aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2008-11-16 09:38:45 +0000
committerChristian Grothoff <christian@grothoff.org>2008-11-16 09:38:45 +0000
commitae080a12bd1ef55bc799d66bd55304c20139f2b1 (patch)
tree3132f8b417345b70a78ab6cb94f3289602e5f951
parent83a212aac273569eba363445e02e9989a0761f70 (diff)
downloadlibmicrohttpd-ae080a12bd1ef55bc799d66bd55304c20139f2b1.tar.gz
libmicrohttpd-ae080a12bd1ef55bc799d66bd55304c20139f2b1.zip
more dce
-rw-r--r--configure.ac39
-rw-r--r--src/daemon/https/lgl/gc-libgcrypt.c10
-rw-r--r--src/daemon/https/tls/Makefile.am1
-rw-r--r--src/daemon/https/tls/ext_oprfi.c217
-rw-r--r--src/daemon/https/tls/ext_oprfi.h31
-rw-r--r--src/daemon/https/tls/gnutls_algorithms.c84
-rw-r--r--src/daemon/https/tls/gnutls_cipher_int.c10
-rw-r--r--src/daemon/https/tls/gnutls_compress_int.c6
-rw-r--r--src/daemon/https/tls/gnutls_extensions.c6
-rw-r--r--src/daemon/https/tls/gnutls_handshake.c26
10 files changed, 0 insertions, 430 deletions
diff --git a/configure.ac b/configure.ac
index 97a5263a..d57e08b5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -292,49 +292,13 @@ fi
292AM_CONDITIONAL(MHD_DEBUG_TLS, test "$enable_client_side" != "no") 292AM_CONDITIONAL(MHD_DEBUG_TLS, test "$enable_client_side" != "no")
293 293
294 294
295# optional: TLS support. Included by default
296AC_MSG_CHECKING(--enable-TLS argument)
297AC_ARG_ENABLE([TLS],
298 [AS_HELP_STRING([--enable-TLS],
299 [enable TLS support (default is yes)])],
300 [enable_TLS=$enableval],
301 [enable_TLS="yes"])
302AC_MSG_RESULT($enable_TLS)
303
304
305# optional: SSLv3 support. Exclude by default
306AC_MSG_CHECKING(--enable-SSL argument)
307AC_ARG_ENABLE([SSL],
308 [AS_HELP_STRING([--enable-SSL],
309 [enable SSLv3 support (default is no)])],
310 [enable_SSL=$enableval],
311 [enable_SSL="no"])
312AC_MSG_RESULT($enable_SSL)
313
314
315# optional: x509 certificate support. Include by default
316AC_MSG_CHECKING(--enable-x509 argument)
317AC_ARG_ENABLE([x509],
318 [AS_HELP_STRING([--enable-x509],
319 [enable x509 support (default is yes)])],
320 [enable_x509=$enableval],
321 [enable_x509="yes"])
322AC_MSG_RESULT($enable_x509)
323
324# test for libz (optional feature for HTTPS) 295# test for libz (optional feature for HTTPS)
325zlib=1 296zlib=1
326AC_CHECK_LIB(z, compress,,zlib=0) 297AC_CHECK_LIB(z, compress,,zlib=0)
327AM_CONDITIONAL(HAVE_LIBZ, test x$zlib = x1) 298AM_CONDITIONAL(HAVE_LIBZ, test x$zlib = x1)
328 299
329# Symbols required by GNU_TLS 300# Symbols required by GNU_TLS
330AC_DEFINE([ENABLE_MINITASN1],[1],[Include minitasn1 support])
331AC_DEFINE([GNULIB_GC_HMAC_SHA1],[1],[GNULIB_GC_HMAC_SHA1])
332AC_DEFINE([GNULIB_GC_RANDOM],[1],[GNULIB_GC_RANDOM]) 301AC_DEFINE([GNULIB_GC_RANDOM],[1],[GNULIB_GC_RANDOM])
333AC_DEFINE([ENABLE_PKI],[0],[Include PKI support])
334# gnutls debug support
335AC_DEFINE([DEBUG],[1],[Include gnutls debug message support])
336AC_DEFINE([C99_MACROS],[1],[Include gnutls debug message support])
337
338 302
339 303
340# gcov compilation 304# gcov compilation
@@ -403,9 +367,6 @@ AC_MSG_NOTICE([Configuration Summary:
403if test "$enable_HTTPS" = "yes" 367if test "$enable_HTTPS" = "yes"
404then 368then
405 AC_MSG_NOTICE([HTTPS subsystem configuration: 369 AC_MSG_NOTICE([HTTPS subsystem configuration:
406 TLS support: ${enable_TLS}
407 SSLv3 support: ${enable_SSL}
408 x509 support: ${enable_x509}
409 Client code dep.: ${MSG_CLIENT_SIDE} 370 Client code dep.: ${MSG_CLIENT_SIDE}
410 ]) 371 ])
411 if test "$zlib" != 1 372 if test "$zlib" != 1
diff --git a/src/daemon/https/lgl/gc-libgcrypt.c b/src/daemon/https/lgl/gc-libgcrypt.c
index 2247e18d..45483199 100644
--- a/src/daemon/https/lgl/gc-libgcrypt.c
+++ b/src/daemon/https/lgl/gc-libgcrypt.c
@@ -121,16 +121,6 @@ MHD_gc_cipher_open (Gc_cipher alg,
121 gcryalg = GCRY_CIPHER_RFC2268_40; 121 gcryalg = GCRY_CIPHER_RFC2268_40;
122 break; 122 break;
123 123
124#ifdef ENABLE_CAMELLIA
125 case GC_CAMELLIA128:
126 gcryalg = GCRY_CIPHER_CAMELLIA128;
127 break;
128
129 case GC_CAMELLIA256:
130 gcryalg = GCRY_CIPHER_CAMELLIA256;
131 break;
132#endif
133
134 default: 124 default:
135 return GC_INVALID_CIPHER; 125 return GC_INVALID_CIPHER;
136 } 126 }
diff --git a/src/daemon/https/tls/Makefile.am b/src/daemon/https/tls/Makefile.am
index 6902fd9b..931b63cb 100644
--- a/src/daemon/https/tls/Makefile.am
+++ b/src/daemon/https/tls/Makefile.am
@@ -25,7 +25,6 @@ debug.c \
25defines.h \ 25defines.h \
26ext_cert_type.c \ 26ext_cert_type.c \
27ext_max_record.c \ 27ext_max_record.c \
28ext_oprfi.c \
29ext_server_name.c \ 28ext_server_name.c \
30gnutls_alert.c \ 29gnutls_alert.c \
31gnutls_algorithms.c \ 30gnutls_algorithms.c \
diff --git a/src/daemon/https/tls/ext_oprfi.c b/src/daemon/https/tls/ext_oprfi.c
deleted file mode 100644
index 060155e4..00000000
--- a/src/daemon/https/tls/ext_oprfi.c
+++ /dev/null
@@ -1,217 +0,0 @@
1/*
2 * Copyright (C) 2007 Free Software Foundation
3 *
4 * Author: Simon Josefsson
5 *
6 * This file is part of GNUTLS.
7 *
8 * The GNUTLS library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
21 * USA
22 *
23 */
24
25/* Implementation of Opaque PRF Input:
26 * http://tools.ietf.org/id/draft-rescorla-tls-opaque-prf-input-00.txt
27 *
28 */
29
30#include "MHD_config.h"
31#include <ext_oprfi.h>
32
33#include <gnutls_errors.h>
34#include <gnutls_num.h>
35
36static int
37oprfi_recv_server (MHD_gtls_session_t session,
38 const opaque * data, size_t _data_size)
39{
40 ssize_t data_size = _data_size;
41 uint16_t len;
42
43 if (!session->security_parameters.extensions.oprfi_cb)
44 {
45 MHD_gnutls_assert ();
46 return 0;
47 }
48
49 DECR_LEN (data_size, 2);
50 len = MHD_gtls_read_uint16 (data);
51 data += 2;
52
53 if (len != data_size)
54 {
55 MHD_gnutls_assert ();
56 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
57 }
58
59 /* Store incoming data. */
60 session->security_parameters.extensions.oprfi_client_len = len;
61 session->security_parameters.extensions.oprfi_client =
62 MHD_gnutls_malloc (len);
63 if (!session->security_parameters.extensions.oprfi_client)
64 {
65 MHD_gnutls_assert ();
66 return GNUTLS_E_MEMORY_ERROR;
67 }
68 memcpy (session->security_parameters.extensions.oprfi_client, data, len);
69
70 return 0;
71}
72
73#if MHD_DEBUG_TLS
74static int
75oprfi_recv_client (MHD_gtls_session_t session,
76 const opaque * data, size_t _data_size)
77{
78 ssize_t data_size = _data_size;
79 uint16_t len;
80
81 if (session->security_parameters.extensions.oprfi_client == NULL)
82 {
83 MHD_gnutls_assert ();
84 return 0;
85 }
86
87 DECR_LEN (data_size, 2);
88 len = MHD_gtls_read_uint16 (data);
89 data += 2;
90
91 if (len != data_size)
92 {
93 MHD_gnutls_assert ();
94 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
95 }
96
97 if (len != session->security_parameters.extensions.oprfi_client_len)
98 {
99 MHD_gnutls_assert ();
100 return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER;
101 }
102
103 /* Store incoming data. */
104 session->security_parameters.extensions.oprfi_server_len = len;
105 session->security_parameters.extensions.oprfi_server =
106 MHD_gnutls_malloc (len);
107 if (!session->security_parameters.extensions.oprfi_server)
108 {
109 MHD_gnutls_assert ();
110 return GNUTLS_E_MEMORY_ERROR;
111 }
112 memcpy (session->security_parameters.extensions.oprfi_server, data, len);
113
114 return 0;
115}
116#endif
117
118int
119MHD_gtls_oprfi_recv_params (MHD_gtls_session_t session,
120 const opaque * data, size_t data_size)
121{
122#if MHD_DEBUG_TLS
123 if (session->security_parameters.entity == GNUTLS_CLIENT)
124 return oprfi_recv_client (session, data, data_size);
125 else
126#endif
127 return oprfi_recv_server (session, data, data_size);
128}
129
130#if MHD_DEBUG_TLS
131static int
132oprfi_send_client (MHD_gtls_session_t session, opaque * data,
133 size_t _data_size)
134{
135 opaque *p = data;
136 ssize_t data_size = _data_size;
137 int oprf_size = session->security_parameters.extensions.oprfi_client_len;
138
139 if (oprf_size == 0)
140 return 0;
141
142 DECR_LENGTH_RET (data_size, 2, GNUTLS_E_SHORT_MEMORY_BUFFER);
143 MHD_gtls_write_uint16 (oprf_size, p);
144 p += 2;
145
146 DECR_LENGTH_RET (data_size, oprf_size, GNUTLS_E_SHORT_MEMORY_BUFFER);
147
148 memcpy (p, session->security_parameters.extensions.oprfi_client, oprf_size);
149
150 return 2 + oprf_size;
151}
152#endif
153
154static int
155oprfi_send_server (MHD_gtls_session_t session, opaque * data,
156 size_t _data_size)
157{
158 opaque *p = data;
159 int ret;
160 ssize_t data_size = _data_size;
161
162 if (!session->security_parameters.extensions.oprfi_client ||
163 !session->security_parameters.extensions.oprfi_cb)
164 return 0;
165
166 /* Allocate buffer for outgoing data. */
167 session->security_parameters.extensions.oprfi_server_len =
168 session->security_parameters.extensions.oprfi_client_len;
169 session->security_parameters.extensions.oprfi_server =
170 MHD_gnutls_malloc (session->security_parameters.extensions.
171 oprfi_server_len);
172 if (!session->security_parameters.extensions.oprfi_server)
173 {
174 MHD_gnutls_assert ();
175 return GNUTLS_E_MEMORY_ERROR;
176 }
177
178 /* Get outgoing data. */
179 ret = session->security_parameters.extensions.oprfi_cb
180 (session, session->security_parameters.extensions.oprfi_userdata,
181 session->security_parameters.extensions.oprfi_client_len,
182 session->security_parameters.extensions.oprfi_client,
183 session->security_parameters.extensions.oprfi_server);
184 if (ret < 0)
185 {
186 MHD_gnutls_assert ();
187 MHD_gnutls_free (session->security_parameters.extensions.oprfi_server);
188 return ret;
189 }
190
191 DECR_LENGTH_RET (data_size, 2, GNUTLS_E_SHORT_MEMORY_BUFFER);
192 MHD_gtls_write_uint16 (session->security_parameters.extensions.
193 oprfi_server_len, p);
194 p += 2;
195
196 DECR_LENGTH_RET (data_size,
197 session->security_parameters.extensions.oprfi_server_len,
198 GNUTLS_E_SHORT_MEMORY_BUFFER);
199
200 memcpy (p, session->security_parameters.extensions.oprfi_server,
201 session->security_parameters.extensions.oprfi_server_len);
202
203 return 2 + session->security_parameters.extensions.oprfi_server_len;
204}
205
206int
207MHD_gtls_oprfi_send_params (MHD_gtls_session_t session,
208 opaque * data, size_t data_size)
209{
210#if MHD_DEBUG_TLS
211 if (session->security_parameters.entity == GNUTLS_CLIENT)
212 return oprfi_send_client (session, data, data_size);
213 else
214#endif
215 return oprfi_send_server (session, data, data_size);
216}
217
diff --git a/src/daemon/https/tls/ext_oprfi.h b/src/daemon/https/tls/ext_oprfi.h
deleted file mode 100644
index a3265499..00000000
--- a/src/daemon/https/tls/ext_oprfi.h
+++ /dev/null
@@ -1,31 +0,0 @@
1/*
2 * Copyright (C) 2007 Free Software Foundation
3 *
4 * Author: Simon Josefsson
5 *
6 * This file is part of GNUTLS.
7 *
8 * The GNUTLS library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
21 * USA
22 *
23 */
24
25#include <gnutls_int.h>
26
27int MHD_gtls_oprfi_recv_params (MHD_gtls_session_t state,
28 const opaque * data, size_t data_size);
29
30int MHD_gtls_oprfi_send_params (MHD_gtls_session_t state,
31 opaque * data, size_t data_size);
diff --git a/src/daemon/https/tls/gnutls_algorithms.c b/src/daemon/https/tls/gnutls_algorithms.c
index 876d860c..6a6c9b3a 100644
--- a/src/daemon/https/tls/gnutls_algorithms.c
+++ b/src/daemon/https/tls/gnutls_algorithms.c
@@ -235,14 +235,6 @@ static const MHD_gnutls_cipher_entry MHD_gtls_algorithms[] = {
235 CIPHER_BLOCK, 235 CIPHER_BLOCK,
236 8, 236 8,
237 1}, 237 1},
238#ifdef ENABLE_CAMELLIA
239 {"CAMELLIA-256-CBC", MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC, 16, 32,
240 CIPHER_BLOCK,
241 16, 0},
242 {"CAMELLIA-128-CBC", MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC, 16, 16,
243 CIPHER_BLOCK,
244 16, 0},
245#endif
246 {"NULL", 238 {"NULL",
247 MHD_GNUTLS_CIPHER_NULL, 239 MHD_GNUTLS_CIPHER_NULL,
248 1, 240 1,
@@ -268,10 +260,6 @@ static const enum MHD_GNUTLS_CipherAlgorithm MHD_gtls_supported_ciphers[] =
268 MHD_GNUTLS_CIPHER_ARCFOUR_128, 260 MHD_GNUTLS_CIPHER_ARCFOUR_128,
269 MHD_GNUTLS_CIPHER_ARCFOUR_40, 261 MHD_GNUTLS_CIPHER_ARCFOUR_40,
270 MHD_GNUTLS_CIPHER_RC2_40_CBC, 262 MHD_GNUTLS_CIPHER_RC2_40_CBC,
271#ifdef ENABLE_CAMELLIA
272 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
273 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
274#endif
275 MHD_GNUTLS_CIPHER_NULL, 263 MHD_GNUTLS_CIPHER_NULL,
276 0 264 0
277}; 265};
@@ -595,16 +583,6 @@ static const MHD_gtls_cipher_suite_entry MHD_gtls_cs_algorithms[] = {
595 MHD_GNUTLS_CIPHER_AES_256_CBC, 583 MHD_GNUTLS_CIPHER_AES_256_CBC,
596 MHD_GNUTLS_KX_DHE_DSS, 584 MHD_GNUTLS_KX_DHE_DSS,
597 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3), 585 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
598#ifdef ENABLE_CAMELLIA
599 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1,
600 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
601 MHD_GNUTLS_KX_DHE_DSS,
602 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
603 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1,
604 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
605 MHD_GNUTLS_KX_DHE_DSS,
606 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
607#endif
608 /* DHE_RSA */ 586 /* DHE_RSA */
609 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1, 587 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1,
610 MHD_GNUTLS_CIPHER_3DES_CBC, 588 MHD_GNUTLS_CIPHER_3DES_CBC,
@@ -618,16 +596,6 @@ static const MHD_gtls_cipher_suite_entry MHD_gtls_cs_algorithms[] = {
618 MHD_GNUTLS_CIPHER_AES_256_CBC, 596 MHD_GNUTLS_CIPHER_AES_256_CBC,
619 MHD_GNUTLS_KX_DHE_RSA, 597 MHD_GNUTLS_KX_DHE_RSA,
620 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3), 598 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
621#ifdef ENABLE_CAMELLIA
622 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1,
623 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
624 MHD_GNUTLS_KX_DHE_RSA,
625 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
626 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1,
627 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
628 MHD_GNUTLS_KX_DHE_RSA,
629 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
630#endif
631 /* RSA */ 599 /* RSA */
632 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5, 600 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5,
633 MHD_GNUTLS_CIPHER_NULL, 601 MHD_GNUTLS_CIPHER_NULL,
@@ -657,16 +625,6 @@ static const MHD_gtls_cipher_suite_entry MHD_gtls_cs_algorithms[] = {
657 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1, 625 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1,
658 MHD_GNUTLS_CIPHER_AES_256_CBC, MHD_GNUTLS_KX_RSA, 626 MHD_GNUTLS_CIPHER_AES_256_CBC, MHD_GNUTLS_KX_RSA,
659 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3), 627 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
660#ifdef ENABLE_CAMELLIA
661 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1,
662 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
663 MHD_GNUTLS_KX_RSA,
664 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
665 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1,
666 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
667 MHD_GNUTLS_KX_RSA,
668 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
669#endif
670 {0, 628 {0,
671 { 629 {
672 {0, 630 {0,
@@ -1245,39 +1203,11 @@ MHD__gnutls_compare_algo (MHD_gtls_session_t session,
1245 } 1203 }
1246} 1204}
1247 1205
1248#ifdef SORT_DEBUG
1249static void
1250MHD__gnutls_bsort (MHD_gtls_session_t session, void *_base, size_t nmemb,
1251 size_t size, int (*compar) (MHD_gtls_session_t,
1252 const void *, const void *))
1253{
1254 unsigned int i, j;
1255 int full = nmemb * size;
1256 char *base = _base;
1257 char tmp[MAX_ELEM_SIZE];
1258
1259 for (i = 0; i < full; i += size)
1260 {
1261 for (j = 0; j < full; j += size)
1262 {
1263 if (compar (session, &base[i], &base[j]) < 0)
1264 {
1265 SWAP (&base[j], &base[i]);
1266 }
1267 }
1268 }
1269
1270}
1271#endif
1272
1273int 1206int
1274MHD_gtls_supported_ciphersuites_sorted (MHD_gtls_session_t session, 1207MHD_gtls_supported_ciphersuites_sorted (MHD_gtls_session_t session,
1275 cipher_suite_st ** ciphers) 1208 cipher_suite_st ** ciphers)
1276{ 1209{
1277 1210
1278#ifdef SORT_DEBUG
1279 unsigned int i;
1280#endif
1281 int count; 1211 int count;
1282 1212
1283 count = MHD_gtls_supported_ciphersuites (session, ciphers); 1213 count = MHD_gtls_supported_ciphersuites (session, ciphers);
@@ -1286,23 +1216,9 @@ MHD_gtls_supported_ciphersuites_sorted (MHD_gtls_session_t session,
1286 MHD_gnutls_assert (); 1216 MHD_gnutls_assert ();
1287 return count; 1217 return count;
1288 } 1218 }
1289#ifdef SORT_DEBUG
1290 MHD__gnutls_debug_log ("Unsorted: \n");
1291 for (i = 0; i < count; i++)
1292 MHD__gnutls_debug_log ("\t%d: %s\n", i,
1293 MHD_gtls_cipher_suite_get_name ((*ciphers)[i]));
1294#endif
1295
1296 MHD__gnutls_qsort (session, *ciphers, count, sizeof (cipher_suite_st), 1219 MHD__gnutls_qsort (session, *ciphers, count, sizeof (cipher_suite_st),
1297 MHD__gnutls_compare_algo); 1220 MHD__gnutls_compare_algo);
1298 1221
1299#ifdef SORT_DEBUG
1300 MHD__gnutls_debug_log ("Sorted: \n");
1301 for (i = 0; i < count; i++)
1302 MHD__gnutls_debug_log ("\t%d: %s\n", i,
1303 MHD_gtls_cipher_suite_get_name ((*ciphers)[i]));
1304#endif
1305
1306 return count; 1222 return count;
1307} 1223}
1308 1224
diff --git a/src/daemon/https/tls/gnutls_cipher_int.c b/src/daemon/https/tls/gnutls_cipher_int.c
index 9861fab1..2982b4d6 100644
--- a/src/daemon/https/tls/gnutls_cipher_int.c
+++ b/src/daemon/https/tls/gnutls_cipher_int.c
@@ -65,16 +65,6 @@ MHD_gtls_cipher_init (enum MHD_GNUTLS_CipherAlgorithm cipher,
65 err = MHD_gc_cipher_open (GC_ARCTWO40, GC_CBC, &ret); 65 err = MHD_gc_cipher_open (GC_ARCTWO40, GC_CBC, &ret);
66 break; 66 break;
67 67
68#ifdef ENABLE_CAMELLIA
69 case MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC:
70 err = MHD_gc_cipher_open (GC_CAMELLIA128, GC_CBC, &ret);
71 break;
72
73 case MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC:
74 err = MHD_gc_cipher_open (GC_CAMELLIA256, GC_CBC, &ret);
75 break;
76#endif
77
78 default: 68 default:
79 return NULL; 69 return NULL;
80 } 70 }
diff --git a/src/daemon/https/tls/gnutls_compress_int.c b/src/daemon/https/tls/gnutls_compress_int.c
index 2006f8e6..da17b892 100644
--- a/src/daemon/https/tls/gnutls_compress_int.c
+++ b/src/daemon/https/tls/gnutls_compress_int.c
@@ -190,12 +190,6 @@ MHD_gtls_compress (comp_hd_t handle, const opaque * plain,
190 return GNUTLS_E_INTERNAL_ERROR; 190 return GNUTLS_E_INTERNAL_ERROR;
191 } /* switch */ 191 } /* switch */
192 192
193#ifdef COMPRESSION_DEBUG
194 MHD__gnutls_debug_log ("Compression ratio: %f\n",
195 (float) ((float) compressed_size /
196 (float) plain_size));
197#endif
198
199 if ((size_t) compressed_size > max_comp_size) 193 if ((size_t) compressed_size > max_comp_size)
200 { 194 {
201 MHD_gnutls_free (*compressed); 195 MHD_gnutls_free (*compressed);
diff --git a/src/daemon/https/tls/gnutls_extensions.c b/src/daemon/https/tls/gnutls_extensions.c
index f6c947cb..82adb1c4 100644
--- a/src/daemon/https/tls/gnutls_extensions.c
+++ b/src/daemon/https/tls/gnutls_extensions.c
@@ -58,12 +58,6 @@ MHD_gtls_extension_entry MHD_gtls_extensions[MAX_EXT_SIZE] = {
58 EXTENSION_APPLICATION, 58 EXTENSION_APPLICATION,
59 MHD_gtls_server_name_recv_params, 59 MHD_gtls_server_name_recv_params,
60 MHD_gtls_server_name_send_params), 60 MHD_gtls_server_name_send_params),
61#ifdef ENABLE_OPRFI
62 GNUTLS_EXTENSION_ENTRY (GNUTLS_EXTENSION_OPAQUE_PRF_INPUT,
63 EXTENSION_TLS,
64 MHD_gtls_oprfi_recv_params,
65 MHD_gtls_oprfi_send_params),
66#endif
67 {0, 0, 0, 0} 61 {0, 0, 0, 0}
68}; 62};
69 63
diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c
index 45041ccd..9a18cc26 100644
--- a/src/daemon/https/tls/gnutls_handshake.c
+++ b/src/daemon/https/tls/gnutls_handshake.c
@@ -763,20 +763,6 @@ MHD_gtls_server_select_suite (MHD_gtls_session_t session, opaque * data,
763 MHD_gnutls_assert (); 763 MHD_gnutls_assert ();
764 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; 764 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
765 } 765 }
766#ifdef HANDSHAKE_DEBUG
767
768 MHD__gnutls_handshake_log ("HSK[%x]: Requested cipher suites: \n", session);
769 for (j = 0; j < datalen; j += 2)
770 {
771 memcpy (&cs.suite, &data[j], 2);
772 MHD__gnutls_handshake_log ("\t%s\n",
773 MHD_gtls_cipher_suite_get_name (&cs));
774 }
775 MHD__gnutls_handshake_log ("HSK[%x]: Supported cipher suites: \n", session);
776 for (j = 0; j < x; j++)
777 MHD__gnutls_handshake_log ("\t%s\n",
778 MHD_gtls_cipher_suite_get_name (&ciphers[j]));
779#endif
780 memset (session->security_parameters.current_cipher_suite.suite, '\0', 2); 766 memset (session->security_parameters.current_cipher_suite.suite, '\0', 2);
781 767
782 retval = GNUTLS_E_UNKNOWN_CIPHER_SUITE; 768 retval = GNUTLS_E_UNKNOWN_CIPHER_SUITE;
@@ -2315,18 +2301,6 @@ MHD_gtls_handshake_client (MHD_gtls_session_t session)
2315{ 2301{
2316 int ret = 0; 2302 int ret = 0;
2317 2303
2318#ifdef HANDSHAKE_DEBUG
2319 char buf[64];
2320
2321 if (session->internals.resumed_security_parameters.session_id_size > 0)
2322 MHD__gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session,
2323 MHD_gtls_bin2hex (session->
2324 internals.resumed_security_parameters.session_id,
2325 session->
2326 internals.resumed_security_parameters.session_id_size,
2327 buf, sizeof (buf)));
2328#endif
2329
2330 switch (STATE) 2304 switch (STATE)
2331 { 2305 {
2332 case STATE0: 2306 case STATE0: