diff options
27 files changed, 297 insertions, 699 deletions
diff --git a/src/daemon/connection.c b/src/daemon/connection.c index fc4b7954..d0e09307 100644 --- a/src/daemon/connection.c +++ b/src/daemon/connection.c | |||
@@ -34,12 +34,6 @@ | |||
34 | // get opaque type | 34 | // get opaque type |
35 | #include "gnutls_int.h" | 35 | #include "gnutls_int.h" |
36 | 36 | ||
37 | // TODO clean | ||
38 | #undef MAX | ||
39 | #define MAX(a,b) ((a)<(b)) ? (b) : (a) | ||
40 | #undef MIN | ||
41 | #define MIN(a,b) ((a)<(b)) ? (a) : (b) | ||
42 | |||
43 | #ifndef LINUX | 37 | #ifndef LINUX |
44 | #ifndef MSG_NOSIGNAL | 38 | #ifndef MSG_NOSIGNAL |
45 | #define MSG_NOSIGNAL 0 | 39 | #define MSG_NOSIGNAL 0 |
@@ -293,7 +287,7 @@ try_ready_normal_body (struct MHD_Connection *connection) | |||
293 | ret = response->crc (response->crc_cls, | 287 | ret = response->crc (response->crc_cls, |
294 | connection->response_write_position, | 288 | connection->response_write_position, |
295 | response->data, | 289 | response->data, |
296 | MIN (response->data_buffer_size, | 290 | MHD_MIN(response->data_buffer_size, |
297 | response->total_size - | 291 | response->total_size - |
298 | connection->response_write_position)); | 292 | connection->response_write_position)); |
299 | if (ret == -1) | 293 | if (ret == -1) |
@@ -1249,7 +1243,7 @@ do_write (struct MHD_Connection *connection) | |||
1249 | return MHD_YES; | 1243 | return MHD_YES; |
1250 | } | 1244 | } |
1251 | 1245 | ||
1252 | static int | 1246 | static ssize_t |
1253 | MHD_con_read (struct MHD_Connection *connection) | 1247 | MHD_con_read (struct MHD_Connection *connection) |
1254 | { | 1248 | { |
1255 | return RECV (connection->socket_fd, | 1249 | return RECV (connection->socket_fd, |
@@ -1463,7 +1457,6 @@ parse_connection_headers (struct MHD_Connection *connection) | |||
1463 | int | 1457 | int |
1464 | MHD_connection_handle_read (struct MHD_Connection *connection) | 1458 | MHD_connection_handle_read (struct MHD_Connection *connection) |
1465 | { | 1459 | { |
1466 | int num_bytes; | ||
1467 | connection->last_activity = time (NULL); | 1460 | connection->last_activity = time (NULL); |
1468 | if (connection->state == MHD_CONNECTION_CLOSED) | 1461 | if (connection->state == MHD_CONNECTION_CLOSED) |
1469 | return MHD_NO; | 1462 | return MHD_NO; |
@@ -1509,7 +1502,7 @@ MHD_connection_handle_read (struct MHD_Connection *connection) | |||
1509 | return MHD_YES; | 1502 | return MHD_YES; |
1510 | } | 1503 | } |
1511 | 1504 | ||
1512 | static int | 1505 | static ssize_t |
1513 | MHD_con_write (struct MHD_Connection *connection) | 1506 | MHD_con_write (struct MHD_Connection *connection) |
1514 | { | 1507 | { |
1515 | return SEND (connection->socket_fd, | 1508 | return SEND (connection->socket_fd, |
@@ -2009,7 +2002,7 @@ MHD_connection_handle_idle (struct MHD_Connection *connection) | |||
2009 | 2002 | ||
2010 | } | 2003 | } |
2011 | 2004 | ||
2012 | int | 2005 | void |
2013 | MHD_set_http_calbacks (struct MHD_Connection *connection) | 2006 | MHD_set_http_calbacks (struct MHD_Connection *connection) |
2014 | { | 2007 | { |
2015 | connection->recv_cls = &MHD_con_read; | 2008 | connection->recv_cls = &MHD_con_read; |
diff --git a/src/daemon/connection.h b/src/daemon/connection.h index 6df81e77..bf78f390 100644 --- a/src/daemon/connection.h +++ b/src/daemon/connection.h | |||
@@ -40,9 +40,9 @@ MHD_connection_get_fdset (struct MHD_Connection *connection, | |||
40 | fd_set * write_fd_set, | 40 | fd_set * write_fd_set, |
41 | fd_set * except_fd_set, int *max_fd); | 41 | fd_set * except_fd_set, int *max_fd); |
42 | 42 | ||
43 | int MHD_set_http_calbacks (struct MHD_Connection *connection); | 43 | void MHD_set_http_calbacks (struct MHD_Connection *connection); |
44 | #if HTTPS_SUPPORT | 44 | #if HTTPS_SUPPORT |
45 | int MHD_set_https_calbacks (struct MHD_Connection *connection); | 45 | void MHD_set_https_calbacks (struct MHD_Connection *connection); |
46 | #endif | 46 | #endif |
47 | 47 | ||
48 | #endif | 48 | #endif |
diff --git a/src/daemon/connection_https.c b/src/daemon/connection_https.c index f3b44bc3..7c5fe4cf 100644 --- a/src/daemon/connection_https.c +++ b/src/daemon/connection_https.c | |||
@@ -32,22 +32,10 @@ | |||
32 | #include "response.h" | 32 | #include "response.h" |
33 | #include "reason_phrase.h" | 33 | #include "reason_phrase.h" |
34 | 34 | ||
35 | // get opaque type | 35 | #include "microhttpsd.h" |
36 | /* get opaque type */ | ||
36 | #include "gnutls_int.h" | 37 | #include "gnutls_int.h" |
37 | 38 | ||
38 | // TODO clean | ||
39 | #undef MAX | ||
40 | #define MAX(a,b) ((a)<(b)) ? (b) : (a) | ||
41 | #undef MIN | ||
42 | #define MIN(a,b) ((a)<(b)) ? (a) : (b) | ||
43 | |||
44 | // TODO rm - appears in a switch default clause | ||
45 | #if EXTRA_CHECKS | ||
46 | #define EXTRA_CHECK(a) if (!(a)) abort(); | ||
47 | #else | ||
48 | #define EXTRA_CHECK(a) | ||
49 | #endif | ||
50 | |||
51 | /* forward declarations used when setting secure connection callbacks */ | 39 | /* forward declarations used when setting secure connection callbacks */ |
52 | int MHD_connection_handle_read (struct MHD_Connection *connection); | 40 | int MHD_connection_handle_read (struct MHD_Connection *connection); |
53 | int MHD_connection_handle_write (struct MHD_Connection *connection); | 41 | int MHD_connection_handle_write (struct MHD_Connection *connection); |
@@ -118,9 +106,6 @@ int | |||
118 | MHDS_connection_handle_idle (struct MHD_Connection *connection) | 106 | MHDS_connection_handle_idle (struct MHD_Connection *connection) |
119 | { | 107 | { |
120 | unsigned int timeout; | 108 | unsigned int timeout; |
121 | const char *end; | ||
122 | char *line; | ||
123 | ssize_t msgLength; | ||
124 | while (1) | 109 | while (1) |
125 | { | 110 | { |
126 | #if HAVE_MESSAGES | 111 | #if HAVE_MESSAGES |
@@ -141,7 +126,6 @@ MHDS_connection_handle_idle (struct MHD_Connection *connection) | |||
141 | break; | 126 | break; |
142 | 127 | ||
143 | default: | 128 | default: |
144 | EXTRA_CHECK (0); | ||
145 | break; | 129 | break; |
146 | } | 130 | } |
147 | break; | 131 | break; |
@@ -298,7 +282,7 @@ MHDS_connection_handle_write (struct MHD_Connection *connection) | |||
298 | return MHD_YES; | 282 | return MHD_YES; |
299 | } | 283 | } |
300 | 284 | ||
301 | int | 285 | void |
302 | MHD_set_https_calbacks (struct MHD_Connection *connection) | 286 | MHD_set_https_calbacks (struct MHD_Connection *connection) |
303 | { | 287 | { |
304 | connection->recv_cls = &MHDS_con_read; | 288 | connection->recv_cls = &MHDS_con_read; |
diff --git a/src/daemon/daemon.c b/src/daemon/daemon.c index 937cd642..5fd55c22 100644 --- a/src/daemon/daemon.c +++ b/src/daemon/daemon.c | |||
@@ -31,6 +31,7 @@ | |||
31 | 31 | ||
32 | #include "gnutls_int.h" | 32 | #include "gnutls_int.h" |
33 | #include "gnutls_datum.h" | 33 | #include "gnutls_datum.h" |
34 | #include "gnutls_global.h" | ||
34 | 35 | ||
35 | /** | 36 | /** |
36 | * Default connection limit. | 37 | * Default connection limit. |
@@ -58,7 +59,7 @@ | |||
58 | /* initialize security aspects of the HTTPS daemon */ | 59 | /* initialize security aspects of the HTTPS daemon */ |
59 | static int | 60 | static int |
60 | MHDS_init (struct MHD_Daemon *daemon){ | 61 | MHDS_init (struct MHD_Daemon *daemon){ |
61 | gnutls_global_set_log_function (MHD_tls_log_func); | 62 | gnutls_global_set_log_function (MHD_tls_log_func); |
62 | /* TODO let user access log level */ | 63 | /* TODO let user access log level */ |
63 | 64 | ||
64 | /* setup server certificate */ | 65 | /* setup server certificate */ |
@@ -671,11 +672,11 @@ MHD_select (struct MHD_Daemon *daemon, int may_block) | |||
671 | { | 672 | { |
672 | // TODO call con->read handler | 673 | // TODO call con->read handler |
673 | if (FD_ISSET (ds, &rs)) | 674 | if (FD_ISSET (ds, &rs)) |
674 | MHD_connection_handle_read (pos); | 675 | pos->read_handler (pos); |
675 | if ((pos->socket_fd != -1) && (FD_ISSET (ds, &ws))) | 676 | if ((pos->socket_fd != -1) && (FD_ISSET (ds, &ws))) |
676 | MHD_connection_handle_write (pos); | 677 | pos->write_handler (pos); |
677 | if (pos->socket_fd != -1) | 678 | if (pos->socket_fd != -1) |
678 | MHD_connection_handle_idle (pos); | 679 | pos->idle_handler (pos); |
679 | } | 680 | } |
680 | pos = pos->next; | 681 | pos = pos->next; |
681 | } | 682 | } |
@@ -856,12 +857,14 @@ MHD_start_daemon (unsigned int options, | |||
856 | retVal->connection_timeout = 0; /* no timeout */ | 857 | retVal->connection_timeout = 0; /* no timeout */ |
857 | if (options & MHD_USE_SSL) | 858 | if (options & MHD_USE_SSL) |
858 | { | 859 | { |
860 | /* lock gnutls_global mutex since it uses reference counting */ | ||
861 | pthread_mutex_lock (&gnutls_init_mutex); | ||
859 | gnutls_global_init (); | 862 | gnutls_global_init (); |
863 | pthread_mutex_unlock (&gnutls_init_mutex); | ||
860 | gnutls_priority_init (&retVal->priority_cache, | 864 | gnutls_priority_init (&retVal->priority_cache, |
861 | "NONE:+AES-256-CBC:+RSA:+SHA1:+COMP-NULL", NULL); | 865 | "NONE:+AES-256-CBC:+RSA:+SHA1:+COMP-NULL", NULL); |
862 | } | 866 | } |
863 | 867 | ||
864 | |||
865 | /* initializes the argument pointer variable */ | 868 | /* initializes the argument pointer variable */ |
866 | va_start (ap, dh_cls); | 869 | va_start (ap, dh_cls); |
867 | /* | 870 | /* |
@@ -910,8 +913,14 @@ MHD_start_daemon (unsigned int options, | |||
910 | break; | 913 | break; |
911 | default: | 914 | default: |
912 | #if HAVE_MESSAGES | 915 | #if HAVE_MESSAGES |
913 | fprintf (stderr, | 916 | if (opt > MHD_HTTPS_OPTION_START && opt < MHD_HTTPS_OPTION_END) { |
917 | fprintf (stderr, | ||
918 | "Error: HTTPS option given while compiling without HTTPS support\n"); | ||
919 | } | ||
920 | else { | ||
921 | fprintf (stderr, | ||
914 | "Invalid MHD_OPTION argument! (Did you terminate the list with MHD_OPTION_END?)\n"); | 922 | "Invalid MHD_OPTION argument! (Did you terminate the list with MHD_OPTION_END?)\n"); |
923 | } | ||
915 | #endif | 924 | #endif |
916 | abort (); | 925 | abort (); |
917 | } | 926 | } |
@@ -1001,7 +1010,11 @@ MHD_stop_daemon (struct MHD_Daemon *daemon) | |||
1001 | if (daemon->options & MHD_USE_SSL) | 1010 | if (daemon->options & MHD_USE_SSL) |
1002 | { | 1011 | { |
1003 | gnutls_priority_deinit (daemon->priority_cache); | 1012 | gnutls_priority_deinit (daemon->priority_cache); |
1013 | |||
1014 | /* lock gnutls_global mutex since it uses reference counting */ | ||
1015 | pthread_mutex_lock (&gnutls_init_mutex); | ||
1004 | gnutls_global_deinit (); | 1016 | gnutls_global_deinit (); |
1017 | pthread_mutex_unlock (&gnutls_init_mutex); | ||
1005 | } | 1018 | } |
1006 | #endif | 1019 | #endif |
1007 | 1020 | ||
diff --git a/src/daemon/https/Makefile.am b/src/daemon/https/Makefile.am index ec37f95b..4725c405 100644 --- a/src/daemon/https/Makefile.am +++ b/src/daemon/https/Makefile.am | |||
@@ -1,19 +1,18 @@ | |||
1 | SUBDIRS = minitasn1 opencdk openpgp lgl x509 tls . | 1 | SUBDIRS = minitasn1 opencdk openpgp lgl x509 tls . |
2 | 2 | ||
3 | AM_CPPFLAGS = -I./includes \ | 3 | AM_CPPFLAGS = \ |
4 | -I$(top_srcdir)/src/include \ | ||
5 | -I$(top_srcdir)/src/daemon/https/tls \ | ||
4 | -I$(top_srcdir)/src/daemon/https/lgl \ | 6 | -I$(top_srcdir)/src/daemon/https/lgl \ |
5 | -I$(top_srcdir)/src/daemon/https/x509 \ | 7 | -I$(top_srcdir)/src/daemon/https/x509 \ |
6 | -I$(top_srcdir)/src/daemon/https/openpgp \ | 8 | -I$(top_srcdir)/src/daemon/https/openpgp \ |
7 | -I$(top_srcdir)/src/daemon/https/opencdk \ | 9 | -I$(top_srcdir)/src/daemon/https/opencdk \ |
8 | -I$(top_srcdir)/src/daemon/https/tls \ | 10 | -I$(top_srcdir)/src/daemon/https/includes |
9 | -I$(top_srcdir)/src/daemon/https/includes \ | ||
10 | -I$(top_srcdir)/src/daemon/https/cfg | ||
11 | 11 | ||
12 | noinst_LTLIBRARIES = libhttps.la | 12 | noinst_LTLIBRARIES = libhttps.la |
13 | 13 | ||
14 | libhttps_la_SOURCES = \ | 14 | libhttps_la_SOURCES = \ |
15 | https_common.c \ | 15 | https_common.c |
16 | errcodes.c | ||
17 | 16 | ||
18 | libhttps_la_LIBADD = \ | 17 | libhttps_la_LIBADD = \ |
19 | opencdk/libopencdk.la \ | 18 | opencdk/libopencdk.la \ |
diff --git a/src/daemon/https/errcodes b/src/daemon/https/errcodes deleted file mode 100644 index 65774f43..00000000 --- a/src/daemon/https/errcodes +++ /dev/null | |||
@@ -1,131 +0,0 @@ | |||
1 | #! /bin/sh | ||
2 | |||
3 | # errcodes - temporary wrapper script for .libs/errcodes | ||
4 | # Generated by ltmain.sh - GNU libtool 1.5.26 Debian 1.5.26-3 (1.1220.2.493 2008/02/01 16:58:18) | ||
5 | # | ||
6 | # The errcodes program cannot be directly executed until all the libtool | ||
7 | # libraries that it depends on are installed. | ||
8 | # | ||
9 | # This wrapper script should never be moved out of the build directory. | ||
10 | # If it is, it will not operate correctly. | ||
11 | |||
12 | # Sed substitution that helps us do robust quoting. It backslashifies | ||
13 | # metacharacters that are still active within double-quoted strings. | ||
14 | Xsed='/bin/sed -e 1s/^X//' | ||
15 | sed_quote_subst='s/\([\\`\\"$\\\\]\)/\\\1/g' | ||
16 | |||
17 | # Be Bourne compatible (taken from Autoconf:_AS_BOURNE_COMPATIBLE). | ||
18 | if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then | ||
19 | emulate sh | ||
20 | NULLCMD=: | ||
21 | # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which | ||
22 | # is contrary to our usage. Disable this feature. | ||
23 | alias -g '${1+"$@"}'='"$@"' | ||
24 | setopt NO_GLOB_SUBST | ||
25 | else | ||
26 | case `(set -o) 2>/dev/null` in *posix*) set -o posix;; esac | ||
27 | fi | ||
28 | BIN_SH=xpg4; export BIN_SH # for Tru64 | ||
29 | DUALCASE=1; export DUALCASE # for MKS sh | ||
30 | |||
31 | # The HP-UX ksh and POSIX shell print the target directory to stdout | ||
32 | # if CDPATH is set. | ||
33 | (unset CDPATH) >/dev/null 2>&1 && unset CDPATH | ||
34 | |||
35 | relink_command="(cd /home/lama/workbench/programming/c/gnunet/gnutls-2.2.3/src; { test -z \"\${LIBRARY_PATH+set}\" || unset LIBRARY_PATH || { LIBRARY_PATH=; export LIBRARY_PATH; }; }; { test -z \"\${COMPILER_PATH+set}\" || unset COMPILER_PATH || { COMPILER_PATH=; export COMPILER_PATH; }; }; { test -z \"\${GCC_EXEC_PREFIX+set}\" || unset GCC_EXEC_PREFIX || { GCC_EXEC_PREFIX=; export GCC_EXEC_PREFIX; }; }; { test -z \"\${LD_RUN_PATH+set}\" || unset LD_RUN_PATH || { LD_RUN_PATH=; export LD_RUN_PATH; }; }; { test -z \"\${LD_LIBRARY_PATH+set}\" || unset LD_LIBRARY_PATH || { LD_LIBRARY_PATH=; export LD_LIBRARY_PATH; }; }; PATH=\"/usr/lib/distcc:/usr/local/bin:/usr/bin:/bin:/usr/games\"; export PATH; gcc -std=gnu99 -g -O2 -D_REENTRANT -D_THREAD_SAFE -pipe -g -O2 -D_REENTRANT -D_THREAD_SAFE -Wno-pointer-sign -o \$progdir/\$file errcodes.o ../lib/.libs/libgnutls.so /usr/lib/libgcrypt.so -L/usr/lib /usr/lib/libtasn1.so -Wl,--rpath -Wl,/home/lama/workbench/programming/c/gnunet/gnutls-2.2.3/lib/.libs -Wl,--rpath -Wl,/home/lama/workbench/programming/c/gnunet/gnutls-2.2.3/build/lib ) " | ||
36 | |||
37 | # This environment variable determines our operation mode. | ||
38 | if test "$libtool_install_magic" = "%%%MAGIC variable%%%"; then | ||
39 | # install mode needs the following variable: | ||
40 | notinst_deplibs=' ../lib/libgnutls.la' | ||
41 | else | ||
42 | # When we are sourced in execute mode, $file and $echo are already set. | ||
43 | if test "$libtool_execute_magic" != "%%%MAGIC variable%%%"; then | ||
44 | echo="echo" | ||
45 | file="$0" | ||
46 | # Make sure echo works. | ||
47 | if test "X$1" = X--no-reexec; then | ||
48 | # Discard the --no-reexec flag, and continue. | ||
49 | shift | ||
50 | elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then | ||
51 | # Yippee, $echo works! | ||
52 | : | ||
53 | else | ||
54 | # Restart under the correct shell, and then maybe $echo will work. | ||
55 | exec /bin/sh "$0" --no-reexec ${1+"$@"} | ||
56 | fi | ||
57 | fi | ||
58 | |||
59 | # Find the directory that this script lives in. | ||
60 | thisdir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'` | ||
61 | test "x$thisdir" = "x$file" && thisdir=. | ||
62 | |||
63 | # Follow symbolic links until we get to the real thisdir. | ||
64 | file=`ls -ld "$file" | /bin/sed -n 's/.*-> //p'` | ||
65 | while test -n "$file"; do | ||
66 | destdir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'` | ||
67 | |||
68 | # If there was a directory component, then change thisdir. | ||
69 | if test "x$destdir" != "x$file"; then | ||
70 | case "$destdir" in | ||
71 | [\\/]* | [A-Za-z]:[\\/]*) thisdir="$destdir" ;; | ||
72 | *) thisdir="$thisdir/$destdir" ;; | ||
73 | esac | ||
74 | fi | ||
75 | |||
76 | file=`$echo "X$file" | $Xsed -e 's%^.*/%%'` | ||
77 | file=`ls -ld "$thisdir/$file" | /bin/sed -n 's/.*-> //p'` | ||
78 | done | ||
79 | |||
80 | # Try to get the absolute directory name. | ||
81 | absdir=`cd "$thisdir" && pwd` | ||
82 | test -n "$absdir" && thisdir="$absdir" | ||
83 | |||
84 | program=lt-'errcodes' | ||
85 | progdir="$thisdir/.libs" | ||
86 | |||
87 | if test ! -f "$progdir/$program" || \ | ||
88 | { file=`ls -1dt "$progdir/$program" "$progdir/../$program" 2>/dev/null | /bin/sed 1q`; \ | ||
89 | test "X$file" != "X$progdir/$program"; }; then | ||
90 | |||
91 | file="$$-$program" | ||
92 | |||
93 | if test ! -d "$progdir"; then | ||
94 | mkdir "$progdir" | ||
95 | else | ||
96 | rm -f "$progdir/$file" | ||
97 | fi | ||
98 | |||
99 | # relink executable if necessary | ||
100 | if test -n "$relink_command"; then | ||
101 | if relink_command_output=`eval $relink_command 2>&1`; then : | ||
102 | else | ||
103 | echo "$relink_command_output" >&2 | ||
104 | rm -f "$progdir/$file" | ||
105 | exit 1 | ||
106 | fi | ||
107 | fi | ||
108 | |||
109 | mv -f "$progdir/$file" "$progdir/$program" 2>/dev/null || | ||
110 | { rm -f "$progdir/$program"; | ||
111 | mv -f "$progdir/$file" "$progdir/$program"; } | ||
112 | rm -f "$progdir/$file" | ||
113 | fi | ||
114 | |||
115 | if test -f "$progdir/$program"; then | ||
116 | if test "$libtool_execute_magic" != "%%%MAGIC variable%%%"; then | ||
117 | # Run the actual program with our arguments. | ||
118 | |||
119 | exec "$progdir/$program" ${1+"$@"} | ||
120 | |||
121 | $echo "$0: cannot exec $program $*" | ||
122 | exit 1 | ||
123 | fi | ||
124 | else | ||
125 | # The program doesn't exist. | ||
126 | $echo "$0: error: \`$progdir/$program' does not exist" 1>&2 | ||
127 | $echo "This script is just a wrapper for $program." 1>&2 | ||
128 | echo "See the libtool documentation for more information." 1>&2 | ||
129 | exit 1 | ||
130 | fi | ||
131 | fi | ||
diff --git a/src/daemon/https/errcodes.c b/src/daemon/https/errcodes.c deleted file mode 100644 index 0177eccc..00000000 --- a/src/daemon/https/errcodes.c +++ /dev/null | |||
@@ -1,24 +0,0 @@ | |||
1 | #if HAVE_CONFIG_H | ||
2 | #include "config.h" | ||
3 | #endif | ||
4 | |||
5 | #include <stdio.h> | ||
6 | #include <stdlib.h> | ||
7 | #include <string.h> | ||
8 | #include <gnutls.h> | ||
9 | |||
10 | const char *_gnutls_strerror (int); | ||
11 | |||
12 | typedef struct | ||
13 | { | ||
14 | char name[128]; | ||
15 | int error_index; | ||
16 | } error_name; | ||
17 | |||
18 | static int | ||
19 | compar (const void *_n1, const void *_n2) | ||
20 | { | ||
21 | const error_name *n1 = (const error_name *) _n1, | ||
22 | *n2 = (const error_name *) _n2; | ||
23 | return strcmp (n1->name, n2->name); | ||
24 | } | ||
diff --git a/src/daemon/https/includes/extra.h b/src/daemon/https/includes/extra.h index ca0cb5b4..0c363259 100644 --- a/src/daemon/https/includes/extra.h +++ b/src/daemon/https/includes/extra.h | |||
@@ -27,9 +27,9 @@ | |||
27 | */ | 27 | */ |
28 | 28 | ||
29 | #ifndef GNUTLS_EXTRA_H | 29 | #ifndef GNUTLS_EXTRA_H |
30 | # define GNUTLS_EXTRA_H | 30 | #define GNUTLS_EXTRA_H |
31 | 31 | ||
32 | #include <gnutls.h> | 32 | #include "gnutls.h" |
33 | 33 | ||
34 | #ifdef __cplusplus | 34 | #ifdef __cplusplus |
35 | extern "C" | 35 | extern "C" |
@@ -38,7 +38,7 @@ extern "C" | |||
38 | 38 | ||
39 | #define LIBGNUTLS_EXTRA_VERSION LIBGNUTLS_VERSION | 39 | #define LIBGNUTLS_EXTRA_VERSION LIBGNUTLS_VERSION |
40 | 40 | ||
41 | /* Openpgp certificate stuff | 41 | /* Openpgp certificate stuff |
42 | */ | 42 | */ |
43 | 43 | ||
44 | typedef enum gnutls_openpgp_crt_fmt | 44 | typedef enum gnutls_openpgp_crt_fmt |
@@ -175,7 +175,7 @@ extern "C" | |||
175 | 175 | ||
176 | int gnutls_global_init_extra (void); | 176 | int gnutls_global_init_extra (void); |
177 | 177 | ||
178 | /* returns libgnutls-extra version (call it with a NULL argument) | 178 | /* returns libgnutls-extra version (call it with a NULL argument) |
179 | */ | 179 | */ |
180 | const char *gnutls_extra_check_version (const char *req_version); | 180 | const char *gnutls_extra_check_version (const char *req_version); |
181 | 181 | ||
diff --git a/src/daemon/https/includes/gnutls.h b/src/daemon/https/includes/gnutls.h index 5178609b..df34e72c 100644 --- a/src/daemon/https/includes/gnutls.h +++ b/src/daemon/https/includes/gnutls.h | |||
@@ -32,9 +32,8 @@ | |||
32 | * gcrypt.h | 32 | * gcrypt.h |
33 | */ | 33 | */ |
34 | 34 | ||
35 | |||
36 | #ifndef GNUTLS_H | 35 | #ifndef GNUTLS_H |
37 | # define GNUTLS_H | 36 | #define GNUTLS_H |
38 | 37 | ||
39 | #ifdef __cplusplus | 38 | #ifdef __cplusplus |
40 | extern "C" | 39 | extern "C" |
@@ -49,8 +48,6 @@ extern "C" | |||
49 | 48 | ||
50 | #define LIBGNUTLS_VERSION_NUMBER 0x020203 | 49 | #define LIBGNUTLS_VERSION_NUMBER 0x020203 |
51 | 50 | ||
52 | |||
53 | |||
54 | /* Get size_t. */ | 51 | /* Get size_t. */ |
55 | #include <stddef.h> | 52 | #include <stddef.h> |
56 | /* Get ssize_t. */ | 53 | /* Get ssize_t. */ |
@@ -67,33 +64,7 @@ extern "C" | |||
67 | #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC | 64 | #define GNUTLS_CIPHER_RIJNDAEL_CBC GNUTLS_CIPHER_AES_128_CBC |
68 | #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 | 65 | #define GNUTLS_CIPHER_ARCFOUR GNUTLS_CIPHER_ARCFOUR_128 |
69 | 66 | ||
70 | typedef enum gnutls_cipher_algorithm | 67 | #include "microhttpsd.h" |
71 | { | ||
72 | GNUTLS_CIPHER_UNKNOWN = 0, | ||
73 | GNUTLS_CIPHER_NULL = 1, | ||
74 | GNUTLS_CIPHER_ARCFOUR_128, | ||
75 | GNUTLS_CIPHER_3DES_CBC, | ||
76 | GNUTLS_CIPHER_AES_128_CBC, | ||
77 | GNUTLS_CIPHER_AES_256_CBC, | ||
78 | GNUTLS_CIPHER_ARCFOUR_40, | ||
79 | GNUTLS_CIPHER_CAMELLIA_128_CBC, | ||
80 | GNUTLS_CIPHER_CAMELLIA_256_CBC, | ||
81 | GNUTLS_CIPHER_RC2_40_CBC = 90, | ||
82 | GNUTLS_CIPHER_DES_CBC | ||
83 | } gnutls_cipher_algorithm_t; | ||
84 | |||
85 | typedef enum | ||
86 | { | ||
87 | GNUTLS_KX_UNKNOWN = 0, | ||
88 | GNUTLS_KX_RSA = 1, | ||
89 | GNUTLS_KX_DHE_DSS, | ||
90 | GNUTLS_KX_DHE_RSA, | ||
91 | GNUTLS_KX_ANON_DH, | ||
92 | GNUTLS_KX_SRP, | ||
93 | GNUTLS_KX_RSA_EXPORT, | ||
94 | GNUTLS_KX_SRP_RSA, | ||
95 | GNUTLS_KX_SRP_DSS, | ||
96 | } gnutls_kx_algorithm_t; | ||
97 | 68 | ||
98 | typedef enum | 69 | typedef enum |
99 | { | 70 | { |
@@ -101,57 +72,16 @@ extern "C" | |||
101 | GNUTLS_PARAMS_DH | 72 | GNUTLS_PARAMS_DH |
102 | } gnutls_params_type_t; | 73 | } gnutls_params_type_t; |
103 | 74 | ||
104 | typedef enum | 75 | /* TODO clean |
105 | { | ||
106 | GNUTLS_CRD_CERTIFICATE = 1, | ||
107 | GNUTLS_CRD_ANON, | ||
108 | GNUTLS_CRD_SRP, | ||
109 | GNUTLS_CRD_PSK, | ||
110 | GNUTLS_CRD_IA | ||
111 | } gnutls_credentials_type_t; | ||
112 | |||
113 | #define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1 | 76 | #define GNUTLS_MAC_SHA GNUTLS_MAC_SHA1 |
114 | #define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1 | 77 | #define GNUTLS_DIG_SHA GNUTLS_DIG_SHA1 |
115 | 78 | */ | |
116 | typedef enum | ||
117 | { | ||
118 | GNUTLS_MAC_UNKNOWN = 0, | ||
119 | GNUTLS_MAC_NULL = 1, | ||
120 | GNUTLS_MAC_MD5, | ||
121 | GNUTLS_MAC_SHA1, | ||
122 | //GNUTLS_MAC_RMD160, | ||
123 | //GNUTLS_MAC_MD2, | ||
124 | GNUTLS_MAC_SHA256, | ||
125 | //GNUTLS_MAC_SHA384, | ||
126 | //GNUTLS_MAC_SHA512 | ||
127 | } gnutls_mac_algorithm_t; | ||
128 | |||
129 | /* The enumerations here should have the same value with | ||
130 | gnutls_mac_algorithm_t. | ||
131 | */ | ||
132 | typedef enum | ||
133 | { | ||
134 | GNUTLS_DIG_NULL = GNUTLS_MAC_NULL, | ||
135 | GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5, | ||
136 | GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1, | ||
137 | GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256, | ||
138 | } gnutls_digest_algorithm_t; | ||
139 | 79 | ||
140 | /* exported for other gnutls headers. This is the maximum number of | 80 | /* exported for other gnutls headers. This is the maximum number of |
141 | * algorithms (ciphers, kx or macs). | 81 | * algorithms (ciphers, kx or macs). |
142 | */ | 82 | */ |
143 | #define GNUTLS_MAX_ALGORITHM_NUM 16 | 83 | #define GNUTLS_MAX_ALGORITHM_NUM 16 |
144 | |||
145 | #define GNUTLS_COMP_ZLIB GNUTLS_COMP_DEFLATE | 84 | #define GNUTLS_COMP_ZLIB GNUTLS_COMP_DEFLATE |
146 | typedef enum | ||
147 | { | ||
148 | GNUTLS_COMP_UNKNOWN = 0, | ||
149 | GNUTLS_COMP_NULL = 1, | ||
150 | GNUTLS_COMP_DEFLATE, | ||
151 | GNUTLS_COMP_LZO /* only available if gnutls-extra has | ||
152 | been initialized | ||
153 | */ | ||
154 | } gnutls_compression_method_t; | ||
155 | 85 | ||
156 | typedef enum | 86 | typedef enum |
157 | { | 87 | { |
@@ -251,36 +181,12 @@ extern "C" | |||
251 | GNUTLS_SHUT_WR = 1 | 181 | GNUTLS_SHUT_WR = 1 |
252 | } gnutls_close_request_t; | 182 | } gnutls_close_request_t; |
253 | 183 | ||
254 | #define GNUTLS_TLS1 GNUTLS_TLS1_0 | ||
255 | typedef enum | ||
256 | { | ||
257 | GNUTLS_SSL3 = 1, | ||
258 | GNUTLS_TLS1_0, | ||
259 | GNUTLS_TLS1_1, | ||
260 | GNUTLS_TLS1_2, | ||
261 | GNUTLS_VERSION_UNKNOWN = 0xff | ||
262 | } gnutls_protocol_t; | ||
263 | |||
264 | typedef enum | ||
265 | { | ||
266 | GNUTLS_CRT_UNKNOWN = 0, | ||
267 | GNUTLS_CRT_X509 = 1, | ||
268 | GNUTLS_CRT_OPENPGP | ||
269 | } gnutls_certificate_type_t; | ||
270 | |||
271 | typedef enum | 184 | typedef enum |
272 | { | 185 | { |
273 | GNUTLS_X509_FMT_DER, | 186 | GNUTLS_X509_FMT_DER, |
274 | GNUTLS_X509_FMT_PEM | 187 | GNUTLS_X509_FMT_PEM |
275 | } gnutls_x509_crt_fmt_t; | 188 | } gnutls_x509_crt_fmt_t; |
276 | 189 | ||
277 | typedef enum | ||
278 | { | ||
279 | GNUTLS_PK_UNKNOWN = 0, | ||
280 | GNUTLS_PK_RSA = 1, | ||
281 | //GNUTLS_PK_DSA | ||
282 | } gnutls_pk_algorithm_t; | ||
283 | |||
284 | const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm); | 190 | const char *gnutls_pk_algorithm_get_name (gnutls_pk_algorithm_t algorithm); |
285 | 191 | ||
286 | #define GNUTLS_SIGN_RSA_SHA GNUTLS_SIGN_RSA_SHA1 | 192 | #define GNUTLS_SIGN_RSA_SHA GNUTLS_SIGN_RSA_SHA1 |
diff --git a/src/daemon/https/lgl/Makefile.am b/src/daemon/https/lgl/Makefile.am index 1edb75ae..ff8d1856 100644 --- a/src/daemon/https/lgl/Makefile.am +++ b/src/daemon/https/lgl/Makefile.am | |||
@@ -1,6 +1,7 @@ | |||
1 | SUBDIRS = . | 1 | SUBDIRS = . |
2 | 2 | ||
3 | AM_CPPFLAGS = -std=c99 \ | 3 | AM_CPPFLAGS = -std=c99 \ |
4 | -I$(top_srcdir)/src/include \ | ||
4 | -I$(GCRYPT_CPPFLAGS) | 5 | -I$(GCRYPT_CPPFLAGS) |
5 | 6 | ||
6 | # gc-gnulib.c | 7 | # gc-gnulib.c |
diff --git a/src/daemon/https/minitasn1/Makefile.am b/src/daemon/https/minitasn1/Makefile.am index fc924cc4..6c58730d 100644 --- a/src/daemon/https/minitasn1/Makefile.am +++ b/src/daemon/https/minitasn1/Makefile.am | |||
@@ -1,5 +1,6 @@ | |||
1 | 1 | ||
2 | AM_CPPFLAGS = -I./includes \ | 2 | AM_CPPFLAGS = \ |
3 | -I$(top_srcdir)/src/include \ | ||
3 | -I$(top_srcdir)/src/daemon/https/lgl \ | 4 | -I$(top_srcdir)/src/daemon/https/lgl \ |
4 | -I$(top_srcdir)/src/daemon/https/tls \ | 5 | -I$(top_srcdir)/src/daemon/https/tls \ |
5 | -I$(top_srcdir)/src/daemon/https/includes | 6 | -I$(top_srcdir)/src/daemon/https/includes |
diff --git a/src/daemon/https/opencdk/Makefile.am b/src/daemon/https/opencdk/Makefile.am index b69a151f..b6e67470 100644 --- a/src/daemon/https/opencdk/Makefile.am +++ b/src/daemon/https/opencdk/Makefile.am | |||
@@ -1,4 +1,6 @@ | |||
1 | AM_CPPFLAGS = -I$(top_srcdir)/lib \ | 1 | AM_CPPFLAGS = \ |
2 | -I$(top_srcdir)/src/include \ | ||
3 | -I$(top_srcdir)/lib \ | ||
2 | -I$(top_srcdir)/lgl \ | 4 | -I$(top_srcdir)/lgl \ |
3 | -I$(GCRYPT_CPPFLAGS) | 5 | -I$(GCRYPT_CPPFLAGS) |
4 | 6 | ||
diff --git a/src/daemon/https/openpgp/Makefile.am b/src/daemon/https/openpgp/Makefile.am index 94c27ac1..66380444 100644 --- a/src/daemon/https/openpgp/Makefile.am +++ b/src/daemon/https/openpgp/Makefile.am | |||
@@ -1,6 +1,7 @@ | |||
1 | SUBDIRS = . | 1 | SUBDIRS = . |
2 | 2 | ||
3 | AM_CPPFLAGS = -I./includes \ | 3 | AM_CPPFLAGS = \ |
4 | -I$(top_srcdir)/src/include \ | ||
4 | -I$(top_srcdir)/src/daemon/https/includes \ | 5 | -I$(top_srcdir)/src/daemon/https/includes \ |
5 | -I$(top_srcdir)/src/daemon/https/lgl \ | 6 | -I$(top_srcdir)/src/daemon/https/lgl \ |
6 | -I$(top_srcdir)/src/daemon/https/x509 \ | 7 | -I$(top_srcdir)/src/daemon/https/x509 \ |
diff --git a/src/daemon/https/tls/Makefile.am b/src/daemon/https/tls/Makefile.am index ca847aa2..ceecb1ba 100644 --- a/src/daemon/https/tls/Makefile.am +++ b/src/daemon/https/tls/Makefile.am | |||
@@ -1,12 +1,13 @@ | |||
1 | SUBDIRS = . | 1 | SUBDIRS = . |
2 | 2 | ||
3 | AM_CPPFLAGS = \ | 3 | AM_CPPFLAGS = \ |
4 | -I$(top_srcdir)/src/daemon/https/includes \ | 4 | -I$(top_srcdir)/src/include \ |
5 | -I$(top_srcdir)/src/daemon/https/tls \ | ||
5 | -I$(top_srcdir)/src/daemon/https/lgl \ | 6 | -I$(top_srcdir)/src/daemon/https/lgl \ |
6 | -I$(top_srcdir)/src/daemon/https/x509 \ | 7 | -I$(top_srcdir)/src/daemon/https/x509 \ |
7 | -I$(top_srcdir)/src/daemon/https/tls \ | ||
8 | -I$(top_srcdir)/src/daemon/https/openpgp \ | 8 | -I$(top_srcdir)/src/daemon/https/openpgp \ |
9 | -I$(top_srcdir)/src/daemon/https/opencdk \ | 9 | -I$(top_srcdir)/src/daemon/https/opencdk \ |
10 | -I$(top_srcdir)/src/daemon/https/includes \ | ||
10 | -I$(GCRYPT_CPPFLAGS) | 11 | -I$(GCRYPT_CPPFLAGS) |
11 | 12 | ||
12 | noinst_LTLIBRARIES = libtls.la | 13 | noinst_LTLIBRARIES = libtls.la |
diff --git a/src/daemon/https/tls/defines.h b/src/daemon/https/tls/defines.h index a53ce2e4..43e96766 100644 --- a/src/daemon/https/tls/defines.h +++ b/src/daemon/https/tls/defines.h | |||
@@ -48,7 +48,7 @@ typedef int ssize_t; | |||
48 | #include <sys/socket.h> | 48 | #include <sys/socket.h> |
49 | #include <time.h> | 49 | #include <time.h> |
50 | 50 | ||
51 | // TODO check if these should go into config.h | 51 | /* TODO check if these should go into config.h */ |
52 | #define SIZEOF_UNSIGNED_INT 4 | 52 | #define SIZEOF_UNSIGNED_INT 4 |
53 | #define SIZEOF_UNSIGNED_LONG 8 | 53 | #define SIZEOF_UNSIGNED_LONG 8 |
54 | #define SIZEOF_UNSIGNED_LONG_INT SIZEOF_UNSIGNED_LONG | 54 | #define SIZEOF_UNSIGNED_LONG_INT SIZEOF_UNSIGNED_LONG |
diff --git a/src/daemon/https/tls/gnutls_global.c b/src/daemon/https/tls/gnutls_global.c index 822293ac..d244213e 100644 --- a/src/daemon/https/tls/gnutls_global.c +++ b/src/daemon/https/tls/gnutls_global.c | |||
@@ -60,10 +60,10 @@ ASN1_TYPE _gnutls_gnutls_asn; | |||
60 | * | 60 | * |
61 | * This is the function where you set the logging function gnutls | 61 | * This is the function where you set the logging function gnutls |
62 | * is going to use. This function only accepts a character array. | 62 | * is going to use. This function only accepts a character array. |
63 | * Normally you may not use this function since it is only used | 63 | * Normally you may not use this function since it is only used |
64 | * for debugging purposes. | 64 | * for debugging purposes. |
65 | * | 65 | * |
66 | * gnutls_log_func is of the form, | 66 | * gnutls_log_func is of the form, |
67 | * void (*gnutls_log_func)( int level, const char*); | 67 | * void (*gnutls_log_func)( int level, const char*); |
68 | **/ | 68 | **/ |
69 | void | 69 | void |
@@ -74,7 +74,7 @@ gnutls_global_set_log_function (gnutls_log_func log_func) | |||
74 | 74 | ||
75 | /** | 75 | /** |
76 | * gnutls_global_set_log_level - This function sets the logging level | 76 | * gnutls_global_set_log_level - This function sets the logging level |
77 | * @level: it's an integer from 0 to 9. | 77 | * @level: it's an integer from 0 to 9. |
78 | * | 78 | * |
79 | * This is the function that allows you to set the log level. | 79 | * This is the function that allows you to set the log level. |
80 | * The level is an integer between 0 and 9. Higher values mean | 80 | * The level is an integer between 0 and 9. Higher values mean |
@@ -90,15 +90,6 @@ gnutls_global_set_log_level (int level) | |||
90 | _gnutls_log_level = level; | 90 | _gnutls_log_level = level; |
91 | } | 91 | } |
92 | 92 | ||
93 | #ifdef DEBUG | ||
94 | /* default logging function */ | ||
95 | static void | ||
96 | dlog (int level, const char *str) | ||
97 | { | ||
98 | fputs (str, stderr); | ||
99 | } | ||
100 | #endif | ||
101 | |||
102 | extern gnutls_alloc_function gnutls_secure_malloc; | 93 | extern gnutls_alloc_function gnutls_secure_malloc; |
103 | extern gnutls_alloc_function gnutls_malloc; | 94 | extern gnutls_alloc_function gnutls_malloc; |
104 | extern gnutls_free_function gnutls_free; | 95 | extern gnutls_free_function gnutls_free; |
@@ -121,7 +112,7 @@ int _gnutls_is_secure_mem_null (const void *); | |||
121 | * is going to use. By default the libc's allocation functions (malloc(), free()), | 112 | * is going to use. By default the libc's allocation functions (malloc(), free()), |
122 | * are used by gnutls, to allocate both sensitive and not sensitive data. | 113 | * are used by gnutls, to allocate both sensitive and not sensitive data. |
123 | * This function is provided to set the memory allocation functions to | 114 | * This function is provided to set the memory allocation functions to |
124 | * something other than the defaults (ie the gcrypt allocation functions). | 115 | * something other than the defaults (ie the gcrypt allocation functions). |
125 | * | 116 | * |
126 | * This function must be called before gnutls_global_init() is called. | 117 | * This function must be called before gnutls_global_init() is called. |
127 | * | 118 | * |
@@ -182,7 +173,7 @@ static int _gnutls_init = 0; | |||
182 | * | 173 | * |
183 | * Note that this function will also initialize libgcrypt, if it has not | 174 | * Note that this function will also initialize libgcrypt, if it has not |
184 | * been initialized before. Thus if you want to manually initialize libgcrypt | 175 | * been initialized before. Thus if you want to manually initialize libgcrypt |
185 | * you must do it before calling this function. This is useful in cases you | 176 | * you must do it before calling this function. This is useful in cases you |
186 | * want to disable libgcrypt's internal lockings etc. | 177 | * want to disable libgcrypt's internal lockings etc. |
187 | * | 178 | * |
188 | * This function increment a global counter, so that | 179 | * This function increment a global counter, so that |
@@ -209,7 +200,7 @@ gnutls_global_init (void) | |||
209 | char c; | 200 | char c; |
210 | 201 | ||
211 | if (_gnutls_init++) | 202 | if (_gnutls_init++) |
212 | return; | 203 | return 0; |
213 | 204 | ||
214 | #if HAVE_WINSOCK | 205 | #if HAVE_WINSOCK |
215 | { | 206 | { |
@@ -235,7 +226,6 @@ gnutls_global_init (void) | |||
235 | } | 226 | } |
236 | #endif | 227 | #endif |
237 | 228 | ||
238 | |||
239 | // bindtextdomain("mhd", "./"); | 229 | // bindtextdomain("mhd", "./"); |
240 | 230 | ||
241 | if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P) == 0) | 231 | if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P) == 0) |
@@ -285,14 +275,13 @@ gnutls_global_init (void) | |||
285 | } | 275 | } |
286 | 276 | ||
287 | #ifdef DEBUG | 277 | #ifdef DEBUG |
288 | gnutls_global_set_log_function (dlog); | 278 | gnutls_global_set_log_function (MHD_tls_log_func()); |
289 | #endif | 279 | #endif |
290 | 280 | ||
291 | /* initialize parser | 281 | /* initialize parser |
292 | * This should not deal with files in the final | 282 | * This should not deal with files in the final |
293 | * version. | 283 | * version. |
294 | */ | 284 | */ |
295 | |||
296 | res = asn1_array2tree(pkix_asn1_tab, &_gnutls_pkix1_asn, NULL); | 285 | res = asn1_array2tree(pkix_asn1_tab, &_gnutls_pkix1_asn, NULL); |
297 | if (res != ASN1_SUCCESS) | 286 | if (res != ASN1_SUCCESS) |
298 | { | 287 | { |
@@ -315,7 +304,7 @@ gnutls_global_init (void) | |||
315 | } | 304 | } |
316 | 305 | ||
317 | /** | 306 | /** |
318 | * gnutls_global_deinit - This function deinitializes the global data | 307 | * gnutls_global_deinit - This function deinitializes the global data |
319 | * | 308 | * |
320 | * This function deinitializes the global data, that were initialized | 309 | * This function deinitializes the global data, that were initialized |
321 | * using gnutls_global_init(). | 310 | * using gnutls_global_init(). |
@@ -339,7 +328,7 @@ gnutls_global_deinit (void) | |||
339 | _gnutls_init--; | 328 | _gnutls_init--; |
340 | } | 329 | } |
341 | 330 | ||
342 | /* These functions should be elsewere. Kept here for | 331 | /* These functions should be elsewere. Kept here for |
343 | * historical reasons. | 332 | * historical reasons. |
344 | */ | 333 | */ |
345 | 334 | ||
@@ -348,12 +337,12 @@ gnutls_global_deinit (void) | |||
348 | * @pull_func: a callback function similar to read() | 337 | * @pull_func: a callback function similar to read() |
349 | * @session: gnutls session | 338 | * @session: gnutls session |
350 | * | 339 | * |
351 | * This is the function where you set a function for gnutls | 340 | * This is the function where you set a function for gnutls |
352 | * to receive data. Normally, if you use berkeley style sockets, | 341 | * to receive data. Normally, if you use berkeley style sockets, |
353 | * do not need to use this function since the default (recv(2)) will | 342 | * do not need to use this function since the default (recv(2)) will |
354 | * probably be ok. | 343 | * probably be ok. |
355 | * | 344 | * |
356 | * PULL_FUNC is of the form, | 345 | * PULL_FUNC is of the form, |
357 | * ssize_t (*gnutls_pull_func)(gnutls_transport_ptr_t, void*, size_t); | 346 | * ssize_t (*gnutls_pull_func)(gnutls_transport_ptr_t, void*, size_t); |
358 | **/ | 347 | **/ |
359 | void | 348 | void |
@@ -373,8 +362,8 @@ gnutls_transport_set_pull_function (gnutls_session_t session, | |||
373 | * sockets, you do not need to use this function since | 362 | * sockets, you do not need to use this function since |
374 | * the default (send(2)) will probably be ok. Otherwise you should | 363 | * the default (send(2)) will probably be ok. Otherwise you should |
375 | * specify this function for gnutls to be able to send data. | 364 | * specify this function for gnutls to be able to send data. |
376 | * | 365 | * |
377 | * PUSH_FUNC is of the form, | 366 | * PUSH_FUNC is of the form, |
378 | * ssize_t (*gnutls_push_func)(gnutls_transport_ptr_t, const void*, size_t); | 367 | * ssize_t (*gnutls_push_func)(gnutls_transport_ptr_t, const void*, size_t); |
379 | **/ | 368 | **/ |
380 | void | 369 | void |
diff --git a/src/daemon/https/tls/gnutls_global.h b/src/daemon/https/tls/gnutls_global.h index 3305ebad..05026a70 100644 --- a/src/daemon/https/tls/gnutls_global.h +++ b/src/daemon/https/tls/gnutls_global.h | |||
@@ -27,12 +27,15 @@ | |||
27 | 27 | ||
28 | #include <libtasn1.h> | 28 | #include <libtasn1.h> |
29 | 29 | ||
30 | /* this mutex is used to synchronize threads attemting call gnutls_global_init / gnutls_global_deinit */ | ||
31 | pthread_mutex_t gnutls_init_mutex; | ||
32 | |||
30 | int gnutls_is_secure_memory (const void *mem); | 33 | int gnutls_is_secure_memory (const void *mem); |
31 | 34 | ||
32 | extern ASN1_TYPE _gnutls_pkix1_asn; | 35 | extern ASN1_TYPE _gnutls_pkix1_asn; |
33 | extern ASN1_TYPE _gnutls_gnutls_asn; | 36 | extern ASN1_TYPE _gnutls_gnutls_asn; |
34 | 37 | ||
35 | /* removed const from node_asn* to | 38 | /* removed const from node_asn* to |
36 | * prevent warnings, since libtasn1 doesn't | 39 | * prevent warnings, since libtasn1 doesn't |
37 | * use the const keywork in its functions. | 40 | * use the const keywork in its functions. |
38 | */ | 41 | */ |
diff --git a/src/daemon/https/tls/gnutls_int.h b/src/daemon/https/tls/gnutls_int.h index c1e501a0..1bd6205d 100644 --- a/src/daemon/https/tls/gnutls_int.h +++ b/src/daemon/https/tls/gnutls_int.h | |||
@@ -23,12 +23,13 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #ifndef GNUTLS_INT_H | 25 | #ifndef GNUTLS_INT_H |
26 | |||
27 | #define GNUTLS_INT_H | 26 | #define GNUTLS_INT_H |
28 | 27 | ||
29 | #include <defines.h> | 28 | #include <defines.h> |
30 | 29 | ||
31 | #include "gnutls.h" | 30 | #include "gnutls.h" |
31 | #include "microhttpsd.h" | ||
32 | |||
32 | #include "extra.h" | 33 | #include "extra.h" |
33 | #include "gnutls_mem.h" | 34 | #include "gnutls_mem.h" |
34 | 35 | ||
@@ -36,6 +37,8 @@ | |||
36 | */ | 37 | */ |
37 | #define KEYRING_HACK | 38 | #define KEYRING_HACK |
38 | 39 | ||
40 | #define MAX(X,Y) ((X) > (Y) ? (X) : (Y)); | ||
41 | |||
39 | #define MAX32 4294967295 | 42 | #define MAX32 4294967295 |
40 | #define MAX24 16777215 | 43 | #define MAX24 16777215 |
41 | #define MAX16 65535 | 44 | #define MAX16 65535 |
@@ -49,7 +52,7 @@ | |||
49 | #define TLS_MAX_SESSION_ID_SIZE 32 | 52 | #define TLS_MAX_SESSION_ID_SIZE 32 |
50 | #define TLS_MASTER_SIZE 48 | 53 | #define TLS_MASTER_SIZE 48 |
51 | 54 | ||
52 | /* The maximum digest size of hash algorithms. | 55 | /* The maximum digest size of hash algorithms. |
53 | */ | 56 | */ |
54 | #define MAX_HASH_SIZE 64 | 57 | #define MAX_HASH_SIZE 64 |
55 | 58 | ||
@@ -112,7 +115,7 @@ typedef struct | |||
112 | #include <gnutls_mpi.h> | 115 | #include <gnutls_mpi.h> |
113 | 116 | ||
114 | typedef enum change_cipher_spec_t | 117 | typedef enum change_cipher_spec_t |
115 | { | 118 | { |
116 | GNUTLS_TYPE_CHANGE_CIPHER_SPEC = 1 | 119 | GNUTLS_TYPE_CHANGE_CIPHER_SPEC = 1 |
117 | } change_cipher_spec_t; | 120 | } change_cipher_spec_t; |
118 | 121 | ||
@@ -176,7 +179,7 @@ typedef struct auth_cred_st | |||
176 | { | 179 | { |
177 | gnutls_credentials_type_t algorithm; | 180 | gnutls_credentials_type_t algorithm; |
178 | 181 | ||
179 | /* the type of credentials depends on algorithm | 182 | /* the type of credentials depends on algorithm |
180 | */ | 183 | */ |
181 | void *credentials; | 184 | void *credentials; |
182 | struct auth_cred_st *next; | 185 | struct auth_cred_st *next; |
@@ -202,9 +205,9 @@ struct gnutls_key_st | |||
202 | */ | 205 | */ |
203 | mpi_t rsa[2]; | 206 | mpi_t rsa[2]; |
204 | 207 | ||
205 | /* this is used to hold the peers authentication data | 208 | /* this is used to hold the peers authentication data |
206 | */ | 209 | */ |
207 | /* auth_info_t structures SHOULD NOT contain malloced | 210 | /* auth_info_t structures SHOULD NOT contain malloced |
208 | * elements. Check gnutls_session_pack.c, and gnutls_auth.c. | 211 | * elements. Check gnutls_session_pack.c, and gnutls_auth.c. |
209 | * Rememember that this should be calloced! | 212 | * Rememember that this should be calloced! |
210 | */ | 213 | */ |
@@ -287,13 +290,13 @@ typedef enum tls_ext_parse_type_t | |||
287 | EXTENSION_TLS | 290 | EXTENSION_TLS |
288 | } tls_ext_parse_type_t; | 291 | } tls_ext_parse_type_t; |
289 | 292 | ||
290 | /* auth_info_t structures now MAY contain malloced | 293 | /* auth_info_t structures now MAY contain malloced |
291 | * elements. | 294 | * elements. |
292 | */ | 295 | */ |
293 | 296 | ||
294 | /* This structure and auth_info_t, are stored in the resume database, | 297 | /* This structure and auth_info_t, are stored in the resume database, |
295 | * and are restored, in case of resume. | 298 | * and are restored, in case of resume. |
296 | * Holds all the required parameters to resume the current | 299 | * Holds all the required parameters to resume the current |
297 | * session. | 300 | * session. |
298 | */ | 301 | */ |
299 | 302 | ||
@@ -321,7 +324,7 @@ typedef struct | |||
321 | gnutls_mac_algorithm_t write_mac_algorithm; | 324 | gnutls_mac_algorithm_t write_mac_algorithm; |
322 | gnutls_compression_method_t write_compression_algorithm; | 325 | gnutls_compression_method_t write_compression_algorithm; |
323 | 326 | ||
324 | /* this is the ciphersuite we are going to use | 327 | /* this is the ciphersuite we are going to use |
325 | * moved here from internals in order to be restored | 328 | * moved here from internals in order to be restored |
326 | * on resume; | 329 | * on resume; |
327 | */ | 330 | */ |
@@ -511,7 +514,7 @@ typedef struct | |||
511 | 514 | ||
512 | /* this is the highest version available | 515 | /* this is the highest version available |
513 | * to the peer. (advertized version). | 516 | * to the peer. (advertized version). |
514 | * This is obtained by the Handshake Client Hello | 517 | * This is obtained by the Handshake Client Hello |
515 | * message. (some implementations read the Record version) | 518 | * message. (some implementations read the Record version) |
516 | */ | 519 | */ |
517 | uint8_t adv_version_major; | 520 | uint8_t adv_version_major; |
@@ -523,8 +526,8 @@ typedef struct | |||
523 | */ | 526 | */ |
524 | int send_cert_req; | 527 | int send_cert_req; |
525 | 528 | ||
526 | /* bits to use for DHE and DHA | 529 | /* bits to use for DHE and DHA |
527 | * use _gnutls_dh_get_prime_bits() and gnutls_dh_set_prime_bits() | 530 | * use _gnutls_dh_get_prime_bits() and gnutls_dh_set_prime_bits() |
528 | * to access it. | 531 | * to access it. |
529 | */ | 532 | */ |
530 | uint16_t dh_prime_bits; | 533 | uint16_t dh_prime_bits; |
diff --git a/src/daemon/https/tls/gnutls_str.h b/src/daemon/https/tls/gnutls_str.h index c805d70f..62415557 100644 --- a/src/daemon/https/tls/gnutls_str.h +++ b/src/daemon/https/tls/gnutls_str.h | |||
@@ -23,12 +23,10 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #ifndef GNUTLS_STR_H | 25 | #ifndef GNUTLS_STR_H |
26 | # define GNUTLS_STR_H | 26 | #define GNUTLS_STR_H |
27 | 27 | ||
28 | #include <gnutls_int.h> | 28 | #include <gnutls_int.h> |
29 | 29 | ||
30 | #define MAX(X,Y) ((X) > (Y) ? (X) : (Y)); | ||
31 | |||
32 | void _gnutls_str_cpy (char *dest, size_t dest_tot_size, const char *src); | 30 | void _gnutls_str_cpy (char *dest, size_t dest_tot_size, const char *src); |
33 | void _gnutls_mem_cpy (char *dest, size_t dest_tot_size, const char *src, | 31 | void _gnutls_mem_cpy (char *dest, size_t dest_tot_size, const char *src, |
34 | size_t src_size); | 32 | size_t src_size); |
diff --git a/src/daemon/https/x509/Makefile.am b/src/daemon/https/x509/Makefile.am index c3a30f03..6121dd51 100644 --- a/src/daemon/https/x509/Makefile.am +++ b/src/daemon/https/x509/Makefile.am | |||
@@ -1,5 +1,6 @@ | |||
1 | 1 | ||
2 | AM_CPPFLAGS = -I./includes \ | 2 | AM_CPPFLAGS = \ |
3 | -I$(top_srcdir)/src/include \ | ||
3 | -I$(top_srcdir)/src/daemon/https/includes \ | 4 | -I$(top_srcdir)/src/daemon/https/includes \ |
4 | -I$(top_srcdir)/src/daemon/https/minitasn1 \ | 5 | -I$(top_srcdir)/src/daemon/https/minitasn1 \ |
5 | -I$(top_srcdir)/src/daemon/https/lgl \ | 6 | -I$(top_srcdir)/src/daemon/https/lgl \ |
diff --git a/src/daemon/https/x509/x509.h b/src/daemon/https/x509/x509.h index c9bb22ef..8cef1d30 100644 --- a/src/daemon/https/x509/x509.h +++ b/src/daemon/https/x509/x509.h | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #ifndef X509_H | 25 | #ifndef X509_H |
26 | # define X509_H | 26 | #define X509_H |
27 | 27 | ||
28 | #define MIN(X,Y) ((X) > (Y) ? (Y) : (X)); | 28 | #define MIN(X,Y) ((X) > (Y) ? (Y) : (X)); |
29 | 29 | ||
@@ -781,8 +781,8 @@ typedef struct gnutls_x509_crt_int | |||
781 | 781 | ||
782 | typedef struct gnutls_x509_privkey_int | 782 | typedef struct gnutls_x509_privkey_int |
783 | { | 783 | { |
784 | mpi_t params[MAX_PRIV_PARAMS_SIZE]; /* the size of params depends on the public | 784 | mpi_t params[MAX_PRIV_PARAMS_SIZE]; /* the size of params depends on the public |
785 | * key algorithm | 785 | * key algorithm |
786 | */ | 786 | */ |
787 | /* | 787 | /* |
788 | * RSA: [0] is modulus | 788 | * RSA: [0] is modulus |
diff --git a/src/daemon/internal.h b/src/daemon/internal.h index af6d05fe..a9b19d6b 100644 --- a/src/daemon/internal.h +++ b/src/daemon/internal.h | |||
@@ -50,8 +50,8 @@ | |||
50 | #include <pthread.h> | 50 | #include <pthread.h> |
51 | 51 | ||
52 | // TODO unify with other dec | 52 | // TODO unify with other dec |
53 | #define MAX(a,b) ((a)<(b)) ? (b) : (a) | 53 | #define MHD_MAX(a,b) ((a)<(b)) ? (b) : (a) |
54 | #define MIN(a,b) ((a)<(b)) ? (a) : (b) | 54 | #define MHD_MIN(a,b) ((a)<(b)) ? (a) : (b) |
55 | 55 | ||
56 | /** | 56 | /** |
57 | * Size by which MHD usually tries to increment read/write buffers. | 57 | * Size by which MHD usually tries to increment read/write buffers. |
@@ -533,6 +533,7 @@ struct MHD_Connection | |||
533 | unsigned int current_chunk_offset; | 533 | unsigned int current_chunk_offset; |
534 | 534 | ||
535 | /* handlers used for processing read, write & idle connection operations */ | 535 | /* handlers used for processing read, write & idle connection operations */ |
536 | /* TODO fix sig */ | ||
536 | int (*read_handler) (struct MHD_Connection * connection); | 537 | int (*read_handler) (struct MHD_Connection * connection); |
537 | 538 | ||
538 | int (*write_handler) (struct MHD_Connection * connection); | 539 | int (*write_handler) (struct MHD_Connection * connection); |
@@ -543,9 +544,9 @@ struct MHD_Connection | |||
543 | * function pointers to the appropriate send & receive funtions | 544 | * function pointers to the appropriate send & receive funtions |
544 | * according to whether this is a HTTPS / HTTP daemon | 545 | * according to whether this is a HTTPS / HTTP daemon |
545 | */ | 546 | */ |
546 | int (*recv_cls) (struct MHD_Connection * connection); | 547 | ssize_t (*recv_cls) (struct MHD_Connection * connection); |
547 | 548 | ||
548 | int (*send_cls) (struct MHD_Connection * connection); | 549 | ssize_t (*send_cls) (struct MHD_Connection * connection); |
549 | 550 | ||
550 | #if HTTPS_SUPPORT | 551 | #if HTTPS_SUPPORT |
551 | /* TODO rename as this might be an SSL connection */ | 552 | /* TODO rename as this might be an SSL connection */ |
@@ -626,7 +627,7 @@ struct MHD_Daemon | |||
626 | */ | 627 | */ |
627 | unsigned short port; | 628 | unsigned short port; |
628 | 629 | ||
629 | #ifdef HTTPS_SUPPORT | 630 | #if HTTPS_SUPPORT |
630 | /* server credintials */ | 631 | /* server credintials */ |
631 | gnutls_certificate_credentials_t x509_cret; | 632 | gnutls_certificate_credentials_t x509_cret; |
632 | 633 | ||
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h index f65b0aba..128df4d2 100644 --- a/src/include/microhttpd.h +++ b/src/include/microhttpd.h | |||
@@ -73,10 +73,6 @@ | |||
73 | #include "plibc.h" | 73 | #include "plibc.h" |
74 | #endif | 74 | #endif |
75 | 75 | ||
76 | #if HTTPS_SUPPORT | ||
77 | #include "gnutls.h" | ||
78 | #endif | ||
79 | |||
80 | #ifdef __cplusplus | 76 | #ifdef __cplusplus |
81 | extern "C" | 77 | extern "C" |
82 | { | 78 | { |
@@ -349,8 +345,8 @@ enum MHD_OPTION | |||
349 | */ | 345 | */ |
350 | MHD_OPTION_PER_IP_CONNECTION_LIMIT = 5, | 346 | MHD_OPTION_PER_IP_CONNECTION_LIMIT = 5, |
351 | 347 | ||
352 | #if HTTPS_SUPPORT | 348 | MHD_HTTPS_OPTION_START = 6, |
353 | // TODO rename | 349 | |
354 | /** | 350 | /** |
355 | * Filename for the private key (key.pem) to be used by the | 351 | * Filename for the private key (key.pem) to be used by the |
356 | * HTTPS daemon. This option should be followed by an | 352 | * HTTPS daemon. This option should be followed by an |
@@ -358,7 +354,7 @@ enum MHD_OPTION | |||
358 | * not be released until the application terminates. | 354 | * not be released until the application terminates. |
359 | * This should be used in conjunction with 'MHD_OPTION_HTTPS_CERT_PATH'. | 355 | * This should be used in conjunction with 'MHD_OPTION_HTTPS_CERT_PATH'. |
360 | */ | 356 | */ |
361 | MHD_OPTION_HTTPS_KEY_PATH = 6, | 357 | MHD_OPTION_HTTPS_KEY_PATH, |
362 | 358 | ||
363 | /** | 359 | /** |
364 | * Filename for the certificate (cert.pem) to be used by the | 360 | * Filename for the certificate (cert.pem) to be used by the |
@@ -367,7 +363,7 @@ enum MHD_OPTION | |||
367 | * not be released until the application terminates. | 363 | * not be released until the application terminates. |
368 | * This should be used in conjunction with 'MHD_OPTION_HTTPS_KEY_PATH'. | 364 | * This should be used in conjunction with 'MHD_OPTION_HTTPS_KEY_PATH'. |
369 | */ | 365 | */ |
370 | MHD_OPTION_HTTPS_CERT_PATH = 7, | 366 | MHD_OPTION_HTTPS_CERT_PATH, |
371 | 367 | ||
372 | /** | 368 | /** |
373 | * Memory pointer for the private key (key.pem) to be used by the | 369 | * Memory pointer for the private key (key.pem) to be used by the |
@@ -375,7 +371,7 @@ enum MHD_OPTION | |||
375 | * "const char*" argument. | 371 | * "const char*" argument. |
376 | * This should be used in conjunction with 'MHD_OPTION_HTTPS_MEM_CERT'. | 372 | * This should be used in conjunction with 'MHD_OPTION_HTTPS_MEM_CERT'. |
377 | */ | 373 | */ |
378 | MHD_OPTION_HTTPS_MEM_KEY = 8, | 374 | MHD_OPTION_HTTPS_MEM_KEY, |
379 | 375 | ||
380 | /** | 376 | /** |
381 | * Memory pointer for the certificate (cert.pem) to be used by the | 377 | * Memory pointer for the certificate (cert.pem) to be used by the |
@@ -383,8 +379,7 @@ enum MHD_OPTION | |||
383 | * "const char*" argument. | 379 | * "const char*" argument. |
384 | * This should be used in conjunction with 'MHD_OPTION_HTTPS_MEM_KEY'. | 380 | * This should be used in conjunction with 'MHD_OPTION_HTTPS_MEM_KEY'. |
385 | */ | 381 | */ |
386 | MHD_OPTION_HTTPS_MEM_CERT = 9, | 382 | MHD_OPTION_HTTPS_MEM_CERT, |
387 | |||
388 | 383 | ||
389 | /* | 384 | /* |
390 | * Memory pointer to a zero terminated int array representing the | 385 | * Memory pointer to a zero terminated int array representing the |
@@ -399,7 +394,8 @@ enum MHD_OPTION | |||
399 | * "const int *" argument. | 394 | * "const int *" argument. |
400 | */ | 395 | */ |
401 | MHDS_KX_PRIORITY, | 396 | MHDS_KX_PRIORITY, |
402 | #endif | 397 | |
398 | MHD_HTTPS_OPTION_END, | ||
403 | }; | 399 | }; |
404 | 400 | ||
405 | /** | 401 | /** |
@@ -746,20 +742,6 @@ MHD_get_connection_values (struct MHD_Connection *connection, | |||
746 | enum MHD_ValueKind kind, | 742 | enum MHD_ValueKind kind, |
747 | MHD_KeyValueIterator iterator, void *iterator_cls); | 743 | MHD_KeyValueIterator iterator, void *iterator_cls); |
748 | 744 | ||
749 | #if HTTPS_SUPPORT | ||
750 | /* get cipher spec for this connection */ | ||
751 | gnutls_cipher_algorithm_t MHDS_get_session_cipher (struct MHD_Connection * session ); | ||
752 | |||
753 | gnutls_kx_algorithm_t MHDS_get_session_kx (struct MHD_Connection * session ); | ||
754 | gnutls_mac_algorithm_t MHDS_get_session_mac (struct MHD_Connection * session ); | ||
755 | gnutls_compression_method_t MHDS_get_session_compression (struct MHD_Connection * session ); | ||
756 | gnutls_certificate_type_t MHDS_get_session_cert_type (struct MHD_Connection * session ); | ||
757 | |||
758 | //TODO impl | ||
759 | size_t MHDS_get_key_size (struct MHD_Daemon * daemon, gnutls_cipher_algorithm_t algorithm); | ||
760 | size_t MHDS_get_mac_key_size (struct MHD_Daemon * daemon, gnutls_mac_algorithm_t algorithm); | ||
761 | #endif | ||
762 | |||
763 | /** | 745 | /** |
764 | * Get a particular header value. If multiple | 746 | * Get a particular header value. If multiple |
765 | * values match the kind, return any one of them. | 747 | * values match the kind, return any one of them. |
diff --git a/src/include/microhttpsd.h b/src/include/microhttpsd.h new file mode 100644 index 00000000..1586c32a --- /dev/null +++ b/src/include/microhttpsd.h | |||
@@ -0,0 +1,139 @@ | |||
1 | /* | ||
2 | This file is part of libmicrohttpd | ||
3 | (C) 2006, 2007, 2008 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | This library is free software; you can redistribute it and/or | ||
6 | modify it under the terms of the GNU Lesser General Public | ||
7 | License as published by the Free Software Foundation; either | ||
8 | version 2.1 of the License, or (at your option) any later version. | ||
9 | |||
10 | This library is distributed in the hope that it will be useful, | ||
11 | but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Lesser General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Lesser General Public | ||
16 | License along with this library; if not, write to the Free Software | ||
17 | Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA | ||
18 | */ | ||
19 | |||
20 | /** | ||
21 | * @file microhttpsd.h | ||
22 | * @brief public interface to libmicrohttpd | ||
23 | * @author Sagie Amir | ||
24 | * | ||
25 | */ | ||
26 | |||
27 | #ifndef MHD_MICROHTTPSD_H | ||
28 | #define MHD_MICROHTTPSD_H | ||
29 | |||
30 | #include "microhttpd.h" | ||
31 | |||
32 | typedef enum gnutls_cipher_algorithm | ||
33 | { | ||
34 | GNUTLS_CIPHER_UNKNOWN = 0, | ||
35 | GNUTLS_CIPHER_NULL = 1, | ||
36 | GNUTLS_CIPHER_ARCFOUR_128, | ||
37 | GNUTLS_CIPHER_3DES_CBC, | ||
38 | GNUTLS_CIPHER_AES_128_CBC, | ||
39 | GNUTLS_CIPHER_AES_256_CBC, | ||
40 | GNUTLS_CIPHER_ARCFOUR_40, | ||
41 | GNUTLS_CIPHER_CAMELLIA_128_CBC, | ||
42 | GNUTLS_CIPHER_CAMELLIA_256_CBC, | ||
43 | GNUTLS_CIPHER_RC2_40_CBC = 90, | ||
44 | GNUTLS_CIPHER_DES_CBC | ||
45 | } gnutls_cipher_algorithm_t; | ||
46 | |||
47 | typedef enum | ||
48 | { | ||
49 | GNUTLS_KX_UNKNOWN = 0, | ||
50 | GNUTLS_KX_RSA = 1, | ||
51 | GNUTLS_KX_DHE_DSS, | ||
52 | GNUTLS_KX_DHE_RSA, | ||
53 | GNUTLS_KX_ANON_DH, | ||
54 | GNUTLS_KX_SRP, | ||
55 | GNUTLS_KX_RSA_EXPORT, | ||
56 | GNUTLS_KX_SRP_RSA, | ||
57 | GNUTLS_KX_SRP_DSS, | ||
58 | } gnutls_kx_algorithm_t; | ||
59 | |||
60 | typedef enum | ||
61 | { | ||
62 | GNUTLS_CRD_CERTIFICATE = 1, | ||
63 | GNUTLS_CRD_ANON, | ||
64 | GNUTLS_CRD_SRP, | ||
65 | GNUTLS_CRD_PSK, | ||
66 | GNUTLS_CRD_IA | ||
67 | } gnutls_credentials_type_t; | ||
68 | |||
69 | typedef enum | ||
70 | { | ||
71 | GNUTLS_MAC_UNKNOWN = 0, | ||
72 | GNUTLS_MAC_NULL = 1, | ||
73 | GNUTLS_MAC_MD5, | ||
74 | GNUTLS_MAC_SHA1, | ||
75 | GNUTLS_MAC_SHA256, | ||
76 | //GNUTLS_MAC_SHA384, | ||
77 | //GNUTLS_MAC_SHA512 | ||
78 | } gnutls_mac_algorithm_t; | ||
79 | |||
80 | /* The enumerations here should have the same value with | ||
81 | gnutls_mac_algorithm_t. | ||
82 | */ | ||
83 | typedef enum | ||
84 | { | ||
85 | GNUTLS_DIG_NULL = GNUTLS_MAC_NULL, | ||
86 | GNUTLS_DIG_MD5 = GNUTLS_MAC_MD5, | ||
87 | GNUTLS_DIG_SHA1 = GNUTLS_MAC_SHA1, | ||
88 | GNUTLS_DIG_SHA256 = GNUTLS_MAC_SHA256, | ||
89 | } gnutls_digest_algorithm_t; | ||
90 | |||
91 | |||
92 | typedef enum | ||
93 | { | ||
94 | GNUTLS_COMP_UNKNOWN = 0, | ||
95 | GNUTLS_COMP_NULL = 1, | ||
96 | GNUTLS_COMP_DEFLATE, | ||
97 | GNUTLS_COMP_LZO /* only available if gnutls-extra has | ||
98 | been initialized | ||
99 | */ | ||
100 | } gnutls_compression_method_t; | ||
101 | |||
102 | #define GNUTLS_TLS1 GNUTLS_TLS1_0 | ||
103 | typedef enum | ||
104 | { | ||
105 | GNUTLS_SSL3 = 1, | ||
106 | GNUTLS_TLS1_0, | ||
107 | GNUTLS_TLS1_1, | ||
108 | GNUTLS_TLS1_2, | ||
109 | GNUTLS_VERSION_UNKNOWN = 0xff | ||
110 | } gnutls_protocol_t; | ||
111 | |||
112 | typedef enum | ||
113 | { | ||
114 | GNUTLS_CRT_UNKNOWN = 0, | ||
115 | GNUTLS_CRT_X509 = 1, | ||
116 | GNUTLS_CRT_OPENPGP | ||
117 | } gnutls_certificate_type_t; | ||
118 | |||
119 | typedef enum | ||
120 | { | ||
121 | GNUTLS_PK_UNKNOWN = 0, | ||
122 | GNUTLS_PK_RSA = 1, | ||
123 | //GNUTLS_PK_DSA | ||
124 | } gnutls_pk_algorithm_t; | ||
125 | |||
126 | /* get cipher spec for this connection */ | ||
127 | gnutls_cipher_algorithm_t MHDS_get_session_cipher (struct MHD_Connection * session ); | ||
128 | |||
129 | gnutls_kx_algorithm_t MHDS_get_session_kx (struct MHD_Connection * session ); | ||
130 | gnutls_mac_algorithm_t MHDS_get_session_mac (struct MHD_Connection * session ); | ||
131 | gnutls_compression_method_t MHDS_get_session_compression (struct MHD_Connection * session ); | ||
132 | gnutls_certificate_type_t MHDS_get_session_cert_type (struct MHD_Connection * session ); | ||
133 | |||
134 | //TODO impl | ||
135 | size_t MHDS_get_key_size (struct MHD_Daemon * daemon, gnutls_cipher_algorithm_t algorithm); | ||
136 | size_t MHDS_get_mac_key_size (struct MHD_Daemon * daemon, gnutls_mac_algorithm_t algorithm); | ||
137 | |||
138 | #endif | ||
139 | |||
diff --git a/src/testcurl/https/Makefile.am b/src/testcurl/https/Makefile.am index 4dab41dc..cfa51a56 100644 --- a/src/testcurl/https/Makefile.am +++ b/src/testcurl/https/Makefile.am | |||
@@ -1,24 +1,31 @@ | |||
1 | SUBDIRS = . | 1 | SUBDIRS = . |
2 | 2 | ||
3 | AM_CPPFLAGS = \ | 3 | AM_CPPFLAGS = \ |
4 | -I$(top_srcdir)/src/include \ | ||
4 | -I$(top_srcdir)/src/daemon/https/includes \ | 5 | -I$(top_srcdir)/src/daemon/https/includes \ |
5 | -I$(top_srcdir)/src/daemon \ | 6 | -I$(top_srcdir)/src/daemon |
6 | -I$(top_srcdir)/src/include | 7 | |
7 | 8 | ||
8 | check_PROGRAMS = \ | 9 | check_PROGRAMS = \ |
9 | daemon_https_test_get \ | 10 | mhds_get_test \ |
10 | mhds_test_session_info | 11 | mhds_session_info_test |
11 | 12 | ||
12 | TESTS = $(check_PROGRAMS) | 13 | TESTS = $(check_PROGRAMS) |
13 | 14 | ||
14 | daemon_https_test_get_SOURCES = \ | 15 | mhds_get_test_SOURCES = \ |
15 | daemon_https_test_get.c | 16 | mhds_get_test.c |
16 | daemon_https_test_get_LDADD = \ | 17 | mhds_get_test_LDADD = \ |
17 | $(top_builddir)/src/daemon/libmicrohttpd.la \ | 18 | $(top_builddir)/src/daemon/libmicrohttpd.la \ |
18 | @LIBCURL@ | 19 | @LIBCURL@ |
19 | 20 | ||
20 | mhds_test_session_info_SOURCES = \ | 21 | mhds_session_info_test_SOURCES = \ |
21 | mhds_test_session_info.c | 22 | mhds_session_info_test.c |
22 | mhds_test_session_info_LDADD = \ | 23 | mhds_session_info_test_LDADD = \ |
23 | $(top_builddir)/src/daemon/libmicrohttpd.la \ | 24 | $(top_builddir)/src/daemon/libmicrohttpd.la \ |
24 | @LIBCURL@ | 25 | @LIBCURL@ |
26 | |||
27 | mhds_multi_daemon_test_SOURCES = \ | ||
28 | mhds_multi_daemon_test.c | ||
29 | mhds_multi_daemon_test_LDADD = \ | ||
30 | $(top_builddir)/src/daemon/libmicrohttpd.la \ | ||
31 | @LIBCURL@ | ||
diff --git a/src/testcurl/https/daemon_https_test_get.c b/src/testcurl/https/mhds_multi_daemon_test.c index 981fc705..0652201c 100644 --- a/src/testcurl/https/daemon_https_test_get.c +++ b/src/testcurl/https/mhds_multi_daemon_test.c | |||
@@ -19,14 +19,14 @@ | |||
19 | */ | 19 | */ |
20 | 20 | ||
21 | /** | 21 | /** |
22 | * @file daemon_HTTPS_test_get.c | 22 | * @file mhds_multi_daemon_test.c |
23 | * @brief Testcase for libmicrohttpd GET operations | 23 | * @brief Testcase for libmicrohttpd GET operations |
24 | * @author Sagie Amir | 24 | * @author Sagie Amir |
25 | */ | 25 | */ |
26 | 26 | ||
27 | #include "config.h" | 27 | #include "config.h" |
28 | #include "plibc.h" | 28 | #include "plibc.h" |
29 | #include "microhttpd.h" | 29 | #include "microhttpsd.h" |
30 | #include <errno.h> | 30 | #include <errno.h> |
31 | 31 | ||
32 | #include <curl/curl.h> | 32 | #include <curl/curl.h> |
@@ -134,7 +134,6 @@ http_ahc (void *cls, struct MHD_Connection *connection, | |||
134 | const char *version, unsigned int *upload_data_size, void **ptr) | 134 | const char *version, unsigned int *upload_data_size, void **ptr) |
135 | { | 135 | { |
136 | static int aptr; | 136 | static int aptr; |
137 | static char full_url[MAX_URL_LEN]; | ||
138 | struct MHD_Response *response; | 137 | struct MHD_Response *response; |
139 | int ret; | 138 | int ret; |
140 | FILE *file; | 139 | FILE *file; |
@@ -178,7 +177,8 @@ http_ahc (void *cls, struct MHD_Connection *connection, | |||
178 | * @param test_fd: file to attempt transfering | 177 | * @param test_fd: file to attempt transfering |
179 | */ | 178 | */ |
180 | static int | 179 | static int |
181 | test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | 180 | test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version, |
181 | int port) | ||
182 | { | 182 | { |
183 | CURL *c; | 183 | CURL *c; |
184 | struct CBC cbc; | 184 | struct CBC cbc; |
@@ -215,11 +215,11 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
215 | cbc.pos = 0; | 215 | cbc.pos = 0; |
216 | 216 | ||
217 | /* construct url - this might use doc_path */ | 217 | /* construct url - this might use doc_path */ |
218 | sprintf (url, "%s%s/%s", "https://localhost:42433", | 218 | sprintf (url, "%s:%d%s/%s", "https://localhost", port, doc_path, |
219 | doc_path, test_file_name); | 219 | test_file_name); |
220 | 220 | ||
221 | c = curl_easy_init (); | 221 | c = curl_easy_init (); |
222 | // curl_easy_setopt (c, CURLOPT_VERBOSE, 1); | 222 | curl_easy_setopt (c, CURLOPT_VERBOSE, 1); |
223 | curl_easy_setopt (c, CURLOPT_URL, url); | 223 | curl_easy_setopt (c, CURLOPT_URL, url); |
224 | curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); | 224 | curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); |
225 | curl_easy_setopt (c, CURLOPT_TIMEOUT, 10L); | 225 | curl_easy_setopt (c, CURLOPT_TIMEOUT, 10L); |
@@ -260,80 +260,51 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
260 | return 0; | 260 | return 0; |
261 | } | 261 | } |
262 | 262 | ||
263 | /* perform a HTTP GET request via SSL/TLS */ | 263 | /* |
264 | * assert initiating two separate daemons and having one shut down | ||
265 | * doesn't affect the other | ||
266 | */ | ||
264 | int | 267 | int |
265 | test_secure_get (FILE * test_fd, char *cipher_suite, int proto_version) | 268 | test_concurent_daemon_pair (FILE * test_fd, char *cipher_suite, |
269 | int proto_version) | ||
266 | { | 270 | { |
267 | 271 | ||
268 | int ret; | 272 | int ret; |
269 | struct MHD_Daemon *d; | 273 | struct MHD_Daemon *d1; |
270 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | 274 | struct MHD_Daemon *d2; |
271 | MHD_USE_DEBUG, 42433, | 275 | d1 = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | |
272 | NULL, NULL, &http_ahc, NULL, | 276 | MHD_USE_DEBUG, 42433, |
273 | MHD_OPTION_HTTPS_MEM_KEY, key_pem, | 277 | NULL, NULL, &http_ahc, NULL, |
274 | MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END); | 278 | MHD_OPTION_HTTPS_MEM_KEY, key_pem, |
275 | 279 | MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END); | |
276 | if (d == NULL) | 280 | |
281 | if (d1 == NULL) | ||
277 | { | 282 | { |
278 | fprintf (stderr, MHD_E_SERVER_INIT); | 283 | fprintf (stderr, MHD_E_SERVER_INIT); |
279 | return -1; | 284 | return -1; |
280 | } | 285 | } |
281 | 286 | ||
282 | ret = test_daemon_get (test_fd, cipher_suite, proto_version); | 287 | d2 = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | |
283 | MHD_stop_daemon (d); | 288 | MHD_USE_DEBUG, 42434, |
284 | return ret; | 289 | NULL, NULL, &http_ahc, NULL, |
285 | } | 290 | MHD_OPTION_HTTPS_MEM_KEY, key_pem, |
286 | 291 | MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END); | |
287 | /* test server works with key & certificate files */ | ||
288 | int | ||
289 | test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version) | ||
290 | { | ||
291 | int ret; | ||
292 | struct MHD_Daemon *d; | ||
293 | FILE *cert_fd, *key_fd; | ||
294 | char cert_path[255], key_path[255]; | ||
295 | |||
296 | sprintf (cert_path, "%s/%s", get_current_dir_name (), "cert.pem"); | ||
297 | sprintf (key_path, "%s/%s", get_current_dir_name (), "key.pem"); | ||
298 | |||
299 | if (NULL == (key_fd = fopen (key_path, "w+"))) | ||
300 | { | ||
301 | fprintf (stderr, MHD_E_KEY_FILE_CREAT); | ||
302 | return -1; | ||
303 | } | ||
304 | if (NULL == (cert_fd = fopen (cert_path, "w+"))) | ||
305 | { | ||
306 | fprintf (stderr, MHD_E_CERT_FILE_CREAT); | ||
307 | return -1; | ||
308 | } | ||
309 | |||
310 | fwrite (key_pem, strlen (key_pem), sizeof (char), key_fd); | ||
311 | fwrite (cert_pem, strlen (cert_pem), sizeof (char), cert_fd); | ||
312 | fclose (key_fd); | ||
313 | fclose (cert_fd); | ||
314 | |||
315 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | ||
316 | MHD_USE_DEBUG, 42433, | ||
317 | NULL, NULL, &http_ahc, NULL, | ||
318 | MHD_OPTION_HTTPS_KEY_PATH, key_path, | ||
319 | MHD_OPTION_HTTPS_CERT_PATH, cert_path, | ||
320 | MHD_OPTION_END); | ||
321 | 292 | ||
322 | if (d == NULL) | 293 | if (d2 == NULL) |
323 | { | 294 | { |
324 | fprintf (stderr, MHD_E_SERVER_INIT); | 295 | fprintf (stderr, MHD_E_SERVER_INIT); |
325 | return -1; | 296 | return -1; |
326 | } | 297 | } |
327 | 298 | ||
328 | ret = test_daemon_get (test_fd, cipher_suite, proto_version); | 299 | ret += test_daemon_get (test_fd, cipher_suite, proto_version, 42433); |
329 | MHD_stop_daemon (d); | 300 | ret += test_daemon_get (test_fd, cipher_suite, proto_version, 42434); |
330 | 301 | ||
331 | remove (cert_path); | 302 | MHD_stop_daemon (d2); |
332 | remove (key_path); | 303 | ret += test_daemon_get (test_fd, cipher_suite, proto_version, 42433); |
304 | MHD_stop_daemon (d1); | ||
333 | return ret; | 305 | return ret; |
334 | } | 306 | } |
335 | 307 | ||
336 | /* setup a temporary transfer test file */ | ||
337 | FILE * | 308 | FILE * |
338 | setupTestFile () | 309 | setupTestFile () |
339 | { | 310 | { |
@@ -383,11 +354,7 @@ main (int argc, char *const *argv) | |||
383 | } | 354 | } |
384 | 355 | ||
385 | errorCount += | 356 | errorCount += |
386 | test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1); | 357 | test_concurent_daemon_pair (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1); |
387 | errorCount += | ||
388 | test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_SSLv3); | ||
389 | errorCount += | ||
390 | test_file_certificates (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1); | ||
391 | 358 | ||
392 | if (errorCount != 0) | 359 | if (errorCount != 0) |
393 | fprintf (stderr, "Error (code: %u)\n", errorCount); | 360 | fprintf (stderr, "Error (code: %u)\n", errorCount); |
diff --git a/src/testcurl/https/mhds_test_session_info.c b/src/testcurl/https/mhds_test_session_info.c deleted file mode 100644 index 35266a19..00000000 --- a/src/testcurl/https/mhds_test_session_info.c +++ /dev/null | |||
@@ -1,238 +0,0 @@ | |||
1 | /* | ||
2 | This file is part of libmicrohttpd | ||
3 | (C) 2007 Christian Grothoff | ||
4 | |||
5 | libmicrohttpd is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 2, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | libmicrohttpd is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with libmicrohttpd; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file mhds_test_session_info.c | ||
23 | * @brief Testcase for libmicrohttpd GET operations | ||
24 | * @author Sagie Amir | ||
25 | */ | ||
26 | |||
27 | #include "config.h" | ||
28 | #include "plibc.h" | ||
29 | #include "microhttpd.h" | ||
30 | #include <errno.h> | ||
31 | |||
32 | #include <curl/curl.h> | ||
33 | #include <stdlib.h> | ||
34 | #include <string.h> | ||
35 | #include <time.h> | ||
36 | #include <fcntl.h> | ||
37 | #include <unistd.h> | ||
38 | |||
39 | #define BUF_SIZE 1024 | ||
40 | #define MAX_URL_LEN 255 | ||
41 | |||
42 | #define EMPTY_PAGE "<html><head><title>Empty page</title></head><body>Empty page</body></html>" | ||
43 | |||
44 | /* Test Certificate */ | ||
45 | const char cert_pem[] = | ||
46 | "-----BEGIN CERTIFICATE-----\n" | ||
47 | "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n" | ||
48 | "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n" | ||
49 | "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n" | ||
50 | "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n" | ||
51 | "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n" | ||
52 | "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n" | ||
53 | "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n" | ||
54 | "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n" | ||
55 | "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n" | ||
56 | "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n" | ||
57 | "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n" | ||
58 | "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n" | ||
59 | "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n" | ||
60 | "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n" | ||
61 | "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n"; | ||
62 | |||
63 | const char key_pem[] = | ||
64 | "-----BEGIN RSA PRIVATE KEY-----\n" | ||
65 | "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n" | ||
66 | "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n" | ||
67 | "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n" | ||
68 | "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n" | ||
69 | "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n" | ||
70 | "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n" | ||
71 | "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n" | ||
72 | "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n" | ||
73 | "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n" | ||
74 | "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n" | ||
75 | "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n" | ||
76 | "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n" | ||
77 | "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n" | ||
78 | "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n" | ||
79 | "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n" | ||
80 | "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n" | ||
81 | "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n" | ||
82 | "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n" | ||
83 | "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n" | ||
84 | "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n" | ||
85 | "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n" | ||
86 | "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n" | ||
87 | "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n" | ||
88 | "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n" | ||
89 | "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n" | ||
90 | "-----END RSA PRIVATE KEY-----\n"; | ||
91 | |||
92 | struct MHD_Daemon *d; | ||
93 | |||
94 | struct CBC | ||
95 | { | ||
96 | char *buf; | ||
97 | size_t pos; | ||
98 | size_t size; | ||
99 | }; | ||
100 | |||
101 | static size_t | ||
102 | copyBuffer (void *ptr, size_t size, size_t nmemb, void *ctx) | ||
103 | { | ||
104 | struct CBC *cbc = ctx; | ||
105 | |||
106 | if (cbc->pos + size * nmemb > cbc->size) | ||
107 | return 0; /* overflow */ | ||
108 | memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb); | ||
109 | cbc->pos += size * nmemb; | ||
110 | return size * nmemb; | ||
111 | } | ||
112 | |||
113 | /* HTTP access handler call back */ | ||
114 | static int | ||
115 | query_session_ahc (void *cls, struct MHD_Connection *connection, | ||
116 | const char *url, const char *method, | ||
117 | const char *upload_data, const char *version, | ||
118 | unsigned int *upload_data_size, void **ptr) | ||
119 | { | ||
120 | struct MHD_Response *response; | ||
121 | int ret; | ||
122 | |||
123 | /* assert actual connection cipher is the one negotiated */ | ||
124 | if (MHDS_get_session_cipher (connection) != GNUTLS_CIPHER_AES_256_CBC) | ||
125 | { | ||
126 | fprintf (stderr, "Error: requested cipher mismatch. %s\n", | ||
127 | strerror (errno)); | ||
128 | return -1; | ||
129 | } | ||
130 | |||
131 | // TODO should these be hard coded into the server ? | ||
132 | if (MHDS_get_session_mac (connection) != GNUTLS_MAC_SHA1) | ||
133 | { | ||
134 | fprintf (stderr, "Error: requested mac algorithm mismatch. %s\n", | ||
135 | strerror (errno)); | ||
136 | return -1; | ||
137 | } | ||
138 | if (MHDS_get_session_compression (connection) != GNUTLS_COMP_NULL) | ||
139 | { | ||
140 | fprintf (stderr, "Error: requested compression mismatch. %s\n", | ||
141 | strerror (errno)); | ||
142 | return -1; | ||
143 | } | ||
144 | if (MHDS_get_session_cert_type (connection) != GNUTLS_CRT_X509) | ||
145 | { | ||
146 | fprintf (stderr, "Error: requested certificate mismatch. %s\n", | ||
147 | strerror (errno)); | ||
148 | return -1; | ||
149 | } | ||
150 | |||
151 | response = MHD_create_response_from_data (strlen (EMPTY_PAGE), | ||
152 | (void *) EMPTY_PAGE, | ||
153 | MHD_NO, MHD_NO); | ||
154 | ret = MHD_queue_response (connection, MHD_HTTP_OK, response); | ||
155 | MHD_destroy_response (response); | ||
156 | return ret; | ||
157 | } | ||
158 | |||
159 | static int | ||
160 | test_query_session () | ||
161 | { | ||
162 | |||
163 | CURL *c; | ||
164 | struct CBC cbc; | ||
165 | CURLcode errornum; | ||
166 | char url[] = "https://localhost:42433/"; | ||
167 | |||
168 | if (NULL == (cbc.buf = malloc (sizeof (char) * 255))) | ||
169 | return 16; | ||
170 | cbc.size = 255; | ||
171 | cbc.pos = 0; | ||
172 | |||
173 | /* setup test */ | ||
174 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | ||
175 | MHD_USE_DEBUG, 42433, | ||
176 | NULL, NULL, &query_session_ahc, NULL, | ||
177 | MHD_OPTION_HTTPS_MEM_KEY, key_pem, | ||
178 | MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END); | ||
179 | |||
180 | if (d == NULL) | ||
181 | return 2; | ||
182 | |||
183 | c = curl_easy_init (); | ||
184 | //curl_easy_setopt (c, CURLOPT_VERBOSE, 1); | ||
185 | curl_easy_setopt (c, CURLOPT_URL, url); | ||
186 | curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1); | ||
187 | curl_easy_setopt (c, CURLOPT_TIMEOUT, 10L); | ||
188 | curl_easy_setopt (c, CURLOPT_CONNECTTIMEOUT, 10L); | ||
189 | curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer); | ||
190 | curl_easy_setopt (c, CURLOPT_FILE, &cbc); | ||
191 | /* TLS options */ | ||
192 | curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3); | ||
193 | curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, "AES256-SHA"); | ||
194 | /* currently skip any peer authentication */ | ||
195 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0); | ||
196 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0); | ||
197 | |||
198 | curl_easy_setopt (c, CURLOPT_FAILONERROR, 1); | ||
199 | |||
200 | // NOTE: use of CONNECTTIMEOUT without also | ||
201 | // setting NOSIGNAL results in really weird | ||
202 | // crashes on my system! | ||
203 | curl_easy_setopt (c, CURLOPT_NOSIGNAL, 1); | ||
204 | if (CURLE_OK != (errornum = curl_easy_perform (c))) | ||
205 | { | ||
206 | fprintf (stderr, "curl_easy_perform failed: `%s'\n", | ||
207 | curl_easy_strerror (errornum)); | ||
208 | curl_easy_cleanup (c); | ||
209 | MHD_stop_daemon (d); | ||
210 | return 4; | ||
211 | } | ||
212 | |||
213 | curl_easy_cleanup (c); | ||
214 | MHD_stop_daemon (d); | ||
215 | |||
216 | return 0; | ||
217 | } | ||
218 | |||
219 | int | ||
220 | main (int argc, char *const *argv) | ||
221 | { | ||
222 | FILE *test_fd; | ||
223 | unsigned int errorCount = 0; | ||
224 | |||
225 | if (0 != curl_global_init (CURL_GLOBAL_ALL)) | ||
226 | { | ||
227 | fprintf (stderr, "Error (code: %u)\n", errorCount); | ||
228 | return 8; | ||
229 | } | ||
230 | |||
231 | errorCount += test_query_session (test_fd); | ||
232 | if (errorCount != 0) | ||
233 | fprintf (stderr, "Error (code: %u)\n", errorCount); | ||
234 | |||
235 | curl_global_cleanup (); | ||
236 | |||
237 | return errorCount != 0; | ||
238 | } | ||