resurrected some client side code

author: lv-426 <oxcafebaby@yahoo.com> 2008-09-10 20:12:49 +0000
committer: lv-426 <oxcafebaby@yahoo.com> 2008-09-10 20:12:49 +0000
commit: 61629ae386ea0f7efaccb6de7f3ca29b62bf90e6 (patch)
tree: e1644e61b48b9b3bb9a93b947d509ded0cc73405 /src/daemon/https/tls/gnutls_handshake.c
parent: 04a3265002dbc3971c3ed0e552565d3c9e53754f (diff)
download: libmicrohttpd-61629ae386ea0f7efaccb6de7f3ca29b62bf90e6.tar.gz
libmicrohttpd-61629ae386ea0f7efaccb6de7f3ca29b62bf90e6.zip
1 files changed, 135 insertions, 15 deletions
diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c
index 601ce84a..daa39950 100644
--- a/src/daemon/https/tls/gnutls_handshake.c
+++ b/src/daemon/https/tls/gnutls_handshake.c
@@ -25,6 +25,7 @@
 /* Functions that relate to the TLS handshake procedure.
 */
+#include "MHD_config.h"
 #include "gnutls_int.h"
 #include "gnutls_errors.h"
 #include "gnutls_dh.h"
@@ -825,7 +826,7 @@ _gnutls_server_select_comp_method (mhd_gtls_session_t session,
              _gnutls_handshake_log
                ("HSK[%x]: Selected Compression Method: %s\n", session,
-                 MHD_gnutls_compression_get_name (session->internals.
+                 MHD_gtls_compression_get_name (session->internals.
                                                  compression_method));
@@ -1096,8 +1097,6 @@ _gnutls_recv_handshake_header (mhd_gtls_session_t session,
 #define _gnutls_handshake_header_buffer_clear( session) session->internals.handshake_header_buffer.header_size = 0
 /* This function will hash the handshake headers and the
 * handshake data.
 */
@@ -1144,7 +1143,6 @@ _gnutls_handshake_hash_add_recvd (mhd_gtls_session_t session,
  return 0;
 }
 /* This function will receive handshake messages of the given types,
 * and will pass the message to the right place in order to be processed.
 * E.g. for the SERVER_HELLO message (if it is expected), it will be
@@ -1612,7 +1610,6 @@ _gnutls_copy_ciphersuites (mhd_gtls_session_t session,
  return datalen;
 }
 /* This function copies the appropriate compression methods, to a locally allocated buffer
 * Needed in hello messages. Returns the new data length.
 */
@@ -1660,6 +1657,7 @@ _gnutls_copy_comp_methods (mhd_gtls_session_t session,
 */
 #define MAX_EXT_DATA_LENGTH 1024
+#if MHD_DEBUG_TLS
 /* This function sends the client hello handshake message.
 */
 static int
@@ -1844,6 +1842,7 @@ _gnutls_send_client_hello (mhd_gtls_session_t session, int again)
  return ret;
 }
+#endif
 static int
 _gnutls_send_server_hello (mhd_gtls_session_t session, int again)
@@ -2061,10 +2060,6 @@ MHD_gnutls_rehandshake (mhd_gtls_session_t session)
 {
  int ret;
-  /* only server sends that handshake packet */
-  if (session->security_parameters.entity == GNUTLS_CLIENT)
-    return GNUTLS_E_INVALID_REQUEST;
  ret =
    _gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST,
                                  AGAIN (STATE50));
@@ -2092,7 +2087,6 @@ _gnutls_abort_handshake (mhd_gtls_session_t session, int ret)
  return GNUTLS_E_INTERNAL_ERROR;
 }
 /* This function initialized the handshake hash session.
 * required for finished messages.
 */
@@ -2223,12 +2217,17 @@ MHD_gnutls_handshake (mhd_gtls_session_t session)
      gnutls_assert ();
      return ret;
    }
+#if MHD_DEBUG_TLS
  if (session->security_parameters.entity == GNUTLS_CLIENT)
-    {
+      {
-      gnutls_assert ();
+        ret = mhd_gtls_handshake_client (session);
-      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+      }
-    }
+    else
-  ret = mhd_gtls_handshake_server (session);
+#endif
+      {
+        ret = mhd_gtls_handshake_server (session);
+      }
  if (ret < 0)
    {
      /* In the case of a rehandshake abort
@@ -2268,6 +2267,127 @@ MHD_gnutls_handshake (mhd_gtls_session_t session)
        } } while (0)
+#if MHD_DEBUG_TLS
+/*
+ * mhd_gtls_handshake_client
+ * This function performs the client side of the handshake of the TLS/SSL protocol.
+ */
+int
+mhd_gtls_handshake_client (mhd_gtls_session_t session)
+{
+  int ret = 0;
+#ifdef HANDSHAKE_DEBUG
+  char buf[64];
+  if (session->internals.resumed_security_parameters.session_id_size > 0)
+    _gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session,
+                           mhd_gtls_bin2hex (session->internals.
+                                             resumed_security_parameters.
+                                             session_id,
+                                             session->internals.
+                                             resumed_security_parameters.
+                                             session_id_size, buf,
+                                             sizeof (buf)));
+#endif
+  switch (STATE)
+    {
+    case STATE0:
+    case STATE1:
+      ret = mhd_gtls_send_hello (session, AGAIN (STATE1));
+      STATE = STATE1;
+      IMED_RET ("send hello", ret);
+    case STATE2:
+      /* receive the server hello */
+      ret =
+        mhd_gtls_recv_handshake (session, NULL, NULL,
+                                 GNUTLS_HANDSHAKE_SERVER_HELLO,
+                                 MANDATORY_PACKET);
+      STATE = STATE2;
+      IMED_RET ("recv hello", ret);
+    case STATE70:
+      if (session->security_parameters.extensions.do_recv_supplemental)
+        {
+          ret = _gnutls_recv_supplemental (session);
+          STATE = STATE70;
+          IMED_RET ("recv supplemental", ret);
+        }
+    case STATE3:
+      /* RECV CERTIFICATE */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not resuming */
+        ret = mhd_gtls_recv_server_certificate (session);
+      STATE = STATE3;
+      IMED_RET ("recv server certificate", ret);
+    case STATE4:
+      /* receive the server key exchange */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not resuming */
+        ret = mhd_gtls_recv_server_kx_message (session);
+      STATE = STATE4;
+      IMED_RET ("recv server kx message", ret);
+    case STATE5:
+      /* receive the server certificate request - if any
+       */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not resuming */
+        ret = mhd_gtls_recv_server_certificate_request (session);
+      STATE = STATE5;
+      IMED_RET ("recv server certificate request message", ret);
+    case STATE6:
+      /* receive the server hello done */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not resuming */
+        ret =
+          mhd_gtls_recv_handshake (session, NULL, NULL,
+                                   GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
+                                   MANDATORY_PACKET);
+      STATE = STATE6;
+      IMED_RET ("recv server hello done", ret);
+    case STATE71:
+      if (session->security_parameters.extensions.do_send_supplemental)
+        {
+          ret = _gnutls_send_supplemental (session, AGAIN (STATE71));
+          STATE = STATE71;
+          IMED_RET ("send supplemental", ret);
+        }
+    case STATE7:
+      /* send our certificate - if any and if requested
+       */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not resuming */
+        ret = mhd_gtls_send_client_certificate (session, AGAIN (STATE7));
+      STATE = STATE7;
+      IMED_RET ("send client certificate", ret);
+    case STATE8:
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not resuming */
+        ret = mhd_gtls_send_client_kx_message (session, AGAIN (STATE8));
+      STATE = STATE8;
+      IMED_RET ("send client kx", ret);
+    case STATE9:
+      /* send client certificate verify */
+      if (session->internals.resumed == RESUME_FALSE)   /* if we are not resuming */
+        ret =
+          mhd_gtls_send_client_certificate_verify (session, AGAIN (STATE9));
+      STATE = STATE9;
+      IMED_RET ("send client certificate verify", ret);
+      STATE = STATE0;
+    default:
+      break;
+    }
+  return 0;
+}
+#endif
 /* This function sends the final handshake packets and initializes connection
 */
author	lv-426 <oxcafebaby@yahoo.com>	2008-09-10 20:12:49 +0000
committer	lv-426 <oxcafebaby@yahoo.com>	2008-09-10 20:12:49 +0000
commit	61629ae386ea0f7efaccb6de7f3ca29b62bf90e6 (patch)
tree	e1644e61b48b9b3bb9a93b947d509ded0cc73405 /src/daemon/https/tls/gnutls_handshake.c
parent	04a3265002dbc3971c3ed0e552565d3c9e53754f (diff)
download	libmicrohttpd-61629ae386ea0f7efaccb6de7f3ca29b62bf90e6.tar.gz libmicrohttpd-61629ae386ea0f7efaccb6de7f3ca29b62bf90e6.zip

diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c index 601ce84a..daa39950 100644 --- a/src/daemon/https/tls/gnutls_handshake.c +++ b/src/daemon/https/tls/gnutls_handshake.c
@@ -25,6 +25,7 @@
25	/* Functions that relate to the TLS handshake procedure.	25	/* Functions that relate to the TLS handshake procedure.
26	*/	26	*/
27		27
		28	#include "MHD_config.h"
28	#include "gnutls_int.h"	29	#include "gnutls_int.h"
29	#include "gnutls_errors.h"	30	#include "gnutls_errors.h"
30	#include "gnutls_dh.h"	31	#include "gnutls_dh.h"
@@ -825,7 +826,7 @@ _gnutls_server_select_comp_method (mhd_gtls_session_t session,
825		826
826	_gnutls_handshake_log	827	_gnutls_handshake_log
827	("HSK[%x]: Selected Compression Method: %s\n", session,	828	("HSK[%x]: Selected Compression Method: %s\n", session,
828	MHD_gnutls_compression_get_name (session->internals.	829	MHD_gtls_compression_get_name (session->internals.
829	compression_method));	830	compression_method));
830		831
831		832
@@ -1096,8 +1097,6 @@ _gnutls_recv_handshake_header (mhd_gtls_session_t session,
1096		1097
1097	#define _gnutls_handshake_header_buffer_clear( session) session->internals.handshake_header_buffer.header_size = 0	1098	#define _gnutls_handshake_header_buffer_clear( session) session->internals.handshake_header_buffer.header_size = 0
1098		1099
1099
1100
1101	/* This function will hash the handshake headers and the	1100	/* This function will hash the handshake headers and the
1102	* handshake data.	1101	* handshake data.
1103	*/	1102	*/
@@ -1144,7 +1143,6 @@ _gnutls_handshake_hash_add_recvd (mhd_gtls_session_t session,
1144	return 0;	1143	return 0;
1145	}	1144	}
1146		1145
1147
1148	/* This function will receive handshake messages of the given types,	1146	/* This function will receive handshake messages of the given types,
1149	* and will pass the message to the right place in order to be processed.	1147	* and will pass the message to the right place in order to be processed.
1150	* E.g. for the SERVER_HELLO message (if it is expected), it will be	1148	* E.g. for the SERVER_HELLO message (if it is expected), it will be
@@ -1612,7 +1610,6 @@ _gnutls_copy_ciphersuites (mhd_gtls_session_t session,
1612	return datalen;	1610	return datalen;
1613	}	1611	}
1614		1612
1615
1616	/* This function copies the appropriate compression methods, to a locally allocated buffer	1613	/* This function copies the appropriate compression methods, to a locally allocated buffer
1617	* Needed in hello messages. Returns the new data length.	1614	* Needed in hello messages. Returns the new data length.
1618	*/	1615	*/
@@ -1660,6 +1657,7 @@ _gnutls_copy_comp_methods (mhd_gtls_session_t session,
1660	*/	1657	*/
1661	#define MAX_EXT_DATA_LENGTH 1024	1658	#define MAX_EXT_DATA_LENGTH 1024
1662		1659
		1660	#if MHD_DEBUG_TLS
1663	/* This function sends the client hello handshake message.	1661	/* This function sends the client hello handshake message.
1664	*/	1662	*/
1665	static int	1663	static int
@@ -1844,6 +1842,7 @@ _gnutls_send_client_hello (mhd_gtls_session_t session, int again)
1844		1842
1845	return ret;	1843	return ret;
1846	}	1844	}
		1845	#endif
1847		1846
1848	static int	1847	static int
1849	_gnutls_send_server_hello (mhd_gtls_session_t session, int again)	1848	_gnutls_send_server_hello (mhd_gtls_session_t session, int again)
@@ -2061,10 +2060,6 @@ MHD_gnutls_rehandshake (mhd_gtls_session_t session)
2061	{	2060	{
2062	int ret;	2061	int ret;
2063		2062
2064	/* only server sends that handshake packet */
2065	if (session->security_parameters.entity == GNUTLS_CLIENT)
2066	return GNUTLS_E_INVALID_REQUEST;
2067
2068	ret =	2063	ret =
2069	_gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST,	2064	_gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST,
2070	AGAIN (STATE50));	2065	AGAIN (STATE50));
@@ -2092,7 +2087,6 @@ _gnutls_abort_handshake (mhd_gtls_session_t session, int ret)
2092	return GNUTLS_E_INTERNAL_ERROR;	2087	return GNUTLS_E_INTERNAL_ERROR;
2093	}	2088	}
2094		2089
2095
2096	/* This function initialized the handshake hash session.	2090	/* This function initialized the handshake hash session.
2097	* required for finished messages.	2091	* required for finished messages.
2098	*/	2092	*/
@@ -2223,12 +2217,17 @@ MHD_gnutls_handshake (mhd_gtls_session_t session)
2223	gnutls_assert ();	2217	gnutls_assert ();
2224	return ret;	2218	return ret;
2225	}	2219	}
		2220	#if MHD_DEBUG_TLS
2226	if (session->security_parameters.entity == GNUTLS_CLIENT)	2221	if (session->security_parameters.entity == GNUTLS_CLIENT)
2227	{	2222	{
2228	gnutls_assert ();	2223	ret = mhd_gtls_handshake_client (session);
2229	return GNUTLS_E_UNIMPLEMENTED_FEATURE;	2224	}
2230	}	2225	else
2231	ret = mhd_gtls_handshake_server (session);	2226	#endif
		2227	{
		2228	ret = mhd_gtls_handshake_server (session);
		2229	}
		2230
2232	if (ret < 0)	2231	if (ret < 0)
2233	{	2232	{
2234	/* In the case of a rehandshake abort	2233	/* In the case of a rehandshake abort
@@ -2268,6 +2267,127 @@ MHD_gnutls_handshake (mhd_gtls_session_t session)
2268	} } while (0)	2267	} } while (0)
2269		2268
2270		2269
		2270	#if MHD_DEBUG_TLS
		2271	/*
		2272	* mhd_gtls_handshake_client
		2273	* This function performs the client side of the handshake of the TLS/SSL protocol.
		2274	*/
		2275	int
		2276	mhd_gtls_handshake_client (mhd_gtls_session_t session)
		2277	{
		2278	int ret = 0;
		2279
		2280	#ifdef HANDSHAKE_DEBUG
		2281	char buf[64];
		2282
		2283	if (session->internals.resumed_security_parameters.session_id_size > 0)
		2284	_gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session,
		2285	mhd_gtls_bin2hex (session->internals.
		2286	resumed_security_parameters.
		2287	session_id,
		2288	session->internals.
		2289	resumed_security_parameters.
		2290	session_id_size, buf,
		2291	sizeof (buf)));
		2292	#endif
		2293
		2294	switch (STATE)
		2295	{
		2296	case STATE0:
		2297	case STATE1:
		2298	ret = mhd_gtls_send_hello (session, AGAIN (STATE1));
		2299	STATE = STATE1;
		2300	IMED_RET ("send hello", ret);
		2301
		2302	case STATE2:
		2303	/* receive the server hello */
		2304	ret =
		2305	mhd_gtls_recv_handshake (session, NULL, NULL,
		2306	GNUTLS_HANDSHAKE_SERVER_HELLO,
		2307	MANDATORY_PACKET);
		2308	STATE = STATE2;
		2309	IMED_RET ("recv hello", ret);
		2310
		2311	case STATE70:
		2312	if (session->security_parameters.extensions.do_recv_supplemental)
		2313	{
		2314	ret = _gnutls_recv_supplemental (session);
		2315	STATE = STATE70;
		2316	IMED_RET ("recv supplemental", ret);
		2317	}
		2318
		2319	case STATE3:
		2320	/* RECV CERTIFICATE */
		2321	if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */
		2322	ret = mhd_gtls_recv_server_certificate (session);
		2323	STATE = STATE3;
		2324	IMED_RET ("recv server certificate", ret);
		2325
		2326	case STATE4:
		2327	/* receive the server key exchange */
		2328	if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */
		2329	ret = mhd_gtls_recv_server_kx_message (session);
		2330	STATE = STATE4;
		2331	IMED_RET ("recv server kx message", ret);
		2332
		2333	case STATE5:
		2334	/* receive the server certificate request - if any
		2335	*/
		2336
		2337	if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */
		2338	ret = mhd_gtls_recv_server_certificate_request (session);
		2339	STATE = STATE5;
		2340	IMED_RET ("recv server certificate request message", ret);
		2341
		2342	case STATE6:
		2343	/* receive the server hello done */
		2344	if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */
		2345	ret =
		2346	mhd_gtls_recv_handshake (session, NULL, NULL,
		2347	GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
		2348	MANDATORY_PACKET);
		2349	STATE = STATE6;
		2350	IMED_RET ("recv server hello done", ret);
		2351
		2352	case STATE71:
		2353	if (session->security_parameters.extensions.do_send_supplemental)
		2354	{
		2355	ret = _gnutls_send_supplemental (session, AGAIN (STATE71));
		2356	STATE = STATE71;
		2357	IMED_RET ("send supplemental", ret);
		2358	}
		2359
		2360	case STATE7:
		2361	/* send our certificate - if any and if requested
		2362	*/
		2363	if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */
		2364	ret = mhd_gtls_send_client_certificate (session, AGAIN (STATE7));
		2365	STATE = STATE7;
		2366	IMED_RET ("send client certificate", ret);
		2367
		2368	case STATE8:
		2369	if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */
		2370	ret = mhd_gtls_send_client_kx_message (session, AGAIN (STATE8));
		2371	STATE = STATE8;
		2372	IMED_RET ("send client kx", ret);
		2373
		2374	case STATE9:
		2375	/* send client certificate verify */
		2376	if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */
		2377	ret =
		2378	mhd_gtls_send_client_certificate_verify (session, AGAIN (STATE9));
		2379	STATE = STATE9;
		2380	IMED_RET ("send client certificate verify", ret);
		2381
		2382	STATE = STATE0;
		2383	default:
		2384	break;
		2385	}
		2386
		2387
		2388	return 0;
		2389	}
		2390	#endif
2271		2391
2272	/* This function sends the final handshake packets and initializes connection	2392	/* This function sends the final handshake packets and initializes connection
2273	*/	2393	*/