diff options
Diffstat (limited to 'src/daemon/https/tls/gnutls_kx.c')
| -rw-r--r-- | src/daemon/https/tls/gnutls_kx.c | 228 |
1 files changed, 114 insertions, 114 deletions
diff --git a/src/daemon/https/tls/gnutls_kx.c b/src/daemon/https/tls/gnutls_kx.c index 45717b4f..5f0966f8 100644 --- a/src/daemon/https/tls/gnutls_kx.c +++ b/src/daemon/https/tls/gnutls_kx.c | |||
| @@ -23,7 +23,7 @@ | |||
| 23 | */ | 23 | */ |
| 24 | 24 | ||
| 25 | /* This file contains functions which are wrappers for the key exchange | 25 | /* This file contains functions which are wrappers for the key exchange |
| 26 | * part of TLS. They are called by the handshake functions (MHD_gnutls_handshake) | 26 | * part of TLS. They are called by the handshake functions (MHD__gnutls_handshake) |
| 27 | */ | 27 | */ |
| 28 | 28 | ||
| 29 | #include "gnutls_int.h" | 29 | #include "gnutls_int.h" |
| @@ -42,10 +42,10 @@ | |||
| 42 | */ | 42 | */ |
| 43 | 43 | ||
| 44 | #define MASTER_SECRET "master secret" | 44 | #define MASTER_SECRET "master secret" |
| 45 | static int generate_normal_master (mhd_gtls_session_t session, int); | 45 | static int generate_normal_master (MHD_gtls_session_t session, int); |
| 46 | 46 | ||
| 47 | int | 47 | int |
| 48 | mhd_gtls_generate_master (mhd_gtls_session_t session, int keep_premaster) | 48 | MHD_gtls_generate_master (MHD_gtls_session_t session, int keep_premaster) |
| 49 | { | 49 | { |
| 50 | if (session->internals.resumed == RESUME_FALSE) | 50 | if (session->internals.resumed == RESUME_FALSE) |
| 51 | return generate_normal_master (session, keep_premaster); | 51 | return generate_normal_master (session, keep_premaster); |
| @@ -56,22 +56,22 @@ mhd_gtls_generate_master (mhd_gtls_session_t session, int keep_premaster) | |||
| 56 | */ | 56 | */ |
| 57 | #define PREMASTER session->key->key | 57 | #define PREMASTER session->key->key |
| 58 | static int | 58 | static int |
| 59 | generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | 59 | generate_normal_master (MHD_gtls_session_t session, int keep_premaster) |
| 60 | { | 60 | { |
| 61 | int ret = 0; | 61 | int ret = 0; |
| 62 | char buf[512]; | 62 | char buf[512]; |
| 63 | 63 | ||
| 64 | _gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size, | 64 | MHD__gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size, |
| 65 | mhd_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf, | 65 | MHD_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf, |
| 66 | sizeof (buf))); | 66 | sizeof (buf))); |
| 67 | _gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, | 67 | MHD__gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, |
| 68 | mhd_gtls_bin2hex (session->security_parameters. | 68 | MHD_gtls_bin2hex (session->security_parameters. |
| 69 | client_random, 32, buf, sizeof (buf))); | 69 | client_random, 32, buf, sizeof (buf))); |
| 70 | _gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, | 70 | MHD__gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, |
| 71 | mhd_gtls_bin2hex (session->security_parameters. | 71 | MHD_gtls_bin2hex (session->security_parameters. |
| 72 | server_random, 32, buf, sizeof (buf))); | 72 | server_random, 32, buf, sizeof (buf))); |
| 73 | 73 | ||
| 74 | if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) | 74 | if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) |
| 75 | { | 75 | { |
| 76 | opaque rnd[2 * TLS_RANDOM_SIZE + 1]; | 76 | opaque rnd[2 * TLS_RANDOM_SIZE + 1]; |
| 77 | 77 | ||
| @@ -81,7 +81,7 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
| 81 | session->security_parameters.server_random, TLS_RANDOM_SIZE); | 81 | session->security_parameters.server_random, TLS_RANDOM_SIZE); |
| 82 | 82 | ||
| 83 | ret = | 83 | ret = |
| 84 | mhd_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, | 84 | MHD_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, |
| 85 | rnd, 2 * TLS_RANDOM_SIZE, | 85 | rnd, 2 * TLS_RANDOM_SIZE, |
| 86 | TLS_MASTER_SIZE, | 86 | TLS_MASTER_SIZE, |
| 87 | session->security_parameters. | 87 | session->security_parameters. |
| @@ -97,25 +97,25 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
| 97 | rndlen += session->security_parameters.extensions.oprfi_client_len; | 97 | rndlen += session->security_parameters.extensions.oprfi_client_len; |
| 98 | rndlen += session->security_parameters.extensions.oprfi_server_len; | 98 | rndlen += session->security_parameters.extensions.oprfi_server_len; |
| 99 | 99 | ||
| 100 | rnd = gnutls_malloc (rndlen + 1); | 100 | rnd = MHD_gnutls_malloc (rndlen + 1); |
| 101 | if (!rnd) | 101 | if (!rnd) |
| 102 | { | 102 | { |
| 103 | gnutls_assert (); | 103 | MHD_gnutls_assert (); |
| 104 | return GNUTLS_E_MEMORY_ERROR; | 104 | return GNUTLS_E_MEMORY_ERROR; |
| 105 | } | 105 | } |
| 106 | 106 | ||
| 107 | _gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n", | 107 | MHD__gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n", |
| 108 | session->security_parameters. | 108 | session->security_parameters. |
| 109 | extensions.oprfi_server_len, | 109 | extensions.oprfi_server_len, |
| 110 | mhd_gtls_bin2hex (session->security_parameters. | 110 | MHD_gtls_bin2hex (session->security_parameters. |
| 111 | extensions.oprfi_client, | 111 | extensions.oprfi_client, |
| 112 | session->security_parameters. | 112 | session->security_parameters. |
| 113 | extensions.oprfi_client_len, buf, | 113 | extensions.oprfi_client_len, buf, |
| 114 | sizeof (buf))); | 114 | sizeof (buf))); |
| 115 | _gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n", | 115 | MHD__gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n", |
| 116 | session->security_parameters. | 116 | session->security_parameters. |
| 117 | extensions.oprfi_server_len, | 117 | extensions.oprfi_server_len, |
| 118 | mhd_gtls_bin2hex (session->security_parameters. | 118 | MHD_gtls_bin2hex (session->security_parameters. |
| 119 | extensions.oprfi_server, | 119 | extensions.oprfi_server, |
| 120 | session->security_parameters. | 120 | session->security_parameters. |
| 121 | extensions.oprfi_server_len, buf, | 121 | extensions.oprfi_server_len, buf, |
| @@ -135,12 +135,12 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
| 135 | session->security_parameters.extensions.oprfi_server, | 135 | session->security_parameters.extensions.oprfi_server, |
| 136 | session->security_parameters.extensions.oprfi_server_len); | 136 | session->security_parameters.extensions.oprfi_server_len); |
| 137 | 137 | ||
| 138 | ret = mhd_gtls_PRF (session, PREMASTER.data, PREMASTER.size, | 138 | ret = MHD_gtls_PRF (session, PREMASTER.data, PREMASTER.size, |
| 139 | MASTER_SECRET, strlen (MASTER_SECRET), | 139 | MASTER_SECRET, strlen (MASTER_SECRET), |
| 140 | rnd, rndlen, TLS_MASTER_SIZE, | 140 | rnd, rndlen, TLS_MASTER_SIZE, |
| 141 | session->security_parameters.master_secret); | 141 | session->security_parameters.master_secret); |
| 142 | 142 | ||
| 143 | gnutls_free (rnd); | 143 | MHD_gnutls_free (rnd); |
| 144 | } | 144 | } |
| 145 | else | 145 | else |
| 146 | { | 146 | { |
| @@ -152,7 +152,7 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
| 152 | session->security_parameters.server_random, TLS_RANDOM_SIZE); | 152 | session->security_parameters.server_random, TLS_RANDOM_SIZE); |
| 153 | 153 | ||
| 154 | ret = | 154 | ret = |
| 155 | mhd_gtls_PRF (session, PREMASTER.data, PREMASTER.size, | 155 | MHD_gtls_PRF (session, PREMASTER.data, PREMASTER.size, |
| 156 | MASTER_SECRET, strlen (MASTER_SECRET), | 156 | MASTER_SECRET, strlen (MASTER_SECRET), |
| 157 | rnd, 2 * TLS_RANDOM_SIZE, TLS_MASTER_SIZE, | 157 | rnd, 2 * TLS_RANDOM_SIZE, TLS_MASTER_SIZE, |
| 158 | session->security_parameters.master_secret); | 158 | session->security_parameters.master_secret); |
| @@ -163,13 +163,13 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
| 163 | session->security_parameters.master_secret, TLS_MASTER_SIZE); | 163 | session->security_parameters.master_secret, TLS_MASTER_SIZE); |
| 164 | 164 | ||
| 165 | if (!keep_premaster) | 165 | if (!keep_premaster) |
| 166 | _gnutls_free_datum (&PREMASTER); | 166 | MHD__gnutls_free_datum (&PREMASTER); |
| 167 | 167 | ||
| 168 | if (ret < 0) | 168 | if (ret < 0) |
| 169 | return ret; | 169 | return ret; |
| 170 | 170 | ||
| 171 | _gnutls_hard_log ("INT: MASTER SECRET: %s\n", | 171 | MHD__gnutls_hard_log ("INT: MASTER SECRET: %s\n", |
| 172 | mhd_gtls_bin2hex (session->security_parameters. | 172 | MHD_gtls_bin2hex (session->security_parameters. |
| 173 | master_secret, TLS_MASTER_SIZE, buf, | 173 | master_secret, TLS_MASTER_SIZE, buf, |
| 174 | sizeof (buf))); | 174 | sizeof (buf))); |
| 175 | 175 | ||
| @@ -182,13 +182,13 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
| 182 | * by the selected ciphersuite. | 182 | * by the selected ciphersuite. |
| 183 | */ | 183 | */ |
| 184 | int | 184 | int |
| 185 | mhd_gtls_send_server_kx_message (mhd_gtls_session_t session, int again) | 185 | MHD_gtls_send_server_kx_message (MHD_gtls_session_t session, int again) |
| 186 | { | 186 | { |
| 187 | uint8_t *data = NULL; | 187 | uint8_t *data = NULL; |
| 188 | int data_size = 0; | 188 | int data_size = 0; |
| 189 | int ret = 0; | 189 | int ret = 0; |
| 190 | 190 | ||
| 191 | if (session->internals.auth_struct->mhd_gtls_gen_server_kx == NULL) | 191 | if (session->internals.auth_struct->MHD_gtls_gen_server_kx == NULL) |
| 192 | return 0; | 192 | return 0; |
| 193 | 193 | ||
| 194 | data = NULL; | 194 | data = NULL; |
| @@ -197,30 +197,30 @@ mhd_gtls_send_server_kx_message (mhd_gtls_session_t session, int again) | |||
| 197 | if (again == 0) | 197 | if (again == 0) |
| 198 | { | 198 | { |
| 199 | data_size = | 199 | data_size = |
| 200 | session->internals.auth_struct->mhd_gtls_gen_server_kx (session, | 200 | session->internals.auth_struct->MHD_gtls_gen_server_kx (session, |
| 201 | &data); | 201 | &data); |
| 202 | 202 | ||
| 203 | if (data_size == GNUTLS_E_INT_RET_0) | 203 | if (data_size == GNUTLS_E_INT_RET_0) |
| 204 | { | 204 | { |
| 205 | gnutls_assert (); | 205 | MHD_gnutls_assert (); |
| 206 | return 0; | 206 | return 0; |
| 207 | } | 207 | } |
| 208 | 208 | ||
| 209 | if (data_size < 0) | 209 | if (data_size < 0) |
| 210 | { | 210 | { |
| 211 | gnutls_assert (); | 211 | MHD_gnutls_assert (); |
| 212 | return data_size; | 212 | return data_size; |
| 213 | } | 213 | } |
| 214 | } | 214 | } |
| 215 | 215 | ||
| 216 | ret = | 216 | ret = |
| 217 | mhd_gtls_send_handshake (session, data, data_size, | 217 | MHD_gtls_send_handshake (session, data, data_size, |
| 218 | GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE); | 218 | GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE); |
| 219 | gnutls_free (data); | 219 | MHD_gnutls_free (data); |
| 220 | 220 | ||
| 221 | if (ret < 0) | 221 | if (ret < 0) |
| 222 | { | 222 | { |
| 223 | gnutls_assert (); | 223 | MHD_gnutls_assert (); |
| 224 | return ret; | 224 | return ret; |
| 225 | } | 225 | } |
| 226 | return data_size; | 226 | return data_size; |
| @@ -230,7 +230,7 @@ mhd_gtls_send_server_kx_message (mhd_gtls_session_t session, int again) | |||
| 230 | * client. | 230 | * client. |
| 231 | */ | 231 | */ |
| 232 | int | 232 | int |
| 233 | mhd_gtls_send_server_certificate_request (mhd_gtls_session_t session, | 233 | MHD_gtls_send_server_certificate_request (MHD_gtls_session_t session, |
| 234 | int again) | 234 | int again) |
| 235 | { | 235 | { |
| 236 | uint8_t *data = NULL; | 236 | uint8_t *data = NULL; |
| @@ -238,7 +238,7 @@ mhd_gtls_send_server_certificate_request (mhd_gtls_session_t session, | |||
| 238 | int ret = 0; | 238 | int ret = 0; |
| 239 | 239 | ||
| 240 | if (session->internals.auth_struct-> | 240 | if (session->internals.auth_struct-> |
| 241 | mhd_gtls_gen_server_certificate_request == NULL) | 241 | MHD_gtls_gen_server_certificate_request == NULL) |
| 242 | return 0; | 242 | return 0; |
| 243 | 243 | ||
| 244 | if (session->internals.send_cert_req <= 0) | 244 | if (session->internals.send_cert_req <= 0) |
| @@ -251,22 +251,22 @@ mhd_gtls_send_server_certificate_request (mhd_gtls_session_t session, | |||
| 251 | { | 251 | { |
| 252 | data_size = | 252 | data_size = |
| 253 | session->internals.auth_struct-> | 253 | session->internals.auth_struct-> |
| 254 | mhd_gtls_gen_server_certificate_request (session, &data); | 254 | MHD_gtls_gen_server_certificate_request (session, &data); |
| 255 | 255 | ||
| 256 | if (data_size < 0) | 256 | if (data_size < 0) |
| 257 | { | 257 | { |
| 258 | gnutls_assert (); | 258 | MHD_gnutls_assert (); |
| 259 | return data_size; | 259 | return data_size; |
| 260 | } | 260 | } |
| 261 | } | 261 | } |
| 262 | ret = | 262 | ret = |
| 263 | mhd_gtls_send_handshake (session, data, data_size, | 263 | MHD_gtls_send_handshake (session, data, data_size, |
| 264 | GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST); | 264 | GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST); |
| 265 | gnutls_free (data); | 265 | MHD_gnutls_free (data); |
| 266 | 266 | ||
| 267 | if (ret < 0) | 267 | if (ret < 0) |
| 268 | { | 268 | { |
| 269 | gnutls_assert (); | 269 | MHD_gnutls_assert (); |
| 270 | return ret; | 270 | return ret; |
| 271 | } | 271 | } |
| 272 | return data_size; | 272 | return data_size; |
| @@ -277,13 +277,13 @@ mhd_gtls_send_server_certificate_request (mhd_gtls_session_t session, | |||
| 277 | * exchange message | 277 | * exchange message |
| 278 | */ | 278 | */ |
| 279 | int | 279 | int |
| 280 | mhd_gtls_send_client_kx_message (mhd_gtls_session_t session, int again) | 280 | MHD_gtls_send_client_kx_message (MHD_gtls_session_t session, int again) |
| 281 | { | 281 | { |
| 282 | uint8_t *data; | 282 | uint8_t *data; |
| 283 | int data_size; | 283 | int data_size; |
| 284 | int ret = 0; | 284 | int ret = 0; |
| 285 | 285 | ||
| 286 | if (session->internals.auth_struct->mhd_gtls_gen_client_kx == NULL) | 286 | if (session->internals.auth_struct->MHD_gtls_gen_client_kx == NULL) |
| 287 | return 0; | 287 | return 0; |
| 288 | 288 | ||
| 289 | 289 | ||
| @@ -293,22 +293,22 @@ mhd_gtls_send_client_kx_message (mhd_gtls_session_t session, int again) | |||
| 293 | if (again == 0) | 293 | if (again == 0) |
| 294 | { | 294 | { |
| 295 | data_size = | 295 | data_size = |
| 296 | session->internals.auth_struct->mhd_gtls_gen_client_kx (session, | 296 | session->internals.auth_struct->MHD_gtls_gen_client_kx (session, |
| 297 | &data); | 297 | &data); |
| 298 | if (data_size < 0) | 298 | if (data_size < 0) |
| 299 | { | 299 | { |
| 300 | gnutls_assert (); | 300 | MHD_gnutls_assert (); |
| 301 | return data_size; | 301 | return data_size; |
| 302 | } | 302 | } |
| 303 | } | 303 | } |
| 304 | ret = | 304 | ret = |
| 305 | mhd_gtls_send_handshake (session, data, data_size, | 305 | MHD_gtls_send_handshake (session, data, data_size, |
| 306 | GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE); | 306 | GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE); |
| 307 | gnutls_free (data); | 307 | MHD_gnutls_free (data); |
| 308 | 308 | ||
| 309 | if (ret < 0) | 309 | if (ret < 0) |
| 310 | { | 310 | { |
| 311 | gnutls_assert (); | 311 | MHD_gnutls_assert (); |
| 312 | return ret; | 312 | return ret; |
| 313 | } | 313 | } |
| 314 | 314 | ||
| @@ -320,7 +320,7 @@ mhd_gtls_send_client_kx_message (mhd_gtls_session_t session, int again) | |||
| 320 | * verify message | 320 | * verify message |
| 321 | */ | 321 | */ |
| 322 | int | 322 | int |
| 323 | mhd_gtls_send_client_certificate_verify (mhd_gtls_session_t session, | 323 | MHD_gtls_send_client_certificate_verify (MHD_gtls_session_t session, |
| 324 | int again) | 324 | int again) |
| 325 | { | 325 | { |
| 326 | uint8_t *data; | 326 | uint8_t *data; |
| @@ -337,9 +337,9 @@ mhd_gtls_send_client_certificate_verify (mhd_gtls_session_t session, | |||
| 337 | if (session->key->certificate_requested == 0) | 337 | if (session->key->certificate_requested == 0) |
| 338 | return 0; | 338 | return 0; |
| 339 | 339 | ||
| 340 | if (session->internals.auth_struct->mhd_gtls_gen_client_cert_vrfy == NULL) | 340 | if (session->internals.auth_struct->MHD_gtls_gen_client_cert_vrfy == NULL) |
| 341 | { | 341 | { |
| 342 | gnutls_assert (); | 342 | MHD_gnutls_assert (); |
| 343 | return 0; /* this algorithm does not support cli_cert_vrfy | 343 | return 0; /* this algorithm does not support cli_cert_vrfy |
| 344 | */ | 344 | */ |
| 345 | } | 345 | } |
| @@ -351,10 +351,10 @@ mhd_gtls_send_client_certificate_verify (mhd_gtls_session_t session, | |||
| 351 | { | 351 | { |
| 352 | data_size = | 352 | data_size = |
| 353 | session->internals.auth_struct-> | 353 | session->internals.auth_struct-> |
| 354 | mhd_gtls_gen_client_cert_vrfy (session, &data); | 354 | MHD_gtls_gen_client_cert_vrfy (session, &data); |
| 355 | if (data_size < 0) | 355 | if (data_size < 0) |
| 356 | { | 356 | { |
| 357 | gnutls_assert (); | 357 | MHD_gnutls_assert (); |
| 358 | return data_size; | 358 | return data_size; |
| 359 | } | 359 | } |
| 360 | if (data_size == 0) | 360 | if (data_size == 0) |
| @@ -362,53 +362,53 @@ mhd_gtls_send_client_certificate_verify (mhd_gtls_session_t session, | |||
| 362 | 362 | ||
| 363 | } | 363 | } |
| 364 | ret = | 364 | ret = |
| 365 | mhd_gtls_send_handshake (session, data, | 365 | MHD_gtls_send_handshake (session, data, |
| 366 | data_size, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY); | 366 | data_size, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY); |
| 367 | gnutls_free (data); | 367 | MHD_gnutls_free (data); |
| 368 | 368 | ||
| 369 | return ret; | 369 | return ret; |
| 370 | } | 370 | } |
| 371 | 371 | ||
| 372 | 372 | ||
| 373 | int | 373 | int |
| 374 | mhd_gtls_recv_server_kx_message (mhd_gtls_session_t session) | 374 | MHD_gtls_recv_server_kx_message (MHD_gtls_session_t session) |
| 375 | { | 375 | { |
| 376 | uint8_t *data = NULL; | 376 | uint8_t *data = NULL; |
| 377 | int datasize; | 377 | int datasize; |
| 378 | int ret = 0; | 378 | int ret = 0; |
| 379 | 379 | ||
| 380 | if (session->internals.auth_struct->mhd_gtls_process_server_kx != NULL) | 380 | if (session->internals.auth_struct->MHD_gtls_process_server_kx != NULL) |
| 381 | { | 381 | { |
| 382 | 382 | ||
| 383 | /* EXCEPTION FOR RSA_EXPORT cipher suite | 383 | /* EXCEPTION FOR RSA_EXPORT cipher suite |
| 384 | */ | 384 | */ |
| 385 | if (mhd_gtls_session_is_export (session) != 0 && | 385 | if (MHD_gtls_session_is_export (session) != 0 && |
| 386 | _gnutls_peers_cert_less_512 (session) != 0) | 386 | MHD__gnutls_peers_cert_less_512 (session) != 0) |
| 387 | { | 387 | { |
| 388 | gnutls_assert (); | 388 | MHD_gnutls_assert (); |
| 389 | return 0; | 389 | return 0; |
| 390 | } | 390 | } |
| 391 | 391 | ||
| 392 | ret = | 392 | ret = |
| 393 | mhd_gtls_recv_handshake (session, &data, | 393 | MHD_gtls_recv_handshake (session, &data, |
| 394 | &datasize, | 394 | &datasize, |
| 395 | GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE, | 395 | GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE, |
| 396 | MANDATORY_PACKET); | 396 | MANDATORY_PACKET); |
| 397 | if (ret < 0) | 397 | if (ret < 0) |
| 398 | { | 398 | { |
| 399 | gnutls_assert (); | 399 | MHD_gnutls_assert (); |
| 400 | return ret; | 400 | return ret; |
| 401 | } | 401 | } |
| 402 | 402 | ||
| 403 | ret = | 403 | ret = |
| 404 | session->internals.auth_struct->mhd_gtls_process_server_kx (session, | 404 | session->internals.auth_struct->MHD_gtls_process_server_kx (session, |
| 405 | data, | 405 | data, |
| 406 | datasize); | 406 | datasize); |
| 407 | gnutls_free (data); | 407 | MHD_gnutls_free (data); |
| 408 | 408 | ||
| 409 | if (ret < 0) | 409 | if (ret < 0) |
| 410 | { | 410 | { |
| 411 | gnutls_assert (); | 411 | MHD_gnutls_assert (); |
| 412 | return ret; | 412 | return ret; |
| 413 | } | 413 | } |
| 414 | 414 | ||
| @@ -417,18 +417,18 @@ mhd_gtls_recv_server_kx_message (mhd_gtls_session_t session) | |||
| 417 | } | 417 | } |
| 418 | 418 | ||
| 419 | int | 419 | int |
| 420 | mhd_gtls_recv_server_certificate_request (mhd_gtls_session_t session) | 420 | MHD_gtls_recv_server_certificate_request (MHD_gtls_session_t session) |
| 421 | { | 421 | { |
| 422 | uint8_t *data; | 422 | uint8_t *data; |
| 423 | int datasize; | 423 | int datasize; |
| 424 | int ret = 0; | 424 | int ret = 0; |
| 425 | 425 | ||
| 426 | if (session->internals.auth_struct-> | 426 | if (session->internals.auth_struct-> |
| 427 | mhd_gtls_process_server_certificate_request != NULL) | 427 | MHD_gtls_process_server_certificate_request != NULL) |
| 428 | { | 428 | { |
| 429 | 429 | ||
| 430 | ret = | 430 | ret = |
| 431 | mhd_gtls_recv_handshake (session, &data, | 431 | MHD_gtls_recv_handshake (session, &data, |
| 432 | &datasize, | 432 | &datasize, |
| 433 | GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST, | 433 | GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST, |
| 434 | OPTIONAL_PACKET); | 434 | OPTIONAL_PACKET); |
| @@ -440,8 +440,8 @@ mhd_gtls_recv_server_certificate_request (mhd_gtls_session_t session) | |||
| 440 | 440 | ||
| 441 | ret = | 441 | ret = |
| 442 | session->internals.auth_struct-> | 442 | session->internals.auth_struct-> |
| 443 | mhd_gtls_process_server_certificate_request (session, data, datasize); | 443 | MHD_gtls_process_server_certificate_request (session, data, datasize); |
| 444 | gnutls_free (data); | 444 | MHD_gnutls_free (data); |
| 445 | if (ret < 0) | 445 | if (ret < 0) |
| 446 | return ret; | 446 | return ret; |
| 447 | 447 | ||
| @@ -450,7 +450,7 @@ mhd_gtls_recv_server_certificate_request (mhd_gtls_session_t session) | |||
| 450 | } | 450 | } |
| 451 | 451 | ||
| 452 | int | 452 | int |
| 453 | mhd_gtls_recv_client_kx_message (mhd_gtls_session_t session) | 453 | MHD_gtls_recv_client_kx_message (MHD_gtls_session_t session) |
| 454 | { | 454 | { |
| 455 | uint8_t *data; | 455 | uint8_t *data; |
| 456 | int datasize; | 456 | int datasize; |
| @@ -458,11 +458,11 @@ mhd_gtls_recv_client_kx_message (mhd_gtls_session_t session) | |||
| 458 | 458 | ||
| 459 | 459 | ||
| 460 | /* Do key exchange only if the algorithm permits it */ | 460 | /* Do key exchange only if the algorithm permits it */ |
| 461 | if (session->internals.auth_struct->mhd_gtls_process_client_kx != NULL) | 461 | if (session->internals.auth_struct->MHD_gtls_process_client_kx != NULL) |
| 462 | { | 462 | { |
| 463 | 463 | ||
| 464 | ret = | 464 | ret = |
| 465 | mhd_gtls_recv_handshake (session, &data, | 465 | MHD_gtls_recv_handshake (session, &data, |
| 466 | &datasize, | 466 | &datasize, |
| 467 | GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE, | 467 | GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE, |
| 468 | MANDATORY_PACKET); | 468 | MANDATORY_PACKET); |
| @@ -470,10 +470,10 @@ mhd_gtls_recv_client_kx_message (mhd_gtls_session_t session) | |||
| 470 | return ret; | 470 | return ret; |
| 471 | 471 | ||
| 472 | ret = | 472 | ret = |
| 473 | session->internals.auth_struct->mhd_gtls_process_client_kx (session, | 473 | session->internals.auth_struct->MHD_gtls_process_client_kx (session, |
| 474 | data, | 474 | data, |
| 475 | datasize); | 475 | datasize); |
| 476 | gnutls_free (data); | 476 | MHD_gnutls_free (data); |
| 477 | if (ret < 0) | 477 | if (ret < 0) |
| 478 | return ret; | 478 | return ret; |
| 479 | 479 | ||
| @@ -486,7 +486,7 @@ mhd_gtls_recv_client_kx_message (mhd_gtls_session_t session) | |||
| 486 | /* This is called when we want send our certificate | 486 | /* This is called when we want send our certificate |
| 487 | */ | 487 | */ |
| 488 | int | 488 | int |
| 489 | mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | 489 | MHD_gtls_send_client_certificate (MHD_gtls_session_t session, int again) |
| 490 | { | 490 | { |
| 491 | uint8_t *data = NULL; | 491 | uint8_t *data = NULL; |
| 492 | int data_size = 0; | 492 | int data_size = 0; |
| @@ -496,7 +496,7 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
| 496 | if (session->key->certificate_requested == 0) | 496 | if (session->key->certificate_requested == 0) |
| 497 | return 0; | 497 | return 0; |
| 498 | 498 | ||
| 499 | if (session->internals.auth_struct->mhd_gtls_gen_client_certificate == NULL) | 499 | if (session->internals.auth_struct->MHD_gtls_gen_client_certificate == NULL) |
| 500 | return 0; | 500 | return 0; |
| 501 | 501 | ||
| 502 | data = NULL; | 502 | data = NULL; |
| @@ -504,18 +504,18 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
| 504 | 504 | ||
| 505 | if (again == 0) | 505 | if (again == 0) |
| 506 | { | 506 | { |
| 507 | if (MHD_gnutls_protocol_get_version (session) != MHD_GNUTLS_PROTOCOL_SSL3 || | 507 | if (MHD__gnutls_protocol_get_version (session) != MHD_GNUTLS_PROTOCOL_SSL3 || |
| 508 | session->internals.selected_cert_list_length > 0) | 508 | session->internals.selected_cert_list_length > 0) |
| 509 | { | 509 | { |
| 510 | /* TLS 1.0 or SSL 3.0 with a valid certificate | 510 | /* TLS 1.0 or SSL 3.0 with a valid certificate |
| 511 | */ | 511 | */ |
| 512 | data_size = | 512 | data_size = |
| 513 | session->internals.auth_struct-> | 513 | session->internals.auth_struct-> |
| 514 | mhd_gtls_gen_client_certificate (session, &data); | 514 | MHD_gtls_gen_client_certificate (session, &data); |
| 515 | 515 | ||
| 516 | if (data_size < 0) | 516 | if (data_size < 0) |
| 517 | { | 517 | { |
| 518 | gnutls_assert (); | 518 | MHD_gnutls_assert (); |
| 519 | return data_size; | 519 | return data_size; |
| 520 | } | 520 | } |
| 521 | } | 521 | } |
| @@ -525,11 +525,11 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
| 525 | * no certificate alert instead of an | 525 | * no certificate alert instead of an |
| 526 | * empty certificate. | 526 | * empty certificate. |
| 527 | */ | 527 | */ |
| 528 | if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && | 528 | if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && |
| 529 | session->internals.selected_cert_list_length == 0) | 529 | session->internals.selected_cert_list_length == 0) |
| 530 | { | 530 | { |
| 531 | ret = | 531 | ret = |
| 532 | MHD_gnutls_alert_send (session, GNUTLS_AL_WARNING, | 532 | MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING, |
| 533 | GNUTLS_A_SSL3_NO_CERTIFICATE); | 533 | GNUTLS_A_SSL3_NO_CERTIFICATE); |
| 534 | 534 | ||
| 535 | } | 535 | } |
| @@ -537,14 +537,14 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
| 537 | { /* TLS 1.0 or SSL 3.0 with a valid certificate | 537 | { /* TLS 1.0 or SSL 3.0 with a valid certificate |
| 538 | */ | 538 | */ |
| 539 | ret = | 539 | ret = |
| 540 | mhd_gtls_send_handshake (session, data, data_size, | 540 | MHD_gtls_send_handshake (session, data, data_size, |
| 541 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT); | 541 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT); |
| 542 | gnutls_free (data); | 542 | MHD_gnutls_free (data); |
| 543 | } | 543 | } |
| 544 | 544 | ||
| 545 | if (ret < 0) | 545 | if (ret < 0) |
| 546 | { | 546 | { |
| 547 | gnutls_assert (); | 547 | MHD_gnutls_assert (); |
| 548 | return ret; | 548 | return ret; |
| 549 | } | 549 | } |
| 550 | 550 | ||
| @@ -555,14 +555,14 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
| 555 | /* This is called when we want send our certificate | 555 | /* This is called when we want send our certificate |
| 556 | */ | 556 | */ |
| 557 | int | 557 | int |
| 558 | mhd_gtls_send_server_certificate (mhd_gtls_session_t session, int again) | 558 | MHD_gtls_send_server_certificate (MHD_gtls_session_t session, int again) |
| 559 | { | 559 | { |
| 560 | uint8_t *data = NULL; | 560 | uint8_t *data = NULL; |
| 561 | int data_size = 0; | 561 | int data_size = 0; |
| 562 | int ret = 0; | 562 | int ret = 0; |
| 563 | 563 | ||
| 564 | 564 | ||
| 565 | if (session->internals.auth_struct->mhd_gtls_gen_server_certificate == NULL) | 565 | if (session->internals.auth_struct->MHD_gtls_gen_server_certificate == NULL) |
| 566 | return 0; | 566 | return 0; |
| 567 | 567 | ||
| 568 | data = NULL; | 568 | data = NULL; |
| @@ -572,22 +572,22 @@ mhd_gtls_send_server_certificate (mhd_gtls_session_t session, int again) | |||
| 572 | { | 572 | { |
| 573 | data_size = | 573 | data_size = |
| 574 | session->internals.auth_struct-> | 574 | session->internals.auth_struct-> |
| 575 | mhd_gtls_gen_server_certificate (session, &data); | 575 | MHD_gtls_gen_server_certificate (session, &data); |
| 576 | 576 | ||
| 577 | if (data_size < 0) | 577 | if (data_size < 0) |
| 578 | { | 578 | { |
| 579 | gnutls_assert (); | 579 | MHD_gnutls_assert (); |
| 580 | return data_size; | 580 | return data_size; |
| 581 | } | 581 | } |
| 582 | } | 582 | } |
| 583 | ret = | 583 | ret = |
| 584 | mhd_gtls_send_handshake (session, data, data_size, | 584 | MHD_gtls_send_handshake (session, data, data_size, |
| 585 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT); | 585 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT); |
| 586 | gnutls_free (data); | 586 | MHD_gnutls_free (data); |
| 587 | 587 | ||
| 588 | if (ret < 0) | 588 | if (ret < 0) |
| 589 | { | 589 | { |
| 590 | gnutls_assert (); | 590 | MHD_gnutls_assert (); |
| 591 | return ret; | 591 | return ret; |
| 592 | } | 592 | } |
| 593 | 593 | ||
| @@ -596,14 +596,14 @@ mhd_gtls_send_server_certificate (mhd_gtls_session_t session, int again) | |||
| 596 | 596 | ||
| 597 | 597 | ||
| 598 | int | 598 | int |
| 599 | mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | 599 | MHD_gtls_recv_client_certificate (MHD_gtls_session_t session) |
| 600 | { | 600 | { |
| 601 | int datasize; | 601 | int datasize; |
| 602 | opaque *data; | 602 | opaque *data; |
| 603 | int ret = 0; | 603 | int ret = 0; |
| 604 | int optional; | 604 | int optional; |
| 605 | 605 | ||
| 606 | if (session->internals.auth_struct->mhd_gtls_process_client_certificate != | 606 | if (session->internals.auth_struct->MHD_gtls_process_client_certificate != |
| 607 | NULL) | 607 | NULL) |
| 608 | { | 608 | { |
| 609 | 609 | ||
| @@ -620,7 +620,7 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
| 620 | optional = OPTIONAL_PACKET; | 620 | optional = OPTIONAL_PACKET; |
| 621 | 621 | ||
| 622 | ret = | 622 | ret = |
| 623 | mhd_gtls_recv_handshake (session, &data, | 623 | MHD_gtls_recv_handshake (session, &data, |
| 624 | &datasize, | 624 | &datasize, |
| 625 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT, optional); | 625 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT, optional); |
| 626 | 626 | ||
| @@ -632,14 +632,14 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
| 632 | */ | 632 | */ |
| 633 | if (optional == OPTIONAL_PACKET && | 633 | if (optional == OPTIONAL_PACKET && |
| 634 | ret == GNUTLS_E_WARNING_ALERT_RECEIVED && | 634 | ret == GNUTLS_E_WARNING_ALERT_RECEIVED && |
| 635 | MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && | 635 | MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && |
| 636 | gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE) | 636 | MHD_gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE) |
| 637 | { | 637 | { |
| 638 | 638 | ||
| 639 | /* SSL3 does not send an empty certificate, | 639 | /* SSL3 does not send an empty certificate, |
| 640 | * but this alert. So we just ignore it. | 640 | * but this alert. So we just ignore it. |
| 641 | */ | 641 | */ |
| 642 | gnutls_assert (); | 642 | MHD_gnutls_assert (); |
| 643 | return 0; | 643 | return 0; |
| 644 | } | 644 | } |
| 645 | 645 | ||
| @@ -649,7 +649,7 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
| 649 | || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) | 649 | || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) |
| 650 | && optional == MANDATORY_PACKET) | 650 | && optional == MANDATORY_PACKET) |
| 651 | { | 651 | { |
| 652 | gnutls_assert (); | 652 | MHD_gnutls_assert (); |
| 653 | return GNUTLS_E_NO_CERTIFICATE_FOUND; | 653 | return GNUTLS_E_NO_CERTIFICATE_FOUND; |
| 654 | } | 654 | } |
| 655 | 655 | ||
| @@ -662,17 +662,17 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
| 662 | * well I'm not sure we should accept this | 662 | * well I'm not sure we should accept this |
| 663 | * behaviour. | 663 | * behaviour. |
| 664 | */ | 664 | */ |
| 665 | gnutls_assert (); | 665 | MHD_gnutls_assert (); |
| 666 | return 0; | 666 | return 0; |
| 667 | } | 667 | } |
| 668 | ret = | 668 | ret = |
| 669 | session->internals.auth_struct-> | 669 | session->internals.auth_struct-> |
| 670 | mhd_gtls_process_client_certificate (session, data, datasize); | 670 | MHD_gtls_process_client_certificate (session, data, datasize); |
| 671 | 671 | ||
| 672 | gnutls_free (data); | 672 | MHD_gnutls_free (data); |
| 673 | if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) | 673 | if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) |
| 674 | { | 674 | { |
| 675 | gnutls_assert (); | 675 | MHD_gnutls_assert (); |
| 676 | return ret; | 676 | return ret; |
| 677 | } | 677 | } |
| 678 | 678 | ||
| @@ -689,34 +689,34 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
| 689 | } | 689 | } |
| 690 | 690 | ||
| 691 | int | 691 | int |
| 692 | mhd_gtls_recv_server_certificate (mhd_gtls_session_t session) | 692 | MHD_gtls_recv_server_certificate (MHD_gtls_session_t session) |
| 693 | { | 693 | { |
| 694 | int datasize; | 694 | int datasize; |
| 695 | opaque *data; | 695 | opaque *data; |
| 696 | int ret = 0; | 696 | int ret = 0; |
| 697 | 697 | ||
| 698 | if (session->internals.auth_struct->mhd_gtls_process_server_certificate != | 698 | if (session->internals.auth_struct->MHD_gtls_process_server_certificate != |
| 699 | NULL) | 699 | NULL) |
| 700 | { | 700 | { |
| 701 | 701 | ||
| 702 | ret = | 702 | ret = |
| 703 | mhd_gtls_recv_handshake (session, &data, | 703 | MHD_gtls_recv_handshake (session, &data, |
| 704 | &datasize, | 704 | &datasize, |
| 705 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT, | 705 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT, |
| 706 | MANDATORY_PACKET); | 706 | MANDATORY_PACKET); |
| 707 | if (ret < 0) | 707 | if (ret < 0) |
| 708 | { | 708 | { |
| 709 | gnutls_assert (); | 709 | MHD_gnutls_assert (); |
| 710 | return ret; | 710 | return ret; |
| 711 | } | 711 | } |
| 712 | 712 | ||
| 713 | ret = | 713 | ret = |
| 714 | session->internals.auth_struct-> | 714 | session->internals.auth_struct-> |
| 715 | mhd_gtls_process_server_certificate (session, data, datasize); | 715 | MHD_gtls_process_server_certificate (session, data, datasize); |
| 716 | gnutls_free (data); | 716 | MHD_gnutls_free (data); |
| 717 | if (ret < 0) | 717 | if (ret < 0) |
| 718 | { | 718 | { |
| 719 | gnutls_assert (); | 719 | MHD_gnutls_assert (); |
| 720 | return ret; | 720 | return ret; |
| 721 | } | 721 | } |
| 722 | } | 722 | } |
| @@ -729,14 +729,14 @@ mhd_gtls_recv_server_certificate (mhd_gtls_session_t session) | |||
| 729 | * arrive if the peer did not send us a certificate. | 729 | * arrive if the peer did not send us a certificate. |
| 730 | */ | 730 | */ |
| 731 | int | 731 | int |
| 732 | mhd_gtls_recv_client_certificate_verify_message (mhd_gtls_session_t session) | 732 | MHD_gtls_recv_client_certificate_verify_message (MHD_gtls_session_t session) |
| 733 | { | 733 | { |
| 734 | uint8_t *data; | 734 | uint8_t *data; |
| 735 | int datasize; | 735 | int datasize; |
| 736 | int ret = 0; | 736 | int ret = 0; |
| 737 | 737 | ||
| 738 | 738 | ||
| 739 | if (session->internals.auth_struct->mhd_gtls_process_client_cert_vrfy != | 739 | if (session->internals.auth_struct->MHD_gtls_process_client_cert_vrfy != |
| 740 | NULL) | 740 | NULL) |
| 741 | { | 741 | { |
| 742 | 742 | ||
| @@ -747,7 +747,7 @@ mhd_gtls_recv_client_certificate_verify_message (mhd_gtls_session_t session) | |||
| 747 | } | 747 | } |
| 748 | 748 | ||
| 749 | ret = | 749 | ret = |
| 750 | mhd_gtls_recv_handshake (session, &data, | 750 | MHD_gtls_recv_handshake (session, &data, |
| 751 | &datasize, | 751 | &datasize, |
| 752 | GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY, | 752 | GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY, |
| 753 | OPTIONAL_PACKET); | 753 | OPTIONAL_PACKET); |
| @@ -758,14 +758,14 @@ mhd_gtls_recv_client_certificate_verify_message (mhd_gtls_session_t session) | |||
| 758 | && session->internals.send_cert_req == GNUTLS_CERT_REQUIRE) | 758 | && session->internals.send_cert_req == GNUTLS_CERT_REQUIRE) |
| 759 | { | 759 | { |
| 760 | /* certificate was required */ | 760 | /* certificate was required */ |
| 761 | gnutls_assert (); | 761 | MHD_gnutls_assert (); |
| 762 | return GNUTLS_E_NO_CERTIFICATE_FOUND; | 762 | return GNUTLS_E_NO_CERTIFICATE_FOUND; |
| 763 | } | 763 | } |
| 764 | 764 | ||
| 765 | ret = | 765 | ret = |
| 766 | session->internals.auth_struct-> | 766 | session->internals.auth_struct-> |
| 767 | mhd_gtls_process_client_cert_vrfy (session, data, datasize); | 767 | MHD_gtls_process_client_cert_vrfy (session, data, datasize); |
| 768 | gnutls_free (data); | 768 | MHD_gnutls_free (data); |
| 769 | if (ret < 0) | 769 | if (ret < 0) |
| 770 | return ret; | 770 | return ret; |
| 771 | 771 | ||