diff options
author | lv-426 <oxcafebaby@yahoo.com> | 2008-07-10 17:28:48 +0000 |
---|---|---|
committer | lv-426 <oxcafebaby@yahoo.com> | 2008-07-10 17:28:48 +0000 |
commit | a6a989cf1200f25795e9ec1ed40b21c6024ed53e (patch) | |
tree | 1f3530546a82bd6ba192c56f95382fcb646786d6 /src/daemon | |
parent | 08ee1d01c9a343b41697b803150e712bd713c582 (diff) | |
download | libmicrohttpd-a6a989cf1200f25795e9ec1ed40b21c6024ed53e.tar.gz libmicrohttpd-a6a989cf1200f25795e9ec1ed40b21c6024ed53e.zip |
simplified write / idle handlers
SSL/TLS connection states merged into HTTP states
Diffstat (limited to 'src/daemon')
-rw-r--r-- | src/daemon/connection.c | 4 | ||||
-rw-r--r-- | src/daemon/connection_https.c | 138 | ||||
-rw-r--r-- | src/daemon/daemon.c | 34 | ||||
-rw-r--r-- | src/daemon/https/https_common.c | 6 | ||||
-rw-r--r-- | src/daemon/https/openpgp/gnutls_extra.c | 8 | ||||
-rw-r--r-- | src/daemon/https/tls/ext_oprfi.c | 3 | ||||
-rw-r--r-- | src/daemon/https/tls/gnutls_asn1_tab.c | 2 | ||||
-rw-r--r-- | src/daemon/https/tls/gnutls_compress_int.c | 9 | ||||
-rw-r--r-- | src/daemon/https/tls/gnutls_global.c | 2 | ||||
-rw-r--r-- | src/daemon/https/tls/gnutls_mpi.h | 2 | ||||
-rw-r--r-- | src/daemon/https/tls/gnutls_pk.h | 2 | ||||
-rw-r--r-- | src/daemon/https/x509/mpi.c | 5 | ||||
-rw-r--r-- | src/daemon/internal.h | 28 |
13 files changed, 121 insertions, 122 deletions
diff --git a/src/daemon/connection.c b/src/daemon/connection.c index 12c6f383..fce1b67c 100644 --- a/src/daemon/connection.c +++ b/src/daemon/connection.c | |||
@@ -31,9 +31,6 @@ | |||
31 | #include "response.h" | 31 | #include "response.h" |
32 | #include "reason_phrase.h" | 32 | #include "reason_phrase.h" |
33 | 33 | ||
34 | /* get opaque type */ | ||
35 | #include "gnutls_int.h" | ||
36 | |||
37 | #ifndef LINUX | 34 | #ifndef LINUX |
38 | #ifndef MSG_NOSIGNAL | 35 | #ifndef MSG_NOSIGNAL |
39 | #define MSG_NOSIGNAL 0 | 36 | #define MSG_NOSIGNAL 0 |
@@ -766,6 +763,7 @@ MHD_connection_get_fdset (struct MHD_Connection *connection, | |||
766 | if (connection->socket_fd != -1) | 763 | if (connection->socket_fd != -1) |
767 | connection_close_error (connection); | 764 | connection_close_error (connection); |
768 | return MHD_YES; /* do nothing, not even reading */ | 765 | return MHD_YES; /* do nothing, not even reading */ |
766 | |||
769 | default: | 767 | default: |
770 | EXTRA_CHECK (0); | 768 | EXTRA_CHECK (0); |
771 | } | 769 | } |
diff --git a/src/daemon/connection_https.c b/src/daemon/connection_https.c index 1a64c091..2597bf93 100644 --- a/src/daemon/connection_https.c +++ b/src/daemon/connection_https.c | |||
@@ -35,6 +35,7 @@ | |||
35 | #include "microhttpsd.h" | 35 | #include "microhttpsd.h" |
36 | /* get opaque type */ | 36 | /* get opaque type */ |
37 | #include "gnutls_int.h" | 37 | #include "gnutls_int.h" |
38 | #include "gnutls_record.h" | ||
38 | 39 | ||
39 | /* TODO rm */ | 40 | /* TODO rm */ |
40 | #include "gnutls_errors.h" | 41 | #include "gnutls_errors.h" |
@@ -46,17 +47,27 @@ int MHD_connection_handle_idle (struct MHD_Connection *connection); | |||
46 | 47 | ||
47 | /* TODO rm - appears in a switch default clause */ | 48 | /* TODO rm - appears in a switch default clause */ |
48 | static void | 49 | static void |
49 | connection_close_error (struct MHD_Connection *connection) | 50 | MHD_tls_connection_close (struct MHD_Connection *connection) |
50 | { | 51 | { |
52 | gnutls_bye (connection->tls_session, GNUTLS_SHUT_WR); | ||
53 | connection->tls_session->internals.read_eof = 1; | ||
54 | connection->socket_fd = -1; | ||
55 | |||
51 | SHUTDOWN (connection->socket_fd, SHUT_RDWR); | 56 | SHUTDOWN (connection->socket_fd, SHUT_RDWR); |
52 | CLOSE (connection->socket_fd); | 57 | CLOSE (connection->socket_fd); |
53 | connection->socket_fd = -1; | ||
54 | connection->state = MHD_CONNECTION_CLOSED; | 58 | connection->state = MHD_CONNECTION_CLOSED; |
55 | if (connection->daemon->notify_completed != NULL) | 59 | if (connection->daemon->notify_completed != NULL) |
56 | connection->daemon->notify_completed (connection->daemon-> | 60 | connection->daemon->notify_completed (connection->daemon-> |
57 | notify_completed_cls, connection, | 61 | notify_completed_cls, connection, |
58 | &connection->client_context, | 62 | &connection->client_context, |
59 | MHD_REQUEST_TERMINATED_WITH_ERROR); | 63 | MHD_REQUEST_TERMINATED_COMPLETED_OK); |
64 | } | ||
65 | |||
66 | /* TODO add error connection termination */ | ||
67 | static void | ||
68 | MHD_tls_connection_close_err (struct MHD_Connection *connection) | ||
69 | { | ||
70 | /* TODO impl */ | ||
60 | } | 71 | } |
61 | 72 | ||
62 | /* get cipher spec for this connection */ | 73 | /* get cipher spec for this connection */ |
@@ -106,32 +117,27 @@ MHDS_con_write (struct MHD_Connection *connection) | |||
106 | } | 117 | } |
107 | 118 | ||
108 | int | 119 | int |
109 | MHDS_connection_handle_idle (struct MHD_Connection *connection) | 120 | MHD_tls_connection_handle_idle (struct MHD_Connection *connection) |
110 | { | 121 | { |
111 | unsigned int timeout; | 122 | unsigned int timeout; |
112 | 123 | ||
113 | /* TODO rm gnutls_assert (); */ | ||
114 | while (1) | 124 | while (1) |
115 | { | 125 | { |
116 | #if HAVE_MESSAGES | 126 | #if HAVE_MESSAGES |
117 | MHD_DLOG (connection->daemon, "MHDS reached case: %d, l: %d, f: %s\n", | 127 | MHD_DLOG (connection->daemon, "MHDS idle: %d, l: %d, f: %s\n", |
118 | connection->s_state, __LINE__, __FUNCTION__); | 128 | connection->state, __LINE__, __FUNCTION__); |
119 | #endif | 129 | #endif |
120 | switch (connection->s_state) | 130 | switch (connection->state) |
121 | { | 131 | { |
122 | case MHDS_HANDSHAKE_FAILED: | 132 | case MHD_CONNECTION_CLOSED: |
123 | connection->socket_fd = -1; | 133 | MHD_tls_connection_close (connection); |
124 | case MHDS_CONNECTION_INIT: | 134 | return MHD_NO; |
125 | /* wait for request */ | 135 | case MHD_TLS_HANDSHAKE_FAILED: |
126 | case MHDS_HANDSHAKE_COMPLETE: | 136 | MHD_tls_connection_close (connection); |
127 | 137 | return MHD_NO; | |
128 | case MHDS_CONNECTION_CLOSED: | 138 | /* some http state */ |
129 | if (connection->socket_fd != -1) | ||
130 | connection_close_error (connection); | ||
131 | break; | ||
132 | |||
133 | default: | 139 | default: |
134 | break; | 140 | return MHD_connection_handle_idle (connection); |
135 | } | 141 | } |
136 | break; | 142 | break; |
137 | } | 143 | } |
@@ -141,24 +147,34 @@ MHDS_connection_handle_idle (struct MHD_Connection *connection) | |||
141 | if ((connection->socket_fd != -1) && (timeout != 0) | 147 | if ((connection->socket_fd != -1) && (timeout != 0) |
142 | && (time (NULL) - timeout > connection->last_activity)) | 148 | && (time (NULL) - timeout > connection->last_activity)) |
143 | { | 149 | { |
144 | connection_close_error (connection); | 150 | MHD_tls_connection_close (connection); |
145 | return MHD_NO; | 151 | return MHD_NO; |
146 | } | 152 | } |
147 | return MHD_YES; | 153 | return MHD_YES; |
148 | } | 154 | } |
149 | 155 | ||
156 | /** | ||
157 | * This function handles a particular SSL/TLS connection when | ||
158 | * it has been determined that there is data to be read off a | ||
159 | * socket. All application_data is forwarded to | ||
160 | * MHD_connection_handle_read(). | ||
161 | * | ||
162 | * @return MHD_YES if we should continue to process the | ||
163 | * connection (not dead yet), MHD_NO if it died | ||
164 | */ | ||
150 | int | 165 | int |
151 | MHDS_connection_handle_read (struct MHD_Connection *connection) | 166 | MHD_tls_connection_handle_read (struct MHD_Connection *connection) |
152 | { | 167 | { |
153 | int ret; | 168 | int ret; |
169 | unsigned char msg_type; | ||
154 | 170 | ||
155 | connection->last_activity = time (NULL); | 171 | connection->last_activity = time (NULL); |
156 | 172 | ||
157 | if (connection->s_state == MHDS_CONNECTION_CLOSED) | 173 | #if HAVE_MESSAGES |
158 | return MHD_NO; | 174 | MHD_DLOG (connection->daemon, "MHD read: %d, l: %d, f: %s\n", |
159 | 175 | connection->state, __LINE__, __FUNCTION__); | |
176 | #endif | ||
160 | /* discover content type */ | 177 | /* discover content type */ |
161 | unsigned char msg_type; | ||
162 | if (recv (connection->socket_fd, &msg_type, 1, MSG_PEEK) == -1) | 178 | if (recv (connection->socket_fd, &msg_type, 1, MSG_PEEK) == -1) |
163 | { | 179 | { |
164 | #if HAVE_MESSAGES | 180 | #if HAVE_MESSAGES |
@@ -178,16 +194,13 @@ MHDS_connection_handle_read (struct MHD_Connection *connection) | |||
178 | * done to decrypt alert message | 194 | * done to decrypt alert message |
179 | */ | 195 | */ |
180 | _gnutls_recv_int (connection->tls_session, GNUTLS_ALERT, | 196 | _gnutls_recv_int (connection->tls_session, GNUTLS_ALERT, |
181 | GNUTLS_HANDSHAKE_FINISHED, 0); | 197 | GNUTLS_HANDSHAKE_FINISHED, 0, 0); |
182 | 198 | ||
183 | /* CLOSE_NOTIFY */ | 199 | /* CLOSE_NOTIFY */ |
184 | if (connection->tls_session->internals.last_alert == | 200 | if (connection->tls_session->internals.last_alert == |
185 | GNUTLS_A_CLOSE_NOTIFY) | 201 | GNUTLS_A_CLOSE_NOTIFY) |
186 | { | 202 | { |
187 | gnutls_bye (connection->tls_session, GNUTLS_SHUT_WR); | 203 | gnutls_bye (connection->tls_session, GNUTLS_SHUT_WR); |
188 | connection->tls_session->internals.read_eof = 1; | ||
189 | connection->socket_fd = -1; | ||
190 | gnutls_deinit (connection->tls_session); | ||
191 | return MHD_YES; | 204 | return MHD_YES; |
192 | } | 205 | } |
193 | /* non FATAL or WARNING */ | 206 | /* non FATAL or WARNING */ |
@@ -206,11 +219,7 @@ MHDS_connection_handle_read (struct MHD_Connection *connection) | |||
206 | else if (connection->tls_session->internals.last_alert == | 219 | else if (connection->tls_session->internals.last_alert == |
207 | GNUTLS_AL_FATAL) | 220 | GNUTLS_AL_FATAL) |
208 | { | 221 | { |
209 | connection->tls_session->internals.resumable = RESUME_FALSE; | 222 | MHD_tls_connection_close (connection); |
210 | connection->tls_session->internals.valid_connection = VALID_FALSE; | ||
211 | connection->socket_fd = -1; | ||
212 | gnutls_deinit (connection->tls_session); | ||
213 | |||
214 | return MHD_NO; | 223 | return MHD_NO; |
215 | } | 224 | } |
216 | /* this should never execut */ | 225 | /* this should never execut */ |
@@ -233,8 +242,8 @@ MHDS_connection_handle_read (struct MHD_Connection *connection) | |||
233 | ret = gnutls_handshake (connection->tls_session); | 242 | ret = gnutls_handshake (connection->tls_session); |
234 | if (ret == 0) | 243 | if (ret == 0) |
235 | { | 244 | { |
236 | connection->s_state = MHDS_HANDSHAKE_COMPLETE; | ||
237 | connection->state = MHD_CONNECTION_INIT; | 245 | connection->state = MHD_CONNECTION_INIT; |
246 | // connection->state = MHD_CONNECTION_INIT; | ||
238 | } | 247 | } |
239 | /* set connection as closed */ | 248 | /* set connection as closed */ |
240 | else | 249 | else |
@@ -243,49 +252,56 @@ MHDS_connection_handle_read (struct MHD_Connection *connection) | |||
243 | MHD_DLOG (connection->daemon, | 252 | MHD_DLOG (connection->daemon, |
244 | "Error: Handshake has failed (%d)\n", ret); | 253 | "Error: Handshake has failed (%d)\n", ret); |
245 | #endif | 254 | #endif |
246 | connection->s_state = MHDS_HANDSHAKE_FAILED; | 255 | connection->state = MHD_TLS_HANDSHAKE_FAILED; |
247 | gnutls_bye (connection->tls_session, GNUTLS_SHUT_WR); | 256 | MHD_tls_connection_close (connection); |
248 | gnutls_deinit (connection->tls_session); | ||
249 | connection_close_error(connection); | ||
250 | return MHD_NO; | 257 | return MHD_NO; |
251 | } | 258 | } |
252 | break; | 259 | break; |
253 | case GNUTLS_INNER_APPLICATION: | 260 | case GNUTLS_INNER_APPLICATION: |
254 | break; | 261 | break; |
262 | default: | ||
263 | #if HAVE_MESSAGES | ||
264 | MHD_DLOG (connection->daemon, | ||
265 | "Err: unrecognized tls read message. l: %d, f: %s\n", | ||
266 | connection->state, __LINE__, __FUNCTION__); | ||
267 | #endif | ||
268 | return MHD_NO; | ||
255 | } | 269 | } |
256 | 270 | ||
257 | return MHD_YES; | 271 | return MHD_YES; |
258 | } | 272 | } |
259 | 273 | ||
274 | /** | ||
275 | * This function was created to handle writes to sockets when it has | ||
276 | * been determined that the socket can be written to. | ||
277 | * | ||
278 | * @return MHD_YES if we should continue to process the | ||
279 | * connection (not dead yet), MHD_NO if it died | ||
280 | */ | ||
260 | int | 281 | int |
261 | MHDS_connection_handle_write (struct MHD_Connection *connection) | 282 | MHD_tls_connection_handle_write (struct MHD_Connection *connection) |
262 | { | 283 | { |
263 | connection->last_activity = time (NULL); | 284 | connection->last_activity = time (NULL); |
264 | /* TODO rm */ | 285 | |
265 | gnutls_assert (); | ||
266 | while (1) | 286 | while (1) |
267 | { | 287 | { |
268 | #if HAVE_MESSAGES | 288 | #if HAVE_MESSAGES |
269 | MHD_DLOG (connection->daemon, "MHDS reached case: %d, l: %d, f: %s\n", | 289 | MHD_DLOG (connection->daemon, "MHD write: %d, l: %d, f: %s\n", |
270 | connection->s_state, __LINE__, __FUNCTION__); | 290 | connection->state, __LINE__, __FUNCTION__); |
271 | #endif | 291 | #endif |
272 | switch (connection->s_state) | 292 | switch (connection->state) |
273 | { | 293 | { |
274 | 294 | case MHD_CONNECTION_CLOSED: | |
275 | /* these cases shouldn't occur */ | 295 | MHD_tls_connection_close (connection); |
276 | case MHDS_HANDSHAKE_COMPLETE: | ||
277 | case MHDS_CONNECTION_INIT: | ||
278 | /* TODO do we have to write back a responce ? */ | ||
279 | case MHDS_HANDSHAKE_FAILED: | ||
280 | /* we should first exit MHDS_REPLY_SENDING */ | ||
281 | |||
282 | case MHDS_CONNECTION_CLOSED: | ||
283 | if (connection->socket_fd != -1) | ||
284 | connection_close_error (connection); | ||
285 | return MHD_NO; | 296 | return MHD_NO; |
297 | case MHD_TLS_HANDSHAKE_FAILED: | ||
298 | MHD_tls_connection_close (connection); | ||
299 | return MHD_NO; | ||
300 | /* some HTTP state */ | ||
301 | default: | ||
302 | return MHD_connection_handle_write (connection); | ||
286 | } | 303 | } |
287 | } | 304 | } |
288 | return MHD_YES; | ||
289 | } | 305 | } |
290 | 306 | ||
291 | void | 307 | void |
@@ -293,7 +309,7 @@ MHD_set_https_calbacks (struct MHD_Connection *connection) | |||
293 | { | 309 | { |
294 | connection->recv_cls = &MHDS_con_read; | 310 | connection->recv_cls = &MHDS_con_read; |
295 | connection->send_cls = &MHDS_con_write; | 311 | connection->send_cls = &MHDS_con_write; |
296 | connection->read_handler = &MHDS_connection_handle_read; | 312 | connection->read_handler = &MHD_tls_connection_handle_read; |
297 | connection->write_handler = &MHD_connection_handle_write; | 313 | connection->write_handler = &MHD_tls_connection_handle_write; |
298 | connection->idle_handler = &MHD_connection_handle_idle; | 314 | connection->idle_handler = &MHD_tls_connection_handle_idle; |
299 | } | 315 | } |
diff --git a/src/daemon/daemon.c b/src/daemon/daemon.c index 5fd69024..31e4ce3b 100644 --- a/src/daemon/daemon.c +++ b/src/daemon/daemon.c | |||
@@ -29,6 +29,7 @@ | |||
29 | #include "connection.h" | 29 | #include "connection.h" |
30 | #include "memorypool.h" | 30 | #include "memorypool.h" |
31 | 31 | ||
32 | #include "gnutls.h" | ||
32 | #include "gnutls_int.h" | 33 | #include "gnutls_int.h" |
33 | #include "gnutls_datum.h" | 34 | #include "gnutls_datum.h" |
34 | #include "gnutls_global.h" | 35 | #include "gnutls_global.h" |
@@ -102,17 +103,15 @@ MHDS_init (struct MHD_Daemon *daemon){ | |||
102 | } | 103 | } |
103 | else if (daemon->https_mem_cert && daemon->https_mem_key) | 104 | else if (daemon->https_mem_cert && daemon->https_mem_key) |
104 | { | 105 | { |
105 | gnutls_datum_t *key = | 106 | gnutls_datum_t key ; |
106 | (gnutls_datum_t *) malloc (sizeof (gnutls_datum_t)); | 107 | gnutls_datum_t cert ; |
107 | gnutls_datum_t *cert = | ||
108 | (gnutls_datum_t *) malloc (sizeof (gnutls_datum_t)); | ||
109 | 108 | ||
110 | _gnutls_set_datum_m (key, daemon->https_mem_key, | 109 | _gnutls_set_datum_m (&key, daemon->https_mem_key, |
111 | strlen (daemon->https_mem_key), &malloc); | 110 | strlen (daemon->https_mem_key), &malloc); |
112 | _gnutls_set_datum_m (cert, daemon->https_mem_cert, | 111 | _gnutls_set_datum_m (&cert, daemon->https_mem_cert, |
113 | strlen (daemon->https_mem_cert), &malloc); | 112 | strlen (daemon->https_mem_cert), &malloc); |
114 | 113 | ||
115 | gnutls_certificate_set_x509_key_mem (daemon->x509_cret, cert, key, | 114 | gnutls_certificate_set_x509_key_mem (daemon->x509_cret, &cert, &key, |
116 | GNUTLS_X509_FMT_PEM); | 115 | GNUTLS_X509_FMT_PEM); |
117 | } | 116 | } |
118 | else | 117 | else |
@@ -309,21 +308,18 @@ gnutls_push_param_adapter (void *connection, | |||
309 | static void * | 308 | static void * |
310 | MHDS_handle_connection (void *data) | 309 | MHDS_handle_connection (void *data) |
311 | { | 310 | { |
312 | gnutls_session_t tls_session; | ||
313 | struct MHD_Connection *con = data; | 311 | struct MHD_Connection *con = data; |
314 | 312 | ||
315 | if (con == NULL) | 313 | if (con == NULL) |
316 | abort (); | 314 | abort (); |
317 | 315 | ||
318 | gnutls_init (&tls_session, GNUTLS_SERVER); | 316 | gnutls_init (&con->tls_session, GNUTLS_SERVER); |
319 | |||
320 | con->tls_session = tls_session; | ||
321 | 317 | ||
322 | /* sets cipher priorities */ | 318 | /* sets cipher priorities */ |
323 | gnutls_priority_set (tls_session, con->daemon->priority_cache); | 319 | gnutls_priority_set (con->tls_session, con->daemon->priority_cache); |
324 | 320 | ||
325 | /* set needed credentials for certificate authentication. */ | 321 | /* set needed credentials for certificate authentication. */ |
326 | gnutls_credentials_set (tls_session, GNUTLS_CRD_CERTIFICATE, | 322 | gnutls_credentials_set (con->tls_session, GNUTLS_CRD_CERTIFICATE, |
327 | con->daemon->x509_cret); | 323 | con->daemon->x509_cret); |
328 | 324 | ||
329 | /* TODO avoid gnutls blocking recv / write calls | 325 | /* TODO avoid gnutls blocking recv / write calls |
@@ -331,7 +327,7 @@ MHDS_handle_connection (void *data) | |||
331 | gnutls_transport_set_push_function(tls_session, &send); | 327 | gnutls_transport_set_push_function(tls_session, &send); |
332 | */ | 328 | */ |
333 | 329 | ||
334 | gnutls_transport_set_ptr (tls_session, con->socket_fd); | 330 | gnutls_transport_set_ptr (con->tls_session, con->socket_fd); |
335 | 331 | ||
336 | return MHD_handle_connection (data); | 332 | return MHD_handle_connection (data); |
337 | } | 333 | } |
@@ -554,7 +550,11 @@ MHD_cleanup_connections (struct MHD_Daemon *daemon) | |||
554 | free (pos->addr); | 550 | free (pos->addr); |
555 | free (pos); | 551 | free (pos); |
556 | daemon->max_connections++; | 552 | daemon->max_connections++; |
557 | /* TODO add tls con cleanup */ | 553 | #if HTTPS_SUPPORT |
554 | if(pos->tls_session != 0){ | ||
555 | gnutls_deinit (pos->tls_session); | ||
556 | } | ||
557 | #endif | ||
558 | if (prev == NULL) | 558 | if (prev == NULL) |
559 | pos = daemon->connections; | 559 | pos = daemon->connections; |
560 | else | 560 | else |
@@ -915,10 +915,10 @@ MHD_start_daemon (unsigned int options, | |||
915 | case MHD_OPTION_HTTPS_MEM_CERT: | 915 | case MHD_OPTION_HTTPS_MEM_CERT: |
916 | retVal->https_mem_cert = va_arg (ap, const char *); | 916 | retVal->https_mem_cert = va_arg (ap, const char *); |
917 | break; | 917 | break; |
918 | case MHDS_KX_PRIORITY: | 918 | case MHD_OPTION_KX_PRIORITY: |
919 | _set_priority (&retVal->priority_cache->cipher, va_arg (ap, const int *)); | 919 | _set_priority (&retVal->priority_cache->cipher, va_arg (ap, const int *)); |
920 | break; | 920 | break; |
921 | case MHDS_CIPHER_ALGORITHM: | 921 | case MHD_OPTION_CIPHER_ALGORITHM: |
922 | _set_priority (&retVal->priority_cache->cipher, va_arg (ap, const int *)); | 922 | _set_priority (&retVal->priority_cache->cipher, va_arg (ap, const int *)); |
923 | break; | 923 | break; |
924 | #endif | 924 | #endif |
diff --git a/src/daemon/https/https_common.c b/src/daemon/https/https_common.c index b22e19af..e7cfd07c 100644 --- a/src/daemon/https/https_common.c +++ b/src/daemon/https/https_common.c | |||
@@ -8,12 +8,12 @@ | |||
8 | * it under the terms of the GNU General Public License as published by | 8 | * it under the terms of the GNU General Public License as published by |
9 | * the Free Software Foundation, either version 3 of the License, or | 9 | * the Free Software Foundation, either version 3 of the License, or |
10 | * (at your option) any later version. | 10 | * (at your option) any later version. |
11 | * | 11 | * |
12 | * GNUTLS is distributed in the hope that it will be useful, | 12 | * GNUTLS is distributed in the hope that it will be useful, |
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
15 | * GNU General Public License for more details. | 15 | * GNU General Public License for more details. |
16 | * | 16 | * |
17 | * You should have received a copy of the GNU General Public License | 17 | * You should have received a copy of the GNU General Public License |
18 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | 18 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
19 | */ | 19 | */ |
@@ -192,7 +192,7 @@ print_x509_info (gnutls_session_t session, const char *hostname) | |||
192 | printf (" # fingerprint: %s\n", print); | 192 | printf (" # fingerprint: %s\n", print); |
193 | } | 193 | } |
194 | 194 | ||
195 | /* Print the version of the X.509 | 195 | /* Print the version of the X.509 |
196 | * certificate. | 196 | * certificate. |
197 | */ | 197 | */ |
198 | if (verbose) | 198 | if (verbose) |
diff --git a/src/daemon/https/openpgp/gnutls_extra.c b/src/daemon/https/openpgp/gnutls_extra.c index 7c47e3f1..95286102 100644 --- a/src/daemon/https/openpgp/gnutls_extra.c +++ b/src/daemon/https/openpgp/gnutls_extra.c | |||
@@ -9,12 +9,12 @@ | |||
9 | * it under the terms of the GNU General Public License as published by | 9 | * it under the terms of the GNU General Public License as published by |
10 | * the Free Software Foundation, either version 3 of the License, or | 10 | * the Free Software Foundation, either version 3 of the License, or |
11 | * (at your option) any later version. | 11 | * (at your option) any later version. |
12 | * | 12 | * |
13 | * GNUTLS-EXTRA is distributed in the hope that it will be useful, | 13 | * GNUTLS-EXTRA is distributed in the hope that it will be useful, |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | * GNU General Public License for more details. | 16 | * GNU General Public License for more details. |
17 | * | 17 | * |
18 | * You should have received a copy of the GNU General Public License | 18 | * You should have received a copy of the GNU General Public License |
19 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | 19 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
20 | */ | 20 | */ |
@@ -38,7 +38,7 @@ extern int _gnutls_comp_algorithms_size; | |||
38 | static int _gnutls_init_extra = 0; | 38 | static int _gnutls_init_extra = 0; |
39 | 39 | ||
40 | /** | 40 | /** |
41 | * gnutls_global_init_extra - This function initializes the global state of gnutls-extra | 41 | * gnutls_global_init_extra - This function initializes the global state of gnutls-extra |
42 | * | 42 | * |
43 | * This function initializes the global state of gnutls-extra library | 43 | * This function initializes the global state of gnutls-extra library |
44 | * to defaults. Returns zero on success. | 44 | * to defaults. Returns zero on success. |
@@ -51,8 +51,6 @@ static int _gnutls_init_extra = 0; | |||
51 | int | 51 | int |
52 | gnutls_global_init_extra (void) | 52 | gnutls_global_init_extra (void) |
53 | { | 53 | { |
54 | int ret; | ||
55 | |||
56 | /* If the version of libgnutls != version of | 54 | /* If the version of libgnutls != version of |
57 | * libextra, then do not initialize the library. | 55 | * libextra, then do not initialize the library. |
58 | * This is because it may break things. | 56 | * This is because it may break things. |
diff --git a/src/daemon/https/tls/ext_oprfi.c b/src/daemon/https/tls/ext_oprfi.c index c862ad1c..56a3bc3f 100644 --- a/src/daemon/https/tls/ext_oprfi.c +++ b/src/daemon/https/tls/ext_oprfi.c | |||
@@ -38,7 +38,6 @@ oprfi_recv_server (gnutls_session_t session, | |||
38 | { | 38 | { |
39 | ssize_t data_size = _data_size; | 39 | ssize_t data_size = _data_size; |
40 | uint16_t len; | 40 | uint16_t len; |
41 | int ret; | ||
42 | 41 | ||
43 | if (!session->security_parameters.extensions.oprfi_cb) | 42 | if (!session->security_parameters.extensions.oprfi_cb) |
44 | { | 43 | { |
@@ -75,7 +74,6 @@ oprfi_recv_client (gnutls_session_t session, | |||
75 | { | 74 | { |
76 | ssize_t data_size = _data_size; | 75 | ssize_t data_size = _data_size; |
77 | uint16_t len; | 76 | uint16_t len; |
78 | int ret; | ||
79 | 77 | ||
80 | if (session->security_parameters.extensions.oprfi_client == NULL) | 78 | if (session->security_parameters.extensions.oprfi_client == NULL) |
81 | { | 79 | { |
@@ -149,7 +147,6 @@ oprfi_send_server (gnutls_session_t session, opaque * data, size_t _data_size) | |||
149 | opaque *p = data; | 147 | opaque *p = data; |
150 | int ret; | 148 | int ret; |
151 | ssize_t data_size = _data_size; | 149 | ssize_t data_size = _data_size; |
152 | size_t len; | ||
153 | 150 | ||
154 | if (!session->security_parameters.extensions.oprfi_client || | 151 | if (!session->security_parameters.extensions.oprfi_client || |
155 | !session->security_parameters.extensions.oprfi_cb) | 152 | !session->security_parameters.extensions.oprfi_cb) |
diff --git a/src/daemon/https/tls/gnutls_asn1_tab.c b/src/daemon/https/tls/gnutls_asn1_tab.c index cabea4e1..4a7dc1d4 100644 --- a/src/daemon/https/tls/gnutls_asn1_tab.c +++ b/src/daemon/https/tls/gnutls_asn1_tab.c | |||
@@ -4,7 +4,7 @@ | |||
4 | 4 | ||
5 | #include <libtasn1.h> | 5 | #include <libtasn1.h> |
6 | 6 | ||
7 | extern const ASN1_ARRAY_TYPE gnutls_asn1_tab[] = { | 7 | const ASN1_ARRAY_TYPE gnutls_asn1_tab[] = { |
8 | {"GNUTLS", 536872976, 0}, | 8 | {"GNUTLS", 536872976, 0}, |
9 | {0, 1073741836, 0}, | 9 | {0, 1073741836, 0}, |
10 | {"RSAPublicKey", 1610612741, 0}, | 10 | {"RSAPublicKey", 1610612741, 0}, |
diff --git a/src/daemon/https/tls/gnutls_compress_int.c b/src/daemon/https/tls/gnutls_compress_int.c index eedfd63d..ecb439e5 100644 --- a/src/daemon/https/tls/gnutls_compress_int.c +++ b/src/daemon/https/tls/gnutls_compress_int.c | |||
@@ -34,7 +34,6 @@ comp_hd_t | |||
34 | _gnutls_comp_init (gnutls_compression_method_t method, int d) | 34 | _gnutls_comp_init (gnutls_compression_method_t method, int d) |
35 | { | 35 | { |
36 | comp_hd_t ret; | 36 | comp_hd_t ret; |
37 | int err; | ||
38 | 37 | ||
39 | ret = gnutls_malloc (sizeof (struct comp_hd_t_STRUCT)); | 38 | ret = gnutls_malloc (sizeof (struct comp_hd_t_STRUCT)); |
40 | if (ret == NULL) | 39 | if (ret == NULL) |
@@ -105,8 +104,6 @@ cleanup_ret: | |||
105 | void | 104 | void |
106 | _gnutls_comp_deinit (comp_hd_t handle, int d) | 105 | _gnutls_comp_deinit (comp_hd_t handle, int d) |
107 | { | 106 | { |
108 | int err; | ||
109 | |||
110 | if (handle != NULL) | 107 | if (handle != NULL) |
111 | { | 108 | { |
112 | switch (handle->algo) | 109 | switch (handle->algo) |
@@ -128,7 +125,7 @@ _gnutls_comp_deinit (comp_hd_t handle, int d) | |||
128 | } | 125 | } |
129 | } | 126 | } |
130 | 127 | ||
131 | /* These functions are memory consuming | 128 | /* These functions are memory consuming |
132 | */ | 129 | */ |
133 | 130 | ||
134 | int | 131 | int |
@@ -137,7 +134,6 @@ _gnutls_compress (comp_hd_t handle, const opaque * plain, | |||
137 | size_t max_comp_size) | 134 | size_t max_comp_size) |
138 | { | 135 | { |
139 | int compressed_size = GNUTLS_E_COMPRESSION_FAILED; | 136 | int compressed_size = GNUTLS_E_COMPRESSION_FAILED; |
140 | int err; | ||
141 | 137 | ||
142 | /* NULL compression is not handled here | 138 | /* NULL compression is not handled here |
143 | */ | 139 | */ |
@@ -212,8 +208,7 @@ _gnutls_decompress (comp_hd_t handle, opaque * compressed, | |||
212 | size_t compressed_size, opaque ** plain, | 208 | size_t compressed_size, opaque ** plain, |
213 | size_t max_record_size) | 209 | size_t max_record_size) |
214 | { | 210 | { |
215 | int plain_size = GNUTLS_E_DECOMPRESSION_FAILED, err; | 211 | int plain_size = GNUTLS_E_DECOMPRESSION_FAILED; |
216 | int cur_pos; | ||
217 | 212 | ||
218 | if (compressed_size > max_record_size + EXTRA_COMP_SIZE) | 213 | if (compressed_size > max_record_size + EXTRA_COMP_SIZE) |
219 | { | 214 | { |
diff --git a/src/daemon/https/tls/gnutls_global.c b/src/daemon/https/tls/gnutls_global.c index 6cf0aa6b..ddd3f426 100644 --- a/src/daemon/https/tls/gnutls_global.c +++ b/src/daemon/https/tls/gnutls_global.c | |||
@@ -160,7 +160,7 @@ static void | |||
160 | _gnutls_gcry_log_handler (void *dummy, int level, | 160 | _gnutls_gcry_log_handler (void *dummy, int level, |
161 | const char *fmt, va_list list) | 161 | const char *fmt, va_list list) |
162 | { | 162 | { |
163 | _gnutls_log (fmt, list); | 163 | _gnutls_log (level, fmt, list); |
164 | } | 164 | } |
165 | #endif | 165 | #endif |
166 | 166 | ||
diff --git a/src/daemon/https/tls/gnutls_mpi.h b/src/daemon/https/tls/gnutls_mpi.h index de2a6f20..d242e9e9 100644 --- a/src/daemon/https/tls/gnutls_mpi.h +++ b/src/daemon/https/tls/gnutls_mpi.h | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #ifndef GNUTLS_MPI_H | 25 | #ifndef GNUTLS_MPI_H |
26 | # define GNUTLS_MPI_H | 26 | #define GNUTLS_MPI_H |
27 | 27 | ||
28 | # include <gnutls_int.h> | 28 | # include <gnutls_int.h> |
29 | # include <gcrypt.h> | 29 | # include <gcrypt.h> |
diff --git a/src/daemon/https/tls/gnutls_pk.h b/src/daemon/https/tls/gnutls_pk.h index e6f37b0e..83f87689 100644 --- a/src/daemon/https/tls/gnutls_pk.h +++ b/src/daemon/https/tls/gnutls_pk.h | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #ifndef GNUTLS_PK_H | 25 | #ifndef GNUTLS_PK_H |
26 | # define GNUTLS_PK_H | 26 | #define GNUTLS_PK_H |
27 | 27 | ||
28 | int _gnutls_pkcs1_rsa_encrypt (gnutls_datum_t * ciphertext, | 28 | int _gnutls_pkcs1_rsa_encrypt (gnutls_datum_t * ciphertext, |
29 | const gnutls_datum_t * plaintext, | 29 | const gnutls_datum_t * plaintext, |
diff --git a/src/daemon/https/x509/mpi.c b/src/daemon/https/x509/mpi.c index 8cc43855..7fbd0b75 100644 --- a/src/daemon/https/x509/mpi.c +++ b/src/daemon/https/x509/mpi.c | |||
@@ -82,7 +82,7 @@ _gnutls_x509_read_rsa_params (opaque * der, int dersize, mpi_t * params) | |||
82 | 82 | ||
83 | } | 83 | } |
84 | 84 | ||
85 | /* reads p,q and g | 85 | /* reads p,q and g |
86 | * from the certificate (subjectPublicKey BIT STRING). | 86 | * from the certificate (subjectPublicKey BIT STRING). |
87 | * params[0-2] | 87 | * params[0-2] |
88 | */ | 88 | */ |
@@ -193,7 +193,7 @@ _gnutls_x509_read_der_int (opaque * der, int dersize, mpi_t * out) | |||
193 | } | 193 | } |
194 | 194 | ||
195 | /* reads DSA's Y | 195 | /* reads DSA's Y |
196 | * from the certificate | 196 | * from the certificate |
197 | * only sets params[3] | 197 | * only sets params[3] |
198 | */ | 198 | */ |
199 | int | 199 | int |
@@ -339,7 +339,6 @@ _gnutls_x509_write_sig_params (ASN1_TYPE dst, | |||
339 | gnutls_digest_algorithm_t dig, | 339 | gnutls_digest_algorithm_t dig, |
340 | mpi_t * params, int params_size) | 340 | mpi_t * params, int params_size) |
341 | { | 341 | { |
342 | gnutls_datum_t der; | ||
343 | int result; | 342 | int result; |
344 | char name[128]; | 343 | char name[128]; |
345 | const char *pk; | 344 | const char *pk; |
diff --git a/src/daemon/internal.h b/src/daemon/internal.h index 186468fa..45f6ecc9 100644 --- a/src/daemon/internal.h +++ b/src/daemon/internal.h | |||
@@ -284,24 +284,20 @@ enum MHD_CONNECTION_STATE | |||
284 | */ | 284 | */ |
285 | MHD_CONNECTION_CLOSED = MHD_CONNECTION_FOOTERS_SENT + 1, | 285 | MHD_CONNECTION_CLOSED = MHD_CONNECTION_FOOTERS_SENT + 1, |
286 | 286 | ||
287 | }; | 287 | #if HTTPS_SUPPORT |
288 | 288 | /* | |
289 | 289 | * SSL/TLS connection states | |
290 | /** | 290 | */ |
291 | * States in a state machine for a secure SSL/TLS connection. | 291 | MHD_TLS_HANDSHAKE_FAILED = MHD_CONNECTION_CLOSED +1, |
292 | * | ||
293 | */ | ||
294 | enum MHDS_CONNECTION_STATE | ||
295 | { | ||
296 | /* initial HTTPS state */ | ||
297 | MHDS_CONNECTION_INIT = 0, | ||
298 | 292 | ||
299 | MHDS_HANDSHAKE_FAILED, | 293 | MHD_TLS_HANDSHAKE_COMPLETE, |
294 | #endif | ||
295 | }; | ||
300 | 296 | ||
301 | MHDS_HANDSHAKE_COMPLETE, | ||
302 | 297 | ||
303 | MHDS_CONNECTION_CLOSED | 298 | #if DEBUG_STATES |
304 | }; | 299 | /* TODO add state dictionary */ |
300 | #endif | ||
305 | 301 | ||
306 | struct MHD_Connection | 302 | struct MHD_Connection |
307 | { | 303 | { |
@@ -486,7 +482,7 @@ struct MHD_Connection | |||
486 | */ | 482 | */ |
487 | enum MHD_CONNECTION_STATE state; | 483 | enum MHD_CONNECTION_STATE state; |
488 | 484 | ||
489 | enum MHDS_CONNECTION_STATE s_state; | 485 | //enum MHDS_CONNECTION_STATE s_state; |
490 | 486 | ||
491 | /** | 487 | /** |
492 | * HTTP response code. Only valid if response object | 488 | * HTTP response code. Only valid if response object |