diff options
Diffstat (limited to 'src/daemon/https/tls/gnutls_kx.c')
-rw-r--r-- | src/daemon/https/tls/gnutls_kx.c | 228 |
1 files changed, 114 insertions, 114 deletions
diff --git a/src/daemon/https/tls/gnutls_kx.c b/src/daemon/https/tls/gnutls_kx.c index 45717b4f..5f0966f8 100644 --- a/src/daemon/https/tls/gnutls_kx.c +++ b/src/daemon/https/tls/gnutls_kx.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | /* This file contains functions which are wrappers for the key exchange | 25 | /* This file contains functions which are wrappers for the key exchange |
26 | * part of TLS. They are called by the handshake functions (MHD_gnutls_handshake) | 26 | * part of TLS. They are called by the handshake functions (MHD__gnutls_handshake) |
27 | */ | 27 | */ |
28 | 28 | ||
29 | #include "gnutls_int.h" | 29 | #include "gnutls_int.h" |
@@ -42,10 +42,10 @@ | |||
42 | */ | 42 | */ |
43 | 43 | ||
44 | #define MASTER_SECRET "master secret" | 44 | #define MASTER_SECRET "master secret" |
45 | static int generate_normal_master (mhd_gtls_session_t session, int); | 45 | static int generate_normal_master (MHD_gtls_session_t session, int); |
46 | 46 | ||
47 | int | 47 | int |
48 | mhd_gtls_generate_master (mhd_gtls_session_t session, int keep_premaster) | 48 | MHD_gtls_generate_master (MHD_gtls_session_t session, int keep_premaster) |
49 | { | 49 | { |
50 | if (session->internals.resumed == RESUME_FALSE) | 50 | if (session->internals.resumed == RESUME_FALSE) |
51 | return generate_normal_master (session, keep_premaster); | 51 | return generate_normal_master (session, keep_premaster); |
@@ -56,22 +56,22 @@ mhd_gtls_generate_master (mhd_gtls_session_t session, int keep_premaster) | |||
56 | */ | 56 | */ |
57 | #define PREMASTER session->key->key | 57 | #define PREMASTER session->key->key |
58 | static int | 58 | static int |
59 | generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | 59 | generate_normal_master (MHD_gtls_session_t session, int keep_premaster) |
60 | { | 60 | { |
61 | int ret = 0; | 61 | int ret = 0; |
62 | char buf[512]; | 62 | char buf[512]; |
63 | 63 | ||
64 | _gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size, | 64 | MHD__gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size, |
65 | mhd_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf, | 65 | MHD_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf, |
66 | sizeof (buf))); | 66 | sizeof (buf))); |
67 | _gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, | 67 | MHD__gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, |
68 | mhd_gtls_bin2hex (session->security_parameters. | 68 | MHD_gtls_bin2hex (session->security_parameters. |
69 | client_random, 32, buf, sizeof (buf))); | 69 | client_random, 32, buf, sizeof (buf))); |
70 | _gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, | 70 | MHD__gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, |
71 | mhd_gtls_bin2hex (session->security_parameters. | 71 | MHD_gtls_bin2hex (session->security_parameters. |
72 | server_random, 32, buf, sizeof (buf))); | 72 | server_random, 32, buf, sizeof (buf))); |
73 | 73 | ||
74 | if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) | 74 | if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) |
75 | { | 75 | { |
76 | opaque rnd[2 * TLS_RANDOM_SIZE + 1]; | 76 | opaque rnd[2 * TLS_RANDOM_SIZE + 1]; |
77 | 77 | ||
@@ -81,7 +81,7 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
81 | session->security_parameters.server_random, TLS_RANDOM_SIZE); | 81 | session->security_parameters.server_random, TLS_RANDOM_SIZE); |
82 | 82 | ||
83 | ret = | 83 | ret = |
84 | mhd_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, | 84 | MHD_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, |
85 | rnd, 2 * TLS_RANDOM_SIZE, | 85 | rnd, 2 * TLS_RANDOM_SIZE, |
86 | TLS_MASTER_SIZE, | 86 | TLS_MASTER_SIZE, |
87 | session->security_parameters. | 87 | session->security_parameters. |
@@ -97,25 +97,25 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
97 | rndlen += session->security_parameters.extensions.oprfi_client_len; | 97 | rndlen += session->security_parameters.extensions.oprfi_client_len; |
98 | rndlen += session->security_parameters.extensions.oprfi_server_len; | 98 | rndlen += session->security_parameters.extensions.oprfi_server_len; |
99 | 99 | ||
100 | rnd = gnutls_malloc (rndlen + 1); | 100 | rnd = MHD_gnutls_malloc (rndlen + 1); |
101 | if (!rnd) | 101 | if (!rnd) |
102 | { | 102 | { |
103 | gnutls_assert (); | 103 | MHD_gnutls_assert (); |
104 | return GNUTLS_E_MEMORY_ERROR; | 104 | return GNUTLS_E_MEMORY_ERROR; |
105 | } | 105 | } |
106 | 106 | ||
107 | _gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n", | 107 | MHD__gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n", |
108 | session->security_parameters. | 108 | session->security_parameters. |
109 | extensions.oprfi_server_len, | 109 | extensions.oprfi_server_len, |
110 | mhd_gtls_bin2hex (session->security_parameters. | 110 | MHD_gtls_bin2hex (session->security_parameters. |
111 | extensions.oprfi_client, | 111 | extensions.oprfi_client, |
112 | session->security_parameters. | 112 | session->security_parameters. |
113 | extensions.oprfi_client_len, buf, | 113 | extensions.oprfi_client_len, buf, |
114 | sizeof (buf))); | 114 | sizeof (buf))); |
115 | _gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n", | 115 | MHD__gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n", |
116 | session->security_parameters. | 116 | session->security_parameters. |
117 | extensions.oprfi_server_len, | 117 | extensions.oprfi_server_len, |
118 | mhd_gtls_bin2hex (session->security_parameters. | 118 | MHD_gtls_bin2hex (session->security_parameters. |
119 | extensions.oprfi_server, | 119 | extensions.oprfi_server, |
120 | session->security_parameters. | 120 | session->security_parameters. |
121 | extensions.oprfi_server_len, buf, | 121 | extensions.oprfi_server_len, buf, |
@@ -135,12 +135,12 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
135 | session->security_parameters.extensions.oprfi_server, | 135 | session->security_parameters.extensions.oprfi_server, |
136 | session->security_parameters.extensions.oprfi_server_len); | 136 | session->security_parameters.extensions.oprfi_server_len); |
137 | 137 | ||
138 | ret = mhd_gtls_PRF (session, PREMASTER.data, PREMASTER.size, | 138 | ret = MHD_gtls_PRF (session, PREMASTER.data, PREMASTER.size, |
139 | MASTER_SECRET, strlen (MASTER_SECRET), | 139 | MASTER_SECRET, strlen (MASTER_SECRET), |
140 | rnd, rndlen, TLS_MASTER_SIZE, | 140 | rnd, rndlen, TLS_MASTER_SIZE, |
141 | session->security_parameters.master_secret); | 141 | session->security_parameters.master_secret); |
142 | 142 | ||
143 | gnutls_free (rnd); | 143 | MHD_gnutls_free (rnd); |
144 | } | 144 | } |
145 | else | 145 | else |
146 | { | 146 | { |
@@ -152,7 +152,7 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
152 | session->security_parameters.server_random, TLS_RANDOM_SIZE); | 152 | session->security_parameters.server_random, TLS_RANDOM_SIZE); |
153 | 153 | ||
154 | ret = | 154 | ret = |
155 | mhd_gtls_PRF (session, PREMASTER.data, PREMASTER.size, | 155 | MHD_gtls_PRF (session, PREMASTER.data, PREMASTER.size, |
156 | MASTER_SECRET, strlen (MASTER_SECRET), | 156 | MASTER_SECRET, strlen (MASTER_SECRET), |
157 | rnd, 2 * TLS_RANDOM_SIZE, TLS_MASTER_SIZE, | 157 | rnd, 2 * TLS_RANDOM_SIZE, TLS_MASTER_SIZE, |
158 | session->security_parameters.master_secret); | 158 | session->security_parameters.master_secret); |
@@ -163,13 +163,13 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
163 | session->security_parameters.master_secret, TLS_MASTER_SIZE); | 163 | session->security_parameters.master_secret, TLS_MASTER_SIZE); |
164 | 164 | ||
165 | if (!keep_premaster) | 165 | if (!keep_premaster) |
166 | _gnutls_free_datum (&PREMASTER); | 166 | MHD__gnutls_free_datum (&PREMASTER); |
167 | 167 | ||
168 | if (ret < 0) | 168 | if (ret < 0) |
169 | return ret; | 169 | return ret; |
170 | 170 | ||
171 | _gnutls_hard_log ("INT: MASTER SECRET: %s\n", | 171 | MHD__gnutls_hard_log ("INT: MASTER SECRET: %s\n", |
172 | mhd_gtls_bin2hex (session->security_parameters. | 172 | MHD_gtls_bin2hex (session->security_parameters. |
173 | master_secret, TLS_MASTER_SIZE, buf, | 173 | master_secret, TLS_MASTER_SIZE, buf, |
174 | sizeof (buf))); | 174 | sizeof (buf))); |
175 | 175 | ||
@@ -182,13 +182,13 @@ generate_normal_master (mhd_gtls_session_t session, int keep_premaster) | |||
182 | * by the selected ciphersuite. | 182 | * by the selected ciphersuite. |
183 | */ | 183 | */ |
184 | int | 184 | int |
185 | mhd_gtls_send_server_kx_message (mhd_gtls_session_t session, int again) | 185 | MHD_gtls_send_server_kx_message (MHD_gtls_session_t session, int again) |
186 | { | 186 | { |
187 | uint8_t *data = NULL; | 187 | uint8_t *data = NULL; |
188 | int data_size = 0; | 188 | int data_size = 0; |
189 | int ret = 0; | 189 | int ret = 0; |
190 | 190 | ||
191 | if (session->internals.auth_struct->mhd_gtls_gen_server_kx == NULL) | 191 | if (session->internals.auth_struct->MHD_gtls_gen_server_kx == NULL) |
192 | return 0; | 192 | return 0; |
193 | 193 | ||
194 | data = NULL; | 194 | data = NULL; |
@@ -197,30 +197,30 @@ mhd_gtls_send_server_kx_message (mhd_gtls_session_t session, int again) | |||
197 | if (again == 0) | 197 | if (again == 0) |
198 | { | 198 | { |
199 | data_size = | 199 | data_size = |
200 | session->internals.auth_struct->mhd_gtls_gen_server_kx (session, | 200 | session->internals.auth_struct->MHD_gtls_gen_server_kx (session, |
201 | &data); | 201 | &data); |
202 | 202 | ||
203 | if (data_size == GNUTLS_E_INT_RET_0) | 203 | if (data_size == GNUTLS_E_INT_RET_0) |
204 | { | 204 | { |
205 | gnutls_assert (); | 205 | MHD_gnutls_assert (); |
206 | return 0; | 206 | return 0; |
207 | } | 207 | } |
208 | 208 | ||
209 | if (data_size < 0) | 209 | if (data_size < 0) |
210 | { | 210 | { |
211 | gnutls_assert (); | 211 | MHD_gnutls_assert (); |
212 | return data_size; | 212 | return data_size; |
213 | } | 213 | } |
214 | } | 214 | } |
215 | 215 | ||
216 | ret = | 216 | ret = |
217 | mhd_gtls_send_handshake (session, data, data_size, | 217 | MHD_gtls_send_handshake (session, data, data_size, |
218 | GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE); | 218 | GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE); |
219 | gnutls_free (data); | 219 | MHD_gnutls_free (data); |
220 | 220 | ||
221 | if (ret < 0) | 221 | if (ret < 0) |
222 | { | 222 | { |
223 | gnutls_assert (); | 223 | MHD_gnutls_assert (); |
224 | return ret; | 224 | return ret; |
225 | } | 225 | } |
226 | return data_size; | 226 | return data_size; |
@@ -230,7 +230,7 @@ mhd_gtls_send_server_kx_message (mhd_gtls_session_t session, int again) | |||
230 | * client. | 230 | * client. |
231 | */ | 231 | */ |
232 | int | 232 | int |
233 | mhd_gtls_send_server_certificate_request (mhd_gtls_session_t session, | 233 | MHD_gtls_send_server_certificate_request (MHD_gtls_session_t session, |
234 | int again) | 234 | int again) |
235 | { | 235 | { |
236 | uint8_t *data = NULL; | 236 | uint8_t *data = NULL; |
@@ -238,7 +238,7 @@ mhd_gtls_send_server_certificate_request (mhd_gtls_session_t session, | |||
238 | int ret = 0; | 238 | int ret = 0; |
239 | 239 | ||
240 | if (session->internals.auth_struct-> | 240 | if (session->internals.auth_struct-> |
241 | mhd_gtls_gen_server_certificate_request == NULL) | 241 | MHD_gtls_gen_server_certificate_request == NULL) |
242 | return 0; | 242 | return 0; |
243 | 243 | ||
244 | if (session->internals.send_cert_req <= 0) | 244 | if (session->internals.send_cert_req <= 0) |
@@ -251,22 +251,22 @@ mhd_gtls_send_server_certificate_request (mhd_gtls_session_t session, | |||
251 | { | 251 | { |
252 | data_size = | 252 | data_size = |
253 | session->internals.auth_struct-> | 253 | session->internals.auth_struct-> |
254 | mhd_gtls_gen_server_certificate_request (session, &data); | 254 | MHD_gtls_gen_server_certificate_request (session, &data); |
255 | 255 | ||
256 | if (data_size < 0) | 256 | if (data_size < 0) |
257 | { | 257 | { |
258 | gnutls_assert (); | 258 | MHD_gnutls_assert (); |
259 | return data_size; | 259 | return data_size; |
260 | } | 260 | } |
261 | } | 261 | } |
262 | ret = | 262 | ret = |
263 | mhd_gtls_send_handshake (session, data, data_size, | 263 | MHD_gtls_send_handshake (session, data, data_size, |
264 | GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST); | 264 | GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST); |
265 | gnutls_free (data); | 265 | MHD_gnutls_free (data); |
266 | 266 | ||
267 | if (ret < 0) | 267 | if (ret < 0) |
268 | { | 268 | { |
269 | gnutls_assert (); | 269 | MHD_gnutls_assert (); |
270 | return ret; | 270 | return ret; |
271 | } | 271 | } |
272 | return data_size; | 272 | return data_size; |
@@ -277,13 +277,13 @@ mhd_gtls_send_server_certificate_request (mhd_gtls_session_t session, | |||
277 | * exchange message | 277 | * exchange message |
278 | */ | 278 | */ |
279 | int | 279 | int |
280 | mhd_gtls_send_client_kx_message (mhd_gtls_session_t session, int again) | 280 | MHD_gtls_send_client_kx_message (MHD_gtls_session_t session, int again) |
281 | { | 281 | { |
282 | uint8_t *data; | 282 | uint8_t *data; |
283 | int data_size; | 283 | int data_size; |
284 | int ret = 0; | 284 | int ret = 0; |
285 | 285 | ||
286 | if (session->internals.auth_struct->mhd_gtls_gen_client_kx == NULL) | 286 | if (session->internals.auth_struct->MHD_gtls_gen_client_kx == NULL) |
287 | return 0; | 287 | return 0; |
288 | 288 | ||
289 | 289 | ||
@@ -293,22 +293,22 @@ mhd_gtls_send_client_kx_message (mhd_gtls_session_t session, int again) | |||
293 | if (again == 0) | 293 | if (again == 0) |
294 | { | 294 | { |
295 | data_size = | 295 | data_size = |
296 | session->internals.auth_struct->mhd_gtls_gen_client_kx (session, | 296 | session->internals.auth_struct->MHD_gtls_gen_client_kx (session, |
297 | &data); | 297 | &data); |
298 | if (data_size < 0) | 298 | if (data_size < 0) |
299 | { | 299 | { |
300 | gnutls_assert (); | 300 | MHD_gnutls_assert (); |
301 | return data_size; | 301 | return data_size; |
302 | } | 302 | } |
303 | } | 303 | } |
304 | ret = | 304 | ret = |
305 | mhd_gtls_send_handshake (session, data, data_size, | 305 | MHD_gtls_send_handshake (session, data, data_size, |
306 | GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE); | 306 | GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE); |
307 | gnutls_free (data); | 307 | MHD_gnutls_free (data); |
308 | 308 | ||
309 | if (ret < 0) | 309 | if (ret < 0) |
310 | { | 310 | { |
311 | gnutls_assert (); | 311 | MHD_gnutls_assert (); |
312 | return ret; | 312 | return ret; |
313 | } | 313 | } |
314 | 314 | ||
@@ -320,7 +320,7 @@ mhd_gtls_send_client_kx_message (mhd_gtls_session_t session, int again) | |||
320 | * verify message | 320 | * verify message |
321 | */ | 321 | */ |
322 | int | 322 | int |
323 | mhd_gtls_send_client_certificate_verify (mhd_gtls_session_t session, | 323 | MHD_gtls_send_client_certificate_verify (MHD_gtls_session_t session, |
324 | int again) | 324 | int again) |
325 | { | 325 | { |
326 | uint8_t *data; | 326 | uint8_t *data; |
@@ -337,9 +337,9 @@ mhd_gtls_send_client_certificate_verify (mhd_gtls_session_t session, | |||
337 | if (session->key->certificate_requested == 0) | 337 | if (session->key->certificate_requested == 0) |
338 | return 0; | 338 | return 0; |
339 | 339 | ||
340 | if (session->internals.auth_struct->mhd_gtls_gen_client_cert_vrfy == NULL) | 340 | if (session->internals.auth_struct->MHD_gtls_gen_client_cert_vrfy == NULL) |
341 | { | 341 | { |
342 | gnutls_assert (); | 342 | MHD_gnutls_assert (); |
343 | return 0; /* this algorithm does not support cli_cert_vrfy | 343 | return 0; /* this algorithm does not support cli_cert_vrfy |
344 | */ | 344 | */ |
345 | } | 345 | } |
@@ -351,10 +351,10 @@ mhd_gtls_send_client_certificate_verify (mhd_gtls_session_t session, | |||
351 | { | 351 | { |
352 | data_size = | 352 | data_size = |
353 | session->internals.auth_struct-> | 353 | session->internals.auth_struct-> |
354 | mhd_gtls_gen_client_cert_vrfy (session, &data); | 354 | MHD_gtls_gen_client_cert_vrfy (session, &data); |
355 | if (data_size < 0) | 355 | if (data_size < 0) |
356 | { | 356 | { |
357 | gnutls_assert (); | 357 | MHD_gnutls_assert (); |
358 | return data_size; | 358 | return data_size; |
359 | } | 359 | } |
360 | if (data_size == 0) | 360 | if (data_size == 0) |
@@ -362,53 +362,53 @@ mhd_gtls_send_client_certificate_verify (mhd_gtls_session_t session, | |||
362 | 362 | ||
363 | } | 363 | } |
364 | ret = | 364 | ret = |
365 | mhd_gtls_send_handshake (session, data, | 365 | MHD_gtls_send_handshake (session, data, |
366 | data_size, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY); | 366 | data_size, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY); |
367 | gnutls_free (data); | 367 | MHD_gnutls_free (data); |
368 | 368 | ||
369 | return ret; | 369 | return ret; |
370 | } | 370 | } |
371 | 371 | ||
372 | 372 | ||
373 | int | 373 | int |
374 | mhd_gtls_recv_server_kx_message (mhd_gtls_session_t session) | 374 | MHD_gtls_recv_server_kx_message (MHD_gtls_session_t session) |
375 | { | 375 | { |
376 | uint8_t *data = NULL; | 376 | uint8_t *data = NULL; |
377 | int datasize; | 377 | int datasize; |
378 | int ret = 0; | 378 | int ret = 0; |
379 | 379 | ||
380 | if (session->internals.auth_struct->mhd_gtls_process_server_kx != NULL) | 380 | if (session->internals.auth_struct->MHD_gtls_process_server_kx != NULL) |
381 | { | 381 | { |
382 | 382 | ||
383 | /* EXCEPTION FOR RSA_EXPORT cipher suite | 383 | /* EXCEPTION FOR RSA_EXPORT cipher suite |
384 | */ | 384 | */ |
385 | if (mhd_gtls_session_is_export (session) != 0 && | 385 | if (MHD_gtls_session_is_export (session) != 0 && |
386 | _gnutls_peers_cert_less_512 (session) != 0) | 386 | MHD__gnutls_peers_cert_less_512 (session) != 0) |
387 | { | 387 | { |
388 | gnutls_assert (); | 388 | MHD_gnutls_assert (); |
389 | return 0; | 389 | return 0; |
390 | } | 390 | } |
391 | 391 | ||
392 | ret = | 392 | ret = |
393 | mhd_gtls_recv_handshake (session, &data, | 393 | MHD_gtls_recv_handshake (session, &data, |
394 | &datasize, | 394 | &datasize, |
395 | GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE, | 395 | GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE, |
396 | MANDATORY_PACKET); | 396 | MANDATORY_PACKET); |
397 | if (ret < 0) | 397 | if (ret < 0) |
398 | { | 398 | { |
399 | gnutls_assert (); | 399 | MHD_gnutls_assert (); |
400 | return ret; | 400 | return ret; |
401 | } | 401 | } |
402 | 402 | ||
403 | ret = | 403 | ret = |
404 | session->internals.auth_struct->mhd_gtls_process_server_kx (session, | 404 | session->internals.auth_struct->MHD_gtls_process_server_kx (session, |
405 | data, | 405 | data, |
406 | datasize); | 406 | datasize); |
407 | gnutls_free (data); | 407 | MHD_gnutls_free (data); |
408 | 408 | ||
409 | if (ret < 0) | 409 | if (ret < 0) |
410 | { | 410 | { |
411 | gnutls_assert (); | 411 | MHD_gnutls_assert (); |
412 | return ret; | 412 | return ret; |
413 | } | 413 | } |
414 | 414 | ||
@@ -417,18 +417,18 @@ mhd_gtls_recv_server_kx_message (mhd_gtls_session_t session) | |||
417 | } | 417 | } |
418 | 418 | ||
419 | int | 419 | int |
420 | mhd_gtls_recv_server_certificate_request (mhd_gtls_session_t session) | 420 | MHD_gtls_recv_server_certificate_request (MHD_gtls_session_t session) |
421 | { | 421 | { |
422 | uint8_t *data; | 422 | uint8_t *data; |
423 | int datasize; | 423 | int datasize; |
424 | int ret = 0; | 424 | int ret = 0; |
425 | 425 | ||
426 | if (session->internals.auth_struct-> | 426 | if (session->internals.auth_struct-> |
427 | mhd_gtls_process_server_certificate_request != NULL) | 427 | MHD_gtls_process_server_certificate_request != NULL) |
428 | { | 428 | { |
429 | 429 | ||
430 | ret = | 430 | ret = |
431 | mhd_gtls_recv_handshake (session, &data, | 431 | MHD_gtls_recv_handshake (session, &data, |
432 | &datasize, | 432 | &datasize, |
433 | GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST, | 433 | GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST, |
434 | OPTIONAL_PACKET); | 434 | OPTIONAL_PACKET); |
@@ -440,8 +440,8 @@ mhd_gtls_recv_server_certificate_request (mhd_gtls_session_t session) | |||
440 | 440 | ||
441 | ret = | 441 | ret = |
442 | session->internals.auth_struct-> | 442 | session->internals.auth_struct-> |
443 | mhd_gtls_process_server_certificate_request (session, data, datasize); | 443 | MHD_gtls_process_server_certificate_request (session, data, datasize); |
444 | gnutls_free (data); | 444 | MHD_gnutls_free (data); |
445 | if (ret < 0) | 445 | if (ret < 0) |
446 | return ret; | 446 | return ret; |
447 | 447 | ||
@@ -450,7 +450,7 @@ mhd_gtls_recv_server_certificate_request (mhd_gtls_session_t session) | |||
450 | } | 450 | } |
451 | 451 | ||
452 | int | 452 | int |
453 | mhd_gtls_recv_client_kx_message (mhd_gtls_session_t session) | 453 | MHD_gtls_recv_client_kx_message (MHD_gtls_session_t session) |
454 | { | 454 | { |
455 | uint8_t *data; | 455 | uint8_t *data; |
456 | int datasize; | 456 | int datasize; |
@@ -458,11 +458,11 @@ mhd_gtls_recv_client_kx_message (mhd_gtls_session_t session) | |||
458 | 458 | ||
459 | 459 | ||
460 | /* Do key exchange only if the algorithm permits it */ | 460 | /* Do key exchange only if the algorithm permits it */ |
461 | if (session->internals.auth_struct->mhd_gtls_process_client_kx != NULL) | 461 | if (session->internals.auth_struct->MHD_gtls_process_client_kx != NULL) |
462 | { | 462 | { |
463 | 463 | ||
464 | ret = | 464 | ret = |
465 | mhd_gtls_recv_handshake (session, &data, | 465 | MHD_gtls_recv_handshake (session, &data, |
466 | &datasize, | 466 | &datasize, |
467 | GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE, | 467 | GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE, |
468 | MANDATORY_PACKET); | 468 | MANDATORY_PACKET); |
@@ -470,10 +470,10 @@ mhd_gtls_recv_client_kx_message (mhd_gtls_session_t session) | |||
470 | return ret; | 470 | return ret; |
471 | 471 | ||
472 | ret = | 472 | ret = |
473 | session->internals.auth_struct->mhd_gtls_process_client_kx (session, | 473 | session->internals.auth_struct->MHD_gtls_process_client_kx (session, |
474 | data, | 474 | data, |
475 | datasize); | 475 | datasize); |
476 | gnutls_free (data); | 476 | MHD_gnutls_free (data); |
477 | if (ret < 0) | 477 | if (ret < 0) |
478 | return ret; | 478 | return ret; |
479 | 479 | ||
@@ -486,7 +486,7 @@ mhd_gtls_recv_client_kx_message (mhd_gtls_session_t session) | |||
486 | /* This is called when we want send our certificate | 486 | /* This is called when we want send our certificate |
487 | */ | 487 | */ |
488 | int | 488 | int |
489 | mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | 489 | MHD_gtls_send_client_certificate (MHD_gtls_session_t session, int again) |
490 | { | 490 | { |
491 | uint8_t *data = NULL; | 491 | uint8_t *data = NULL; |
492 | int data_size = 0; | 492 | int data_size = 0; |
@@ -496,7 +496,7 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
496 | if (session->key->certificate_requested == 0) | 496 | if (session->key->certificate_requested == 0) |
497 | return 0; | 497 | return 0; |
498 | 498 | ||
499 | if (session->internals.auth_struct->mhd_gtls_gen_client_certificate == NULL) | 499 | if (session->internals.auth_struct->MHD_gtls_gen_client_certificate == NULL) |
500 | return 0; | 500 | return 0; |
501 | 501 | ||
502 | data = NULL; | 502 | data = NULL; |
@@ -504,18 +504,18 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
504 | 504 | ||
505 | if (again == 0) | 505 | if (again == 0) |
506 | { | 506 | { |
507 | if (MHD_gnutls_protocol_get_version (session) != MHD_GNUTLS_PROTOCOL_SSL3 || | 507 | if (MHD__gnutls_protocol_get_version (session) != MHD_GNUTLS_PROTOCOL_SSL3 || |
508 | session->internals.selected_cert_list_length > 0) | 508 | session->internals.selected_cert_list_length > 0) |
509 | { | 509 | { |
510 | /* TLS 1.0 or SSL 3.0 with a valid certificate | 510 | /* TLS 1.0 or SSL 3.0 with a valid certificate |
511 | */ | 511 | */ |
512 | data_size = | 512 | data_size = |
513 | session->internals.auth_struct-> | 513 | session->internals.auth_struct-> |
514 | mhd_gtls_gen_client_certificate (session, &data); | 514 | MHD_gtls_gen_client_certificate (session, &data); |
515 | 515 | ||
516 | if (data_size < 0) | 516 | if (data_size < 0) |
517 | { | 517 | { |
518 | gnutls_assert (); | 518 | MHD_gnutls_assert (); |
519 | return data_size; | 519 | return data_size; |
520 | } | 520 | } |
521 | } | 521 | } |
@@ -525,11 +525,11 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
525 | * no certificate alert instead of an | 525 | * no certificate alert instead of an |
526 | * empty certificate. | 526 | * empty certificate. |
527 | */ | 527 | */ |
528 | if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && | 528 | if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && |
529 | session->internals.selected_cert_list_length == 0) | 529 | session->internals.selected_cert_list_length == 0) |
530 | { | 530 | { |
531 | ret = | 531 | ret = |
532 | MHD_gnutls_alert_send (session, GNUTLS_AL_WARNING, | 532 | MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING, |
533 | GNUTLS_A_SSL3_NO_CERTIFICATE); | 533 | GNUTLS_A_SSL3_NO_CERTIFICATE); |
534 | 534 | ||
535 | } | 535 | } |
@@ -537,14 +537,14 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
537 | { /* TLS 1.0 or SSL 3.0 with a valid certificate | 537 | { /* TLS 1.0 or SSL 3.0 with a valid certificate |
538 | */ | 538 | */ |
539 | ret = | 539 | ret = |
540 | mhd_gtls_send_handshake (session, data, data_size, | 540 | MHD_gtls_send_handshake (session, data, data_size, |
541 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT); | 541 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT); |
542 | gnutls_free (data); | 542 | MHD_gnutls_free (data); |
543 | } | 543 | } |
544 | 544 | ||
545 | if (ret < 0) | 545 | if (ret < 0) |
546 | { | 546 | { |
547 | gnutls_assert (); | 547 | MHD_gnutls_assert (); |
548 | return ret; | 548 | return ret; |
549 | } | 549 | } |
550 | 550 | ||
@@ -555,14 +555,14 @@ mhd_gtls_send_client_certificate (mhd_gtls_session_t session, int again) | |||
555 | /* This is called when we want send our certificate | 555 | /* This is called when we want send our certificate |
556 | */ | 556 | */ |
557 | int | 557 | int |
558 | mhd_gtls_send_server_certificate (mhd_gtls_session_t session, int again) | 558 | MHD_gtls_send_server_certificate (MHD_gtls_session_t session, int again) |
559 | { | 559 | { |
560 | uint8_t *data = NULL; | 560 | uint8_t *data = NULL; |
561 | int data_size = 0; | 561 | int data_size = 0; |
562 | int ret = 0; | 562 | int ret = 0; |
563 | 563 | ||
564 | 564 | ||
565 | if (session->internals.auth_struct->mhd_gtls_gen_server_certificate == NULL) | 565 | if (session->internals.auth_struct->MHD_gtls_gen_server_certificate == NULL) |
566 | return 0; | 566 | return 0; |
567 | 567 | ||
568 | data = NULL; | 568 | data = NULL; |
@@ -572,22 +572,22 @@ mhd_gtls_send_server_certificate (mhd_gtls_session_t session, int again) | |||
572 | { | 572 | { |
573 | data_size = | 573 | data_size = |
574 | session->internals.auth_struct-> | 574 | session->internals.auth_struct-> |
575 | mhd_gtls_gen_server_certificate (session, &data); | 575 | MHD_gtls_gen_server_certificate (session, &data); |
576 | 576 | ||
577 | if (data_size < 0) | 577 | if (data_size < 0) |
578 | { | 578 | { |
579 | gnutls_assert (); | 579 | MHD_gnutls_assert (); |
580 | return data_size; | 580 | return data_size; |
581 | } | 581 | } |
582 | } | 582 | } |
583 | ret = | 583 | ret = |
584 | mhd_gtls_send_handshake (session, data, data_size, | 584 | MHD_gtls_send_handshake (session, data, data_size, |
585 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT); | 585 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT); |
586 | gnutls_free (data); | 586 | MHD_gnutls_free (data); |
587 | 587 | ||
588 | if (ret < 0) | 588 | if (ret < 0) |
589 | { | 589 | { |
590 | gnutls_assert (); | 590 | MHD_gnutls_assert (); |
591 | return ret; | 591 | return ret; |
592 | } | 592 | } |
593 | 593 | ||
@@ -596,14 +596,14 @@ mhd_gtls_send_server_certificate (mhd_gtls_session_t session, int again) | |||
596 | 596 | ||
597 | 597 | ||
598 | int | 598 | int |
599 | mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | 599 | MHD_gtls_recv_client_certificate (MHD_gtls_session_t session) |
600 | { | 600 | { |
601 | int datasize; | 601 | int datasize; |
602 | opaque *data; | 602 | opaque *data; |
603 | int ret = 0; | 603 | int ret = 0; |
604 | int optional; | 604 | int optional; |
605 | 605 | ||
606 | if (session->internals.auth_struct->mhd_gtls_process_client_certificate != | 606 | if (session->internals.auth_struct->MHD_gtls_process_client_certificate != |
607 | NULL) | 607 | NULL) |
608 | { | 608 | { |
609 | 609 | ||
@@ -620,7 +620,7 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
620 | optional = OPTIONAL_PACKET; | 620 | optional = OPTIONAL_PACKET; |
621 | 621 | ||
622 | ret = | 622 | ret = |
623 | mhd_gtls_recv_handshake (session, &data, | 623 | MHD_gtls_recv_handshake (session, &data, |
624 | &datasize, | 624 | &datasize, |
625 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT, optional); | 625 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT, optional); |
626 | 626 | ||
@@ -632,14 +632,14 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
632 | */ | 632 | */ |
633 | if (optional == OPTIONAL_PACKET && | 633 | if (optional == OPTIONAL_PACKET && |
634 | ret == GNUTLS_E_WARNING_ALERT_RECEIVED && | 634 | ret == GNUTLS_E_WARNING_ALERT_RECEIVED && |
635 | MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && | 635 | MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && |
636 | gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE) | 636 | MHD_gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE) |
637 | { | 637 | { |
638 | 638 | ||
639 | /* SSL3 does not send an empty certificate, | 639 | /* SSL3 does not send an empty certificate, |
640 | * but this alert. So we just ignore it. | 640 | * but this alert. So we just ignore it. |
641 | */ | 641 | */ |
642 | gnutls_assert (); | 642 | MHD_gnutls_assert (); |
643 | return 0; | 643 | return 0; |
644 | } | 644 | } |
645 | 645 | ||
@@ -649,7 +649,7 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
649 | || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) | 649 | || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) |
650 | && optional == MANDATORY_PACKET) | 650 | && optional == MANDATORY_PACKET) |
651 | { | 651 | { |
652 | gnutls_assert (); | 652 | MHD_gnutls_assert (); |
653 | return GNUTLS_E_NO_CERTIFICATE_FOUND; | 653 | return GNUTLS_E_NO_CERTIFICATE_FOUND; |
654 | } | 654 | } |
655 | 655 | ||
@@ -662,17 +662,17 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
662 | * well I'm not sure we should accept this | 662 | * well I'm not sure we should accept this |
663 | * behaviour. | 663 | * behaviour. |
664 | */ | 664 | */ |
665 | gnutls_assert (); | 665 | MHD_gnutls_assert (); |
666 | return 0; | 666 | return 0; |
667 | } | 667 | } |
668 | ret = | 668 | ret = |
669 | session->internals.auth_struct-> | 669 | session->internals.auth_struct-> |
670 | mhd_gtls_process_client_certificate (session, data, datasize); | 670 | MHD_gtls_process_client_certificate (session, data, datasize); |
671 | 671 | ||
672 | gnutls_free (data); | 672 | MHD_gnutls_free (data); |
673 | if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) | 673 | if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) |
674 | { | 674 | { |
675 | gnutls_assert (); | 675 | MHD_gnutls_assert (); |
676 | return ret; | 676 | return ret; |
677 | } | 677 | } |
678 | 678 | ||
@@ -689,34 +689,34 @@ mhd_gtls_recv_client_certificate (mhd_gtls_session_t session) | |||
689 | } | 689 | } |
690 | 690 | ||
691 | int | 691 | int |
692 | mhd_gtls_recv_server_certificate (mhd_gtls_session_t session) | 692 | MHD_gtls_recv_server_certificate (MHD_gtls_session_t session) |
693 | { | 693 | { |
694 | int datasize; | 694 | int datasize; |
695 | opaque *data; | 695 | opaque *data; |
696 | int ret = 0; | 696 | int ret = 0; |
697 | 697 | ||
698 | if (session->internals.auth_struct->mhd_gtls_process_server_certificate != | 698 | if (session->internals.auth_struct->MHD_gtls_process_server_certificate != |
699 | NULL) | 699 | NULL) |
700 | { | 700 | { |
701 | 701 | ||
702 | ret = | 702 | ret = |
703 | mhd_gtls_recv_handshake (session, &data, | 703 | MHD_gtls_recv_handshake (session, &data, |
704 | &datasize, | 704 | &datasize, |
705 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT, | 705 | GNUTLS_HANDSHAKE_CERTIFICATE_PKT, |
706 | MANDATORY_PACKET); | 706 | MANDATORY_PACKET); |
707 | if (ret < 0) | 707 | if (ret < 0) |
708 | { | 708 | { |
709 | gnutls_assert (); | 709 | MHD_gnutls_assert (); |
710 | return ret; | 710 | return ret; |
711 | } | 711 | } |
712 | 712 | ||
713 | ret = | 713 | ret = |
714 | session->internals.auth_struct-> | 714 | session->internals.auth_struct-> |
715 | mhd_gtls_process_server_certificate (session, data, datasize); | 715 | MHD_gtls_process_server_certificate (session, data, datasize); |
716 | gnutls_free (data); | 716 | MHD_gnutls_free (data); |
717 | if (ret < 0) | 717 | if (ret < 0) |
718 | { | 718 | { |
719 | gnutls_assert (); | 719 | MHD_gnutls_assert (); |
720 | return ret; | 720 | return ret; |
721 | } | 721 | } |
722 | } | 722 | } |
@@ -729,14 +729,14 @@ mhd_gtls_recv_server_certificate (mhd_gtls_session_t session) | |||
729 | * arrive if the peer did not send us a certificate. | 729 | * arrive if the peer did not send us a certificate. |
730 | */ | 730 | */ |
731 | int | 731 | int |
732 | mhd_gtls_recv_client_certificate_verify_message (mhd_gtls_session_t session) | 732 | MHD_gtls_recv_client_certificate_verify_message (MHD_gtls_session_t session) |
733 | { | 733 | { |
734 | uint8_t *data; | 734 | uint8_t *data; |
735 | int datasize; | 735 | int datasize; |
736 | int ret = 0; | 736 | int ret = 0; |
737 | 737 | ||
738 | 738 | ||
739 | if (session->internals.auth_struct->mhd_gtls_process_client_cert_vrfy != | 739 | if (session->internals.auth_struct->MHD_gtls_process_client_cert_vrfy != |
740 | NULL) | 740 | NULL) |
741 | { | 741 | { |
742 | 742 | ||
@@ -747,7 +747,7 @@ mhd_gtls_recv_client_certificate_verify_message (mhd_gtls_session_t session) | |||
747 | } | 747 | } |
748 | 748 | ||
749 | ret = | 749 | ret = |
750 | mhd_gtls_recv_handshake (session, &data, | 750 | MHD_gtls_recv_handshake (session, &data, |
751 | &datasize, | 751 | &datasize, |
752 | GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY, | 752 | GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY, |
753 | OPTIONAL_PACKET); | 753 | OPTIONAL_PACKET); |
@@ -758,14 +758,14 @@ mhd_gtls_recv_client_certificate_verify_message (mhd_gtls_session_t session) | |||
758 | && session->internals.send_cert_req == GNUTLS_CERT_REQUIRE) | 758 | && session->internals.send_cert_req == GNUTLS_CERT_REQUIRE) |
759 | { | 759 | { |
760 | /* certificate was required */ | 760 | /* certificate was required */ |
761 | gnutls_assert (); | 761 | MHD_gnutls_assert (); |
762 | return GNUTLS_E_NO_CERTIFICATE_FOUND; | 762 | return GNUTLS_E_NO_CERTIFICATE_FOUND; |
763 | } | 763 | } |
764 | 764 | ||
765 | ret = | 765 | ret = |
766 | session->internals.auth_struct-> | 766 | session->internals.auth_struct-> |
767 | mhd_gtls_process_client_cert_vrfy (session, data, datasize); | 767 | MHD_gtls_process_client_cert_vrfy (session, data, datasize); |
768 | gnutls_free (data); | 768 | MHD_gnutls_free (data); |
769 | if (ret < 0) | 769 | if (ret < 0) |
770 | return ret; | 770 | return ret; |
771 | 771 | ||