diff options
Diffstat (limited to 'src/daemon/https')
-rw-r--r-- | src/daemon/https/compat.h (renamed from src/daemon/https/includes/compat.h) | 0 | ||||
-rw-r--r-- | src/daemon/https/extra.h (renamed from src/daemon/https/includes/extra.h) | 0 | ||||
-rw-r--r-- | src/daemon/https/gnutls.h (renamed from src/daemon/https/includes/gnutls.h) | 0 | ||||
-rw-r--r-- | src/daemon/https/https_common.c | 702 | ||||
-rw-r--r-- | src/daemon/https/https_common.h | 40 | ||||
-rw-r--r-- | src/daemon/https/includes/Makefile.am | 3 | ||||
-rw-r--r-- | src/daemon/https/openpgp/Makefile.am | 2 | ||||
-rw-r--r-- | src/daemon/https/tls/Makefile.am | 2 | ||||
-rw-r--r-- | src/daemon/https/x509/Makefile.am | 2 |
9 files changed, 3 insertions, 748 deletions
diff --git a/src/daemon/https/includes/compat.h b/src/daemon/https/compat.h index 32f5d2bd..32f5d2bd 100644 --- a/src/daemon/https/includes/compat.h +++ b/src/daemon/https/compat.h | |||
diff --git a/src/daemon/https/includes/extra.h b/src/daemon/https/extra.h index 0c363259..0c363259 100644 --- a/src/daemon/https/includes/extra.h +++ b/src/daemon/https/extra.h | |||
diff --git a/src/daemon/https/includes/gnutls.h b/src/daemon/https/gnutls.h index df34e72c..df34e72c 100644 --- a/src/daemon/https/includes/gnutls.h +++ b/src/daemon/https/gnutls.h | |||
diff --git a/src/daemon/https/https_common.c b/src/daemon/https/https_common.c deleted file mode 100644 index de978219..00000000 --- a/src/daemon/https/https_common.c +++ /dev/null | |||
@@ -1,702 +0,0 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007 Free Software Foundation | ||
3 | * Author: Nikos Mavrogiannopoulos | ||
4 | * | ||
5 | * This file is part of GNUTLS. | ||
6 | * | ||
7 | * GNUTLS is free software: you can redistribute it and/or modify | ||
8 | * it under the terms of the GNU General Public License as published by | ||
9 | * the Free Software Foundation, either version 3 of the License, or | ||
10 | * (at your option) any later version. | ||
11 | * | ||
12 | * GNUTLS is distributed in the hope that it will be useful, | ||
13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
15 | * GNU General Public License for more details. | ||
16 | * | ||
17 | * You should have received a copy of the GNU General Public License | ||
18 | * along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
19 | */ | ||
20 | |||
21 | #include <config.h> | ||
22 | #include <stdio.h> | ||
23 | #include <stdlib.h> | ||
24 | #include <string.h> | ||
25 | |||
26 | #include <gnutls.h> | ||
27 | #include <extra.h> | ||
28 | #include <time.h> | ||
29 | #include "https_common.h" | ||
30 | |||
31 | #define TEST_STRING | ||
32 | #define SU(x) (x!=NULL?x:"Unknown") | ||
33 | |||
34 | // TODO clean - originaly from tls_test extern int verbose; | ||
35 | int print_cert; | ||
36 | int verbose = 0; | ||
37 | |||
38 | static char buffer[5 * 1024]; | ||
39 | |||
40 | #define PRINTX(x,y) if (y[0]!=0) printf(" # %s %s\n", x, y) | ||
41 | #define PRINT_PGP_NAME(X) PRINTX( "NAME:", name) | ||
42 | |||
43 | const char str_unknown[] = "(unknown)"; | ||
44 | |||
45 | /* Hex encodes the given data. | ||
46 | */ | ||
47 | const char * | ||
48 | raw_to_string (const unsigned char *raw, size_t raw_size) | ||
49 | { | ||
50 | static char buf[1024]; | ||
51 | size_t i; | ||
52 | if (raw_size == 0) | ||
53 | return NULL; | ||
54 | |||
55 | if (raw_size * 3 + 1 >= sizeof (buf)) | ||
56 | return NULL; | ||
57 | |||
58 | for (i = 0; i < raw_size; i++) | ||
59 | { | ||
60 | sprintf (&(buf[i * 3]), "%02X%s", raw[i], (i == raw_size - 1) ? "" | ||
61 | : ":"); | ||
62 | } | ||
63 | buf[sizeof (buf) - 1] = '\0'; | ||
64 | |||
65 | return buf; | ||
66 | } | ||
67 | |||
68 | static const char * | ||
69 | my_ctime (const time_t * tv) | ||
70 | { | ||
71 | static char buf[256]; | ||
72 | struct tm *tp; | ||
73 | |||
74 | if (((tp = localtime (tv)) == NULL) || (!strftime (buf, sizeof buf, | ||
75 | "%a %b %e %H:%M:%S %Z %Y\n", | ||
76 | tp))) | ||
77 | strcpy (buf, str_unknown); /* make sure buf text isn't garbage */ | ||
78 | |||
79 | return buf; | ||
80 | |||
81 | } | ||
82 | |||
83 | void | ||
84 | print_x509_info (gnutls_session_t session, const char *hostname) | ||
85 | { | ||
86 | gnutls_x509_crt_t crt; | ||
87 | const gnutls_datum_t *cert_list; | ||
88 | unsigned int cert_list_size = 0; | ||
89 | int ret; | ||
90 | char digest[20]; | ||
91 | char serial[40]; | ||
92 | char dn[256]; | ||
93 | size_t dn_size; | ||
94 | size_t digest_size = sizeof (digest); | ||
95 | unsigned int j; | ||
96 | size_t serial_size = sizeof (serial); | ||
97 | const char *print; | ||
98 | const char *cstr; | ||
99 | unsigned int bits, algo; | ||
100 | time_t expiret, activet; | ||
101 | |||
102 | cert_list = gnutls_certificate_get_peers (session, &cert_list_size); | ||
103 | |||
104 | if (cert_list_size == 0) | ||
105 | { | ||
106 | fprintf (stderr, "No certificates found!\n"); | ||
107 | return; | ||
108 | } | ||
109 | |||
110 | printf (" - Got a certificate list of %d certificates.\n\n", | ||
111 | cert_list_size); | ||
112 | |||
113 | for (j = 0; j < (unsigned int) cert_list_size; j++) | ||
114 | { | ||
115 | |||
116 | gnutls_x509_crt_init (&crt); | ||
117 | ret = gnutls_x509_crt_import (crt, &cert_list[j], GNUTLS_X509_FMT_DER); | ||
118 | if (ret < 0) | ||
119 | { | ||
120 | fprintf (stderr, "Decoding error: %s\n", gnutls_strerror (ret)); | ||
121 | return; | ||
122 | } | ||
123 | |||
124 | printf (" - Certificate[%d] info:\n", j); | ||
125 | |||
126 | if (print_cert) | ||
127 | { | ||
128 | size_t size; | ||
129 | |||
130 | size = sizeof (buffer); | ||
131 | |||
132 | ret = | ||
133 | gnutls_x509_crt_export (crt, GNUTLS_X509_FMT_PEM, buffer, &size); | ||
134 | if (ret < 0) | ||
135 | { | ||
136 | fprintf (stderr, "Encoding error: %s\n", gnutls_strerror (ret)); | ||
137 | return; | ||
138 | } | ||
139 | fputs ("\n", stdout); | ||
140 | fputs (buffer, stdout); | ||
141 | fputs ("\n", stdout); | ||
142 | } | ||
143 | |||
144 | if (j == 0 && hostname != NULL) | ||
145 | { /* Check the hostname of the first certificate | ||
146 | * if it matches the name of the host we | ||
147 | * connected to. | ||
148 | */ | ||
149 | if (gnutls_x509_crt_check_hostname (crt, hostname) == 0) | ||
150 | { | ||
151 | printf | ||
152 | (" # The hostname in the certificate does NOT match '%s'.\n", | ||
153 | hostname); | ||
154 | } | ||
155 | else | ||
156 | { | ||
157 | printf (" # The hostname in the certificate matches '%s'.\n", | ||
158 | hostname); | ||
159 | } | ||
160 | } | ||
161 | |||
162 | expiret = gnutls_x509_crt_get_expiration_time (crt); | ||
163 | activet = gnutls_x509_crt_get_activation_time (crt); | ||
164 | |||
165 | printf (" # valid since: %s", my_ctime (&activet)); | ||
166 | printf (" # expires at: %s", my_ctime (&expiret)); | ||
167 | |||
168 | /* Print the serial number of the certificate. | ||
169 | */ | ||
170 | if (verbose | ||
171 | && gnutls_x509_crt_get_serial (crt, serial, &serial_size) >= 0) | ||
172 | { | ||
173 | print = raw_to_string (serial, serial_size); | ||
174 | if (print != NULL) | ||
175 | printf (" # serial number: %s\n", print); | ||
176 | } | ||
177 | |||
178 | /* Print the fingerprint of the certificate | ||
179 | */ | ||
180 | digest_size = sizeof (digest); | ||
181 | if ((ret = gnutls_x509_crt_get_fingerprint (crt, GNUTLS_DIG_MD5, digest, | ||
182 | &digest_size)) < 0) | ||
183 | { | ||
184 | fprintf (stderr, | ||
185 | "Error in fingerprint calculation: %s\n", | ||
186 | gnutls_strerror (ret)); | ||
187 | } | ||
188 | else | ||
189 | { | ||
190 | print = raw_to_string (digest, digest_size); | ||
191 | if (print != NULL) | ||
192 | printf (" # fingerprint: %s\n", print); | ||
193 | } | ||
194 | |||
195 | /* Print the version of the X.509 | ||
196 | * certificate. | ||
197 | */ | ||
198 | if (verbose) | ||
199 | { | ||
200 | printf (" # version: #%d\n", gnutls_x509_crt_get_version (crt)); | ||
201 | |||
202 | bits = 0; | ||
203 | algo = gnutls_x509_crt_get_pk_algorithm (crt, &bits); | ||
204 | printf (" # public key algorithm: "); | ||
205 | |||
206 | cstr = SU (gnutls_pk_algorithm_get_name (algo)); | ||
207 | printf ("%s (%d bits)\n", cstr, bits); | ||
208 | |||
209 | #ifdef ENABLE_PKI | ||
210 | if (algo == GNUTLS_PK_RSA) | ||
211 | { | ||
212 | gnutls_datum_t e, m; | ||
213 | |||
214 | ret = gnutls_x509_crt_get_pk_rsa_raw (crt, &m, &e); | ||
215 | if (ret >= 0) | ||
216 | { | ||
217 | print = SU (raw_to_string (e.data, e.size)); | ||
218 | printf (" # e [%d bits]: %s\n", e.size * 8, print); | ||
219 | |||
220 | print = SU (raw_to_string (m.data, m.size)); | ||
221 | printf (" # m [%d bits]: %s\n", m.size * 8, print); | ||
222 | |||
223 | gnutls_free (e.data); | ||
224 | gnutls_free (m.data); | ||
225 | } | ||
226 | } | ||
227 | #endif | ||
228 | } | ||
229 | |||
230 | dn_size = sizeof (dn); | ||
231 | ret = gnutls_x509_crt_get_dn (crt, dn, &dn_size); | ||
232 | if (ret >= 0) | ||
233 | printf (" # Subject's DN: %s\n", dn); | ||
234 | |||
235 | dn_size = sizeof (dn); | ||
236 | ret = gnutls_x509_crt_get_issuer_dn (crt, dn, &dn_size); | ||
237 | if (ret >= 0) | ||
238 | printf (" # Issuer's DN: %s\n", dn); | ||
239 | |||
240 | gnutls_x509_crt_deinit (crt); | ||
241 | |||
242 | printf ("\n"); | ||
243 | |||
244 | } | ||
245 | |||
246 | } | ||
247 | |||
248 | #if ENABLE_OPENPGP | ||
249 | void | ||
250 | print_openpgp_info (gnutls_session_t session, const char *hostname) | ||
251 | { | ||
252 | |||
253 | char digest[20]; | ||
254 | size_t digest_size = sizeof (digest); | ||
255 | int ret; | ||
256 | const char *print; | ||
257 | const char *cstr; | ||
258 | char name[256]; | ||
259 | size_t name_len = sizeof (name); | ||
260 | gnutls_openpgp_crt_t crt; | ||
261 | const gnutls_datum_t *cert_list; | ||
262 | int cert_list_size = 0; | ||
263 | time_t expiret; | ||
264 | time_t activet; | ||
265 | |||
266 | cert_list = gnutls_certificate_get_peers (session, &cert_list_size); | ||
267 | |||
268 | if (cert_list_size > 0) | ||
269 | { | ||
270 | unsigned int algo, bits; | ||
271 | |||
272 | gnutls_openpgp_crt_init (&crt); | ||
273 | ret = gnutls_openpgp_crt_import (crt, &cert_list[0], | ||
274 | GNUTLS_OPENPGP_FMT_RAW); | ||
275 | if (ret < 0) | ||
276 | { | ||
277 | fprintf (stderr, "Decoding error: %s\n", gnutls_strerror (ret)); | ||
278 | return; | ||
279 | } | ||
280 | |||
281 | if (print_cert) | ||
282 | { | ||
283 | size_t size; | ||
284 | |||
285 | size = sizeof (buffer); | ||
286 | |||
287 | ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64, | ||
288 | buffer, &size); | ||
289 | if (ret < 0) | ||
290 | { | ||
291 | fprintf (stderr, "Encoding error: %s\n", gnutls_strerror (ret)); | ||
292 | return; | ||
293 | } | ||
294 | fputs ("\n", stdout); | ||
295 | fputs (buffer, stdout); | ||
296 | fputs ("\n", stdout); | ||
297 | } | ||
298 | |||
299 | if (hostname != NULL) | ||
300 | { /* Check the hostname of the first certificate | ||
301 | * if it matches the name of the host we | ||
302 | * connected to. | ||
303 | */ | ||
304 | if (gnutls_openpgp_crt_check_hostname (crt, hostname) == 0) | ||
305 | { | ||
306 | printf (" # The hostname in the key does NOT match '%s'.\n", | ||
307 | hostname); | ||
308 | } | ||
309 | else | ||
310 | { | ||
311 | printf (" # The hostname in the key matches '%s'.\n", hostname); | ||
312 | } | ||
313 | } | ||
314 | |||
315 | activet = gnutls_openpgp_crt_get_creation_time (crt); | ||
316 | expiret = gnutls_openpgp_crt_get_expiration_time (crt); | ||
317 | |||
318 | printf (" # Key was created at: %s", my_ctime (&activet)); | ||
319 | printf (" # Key expires: "); | ||
320 | if (expiret != 0) | ||
321 | printf ("%s", my_ctime (&expiret)); | ||
322 | else | ||
323 | printf ("Never\n"); | ||
324 | |||
325 | if (gnutls_openpgp_crt_get_fingerprint (crt, digest, &digest_size) >= 0) | ||
326 | { | ||
327 | print = raw_to_string (digest, digest_size); | ||
328 | |||
329 | printf (" # PGP Key version: %d\n", | ||
330 | gnutls_openpgp_crt_get_version (crt)); | ||
331 | |||
332 | bits = 0; | ||
333 | algo = gnutls_openpgp_crt_get_pk_algorithm (crt, &bits); | ||
334 | |||
335 | printf (" # PGP Key public key algorithm: "); | ||
336 | cstr = SU (gnutls_pk_algorithm_get_name (algo)); | ||
337 | printf ("%s (%d bits)\n", cstr, bits); | ||
338 | |||
339 | if (print != NULL) | ||
340 | printf (" # PGP Key fingerprint: %s\n", print); | ||
341 | |||
342 | name_len = sizeof (name); | ||
343 | if (gnutls_openpgp_crt_get_name (crt, 0, name, &name_len) < 0) | ||
344 | { | ||
345 | fprintf (stderr, "Could not extract name\n"); | ||
346 | } | ||
347 | else | ||
348 | { | ||
349 | PRINT_PGP_NAME (name); | ||
350 | } | ||
351 | |||
352 | } | ||
353 | |||
354 | gnutls_openpgp_crt_deinit (crt); | ||
355 | |||
356 | } | ||
357 | } | ||
358 | #endif | ||
359 | |||
360 | void | ||
361 | print_cert_vrfy (gnutls_session_t session) | ||
362 | { | ||
363 | int rc; | ||
364 | unsigned int status; | ||
365 | |||
366 | rc = gnutls_certificate_verify_peers2 (session, &status); | ||
367 | printf ("\n"); | ||
368 | |||
369 | if (rc == GNUTLS_E_NO_CERTIFICATE_FOUND) | ||
370 | { | ||
371 | printf ("- Peer did not send any certificate.\n"); | ||
372 | return; | ||
373 | } | ||
374 | |||
375 | if (rc < 0) | ||
376 | { | ||
377 | printf ("- Could not verify certificate (err: %s)\n", | ||
378 | gnutls_strerror (rc)); | ||
379 | return; | ||
380 | } | ||
381 | |||
382 | if (gnutls_certificate_type_get (session) == GNUTLS_CRT_X509) | ||
383 | { | ||
384 | if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) | ||
385 | printf ("- Peer's certificate issuer is unknown\n"); | ||
386 | if (status & GNUTLS_CERT_INVALID) | ||
387 | printf ("- Peer's certificate is NOT trusted\n"); | ||
388 | else | ||
389 | printf ("- Peer's certificate is trusted\n"); | ||
390 | } | ||
391 | else | ||
392 | { | ||
393 | if (status & GNUTLS_CERT_INVALID) | ||
394 | printf ("- Peer's key is invalid\n"); | ||
395 | else | ||
396 | printf ("- Peer's key is valid\n"); | ||
397 | if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) | ||
398 | printf ("- Could not find a signer of the peer's key\n"); | ||
399 | } | ||
400 | } | ||
401 | |||
402 | int | ||
403 | print_info (gnutls_session_t session, const char *hostname) | ||
404 | { | ||
405 | const char *tmp; | ||
406 | gnutls_credentials_type_t cred; | ||
407 | gnutls_kx_algorithm_t kx; | ||
408 | |||
409 | /* print the key exchange's algorithm name | ||
410 | */ | ||
411 | kx = gnutls_kx_get (session); | ||
412 | |||
413 | cred = gnutls_auth_get_type (session); | ||
414 | switch (cred) | ||
415 | { | ||
416 | #ifdef ENABLE_ANON | ||
417 | case GNUTLS_CRD_ANON: | ||
418 | printf ("- Anonymous DH using prime of %d bits, secret key " | ||
419 | "of %d bits, and peer's public key is %d bits.\n", | ||
420 | gnutls_dh_get_prime_bits (session), | ||
421 | gnutls_dh_get_secret_bits (session), | ||
422 | gnutls_dh_get_peers_public_bits (session)); | ||
423 | break; | ||
424 | #endif | ||
425 | #ifdef ENABLE_SRP | ||
426 | case GNUTLS_CRD_SRP: | ||
427 | /* This should be only called in server | ||
428 | * side. | ||
429 | */ | ||
430 | if (gnutls_srp_server_get_username (session) != NULL) | ||
431 | printf ("- SRP authentication. Connected as '%s'\n", | ||
432 | gnutls_srp_server_get_username (session)); | ||
433 | break; | ||
434 | #endif | ||
435 | #ifdef ENABLE_PSK | ||
436 | case GNUTLS_CRD_PSK: | ||
437 | /* This should be only called in server | ||
438 | * side. | ||
439 | */ | ||
440 | if (gnutls_psk_server_get_username (session) != NULL) | ||
441 | printf ("- PSK authentication. Connected as '%s'\n", | ||
442 | gnutls_psk_server_get_username (session)); | ||
443 | if (kx == GNUTLS_KX_DHE_PSK) | ||
444 | { | ||
445 | printf ("- DH using prime of %d bits, secret key " | ||
446 | "of %d bits, and peer's public key is %d bits.\n", | ||
447 | gnutls_dh_get_prime_bits (session), | ||
448 | gnutls_dh_get_secret_bits (session), | ||
449 | gnutls_dh_get_peers_public_bits (session)); | ||
450 | } | ||
451 | break; | ||
452 | #endif | ||
453 | case GNUTLS_CRD_IA: | ||
454 | printf ("- TLS/IA authentication\n"); | ||
455 | break; | ||
456 | case GNUTLS_CRD_CERTIFICATE: | ||
457 | { | ||
458 | char dns[256]; | ||
459 | size_t dns_size = sizeof (dns); | ||
460 | unsigned int type; | ||
461 | |||
462 | /* This fails in client side */ | ||
463 | if (gnutls_server_name_get (session, dns, &dns_size, &type, 0) == 0) | ||
464 | { | ||
465 | printf ("- Given server name[%d]: %s\n", type, dns); | ||
466 | } | ||
467 | } | ||
468 | |||
469 | if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS) | ||
470 | { | ||
471 | printf ("- Ephemeral DH using prime of %d bits, secret key " | ||
472 | "of %d bits, and peer's public key is %d bits.\n", | ||
473 | gnutls_dh_get_prime_bits (session), | ||
474 | gnutls_dh_get_secret_bits (session), | ||
475 | gnutls_dh_get_peers_public_bits (session)); | ||
476 | } | ||
477 | |||
478 | print_cert_info (session, hostname); | ||
479 | |||
480 | print_cert_vrfy (session); | ||
481 | |||
482 | } | ||
483 | |||
484 | tmp = SU (gnutls_protocol_get_name (gnutls_protocol_get_version (session))); | ||
485 | printf ("- Version: %s\n", tmp); | ||
486 | |||
487 | tmp = SU (gnutls_kx_get_name (kx)); | ||
488 | printf ("- Key Exchange: %s\n", tmp); | ||
489 | |||
490 | tmp = SU (gnutls_cipher_get_name (gnutls_cipher_get (session))); | ||
491 | printf ("- Cipher: %s\n", tmp); | ||
492 | |||
493 | tmp = SU (gnutls_mac_get_name (gnutls_mac_get (session))); | ||
494 | printf ("- MAC: %s\n", tmp); | ||
495 | |||
496 | tmp = SU (gnutls_compression_get_name (gnutls_compression_get (session))); | ||
497 | printf ("- Compression: %s\n", tmp); | ||
498 | |||
499 | if (verbose) | ||
500 | { | ||
501 | char id[32]; | ||
502 | size_t id_size = sizeof (id); | ||
503 | gnutls_session_get_id (session, id, &id_size); | ||
504 | printf ("- Session ID: %s\n", raw_to_string (id, id_size)); | ||
505 | } | ||
506 | |||
507 | fflush (stdout); | ||
508 | |||
509 | return 0; | ||
510 | } | ||
511 | |||
512 | void | ||
513 | print_cert_info (gnutls_session_t session, const char *hostname) | ||
514 | { | ||
515 | |||
516 | if (gnutls_certificate_client_get_request_status (session) != 0) | ||
517 | printf ("- Server has requested a certificate.\n"); | ||
518 | |||
519 | printf ("- Certificate type: "); | ||
520 | switch (gnutls_certificate_type_get (session)) | ||
521 | { | ||
522 | case GNUTLS_CRT_X509: | ||
523 | printf ("X.509\n"); | ||
524 | print_x509_info (session, hostname); | ||
525 | break; | ||
526 | #if ENABLE_OPENPGP | ||
527 | case GNUTLS_CRT_OPENPGP: | ||
528 | printf ("OpenPGP\n"); | ||
529 | print_openpgp_info (session, hostname); | ||
530 | break; | ||
531 | #endif | ||
532 | } | ||
533 | } | ||
534 | |||
535 | void | ||
536 | print_list (int verbose) | ||
537 | { | ||
538 | { | ||
539 | size_t i; | ||
540 | const char *name; | ||
541 | char id[2]; | ||
542 | gnutls_kx_algorithm_t kx; | ||
543 | gnutls_cipher_algorithm_t cipher; | ||
544 | gnutls_mac_algorithm_t mac; | ||
545 | gnutls_protocol_t version; | ||
546 | |||
547 | printf ("Cipher suites:\n"); | ||
548 | for (i = 0; (name = gnutls_cipher_suite_info (i, id, &kx, &cipher, &mac, | ||
549 | &version)); i++) | ||
550 | { | ||
551 | printf ("%-50s\t0x%02x, 0x%02x\t%s\n", name, (unsigned char) id[0], | ||
552 | (unsigned char) id[1], gnutls_protocol_get_name (version)); | ||
553 | if (verbose) | ||
554 | printf ("\tKey exchange: %s\n\tCipher: %s\n\tMAC: %s\n\n", | ||
555 | gnutls_kx_get_name (kx), gnutls_cipher_get_name (cipher), | ||
556 | gnutls_mac_get_name (mac)); | ||
557 | } | ||
558 | } | ||
559 | |||
560 | { | ||
561 | const gnutls_certificate_type_t *p = gnutls_certificate_type_list (); | ||
562 | |||
563 | printf ("Certificate types: "); | ||
564 | for (; *p; p++) | ||
565 | { | ||
566 | printf ("%s", gnutls_certificate_type_get_name (*p)); | ||
567 | if (*(p + 1)) | ||
568 | printf (", "); | ||
569 | else | ||
570 | printf ("\n"); | ||
571 | } | ||
572 | } | ||
573 | |||
574 | { | ||
575 | const gnutls_protocol_t *p = gnutls_protocol_list (); | ||
576 | |||
577 | printf ("Protocols: "); | ||
578 | for (; *p; p++) | ||
579 | { | ||
580 | printf ("%s", gnutls_protocol_get_name (*p)); | ||
581 | if (*(p + 1)) | ||
582 | printf (", "); | ||
583 | else | ||
584 | printf ("\n"); | ||
585 | } | ||
586 | } | ||
587 | |||
588 | { | ||
589 | const gnutls_cipher_algorithm_t *p = gnutls_cipher_list (); | ||
590 | |||
591 | printf ("Ciphers: "); | ||
592 | for (; *p; p++) | ||
593 | { | ||
594 | printf ("%s", gnutls_cipher_get_name (*p)); | ||
595 | if (*(p + 1)) | ||
596 | printf (", "); | ||
597 | else | ||
598 | printf ("\n"); | ||
599 | } | ||
600 | } | ||
601 | |||
602 | { | ||
603 | const gnutls_mac_algorithm_t *p = gnutls_mac_list (); | ||
604 | |||
605 | printf ("MACs: "); | ||
606 | for (; *p; p++) | ||
607 | { | ||
608 | printf ("%s", gnutls_mac_get_name (*p)); | ||
609 | if (*(p + 1)) | ||
610 | printf (", "); | ||
611 | else | ||
612 | printf ("\n"); | ||
613 | } | ||
614 | } | ||
615 | |||
616 | { | ||
617 | const gnutls_kx_algorithm_t *p = gnutls_kx_list (); | ||
618 | |||
619 | printf ("Key exchange algorithms: "); | ||
620 | for (; *p; p++) | ||
621 | { | ||
622 | printf ("%s", gnutls_kx_get_name (*p)); | ||
623 | if (*(p + 1)) | ||
624 | printf (", "); | ||
625 | else | ||
626 | printf ("\n"); | ||
627 | } | ||
628 | } | ||
629 | |||
630 | { | ||
631 | const gnutls_compression_method_t *p = gnutls_compression_list (); | ||
632 | |||
633 | printf ("Compression: "); | ||
634 | for (; *p; p++) | ||
635 | { | ||
636 | printf ("%s", gnutls_compression_get_name (*p)); | ||
637 | if (*(p + 1)) | ||
638 | printf (", "); | ||
639 | else | ||
640 | printf ("\n"); | ||
641 | } | ||
642 | } | ||
643 | } | ||
644 | |||
645 | void | ||
646 | print_license (void) | ||
647 | { | ||
648 | fputs ("\nCopyright (C) 2004,2005,2006,2007 Free Software Foundation\n" | ||
649 | "This program is free software; you can redistribute it and/or modify \n" | ||
650 | "it under the terms of the GNU General Public License as published by \n" | ||
651 | "the Free Software Foundation; either version 3 of the License, or \n" | ||
652 | "(at your option) any later version. \n" "\n" | ||
653 | "This program is distributed in the hope that it will be useful, \n" | ||
654 | "but WITHOUT ANY WARRANTY; without even the implied warranty of \n" | ||
655 | "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \n" | ||
656 | "GNU General Public License for more details. \n" "\n" | ||
657 | "You should have received a copy of the GNU General Public License \n" | ||
658 | "along with this program; if not, write to the Free Software \n" | ||
659 | "Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n", | ||
660 | stdout); | ||
661 | } | ||
662 | |||
663 | void | ||
664 | sockets_init (void) | ||
665 | { | ||
666 | #ifdef _WIN32 | ||
667 | WORD wVersionRequested; | ||
668 | WSADATA wsaData; | ||
669 | |||
670 | wVersionRequested = MAKEWORD (1, 1); | ||
671 | if (WSAStartup (wVersionRequested, &wsaData) != 0) | ||
672 | { | ||
673 | perror ("WSA_STARTUP_ERROR"); | ||
674 | } | ||
675 | #endif | ||
676 | } | ||
677 | |||
678 | /* converts a service name or a port (in string) to a | ||
679 | * port number. The protocol is assumed to be TCP. | ||
680 | * | ||
681 | * returns -1 on error; | ||
682 | */ | ||
683 | int | ||
684 | service_to_port (const char *service) | ||
685 | { | ||
686 | int port; | ||
687 | struct servent *server_port; | ||
688 | |||
689 | port = atoi (service); | ||
690 | if (port != 0) | ||
691 | return port; | ||
692 | |||
693 | server_port = getservbyname (service, "tcp"); | ||
694 | if (server_port == NULL) | ||
695 | { | ||
696 | perror ("getservbyname()"); | ||
697 | return (-1); | ||
698 | } | ||
699 | |||
700 | return ntohs (server_port->s_port); | ||
701 | |||
702 | } | ||
diff --git a/src/daemon/https/https_common.h b/src/daemon/https/https_common.h deleted file mode 100644 index 3ccd2cb1..00000000 --- a/src/daemon/https/https_common.h +++ /dev/null | |||
@@ -1,40 +0,0 @@ | |||
1 | #define PORT 5556 | ||
2 | #define SERVER "127.0.0.1" | ||
3 | |||
4 | #include <config.h> | ||
5 | #include <gnutls.h> | ||
6 | |||
7 | #include <sys/socket.h> | ||
8 | #include <arpa/inet.h> | ||
9 | #ifdef _WIN32 | ||
10 | # include <io.h> | ||
11 | # include <winbase.h> | ||
12 | # define close closesocket | ||
13 | #else | ||
14 | # include <netinet/in.h> | ||
15 | # include <unistd.h> | ||
16 | # include <netdb.h> | ||
17 | # include <signal.h> | ||
18 | #endif | ||
19 | |||
20 | /* the number of elements in the priority structures. | ||
21 | */ | ||
22 | #define PRI_MAX 16 | ||
23 | |||
24 | extern const char str_unknown[]; | ||
25 | |||
26 | int print_info (gnutls_session_t state, const char *hostname); | ||
27 | void print_cert_info (gnutls_session_t state, const char *hostname); | ||
28 | void print_list (int verbose); | ||
29 | |||
30 | void parse_comp (char **comp, int ncomp, int *comp_priority); | ||
31 | void parse_kx (char **kx, int nkx, int *kx_priority); | ||
32 | void parse_ctypes (char **ctype, int nctype, int *cert_type_priority); | ||
33 | void parse_macs (char **macs, int nmacs, int *mac_priority); | ||
34 | void parse_ciphers (char **ciphers, int nciphers, int *cipher_priority); | ||
35 | void parse_protocols (char **protocols, int protocols_size, | ||
36 | int *protocol_priority); | ||
37 | const char *raw_to_string (const unsigned char *raw, size_t raw_size); | ||
38 | int service_to_port (const char *service); | ||
39 | |||
40 | void sockets_init (void); | ||
diff --git a/src/daemon/https/includes/Makefile.am b/src/daemon/https/includes/Makefile.am deleted file mode 100644 index b0c6ada1..00000000 --- a/src/daemon/https/includes/Makefile.am +++ /dev/null | |||
@@ -1,3 +0,0 @@ | |||
1 | AM_CPPFLAGS = -I$(top_srcdir)/src/https/includes | ||
2 | |||
3 | lib_LTLIBRARIES = libmicrohttpd.la | ||
diff --git a/src/daemon/https/openpgp/Makefile.am b/src/daemon/https/openpgp/Makefile.am index 66380444..50f03c24 100644 --- a/src/daemon/https/openpgp/Makefile.am +++ b/src/daemon/https/openpgp/Makefile.am | |||
@@ -2,7 +2,7 @@ SUBDIRS = . | |||
2 | 2 | ||
3 | AM_CPPFLAGS = \ | 3 | AM_CPPFLAGS = \ |
4 | -I$(top_srcdir)/src/include \ | 4 | -I$(top_srcdir)/src/include \ |
5 | -I$(top_srcdir)/src/daemon/https/includes \ | 5 | -I$(top_srcdir)/src/daemon/https \ |
6 | -I$(top_srcdir)/src/daemon/https/lgl \ | 6 | -I$(top_srcdir)/src/daemon/https/lgl \ |
7 | -I$(top_srcdir)/src/daemon/https/x509 \ | 7 | -I$(top_srcdir)/src/daemon/https/x509 \ |
8 | -I$(top_srcdir)/src/daemon/https/tls \ | 8 | -I$(top_srcdir)/src/daemon/https/tls \ |
diff --git a/src/daemon/https/tls/Makefile.am b/src/daemon/https/tls/Makefile.am index 63cbaabe..11e70592 100644 --- a/src/daemon/https/tls/Makefile.am +++ b/src/daemon/https/tls/Makefile.am | |||
@@ -3,12 +3,12 @@ SUBDIRS = . | |||
3 | AM_CPPFLAGS = \ | 3 | AM_CPPFLAGS = \ |
4 | -I$(top_srcdir)/src/include \ | 4 | -I$(top_srcdir)/src/include \ |
5 | -I$(top_srcdir)/src/daemon/ \ | 5 | -I$(top_srcdir)/src/daemon/ \ |
6 | -I$(top_srcdir)/src/daemon/https \ | ||
6 | -I$(top_srcdir)/src/daemon/https/tls \ | 7 | -I$(top_srcdir)/src/daemon/https/tls \ |
7 | -I$(top_srcdir)/src/daemon/https/lgl \ | 8 | -I$(top_srcdir)/src/daemon/https/lgl \ |
8 | -I$(top_srcdir)/src/daemon/https/x509 \ | 9 | -I$(top_srcdir)/src/daemon/https/x509 \ |
9 | -I$(top_srcdir)/src/daemon/https/openpgp \ | 10 | -I$(top_srcdir)/src/daemon/https/openpgp \ |
10 | -I$(top_srcdir)/src/daemon/https/opencdk \ | 11 | -I$(top_srcdir)/src/daemon/https/opencdk \ |
11 | -I$(top_srcdir)/src/daemon/https/includes \ | ||
12 | -I$(GCRYPT_CPPFLAGS) | 12 | -I$(GCRYPT_CPPFLAGS) |
13 | 13 | ||
14 | noinst_LTLIBRARIES = libtls.la | 14 | noinst_LTLIBRARIES = libtls.la |
diff --git a/src/daemon/https/x509/Makefile.am b/src/daemon/https/x509/Makefile.am index 6121dd51..2bdb5799 100644 --- a/src/daemon/https/x509/Makefile.am +++ b/src/daemon/https/x509/Makefile.am | |||
@@ -1,7 +1,7 @@ | |||
1 | 1 | ||
2 | AM_CPPFLAGS = \ | 2 | AM_CPPFLAGS = \ |
3 | -I$(top_srcdir)/src/include \ | 3 | -I$(top_srcdir)/src/include \ |
4 | -I$(top_srcdir)/src/daemon/https/includes \ | 4 | -I$(top_srcdir)/src/daemon/https \ |
5 | -I$(top_srcdir)/src/daemon/https/minitasn1 \ | 5 | -I$(top_srcdir)/src/daemon/https/minitasn1 \ |
6 | -I$(top_srcdir)/src/daemon/https/lgl \ | 6 | -I$(top_srcdir)/src/daemon/https/lgl \ |
7 | -I$(top_srcdir)/src/daemon/https/x509 \ | 7 | -I$(top_srcdir)/src/daemon/https/x509 \ |