_gnutls_assert (); | ||
934 | return MHD_gtls_asn2err (result); | ||
935 | } | ||
936 | |||
937 | |||
938 | /* Encode and write the data | ||
939 | */ | ||
940 | MHD_gtls_str_cpy (tmp, sizeof (tmp), MHD__asn1_rdn_name); | ||
941 | MHD_gtls_str_cat (tmp, sizeof (tmp), ".?LAST.?LAST"); | ||
942 | |||
943 | if (!raw_flag) | ||
944 | { | ||
945 | result = | ||
946 | MHD__gnutls_x509_encode_and_write_attribute (given_oid, | ||
947 | MHD__asn1_struct, | ||
948 | tmp, name, sizeof_name, | ||
949 | 0); | ||
950 | } | ||
951 | else | ||
952 | { | ||
953 | result = | ||
954 | MHD__gnutls_x509_write_attribute (given_oid, MHD__asn1_struct, | ||
955 | tmp, name, sizeof_name); | ||
956 | } | ||
957 | |||
958 | if (result < 0) | ||
959 | { | ||
960 | MHD_gnutls_assert (); | ||
961 | return result; | ||
962 | } | ||
963 | |||
964 | return 0; | ||
965 | } | ||
966 | |||
967 | |||
968 | /** | ||
969 | * MHD_gnutls_x509_rdn_get - This function parses an RDN sequence and returns a string | ||
970 | * @idn: should contain a DER encoded RDN sequence | ||
971 | * @buf: a pointer to a structure to hold the peer's name | ||
972 | * @sizeof_buf: holds the size of @buf | ||
973 | * | ||
974 | * This function will return the name of the given RDN sequence. The | ||
975 | * name will be in the form "C=xxxx,O=yyyy,CN=zzzz" as described in | ||
976 | * RFC2253. | ||
977 | * | ||
978 | * If the provided buffer is not long enough, returns | ||
979 | * GNUTLS_E_SHORT_MEMORY_BUFFER and *sizeof_buf will be updated. On | ||
980 | * success 0 is returned. | ||
981 | * | ||
982 | **/ | ||
983 | int | ||
984 | MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, | ||
985 | char *buf, size_t * sizeof_buf) | ||
986 | { | ||
987 | int result; | ||
988 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; | ||
989 | |||
990 | if (sizeof_buf == 0) | ||
991 | { | ||
992 | MHD_gnutls_assert (); | ||
993 | return GNUTLS_E_INVALID_REQUEST; | ||
994 | } | ||
995 | |||
996 | if (buf) | ||
997 | buf[0] = 0; | ||
998 | |||
999 | |||
1000 | if ((result = | ||
1001 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | ||
1002 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) | ||
1003 | { | ||
1004 | MHD_gnutls_assert (); | ||
1005 | return MHD_gtls_asn2err (result); | ||
1006 | } | ||
1007 | |||
1008 | result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL); | ||
1009 | if (result != ASN1_SUCCESS) | ||
1010 | { | ||
1011 | /* couldn't decode DER */ | ||
1012 | MHD_gnutls_assert (); | ||
1013 | MHD__asn1_delete_structure (&dn); | ||
1014 | return MHD_gtls_asn2err (result); | ||
1015 | } | ||
1016 | |||
1017 | result = MHD__gnutls_x509_parse_dn (dn, "rdnSequence", buf, sizeof_buf); | ||
1018 | |||
1019 | MHD__asn1_delete_structure (&dn); | ||
1020 | return result; | ||
1021 | |||
1022 | } | ||
1023 | |||
1024 | /** | ||
1025 | * MHD_gnutls_x509_rdn_get_by_oid - This function parses an RDN sequence and returns a string | ||
1026 | * @idn: should contain a DER encoded RDN sequence | ||
1027 | * @oid: an Object Identifier | ||
1028 | * @indx: In case multiple same OIDs exist in the RDN indicates which | ||
1029 | * to send. Use 0 for the first one. | ||
1030 | * @raw_flag: If non zero then the raw DER data are returned. | ||
1031 | * @buf: a pointer to a structure to hold the peer's name | ||
1032 | * @sizeof_buf: holds the size of @buf | ||
1033 | * | ||
1034 | * This function will return the name of the given Object identifier, | ||
1035 | * of the RDN sequence. The name will be encoded using the rules | ||
1036 | * from RFC2253. | ||
1037 | * | ||
1038 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if | ||
1039 | * the provided buffer is not long enough, and 0 on success. | ||
1040 | * | ||
1041 | **/ | ||
1042 | int | ||
1043 | MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, | ||
1044 | const char *oid, int indx, | ||
1045 | unsigned int raw_flag, void *buf, | ||
1046 | size_t * sizeof_buf) | ||
1047 | { | ||
1048 | int result; | ||
1049 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; | ||
1050 | |||
1051 | if (sizeof_buf == 0) | ||
1052 | { | ||
1053 | return GNUTLS_E_INVALID_REQUEST; | ||
1054 | } | ||
1055 | |||
1056 | if ((result = | ||
1057 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | ||
1058 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) | ||
1059 | { | ||
1060 | MHD_gnutls_assert (); | ||
1061 | return MHD_gtls_asn2err (result); | ||
1062 | } | ||
1063 | |||
1064 | result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL); | ||
1065 | if (result != ASN1_SUCCESS) | ||
1066 | { | ||
1067 | /* couldn't decode DER */ | ||
1068 | MHD_gnutls_assert (); | ||
1069 | MHD__asn1_delete_structure (&dn); | ||
1070 | return MHD_gtls_asn2err (result); | ||
1071 | } | ||
1072 | |||
1073 | result = | ||
1074 | MHD__gnutls_x509_parse_dn_oid (dn, "rdnSequence", oid, indx, | ||
1075 | raw_flag, buf, sizeof_buf); | ||
1076 | |||
1077 | MHD__asn1_delete_structure (&dn); | ||
1078 | return result; | ||
1079 | |||
1080 | } | ||
1081 | |||
1082 | /** | ||
1083 | * MHD_gnutls_x509_rdn_get_oid - This function parses an RDN sequence and returns an OID. | ||
1084 | * @idn: should contain a DER encoded RDN sequence | ||
1085 | * @indx: Indicates which OID to return. Use 0 for the first one. | ||
1086 | * @oid: a pointer to a structure to hold the peer's name OID | ||
1087 | * @sizeof_oid: holds the size of @oid | ||
1088 | * | ||
1089 | * This function will return the specified Object identifier, of the | ||
1090 | * RDN sequence. | ||
1091 | * | ||
1092 | * Returns GNUTLS_E_SHORT_MEMORY_BUFFER and updates *sizeof_buf if | ||
1093 | * the provided buffer is not long enough, and 0 on success. | ||
1094 | * | ||
1095 | **/ | ||
1096 | int | ||
1097 | MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, | ||
1098 | int indx, void *buf, size_t * sizeof_buf) | ||
1099 | { | ||
1100 | int result; | ||
1101 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; | ||
1102 | |||
1103 | if (sizeof_buf == 0) | ||
1104 | { | ||
1105 | return GNUTLS_E_INVALID_REQUEST; | ||
1106 | } | ||
1107 | |||
1108 | if ((result = | ||
1109 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | ||
1110 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) | ||
1111 | { | ||
1112 | MHD_gnutls_assert (); | ||
1113 | return MHD_gtls_asn2err (result); | ||
1114 | } | ||
1115 | |||
1116 | result = MHD__asn1_der_decoding (&dn, idn->data, idn->size, NULL); | ||
1117 | if (result != ASN1_SUCCESS) | ||
1118 | { | ||
1119 | /* couldn't decode DER */ | ||
1120 | MHD_gnutls_assert (); | ||
1121 | MHD__asn1_delete_structure (&dn); | ||
1122 | return MHD_gtls_asn2err (result); | ||
1123 | } | ||
1124 | |||
1125 | result = | ||
1126 | MHD__gnutls_x509_get_dn_oid (dn, "rdnSequence", indx, buf, sizeof_buf); | ||
1127 | |||
1128 | MHD__asn1_delete_structure (&dn); | ||
1129 | return result; | ||
1130 | |||
1131 | } | ||
1132 | |||
1133 | /* | 521 | /* |
1134 | * Compares the DER encoded part of a DN. | 522 | * Compares the DER encoded part of a DN. |
1135 | * | 523 | * |
diff --git a/src/daemon/https/x509/dn.h b/src/daemon/https/x509/dn.h index a0c6ac45..cc226871 100644 --- a/src/daemon/https/x509/dn.h +++ b/src/daemon/https/x509/dn.h | |||
@@ -47,14 +47,6 @@ int MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
47 | unsigned int raw_flag, void *buf, | 47 | unsigned int raw_flag, void *buf, |
48 | size_t * sizeof_buf); | 48 | size_t * sizeof_buf); |
49 | 49 | ||
50 | int MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, | ||
51 | const char *MHD__asn1_rdn_name, | ||
52 | const char *oid, int raw_flag, | ||
53 | const char *name, int sizeof_name); | ||
54 | |||
55 | int MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, | ||
56 | const char *MHD__asn1_rdn_name, | ||
57 | int indx, void *_oid, size_t * sizeof_oid); | ||
58 | 50 | ||
59 | 51 | ||
60 | #endif | 52 | #endif |
diff --git a/src/daemon/https/x509/dsa.c b/src/daemon/https/x509/dsa.c deleted file mode 100644 index d344c38f..00000000 --- a/src/daemon/https/x509/dsa.c +++ /dev/null | |||
@@ -1,142 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2003, 2004, 2005 Free Software Foundation | ||
3 | * | ||
4 | * Author: Nikos Mavrogiannopoulos | ||
5 | * | ||
6 | * This file is part of GNUTLS. | ||
7 | * | ||
8 | * The GNUTLS library is free software; you can redistribute it and/or | ||
9 | * modify it under the terms of the GNU Lesser General Public License | ||
10 | * as published by the Free Software Foundation; either version 2.1 of | ||
11 | * the License, or (at your option) any later version. | ||
12 | * | ||
13 | * This library is distributed in the hope that it will be useful, but | ||
14 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
16 | * Lesser General Public License for more details. | ||
17 | * | ||
18 | * You should have received a copy of the GNU Lesser General Public | ||
19 | * License along with this library; if not, write to the Free Software | ||
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, | ||
21 | * USA | ||
22 | * | ||
23 | */ | ||
24 | |||
25 | /* This file contains code for DSA keys. | ||
26 | */ | ||
27 | |||
28 | #include <gnutls_int.h> | ||
29 | #include <gnutls_errors.h> | ||
30 | #include <gnutls_datum.h> | ||
31 | #include <debug.h> | ||
32 | |||
33 | /* resarr will contain: p(0), q(1), g(2), y(3), x(4). | ||
34 | */ | ||
35 | int | ||
36 | MHD__gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len, int bits) | ||
37 | { | ||
38 | |||
39 | int ret; | ||
40 | gcry_sexp_t parms, key, list; | ||
41 | |||
42 | /* FIXME: Remove me once we depend on 1.3.1 */ | ||
43 | if (bits > 1024 && gcry_check_version ("1.3.1") == NULL) | ||
44 | { | ||
45 | MHD_gnutls_assert (); | ||
46 | return GNUTLS_E_INVALID_REQUEST; | ||
47 | } | ||
48 | |||
49 | if (bits < 512) | ||
50 | { | ||
51 | MHD_gnutls_assert (); | ||
52 | return GNUTLS_E_INVALID_REQUEST; | ||
53 | } | ||
54 | |||
55 | ret = gcry_sexp_build (&parms, NULL, "(genkey(dsa(nbits %d)))", bits); | ||
56 | if (ret != 0) | ||
57 | { | ||
58 | MHD_gnutls_assert (); | ||
59 | return GNUTLS_E_INTERNAL_ERROR; | ||
60 | } | ||
61 | |||
62 | /* generate the DSA key | ||
63 | */ | ||
64 | ret = gcry_pk_genkey (&key, parms); | ||
65 | gcry_sexp_release (parms); | ||
66 | |||
67 | if (ret != 0) | ||
68 | { | ||
69 | MHD_gnutls_assert (); | ||
70 | return GNUTLS_E_INTERNAL_ERROR; | ||
71 | } | ||
72 | |||
73 | list = gcry_sexp_find_token (key, "p", 0); | ||
74 | if (list == NULL) | ||
75 | { | ||
76 | MHD_gnutls_assert (); | ||
77 | gcry_sexp_release (key); | ||
78 | return GNUTLS_E_INTERNAL_ERROR; | ||
79 | } | ||
80 | |||
81 | resarr[0] = gcry_sexp_nth_mpi (list, 1, 0); | ||
82 | gcry_sexp_release (list); | ||
83 | |||
84 | list = gcry_sexp_find_token (key, "q", 0); | ||
85 | if (list == NULL) | ||
86 | { | ||
87 | MHD_gnutls_assert (); | ||
88 | gcry_sexp_release (key); | ||
89 | return GNUTLS_E_INTERNAL_ERROR; | ||
90 | } | ||
91 | |||
92 | resarr[1] = gcry_sexp_nth_mpi (list, 1, 0); | ||
93 | gcry_sexp_release (list); | ||
94 | |||
95 | list = gcry_sexp_find_token (key, "g", 0); | ||
96 | if (list == NULL) | ||
97 | { | ||
98 | MHD_gnutls_assert (); | ||
99 | gcry_sexp_release (key); | ||
100 | return GNUTLS_E_INTERNAL_ERROR; | ||
101 | } | ||
102 | |||
103 | resarr[2] = gcry_sexp_nth_mpi (list, 1, 0); | ||
104 | gcry_sexp_release (list); | ||
105 | |||
106 | list = gcry_sexp_find_token (key, "y", 0); | ||
107 | if (list == NULL) | ||
108 | { | ||
109 | MHD_gnutls_assert (); | ||
110 | gcry_sexp_release (key); | ||
111 | return GNUTLS_E_INTERNAL_ERROR; | ||
112 | } | ||
113 | |||
114 | resarr[3] = gcry_sexp_nth_mpi (list, 1, 0); | ||
115 | gcry_sexp_release (list); | ||
116 | |||
117 | |||
118 | list = gcry_sexp_find_token (key, "x", 0); | ||
119 | if (list == NULL) | ||
120 | { | ||
121 | MHD_gnutls_assert (); | ||
122 | gcry_sexp_release (key); | ||
123 | return GNUTLS_E_INTERNAL_ERROR; | ||
124 | } | ||
125 | |||
126 | resarr[4] = gcry_sexp_nth_mpi (list, 1, 0); | ||
127 | gcry_sexp_release (list); | ||
128 | |||
129 | |||
130 | gcry_sexp_release (key); | ||
131 | |||
132 | MHD__gnutls_dump_mpi ("p: ", resarr[0]); | ||
133 | MHD__gnutls_dump_mpi ("q: ", resarr[1]); | ||
134 | MHD__gnutls_dump_mpi ("g: ", resarr[2]); | ||
135 | MHD__gnutls_dump_mpi ("y: ", resarr[3]); | ||
136 | MHD__gnutls_dump_mpi ("x: ", resarr[4]); | ||
137 | |||
138 | *resarr_len = 5; | ||
139 | |||
140 | return 0; | ||
141 | |||
142 | } | ||
diff --git a/src/daemon/https/x509/dsa.h b/src/daemon/https/x509/dsa.h deleted file mode 100644 index bda01f83..00000000 --- a/src/daemon/https/x509/dsa.h +++ /dev/null | |||
@@ -1,26 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2003, 2004, 2005 Free Software Foundation | ||
3 | * | ||
4 | * Author: Nikos Mavrogiannopoulos | ||
5 | * | ||
6 | * This file is part of GNUTLS. | ||
7 | * | ||
8 | * The GNUTLS library is free software; you can redistribute it and/or | ||
9 | * modify it under the terms of the GNU Lesser General Public License | ||
10 | * as published by the Free Software Foundation; either version 2.1 of | ||
11 | * the License, or (at your option) any later version. | ||
12 | * | ||
13 | * This library is distributed in the hope that it will be useful, but | ||
14 | * WITHOUT ANY WARRANTY; without even the implied warranty of | ||
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
16 | * Lesser General Public License for more details. | ||
17 | * | ||
18 | * You should have received a copy of the GNU Lesser General Public | ||
19 | * License along with this library; if not, write to the Free Software | ||
20 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, | ||
21 | * USA | ||
22 | * | ||
23 | */ | ||
24 | |||
25 | int MHD__gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len, | ||
26 | int bits); | ||
diff --git a/src/daemon/https/x509/x509.h b/src/daemon/https/x509/x509.h index 26892fc8..624c7cb6 100644 --- a/src/daemon/https/x509/x509.h +++ b/src/daemon/https/x509/x509.h | |||
@@ -225,19 +225,6 @@ extern "C" | |||
225 | int MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, | 225 | int MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, |
226 | MHD_gnutls_datum_t * start); | 226 | MHD_gnutls_datum_t * start); |
227 | 227 | ||
228 | /* RDN handling. | ||
229 | */ | ||
230 | int MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, | ||
231 | char *buf, size_t * sizeof_buf); | ||
232 | int MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, | ||
233 | int indx, void *buf, size_t * sizeof_buf); | ||
234 | |||
235 | int MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, | ||
236 | const char *oid, | ||
237 | int indx, | ||
238 | unsigned int raw_flag, | ||
239 | void *buf, size_t * sizeof_buf); | ||
240 | |||
241 | typedef void *MHD_gnutls_x509_dn_t; | 228 | typedef void *MHD_gnutls_x509_dn_t; |
242 | 229 | ||
243 | typedef struct MHD_gnutls_x509_ava_st | 230 | typedef struct MHD_gnutls_x509_ava_st |
@@ -254,31 +241,9 @@ extern "C" | |||
254 | int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl); | 241 | int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl); |
255 | void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl); | 242 | void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl); |
256 | 243 | ||
257 | int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, | ||
258 | const MHD_gnutls_datum_t * data, | ||
259 | MHD_gnutls_x509_crt_fmt_t format); | ||
260 | int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, | ||
261 | MHD_gnutls_x509_crt_fmt_t format, | ||
262 | void *output_data, | ||
263 | size_t * output_data_size); | ||
264 | |||
265 | int MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, | ||
266 | const char *oid, | ||
267 | int indx, | ||
268 | unsigned int raw_flag, | ||
269 | void *buf, | ||
270 | size_t * sizeof_buf); | ||
271 | int MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, int indx, | ||
272 | void *oid, size_t * sizeof_oid); | ||
273 | |||
274 | int MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl); | 244 | int MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl); |
275 | int MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, | 245 | int MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, |
276 | char *sig, size_t * sizeof_sig); | 246 | char *sig, size_t * sizeof_sig); |
277 | int MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl); | ||
278 | |||
279 | time_t MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl); | ||
280 | time_t MHD_gnutls_x509_crl_get_next_update (MHD_gnutls_x509_crl_t crl); | ||
281 | |||
282 | int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); | 247 | int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); |
283 | int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, | 248 | int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, |
284 | int indx, | 249 | int indx, |
@@ -494,66 +459,6 @@ extern "C" | |||
494 | const MHD_gnutls_datum_t * | 459 | const MHD_gnutls_datum_t * |
495 | signature); | 460 | signature); |
496 | 461 | ||
497 | /* Certificate request stuff. | ||
498 | */ | ||
499 | struct MHD_gnutls_x509_crq_int; | ||
500 | typedef struct MHD_gnutls_x509_crq_int *MHD_gnutls_x509_crq_t; | ||
501 | |||
502 | int MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq); | ||
503 | void MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq); | ||
504 | int MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq, | ||
505 | const MHD_gnutls_datum_t * data, | ||
506 | MHD_gnutls_x509_crt_fmt_t format); | ||
507 | int MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, | ||
508 | unsigned int *bits); | ||
509 | int MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, | ||
510 | char *buf, size_t * sizeof_buf); | ||
511 | int MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq, | ||
512 | int indx, void *oid, | ||
513 | size_t * sizeof_oid); | ||
514 | int MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, | ||
515 | const char *oid, int indx, | ||
516 | unsigned int raw_flag, void *buf, | ||
517 | size_t * sizeof_buf); | ||
518 | int MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, | ||
519 | const char *oid, | ||
520 | unsigned int raw_flag, | ||
521 | const void *name, | ||
522 | unsigned int sizeof_name); | ||
523 | int MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, | ||
524 | unsigned int version); | ||
525 | int MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, | ||
526 | MHD_gnutls_x509_privkey_t key); | ||
527 | int MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, | ||
528 | MHD_gnutls_x509_privkey_t key, | ||
529 | enum MHD_GNUTLS_HashAlgorithm, | ||
530 | unsigned int flags); | ||
531 | int MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, | ||
532 | MHD_gnutls_x509_privkey_t key); | ||
533 | |||
534 | int MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, | ||
535 | const char *pass); | ||
536 | int MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq, | ||
537 | char *pass, | ||
538 | size_t * sizeof_pass); | ||
539 | |||
540 | int MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | ||
541 | const char *oid, | ||
542 | void *buf, size_t sizeof_buf); | ||
543 | int MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | ||
544 | const char *oid, | ||
545 | int indx, | ||
546 | void *buf, | ||
547 | size_t * sizeof_buf); | ||
548 | |||
549 | int MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, | ||
550 | MHD_gnutls_x509_crt_fmt_t format, | ||
551 | void *output_data, | ||
552 | size_t * output_data_size); | ||
553 | |||
554 | int MHD_gnutls_x509_crt_set_crq (MHD_gnutls_x509_crt_t crt, | ||
555 | MHD_gnutls_x509_crq_t crq); | ||
556 | |||
557 | #ifdef __cplusplus | 462 | #ifdef __cplusplus |
558 | } | 463 | } |
559 | #endif | 464 | #endif |
@@ -625,11 +530,6 @@ typedef struct MHD_gtls_x509_privkey_int | |||
625 | ASN1_TYPE key; | 530 | ASN1_TYPE key; |
626 | } MHD_gnutls_x509_privkey_int; | 531 | } MHD_gnutls_x509_privkey_int; |
627 | 532 | ||
628 | int MHD_gnutls_x509_crt_get_issuer_dn_by_oid (MHD_gnutls_x509_crt_t cert, | ||
629 | const char *oid, | ||
630 | int indx, | ||
631 | unsigned int raw_flag, | ||
632 | void *buf, size_t * sizeof_buf); | ||
633 | int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | 533 | int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, |
634 | unsigned int seq, | 534 | unsigned int seq, |
635 | void *ret, | 535 | void *ret, |
@@ -655,8 +555,6 @@ int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | |||
655 | const MHD_gnutls_x509_crl_t * | 555 | const MHD_gnutls_x509_crl_t * |
656 | crl_list, int crl_list_length); | 556 | crl_list, int crl_list_length); |
657 | 557 | ||
658 | int MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest, | ||
659 | MHD_gnutls_x509_crl_t src); | ||
660 | int MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, | 558 | int MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, |
661 | MHD_gnutls_datum_t * dn); | 559 | MHD_gnutls_datum_t * dn); |
662 | int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); | 560 | int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); |
@@ -670,9 +568,6 @@ int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl); | |||
670 | int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, | 568 | int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, |
671 | const MHD_gnutls_datum_t * data, | 569 | const MHD_gnutls_datum_t * data, |
672 | MHD_gnutls_x509_crt_fmt_t format); | 570 | MHD_gnutls_x509_crt_fmt_t format); |
673 | int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, | ||
674 | MHD_gnutls_x509_crt_fmt_t format, | ||
675 | void *output_data, size_t * output_data_size); | ||
676 | 571 | ||
677 | int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert); | 572 | int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert); |
678 | void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert); | 573 | void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert); |
diff --git a/src/daemon/internal.c b/src/daemon/internal.c index 83b6590d..abf718de 100644 --- a/src/daemon/internal.c +++ b/src/daemon/internal.c | |||
@@ -106,11 +106,12 @@ MHD_DLOG (const struct MHD_Daemon *daemon, const char *format, ...) | |||
106 | va_end (va); | 106 | va_end (va); |
107 | } | 107 | } |
108 | #endif | 108 | #endif |
109 | |||
109 | void | 110 | void |
110 | MHD_tls_log_func (int level, const char *str) | 111 | MHD_tls_log_func (int level, const char *str) |
111 | { | 112 | { |
112 | #ifdef DEBUG | 113 | #ifdef HAVE_MESSAGES |
113 | FPRINTF (stdout, "|<%d>| %s", level, str); | 114 | FPRINTF (stderr, "|<%d>| %s", level, str); |
114 | #endif | 115 | #endif |
115 | } | 116 | } |
116 | 117 | ||
diff --git a/src/testcurl/Makefile.am b/src/testcurl/Makefile.am index b6cab739..8d18d6dd 100644 --- a/src/testcurl/Makefile.am +++ b/src/testcurl/Makefile.am | |||
@@ -1,5 +1,9 @@ | |||
1 | SUBDIRS = . | 1 | SUBDIRS = . |
2 | 2 | ||
3 | if USE_COVERAGE | ||
4 | AM_CFLAGS = -fprofile-arcs -ftest-coverage | ||
5 | endif | ||
6 | |||
3 | if ENABLE_HTTPS | 7 | if ENABLE_HTTPS |
4 | SUBDIRS += https | 8 | SUBDIRS += https |
5 | endif | 9 | endif |
@@ -24,6 +28,7 @@ check_PROGRAMS = \ | |||
24 | daemontest_put11 \ | 28 | daemontest_put11 \ |
25 | daemontest_large_put11 \ | 29 | daemontest_large_put11 \ |
26 | daemontest_long_header \ | 30 | daemontest_long_header \ |
31 | daemontest_long_header11 \ | ||
27 | daemontest_get_chunked \ | 32 | daemontest_get_chunked \ |
28 | daemontest_put_chunked | 33 | daemontest_put_chunked |
29 | noinst_PROGRAMS = \ | 34 | noinst_PROGRAMS = \ |
@@ -131,3 +136,9 @@ daemontest_long_header_LDADD = \ | |||
131 | $(top_builddir)/src/daemon/libmicrohttpd.la \ | 136 | $(top_builddir)/src/daemon/libmicrohttpd.la \ |
132 | @LIBCURL@ | 137 | @LIBCURL@ |
133 | 138 | ||
139 | daemontest_long_header11_SOURCES = \ | ||
140 | daemontest_long_header.c | ||
141 | daemontest_long_header11_LDADD = \ | ||
142 | $(top_builddir)/src/daemon/libmicrohttpd.la \ | ||
143 | @LIBCURL@ | ||
144 | |||
diff --git a/src/testcurl/https/Makefile.am b/src/testcurl/https/Makefile.am index c4276711..b929995d 100644 --- a/src/testcurl/https/Makefile.am +++ b/src/testcurl/https/Makefile.am | |||
@@ -1,5 +1,9 @@ | |||
1 | SUBDIRS = . | 1 | SUBDIRS = . |
2 | 2 | ||
3 | if USE_COVERAGE | ||
4 | AM_CFLAGS = -fprofile-arcs -ftest-coverage | ||
5 | endif | ||
6 | |||
3 | AM_CPPFLAGS = \ | 7 | AM_CPPFLAGS = \ |
4 | -I$(top_srcdir)/src/include \ | 8 | -I$(top_srcdir)/src/include \ |
5 | -I$(top_srcdir)/src/daemon/https \ | 9 | -I$(top_srcdir)/src/daemon/https \ |
diff --git a/src/testcurl/https/bug-test.c b/src/testcurl/https/bug-test.c index 1a700869..3960a323 100644 --- a/src/testcurl/https/bug-test.c +++ b/src/testcurl/https/bug-test.c | |||
@@ -32,6 +32,8 @@ | |||
32 | #include "gnutls.h" | 32 | #include "gnutls.h" |
33 | #include <curl/curl.h> | 33 | #include <curl/curl.h> |
34 | 34 | ||
35 | #define DEBUG 0 | ||
36 | |||
35 | #define PAGE_NOT_FOUND "<html><head><title>File not found</title></head><body>File not found</body></html>" | 37 | #define PAGE_NOT_FOUND "<html><head><title>File not found</title></head><body>File not found</body></html>" |
36 | 38 | ||
37 | #define MHD_E_MEM "Error: memory error\n" | 39 | #define MHD_E_MEM "Error: memory error\n" |
@@ -172,7 +174,7 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
172 | doc_path, test_file_name); | 174 | doc_path, test_file_name); |
173 | 175 | ||
174 | c = curl_easy_init (); | 176 | c = curl_easy_init (); |
175 | #ifdef DEBUG | 177 | #if DEBUG |
176 | curl_easy_setopt (c, CURLOPT_VERBOSE, 1); | 178 | curl_easy_setopt (c, CURLOPT_VERBOSE, 1); |
177 | #endif | 179 | #endif |
178 | curl_easy_setopt (c, CURLOPT_URL, url); | 180 | curl_easy_setopt (c, CURLOPT_URL, url); |
diff --git a/src/testzzuf/Makefile.am b/src/testzzuf/Makefile.am index 92e5a768..42bc2fdc 100644 --- a/src/testzzuf/Makefile.am +++ b/src/testzzuf/Makefile.am | |||
@@ -1,5 +1,9 @@ | |||
1 | SUBDIRS = . | 1 | SUBDIRS = . |
2 | 2 | ||
3 | if USE_COVERAGE | ||
4 | AM_CFLAGS = -fprofile-arcs -ftest-coverage | ||
5 | endif | ||
6 | |||
3 | INCLUDES = -I$(top_srcdir)/src/include | 7 | INCLUDES = -I$(top_srcdir)/src/include |
4 | 8 | ||
5 | EXTRA_DIST = README socat.c | 9 | EXTRA_DIST = README socat.c |