diff options
author | lv-426 <oxcafebaby@yahoo.com> | 2008-09-10 20:12:49 +0000 |
---|---|---|
committer | lv-426 <oxcafebaby@yahoo.com> | 2008-09-10 20:12:49 +0000 |
commit | 61629ae386ea0f7efaccb6de7f3ca29b62bf90e6 (patch) | |
tree | e1644e61b48b9b3bb9a93b947d509ded0cc73405 /src/daemon/https/tls/gnutls_handshake.c | |
parent | 04a3265002dbc3971c3ed0e552565d3c9e53754f (diff) | |
download | libmicrohttpd-61629ae386ea0f7efaccb6de7f3ca29b62bf90e6.tar.gz libmicrohttpd-61629ae386ea0f7efaccb6de7f3ca29b62bf90e6.zip |
resurrected some client side code
Diffstat (limited to 'src/daemon/https/tls/gnutls_handshake.c')
-rw-r--r-- | src/daemon/https/tls/gnutls_handshake.c | 150 |
1 files changed, 135 insertions, 15 deletions
diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c index 601ce84a..daa39950 100644 --- a/src/daemon/https/tls/gnutls_handshake.c +++ b/src/daemon/https/tls/gnutls_handshake.c | |||
@@ -25,6 +25,7 @@ | |||
25 | /* Functions that relate to the TLS handshake procedure. | 25 | /* Functions that relate to the TLS handshake procedure. |
26 | */ | 26 | */ |
27 | 27 | ||
28 | #include "MHD_config.h" | ||
28 | #include "gnutls_int.h" | 29 | #include "gnutls_int.h" |
29 | #include "gnutls_errors.h" | 30 | #include "gnutls_errors.h" |
30 | #include "gnutls_dh.h" | 31 | #include "gnutls_dh.h" |
@@ -825,7 +826,7 @@ _gnutls_server_select_comp_method (mhd_gtls_session_t session, | |||
825 | 826 | ||
826 | _gnutls_handshake_log | 827 | _gnutls_handshake_log |
827 | ("HSK[%x]: Selected Compression Method: %s\n", session, | 828 | ("HSK[%x]: Selected Compression Method: %s\n", session, |
828 | MHD_gnutls_compression_get_name (session->internals. | 829 | MHD_gtls_compression_get_name (session->internals. |
829 | compression_method)); | 830 | compression_method)); |
830 | 831 | ||
831 | 832 | ||
@@ -1096,8 +1097,6 @@ _gnutls_recv_handshake_header (mhd_gtls_session_t session, | |||
1096 | 1097 | ||
1097 | #define _gnutls_handshake_header_buffer_clear( session) session->internals.handshake_header_buffer.header_size = 0 | 1098 | #define _gnutls_handshake_header_buffer_clear( session) session->internals.handshake_header_buffer.header_size = 0 |
1098 | 1099 | ||
1099 | |||
1100 | |||
1101 | /* This function will hash the handshake headers and the | 1100 | /* This function will hash the handshake headers and the |
1102 | * handshake data. | 1101 | * handshake data. |
1103 | */ | 1102 | */ |
@@ -1144,7 +1143,6 @@ _gnutls_handshake_hash_add_recvd (mhd_gtls_session_t session, | |||
1144 | return 0; | 1143 | return 0; |
1145 | } | 1144 | } |
1146 | 1145 | ||
1147 | |||
1148 | /* This function will receive handshake messages of the given types, | 1146 | /* This function will receive handshake messages of the given types, |
1149 | * and will pass the message to the right place in order to be processed. | 1147 | * and will pass the message to the right place in order to be processed. |
1150 | * E.g. for the SERVER_HELLO message (if it is expected), it will be | 1148 | * E.g. for the SERVER_HELLO message (if it is expected), it will be |
@@ -1612,7 +1610,6 @@ _gnutls_copy_ciphersuites (mhd_gtls_session_t session, | |||
1612 | return datalen; | 1610 | return datalen; |
1613 | } | 1611 | } |
1614 | 1612 | ||
1615 | |||
1616 | /* This function copies the appropriate compression methods, to a locally allocated buffer | 1613 | /* This function copies the appropriate compression methods, to a locally allocated buffer |
1617 | * Needed in hello messages. Returns the new data length. | 1614 | * Needed in hello messages. Returns the new data length. |
1618 | */ | 1615 | */ |
@@ -1660,6 +1657,7 @@ _gnutls_copy_comp_methods (mhd_gtls_session_t session, | |||
1660 | */ | 1657 | */ |
1661 | #define MAX_EXT_DATA_LENGTH 1024 | 1658 | #define MAX_EXT_DATA_LENGTH 1024 |
1662 | 1659 | ||
1660 | #if MHD_DEBUG_TLS | ||
1663 | /* This function sends the client hello handshake message. | 1661 | /* This function sends the client hello handshake message. |
1664 | */ | 1662 | */ |
1665 | static int | 1663 | static int |
@@ -1844,6 +1842,7 @@ _gnutls_send_client_hello (mhd_gtls_session_t session, int again) | |||
1844 | 1842 | ||
1845 | return ret; | 1843 | return ret; |
1846 | } | 1844 | } |
1845 | #endif | ||
1847 | 1846 | ||
1848 | static int | 1847 | static int |
1849 | _gnutls_send_server_hello (mhd_gtls_session_t session, int again) | 1848 | _gnutls_send_server_hello (mhd_gtls_session_t session, int again) |
@@ -2061,10 +2060,6 @@ MHD_gnutls_rehandshake (mhd_gtls_session_t session) | |||
2061 | { | 2060 | { |
2062 | int ret; | 2061 | int ret; |
2063 | 2062 | ||
2064 | /* only server sends that handshake packet */ | ||
2065 | if (session->security_parameters.entity == GNUTLS_CLIENT) | ||
2066 | return GNUTLS_E_INVALID_REQUEST; | ||
2067 | |||
2068 | ret = | 2063 | ret = |
2069 | _gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST, | 2064 | _gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST, |
2070 | AGAIN (STATE50)); | 2065 | AGAIN (STATE50)); |
@@ -2092,7 +2087,6 @@ _gnutls_abort_handshake (mhd_gtls_session_t session, int ret) | |||
2092 | return GNUTLS_E_INTERNAL_ERROR; | 2087 | return GNUTLS_E_INTERNAL_ERROR; |
2093 | } | 2088 | } |
2094 | 2089 | ||
2095 | |||
2096 | /* This function initialized the handshake hash session. | 2090 | /* This function initialized the handshake hash session. |
2097 | * required for finished messages. | 2091 | * required for finished messages. |
2098 | */ | 2092 | */ |
@@ -2223,12 +2217,17 @@ MHD_gnutls_handshake (mhd_gtls_session_t session) | |||
2223 | gnutls_assert (); | 2217 | gnutls_assert (); |
2224 | return ret; | 2218 | return ret; |
2225 | } | 2219 | } |
2220 | #if MHD_DEBUG_TLS | ||
2226 | if (session->security_parameters.entity == GNUTLS_CLIENT) | 2221 | if (session->security_parameters.entity == GNUTLS_CLIENT) |
2227 | { | 2222 | { |
2228 | gnutls_assert (); | 2223 | ret = mhd_gtls_handshake_client (session); |
2229 | return GNUTLS_E_UNIMPLEMENTED_FEATURE; | 2224 | } |
2230 | } | 2225 | else |
2231 | ret = mhd_gtls_handshake_server (session); | 2226 | #endif |
2227 | { | ||
2228 | ret = mhd_gtls_handshake_server (session); | ||
2229 | } | ||
2230 | |||
2232 | if (ret < 0) | 2231 | if (ret < 0) |
2233 | { | 2232 | { |
2234 | /* In the case of a rehandshake abort | 2233 | /* In the case of a rehandshake abort |
@@ -2268,6 +2267,127 @@ MHD_gnutls_handshake (mhd_gtls_session_t session) | |||
2268 | } } while (0) | 2267 | } } while (0) |
2269 | 2268 | ||
2270 | 2269 | ||
2270 | #if MHD_DEBUG_TLS | ||
2271 | /* | ||
2272 | * mhd_gtls_handshake_client | ||
2273 | * This function performs the client side of the handshake of the TLS/SSL protocol. | ||
2274 | */ | ||
2275 | int | ||
2276 | mhd_gtls_handshake_client (mhd_gtls_session_t session) | ||
2277 | { | ||
2278 | int ret = 0; | ||
2279 | |||
2280 | #ifdef HANDSHAKE_DEBUG | ||
2281 | char buf[64]; | ||
2282 | |||
2283 | if (session->internals.resumed_security_parameters.session_id_size > 0) | ||
2284 | _gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session, | ||
2285 | mhd_gtls_bin2hex (session->internals. | ||
2286 | resumed_security_parameters. | ||
2287 | session_id, | ||
2288 | session->internals. | ||
2289 | resumed_security_parameters. | ||
2290 | session_id_size, buf, | ||
2291 | sizeof (buf))); | ||
2292 | #endif | ||
2293 | |||
2294 | switch (STATE) | ||
2295 | { | ||
2296 | case STATE0: | ||
2297 | case STATE1: | ||
2298 | ret = mhd_gtls_send_hello (session, AGAIN (STATE1)); | ||
2299 | STATE = STATE1; | ||
2300 | IMED_RET ("send hello", ret); | ||
2301 | |||
2302 | case STATE2: | ||
2303 | /* receive the server hello */ | ||
2304 | ret = | ||
2305 | mhd_gtls_recv_handshake (session, NULL, NULL, | ||
2306 | GNUTLS_HANDSHAKE_SERVER_HELLO, | ||
2307 | MANDATORY_PACKET); | ||
2308 | STATE = STATE2; | ||
2309 | IMED_RET ("recv hello", ret); | ||
2310 | |||
2311 | case STATE70: | ||
2312 | if (session->security_parameters.extensions.do_recv_supplemental) | ||
2313 | { | ||
2314 | ret = _gnutls_recv_supplemental (session); | ||
2315 | STATE = STATE70; | ||
2316 | IMED_RET ("recv supplemental", ret); | ||
2317 | } | ||
2318 | |||
2319 | case STATE3: | ||
2320 | /* RECV CERTIFICATE */ | ||
2321 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2322 | ret = mhd_gtls_recv_server_certificate (session); | ||
2323 | STATE = STATE3; | ||
2324 | IMED_RET ("recv server certificate", ret); | ||
2325 | |||
2326 | case STATE4: | ||
2327 | /* receive the server key exchange */ | ||
2328 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2329 | ret = mhd_gtls_recv_server_kx_message (session); | ||
2330 | STATE = STATE4; | ||
2331 | IMED_RET ("recv server kx message", ret); | ||
2332 | |||
2333 | case STATE5: | ||
2334 | /* receive the server certificate request - if any | ||
2335 | */ | ||
2336 | |||
2337 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2338 | ret = mhd_gtls_recv_server_certificate_request (session); | ||
2339 | STATE = STATE5; | ||
2340 | IMED_RET ("recv server certificate request message", ret); | ||
2341 | |||
2342 | case STATE6: | ||
2343 | /* receive the server hello done */ | ||
2344 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2345 | ret = | ||
2346 | mhd_gtls_recv_handshake (session, NULL, NULL, | ||
2347 | GNUTLS_HANDSHAKE_SERVER_HELLO_DONE, | ||
2348 | MANDATORY_PACKET); | ||
2349 | STATE = STATE6; | ||
2350 | IMED_RET ("recv server hello done", ret); | ||
2351 | |||
2352 | case STATE71: | ||
2353 | if (session->security_parameters.extensions.do_send_supplemental) | ||
2354 | { | ||
2355 | ret = _gnutls_send_supplemental (session, AGAIN (STATE71)); | ||
2356 | STATE = STATE71; | ||
2357 | IMED_RET ("send supplemental", ret); | ||
2358 | } | ||
2359 | |||
2360 | case STATE7: | ||
2361 | /* send our certificate - if any and if requested | ||
2362 | */ | ||
2363 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2364 | ret = mhd_gtls_send_client_certificate (session, AGAIN (STATE7)); | ||
2365 | STATE = STATE7; | ||
2366 | IMED_RET ("send client certificate", ret); | ||
2367 | |||
2368 | case STATE8: | ||
2369 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2370 | ret = mhd_gtls_send_client_kx_message (session, AGAIN (STATE8)); | ||
2371 | STATE = STATE8; | ||
2372 | IMED_RET ("send client kx", ret); | ||
2373 | |||
2374 | case STATE9: | ||
2375 | /* send client certificate verify */ | ||
2376 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2377 | ret = | ||
2378 | mhd_gtls_send_client_certificate_verify (session, AGAIN (STATE9)); | ||
2379 | STATE = STATE9; | ||
2380 | IMED_RET ("send client certificate verify", ret); | ||
2381 | |||
2382 | STATE = STATE0; | ||
2383 | default: | ||
2384 | break; | ||
2385 | } | ||
2386 | |||
2387 | |||
2388 | return 0; | ||
2389 | } | ||
2390 | #endif | ||
2271 | 2391 | ||
2272 | /* This function sends the final handshake packets and initializes connection | 2392 | /* This function sends the final handshake packets and initializes connection |
2273 | */ | 2393 | */ |