aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2008-09-12 20:47:06 +0000
committerChristian Grothoff <christian@grothoff.org>2008-09-12 20:47:06 +0000
commitcfde43ff7ded40a9b1f23fa87088dcf99a95570c (patch)
treebd54252cb28a47780313b0412d8f17f2424e8ffd
parent824628a22f59c312bc0f664665ec8d25be37910c (diff)
downloadlibmicrohttpd-cfde43ff7ded40a9b1f23fa87088dcf99a95570c.tar.gz
libmicrohttpd-cfde43ff7ded40a9b1f23fa87088dcf99a95570c.zip
documenting all enums, functions and structs, removing support for key/cert files
Diffstat
-rw-r--r--doc/microhttpd.texi280
-rw-r--r--src/daemon/connection_https.c10
-rw-r--r--src/daemon/daemon.c54
-rw-r--r--src/daemon/https/tls/auth_cert.c6
-rw-r--r--src/daemon/https/tls/auth_rsa.c4
-rw-r--r--src/daemon/https/tls/gnutls_algorithms.c96
-rw-r--r--src/daemon/https/tls/gnutls_cipher.c18
-rw-r--r--src/daemon/https/tls/gnutls_constate.c8
-rw-r--r--src/daemon/https/tls/gnutls_handshake.c22
-rw-r--r--src/daemon/https/tls/gnutls_kx.c8
-rw-r--r--src/daemon/https/tls/gnutls_priority.c6
-rw-r--r--src/daemon/https/tls/gnutls_sig.c12
-rw-r--r--src/daemon/https/tls/gnutls_state.c2
-rw-r--r--src/daemon/https/tls/gnutls_x509.c223
-rw-r--r--src/daemon/internal.h4
-rw-r--r--src/examples/https_fileserver_example.c12
-rw-r--r--src/include/microhttpd.h37
-rw-r--r--src/testcurl/https/mhds_session_info_test.c2
-rw-r--r--src/testcurl/https/tls_daemon_options_test.c14
19 files changed, 372 insertions, 446 deletions
diff --git a/doc/microhttpd.texi b/doc/microhttpd.texi
index 54ab252a..0c155e47 100644
--- a/doc/microhttpd.texi
+++ b/doc/microhttpd.texi
@@ -123,6 +123,7 @@ GNU libmicrohttpd is a GNU package.
123* microhttpd-requests:: Handling requests. 123* microhttpd-requests:: Handling requests.
124* microhttpd-responses:: Building responses to requests. 124* microhttpd-responses:: Building responses to requests.
125* microhttpd-post:: Adding a @code{POST} processor. 125* microhttpd-post:: Adding a @code{POST} processor.
126* microhttpd-info:: Obtaining status information.
126 127
127Appendices 128Appendices
128 129
@@ -291,20 +292,6 @@ the @code{struct sockaddr*} should point to a @code{struct sockaddr_in6},
291otherwise to a @code{struct sockaddr_in}. If this option is not specified, 292otherwise to a @code{struct sockaddr_in}. If this option is not specified,
292the daemon will listen to incomming connections from anywhere. 293the daemon will listen to incomming connections from anywhere.
293 294
294@item MHD_OPTION_HTTPS_KEY_PATH
295Filename for the private key (key.pem) to be used by the
296HTTPS daemon. This option should be followed by an
297"const char*" argument. The memory of the filename must
298not be released until the application terminates.
299This should be used in conjunction with 'MHD_OPTION_HTTPS_CERT_PATH'.
300
301@item MHD_OPTION_HTTPS_CERT_PATH
302Filename for the certificate (cert.pem) to be used by the
303HTTPS daemon. This option should be followed by an
304"const char*" argument. The memory of the filename must
305not be released until the application terminates.
306This should be used in conjunction with 'MHD_OPTION_HTTPS_KEY_PATH'.
307
308@item MHD_OPTION_HTTPS_MEM_KEY 295@item MHD_OPTION_HTTPS_MEM_KEY
309Memory pointer to the private key to be used by the 296Memory pointer to the private key to be used by the
310HTTPS daemon. This option should be followed by an 297HTTPS daemon. This option should be followed by an
@@ -416,6 +403,31 @@ We had to close the session since @mhd{} was being shut down.
416List of symmetric ciphers. 403List of symmetric ciphers.
417Note that not all listed algorithms are necessarily supported by 404Note that not all listed algorithms are necessarily supported by
418all builds of MHD. 405all builds of MHD.
406
407@table @code
408@item MHD_GNUTLS_CIPHER_UNKNOWN
409
410@item MHD_GNUTLS_CIPHER_NULL
411
412@item MHD_GNUTLS_CIPHER_ARCFOUR_128
413
414@item MHD_GNUTLS_CIPHER_3DES_CBC
415
416@item MHD_GNUTLS_CIPHER_AES_128_CBC
417
418@item MHD_GNUTLS_CIPHER_AES_256_CBC
419
420@item MHD_GNUTLS_CIPHER_ARCFOUR_40
421
422@item MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC
423
424@item MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC
425
426@item MHD_GNUTLS_CIPHER_RC2_40_CBC
427
428@item MHD_GNUTLS_CIPHER_DES_CBC
429
430@end table
419@end deftp 431@end deftp
420 432
421 433
@@ -423,6 +435,170 @@ all builds of MHD.
423List of key exchange algorithms. 435List of key exchange algorithms.
424Note that not all listed algorithms are necessarily supported by 436Note that not all listed algorithms are necessarily supported by
425all builds of MHD. 437all builds of MHD.
438
439@table @code
440
441@item MHD_GNUTLS_KX_UNKNOWN
442
443@item MHD_GNUTLS_KX_RSA
444
445@item MHD_GNUTLS_KX_DHE_DSS
446
447@item MHD_GNUTLS_KX_DHE_RSA
448
449@item MHD_GNUTLS_KX_ANON_DH
450
451@item MHD_GNUTLS_KX_SRP
452
453@item MHD_GNUTLS_KX_RSA_EXPORT
454
455@item MHD_GNUTLS_KX_SRP_RSA
456
457@item MHD_GNUTLS_KX_SRP_DSS
458@end table
459@end deftp
460
461
462@deftp {Enumeration} MHD_GNUTLS_CredentialsType
463Server credentials type (note that not all types
464maybe supported by all MHD builds).
465
466@table @code
467@item MHD_GNUTLS_CRD_CERTIFICATE
468We have a x.509 certificate.
469
470@item MHD_GNUTLS_CRD_ANON
471We have no certificate (anonymous).
472
473@item MHD_GNUTLS_CRD_SRP
474We are using password-based authentication.
475
476@item MHD_GNUTLS_CRD_PSK
477We are using pre-shared keys (PSK).
478
479@end table
480@end deftp
481
482
483@deftp {Enumeration} MHD_GNUTLS_HashAlgorithm
484Enumeration of possible cryptographic hash functions (for MAC and
485Digest operations). Note that not all listed algorithms are
486necessarily supported by all builds of MHD.
487
488@table @code
489@item MHD_GNUTLS_MAC_UNKNOWN
490
491@item MHD_GNUTLS_MAC_NULL
492
493@item MHD_GNUTLS_MAC_MD5
494
495@item MHD_GNUTLS_MAC_SHA1
496
497@item MHD_GNUTLS_MAC_SHA256
498
499@end table
500@end deftp
501
502
503@deftp {Enumeration} MHD_GNUTLS_CompressionMethod
504List of compression methods. Note that not all listed algorithms are
505necessarily supported by all builds of MHD.
506
507@table @code
508@item MHD_GNUTLS_COMP_UNKNOWN
509
510@item MHD_GNUTLS_COMP_NULL
511No compression.
512
513@item MHD_GNUTLS_COMP_DEFLATE
514gzip compression.
515
516@end table
517@end deftp
518
519
520
521@deftp {Enumeration} MHD_GNUTLS_Protocol
522SSL/TLS Protocol types. Note that not all listed algorithms are
523necessarily supported by all builds of MHD.
524
525@table @code
526@item MHD_GNUTLS_PROTOCOL_END
527@item MHD_GNUTLS_PROTOCOL_SSL3
528@item MHD_GNUTLS_PROTOCOL_TLS1_0
529@item MHD_GNUTLS_PROTOCOL_TLS1_1
530@item MHD_GNUTLS_PROTOCOL_TLS1_2
531@item MHD_GNUTLS_PROTOCOL_UNKNOWN
532
533@end table
534@end deftp
535
536
537
538@deftp {Enumeration} MHD_GNUTLS_PublicKeyAlgorithm
539List of public key algorithms. Note that not all listed algorithms
540are necessarily supported by all builds of MHD.
541
542@table @code
543@item MHD_GNUTLS_PK_UNKNOWN
544
545@item MHD_GNUTLS_PK_RSA
546
547@end table
548@end deftp
549
550
551@deftp {Enumeration} MHD_ConnectionInfoType
552Values of this enum are used to specify what information about a
553connection is desired.
554
555@table @code
556
557@item MHD_CONNECTION_INFO_CIPHER_ALGO
558What cipher algorithm is being used.
559Takes no extra arguments.
560
561@item MHD_CONNECTION_INFO_KX_ALGO
562What key exchange algorithm is being used.
563Takes no extra arguments.
564
565@item MHD_CONNECTION_INFO_CREDENTIALS_TYPE
566Takes no extra arguments.
567
568@item MHD_CONNECTION_INFO_MAC_ALGO
569Takes no extra arguments.
570
571@item MHD_CONNECTION_INFO_COMPRESSION_METHOD,
572What compression method is being used.
573Takes no extra arguments.
574
575@item MHD_CONNECTION_INFO_PROTOCOL,
576Takes no extra arguments.
577
578@item MHD_CONNECTION_INFO_CERT_TYPE
579Takes no extra arguments.
580
581@end table
582@end deftp
583
584
585
586
587@deftp {Enumeration} MHD_DaemonInfoType
588Values of this enum are used to specify what
589information about a deamon is desired.
590@table @code
591@item MHD_DAEMON_INFO_KEY_SIZE
592Request information about the key size for a particular cipher
593algorithm. The cipher algorithm should be passed as an extra argument
594(of type 'enum MHD_GNUTLS_CipherAlgorithm').
595
596@item MHD_DAEMON_INFO_MAC_KEY_SIZE
597Request information about the key size for a particular cipher
598algorithm. The cipher algorithm should be passed as an extra argument
599(of type 'enum MHD_GNUTLS_HashAlgorithm').
600
601@end table
426@end deftp 602@end deftp
427 603
428 604
@@ -455,6 +631,16 @@ Handle for @code{POST} processing.
455@end deftp 631@end deftp
456 632
457 633
634@deftp {C Union} MHD_ConnectionInfo
635Information about a connection.
636@end deftp
637
638
639@deftp {C Union} MHD_DaemonInfo
640Information about an MHD daemon.
641@end deftp
642
643
458@c ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 644@c ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
459 645
460@c ------------------------------------------------------------ 646@c ------------------------------------------------------------
@@ -1223,6 +1409,72 @@ of this function.
1223@end deftypefun 1409@end deftypefun
1224 1410
1225 1411
1412
1413@c ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1414
1415@c ------------------------------------------------------------
1416@node microhttpd-info
1417@chapter Obtaining status information.
1418
1419
1420@menu
1421* microhttpd-info daemon:: State information about an MHD daemon
1422* microhttpd-info conn:: State information about a connection
1423@end menu
1424
1425
1426@c ------------------------------------------------------------
1427@node microhttpd-info daemon
1428@section Obtaining state information about an MHD daemon
1429
1430@deftypefun {const union MHD_DaemonInfo *} MHD_get_daemon_info (struct MHD_Daemon *daemon, enum MHD_DaemonInfoType infoType, ...)
1431Obtain information about the given daemon. This function
1432is currently not fully implemented.
1433
1434@table @var
1435@item daemon
1436the daemon about which information is desired;
1437
1438@item infoType
1439type of information that is desired
1440
1441@item ...
1442additional arguments about the desired information (depending on
1443infoType)
1444@end table
1445
1446Returns a union with the respective member (depending on
1447infoType) set to the desired information), or NULL
1448in case the desired information is not available or
1449applicable.
1450@end deftypefun
1451
1452@c ------------------------------------------------------------
1453@node microhttpd-info conn
1454@section Obtaining state information about a connection
1455
1456
1457@deftypefun {const union MHD_ConnectionInfo *} MHD_get_connection_info (struct MHD_Connection *daemon, enum MHD_ConnectionInfoType infoType, ...)
1458Obtain information about the given connection.
1459
1460@table @var
1461@item connection
1462the connection about which information is desired;
1463
1464@item infoType
1465type of information that is desired
1466
1467@item ...
1468additional arguments about the desired information (depending on
1469infoType)
1470@end table
1471
1472Returns a union with the respective member (depending on
1473infoType) set to the desired information), or NULL
1474in case the desired information is not available or
1475applicable.
1476@end deftypefun
1477
1226@c ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1478@c ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1227 1479
1228 1480
diff --git a/src/daemon/connection_https.c b/src/daemon/connection_https.c
index 20baa770..e9a2226f 100644
--- a/src/daemon/connection_https.c
+++ b/src/daemon/connection_https.c
@@ -152,7 +152,7 @@ MHD_tls_connection_handle_idle (struct MHD_Connection *connection)
152 return MHD_NO; 152 return MHD_NO;
153 case MHD_TLS_HANDSHAKE_FAILED: 153 case MHD_TLS_HANDSHAKE_FAILED:
154 MHD_tls_connection_close (connection, 154 MHD_tls_connection_close (connection,
155 MHD_TLS_REQUEST_TERMINATED_WITH_ERROR); 155 MHD_REQUEST_TERMINATED_WITH_ERROR);
156 return MHD_NO; 156 return MHD_NO;
157 /* some HTTP state */ 157 /* some HTTP state */
158 default: 158 default:
@@ -237,14 +237,14 @@ MHD_tls_connection_handle_read (struct MHD_Connection *connection)
237 "Error: received handshake message out of context\n"); 237 "Error: received handshake message out of context\n");
238#endif 238#endif
239 MHD_tls_connection_close (connection, 239 MHD_tls_connection_close (connection,
240 MHD_TLS_REQUEST_TERMINATED_WITH_ERROR); 240 MHD_REQUEST_TERMINATED_WITH_ERROR);
241 return MHD_NO; 241 return MHD_NO;
242 } 242 }
243 243
244 /* ignore any out of bound change chiper spec messages */ 244 /* ignore any out of bound change chiper spec messages */
245 case GNUTLS_CHANGE_CIPHER_SPEC: 245 case GNUTLS_CHANGE_CIPHER_SPEC:
246 MHD_tls_connection_close (connection, 246 MHD_tls_connection_close (connection,
247 MHD_TLS_REQUEST_TERMINATED_WITH_ERROR); 247 MHD_REQUEST_TERMINATED_WITH_ERROR);
248 return MHD_NO; 248 return MHD_NO;
249 249
250 case GNUTLS_ALERT: 250 case GNUTLS_ALERT:
@@ -279,7 +279,7 @@ MHD_tls_connection_handle_read (struct MHD_Connection *connection)
279 GNUTLS_AL_FATAL) 279 GNUTLS_AL_FATAL)
280 { 280 {
281 MHD_tls_connection_close (connection, 281 MHD_tls_connection_close (connection,
282 MHD_TLS_REQUEST_TERMINATED_WITH_FATAL_ALERT); 282 MHD_REQUEST_TERMINATED_WITH_ERROR);
283 return MHD_NO; 283 return MHD_NO;
284 } 284 }
285 /* this should never execute */ 285 /* this should never execute */
@@ -308,7 +308,7 @@ MHD_tls_connection_handle_read (struct MHD_Connection *connection)
308#endif 308#endif
309 /* close connection upon reception of unrecognized message type */ 309 /* close connection upon reception of unrecognized message type */
310 MHD_tls_connection_close (connection, 310 MHD_tls_connection_close (connection,
311 MHD_TLS_REQUEST_TERMINATED_WITH_ERROR); 311 MHD_REQUEST_TERMINATED_WITH_ERROR);
312 return MHD_NO; 312 return MHD_NO;
313 } 313 }
314 314
diff --git a/src/daemon/daemon.c b/src/daemon/daemon.c
index 950239a6..7e3e7e3e 100644
--- a/src/daemon/daemon.c
+++ b/src/daemon/daemon.c
@@ -1,6 +1,6 @@
1/* 1/*
2 This file is part of libmicrohttpd 2 This file is part of libmicrohttpd
3 (C) 2007 Daniel Pittman and Christian Grothoff 3 (C) 2007, 2008 Daniel Pittman and Christian Grothoff
4 4
5 This library is free software; you can redistribute it and/or 5 This library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public 6 modify it under the terms of the GNU Lesser General Public
@@ -125,55 +125,9 @@ MHD_init_daemon_certificate (struct MHD_Daemon *daemon)
125 gnutls_datum_t key; 125 gnutls_datum_t key;
126 gnutls_datum_t cert; 126 gnutls_datum_t cert;
127 127
128 /* certificate & key loaded from file */
129 if (daemon->https_cert_path && daemon->https_key_path)
130 {
131 if (daemon->https_mem_cert || daemon->https_mem_key)
132 {
133#if HAVE_MESSAGES
134 MHD_DLOG (daemon, "You specified certificates both in memory and on disk!",
135 daemon->https_cert_path,
136 strerror(errno));
137#endif
138 return -1;
139 }
140 /* test for private key & certificate file exsitance */
141 if (access (daemon->https_cert_path, R_OK))
142 {
143#if HAVE_MESSAGES
144 MHD_DLOG (daemon, "Missing X.509 certificate file `%s': %s\n",
145 daemon->https_cert_path,
146 strerror(errno));
147#endif
148 return -1;
149 }
150
151 if (access (daemon->https_key_path, R_OK))
152 {
153#if HAVE_MESSAGES
154 MHD_DLOG (daemon, "Missing X.509 key file `%s': %s\n",
155 daemon->https_key_path,
156 strerror(errno));
157#endif
158 return -1;
159 }
160 return MHD_gnutls_certificate_set_x509_key_file (daemon->x509_cred,
161 daemon->https_cert_path,
162 daemon->https_key_path,
163 GNUTLS_X509_FMT_PEM);
164 }
165 /* certificate & key loaded from memory */ 128 /* certificate & key loaded from memory */
166 if (daemon->https_mem_cert && daemon->https_mem_key) 129 if (daemon->https_mem_cert && daemon->https_mem_key)
167 { 130 {
168 if (daemon->https_cert_path || daemon->https_key_path)
169 {
170#if HAVE_MESSAGES
171 MHD_DLOG (daemon, "You specified certificates both in memory and on disk!",
172 daemon->https_cert_path,
173 strerror(errno));
174#endif
175 return -1;
176 }
177 key.data = (unsigned char *) daemon->https_mem_key; 131 key.data = (unsigned char *) daemon->https_mem_key;
178 key.size = strlen (daemon->https_mem_key); 132 key.size = strlen (daemon->https_mem_key);
179 cert.data = (unsigned char *) daemon->https_mem_cert; 133 cert.data = (unsigned char *) daemon->https_mem_cert;
@@ -928,12 +882,6 @@ MHD_start_daemon_va (unsigned int options,
928 _set_priority (&retVal->priority_cache->protocol, 882 _set_priority (&retVal->priority_cache->protocol,
929 va_arg (ap, const int *)); 883 va_arg (ap, const int *));
930 break; 884 break;
931 case MHD_OPTION_HTTPS_KEY_PATH:
932 retVal->https_key_path = va_arg (ap, const char *);
933 break;
934 case MHD_OPTION_HTTPS_CERT_PATH:
935 retVal->https_cert_path = va_arg (ap, const char *);
936 break;
937 case MHD_OPTION_HTTPS_MEM_KEY: 885 case MHD_OPTION_HTTPS_MEM_KEY:
938 retVal->https_mem_key = va_arg (ap, const char *); 886 retVal->https_mem_key = va_arg (ap, const char *);
939 break; 887 break;
diff --git a/src/daemon/https/tls/auth_cert.c b/src/daemon/https/tls/auth_cert.c
index ae6ef698..7f0369ca 100644
--- a/src/daemon/https/tls/auth_cert.c
+++ b/src/daemon/https/tls/auth_cert.c
@@ -870,7 +870,7 @@ mhd_gtls_proc_cert_cert_req (mhd_gtls_session_t session, opaque * data,
870 return GNUTLS_E_UNKNOWN_PK_ALGORITHM; 870 return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
871 } 871 }
872 872
873 if (ver == MHD_GNUTLS_TLS1_2) 873 if (ver == MHD_GNUTLS_PROTOCOL_TLS1_2)
874 { 874 {
875 /* read supported hashes */ 875 /* read supported hashes */
876 int hash_num; 876 int hash_num;
@@ -1039,7 +1039,7 @@ mhd_gtls_gen_cert_server_cert_req (mhd_gtls_session_t session, opaque ** data)
1039 session->internals.ignore_rdn_sequence == 0) 1039 session->internals.ignore_rdn_sequence == 0)
1040 size += cred->x509_rdn_sequence.size; 1040 size += cred->x509_rdn_sequence.size;
1041 1041
1042 if (ver == MHD_GNUTLS_TLS1_2) 1042 if (ver == MHD_GNUTLS_PROTOCOL_TLS1_2)
1043 /* Need at least one byte to announce the number of supported hash 1043 /* Need at least one byte to announce the number of supported hash
1044 functions (see below). */ 1044 functions (see below). */
1045 size += 1; 1045 size += 1;
@@ -1059,7 +1059,7 @@ mhd_gtls_gen_cert_server_cert_req (mhd_gtls_session_t session, opaque ** data)
1059 pdata[2] = DSA_SIGN; /* only these for now */ 1059 pdata[2] = DSA_SIGN; /* only these for now */
1060 pdata += CERTTYPE_SIZE; 1060 pdata += CERTTYPE_SIZE;
1061 1061
1062 if (ver == MHD_GNUTLS_TLS1_2) 1062 if (ver == MHD_GNUTLS_PROTOCOL_TLS1_2)
1063 { 1063 {
1064 /* Supported hashes (nothing for now -- FIXME). */ 1064 /* Supported hashes (nothing for now -- FIXME). */
1065 *pdata = 0; 1065 *pdata = 0;
diff --git a/src/daemon/https/tls/auth_rsa.c b/src/daemon/https/tls/auth_rsa.c
index 4c909bcc..b3833814 100644
--- a/src/daemon/https/tls/auth_rsa.c
+++ b/src/daemon/https/tls/auth_rsa.c
@@ -217,7 +217,7 @@ _gnutls_proc_rsa_client_kx (mhd_gtls_session_t session, opaque * data,
217 int randomize_key = 0; 217 int randomize_key = 0;
218 ssize_t data_size = _data_size; 218 ssize_t data_size = _data_size;
219 219
220 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3) 220 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
221 { 221 {
222 /* SSL 3.0 222 /* SSL 3.0
223 */ 223 */
@@ -385,7 +385,7 @@ _gnutls_gen_rsa_client_kx (mhd_gtls_session_t session, opaque ** data)
385 for (i = 0; i < params_len; i++) 385 for (i = 0; i < params_len; i++)
386 mhd_gtls_mpi_release (&params[i]); 386 mhd_gtls_mpi_release (&params[i]);
387 387
388 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3) 388 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
389 { 389 {
390 /* SSL 3.0 */ 390 /* SSL 3.0 */
391 *data = sdata.data; 391 *data = sdata.data;
diff --git a/src/daemon/https/tls/gnutls_algorithms.c b/src/daemon/https/tls/gnutls_algorithms.c
index 9558119b..c3daa08b 100644
--- a/src/daemon/https/tls/gnutls_algorithms.c
+++ b/src/daemon/https/tls/gnutls_algorithms.c
@@ -138,22 +138,22 @@ typedef struct
138 138
139static const gnutls_version_entry mhd_gtls_sup_versions[] = { 139static const gnutls_version_entry mhd_gtls_sup_versions[] = {
140 {"SSL3.0", 140 {"SSL3.0",
141 MHD_GNUTLS_SSL3, 141 MHD_GNUTLS_PROTOCOL_SSL3,
142 3, 142 3,
143 0, 143 0,
144 1}, 144 1},
145 {"TLS1.0", 145 {"TLS1.0",
146 MHD_GNUTLS_TLS1_0, 146 MHD_GNUTLS_PROTOCOL_TLS1_0,
147 3, 147 3,
148 1, 148 1,
149 1}, 149 1},
150 {"TLS1.1", 150 {"TLS1.1",
151 MHD_GNUTLS_TLS1_1, 151 MHD_GNUTLS_PROTOCOL_TLS1_1,
152 3, 152 3,
153 2, 153 2,
154 1}, 154 1},
155 {"TLS1.2", 155 {"TLS1.2",
156 MHD_GNUTLS_TLS1_2, 156 MHD_GNUTLS_PROTOCOL_TLS1_2,
157 3, 157 3,
158 3, 158 3,
159 1}, 159 1},
@@ -166,10 +166,10 @@ static const gnutls_version_entry mhd_gtls_sup_versions[] = {
166 166
167/* Keep the contents of this struct the same as the previous one. */ 167/* Keep the contents of this struct the same as the previous one. */
168static const enum MHD_GNUTLS_Protocol mhd_gtls_supported_protocols[] = 168static const enum MHD_GNUTLS_Protocol mhd_gtls_supported_protocols[] =
169{ MHD_GNUTLS_SSL3, 169{ MHD_GNUTLS_PROTOCOL_SSL3,
170 MHD_GNUTLS_TLS1_0, 170 MHD_GNUTLS_PROTOCOL_TLS1_0,
171 MHD_GNUTLS_TLS1_1, 171 MHD_GNUTLS_PROTOCOL_TLS1_1,
172 MHD_GNUTLS_TLS1_2, 172 MHD_GNUTLS_PROTOCOL_TLS1_2,
173 0 173 0
174}; 174};
175 175
@@ -593,159 +593,159 @@ static const mhd_gtls_cipher_suite_entry mhd_gtls_cs_algorithms[] = {
593 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_ARCFOUR_MD5, 593 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_ARCFOUR_MD5,
594 MHD_GNUTLS_CIPHER_ARCFOUR_128, 594 MHD_GNUTLS_CIPHER_ARCFOUR_128,
595 MHD_GNUTLS_KX_ANON_DH, MHD_GNUTLS_MAC_MD5, 595 MHD_GNUTLS_KX_ANON_DH, MHD_GNUTLS_MAC_MD5,
596 MHD_GNUTLS_SSL3), 596 MHD_GNUTLS_PROTOCOL_SSL3),
597 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_3DES_EDE_CBC_SHA1, 597 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_3DES_EDE_CBC_SHA1,
598 MHD_GNUTLS_CIPHER_3DES_CBC, 598 MHD_GNUTLS_CIPHER_3DES_CBC,
599 MHD_GNUTLS_KX_ANON_DH, 599 MHD_GNUTLS_KX_ANON_DH,
600 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 600 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
601 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_128_CBC_SHA1, 601 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_128_CBC_SHA1,
602 MHD_GNUTLS_CIPHER_AES_128_CBC, 602 MHD_GNUTLS_CIPHER_AES_128_CBC,
603 MHD_GNUTLS_KX_ANON_DH, 603 MHD_GNUTLS_KX_ANON_DH,
604 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 604 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
605 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA1, 605 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA1,
606 MHD_GNUTLS_CIPHER_AES_256_CBC, 606 MHD_GNUTLS_CIPHER_AES_256_CBC,
607 MHD_GNUTLS_KX_ANON_DH, 607 MHD_GNUTLS_KX_ANON_DH,
608 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 608 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
609#ifdef ENABLE_CAMELLIA 609#ifdef ENABLE_CAMELLIA
610 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_128_CBC_SHA1, 610 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_128_CBC_SHA1,
611 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC, 611 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
612 MHD_GNUTLS_KX_ANON_DH, 612 MHD_GNUTLS_KX_ANON_DH,
613 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 613 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
614 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_256_CBC_SHA1, 614 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_256_CBC_SHA1,
615 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC, 615 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
616 MHD_GNUTLS_KX_ANON_DH, 616 MHD_GNUTLS_KX_ANON_DH,
617 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 617 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
618#endif 618#endif
619 619
620 /* SRP */ 620 /* SRP */
621 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1, 621 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1,
622 MHD_GNUTLS_CIPHER_3DES_CBC, MHD_GNUTLS_KX_SRP, 622 MHD_GNUTLS_CIPHER_3DES_CBC, MHD_GNUTLS_KX_SRP,
623 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 623 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
624 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_128_CBC_SHA1, 624 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_128_CBC_SHA1,
625 MHD_GNUTLS_CIPHER_AES_128_CBC, MHD_GNUTLS_KX_SRP, 625 MHD_GNUTLS_CIPHER_AES_128_CBC, MHD_GNUTLS_KX_SRP,
626 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 626 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
627 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_256_CBC_SHA1, 627 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_256_CBC_SHA1,
628 MHD_GNUTLS_CIPHER_AES_256_CBC, MHD_GNUTLS_KX_SRP, 628 MHD_GNUTLS_CIPHER_AES_256_CBC, MHD_GNUTLS_KX_SRP,
629 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 629 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
630 630
631 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1, 631 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1,
632 MHD_GNUTLS_CIPHER_3DES_CBC, 632 MHD_GNUTLS_CIPHER_3DES_CBC,
633 MHD_GNUTLS_KX_SRP_DSS, 633 MHD_GNUTLS_KX_SRP_DSS,
634 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 634 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
635 635
636 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1, 636 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1,
637 MHD_GNUTLS_CIPHER_3DES_CBC, 637 MHD_GNUTLS_CIPHER_3DES_CBC,
638 MHD_GNUTLS_KX_SRP_RSA, 638 MHD_GNUTLS_KX_SRP_RSA,
639 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 639 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
640 640
641 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1, 641 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1,
642 MHD_GNUTLS_CIPHER_AES_128_CBC, 642 MHD_GNUTLS_CIPHER_AES_128_CBC,
643 MHD_GNUTLS_KX_SRP_DSS, 643 MHD_GNUTLS_KX_SRP_DSS,
644 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 644 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
645 645
646 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1, 646 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1,
647 MHD_GNUTLS_CIPHER_AES_128_CBC, 647 MHD_GNUTLS_CIPHER_AES_128_CBC,
648 MHD_GNUTLS_KX_SRP_RSA, 648 MHD_GNUTLS_KX_SRP_RSA,
649 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 649 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
650 650
651 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1, 651 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1,
652 MHD_GNUTLS_CIPHER_AES_256_CBC, 652 MHD_GNUTLS_CIPHER_AES_256_CBC,
653 MHD_GNUTLS_KX_SRP_DSS, 653 MHD_GNUTLS_KX_SRP_DSS,
654 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 654 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
655 655
656 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1, 656 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1,
657 MHD_GNUTLS_CIPHER_AES_256_CBC, 657 MHD_GNUTLS_CIPHER_AES_256_CBC,
658 MHD_GNUTLS_KX_SRP_RSA, 658 MHD_GNUTLS_KX_SRP_RSA,
659 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 659 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
660 660
661 /* DHE_DSS */ 661 /* DHE_DSS */
662 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_ARCFOUR_SHA1, 662 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_ARCFOUR_SHA1,
663 MHD_GNUTLS_CIPHER_ARCFOUR_128, 663 MHD_GNUTLS_CIPHER_ARCFOUR_128,
664 MHD_GNUTLS_KX_DHE_DSS, 664 MHD_GNUTLS_KX_DHE_DSS,
665 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 665 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
666 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1, 666 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1,
667 MHD_GNUTLS_CIPHER_3DES_CBC, 667 MHD_GNUTLS_CIPHER_3DES_CBC,
668 MHD_GNUTLS_KX_DHE_DSS, 668 MHD_GNUTLS_KX_DHE_DSS,
669 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 669 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
670 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA1, 670 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA1,
671 MHD_GNUTLS_CIPHER_AES_128_CBC, 671 MHD_GNUTLS_CIPHER_AES_128_CBC,
672 MHD_GNUTLS_KX_DHE_DSS, 672 MHD_GNUTLS_KX_DHE_DSS,
673 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 673 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
674 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA1, 674 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA1,
675 MHD_GNUTLS_CIPHER_AES_256_CBC, 675 MHD_GNUTLS_CIPHER_AES_256_CBC,
676 MHD_GNUTLS_KX_DHE_DSS, 676 MHD_GNUTLS_KX_DHE_DSS,
677 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 677 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
678#ifdef ENABLE_CAMELLIA 678#ifdef ENABLE_CAMELLIA
679 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1, 679 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1,
680 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC, 680 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
681 MHD_GNUTLS_KX_DHE_DSS, 681 MHD_GNUTLS_KX_DHE_DSS,
682 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 682 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
683 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1, 683 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1,
684 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC, 684 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
685 MHD_GNUTLS_KX_DHE_DSS, 685 MHD_GNUTLS_KX_DHE_DSS,
686 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 686 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
687#endif 687#endif
688 /* DHE_RSA */ 688 /* DHE_RSA */
689 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1, 689 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1,
690 MHD_GNUTLS_CIPHER_3DES_CBC, 690 MHD_GNUTLS_CIPHER_3DES_CBC,
691 MHD_GNUTLS_KX_DHE_RSA, 691 MHD_GNUTLS_KX_DHE_RSA,
692 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 692 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
693 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA1, 693 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA1,
694 MHD_GNUTLS_CIPHER_AES_128_CBC, 694 MHD_GNUTLS_CIPHER_AES_128_CBC,
695 MHD_GNUTLS_KX_DHE_RSA, 695 MHD_GNUTLS_KX_DHE_RSA,
696 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 696 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
697 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA1, 697 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA1,
698 MHD_GNUTLS_CIPHER_AES_256_CBC, 698 MHD_GNUTLS_CIPHER_AES_256_CBC,
699 MHD_GNUTLS_KX_DHE_RSA, 699 MHD_GNUTLS_KX_DHE_RSA,
700 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 700 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
701#ifdef ENABLE_CAMELLIA 701#ifdef ENABLE_CAMELLIA
702 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1, 702 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1,
703 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC, 703 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
704 MHD_GNUTLS_KX_DHE_RSA, 704 MHD_GNUTLS_KX_DHE_RSA,
705 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 705 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
706 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1, 706 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1,
707 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC, 707 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
708 MHD_GNUTLS_KX_DHE_RSA, 708 MHD_GNUTLS_KX_DHE_RSA,
709 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 709 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
710#endif 710#endif
711 /* RSA */ 711 /* RSA */
712 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5, 712 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5,
713 MHD_GNUTLS_CIPHER_NULL, 713 MHD_GNUTLS_CIPHER_NULL,
714 MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_MD5, 714 MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_MD5,
715 MHD_GNUTLS_SSL3), 715 MHD_GNUTLS_PROTOCOL_SSL3),
716 716
717 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5, 717 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5,
718 MHD_GNUTLS_CIPHER_ARCFOUR_40, 718 MHD_GNUTLS_CIPHER_ARCFOUR_40,
719 MHD_GNUTLS_KX_RSA_EXPORT, MHD_GNUTLS_MAC_MD5, 719 MHD_GNUTLS_KX_RSA_EXPORT, MHD_GNUTLS_MAC_MD5,
720 MHD_GNUTLS_SSL3), 720 MHD_GNUTLS_PROTOCOL_SSL3),
721 721
722 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_SHA1, 722 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_SHA1,
723 MHD_GNUTLS_CIPHER_ARCFOUR_128, 723 MHD_GNUTLS_CIPHER_ARCFOUR_128,
724 MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_SHA1, 724 MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_SHA1,
725 MHD_GNUTLS_SSL3), 725 MHD_GNUTLS_PROTOCOL_SSL3),
726 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_MD5, 726 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_MD5,
727 MHD_GNUTLS_CIPHER_ARCFOUR_128, 727 MHD_GNUTLS_CIPHER_ARCFOUR_128,
728 MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_MD5, 728 MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_MD5,
729 MHD_GNUTLS_SSL3), 729 MHD_GNUTLS_PROTOCOL_SSL3),
730 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_3DES_EDE_CBC_SHA1, 730 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_3DES_EDE_CBC_SHA1,
731 MHD_GNUTLS_CIPHER_3DES_CBC, 731 MHD_GNUTLS_CIPHER_3DES_CBC,
732 MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_SHA1, 732 MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_SHA1,
733 MHD_GNUTLS_SSL3), 733 MHD_GNUTLS_PROTOCOL_SSL3),
734 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA1, 734 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA1,
735 MHD_GNUTLS_CIPHER_AES_128_CBC, MHD_GNUTLS_KX_RSA, 735 MHD_GNUTLS_CIPHER_AES_128_CBC, MHD_GNUTLS_KX_RSA,
736 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 736 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
737 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1, 737 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1,
738 MHD_GNUTLS_CIPHER_AES_256_CBC, MHD_GNUTLS_KX_RSA, 738 MHD_GNUTLS_CIPHER_AES_256_CBC, MHD_GNUTLS_KX_RSA,
739 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3), 739 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
740#ifdef ENABLE_CAMELLIA 740#ifdef ENABLE_CAMELLIA
741 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1, 741 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1,
742 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC, 742 MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
743 MHD_GNUTLS_KX_RSA, 743 MHD_GNUTLS_KX_RSA,
744 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 744 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
745 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1, 745 GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1,
746 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC, 746 MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
747 MHD_GNUTLS_KX_RSA, 747 MHD_GNUTLS_KX_RSA,
748 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0), 748 MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
749#endif 749#endif
750 {0, 750 {0,
751 { 751 {
@@ -1299,7 +1299,7 @@ mhd_gtls_version_lowest (mhd_gtls_session_t session)
1299 1299
1300 if (session->internals.priorities.protocol.priority == NULL) 1300 if (session->internals.priorities.protocol.priority == NULL)
1301 { 1301 {
1302 return MHD_GNUTLS_VERSION_UNKNOWN; 1302 return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN;
1303 } 1303 }
1304 else 1304 else
1305 for (i = 0; i < session->internals.priorities.protocol.num_algorithms; 1305 for (i = 0; i < session->internals.priorities.protocol.num_algorithms;
@@ -1310,7 +1310,7 @@ mhd_gtls_version_lowest (mhd_gtls_session_t session)
1310 } 1310 }
1311 1311
1312 if (min == 0xff) 1312 if (min == 0xff)
1313 return MHD_GNUTLS_VERSION_UNKNOWN; /* unknown version */ 1313 return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */
1314 1314
1315 return min; 1315 return min;
1316} 1316}
@@ -1322,7 +1322,7 @@ mhd_gtls_version_max (mhd_gtls_session_t session)
1322 1322
1323 if (session->internals.priorities.protocol.priority == NULL) 1323 if (session->internals.priorities.protocol.priority == NULL)
1324 { 1324 {
1325 return MHD_GNUTLS_VERSION_UNKNOWN; 1325 return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN;
1326 } 1326 }
1327 else 1327 else
1328 for (i = 0; i < session->internals.priorities.protocol.num_algorithms; 1328 for (i = 0; i < session->internals.priorities.protocol.num_algorithms;
@@ -1333,7 +1333,7 @@ mhd_gtls_version_max (mhd_gtls_session_t session)
1333 } 1333 }
1334 1334
1335 if (max == 0x00) 1335 if (max == 0x00)
1336 return MHD_GNUTLS_VERSION_UNKNOWN; /* unknown version */ 1336 return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */
1337 1337
1338 return max; 1338 return max;
1339} 1339}
@@ -1367,7 +1367,7 @@ MHD_gnutls_protocol_get_name (enum MHD_GNUTLS_Protocol version)
1367enum MHD_GNUTLS_Protocol 1367enum MHD_GNUTLS_Protocol
1368MHD_gtls_protocol_get_id (const char *name) 1368MHD_gtls_protocol_get_id (const char *name)
1369{ 1369{
1370 enum MHD_GNUTLS_Protocol ret = MHD_GNUTLS_VERSION_UNKNOWN; 1370 enum MHD_GNUTLS_Protocol ret = MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN;
1371 1371
1372 GNUTLS_VERSION_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id) 1372 GNUTLS_VERSION_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id)
1373 ; 1373 ;
diff --git a/src/daemon/https/tls/gnutls_cipher.c b/src/daemon/https/tls/gnutls_cipher.c
index 872abdf0..69b62d16 100644
--- a/src/daemon/https/tls/gnutls_cipher.c
+++ b/src/daemon/https/tls/gnutls_cipher.c
@@ -202,7 +202,7 @@ mac_init (enum MHD_GNUTLS_HashAlgorithm mac, opaque * secret, int secret_size,
202 if (mac == MHD_GNUTLS_MAC_NULL) 202 if (mac == MHD_GNUTLS_MAC_NULL)
203 return GNUTLS_MAC_FAILED; 203 return GNUTLS_MAC_FAILED;
204 204
205 if (ver == MHD_GNUTLS_SSL3) 205 if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
206 { /* SSL 3.0 */ 206 { /* SSL 3.0 */
207 td = mhd_gnutls_mac_init_ssl3 (mac, secret, secret_size); 207 td = mhd_gnutls_mac_init_ssl3 (mac, secret, secret_size);
208 } 208 }
@@ -217,7 +217,7 @@ mac_init (enum MHD_GNUTLS_HashAlgorithm mac, opaque * secret, int secret_size,
217inline static void 217inline static void
218mac_deinit (mac_hd_t td, opaque * res, int ver) 218mac_deinit (mac_hd_t td, opaque * res, int ver)
219{ 219{
220 if (ver == MHD_GNUTLS_SSL3) 220 if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
221 { /* SSL 3.0 */ 221 { /* SSL 3.0 */
222 mhd_gnutls_mac_deinit_ssl3 (td, res); 222 mhd_gnutls_mac_deinit_ssl3 (td, res);
223 } 223 }
@@ -251,7 +251,7 @@ calc_enc_length (mhd_gtls_session_t session, int data_size,
251 } 251 }
252 252
253 /* make rnd a multiple of blocksize */ 253 /* make rnd a multiple of blocksize */
254 if (session->security_parameters.version == MHD_GNUTLS_SSL3 || 254 if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3 ||
255 random_pad == 0) 255 random_pad == 0)
256 { 256 {
257 rnd = 0; 257 rnd = 0;
@@ -271,7 +271,7 @@ calc_enc_length (mhd_gtls_session_t session, int data_size,
271 *pad = (uint8_t) (blocksize - (length % blocksize)) + rnd; 271 *pad = (uint8_t) (blocksize - (length % blocksize)) + rnd;
272 272
273 length += *pad; 273 length += *pad;
274 if (session->security_parameters.version >= MHD_GNUTLS_TLS1_1) 274 if (session->security_parameters.version >= MHD_GNUTLS_PROTOCOL_TLS1_1)
275 length += blocksize; /* for the IV */ 275 length += blocksize; /* for the IV */
276 276
277 break; 277 break;
@@ -341,7 +341,7 @@ mhd_gtls_compressed2ciphertext (mhd_gtls_session_t session,
341 write_sequence_number), 8); 341 write_sequence_number), 8);
342 342
343 mhd_gnutls_hash (td, &type, 1); 343 mhd_gnutls_hash (td, &type, 1);
344 if (ver >= MHD_GNUTLS_TLS1_0) 344 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
345 { /* TLS 1.0 or higher */ 345 { /* TLS 1.0 or higher */
346 mhd_gnutls_hash (td, &major, 1); 346 mhd_gnutls_hash (td, &major, 1);
347 mhd_gnutls_hash (td, &minor, 1); 347 mhd_gnutls_hash (td, &minor, 1);
@@ -373,7 +373,7 @@ mhd_gtls_compressed2ciphertext (mhd_gtls_session_t session,
373 373
374 data_ptr = cipher_data; 374 data_ptr = cipher_data;
375 if (block_algo == CIPHER_BLOCK && 375 if (block_algo == CIPHER_BLOCK &&
376 session->security_parameters.version >= MHD_GNUTLS_TLS1_1) 376 session->security_parameters.version >= MHD_GNUTLS_PROTOCOL_TLS1_1)
377 { 377 {
378 /* copy the random IV. 378 /* copy the random IV.
379 */ 379 */
@@ -494,7 +494,7 @@ mhd_gtls_ciphertext2compressed (mhd_gtls_session_t session,
494 494
495 /* ignore the IV in TLS 1.1. 495 /* ignore the IV in TLS 1.1.
496 */ 496 */
497 if (session->security_parameters.version >= MHD_GNUTLS_TLS1_1) 497 if (session->security_parameters.version >= MHD_GNUTLS_PROTOCOL_TLS1_1)
498 { 498 {
499 ciphertext.size -= blocksize; 499 ciphertext.size -= blocksize;
500 ciphertext.data += blocksize; 500 ciphertext.data += blocksize;
@@ -521,7 +521,7 @@ mhd_gtls_ciphertext2compressed (mhd_gtls_session_t session,
521 521
522 /* Check the pading bytes (TLS 1.x) 522 /* Check the pading bytes (TLS 1.x)
523 */ 523 */
524 if (ver >= MHD_GNUTLS_TLS1_0 && pad_failed == 0) 524 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0 && pad_failed == 0)
525 for (i = 2; i < pad; i++) 525 for (i = 2; i < pad; i++)
526 { 526 {
527 if (ciphertext.data[ciphertext.size - i] != 527 if (ciphertext.data[ciphertext.size - i] !=
@@ -548,7 +548,7 @@ mhd_gtls_ciphertext2compressed (mhd_gtls_session_t session,
548 read_sequence_number), 8); 548 read_sequence_number), 8);
549 549
550 mhd_gnutls_hash (td, &type, 1); 550 mhd_gnutls_hash (td, &type, 1);
551 if (ver >= MHD_GNUTLS_TLS1_0) 551 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
552 { /* TLS 1.x */ 552 { /* TLS 1.x */
553 mhd_gnutls_hash (td, &major, 1); 553 mhd_gnutls_hash (td, &major, 1);
554 mhd_gnutls_hash (td, &minor, 1); 554 mhd_gnutls_hash (td, &minor, 1);
diff --git a/src/daemon/https/tls/gnutls_constate.c b/src/daemon/https/tls/gnutls_constate.c
index 9a2ee004..9ace3533 100644
--- a/src/daemon/https/tls/gnutls_constate.c
+++ b/src/daemon/https/tls/gnutls_constate.c
@@ -97,7 +97,7 @@ _gnutls_set_keys (mhd_gtls_session_t session, int hash_size, int IV_size,
97 memcpy (&rrnd[TLS_RANDOM_SIZE], 97 memcpy (&rrnd[TLS_RANDOM_SIZE],
98 session->security_parameters.server_random, TLS_RANDOM_SIZE); 98 session->security_parameters.server_random, TLS_RANDOM_SIZE);
99 99
100 if (session->security_parameters.version == MHD_GNUTLS_SSL3) 100 if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3)
101 { /* SSL 3 */ 101 { /* SSL 3 */
102 ret = 102 ret =
103 mhd_gnutls_ssl3_generate_random 103 mhd_gnutls_ssl3_generate_random
@@ -187,7 +187,7 @@ _gnutls_set_keys (mhd_gtls_session_t session, int hash_size, int IV_size,
187 187
188 /* generate the final keys */ 188 /* generate the final keys */
189 189
190 if (session->security_parameters.version == MHD_GNUTLS_SSL3) 190 if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3)
191 { /* SSL 3 */ 191 { /* SSL 3 */
192 ret = 192 ret =
193 mhd_gnutls_ssl3_hash_md5 (&key_block[pos], 193 mhd_gnutls_ssl3_hash_md5 (&key_block[pos],
@@ -219,7 +219,7 @@ _gnutls_set_keys (mhd_gtls_session_t session, int hash_size, int IV_size,
219 client_write_key_size = EXPORT_FINAL_KEY_SIZE; 219 client_write_key_size = EXPORT_FINAL_KEY_SIZE;
220 pos += key_size; 220 pos += key_size;
221 221
222 if (session->security_parameters.version == MHD_GNUTLS_SSL3) 222 if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3)
223 { /* SSL 3 */ 223 { /* SSL 3 */
224 ret = 224 ret =
225 mhd_gnutls_ssl3_hash_md5 (&key_block[pos], key_size, 225 mhd_gnutls_ssl3_hash_md5 (&key_block[pos], key_size,
@@ -321,7 +321,7 @@ _gnutls_set_keys (mhd_gtls_session_t session, int hash_size, int IV_size,
321 return GNUTLS_E_MEMORY_ERROR; 321 return GNUTLS_E_MEMORY_ERROR;
322 } 322 }
323 323
324 if (session->security_parameters.version == MHD_GNUTLS_SSL3) 324 if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3)
325 { /* SSL 3 */ 325 { /* SSL 3 */
326 ret = mhd_gnutls_ssl3_hash_md5 ("", 0, 326 ret = mhd_gnutls_ssl3_hash_md5 ("", 0,
327 rrnd, TLS_RANDOM_SIZE * 2, 327 rrnd, TLS_RANDOM_SIZE * 2,
diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c
index 08d423b5..e53d6985 100644
--- a/src/daemon/https/tls/gnutls_handshake.c
+++ b/src/daemon/https/tls/gnutls_handshake.c
@@ -195,7 +195,7 @@ _gnutls_finished (mhd_gtls_session_t session, int type, void *ret)
195 mac_hd_t td_sha; 195 mac_hd_t td_sha;
196 enum MHD_GNUTLS_Protocol ver = MHD_gnutls_protocol_get_version (session); 196 enum MHD_GNUTLS_Protocol ver = MHD_gnutls_protocol_get_version (session);
197 197
198 if (ver < MHD_GNUTLS_TLS1_2) 198 if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
199 { 199 {
200 td_md5 = 200 td_md5 =
201 mhd_gnutls_hash_copy (session->internals.handshake_mac_handle_md5); 201 mhd_gnutls_hash_copy (session->internals.handshake_mac_handle_md5);
@@ -215,7 +215,7 @@ _gnutls_finished (mhd_gtls_session_t session, int type, void *ret)
215 return GNUTLS_E_HASH_FAILED; 215 return GNUTLS_E_HASH_FAILED;
216 } 216 }
217 217
218 if (ver < MHD_GNUTLS_TLS1_2) 218 if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
219 { 219 {
220 mhd_gnutls_hash_deinit (td_md5, concat); 220 mhd_gnutls_hash_deinit (td_md5, concat);
221 mhd_gnutls_hash_deinit (td_sha, &concat[16]); 221 mhd_gnutls_hash_deinit (td_sha, &concat[16]);
@@ -281,7 +281,7 @@ mhd_gtls_negotiate_version (mhd_gtls_session_t session,
281 * then we send him the highest we support. 281 * then we send him the highest we support.
282 */ 282 */
283 ret = mhd_gtls_version_max (session); 283 ret = mhd_gtls_version_max (session);
284 if (ret == MHD_GNUTLS_VERSION_UNKNOWN) 284 if (ret == MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN)
285 { 285 {
286 /* this check is not really needed. 286 /* this check is not really needed.
287 */ 287 */
@@ -420,7 +420,7 @@ _gnutls_read_client_hello (mhd_gtls_session_t session, opaque * data,
420 420
421 /* Parse the extensions (if any) 421 /* Parse the extensions (if any)
422 */ 422 */
423 if (neg_version >= MHD_GNUTLS_TLS1_0) 423 if (neg_version >= MHD_GNUTLS_PROTOCOL_TLS1_0)
424 { 424 {
425 ret = mhd_gtls_parse_extensions (session, EXTENSION_APPLICATION, &data[pos], len); /* len is the rest of the parsed length */ 425 ret = mhd_gtls_parse_extensions (session, EXTENSION_APPLICATION, &data[pos], len); /* len is the rest of the parsed length */
426 if (ret < 0) 426 if (ret < 0)
@@ -437,7 +437,7 @@ _gnutls_read_client_hello (mhd_gtls_session_t session, opaque * data,
437 return ret; 437 return ret;
438 } 438 }
439 439
440 if (neg_version >= MHD_GNUTLS_TLS1_0) 440 if (neg_version >= MHD_GNUTLS_PROTOCOL_TLS1_0)
441 { 441 {
442 ret = mhd_gtls_parse_extensions (session, EXTENSION_TLS, &data[pos], len); /* len is the rest of the parsed length */ 442 ret = mhd_gtls_parse_extensions (session, EXTENSION_TLS, &data[pos], len); /* len is the rest of the parsed length */
443 if (ret < 0) 443 if (ret < 0)
@@ -529,7 +529,7 @@ _gnutls_send_finished (mhd_gtls_session_t session, int again)
529 return ret; 529 return ret;
530 } 530 }
531 531
532 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3) 532 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
533 { 533 {
534 ret = 534 ret =
535 _gnutls_ssl3_finished (session, 535 _gnutls_ssl3_finished (session,
@@ -581,7 +581,7 @@ _gnutls_recv_finished (mhd_gtls_session_t session)
581 } 581 }
582 582
583 583
584 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3) 584 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
585 { 585 {
586 data_size = 36; 586 data_size = 36;
587 } 587 }
@@ -597,7 +597,7 @@ _gnutls_recv_finished (mhd_gtls_session_t session)
597 return GNUTLS_E_ERROR_IN_FINISHED_PACKET; 597 return GNUTLS_E_ERROR_IN_FINISHED_PACKET;
598 } 598 }
599 599
600 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3) 600 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
601 { 601 {
602 ret = 602 ret =
603 _gnutls_ssl3_finished (session, 603 _gnutls_ssl3_finished (session,
@@ -1530,7 +1530,7 @@ _gnutls_read_server_hello (mhd_gtls_session_t session,
1530 1530
1531 /* Parse extensions. 1531 /* Parse extensions.
1532 */ 1532 */
1533 if (version >= MHD_GNUTLS_TLS1_0) 1533 if (version >= MHD_GNUTLS_PROTOCOL_TLS1_0)
1534 { 1534 {
1535 ret = mhd_gtls_parse_extensions (session, EXTENSION_ANY, &data[pos], len); /* len is the rest of the parsed length */ 1535 ret = mhd_gtls_parse_extensions (session, EXTENSION_ANY, &data[pos], len); /* len is the rest of the parsed length */
1536 if (ret < 0) 1536 if (ret < 0)
@@ -1706,7 +1706,7 @@ _gnutls_send_client_hello (mhd_gtls_session_t session, int again)
1706 hver = session->internals.resumed_security_parameters.version; 1706 hver = session->internals.resumed_security_parameters.version;
1707 } 1707 }
1708 1708
1709 if (hver == MHD_GNUTLS_VERSION_UNKNOWN || hver == 0) 1709 if (hver == MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN || hver == 0)
1710 { 1710 {
1711 gnutls_assert (); 1711 gnutls_assert ();
1712 gnutls_free (data); 1712 gnutls_free (data);
@@ -1810,7 +1810,7 @@ _gnutls_send_client_hello (mhd_gtls_session_t session, int again)
1810 1810
1811 /* Generate and copy TLS extensions. 1811 /* Generate and copy TLS extensions.
1812 */ 1812 */
1813 if (hver >= MHD_GNUTLS_TLS1_0) 1813 if (hver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
1814 { 1814 {
1815 extdatalen = 1815 extdatalen =
1816 mhd_gtls_gen_extensions (session, extdata, sizeof (extdata)); 1816 mhd_gtls_gen_extensions (session, extdata, sizeof (extdata));
diff --git a/src/daemon/https/tls/gnutls_kx.c b/src/daemon/https/tls/gnutls_kx.c
index 024af674..45717b4f 100644
--- a/src/daemon/https/tls/gnutls_kx.c
+++ b/src/daemon/https/tls/gnutls_kx.c
@@ -71,7 +71,7 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster)
71 mhd_gtls_bin2hex (session->security_parameters. 71 mhd_gtls_bin2hex (session->security_parameters.
72 server_random, 32, buf, sizeof (buf))); 72 server_random, 32, buf, sizeof (buf)));
73 73
74 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3) 74 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
75 { 75 {
76 opaque rnd[2 * TLS_RANDOM_SIZE + 1]; 76 opaque rnd[2 * TLS_RANDOM_SIZE + 1];
77 77
@@ -504,7 +504,7 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again)
504 504
505 if (again == 0) 505 if (again == 0)
506 { 506 {
507 if (MHD_gnutls_protocol_get_version (session) != MHD_GNUTLS_SSL3 || 507 if (MHD_gnutls_protocol_get_version (session) != MHD_GNUTLS_PROTOCOL_SSL3 ||
508 session->internals.selected_cert_list_length > 0) 508 session->internals.selected_cert_list_length > 0)
509 { 509 {
510 /* TLS 1.0 or SSL 3.0 with a valid certificate 510 /* TLS 1.0 or SSL 3.0 with a valid certificate
@@ -525,7 +525,7 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again)
525 * no certificate alert instead of an 525 * no certificate alert instead of an
526 * empty certificate. 526 * empty certificate.
527 */ 527 */
528 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3 && 528 if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 &&
529 session->internals.selected_cert_list_length == 0) 529 session->internals.selected_cert_list_length == 0)
530 { 530 {
531 ret = 531 ret =
@@ -632,7 +632,7 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session)
632 */ 632 */
633 if (optional == OPTIONAL_PACKET && 633 if (optional == OPTIONAL_PACKET &&
634 ret == GNUTLS_E_WARNING_ALERT_RECEIVED && 634 ret == GNUTLS_E_WARNING_ALERT_RECEIVED &&
635 MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3 && 635 MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 &&
636 gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE) 636 gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE)
637 { 637 {
638 638
diff --git a/src/daemon/https/tls/gnutls_priority.c b/src/daemon/https/tls/gnutls_priority.c
index bbdce41c..f0a91bd6 100644
--- a/src/daemon/https/tls/gnutls_priority.c
+++ b/src/daemon/https/tls/gnutls_priority.c
@@ -201,9 +201,9 @@ MHD_gnutls_certificate_type_set_priority (mhd_gtls_session_t session,
201#endif 201#endif
202} 202}
203 203
204static const int mhd_gtls_protocol_priority[] = { MHD_GNUTLS_TLS1_1, 204static const int mhd_gtls_protocol_priority[] = { MHD_GNUTLS_PROTOCOL_TLS1_1,
205 MHD_GNUTLS_TLS1_0, 205 MHD_GNUTLS_PROTOCOL_TLS1_0,
206 MHD_GNUTLS_SSL3, 206 MHD_GNUTLS_PROTOCOL_SSL3,
207 0 207 0
208}; 208};
209 209
diff --git a/src/daemon/https/tls/gnutls_sig.c b/src/daemon/https/tls/gnutls_sig.c
index 07ceb21b..3a41999d 100644
--- a/src/daemon/https/tls/gnutls_sig.c
+++ b/src/daemon/https/tls/gnutls_sig.c
@@ -65,7 +65,7 @@ mhd_gtls_tls_sign_hdata (mhd_gtls_session_t session,
65 return GNUTLS_E_HASH_FAILED; 65 return GNUTLS_E_HASH_FAILED;
66 } 66 }
67 67
68 if (ver == MHD_GNUTLS_SSL3) 68 if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
69 { 69 {
70 ret = mhd_gtls_generate_master (session, 1); 70 ret = mhd_gtls_generate_master (session, 1);
71 if (ret < 0) 71 if (ret < 0)
@@ -92,7 +92,7 @@ mhd_gtls_tls_sign_hdata (mhd_gtls_session_t session,
92 return GNUTLS_E_HASH_FAILED; 92 return GNUTLS_E_HASH_FAILED;
93 } 93 }
94 94
95 if (ver == MHD_GNUTLS_SSL3) 95 if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
96 mhd_gnutls_mac_deinit_ssl3_handshake (td_md5, concat, 96 mhd_gnutls_mac_deinit_ssl3_handshake (td_md5, concat,
97 session->security_parameters. 97 session->security_parameters.
98 master_secret, TLS_MASTER_SIZE); 98 master_secret, TLS_MASTER_SIZE);
@@ -146,7 +146,7 @@ mhd_gtls_tls_sign_params (mhd_gtls_session_t session,
146 switch (cert->subject_pk_algorithm) 146 switch (cert->subject_pk_algorithm)
147 { 147 {
148 case MHD_GNUTLS_PK_RSA: 148 case MHD_GNUTLS_PK_RSA:
149 if (ver < MHD_GNUTLS_TLS1_2) 149 if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
150 { 150 {
151 mac_hd_t td_md5 = mhd_gtls_hash_init (MHD_GNUTLS_MAC_MD5); 151 mac_hd_t td_md5 = mhd_gtls_hash_init (MHD_GNUTLS_MAC_MD5);
152 if (td_md5 == NULL) 152 if (td_md5 == NULL)
@@ -352,7 +352,7 @@ mhd_gtls_verify_sig_hdata (mhd_gtls_session_t session,
352 return GNUTLS_E_HASH_FAILED; 352 return GNUTLS_E_HASH_FAILED;
353 } 353 }
354 354
355 if (ver == MHD_GNUTLS_SSL3) 355 if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
356 { 356 {
357 ret = mhd_gtls_generate_master (session, 1); 357 ret = mhd_gtls_generate_master (session, 1);
358 if (ret < 0) 358 if (ret < 0)
@@ -404,7 +404,7 @@ mhd_gtls_verify_sig_params (mhd_gtls_session_t session,
404 opaque concat[36]; 404 opaque concat[36];
405 enum MHD_GNUTLS_Protocol ver = MHD_gnutls_protocol_get_version (session); 405 enum MHD_GNUTLS_Protocol ver = MHD_gnutls_protocol_get_version (session);
406 406
407 if (ver < MHD_GNUTLS_TLS1_2) 407 if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
408 { 408 {
409 td_md5 = mhd_gtls_hash_init (MHD_GNUTLS_MAC_MD5); 409 td_md5 = mhd_gtls_hash_init (MHD_GNUTLS_MAC_MD5);
410 if (td_md5 == NULL) 410 if (td_md5 == NULL)
@@ -435,7 +435,7 @@ mhd_gtls_verify_sig_params (mhd_gtls_session_t session,
435 TLS_RANDOM_SIZE); 435 TLS_RANDOM_SIZE);
436 mhd_gnutls_hash (td_sha, params->data, params->size); 436 mhd_gnutls_hash (td_sha, params->data, params->size);
437 437
438 if (ver < MHD_GNUTLS_TLS1_2) 438 if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
439 { 439 {
440 mhd_gnutls_hash_deinit (td_md5, concat); 440 mhd_gnutls_hash_deinit (td_md5, concat);
441 mhd_gnutls_hash_deinit (td_sha, &concat[16]); 441 mhd_gnutls_hash_deinit (td_sha, &concat[16]);
diff --git a/src/daemon/https/tls/gnutls_state.c b/src/daemon/https/tls/gnutls_state.c
index 6eb01660..ae793ee0 100644
--- a/src/daemon/https/tls/gnutls_state.c
+++ b/src/daemon/https/tls/gnutls_state.c
@@ -812,7 +812,7 @@ mhd_gtls_PRF (mhd_gtls_session_t session,
812 memcpy (s_seed, label, label_size); 812 memcpy (s_seed, label, label_size);
813 memcpy (&s_seed[label_size], seed, seed_size); 813 memcpy (&s_seed[label_size], seed, seed_size);
814 814
815 if (ver >= MHD_GNUTLS_TLS1_2) 815 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_2)
816 { 816 {
817 result = 817 result =
818 _gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, secret, secret_size, s_seed, 818 _gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, secret, secret_size, s_seed,
diff --git a/src/daemon/https/tls/gnutls_x509.c b/src/daemon/https/tls/gnutls_x509.c
index 49e093cc..f854b710 100644
--- a/src/daemon/https/tls/gnutls_x509.c
+++ b/src/daemon/https/tls/gnutls_x509.c
@@ -202,7 +202,7 @@ _gnutls_x509_cert_verify_peers (mhd_gtls_session_t session,
202} 202}
203 203
204/* 204/*
205 * Read certificates and private keys, from files, memory etc. 205 * Read certificates and private keys, from memory etc.
206 */ 206 */
207 207
208/* returns error if the certificate has different algorithm than 208/* returns error if the certificate has different algorithm than
@@ -605,82 +605,6 @@ read_key_mem (mhd_gtls_cert_credentials_t res,
605 return 0; 605 return 0;
606} 606}
607 607
608static char *
609read_file (const char *filename, size_t * length)
610{
611 struct stat st;
612 char *out;
613 int fd;
614
615 fd = open (filename, O_RDONLY);
616 if (-1 == fd)
617 return NULL;
618 if (0 != fstat(fd, &st))
619 goto ERR;
620 out = malloc(st.st_size);
621 if (out == NULL)
622 goto ERR;
623 if (st.st_size != read(fd, out, st.st_size))
624 {
625 free(out);
626 goto ERR;
627 }
628 *length = st.st_size;
629 close(fd);
630 return out;
631 ERR:
632 close(fd);
633 return NULL;
634}
635
636/* Reads a certificate file
637 */
638static int
639read_cert_file (mhd_gtls_cert_credentials_t res,
640 const char *certfile, gnutls_x509_crt_fmt_t type)
641{
642 int ret;
643 size_t size;
644 char *data = read_file (certfile, &size);
645
646 if (data == NULL)
647 {
648 gnutls_assert ();
649 return GNUTLS_E_FILE_ERROR;
650 }
651
652 ret = read_cert_mem (res, data, size, type);
653 free (data);
654
655 return ret;
656
657}
658
659
660
661/* Reads PKCS-1 RSA private key file or a DSA file (in the format openssl
662 * stores it).
663 */
664static int
665read_key_file (mhd_gtls_cert_credentials_t res,
666 const char *keyfile, gnutls_x509_crt_fmt_t type)
667{
668 int ret;
669 size_t size;
670 char *data = read_file (keyfile, &size);
671
672 if (data == NULL)
673 {
674 gnutls_assert ();
675 return GNUTLS_E_FILE_ERROR;
676 }
677
678 ret = read_key_mem (res, data, size, type);
679 free (data);
680
681 return ret;
682}
683
684/** 608/**
685 * MHD_gnutls_certificate_set_x509_key_mem - Used to set keys in a mhd_gtls_cert_credentials_t structure 609 * MHD_gnutls_certificate_set_x509_key_mem - Used to set keys in a mhd_gtls_cert_credentials_t structure
686 * @res: is an #mhd_gtls_cert_credentials_t structure. 610 * @res: is an #mhd_gtls_cert_credentials_t structure.
@@ -739,51 +663,6 @@ MHD_gnutls_certificate_set_x509_key_mem (mhd_gtls_cert_credentials_t
739 return 0; 663 return 0;
740} 664}
741 665
742/**
743 * MHD_gnutls_certificate_set_x509_key_file - Used to set keys in a mhd_gtls_cert_credentials_t structure
744 * @res: is an #mhd_gtls_cert_credentials_t structure.
745 * @CERTFILE: is a file that containing the certificate list (path) for
746 * the specified private key, in PKCS7 format, or a list of certificates
747 * @KEYFILE: is a file that contains the private key
748 * @type: is PEM or DER
749 *
750 * This function sets a certificate/private key pair in the
751 * mhd_gtls_cert_credentials_t structure. This function may be
752 * called more than once (in case multiple keys/certificates exist
753 * for the server).
754 *
755 * Currently only PKCS-1 encoded RSA and DSA private keys are accepted by
756 * this function.
757 *
758 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
759 **/
760int
761MHD_gnutls_certificate_set_x509_key_file (mhd_gtls_cert_credentials_t
762 res, const char *CERTFILE,
763 const char *KEYFILE,
764 gnutls_x509_crt_fmt_t type)
765{
766 int ret;
767
768 /* this should be first
769 */
770 if ((ret = read_key_file (res, KEYFILE, type)) < 0)
771 return ret;
772
773 if ((ret = read_cert_file (res, CERTFILE, type)) < 0)
774 return ret;
775
776 res->ncerts++;
777
778 if ((ret = _gnutls_check_key_cert_match (res)) < 0)
779 {
780 gnutls_assert ();
781 return ret;
782 }
783
784 return 0;
785}
786
787static int 666static int
788generate_rdn_seq (mhd_gtls_cert_credentials_t res) 667generate_rdn_seq (mhd_gtls_cert_credentials_t res)
789{ 668{
@@ -1085,59 +964,6 @@ MHD_gnutls_certificate_set_x509_trust_mem (mhd_gtls_cert_credentials_t
1085 return ret; 964 return ret;
1086} 965}
1087 966
1088/**
1089 * MHD_gnutls_certificate_set_x509_trust_file - Used to add trusted CAs in a mhd_gtls_cert_credentials_t structure
1090 * @res: is an #mhd_gtls_cert_credentials_t structure.
1091 * @cafile: is a file containing the list of trusted CAs (DER or PEM list)
1092 * @type: is PEM or DER
1093 *
1094 * This function adds the trusted CAs in order to verify client or
1095 * server certificates. In case of a client this is not required to
1096 * be called if the certificates are not verified using
1097 * MHD_gtls_certificate_verify_peers2(). This function may be called
1098 * multiple times.
1099 *
1100 * In case of a server the names of the CAs set here will be sent to
1101 * the client if a certificate request is sent. This can be disabled
1102 * using MHD_gnutls_certificate_send_x509_rdn_sequence().
1103 *
1104 * Returns: number of certificates processed, or a negative value on
1105 * error.
1106 **/
1107int
1108MHD_gnutls_certificate_set_x509_trust_file (mhd_gtls_cert_credentials_t
1109 res, const char *cafile,
1110 gnutls_x509_crt_fmt_t type)
1111{
1112 int ret, ret2;
1113 size_t size;
1114 unsigned char *data = (unsigned char*) read_file (cafile, &size);
1115
1116 if (data == NULL)
1117 {
1118 gnutls_assert ();
1119 return GNUTLS_E_FILE_ERROR;
1120 }
1121
1122 if (type == GNUTLS_X509_FMT_DER)
1123 ret = parse_der_ca_mem (&res->x509_ca_list, &res->x509_ncas, data, size);
1124 else
1125 ret = parse_pem_ca_mem (&res->x509_ca_list, &res->x509_ncas, data, size);
1126
1127 free (data);
1128
1129 if (ret < 0)
1130 {
1131 gnutls_assert ();
1132 return ret;
1133 }
1134
1135 if ((ret2 = generate_rdn_seq (res)) < 0)
1136 return ret2;
1137
1138 return ret;
1139}
1140
1141#ifdef ENABLE_PKI 967#ifdef ENABLE_PKI
1142 968
1143static int 969static int
@@ -1333,53 +1159,6 @@ MHD_gnutls_certificate_set_x509_crl_mem (mhd_gtls_cert_credentials_t
1333 return ret; 1159 return ret;
1334} 1160}
1335 1161
1336/**
1337 * MHD_gnutls_certificate_set_x509_crl_file - Used to add CRLs in a mhd_gtls_cert_credentials_t structure
1338 * @res: is an #mhd_gtls_cert_credentials_t structure.
1339 * @crlfile: is a file containing the list of verified CRLs (DER or PEM list)
1340 * @type: is PEM or DER
1341 *
1342 * This function adds the trusted CRLs in order to verify client or server
1343 * certificates. In case of a client this is not required
1344 * to be called if the certificates are not verified using
1345 * MHD_gtls_certificate_verify_peers2().
1346 * This function may be called multiple times.
1347 *
1348 * Returns: number of CRLs processed or a negative value on error.
1349 **/
1350int
1351MHD_gnutls_certificate_set_x509_crl_file (mhd_gtls_cert_credentials_t
1352 res, const char *crlfile,
1353 gnutls_x509_crt_fmt_t type)
1354{
1355 int ret;
1356 size_t size;
1357 unsigned char *data = (unsigned char*) read_file (crlfile, &size);
1358
1359 if (data == NULL)
1360 {
1361 gnutls_assert ();
1362 return GNUTLS_E_FILE_ERROR;
1363 }
1364
1365 if (type == GNUTLS_X509_FMT_DER)
1366 ret = parse_der_crl_mem (&res->x509_crl_list, &res->x509_ncrls,
1367 data, size);
1368 else
1369 ret = parse_pem_crl_mem (&res->x509_crl_list, &res->x509_ncrls,
1370 data, size);
1371
1372 free (data);
1373
1374 if (ret < 0)
1375 {
1376 gnutls_assert ();
1377 return ret;
1378 }
1379
1380 return ret;
1381}
1382
1383#include <pkcs12.h> 1162#include <pkcs12.h>
1384 1163
1385/** 1164/**
diff --git a/src/daemon/internal.h b/src/daemon/internal.h
index 39886187..47d2963f 100644
--- a/src/daemon/internal.h
+++ b/src/daemon/internal.h
@@ -663,10 +663,6 @@ struct MHD_Daemon
663 /* Diffie-Hellman parameters */ 663 /* Diffie-Hellman parameters */
664 mhd_gtls_dh_params_t dh_params; 664 mhd_gtls_dh_params_t dh_params;
665 665
666 const char *https_key_path;
667
668 const char *https_cert_path;
669
670 const char *https_mem_key; 666 const char *https_mem_key;
671 667
672 const char *https_mem_cert; 668 const char *https_mem_cert;
diff --git a/src/examples/https_fileserver_example.c b/src/examples/https_fileserver_example.c
index 55201ce2..a8897a8d 100644
--- a/src/examples/https_fileserver_example.c
+++ b/src/examples/https_fileserver_example.c
@@ -170,19 +170,9 @@ main (int argc, char *const *argv)
170 170
171 MHD_OPTION_END); 171 MHD_OPTION_END);
172 } 172 }
173 else if (argc == 5){
174 TLS_daemon = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_DEBUG
175 | MHD_USE_SSL, atoi (argv[1]),
176 NULL,
177 NULL, &http_ahc,
178 NULL, MHD_OPTION_CONNECTION_TIMEOUT, 256,
179 MHD_OPTION_HTTPS_CERT_PATH, argv[3],
180 MHD_OPTION_HTTPS_KEY_PATH, argv[4],
181 MHD_OPTION_END);
182 }
183 else { 173 else {
184 printf 174 printf
185 ("Usage : %s HTTP-PORT SECONDS-TO-RUN [CERTIFICATE PATH, KEY PATH]\n", argv[0]); 175 ("Usage : %s HTTP-PORT SECONDS-TO-RUN\n", argv[0]);
186 return 1; 176 return 1;
187 } 177 }
188 178
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h
index 9c98433c..ce1bdd9d 100644
--- a/src/include/microhttpd.h
+++ b/src/include/microhttpd.h
@@ -349,24 +349,6 @@ enum MHD_OPTION
349 MHD_OPTION_SOCK_ADDR = 6, 349 MHD_OPTION_SOCK_ADDR = 6,
350 350
351 /** 351 /**
352 * Filename for the private key (key.pem) to be used by the
353 * HTTPS daemon. This option should be followed by an
354 * "const char*" argument. The memory of the filename must
355 * not be released until the application terminates.
356 * This should be used in conjunction with 'MHD_OPTION_HTTPS_CERT_PATH'.
357 */
358 MHD_OPTION_HTTPS_KEY_PATH = 7,
359
360 /**
361 * Filename for the certificate (cert.pem) to be used by the
362 * HTTPS daemon. This option should be followed by an
363 * "const char*" argument. The memory of the filename must
364 * not be released until the application terminates.
365 * This should be used in conjunction with 'MHD_OPTION_HTTPS_KEY_PATH'.
366 */
367 MHD_OPTION_HTTPS_CERT_PATH = 8,
368
369 /**
370 * Memory pointer for the private key (key.pem) to be used by the 352 * Memory pointer for the private key (key.pem) to be used by the
371 * HTTPS daemon. This option should be followed by an 353 * HTTPS daemon. This option should be followed by an
372 * "const char*" argument. 354 * "const char*" argument.
@@ -515,15 +497,6 @@ enum MHD_RequestTerminationCode
515 */ 497 */
516 MHD_REQUEST_TERMINATED_DAEMON_SHUTDOWN = 3, 498 MHD_REQUEST_TERMINATED_DAEMON_SHUTDOWN = 3,
517 499
518 /* FIXME: add TLS-specific error codes,
519 but only those that are useful! */
520 /**
521 * Processing of this secure connection encountered
522 * an error.
523 */
524 MHD_TLS_REQUEST_TERMINATED_WITH_ERROR,
525
526 MHD_TLS_REQUEST_TERMINATED_WITH_FATAL_ALERT
527}; 500};
528 501
529/** 502/**
@@ -640,11 +613,11 @@ enum MHD_GNUTLS_CompressionMethod
640enum MHD_GNUTLS_Protocol 613enum MHD_GNUTLS_Protocol
641{ 614{
642 MHD_GNUTLS_PROTOCOL_END = 0, 615 MHD_GNUTLS_PROTOCOL_END = 0,
643 MHD_GNUTLS_SSL3 = 1, 616 MHD_GNUTLS_PROTOCOL_SSL3 = 1,
644 MHD_GNUTLS_TLS1_0, 617 MHD_GNUTLS_PROTOCOL_TLS1_0,
645 MHD_GNUTLS_TLS1_1, 618 MHD_GNUTLS_PROTOCOL_TLS1_1,
646 MHD_GNUTLS_TLS1_2, 619 MHD_GNUTLS_PROTOCOL_TLS1_2,
647 MHD_GNUTLS_VERSION_UNKNOWN = 0xff 620 MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN = 0xff
648}; 621};
649 622
650/** 623/**
diff --git a/src/testcurl/https/mhds_session_info_test.c b/src/testcurl/https/mhds_session_info_test.c
index d57c6037..2f25f312 100644
--- a/src/testcurl/https/mhds_session_info_test.c
+++ b/src/testcurl/https/mhds_session_info_test.c
@@ -105,7 +105,7 @@ query_session_ahc (void *cls, struct MHD_Connection *connection,
105 } 105 }
106 106
107 if (MHD_get_connection_info (connection, MHD_CONNECTION_INFO_PROTOCOL)->protocol != 107 if (MHD_get_connection_info (connection, MHD_CONNECTION_INFO_PROTOCOL)->protocol !=
108 MHD_GNUTLS_SSL3) 108 MHD_GNUTLS_PROTOCOL_SSL3)
109 { 109 {
110 fprintf (stderr, "Error: requested compression mismatch. %s\n", 110 fprintf (stderr, "Error: requested compression mismatch. %s\n",
111 strerror (errno)); 111 strerror (errno));
diff --git a/src/testcurl/https/tls_daemon_options_test.c b/src/testcurl/https/tls_daemon_options_test.c
index 38a8c1d5..5817c9c5 100644
--- a/src/testcurl/https/tls_daemon_options_test.c
+++ b/src/testcurl/https/tls_daemon_options_test.c
@@ -356,8 +356,6 @@ main (int argc, char *const *argv)
356{ 356{
357 FILE *test_fd; 357 FILE *test_fd;
358 unsigned int errorCount = 0; 358 unsigned int errorCount = 0;
359 char * cur_dir;
360 char cert_path[255], key_path[255];
361 359
362 MHD_gtls_global_set_log_level (DEBUG_GNUTLS_LOG_LEVEL); 360 MHD_gtls_global_set_log_level (DEBUG_GNUTLS_LOG_LEVEL);
363 361
@@ -379,7 +377,7 @@ main (int argc, char *const *argv)
379 } 377 }
380 378
381 int mac[] = { MHD_GNUTLS_MAC_SHA1, 0 }; 379 int mac[] = { MHD_GNUTLS_MAC_SHA1, 0 };
382 int p[] = { MHD_GNUTLS_SSL3, 0 }; 380 int p[] = { MHD_GNUTLS_PROTOCOL_SSL3, 0 };
383 int cipher[] = { MHD_GNUTLS_CIPHER_3DES_CBC, 0 }; 381 int cipher[] = { MHD_GNUTLS_CIPHER_3DES_CBC, 0 };
384 int kx[] = { MHD_GNUTLS_KX_ANON_DH, 0 }; 382 int kx[] = { MHD_GNUTLS_KX_ANON_DH, 0 };
385 383
@@ -390,16 +388,6 @@ main (int argc, char *const *argv)
390 MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, 388 MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
391 MHD_OPTION_END); 389 MHD_OPTION_END);
392 390
393 cur_dir = get_current_dir_name ();
394 sprintf (cert_path, "%s/%s", cur_dir, "cert.pem");
395 sprintf (key_path, "%s/%s", cur_dir, "key.pem");
396
397 errorCount +=
398 test_wrap ("file certificates", &test_https_transfer, test_fd,
399 "AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_CERT_PATH, cert_path,
400 MHD_OPTION_HTTPS_KEY_PATH, key_path, MHD_OPTION_END);
401 free (cur_dir);
402
403 errorCount += 391 errorCount +=
404 test_wrap ("protocol_version", &test_protocol_version, test_fd, 392 test_wrap ("protocol_version", &test_protocol_version, test_fd,
405 "AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, 393 "AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-26 06:43:56 +0000