diff options
Diffstat (limited to 'src/daemon/https/tls/gnutls_handshake.c')
-rw-r--r-- | src/daemon/https/tls/gnutls_handshake.c | 130 |
1 files changed, 3 insertions, 127 deletions
diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c index 52473c27..601ce84a 100644 --- a/src/daemon/https/tls/gnutls_handshake.c +++ b/src/daemon/https/tls/gnutls_handshake.c | |||
@@ -2223,16 +2223,12 @@ MHD_gnutls_handshake (mhd_gtls_session_t session) | |||
2223 | gnutls_assert (); | 2223 | gnutls_assert (); |
2224 | return ret; | 2224 | return ret; |
2225 | } | 2225 | } |
2226 | #if MHD_DEBUG_TLS | ||
2227 | if (session->security_parameters.entity == GNUTLS_CLIENT) | 2226 | if (session->security_parameters.entity == GNUTLS_CLIENT) |
2228 | { | 2227 | { |
2229 | ret = mhd_gtls_handshake_client (session); | 2228 | gnutls_assert (); |
2230 | } | 2229 | return GNUTLS_E_UNIMPLEMENTED_FEATURE; |
2231 | else | ||
2232 | #endif | ||
2233 | { | ||
2234 | ret = mhd_gtls_handshake_server (session); | ||
2235 | } | 2230 | } |
2231 | ret = mhd_gtls_handshake_server (session); | ||
2236 | if (ret < 0) | 2232 | if (ret < 0) |
2237 | { | 2233 | { |
2238 | /* In the case of a rehandshake abort | 2234 | /* In the case of a rehandshake abort |
@@ -2273,126 +2269,6 @@ MHD_gnutls_handshake (mhd_gtls_session_t session) | |||
2273 | 2269 | ||
2274 | 2270 | ||
2275 | 2271 | ||
2276 | /* | ||
2277 | * mhd_gtls_handshake_client | ||
2278 | * This function performs the client side of the handshake of the TLS/SSL protocol. | ||
2279 | */ | ||
2280 | int | ||
2281 | mhd_gtls_handshake_client (mhd_gtls_session_t session) | ||
2282 | { | ||
2283 | int ret = 0; | ||
2284 | |||
2285 | #ifdef HANDSHAKE_DEBUG | ||
2286 | char buf[64]; | ||
2287 | |||
2288 | if (session->internals.resumed_security_parameters.session_id_size > 0) | ||
2289 | _gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session, | ||
2290 | mhd_gtls_bin2hex (session->internals. | ||
2291 | resumed_security_parameters. | ||
2292 | session_id, | ||
2293 | session->internals. | ||
2294 | resumed_security_parameters. | ||
2295 | session_id_size, buf, | ||
2296 | sizeof (buf))); | ||
2297 | #endif | ||
2298 | |||
2299 | switch (STATE) | ||
2300 | { | ||
2301 | case STATE0: | ||
2302 | case STATE1: | ||
2303 | ret = mhd_gtls_send_hello (session, AGAIN (STATE1)); | ||
2304 | STATE = STATE1; | ||
2305 | IMED_RET ("send hello", ret); | ||
2306 | |||
2307 | case STATE2: | ||
2308 | /* receive the server hello */ | ||
2309 | ret = | ||
2310 | mhd_gtls_recv_handshake (session, NULL, NULL, | ||
2311 | GNUTLS_HANDSHAKE_SERVER_HELLO, | ||
2312 | MANDATORY_PACKET); | ||
2313 | STATE = STATE2; | ||
2314 | IMED_RET ("recv hello", ret); | ||
2315 | |||
2316 | case STATE70: | ||
2317 | if (session->security_parameters.extensions.do_recv_supplemental) | ||
2318 | { | ||
2319 | ret = _gnutls_recv_supplemental (session); | ||
2320 | STATE = STATE70; | ||
2321 | IMED_RET ("recv supplemental", ret); | ||
2322 | } | ||
2323 | |||
2324 | case STATE3: | ||
2325 | /* RECV CERTIFICATE */ | ||
2326 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2327 | ret = mhd_gtls_recv_server_certificate (session); | ||
2328 | STATE = STATE3; | ||
2329 | IMED_RET ("recv server certificate", ret); | ||
2330 | |||
2331 | case STATE4: | ||
2332 | /* receive the server key exchange */ | ||
2333 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2334 | ret = mhd_gtls_recv_server_kx_message (session); | ||
2335 | STATE = STATE4; | ||
2336 | IMED_RET ("recv server kx message", ret); | ||
2337 | |||
2338 | case STATE5: | ||
2339 | /* receive the server certificate request - if any | ||
2340 | */ | ||
2341 | |||
2342 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2343 | ret = mhd_gtls_recv_server_certificate_request (session); | ||
2344 | STATE = STATE5; | ||
2345 | IMED_RET ("recv server certificate request message", ret); | ||
2346 | |||
2347 | case STATE6: | ||
2348 | /* receive the server hello done */ | ||
2349 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2350 | ret = | ||
2351 | mhd_gtls_recv_handshake (session, NULL, NULL, | ||
2352 | GNUTLS_HANDSHAKE_SERVER_HELLO_DONE, | ||
2353 | MANDATORY_PACKET); | ||
2354 | STATE = STATE6; | ||
2355 | IMED_RET ("recv server hello done", ret); | ||
2356 | |||
2357 | case STATE71: | ||
2358 | if (session->security_parameters.extensions.do_send_supplemental) | ||
2359 | { | ||
2360 | ret = _gnutls_send_supplemental (session, AGAIN (STATE71)); | ||
2361 | STATE = STATE71; | ||
2362 | IMED_RET ("send supplemental", ret); | ||
2363 | } | ||
2364 | |||
2365 | case STATE7: | ||
2366 | /* send our certificate - if any and if requested | ||
2367 | */ | ||
2368 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2369 | ret = mhd_gtls_send_client_certificate (session, AGAIN (STATE7)); | ||
2370 | STATE = STATE7; | ||
2371 | IMED_RET ("send client certificate", ret); | ||
2372 | |||
2373 | case STATE8: | ||
2374 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2375 | ret = mhd_gtls_send_client_kx_message (session, AGAIN (STATE8)); | ||
2376 | STATE = STATE8; | ||
2377 | IMED_RET ("send client kx", ret); | ||
2378 | |||
2379 | case STATE9: | ||
2380 | /* send client certificate verify */ | ||
2381 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | ||
2382 | ret = | ||
2383 | mhd_gtls_send_client_certificate_verify (session, AGAIN (STATE9)); | ||
2384 | STATE = STATE9; | ||
2385 | IMED_RET ("send client certificate verify", ret); | ||
2386 | |||
2387 | STATE = STATE0; | ||
2388 | default: | ||
2389 | break; | ||
2390 | } | ||
2391 | |||
2392 | |||
2393 | return 0; | ||
2394 | } | ||
2395 | |||
2396 | /* This function sends the final handshake packets and initializes connection | 2272 | /* This function sends the final handshake packets and initializes connection |
2397 | */ | 2273 | */ |
2398 | static int | 2274 | static int |