diff options
Diffstat (limited to 'src/daemon/https')
107 files changed, 2527 insertions, 2095 deletions
diff --git a/src/daemon/https/gnutls.h b/src/daemon/https/gnutls.h index 3c17d803..217e0fb7 100644 --- a/src/daemon/https/gnutls.h +++ b/src/daemon/https/gnutls.h | |||
@@ -211,32 +211,36 @@ extern "C" | |||
211 | } MHD_gnutls_params_st; | 211 | } MHD_gnutls_params_st; |
212 | 212 | ||
213 | typedef int MHD_gnutls_params_function (MHD_gtls_session_t, | 213 | typedef int MHD_gnutls_params_function (MHD_gtls_session_t, |
214 | MHD_gnutls_params_type_t, | 214 | MHD_gnutls_params_type_t, |
215 | MHD_gnutls_params_st *); | 215 | MHD_gnutls_params_st *); |
216 | 216 | ||
217 | /* internal functions */ | 217 | /* internal functions */ |
218 | int MHD__gnutls_global_init (void); | 218 | int MHD__gnutls_global_init (void); |
219 | void MHD__gnutls_global_deinit (void); | 219 | void MHD__gnutls_global_deinit (void); |
220 | 220 | ||
221 | int MHD__gnutls_init (MHD_gtls_session_t * session, | 221 | int MHD__gnutls_init (MHD_gtls_session_t * session, |
222 | MHD_gnutls_connection_end_t con_end); | 222 | MHD_gnutls_connection_end_t con_end); |
223 | void MHD__gnutls_deinit (MHD_gtls_session_t session); | 223 | void MHD__gnutls_deinit (MHD_gtls_session_t session); |
224 | 224 | ||
225 | int MHD__gnutls_bye (MHD_gtls_session_t session, MHD_gnutls_close_request_t how); | 225 | int MHD__gnutls_bye (MHD_gtls_session_t session, |
226 | MHD_gnutls_close_request_t how); | ||
226 | int MHD__gnutls_handshake (MHD_gtls_session_t session); | 227 | int MHD__gnutls_handshake (MHD_gtls_session_t session); |
227 | int MHD__gnutls_rehandshake (MHD_gtls_session_t session); | 228 | int MHD__gnutls_rehandshake (MHD_gtls_session_t session); |
228 | 229 | ||
229 | int MHD_gtls_handshake_client (MHD_gtls_session_t session); | 230 | int MHD_gtls_handshake_client (MHD_gtls_session_t session); |
230 | 231 | ||
231 | MHD_gnutls_alert_description_t MHD_gnutls_alert_get (MHD_gtls_session_t session); | 232 | MHD_gnutls_alert_description_t MHD_gnutls_alert_get (MHD_gtls_session_t |
233 | session); | ||
232 | int MHD__gnutls_alert_send (MHD_gtls_session_t session, | 234 | int MHD__gnutls_alert_send (MHD_gtls_session_t session, |
233 | MHD_gnutls_alert_level_t level, | 235 | MHD_gnutls_alert_level_t level, |
234 | MHD_gnutls_alert_description_t desc); | 236 | MHD_gnutls_alert_description_t desc); |
235 | int MHD__gnutls_alert_send_appropriate (MHD_gtls_session_t session, int err); | 237 | int MHD__gnutls_alert_send_appropriate (MHD_gtls_session_t session, |
236 | const char *MHD__gnutls_alert_get_name (MHD_gnutls_alert_description_t alert); | 238 | int err); |
237 | 239 | const char *MHD__gnutls_alert_get_name (MHD_gnutls_alert_description_t | |
238 | enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get (MHD_gtls_session_t | 240 | alert); |
239 | session); | 241 | |
242 | enum MHD_GNUTLS_CompressionMethod | ||
243 | MHD_gtls_compression_get (MHD_gtls_session_t session); | ||
240 | // enum MHD_GNUTLS_CipherAlgorithm MHD_gnutls_cipher_get (MHD_gtls_session_t session); | 244 | // enum MHD_GNUTLS_CipherAlgorithm MHD_gnutls_cipher_get (MHD_gtls_session_t session); |
241 | // enum MHD_GNUTLS_KeyExchangeAlgorithm MHD_gnutls_kx_get (MHD_gtls_session_t session); | 245 | // enum MHD_GNUTLS_KeyExchangeAlgorithm MHD_gnutls_kx_get (MHD_gtls_session_t session); |
242 | // enum MHD_GNUTLS_HashAlgorithm MHD_gnutls_mac_get (MHD_gtls_session_t session); | 246 | // enum MHD_GNUTLS_HashAlgorithm MHD_gnutls_mac_get (MHD_gtls_session_t session); |
@@ -244,23 +248,23 @@ extern "C" | |||
244 | // session); | 248 | // session); |
245 | 249 | ||
246 | size_t MHD__gnutls_cipher_get_key_size (enum MHD_GNUTLS_CipherAlgorithm | 250 | size_t MHD__gnutls_cipher_get_key_size (enum MHD_GNUTLS_CipherAlgorithm |
247 | algorithm); | 251 | algorithm); |
248 | size_t MHD__gnutls_mac_get_key_size (enum MHD_GNUTLS_HashAlgorithm | 252 | size_t MHD__gnutls_mac_get_key_size (enum MHD_GNUTLS_HashAlgorithm |
249 | algorithm); | 253 | algorithm); |
250 | 254 | ||
251 | /* the name of the specified algorithms */ | 255 | /* the name of the specified algorithms */ |
252 | const char *MHD__gnutls_cipher_get_name (enum MHD_GNUTLS_CipherAlgorithm | 256 | const char *MHD__gnutls_cipher_get_name (enum MHD_GNUTLS_CipherAlgorithm |
253 | algorithm); | 257 | algorithm); |
254 | const char *MHD__gnutls_mac_get_name (enum MHD_GNUTLS_HashAlgorithm | 258 | const char *MHD__gnutls_mac_get_name (enum MHD_GNUTLS_HashAlgorithm |
255 | algorithm); | 259 | algorithm); |
256 | const char *MHD_gtls_compression_get_name (enum | 260 | const char *MHD_gtls_compression_get_name (enum |
257 | MHD_GNUTLS_CompressionMethod | 261 | MHD_GNUTLS_CompressionMethod |
258 | algorithm); | 262 | algorithm); |
259 | const char *MHD__gnutls_kx_get_name (enum MHD_GNUTLS_KeyExchangeAlgorithm | 263 | const char *MHD__gnutls_kx_get_name (enum MHD_GNUTLS_KeyExchangeAlgorithm |
260 | algorithm); | 264 | algorithm); |
261 | const char *MHD__gnutls_certificate_type_get_name (enum | 265 | const char *MHD__gnutls_certificate_type_get_name (enum |
262 | MHD_GNUTLS_CertificateType | 266 | MHD_GNUTLS_CertificateType |
263 | type); | 267 | type); |
264 | 268 | ||
265 | enum MHD_GNUTLS_HashAlgorithm MHD_gtls_mac_get_id (const char *name); | 269 | enum MHD_GNUTLS_HashAlgorithm MHD_gtls_mac_get_id (const char *name); |
266 | enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get_id (const char | 270 | enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get_id (const char |
@@ -292,9 +296,9 @@ extern "C" | |||
292 | * Record layer functions. | 296 | * Record layer functions. |
293 | */ | 297 | */ |
294 | ssize_t MHD__gnutls_record_send (MHD_gtls_session_t session, | 298 | ssize_t MHD__gnutls_record_send (MHD_gtls_session_t session, |
295 | const void *data, size_t sizeofdata); | 299 | const void *data, size_t sizeofdata); |
296 | ssize_t MHD__gnutls_record_recv (MHD_gtls_session_t session, void *data, | 300 | ssize_t MHD__gnutls_record_recv (MHD_gtls_session_t session, void *data, |
297 | size_t sizeofdata); | 301 | size_t sizeofdata); |
298 | 302 | ||
299 | /* provides extra compatibility */ | 303 | /* provides extra compatibility */ |
300 | void MHD_gtls_record_disable_padding (MHD_gtls_session_t session); | 304 | void MHD_gtls_record_disable_padding (MHD_gtls_session_t session); |
@@ -303,19 +307,19 @@ extern "C" | |||
303 | int MHD__gnutls_record_get_direction (MHD_gtls_session_t session); | 307 | int MHD__gnutls_record_get_direction (MHD_gtls_session_t session); |
304 | size_t MHD__gnutls_record_get_max_size (MHD_gtls_session_t session); | 308 | size_t MHD__gnutls_record_get_max_size (MHD_gtls_session_t session); |
305 | ssize_t MHD__gnutls_record_set_max_size (MHD_gtls_session_t session, | 309 | ssize_t MHD__gnutls_record_set_max_size (MHD_gtls_session_t session, |
306 | size_t size); | 310 | size_t size); |
307 | 311 | ||
308 | 312 | ||
309 | int MHD__gnutls_prf (MHD_gtls_session_t session, | 313 | int MHD__gnutls_prf (MHD_gtls_session_t session, |
310 | size_t label_size, const char *label, | 314 | size_t label_size, const char *label, |
311 | int server_random_first, | 315 | int server_random_first, |
312 | size_t extra_size, const char *extra, | 316 | size_t extra_size, const char *extra, |
313 | size_t outsize, char *out); | 317 | size_t outsize, char *out); |
314 | 318 | ||
315 | int MHD__gnutls_prf_raw (MHD_gtls_session_t session, | 319 | int MHD__gnutls_prf_raw (MHD_gtls_session_t session, |
316 | size_t label_size, const char *label, | 320 | size_t label_size, const char *label, |
317 | size_t seed_size, const char *seed, | 321 | size_t seed_size, const char *seed, |
318 | size_t outsize, char *out); | 322 | size_t outsize, char *out); |
319 | 323 | ||
320 | /* | 324 | /* |
321 | * TLS Extensions | 325 | * TLS Extensions |
@@ -326,12 +330,12 @@ extern "C" | |||
326 | } MHD_gnutls_server_name_type_t; | 330 | } MHD_gnutls_server_name_type_t; |
327 | 331 | ||
328 | int MHD__gnutls_server_name_set (MHD_gtls_session_t session, | 332 | int MHD__gnutls_server_name_set (MHD_gtls_session_t session, |
329 | MHD_gnutls_server_name_type_t type, | 333 | MHD_gnutls_server_name_type_t type, |
330 | const void *name, size_t name_length); | 334 | const void *name, size_t name_length); |
331 | 335 | ||
332 | int MHD__gnutls_server_name_get (MHD_gtls_session_t session, | 336 | int MHD__gnutls_server_name_get (MHD_gtls_session_t session, |
333 | void *data, size_t * data_length, | 337 | void *data, size_t * data_length, |
334 | unsigned int *type, unsigned int indx); | 338 | unsigned int *type, unsigned int indx); |
335 | 339 | ||
336 | /* Opaque PRF Input | 340 | /* Opaque PRF Input |
337 | * http://tools.ietf.org/id/draft-rescorla-tls-opaque-prf-input-00.txt | 341 | * http://tools.ietf.org/id/draft-rescorla-tls-opaque-prf-input-00.txt |
@@ -342,10 +346,11 @@ extern "C" | |||
342 | size_t len, unsigned char *data); | 346 | size_t len, unsigned char *data); |
343 | 347 | ||
344 | typedef int (*MHD_gnutls_oprfi_callback_func) (MHD_gtls_session_t session, | 348 | typedef int (*MHD_gnutls_oprfi_callback_func) (MHD_gtls_session_t session, |
345 | void *userdata, | 349 | void *userdata, |
346 | size_t oprfi_len, | 350 | size_t oprfi_len, |
347 | const unsigned char *in_oprfi, | 351 | const unsigned char |
348 | unsigned char *out_oprfi); | 352 | *in_oprfi, |
353 | unsigned char *out_oprfi); | ||
349 | 354 | ||
350 | void | 355 | void |
351 | MHD_gtls_oprfi_enable_server (MHD_gtls_session_t session, | 356 | MHD_gtls_oprfi_enable_server (MHD_gtls_session_t session, |
@@ -362,32 +367,35 @@ extern "C" | |||
362 | (MHD_gnutls_supplemental_data_format_type_t type); | 367 | (MHD_gnutls_supplemental_data_format_type_t type); |
363 | 368 | ||
364 | int MHD__gnutls_cipher_set_priority (MHD_gtls_session_t session, | 369 | int MHD__gnutls_cipher_set_priority (MHD_gtls_session_t session, |
365 | const int *list); | 370 | const int *list); |
366 | int MHD__gnutls_mac_set_priority (MHD_gtls_session_t session, | 371 | int MHD__gnutls_mac_set_priority (MHD_gtls_session_t session, |
367 | const int *list); | 372 | const int *list); |
368 | int MHD__gnutls_compression_set_priority (MHD_gtls_session_t session, | 373 | int MHD__gnutls_compression_set_priority (MHD_gtls_session_t session, |
369 | const int *list); | 374 | const int *list); |
370 | int MHD__gnutls_kx_set_priority (MHD_gtls_session_t session, | 375 | int MHD__gnutls_kx_set_priority (MHD_gtls_session_t session, |
371 | const int *list); | 376 | const int *list); |
372 | int MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session, | 377 | int MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session, |
373 | const int *list); | 378 | const int *list); |
374 | int MHD__gnutls_certificate_type_set_priority (MHD_gtls_session_t session, | 379 | int MHD__gnutls_certificate_type_set_priority (MHD_gtls_session_t session, |
375 | const int *list); | 380 | const int *list); |
376 | 381 | ||
377 | int MHD_tls_set_default_priority (MHD_gnutls_priority_t *, const char *priority, | 382 | int MHD_tls_set_default_priority (MHD_gnutls_priority_t *, |
383 | const char *priority, | ||
378 | const char **err_pos); | 384 | const char **err_pos); |
379 | void MHD__gnutls_priority_deinit (MHD_gnutls_priority_t); | 385 | void MHD__gnutls_priority_deinit (MHD_gnutls_priority_t); |
380 | 386 | ||
381 | int MHD__gnutls_priority_set (MHD_gtls_session_t session, MHD_gnutls_priority_t); | 387 | int MHD__gnutls_priority_set (MHD_gtls_session_t session, |
388 | MHD_gnutls_priority_t); | ||
382 | int MHD__gnutls_priority_set_direct (MHD_gtls_session_t session, | 389 | int MHD__gnutls_priority_set_direct (MHD_gtls_session_t session, |
383 | const char *priority, | 390 | const char *priority, |
384 | const char **err_pos); | 391 | const char **err_pos); |
385 | 392 | ||
386 | /* get the currently used protocol version */ | 393 | /* get the currently used protocol version */ |
387 | enum MHD_GNUTLS_Protocol MHD__gnutls_protocol_get_version (MHD_gtls_session_t | 394 | enum MHD_GNUTLS_Protocol |
388 | session); | 395 | MHD__gnutls_protocol_get_version (MHD_gtls_session_t session); |
389 | 396 | ||
390 | const char *MHD__gnutls_protocol_get_name (enum MHD_GNUTLS_Protocol version); | 397 | const char *MHD__gnutls_protocol_get_name (enum MHD_GNUTLS_Protocol |
398 | version); | ||
391 | 399 | ||
392 | /* | 400 | /* |
393 | * get/set session | 401 | * get/set session |
@@ -412,13 +420,14 @@ extern "C" | |||
412 | 420 | ||
413 | int MHD_gtls_session_is_resumed (MHD_gtls_session_t session); | 421 | int MHD_gtls_session_is_resumed (MHD_gtls_session_t session); |
414 | 422 | ||
415 | typedef int (*MHD_gnutls_handshake_post_client_hello_func) (MHD_gtls_session_t); | 423 | typedef |
424 | int (*MHD_gnutls_handshake_post_client_hello_func) (MHD_gtls_session_t); | ||
416 | void | 425 | void |
417 | MHD__gnutls_handshake_set_post_client_hello_function (MHD_gtls_session_t, | 426 | MHD__gnutls_handshake_set_post_client_hello_function (MHD_gtls_session_t, |
418 | MHD_gnutls_handshake_post_client_hello_func); | 427 | MHD_gnutls_handshake_post_client_hello_func); |
419 | 428 | ||
420 | void MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session, | 429 | void MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t |
421 | size_t max); | 430 | session, size_t max); |
422 | 431 | ||
423 | /* | 432 | /* |
424 | * Functions for setting/clearing credentials | 433 | * Functions for setting/clearing credentials |
@@ -429,8 +438,8 @@ extern "C" | |||
429 | * cred is a structure defined by the kx algorithm | 438 | * cred is a structure defined by the kx algorithm |
430 | */ | 439 | */ |
431 | int MHD__gnutls_credentials_set (MHD_gtls_session_t session, | 440 | int MHD__gnutls_credentials_set (MHD_gtls_session_t session, |
432 | enum MHD_GNUTLS_CredentialsType type, | 441 | enum MHD_GNUTLS_CredentialsType type, |
433 | void *cred); | 442 | void *cred); |
434 | 443 | ||
435 | /* Credential structures - used in MHD__gnutls_credentials_set(); */ | 444 | /* Credential structures - used in MHD__gnutls_credentials_set(); */ |
436 | struct MHD_gtls_certificate_credentials_st; | 445 | struct MHD_gtls_certificate_credentials_st; |
@@ -453,12 +462,13 @@ extern "C" | |||
453 | 462 | ||
454 | void | 463 | void |
455 | MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t | 464 | MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t |
456 | res, | 465 | res, |
457 | MHD_gtls_dh_params_t dh_params); | 466 | MHD_gtls_dh_params_t dh_params); |
458 | 467 | ||
459 | void | 468 | void |
460 | MHD__gnutls_anon_set_server_params_function | 469 | MHD__gnutls_anon_set_server_params_function |
461 | (MHD_gtls_anon_server_credentials_t res, MHD_gnutls_params_function * func); | 470 | (MHD_gtls_anon_server_credentials_t res, |
471 | MHD_gnutls_params_function * func); | ||
462 | 472 | ||
463 | void | 473 | void |
464 | MHD__gnutls_anon_free_client_credentials | 474 | MHD__gnutls_anon_free_client_credentials |
@@ -468,10 +478,10 @@ extern "C" | |||
468 | (MHD_gtls_anon_client_credentials_t * sc); | 478 | (MHD_gtls_anon_client_credentials_t * sc); |
469 | 479 | ||
470 | void MHD__gnutls_certificate_free_credentials (MHD_gtls_cert_credentials_t | 480 | void MHD__gnutls_certificate_free_credentials (MHD_gtls_cert_credentials_t |
471 | sc); | 481 | sc); |
472 | int | 482 | int |
473 | MHD__gnutls_certificate_allocate_credentials (MHD_gtls_cert_credentials_t | 483 | MHD__gnutls_certificate_allocate_credentials (MHD_gtls_cert_credentials_t |
474 | * res); | 484 | * res); |
475 | 485 | ||
476 | void MHD__gnutls_certificate_free_keys (MHD_gtls_cert_credentials_t sc); | 486 | void MHD__gnutls_certificate_free_keys (MHD_gtls_cert_credentials_t sc); |
477 | void MHD__gnutls_certificate_free_cas (MHD_gtls_cert_credentials_t sc); | 487 | void MHD__gnutls_certificate_free_cas (MHD_gtls_cert_credentials_t sc); |
@@ -479,50 +489,60 @@ extern "C" | |||
479 | void MHD__gnutls_certificate_free_crls (MHD_gtls_cert_credentials_t sc); | 489 | void MHD__gnutls_certificate_free_crls (MHD_gtls_cert_credentials_t sc); |
480 | 490 | ||
481 | void MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res, | 491 | void MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res, |
482 | MHD_gtls_dh_params_t dh_params); | 492 | MHD_gtls_dh_params_t dh_params); |
483 | void | 493 | void |
484 | MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t | 494 | MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t |
485 | res, | 495 | res, |
486 | MHD_gtls_rsa_params_t | 496 | MHD_gtls_rsa_params_t |
487 | rsa_params); | 497 | rsa_params); |
488 | void MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t | 498 | void MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t |
489 | res, unsigned int flags); | 499 | res, unsigned int flags); |
490 | void MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t | 500 | void MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t |
491 | res, unsigned int max_bits, | 501 | res, unsigned int max_bits, |
492 | unsigned int max_depth); | 502 | unsigned int max_depth); |
493 | 503 | ||
494 | int MHD__gnutls_certificate_set_x509_trust_file (MHD_gtls_cert_credentials_t | 504 | int MHD__gnutls_certificate_set_x509_trust_file (MHD_gtls_cert_credentials_t |
495 | res, const char *CAFILE, | 505 | res, const char *CAFILE, |
496 | MHD_gnutls_x509_crt_fmt_t type); | 506 | MHD_gnutls_x509_crt_fmt_t |
507 | type); | ||
497 | int MHD__gnutls_certificate_set_x509_trust_mem (MHD_gtls_cert_credentials_t | 508 | int MHD__gnutls_certificate_set_x509_trust_mem (MHD_gtls_cert_credentials_t |
498 | res, | 509 | res, |
499 | const MHD_gnutls_datum_t * CA, | 510 | const MHD_gnutls_datum_t * |
500 | MHD_gnutls_x509_crt_fmt_t type); | 511 | CA, |
512 | MHD_gnutls_x509_crt_fmt_t | ||
513 | type); | ||
501 | 514 | ||
502 | int MHD__gnutls_certificate_set_x509_crl_file (MHD_gtls_cert_credentials_t | 515 | int MHD__gnutls_certificate_set_x509_crl_file (MHD_gtls_cert_credentials_t |
503 | res, const char *crlfile, | 516 | res, const char *crlfile, |
504 | MHD_gnutls_x509_crt_fmt_t type); | 517 | MHD_gnutls_x509_crt_fmt_t |
518 | type); | ||
505 | int MHD__gnutls_certificate_set_x509_crl_mem (MHD_gtls_cert_credentials_t | 519 | int MHD__gnutls_certificate_set_x509_crl_mem (MHD_gtls_cert_credentials_t |
506 | res, | 520 | res, |
507 | const MHD_gnutls_datum_t * CRL, | 521 | const MHD_gnutls_datum_t * |
508 | MHD_gnutls_x509_crt_fmt_t type); | 522 | CRL, |
523 | MHD_gnutls_x509_crt_fmt_t | ||
524 | type); | ||
509 | 525 | ||
510 | /* | 526 | /* |
511 | * CERTFILE is an x509 certificate in PEM form. | 527 | * CERTFILE is an x509 certificate in PEM form. |
512 | * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys). | 528 | * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys). |
513 | */ | 529 | */ |
514 | int MHD__gnutls_certificate_set_x509_key_file (MHD_gtls_cert_credentials_t | 530 | int MHD__gnutls_certificate_set_x509_key_file (MHD_gtls_cert_credentials_t |
515 | res, const char *CERTFILE, | 531 | res, const char *CERTFILE, |
516 | const char *KEYFILE, | 532 | const char *KEYFILE, |
517 | MHD_gnutls_x509_crt_fmt_t type); | 533 | MHD_gnutls_x509_crt_fmt_t |
534 | type); | ||
518 | int MHD__gnutls_certificate_set_x509_key_mem (MHD_gtls_cert_credentials_t | 535 | int MHD__gnutls_certificate_set_x509_key_mem (MHD_gtls_cert_credentials_t |
519 | res, | 536 | res, |
520 | const MHD_gnutls_datum_t * CERT, | 537 | const MHD_gnutls_datum_t * |
521 | const MHD_gnutls_datum_t * KEY, | 538 | CERT, |
522 | MHD_gnutls_x509_crt_fmt_t type); | 539 | const MHD_gnutls_datum_t * |
540 | KEY, | ||
541 | MHD_gnutls_x509_crt_fmt_t | ||
542 | type); | ||
523 | 543 | ||
524 | void MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t | 544 | void MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t |
525 | session, int status); | 545 | session, int status); |
526 | 546 | ||
527 | /* | 547 | /* |
528 | * New functions to allow setting already parsed X.509 stuff. | 548 | * New functions to allow setting already parsed X.509 stuff. |
@@ -558,7 +578,8 @@ extern "C" | |||
558 | typedef void *(*MHD_gnutls_realloc_function) (void *, size_t); | 578 | typedef void *(*MHD_gnutls_realloc_function) (void *, size_t); |
559 | 579 | ||
560 | extern void | 580 | extern void |
561 | MHD_gtls_global_set_mem_functions (MHD_gnutls_alloc_function gt_alloc_func, | 581 | MHD_gtls_global_set_mem_functions (MHD_gnutls_alloc_function |
582 | gt_alloc_func, | ||
562 | MHD_gnutls_alloc_function | 583 | MHD_gnutls_alloc_function |
563 | gt_secure_alloc_func, | 584 | gt_secure_alloc_func, |
564 | MHD_gnutls_is_secure_function | 585 | MHD_gnutls_is_secure_function |
@@ -586,14 +607,14 @@ extern "C" | |||
586 | int MHD__gnutls_dh_params_init (MHD_gtls_dh_params_t * dh_params); | 607 | int MHD__gnutls_dh_params_init (MHD_gtls_dh_params_t * dh_params); |
587 | void MHD__gnutls_dh_params_deinit (MHD_gtls_dh_params_t dh_params); | 608 | void MHD__gnutls_dh_params_deinit (MHD_gtls_dh_params_t dh_params); |
588 | int MHD__gnutls_dh_params_generate2 (MHD_gtls_dh_params_t params, | 609 | int MHD__gnutls_dh_params_generate2 (MHD_gtls_dh_params_t params, |
589 | unsigned int bits); | 610 | unsigned int bits); |
590 | 611 | ||
591 | 612 | ||
592 | /* RSA params */ | 613 | /* RSA params */ |
593 | int MHD__gnutls_rsa_params_init (MHD_gtls_rsa_params_t * rsa_params); | 614 | int MHD__gnutls_rsa_params_init (MHD_gtls_rsa_params_t * rsa_params); |
594 | void MHD__gnutls_rsa_params_deinit (MHD_gtls_rsa_params_t rsa_params); | 615 | void MHD__gnutls_rsa_params_deinit (MHD_gtls_rsa_params_t rsa_params); |
595 | int MHD__gnutls_rsa_params_generate2 (MHD_gtls_rsa_params_t params, | 616 | int MHD__gnutls_rsa_params_generate2 (MHD_gtls_rsa_params_t params, |
596 | unsigned int bits); | 617 | unsigned int bits); |
597 | 618 | ||
598 | 619 | ||
599 | /* | 620 | /* |
@@ -601,21 +622,21 @@ extern "C" | |||
601 | */ | 622 | */ |
602 | typedef ssize_t (*MHD_gtls_pull_func) (MHD_gnutls_transport_ptr_t, void *, | 623 | typedef ssize_t (*MHD_gtls_pull_func) (MHD_gnutls_transport_ptr_t, void *, |
603 | size_t); | 624 | size_t); |
604 | typedef ssize_t (*MHD_gtls_push_func) (MHD_gnutls_transport_ptr_t, const void *, | 625 | typedef ssize_t (*MHD_gtls_push_func) (MHD_gnutls_transport_ptr_t, |
605 | size_t); | 626 | const void *, size_t); |
606 | void MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session, | 627 | void MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session, |
607 | MHD_gnutls_transport_ptr_t ptr); | 628 | MHD_gnutls_transport_ptr_t ptr); |
608 | void MHD__gnutls_transport_set_ptr2 (MHD_gtls_session_t session, | 629 | void MHD__gnutls_transport_set_ptr2 (MHD_gtls_session_t session, |
609 | MHD_gnutls_transport_ptr_t recv_ptr, | 630 | MHD_gnutls_transport_ptr_t recv_ptr, |
610 | MHD_gnutls_transport_ptr_t send_ptr); | 631 | MHD_gnutls_transport_ptr_t send_ptr); |
611 | 632 | ||
612 | void MHD__gnutls_transport_set_lowat (MHD_gtls_session_t session, int num); | 633 | void MHD__gnutls_transport_set_lowat (MHD_gtls_session_t session, int num); |
613 | 634 | ||
614 | 635 | ||
615 | void MHD__gnutls_transport_set_push_function (MHD_gtls_session_t session, | 636 | void MHD__gnutls_transport_set_push_function (MHD_gtls_session_t session, |
616 | MHD_gtls_push_func push_func); | 637 | MHD_gtls_push_func push_func); |
617 | void MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session, | 638 | void MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session, |
618 | MHD_gtls_pull_func pull_func); | 639 | MHD_gtls_pull_func pull_func); |
619 | 640 | ||
620 | void MHD__gnutls_transport_set_errno (MHD_gtls_session_t session, int err); | 641 | void MHD__gnutls_transport_set_errno (MHD_gtls_session_t session, int err); |
621 | void MHD__gnutls_transport_set_global_errno (int err); | 642 | void MHD__gnutls_transport_set_global_errno (int err); |
@@ -630,8 +651,8 @@ extern "C" | |||
630 | * this function returns the hash of the given data. | 651 | * this function returns the hash of the given data. |
631 | */ | 652 | */ |
632 | int MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo, | 653 | int MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo, |
633 | const MHD_gnutls_datum_t * data, void *result, | 654 | const MHD_gnutls_datum_t * data, void *result, |
634 | size_t * result_size); | 655 | size_t * result_size); |
635 | 656 | ||
636 | typedef enum MHD_gnutls_x509_subject_alt_name_t | 657 | typedef enum MHD_gnutls_x509_subject_alt_name_t |
637 | { | 658 | { |
@@ -664,21 +685,19 @@ extern "C" | |||
664 | unsigned int deinit_all; /* if non zero all keys will be deinited */ | 685 | unsigned int deinit_all; /* if non zero all keys will be deinited */ |
665 | } MHD_gnutls_retr_st; | 686 | } MHD_gnutls_retr_st; |
666 | 687 | ||
667 | typedef int MHD_gnutls_certificate_client_retrieve_function (MHD_gtls_session_t, | 688 | typedef int |
668 | const | 689 | MHD_gnutls_certificate_client_retrieve_function (MHD_gtls_session_t, |
669 | MHD_gnutls_datum_t * | 690 | const MHD_gnutls_datum_t |
670 | req_ca_rdn, | 691 | * req_ca_rdn, int nreqs, |
671 | int nreqs, | 692 | const enum |
672 | const | 693 | MHD_GNUTLS_PublicKeyAlgorithm |
673 | enum | 694 | *pk_algos, |
674 | MHD_GNUTLS_PublicKeyAlgorithm | 695 | int pk_algos_length, |
675 | *pk_algos, | 696 | MHD_gnutls_retr_st *); |
676 | int | 697 | |
677 | pk_algos_length, | 698 | typedef int |
678 | MHD_gnutls_retr_st *); | 699 | MHD_gnutls_certificate_server_retrieve_function (MHD_gtls_session_t, |
679 | 700 | MHD_gnutls_retr_st *); | |
680 | typedef int MHD_gnutls_certificate_server_retrieve_function (MHD_gtls_session_t, | ||
681 | MHD_gnutls_retr_st *); | ||
682 | 701 | ||
683 | /* | 702 | /* |
684 | * Functions that allow auth_info_t structures handling | 703 | * Functions that allow auth_info_t structures handling |
@@ -694,16 +713,16 @@ extern "C" | |||
694 | * DH | 713 | * DH |
695 | */ | 714 | */ |
696 | void MHD__gnutls_dh_set_prime_bits (MHD_gtls_session_t session, | 715 | void MHD__gnutls_dh_set_prime_bits (MHD_gtls_session_t session, |
697 | unsigned int bits); | 716 | unsigned int bits); |
698 | int MHD__gnutls_dh_get_secret_bits (MHD_gtls_session_t session); | 717 | int MHD__gnutls_dh_get_secret_bits (MHD_gtls_session_t session); |
699 | int MHD__gnutls_dh_get_peers_public_bits (MHD_gtls_session_t session); | 718 | int MHD__gnutls_dh_get_peers_public_bits (MHD_gtls_session_t session); |
700 | int MHD__gnutls_dh_get_prime_bits (MHD_gtls_session_t session); | 719 | int MHD__gnutls_dh_get_prime_bits (MHD_gtls_session_t session); |
701 | 720 | ||
702 | int MHD__gnutls_dh_get_group (MHD_gtls_session_t session, | 721 | int MHD__gnutls_dh_get_group (MHD_gtls_session_t session, |
703 | MHD_gnutls_datum_t * raw_gen, | 722 | MHD_gnutls_datum_t * raw_gen, |
704 | MHD_gnutls_datum_t * raw_prime); | 723 | MHD_gnutls_datum_t * raw_prime); |
705 | int MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session, | 724 | int MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session, |
706 | MHD_gnutls_datum_t * raw_key); | 725 | MHD_gnutls_datum_t * raw_key); |
707 | 726 | ||
708 | /* | 727 | /* |
709 | * RSA | 728 | * RSA |
@@ -715,17 +734,18 @@ extern "C" | |||
715 | 734 | ||
716 | /* External signing callback. Experimental. */ | 735 | /* External signing callback. Experimental. */ |
717 | typedef int (*MHD_gnutls_sign_func) (MHD_gtls_session_t session, | 736 | typedef int (*MHD_gnutls_sign_func) (MHD_gtls_session_t session, |
718 | void *userdata, | 737 | void *userdata, |
719 | enum MHD_GNUTLS_CertificateType cert_type, | 738 | enum MHD_GNUTLS_CertificateType |
720 | const MHD_gnutls_datum_t * cert, | 739 | cert_type, |
721 | const MHD_gnutls_datum_t * hash, | 740 | const MHD_gnutls_datum_t * cert, |
722 | MHD_gnutls_datum_t * signature); | 741 | const MHD_gnutls_datum_t * hash, |
742 | MHD_gnutls_datum_t * signature); | ||
723 | 743 | ||
724 | void MHD_gtls_sign_callback_set (MHD_gtls_session_t session, | 744 | void MHD_gtls_sign_callback_set (MHD_gtls_session_t session, |
725 | MHD_gnutls_sign_func sign_func, | 745 | MHD_gnutls_sign_func sign_func, |
726 | void *userdata); | 746 | void *userdata); |
727 | MHD_gnutls_sign_func MHD_gtls_sign_callback_get (MHD_gtls_session_t session, | 747 | MHD_gnutls_sign_func MHD_gtls_sign_callback_get (MHD_gtls_session_t session, |
728 | void **userdata); | 748 | void **userdata); |
729 | 749 | ||
730 | /* These are set on the credentials structure. | 750 | /* These are set on the credentials structure. |
731 | */ | 751 | */ |
@@ -742,11 +762,11 @@ extern "C" | |||
742 | 762 | ||
743 | /* get data from the session */ | 763 | /* get data from the session */ |
744 | const MHD_gnutls_datum_t *MHD_gtls_certificate_get_peers (MHD_gtls_session_t | 764 | const MHD_gnutls_datum_t *MHD_gtls_certificate_get_peers (MHD_gtls_session_t |
745 | session, | 765 | session, |
746 | unsigned int | 766 | unsigned int |
747 | *list_size); | 767 | *list_size); |
748 | const MHD_gnutls_datum_t *MHD_gtls_certificate_get_ours (MHD_gtls_session_t | 768 | const MHD_gnutls_datum_t *MHD_gtls_certificate_get_ours (MHD_gtls_session_t |
749 | session); | 769 | session); |
750 | 770 | ||
751 | time_t MHD_gtls_certificate_activation_time_peers (MHD_gtls_session_t | 771 | time_t MHD_gtls_certificate_activation_time_peers (MHD_gtls_session_t |
752 | session); | 772 | session); |
@@ -762,8 +782,8 @@ extern "C" | |||
762 | int MHD_gtls_certificate_verify_peers (MHD_gtls_session_t session); | 782 | int MHD_gtls_certificate_verify_peers (MHD_gtls_session_t session); |
763 | 783 | ||
764 | int MHD_gtls_pem_base64_encode (const char *msg, | 784 | int MHD_gtls_pem_base64_encode (const char *msg, |
765 | const MHD_gnutls_datum_t * data, char *result, | 785 | const MHD_gnutls_datum_t * data, |
766 | size_t * result_size); | 786 | char *result, size_t * result_size); |
767 | int MHD_gtls_pem_base64_decode (const char *header, | 787 | int MHD_gtls_pem_base64_decode (const char *header, |
768 | const MHD_gnutls_datum_t * b64_data, | 788 | const MHD_gnutls_datum_t * b64_data, |
769 | unsigned char *result, | 789 | unsigned char *result, |
diff --git a/src/daemon/https/lgl/des.c b/src/daemon/https/lgl/des.c index 7bc4c4d0..dbe5f3c6 100644 --- a/src/daemon/https/lgl/des.c +++ b/src/daemon/https/lgl/des.c | |||
@@ -543,7 +543,8 @@ MHD_gl_des_makekey (MHD_gl_des_ctx * ctx, const char *key, size_t keylen) | |||
543 | } | 543 | } |
544 | 544 | ||
545 | void | 545 | void |
546 | MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *_from, char *_to, int mode) | 546 | MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *_from, char *_to, |
547 | int mode) | ||
547 | { | 548 | { |
548 | const unsigned char *from = (const unsigned char *) _from; | 549 | const unsigned char *from = (const unsigned char *) _from; |
549 | unsigned char *to = (unsigned char *) _to; | 550 | unsigned char *to = (unsigned char *) _to; |
@@ -565,7 +566,8 @@ READ_64BIT_DATA (from, left, right) | |||
565 | FINAL_PERMUTATION (right, work, left) WRITE_64BIT_DATA (to, right, left)} | 566 | FINAL_PERMUTATION (right, work, left) WRITE_64BIT_DATA (to, right, left)} |
566 | 567 | ||
567 | void | 568 | void |
568 | MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, const char *key2) | 569 | MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, |
570 | const char *key2) | ||
569 | { | 571 | { |
570 | int i; | 572 | int i; |
571 | 573 | ||
@@ -590,7 +592,7 @@ MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, const char *key2) | |||
590 | 592 | ||
591 | void | 593 | void |
592 | MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx, const char *key1, | 594 | MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx, const char *key1, |
593 | const char *key2, const char *key3) | 595 | const char *key2, const char *key3) |
594 | { | 596 | { |
595 | int i; | 597 | int i; |
596 | 598 | ||
@@ -612,7 +614,8 @@ MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx, const char *key1, | |||
612 | } | 614 | } |
613 | 615 | ||
614 | void | 616 | void |
615 | MHD_gl_3des_ecb_crypt (MHD_gl_3des_ctx * ctx, const char *_from, char *_to, int mode) | 617 | MHD_gl_3des_ecb_crypt (MHD_gl_3des_ctx * ctx, const char *_from, char *_to, |
618 | int mode) | ||
616 | { | 619 | { |
617 | const unsigned char *from = (const unsigned char *) _from; | 620 | const unsigned char *from = (const unsigned char *) _from; |
618 | unsigned char *to = (unsigned char *) _to; | 621 | unsigned char *to = (unsigned char *) _to; |
@@ -658,5 +661,6 @@ MHD_gl_3des_makekey (MHD_gl_3des_ctx * ctx, const char *key, size_t keylen) | |||
658 | MHD_gl_3des_set3keys (ctx, key, key + 8, key + 16); | 661 | MHD_gl_3des_set3keys (ctx, key, key + 8, key + 16); |
659 | 662 | ||
660 | return !(MHD_gl_des_is_weak_key (key) | 663 | return !(MHD_gl_des_is_weak_key (key) |
661 | || MHD_gl_des_is_weak_key (key + 8) || MHD_gl_des_is_weak_key (key + 16)); | 664 | || MHD_gl_des_is_weak_key (key + 8) |
665 | || MHD_gl_des_is_weak_key (key + 16)); | ||
662 | } | 666 | } |
diff --git a/src/daemon/https/lgl/des.h b/src/daemon/https/lgl/des.h index 4d9eb20c..d2ad058e 100644 --- a/src/daemon/https/lgl/des.h +++ b/src/daemon/https/lgl/des.h | |||
@@ -62,12 +62,14 @@ extern void MHD_gl_des_setkey (MHD_gl_des_ctx * ctx, const char *key); | |||
62 | /* Fill a DES context CTX with subkeys calculated from 64bit KEY, with | 62 | /* Fill a DES context CTX with subkeys calculated from 64bit KEY, with |
63 | * weak key checking. Does not check parity bits, but simply ignore | 63 | * weak key checking. Does not check parity bits, but simply ignore |
64 | * them. */ | 64 | * them. */ |
65 | extern bool MHD_gl_des_makekey (MHD_gl_des_ctx * ctx, const char *key, size_t keylen); | 65 | extern bool MHD_gl_des_makekey (MHD_gl_des_ctx * ctx, const char *key, |
66 | size_t keylen); | ||
66 | 67 | ||
67 | /* Electronic Codebook Mode DES encryption/decryption of data | 68 | /* Electronic Codebook Mode DES encryption/decryption of data |
68 | * according to 'mode'. */ | 69 | * according to 'mode'. */ |
69 | extern void | 70 | extern void |
70 | MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *from, char *to, int mode); | 71 | MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *from, char *to, |
72 | int mode); | ||
71 | 73 | ||
72 | #define MHD_gl_des_ecb_encrypt(ctx, from, to) MHD_gl_des_ecb_crypt(ctx, from, to, 0) | 74 | #define MHD_gl_des_ecb_encrypt(ctx, from, to) MHD_gl_des_ecb_crypt(ctx, from, to, 0) |
73 | #define MHD_gl_des_ecb_decrypt(ctx, from, to) MHD_gl_des_ecb_crypt(ctx, from, to, 1) | 75 | #define MHD_gl_des_ecb_decrypt(ctx, from, to) MHD_gl_des_ecb_crypt(ctx, from, to, 1) |
@@ -80,7 +82,8 @@ MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *from, char *to, int mode | |||
80 | * 64bit keys in KEY1 and KEY2. Does not check the parity bits of the | 82 | * 64bit keys in KEY1 and KEY2. Does not check the parity bits of the |
81 | * keys, but simply ignore them. Does not check for weak keys. */ | 83 | * keys, but simply ignore them. Does not check for weak keys. */ |
82 | extern void | 84 | extern void |
83 | MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, const char *key2); | 85 | MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, |
86 | const char *key2); | ||
84 | 87 | ||
85 | /* | 88 | /* |
86 | * Fill a Triple-DES context CTX with subkeys calculated from three | 89 | * Fill a Triple-DES context CTX with subkeys calculated from three |
@@ -89,7 +92,7 @@ MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, const char *key2) | |||
89 | * keys. */ | 92 | * keys. */ |
90 | extern void | 93 | extern void |
91 | MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx, | 94 | MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx, |
92 | const char *key1, const char *key2, const char *key3); | 95 | const char *key1, const char *key2, const char *key3); |
93 | 96 | ||
94 | /* Fill a Triple-DES context CTX with subkeys calculated from three | 97 | /* Fill a Triple-DES context CTX with subkeys calculated from three |
95 | * concatenated 64bit keys in KEY, with weak key checking. Does not | 98 | * concatenated 64bit keys in KEY, with weak key checking. Does not |
@@ -101,7 +104,8 @@ MHD_gl_3des_makekey (MHD_gl_3des_ctx * ctx, const char *key, size_t keylen); | |||
101 | * according to 'mode'. Sometimes this mode is named 'EDE' mode | 104 | * according to 'mode'. Sometimes this mode is named 'EDE' mode |
102 | * (Encryption-Decryption-Encryption). */ | 105 | * (Encryption-Decryption-Encryption). */ |
103 | extern void | 106 | extern void |
104 | MHD_gl_3des_ecb_crypt (MHD_gl_3des_ctx * ctx, const char *from, char *to, int mode); | 107 | MHD_gl_3des_ecb_crypt (MHD_gl_3des_ctx * ctx, const char *from, char *to, |
108 | int mode); | ||
105 | 109 | ||
106 | #define MHD_gl_3des_ecb_encrypt(ctx, from, to) MHD_gl_3des_ecb_crypt(ctx,from,to,0) | 110 | #define MHD_gl_3des_ecb_encrypt(ctx, from, to) MHD_gl_3des_ecb_crypt(ctx,from,to,0) |
107 | #define MHD_gl_3des_ecb_decrypt(ctx, from, to) MHD_gl_3des_ecb_crypt(ctx,from,to,1) | 111 | #define MHD_gl_3des_ecb_decrypt(ctx, from, to) MHD_gl_3des_ecb_crypt(ctx,from,to,1) |
diff --git a/src/daemon/https/lgl/gc-gnulib.c b/src/daemon/https/lgl/gc-gnulib.c index 7c16d443..52fce18b 100644 --- a/src/daemon/https/lgl/gc-gnulib.c +++ b/src/daemon/https/lgl/gc-gnulib.c | |||
@@ -161,9 +161,9 @@ MHD_gc_random (char *data, size_t datalen) | |||
161 | /* Memory allocation. */ | 161 | /* Memory allocation. */ |
162 | void | 162 | void |
163 | MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, | 163 | MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, |
164 | MHD_gc_malloc_t secure_malloc, | 164 | MHD_gc_malloc_t secure_malloc, |
165 | MHD_gc_secure_check_t secure_check, | 165 | MHD_gc_secure_check_t secure_check, |
166 | MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free) | 166 | MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free) |
167 | { | 167 | { |
168 | return; | 168 | return; |
169 | } | 169 | } |
@@ -193,7 +193,7 @@ typedef struct _MHD_gc_cipher_ctx | |||
193 | 193 | ||
194 | Gc_rc | 194 | Gc_rc |
195 | MHD_gc_cipher_open (Gc_cipher alg, | 195 | MHD_gc_cipher_open (Gc_cipher alg, |
196 | Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle) | 196 | Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle) |
197 | { | 197 | { |
198 | _MHD_gc_cipher_ctx *ctx; | 198 | _MHD_gc_cipher_ctx *ctx; |
199 | Gc_rc rc = GC_OK; | 199 | Gc_rc rc = GC_OK; |
@@ -277,7 +277,8 @@ MHD_gc_cipher_open (Gc_cipher alg, | |||
277 | } | 277 | } |
278 | 278 | ||
279 | Gc_rc | 279 | Gc_rc |
280 | MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *key) | 280 | MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, |
281 | const char *key) | ||
281 | { | 282 | { |
282 | _MHD_gc_cipher_ctx *ctx = handle; | 283 | _MHD_gc_cipher_ctx *ctx = handle; |
283 | 284 | ||
@@ -317,16 +318,18 @@ MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *ke | |||
317 | sprintf (&keyMaterial[2 * i], "%02x", key[i] & 0xFF); | 318 | sprintf (&keyMaterial[2 * i], "%02x", key[i] & 0xFF); |
318 | 319 | ||
319 | rc = MHD_rijndaelMakeKey (&ctx->aesEncKey, RIJNDAEL_DIR_ENCRYPT, | 320 | rc = MHD_rijndaelMakeKey (&ctx->aesEncKey, RIJNDAEL_DIR_ENCRYPT, |
320 | keylen * 8, keyMaterial); | 321 | keylen * 8, keyMaterial); |
321 | if (rc < 0) | 322 | if (rc < 0) |
322 | return GC_INVALID_CIPHER; | 323 | return GC_INVALID_CIPHER; |
323 | 324 | ||
324 | rc = MHD_rijndaelMakeKey (&ctx->aesDecKey, RIJNDAEL_DIR_DECRYPT, | 325 | rc = MHD_rijndaelMakeKey (&ctx->aesDecKey, RIJNDAEL_DIR_DECRYPT, |
325 | keylen * 8, keyMaterial); | 326 | keylen * 8, keyMaterial); |
326 | if (rc < 0) | 327 | if (rc < 0) |
327 | return GC_INVALID_CIPHER; | 328 | return GC_INVALID_CIPHER; |
328 | 329 | ||
329 | rc = MHD_MHD_rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_ECB, NULL); | 330 | rc = |
331 | MHD_MHD_rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_ECB, | ||
332 | NULL); | ||
330 | if (rc < 0) | 333 | if (rc < 0) |
331 | return GC_INVALID_CIPHER; | 334 | return GC_INVALID_CIPHER; |
332 | } | 335 | } |
@@ -341,7 +344,8 @@ MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *ke | |||
341 | } | 344 | } |
342 | 345 | ||
343 | Gc_rc | 346 | Gc_rc |
344 | MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv) | 347 | MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, |
348 | const char *iv) | ||
345 | { | 349 | { |
346 | _MHD_gc_cipher_ctx *ctx = handle; | 350 | _MHD_gc_cipher_ctx *ctx = handle; |
347 | 351 | ||
@@ -374,8 +378,9 @@ MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv) | |||
374 | for (i = 0; i < ivlen; i++) | 378 | for (i = 0; i < ivlen; i++) |
375 | sprintf (&ivMaterial[2 * i], "%02x", iv[i] & 0xFF); | 379 | sprintf (&ivMaterial[2 * i], "%02x", iv[i] & 0xFF); |
376 | 380 | ||
377 | rc = MHD_MHD_rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_CBC, | 381 | rc = |
378 | ivMaterial); | 382 | MHD_MHD_rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_CBC, |
383 | ivMaterial); | ||
379 | if (rc < 0) | 384 | if (rc < 0) |
380 | return GC_INVALID_CIPHER; | 385 | return GC_INVALID_CIPHER; |
381 | } | 386 | } |
@@ -395,7 +400,8 @@ MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv) | |||
395 | } | 400 | } |
396 | 401 | ||
397 | Gc_rc | 402 | Gc_rc |
398 | MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *data) | 403 | MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, |
404 | char *data) | ||
399 | { | 405 | { |
400 | _MHD_gc_cipher_ctx *ctx = handle; | 406 | _MHD_gc_cipher_ctx *ctx = handle; |
401 | 407 | ||
@@ -450,7 +456,7 @@ MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *dat | |||
450 | int nblocks; | 456 | int nblocks; |
451 | 457 | ||
452 | nblocks = MHD_rijndaelBlockEncrypt (&ctx->aesContext, &ctx->aesEncKey, | 458 | nblocks = MHD_rijndaelBlockEncrypt (&ctx->aesContext, &ctx->aesEncKey, |
453 | data, 8 * len, data); | 459 | data, 8 * len, data); |
454 | if (nblocks < 0) | 460 | if (nblocks < 0) |
455 | return GC_INVALID_CIPHER; | 461 | return GC_INVALID_CIPHER; |
456 | } | 462 | } |
@@ -465,7 +471,8 @@ MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *dat | |||
465 | } | 471 | } |
466 | 472 | ||
467 | Gc_rc | 473 | Gc_rc |
468 | MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *data) | 474 | MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len, |
475 | char *data) | ||
469 | { | 476 | { |
470 | _MHD_gc_cipher_ctx *ctx = handle; | 477 | _MHD_gc_cipher_ctx *ctx = handle; |
471 | 478 | ||
@@ -522,7 +529,7 @@ MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *dat | |||
522 | int nblocks; | 529 | int nblocks; |
523 | 530 | ||
524 | nblocks = MHD_rijndaelBlockDecrypt (&ctx->aesContext, &ctx->aesDecKey, | 531 | nblocks = MHD_rijndaelBlockDecrypt (&ctx->aesContext, &ctx->aesDecKey, |
525 | data, 8 * len, data); | 532 | data, 8 * len, data); |
526 | if (nblocks < 0) | 533 | if (nblocks < 0) |
527 | return GC_INVALID_CIPHER; | 534 | return GC_INVALID_CIPHER; |
528 | } | 535 | } |
@@ -565,7 +572,8 @@ typedef struct _MHD_gc_hash_ctx | |||
565 | } _MHD_gc_hash_ctx; | 572 | } _MHD_gc_hash_ctx; |
566 | 573 | ||
567 | Gc_rc | 574 | Gc_rc |
568 | MHD_gc_hash_open (Gc_hash hash, Gc_hash_mode mode, MHD_gc_hash_handle * outhandle) | 575 | MHD_gc_hash_open (Gc_hash hash, Gc_hash_mode mode, |
576 | MHD_gc_hash_handle * outhandle) | ||
569 | { | 577 | { |
570 | _MHD_gc_hash_ctx *ctx; | 578 | _MHD_gc_hash_ctx *ctx; |
571 | Gc_rc rc = GC_OK; | 579 | Gc_rc rc = GC_OK; |
@@ -769,7 +777,7 @@ MHD_gc_sha1 (const void *in, size_t inlen, void *resbuf) | |||
769 | #ifdef GNULIB_GC_HMAC_MD5 | 777 | #ifdef GNULIB_GC_HMAC_MD5 |
770 | Gc_rc | 778 | Gc_rc |
771 | MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen, | 779 | MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen, |
772 | const void *in, size_t inlen, char *resbuf) | 780 | const void *in, size_t inlen, char *resbuf) |
773 | { | 781 | { |
774 | MHD_hmac_md5 (key, keylen, in, inlen, resbuf); | 782 | MHD_hmac_md5 (key, keylen, in, inlen, resbuf); |
775 | return GC_OK; | 783 | return GC_OK; |
@@ -779,7 +787,8 @@ MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen, | |||
779 | #ifdef GNULIB_GC_HMAC_SHA1 | 787 | #ifdef GNULIB_GC_HMAC_SHA1 |
780 | Gc_rc | 788 | Gc_rc |
781 | MHD_gc_MHD_hmac_sha1 (const void *key, | 789 | MHD_gc_MHD_hmac_sha1 (const void *key, |
782 | size_t keylen, const void *in, size_t inlen, char *resbuf) | 790 | size_t keylen, const void *in, size_t inlen, |
791 | char *resbuf) | ||
783 | { | 792 | { |
784 | MHD_hmac_sha1 (key, keylen, in, inlen, resbuf); | 793 | MHD_hmac_sha1 (key, keylen, in, inlen, resbuf); |
785 | return GC_OK; | 794 | return GC_OK; |
diff --git a/src/daemon/https/lgl/gc-libgcrypt.c b/src/daemon/https/lgl/gc-libgcrypt.c index a51a7bb4..e4429bd2 100644 --- a/src/daemon/https/lgl/gc-libgcrypt.c +++ b/src/daemon/https/lgl/gc-libgcrypt.c | |||
@@ -90,9 +90,9 @@ MHD_gc_random (char *data, size_t datalen) | |||
90 | 90 | ||
91 | void | 91 | void |
92 | MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, | 92 | MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, |
93 | MHD_gc_malloc_t secure_malloc, | 93 | MHD_gc_malloc_t secure_malloc, |
94 | MHD_gc_secure_check_t secure_check, | 94 | MHD_gc_secure_check_t secure_check, |
95 | MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free) | 95 | MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free) |
96 | { | 96 | { |
97 | gcry_set_allocation_handler (func_malloc, secure_malloc, secure_check, | 97 | gcry_set_allocation_handler (func_malloc, secure_malloc, secure_check, |
98 | func_realloc, func_free); | 98 | func_realloc, func_free); |
@@ -102,7 +102,7 @@ MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, | |||
102 | 102 | ||
103 | Gc_rc | 103 | Gc_rc |
104 | MHD_gc_cipher_open (Gc_cipher alg, | 104 | MHD_gc_cipher_open (Gc_cipher alg, |
105 | Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle) | 105 | Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle) |
106 | { | 106 | { |
107 | int gcryalg, gcrymode; | 107 | int gcryalg, gcrymode; |
108 | gcry_error_t err; | 108 | gcry_error_t err; |
@@ -179,7 +179,8 @@ MHD_gc_cipher_open (Gc_cipher alg, | |||
179 | } | 179 | } |
180 | 180 | ||
181 | Gc_rc | 181 | Gc_rc |
182 | MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *key) | 182 | MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, |
183 | const char *key) | ||
183 | { | 184 | { |
184 | gcry_error_t err; | 185 | gcry_error_t err; |
185 | 186 | ||
@@ -191,7 +192,8 @@ MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *ke | |||
191 | } | 192 | } |
192 | 193 | ||
193 | Gc_rc | 194 | Gc_rc |
194 | MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv) | 195 | MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, |
196 | const char *iv) | ||
195 | { | 197 | { |
196 | gcry_error_t err; | 198 | gcry_error_t err; |
197 | 199 | ||
@@ -203,7 +205,8 @@ MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv) | |||
203 | } | 205 | } |
204 | 206 | ||
205 | Gc_rc | 207 | Gc_rc |
206 | MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *data) | 208 | MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, |
209 | char *data) | ||
207 | { | 210 | { |
208 | if (gcry_cipher_encrypt ((gcry_cipher_hd_t) handle, data, len, NULL, len) != | 211 | if (gcry_cipher_encrypt ((gcry_cipher_hd_t) handle, data, len, NULL, len) != |
209 | 0) | 212 | 0) |
@@ -213,7 +216,8 @@ MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *dat | |||
213 | } | 216 | } |
214 | 217 | ||
215 | Gc_rc | 218 | Gc_rc |
216 | MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *data) | 219 | MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len, |
220 | char *data) | ||
217 | { | 221 | { |
218 | if (gcry_cipher_decrypt ((gcry_cipher_hd_t) handle, data, len, NULL, len) != | 222 | if (gcry_cipher_decrypt ((gcry_cipher_hd_t) handle, data, len, NULL, len) != |
219 | 0) | 223 | 0) |
@@ -240,7 +244,8 @@ typedef struct _MHD_gc_hash_ctx | |||
240 | } _MHD_gc_hash_ctx; | 244 | } _MHD_gc_hash_ctx; |
241 | 245 | ||
242 | Gc_rc | 246 | Gc_rc |
243 | MHD_gc_hash_open (Gc_hash hash, Gc_hash_mode mode, MHD_gc_hash_handle * outhandle) | 247 | MHD_gc_hash_open (Gc_hash hash, Gc_hash_mode mode, |
248 | MHD_gc_hash_handle * outhandle) | ||
244 | { | 249 | { |
245 | _MHD_gc_hash_ctx *ctx; | 250 | _MHD_gc_hash_ctx *ctx; |
246 | int gcryalg = 0, gcrymode = 0; | 251 | int gcryalg = 0, gcrymode = 0; |
@@ -391,7 +396,8 @@ MHD_gc_hash_digest_length (Gc_hash hash) | |||
391 | } | 396 | } |
392 | 397 | ||
393 | void | 398 | void |
394 | MHD_gc_hash_MHD_hmac_setkey (MHD_gc_hash_handle handle, size_t len, const char *key) | 399 | MHD_gc_hash_MHD_hmac_setkey (MHD_gc_hash_handle handle, size_t len, |
400 | const char *key) | ||
395 | { | 401 | { |
396 | _MHD_gc_hash_ctx *ctx = handle; | 402 | _MHD_gc_hash_ctx *ctx = handle; |
397 | gcry_md_setkey (ctx->gch, key, len); | 403 | gcry_md_setkey (ctx->gch, key, len); |
@@ -411,7 +417,7 @@ MHD_gc_hash_read (MHD_gc_hash_handle handle) | |||
411 | const char *digest; | 417 | const char *digest; |
412 | { | 418 | { |
413 | gcry_md_final (ctx->gch); | 419 | gcry_md_final (ctx->gch); |
414 | digest = (const char*) gcry_md_read (ctx->gch, 0); | 420 | digest = (const char *) gcry_md_read (ctx->gch, 0); |
415 | } | 421 | } |
416 | 422 | ||
417 | return digest; | 423 | return digest; |
@@ -547,7 +553,7 @@ MHD_gc_sha1 (const void *in, size_t inlen, void *resbuf) | |||
547 | #ifdef GNULIB_GC_HMAC_MD5 | 553 | #ifdef GNULIB_GC_HMAC_MD5 |
548 | Gc_rc | 554 | Gc_rc |
549 | MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen, | 555 | MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen, |
550 | const void *in, size_t inlen, char *resbuf) | 556 | const void *in, size_t inlen, char *resbuf) |
551 | { | 557 | { |
552 | size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_MD5); | 558 | size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_MD5); |
553 | gcry_md_hd_t mdh; | 559 | gcry_md_hd_t mdh; |
@@ -587,7 +593,8 @@ MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen, | |||
587 | #ifdef GNULIB_GC_HMAC_SHA1 | 593 | #ifdef GNULIB_GC_HMAC_SHA1 |
588 | Gc_rc | 594 | Gc_rc |
589 | MHD_gc_MHD_hmac_sha1 (const void *key, | 595 | MHD_gc_MHD_hmac_sha1 (const void *key, |
590 | size_t keylen, const void *in, size_t inlen, char *resbuf) | 596 | size_t keylen, const void *in, size_t inlen, |
597 | char *resbuf) | ||
591 | { | 598 | { |
592 | size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_SHA1); | 599 | size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_SHA1); |
593 | gcry_md_hd_t mdh; | 600 | gcry_md_hd_t mdh; |
diff --git a/src/daemon/https/lgl/gc-pbkdf2-sha1.c b/src/daemon/https/lgl/gc-pbkdf2-sha1.c index 98ac9f96..f58ba491 100644 --- a/src/daemon/https/lgl/gc-pbkdf2-sha1.c +++ b/src/daemon/https/lgl/gc-pbkdf2-sha1.c | |||
@@ -53,8 +53,8 @@ | |||
53 | 53 | ||
54 | Gc_rc | 54 | Gc_rc |
55 | MHD_gc_pbkdf2_sha1 (const char *P, size_t Plen, | 55 | MHD_gc_pbkdf2_sha1 (const char *P, size_t Plen, |
56 | const char *S, size_t Slen, | 56 | const char *S, size_t Slen, |
57 | unsigned int c, char *DK, size_t dkLen) | 57 | unsigned int c, char *DK, size_t dkLen) |
58 | { | 58 | { |
59 | unsigned int hLen = 20; | 59 | unsigned int hLen = 20; |
60 | char U[20]; | 60 | char U[20]; |
diff --git a/src/daemon/https/lgl/gc.h b/src/daemon/https/lgl/gc.h index ecc506fc..4d6b2c93 100644 --- a/src/daemon/https/lgl/gc.h +++ b/src/daemon/https/lgl/gc.h | |||
@@ -105,9 +105,10 @@ typedef int (*MHD_gc_secure_check_t) (const void *); | |||
105 | typedef void *(*MHD_gc_realloc_t) (void *p, size_t n); | 105 | typedef void *(*MHD_gc_realloc_t) (void *p, size_t n); |
106 | typedef void (*MHD_gc_free_t) (void *); | 106 | typedef void (*MHD_gc_free_t) (void *); |
107 | void MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, | 107 | void MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, |
108 | MHD_gc_malloc_t secure_malloc, | 108 | MHD_gc_malloc_t secure_malloc, |
109 | MHD_gc_secure_check_t secure_check, | 109 | MHD_gc_secure_check_t secure_check, |
110 | MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free); | 110 | MHD_gc_realloc_t func_realloc, |
111 | MHD_gc_free_t func_free); | ||
111 | 112 | ||
112 | /* Randomness. */ | 113 | /* Randomness. */ |
113 | Gc_rc MHD_gc_nonce (char *data, size_t datalen); | 114 | Gc_rc MHD_gc_nonce (char *data, size_t datalen); |
@@ -116,24 +117,29 @@ Gc_rc MHD_gc_random (char *data, size_t datalen); | |||
116 | 117 | ||
117 | /* Ciphers. */ | 118 | /* Ciphers. */ |
118 | Gc_rc MHD_gc_cipher_open (Gc_cipher cipher, | 119 | Gc_rc MHD_gc_cipher_open (Gc_cipher cipher, |
119 | Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle); | 120 | Gc_cipher_mode mode, |
120 | Gc_rc MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, | 121 | MHD_gc_cipher_handle * outhandle); |
121 | size_t keylen, const char *key); | 122 | Gc_rc MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, |
122 | Gc_rc MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv); | 123 | const char *key); |
123 | Gc_rc MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, | 124 | Gc_rc MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, |
124 | size_t len, char *data); | 125 | const char *iv); |
125 | Gc_rc MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, | 126 | Gc_rc MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, |
126 | size_t len, char *data); | 127 | char *data); |
128 | Gc_rc MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len, | ||
129 | char *data); | ||
127 | Gc_rc MHD_gc_cipher_close (MHD_gc_cipher_handle handle); | 130 | Gc_rc MHD_gc_cipher_close (MHD_gc_cipher_handle handle); |
128 | 131 | ||
129 | /* Hashes. */ | 132 | /* Hashes. */ |
130 | 133 | ||
131 | Gc_rc MHD_gc_hash_open (Gc_hash hash, | 134 | Gc_rc MHD_gc_hash_open (Gc_hash hash, |
132 | Gc_hash_mode mode, MHD_gc_hash_handle * outhandle); | 135 | Gc_hash_mode mode, MHD_gc_hash_handle * outhandle); |
133 | Gc_rc MHD_gc_hash_clone (MHD_gc_hash_handle handle, MHD_gc_hash_handle * outhandle); | 136 | Gc_rc MHD_gc_hash_clone (MHD_gc_hash_handle handle, |
137 | MHD_gc_hash_handle * outhandle); | ||
134 | size_t MHD_gc_hash_digest_length (Gc_hash hash); | 138 | size_t MHD_gc_hash_digest_length (Gc_hash hash); |
135 | void MHD_gc_hash_MHD_hmac_setkey (MHD_gc_hash_handle handle, size_t len, const char *key); | 139 | void MHD_gc_hash_MHD_hmac_setkey (MHD_gc_hash_handle handle, size_t len, |
136 | void MHD_gc_hash_write (MHD_gc_hash_handle handle, size_t len, const char *data); | 140 | const char *key); |
141 | void MHD_gc_hash_write (MHD_gc_hash_handle handle, size_t len, | ||
142 | const char *data); | ||
137 | const char *MHD_gc_hash_read (MHD_gc_hash_handle handle); | 143 | const char *MHD_gc_hash_read (MHD_gc_hash_handle handle); |
138 | void MHD_gc_hash_close (MHD_gc_hash_handle handle); | 144 | void MHD_gc_hash_close (MHD_gc_hash_handle handle); |
139 | 145 | ||
@@ -143,7 +149,8 @@ void MHD_gc_hash_close (MHD_gc_hash_handle handle); | |||
143 | GC_<HASH>_DIGEST_SIZE. For example, for GC_MD5 the output buffer | 149 | GC_<HASH>_DIGEST_SIZE. For example, for GC_MD5 the output buffer |
144 | must be 16 bytes. The return value is 0 (GC_OK) on success, or | 150 | must be 16 bytes. The return value is 0 (GC_OK) on success, or |
145 | another Gc_rc error code. */ | 151 | another Gc_rc error code. */ |
146 | Gc_rc MHD_gc_hash_buffer (Gc_hash hash, const void *in, size_t inlen, char *out); | 152 | Gc_rc MHD_gc_hash_buffer (Gc_hash hash, const void *in, size_t inlen, |
153 | char *out); | ||
147 | 154 | ||
148 | /* One-call interface. */ | 155 | /* One-call interface. */ |
149 | Gc_rc MHD_gc_md2 (const void *in, size_t inlen, void *resbuf); | 156 | Gc_rc MHD_gc_md2 (const void *in, size_t inlen, void *resbuf); |
@@ -151,10 +158,10 @@ Gc_rc MHD_gc_md4 (const void *in, size_t inlen, void *resbuf); | |||
151 | Gc_rc MHD_gc_md5 (const void *in, size_t inlen, void *resbuf); | 158 | Gc_rc MHD_gc_md5 (const void *in, size_t inlen, void *resbuf); |
152 | Gc_rc MHD_gc_sha1 (const void *in, size_t inlen, void *resbuf); | 159 | Gc_rc MHD_gc_sha1 (const void *in, size_t inlen, void *resbuf); |
153 | Gc_rc MHD_gc_MHD_hmac_md5 (const void *key, | 160 | Gc_rc MHD_gc_MHD_hmac_md5 (const void *key, |
154 | size_t keylen, const void *in, size_t inlen, char *resbuf); | 161 | size_t keylen, const void *in, size_t inlen, |
155 | Gc_rc MHD_gc_MHD_hmac_sha1 (const void *key, | 162 | char *resbuf); |
156 | size_t keylen, | 163 | Gc_rc MHD_gc_MHD_hmac_sha1 (const void *key, size_t keylen, const void *in, |
157 | const void *in, size_t inlen, char *resbuf); | 164 | size_t inlen, char *resbuf); |
158 | 165 | ||
159 | /* Derive cryptographic keys from a password P of length PLEN, with | 166 | /* Derive cryptographic keys from a password P of length PLEN, with |
160 | salt S of length SLEN, placing the result in pre-allocated buffer | 167 | salt S of length SLEN, placing the result in pre-allocated buffer |
@@ -164,9 +171,10 @@ Gc_rc MHD_gc_MHD_hmac_sha1 (const void *key, | |||
164 | exactly dkLen bytes long. GC_OK is returned on success, otherwise | 171 | exactly dkLen bytes long. GC_OK is returned on success, otherwise |
165 | an Gc_rc error code is returned. */ | 172 | an Gc_rc error code is returned. */ |
166 | Gc_rc MHD_gc_pbkdf2_sha1 (const char *P, | 173 | Gc_rc MHD_gc_pbkdf2_sha1 (const char *P, |
167 | size_t Plen, | 174 | size_t Plen, |
168 | const char *S, | 175 | const char *S, |
169 | size_t Slen, unsigned int c, char *DK, size_t dkLen); | 176 | size_t Slen, unsigned int c, char *DK, |
177 | size_t dkLen); | ||
170 | 178 | ||
171 | /* | 179 | /* |
172 | TODO: | 180 | TODO: |
diff --git a/src/daemon/https/lgl/hmac-md5.c b/src/daemon/https/lgl/hmac-md5.c index fc6902a9..1fd943f0 100644 --- a/src/daemon/https/lgl/hmac-md5.c +++ b/src/daemon/https/lgl/hmac-md5.c | |||
@@ -31,7 +31,7 @@ | |||
31 | 31 | ||
32 | int | 32 | int |
33 | MHD_hmac_md5 (const void *key, size_t keylen, | 33 | MHD_hmac_md5 (const void *key, size_t keylen, |
34 | const void *in, size_t inlen, void *resbuf) | 34 | const void *in, size_t inlen, void *resbuf) |
35 | { | 35 | { |
36 | struct MHD_md5_ctx inner; | 36 | struct MHD_md5_ctx inner; |
37 | struct MHD_md5_ctx outer; | 37 | struct MHD_md5_ctx outer; |
diff --git a/src/daemon/https/lgl/hmac-sha1.c b/src/daemon/https/lgl/hmac-sha1.c index 5d341cb4..4d2e4f37 100644 --- a/src/daemon/https/lgl/hmac-sha1.c +++ b/src/daemon/https/lgl/hmac-sha1.c | |||
@@ -31,7 +31,7 @@ | |||
31 | 31 | ||
32 | int | 32 | int |
33 | MHD_hmac_sha1 (const void *key, size_t keylen, | 33 | MHD_hmac_sha1 (const void *key, size_t keylen, |
34 | const void *in, size_t inlen, void *resbuf) | 34 | const void *in, size_t inlen, void *resbuf) |
35 | { | 35 | { |
36 | struct MHD_sha1_ctx inner; | 36 | struct MHD_sha1_ctx inner; |
37 | struct MHD_sha1_ctx outer; | 37 | struct MHD_sha1_ctx outer; |
diff --git a/src/daemon/https/lgl/hmac.h b/src/daemon/https/lgl/hmac.h index 29764056..c4791504 100644 --- a/src/daemon/https/lgl/hmac.h +++ b/src/daemon/https/lgl/hmac.h | |||
@@ -28,7 +28,7 @@ | |||
28 | RESBUF buffer. Return 0 on success. */ | 28 | RESBUF buffer. Return 0 on success. */ |
29 | int | 29 | int |
30 | MHD_hmac_md5 (const void *key, size_t keylen, | 30 | MHD_hmac_md5 (const void *key, size_t keylen, |
31 | const void *buffer, size_t buflen, void *resbuf); | 31 | const void *buffer, size_t buflen, void *resbuf); |
32 | 32 | ||
33 | /* Compute Hashed Message Authentication Code with SHA-1, over BUFFER | 33 | /* Compute Hashed Message Authentication Code with SHA-1, over BUFFER |
34 | data of BUFLEN bytes using the KEY of KEYLEN bytes, writing the | 34 | data of BUFLEN bytes using the KEY of KEYLEN bytes, writing the |
@@ -36,6 +36,6 @@ MHD_hmac_md5 (const void *key, size_t keylen, | |||
36 | success. */ | 36 | success. */ |
37 | int | 37 | int |
38 | MHD_hmac_sha1 (const void *key, size_t keylen, | 38 | MHD_hmac_sha1 (const void *key, size_t keylen, |
39 | const void *in, size_t inlen, void *resbuf); | 39 | const void *in, size_t inlen, void *resbuf); |
40 | 40 | ||
41 | #endif /* HMAC_H */ | 41 | #endif /* HMAC_H */ |
diff --git a/src/daemon/https/lgl/md5.c b/src/daemon/https/lgl/md5.c index bc1fccbc..8cca27f5 100644 --- a/src/daemon/https/lgl/md5.c +++ b/src/daemon/https/lgl/md5.c | |||
@@ -212,7 +212,8 @@ MHD_md5_buffer (const char *buffer, size_t len, void *resblock) | |||
212 | 212 | ||
213 | 213 | ||
214 | void | 214 | void |
215 | MHD_md5_process_bytes (const void *buffer, size_t len, struct MHD_md5_ctx *ctx) | 215 | MHD_md5_process_bytes (const void *buffer, size_t len, |
216 | struct MHD_md5_ctx *ctx) | ||
216 | { | 217 | { |
217 | /* When we already have some bits in our internal buffer concatenate | 218 | /* When we already have some bits in our internal buffer concatenate |
218 | both inputs first. */ | 219 | both inputs first. */ |
@@ -292,7 +293,8 @@ MHD_md5_process_bytes (const void *buffer, size_t len, struct MHD_md5_ctx *ctx) | |||
292 | It is assumed that LEN % 64 == 0. */ | 293 | It is assumed that LEN % 64 == 0. */ |
293 | 294 | ||
294 | void | 295 | void |
295 | MHD_md5_process_block (const void *buffer, size_t len, struct MHD_md5_ctx *ctx) | 296 | MHD_md5_process_block (const void *buffer, size_t len, |
297 | struct MHD_md5_ctx *ctx) | ||
296 | { | 298 | { |
297 | uint32_t correct_words[16]; | 299 | uint32_t correct_words[16]; |
298 | const uint32_t *words = buffer; | 300 | const uint32_t *words = buffer; |
diff --git a/src/daemon/https/lgl/md5.h b/src/daemon/https/lgl/md5.h index 80793b66..94247e46 100644 --- a/src/daemon/https/lgl/md5.h +++ b/src/daemon/https/lgl/md5.h | |||
@@ -83,14 +83,14 @@ __MHD_md5_init_ctx (struct MHD_md5_ctx *ctx) | |||
83 | starting at BUFFER. | 83 | starting at BUFFER. |
84 | It is necessary that LEN is a multiple of 64!!! */ | 84 | It is necessary that LEN is a multiple of 64!!! */ |
85 | extern void __MHD_md5_process_block (const void *buffer, size_t len, | 85 | extern void __MHD_md5_process_block (const void *buffer, size_t len, |
86 | struct MHD_md5_ctx *ctx) __THROW; | 86 | struct MHD_md5_ctx *ctx) __THROW; |
87 | 87 | ||
88 | /* Starting with the result of former calls of this function (or the | 88 | /* Starting with the result of former calls of this function (or the |
89 | initialization function update the context for the next LEN bytes | 89 | initialization function update the context for the next LEN bytes |
90 | starting at BUFFER. | 90 | starting at BUFFER. |
91 | It is NOT required that LEN is a multiple of 64. */ | 91 | It is NOT required that LEN is a multiple of 64. */ |
92 | extern void __MHD_md5_process_bytes (const void *buffer, size_t len, | 92 | extern void __MHD_md5_process_bytes (const void *buffer, size_t len, |
93 | struct MHD_md5_ctx *ctx) __THROW; | 93 | struct MHD_md5_ctx *ctx) __THROW; |
94 | 94 | ||
95 | /* Process the remaining bytes in the buffer and put result from CTX | 95 | /* Process the remaining bytes in the buffer and put result from CTX |
96 | in first 16 bytes following RESBUF. The result is always in little | 96 | in first 16 bytes following RESBUF. The result is always in little |
@@ -100,7 +100,7 @@ __MHD_md5_init_ctx (struct MHD_md5_ctx *ctx) | |||
100 | IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit | 100 | IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit |
101 | boundary. */ | 101 | boundary. */ |
102 | extern void *__MHD_md5_finish_ctx (struct MHD_md5_ctx *ctx, | 102 | extern void *__MHD_md5_finish_ctx (struct MHD_md5_ctx *ctx, |
103 | void *resbuf) __THROW; | 103 | void *resbuf) __THROW; |
104 | 104 | ||
105 | 105 | ||
106 | /* Put result from CTX in first 16 bytes following RESBUF. The result is | 106 | /* Put result from CTX in first 16 bytes following RESBUF. The result is |
@@ -110,7 +110,7 @@ __MHD_md5_init_ctx (struct MHD_md5_ctx *ctx) | |||
110 | IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit | 110 | IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit |
111 | boundary. */ | 111 | boundary. */ |
112 | extern void *__MHD_md5_read_ctx (const struct MHD_md5_ctx *ctx, | 112 | extern void *__MHD_md5_read_ctx (const struct MHD_md5_ctx *ctx, |
113 | void *resbuf) __THROW; | 113 | void *resbuf) __THROW; |
114 | 114 | ||
115 | 115 | ||
116 | /* Compute MD5 message digest for bytes read from STREAM. The | 116 | /* Compute MD5 message digest for bytes read from STREAM. The |
@@ -123,6 +123,6 @@ __MHD_md5_init_ctx (struct MHD_md5_ctx *ctx) | |||
123 | output yields to the wanted ASCII representation of the message | 123 | output yields to the wanted ASCII representation of the message |
124 | digest. */ | 124 | digest. */ |
125 | extern void *__MHD_md5_buffer (const char *buffer, size_t len, | 125 | extern void *__MHD_md5_buffer (const char *buffer, size_t len, |
126 | void *resblock) __THROW; | 126 | void *resblock) __THROW; |
127 | 127 | ||
128 | #endif /* md5.h */ | 128 | #endif /* md5.h */ |
diff --git a/src/daemon/https/lgl/rijndael-alg-fst.c b/src/daemon/https/lgl/rijndael-alg-fst.c index d17fbeed..516fff15 100644 --- a/src/daemon/https/lgl/rijndael-alg-fst.c +++ b/src/daemon/https/lgl/rijndael-alg-fst.c | |||
@@ -763,7 +763,7 @@ static const uint32_t rcon[] = { | |||
763 | */ | 763 | */ |
764 | int | 764 | int |
765 | MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ], | 765 | MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ], |
766 | const char cipherKey[], size_t keyBits) | 766 | const char cipherKey[], size_t keyBits) |
767 | { | 767 | { |
768 | size_t i = 0; | 768 | size_t i = 0; |
769 | uint32_t temp; | 769 | uint32_t temp; |
@@ -858,7 +858,7 @@ MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ], | |||
858 | */ | 858 | */ |
859 | int | 859 | int |
860 | MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ], | 860 | MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ], |
861 | const char cipherKey[], size_t keyBits) | 861 | const char cipherKey[], size_t keyBits) |
862 | { | 862 | { |
863 | size_t Nr, i, j; | 863 | size_t Nr, i, j; |
864 | uint32_t temp; | 864 | uint32_t temp; |
@@ -912,7 +912,7 @@ MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ], | |||
912 | 912 | ||
913 | void | 913 | void |
914 | MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, | 914 | MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, |
915 | const char pt[16], char ct[16]) | 915 | const char pt[16], char ct[16]) |
916 | { | 916 | { |
917 | uint32_t s0, s1, s2, s3, t0, t1, t2, t3; | 917 | uint32_t s0, s1, s2, s3, t0, t1, t2, t3; |
918 | size_t r; | 918 | size_t r; |
@@ -1003,7 +1003,7 @@ MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, | |||
1003 | 1003 | ||
1004 | void | 1004 | void |
1005 | MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, | 1005 | MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, |
1006 | const char ct[16], char pt[16]) | 1006 | const char ct[16], char pt[16]) |
1007 | { | 1007 | { |
1008 | uint32_t s0, s1, s2, s3, t0, t1, t2, t3; | 1008 | uint32_t s0, s1, s2, s3, t0, t1, t2, t3; |
1009 | size_t r; | 1009 | size_t r; |
diff --git a/src/daemon/https/lgl/rijndael-alg-fst.h b/src/daemon/https/lgl/rijndael-alg-fst.h index c5496181..b04c1deb 100644 --- a/src/daemon/https/lgl/rijndael-alg-fst.h +++ b/src/daemon/https/lgl/rijndael-alg-fst.h | |||
@@ -56,12 +56,12 @@ | |||
56 | #define RIJNDAEL_MAXNR 14 | 56 | #define RIJNDAEL_MAXNR 14 |
57 | 57 | ||
58 | int MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ], | 58 | int MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ], |
59 | const char cipherKey[], size_t keyBits); | 59 | const char cipherKey[], size_t keyBits); |
60 | int MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ], | 60 | int MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ], |
61 | const char cipherKey[], size_t keyBits); | 61 | const char cipherKey[], size_t keyBits); |
62 | void MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, | 62 | void MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, |
63 | const char pt[16], char ct[16]); | 63 | const char pt[16], char ct[16]); |
64 | void MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, | 64 | void MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, |
65 | const char ct[16], char pt[16]); | 65 | const char ct[16], char pt[16]); |
66 | 66 | ||
67 | #endif /* __RIJNDAEL_ALG_FST_H */ | 67 | #endif /* __RIJNDAEL_ALG_FST_H */ |
diff --git a/src/daemon/https/lgl/rijndael-api-fst.c b/src/daemon/https/lgl/rijndael-api-fst.c index 62d2a4e6..d4196948 100644 --- a/src/daemon/https/lgl/rijndael-api-fst.c +++ b/src/daemon/https/lgl/rijndael-api-fst.c | |||
@@ -73,7 +73,7 @@ | |||
73 | 73 | ||
74 | rijndael_rc | 74 | rijndael_rc |
75 | MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, | 75 | MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, |
76 | size_t keyLen, const char *keyMaterial) | 76 | size_t keyLen, const char *keyMaterial) |
77 | { | 77 | { |
78 | size_t i; | 78 | size_t i; |
79 | char *keyMat; | 79 | char *keyMat; |
@@ -149,8 +149,8 @@ MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, | |||
149 | } | 149 | } |
150 | 150 | ||
151 | rijndael_rc | 151 | rijndael_rc |
152 | MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, rijndael_mode mode, | 152 | MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, |
153 | const char *IV) | 153 | rijndael_mode mode, const char *IV) |
154 | { | 154 | { |
155 | if ((mode == RIJNDAEL_MODE_ECB) || (mode == RIJNDAEL_MODE_CBC) | 155 | if ((mode == RIJNDAEL_MODE_ECB) || (mode == RIJNDAEL_MODE_CBC) |
156 | || (mode == RIJNDAEL_MODE_CFB1)) | 156 | || (mode == RIJNDAEL_MODE_CFB1)) |
@@ -200,8 +200,8 @@ MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, rijndael_mode mode, | |||
200 | 200 | ||
201 | int | 201 | int |
202 | MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, | 202 | MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, |
203 | const rijndaelKeyInstance * key, | 203 | const rijndaelKeyInstance * key, |
204 | const char *input, size_t inputLen, char *outBuffer) | 204 | const char *input, size_t inputLen, char *outBuffer) |
205 | { | 205 | { |
206 | size_t i, k, t, numBlocks; | 206 | size_t i, k, t, numBlocks; |
207 | char block[16], *iv; | 207 | char block[16], *iv; |
@@ -277,8 +277,9 @@ MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, | |||
277 | 277 | ||
278 | int | 278 | int |
279 | MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, | 279 | MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, |
280 | const rijndaelKeyInstance * key, | 280 | const rijndaelKeyInstance * key, |
281 | const char *input, size_t inputOctets, char *outBuffer) | 281 | const char *input, size_t inputOctets, |
282 | char *outBuffer) | ||
282 | { | 283 | { |
283 | size_t i, numBlocks, padLen; | 284 | size_t i, numBlocks, padLen; |
284 | char block[16], *iv; | 285 | char block[16], *iv; |
@@ -350,8 +351,8 @@ MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, | |||
350 | 351 | ||
351 | int | 352 | int |
352 | MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, | 353 | MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, |
353 | const rijndaelKeyInstance * key, | 354 | const rijndaelKeyInstance * key, |
354 | const char *input, size_t inputLen, char *outBuffer) | 355 | const char *input, size_t inputLen, char *outBuffer) |
355 | { | 356 | { |
356 | size_t i, k, t, numBlocks; | 357 | size_t i, k, t, numBlocks; |
357 | char block[16], *iv; | 358 | char block[16], *iv; |
@@ -426,8 +427,9 @@ MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, | |||
426 | 427 | ||
427 | int | 428 | int |
428 | MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher, | 429 | MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher, |
429 | const rijndaelKeyInstance * key, | 430 | const rijndaelKeyInstance * key, |
430 | const char *input, size_t inputOctets, char *outBuffer) | 431 | const char *input, size_t inputOctets, |
432 | char *outBuffer) | ||
431 | { | 433 | { |
432 | size_t i, numBlocks, padLen; | 434 | size_t i, numBlocks, padLen; |
433 | char block[16]; | 435 | char block[16]; |
diff --git a/src/daemon/https/lgl/rijndael-api-fst.h b/src/daemon/https/lgl/rijndael-api-fst.h index 088e6bfd..893021fc 100644 --- a/src/daemon/https/lgl/rijndael-api-fst.h +++ b/src/daemon/https/lgl/rijndael-api-fst.h | |||
@@ -138,7 +138,7 @@ typedef struct | |||
138 | 128, 192 or 256. Returns 0 on success, or an error code. */ | 138 | 128, 192 or 256. Returns 0 on success, or an error code. */ |
139 | extern rijndael_rc | 139 | extern rijndael_rc |
140 | MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, | 140 | MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, |
141 | size_t keyLen, const char *keyMaterial); | 141 | size_t keyLen, const char *keyMaterial); |
142 | 142 | ||
143 | /* Initialize cipher state CIPHER for encryption MODE (e.g., | 143 | /* Initialize cipher state CIPHER for encryption MODE (e.g., |
144 | RIJNDAEL_MODE_CBC) with initialization vector IV, a hex string of | 144 | RIJNDAEL_MODE_CBC) with initialization vector IV, a hex string of |
@@ -146,7 +146,7 @@ MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, | |||
146 | not need an IV (i.e., RIJNDAEL_MODE_ECB). */ | 146 | not need an IV (i.e., RIJNDAEL_MODE_ECB). */ |
147 | extern rijndael_rc | 147 | extern rijndael_rc |
148 | MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, | 148 | MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, |
149 | rijndael_mode mode, const char *IV); | 149 | rijndael_mode mode, const char *IV); |
150 | 150 | ||
151 | /* Encrypt data in INPUT, of INPUTLEN/8 bytes length, placing the | 151 | /* Encrypt data in INPUT, of INPUTLEN/8 bytes length, placing the |
152 | output in the pre-allocated OUTBUFFER which must hold at least | 152 | output in the pre-allocated OUTBUFFER which must hold at least |
@@ -157,8 +157,9 @@ MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, | |||
157 | negative rijndael_rc error code. */ | 157 | negative rijndael_rc error code. */ |
158 | extern int | 158 | extern int |
159 | MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, | 159 | MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, |
160 | const rijndaelKeyInstance * key, | 160 | const rijndaelKeyInstance * key, |
161 | const char *input, size_t inputLen, char *outBuffer); | 161 | const char *input, size_t inputLen, |
162 | char *outBuffer); | ||
162 | 163 | ||
163 | /* Encrypt data in INPUT, of INPUTOCTETS bytes length, placing the | 164 | /* Encrypt data in INPUT, of INPUTOCTETS bytes length, placing the |
164 | output in the pre-allocated OUTBUFFER which must hold at least | 165 | output in the pre-allocated OUTBUFFER which must hold at least |
@@ -171,8 +172,9 @@ MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, | |||
171 | negative rijndael_rc error code. */ | 172 | negative rijndael_rc error code. */ |
172 | extern int | 173 | extern int |
173 | MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, | 174 | MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, |
174 | const rijndaelKeyInstance * key, | 175 | const rijndaelKeyInstance * key, |
175 | const char *input, size_t inputOctets, char *outBuffer); | 176 | const char *input, size_t inputOctets, |
177 | char *outBuffer); | ||
176 | 178 | ||
177 | /* Decrypt data in INPUT, of INPUTLEN/8 bytes length, placing the | 179 | /* Decrypt data in INPUT, of INPUTLEN/8 bytes length, placing the |
178 | output in the pre-allocated OUTBUFFER which must hold at least | 180 | output in the pre-allocated OUTBUFFER which must hold at least |
@@ -183,8 +185,9 @@ MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, | |||
183 | negative rijndael_rc error code. */ | 185 | negative rijndael_rc error code. */ |
184 | extern int | 186 | extern int |
185 | MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, | 187 | MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, |
186 | const rijndaelKeyInstance * key, | 188 | const rijndaelKeyInstance * key, |
187 | const char *input, size_t inputLen, char *outBuffer); | 189 | const char *input, size_t inputLen, |
190 | char *outBuffer); | ||
188 | 191 | ||
189 | /* Decrypt data in INPUT, of INPUTOCTETS bytes length, placing the | 192 | /* Decrypt data in INPUT, of INPUTOCTETS bytes length, placing the |
190 | output in the pre-allocated OUTBUFFER which must hold at least | 193 | output in the pre-allocated OUTBUFFER which must hold at least |
@@ -197,7 +200,8 @@ MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, | |||
197 | negative rijndael_rc error code. */ | 200 | negative rijndael_rc error code. */ |
198 | extern int | 201 | extern int |
199 | MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher, | 202 | MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher, |
200 | const rijndaelKeyInstance * key, | 203 | const rijndaelKeyInstance * key, |
201 | const char *input, size_t inputOctets, char *outBuffer); | 204 | const char *input, size_t inputOctets, |
205 | char *outBuffer); | ||
202 | 206 | ||
203 | #endif /* __RIJNDAEL_API_FST_H */ | 207 | #endif /* __RIJNDAEL_API_FST_H */ |
diff --git a/src/daemon/https/lgl/sha1.c b/src/daemon/https/lgl/sha1.c index c336cc4e..573e7c69 100644 --- a/src/daemon/https/lgl/sha1.c +++ b/src/daemon/https/lgl/sha1.c | |||
@@ -199,7 +199,8 @@ MHD_sha1_buffer (const char *buffer, size_t len, void *resblock) | |||
199 | } | 199 | } |
200 | 200 | ||
201 | void | 201 | void |
202 | MHD_sha1_process_bytes (const void *buffer, size_t len, struct MHD_sha1_ctx *ctx) | 202 | MHD_sha1_process_bytes (const void *buffer, size_t len, |
203 | struct MHD_sha1_ctx *ctx) | ||
203 | { | 204 | { |
204 | /* When we already have some bits in our internal buffer concatenate | 205 | /* When we already have some bits in our internal buffer concatenate |
205 | both inputs first. */ | 206 | both inputs first. */ |
@@ -235,7 +236,8 @@ MHD_sha1_process_bytes (const void *buffer, size_t len, struct MHD_sha1_ctx *ctx | |||
235 | if (UNALIGNED_P (buffer)) | 236 | if (UNALIGNED_P (buffer)) |
236 | while (len > 64) | 237 | while (len > 64) |
237 | { | 238 | { |
238 | MHD_sha1_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx); | 239 | MHD_sha1_process_block (memcpy (ctx->buffer, buffer, 64), 64, |
240 | ctx); | ||
239 | buffer = (const char *) buffer + 64; | 241 | buffer = (const char *) buffer + 64; |
240 | len -= 64; | 242 | len -= 64; |
241 | } | 243 | } |
@@ -284,7 +286,8 @@ MHD_sha1_process_bytes (const void *buffer, size_t len, struct MHD_sha1_ctx *ctx | |||
284 | Most of this code comes from GnuPG's cipher/sha1.c. */ | 286 | Most of this code comes from GnuPG's cipher/sha1.c. */ |
285 | 287 | ||
286 | void | 288 | void |
287 | MHD_sha1_process_block (const void *buffer, size_t len, struct MHD_sha1_ctx *ctx) | 289 | MHD_sha1_process_block (const void *buffer, size_t len, |
290 | struct MHD_sha1_ctx *ctx) | ||
288 | { | 291 | { |
289 | const uint32_t *words = buffer; | 292 | const uint32_t *words = buffer; |
290 | size_t nwords = len / sizeof (uint32_t); | 293 | size_t nwords = len / sizeof (uint32_t); |
diff --git a/src/daemon/https/lgl/sha1.h b/src/daemon/https/lgl/sha1.h index 382d96cf..b6e40cdb 100644 --- a/src/daemon/https/lgl/sha1.h +++ b/src/daemon/https/lgl/sha1.h | |||
@@ -45,14 +45,14 @@ extern void MHD_sha1_init_ctx (struct MHD_sha1_ctx *ctx); | |||
45 | starting at BUFFER. | 45 | starting at BUFFER. |
46 | It is necessary that LEN is a multiple of 64!!! */ | 46 | It is necessary that LEN is a multiple of 64!!! */ |
47 | extern void MHD_sha1_process_block (const void *buffer, size_t len, | 47 | extern void MHD_sha1_process_block (const void *buffer, size_t len, |
48 | struct MHD_sha1_ctx *ctx); | 48 | struct MHD_sha1_ctx *ctx); |
49 | 49 | ||
50 | /* Starting with the result of former calls of this function (or the | 50 | /* Starting with the result of former calls of this function (or the |
51 | initialization function update the context for the next LEN bytes | 51 | initialization function update the context for the next LEN bytes |
52 | starting at BUFFER. | 52 | starting at BUFFER. |
53 | It is NOT required that LEN is a multiple of 64. */ | 53 | It is NOT required that LEN is a multiple of 64. */ |
54 | extern void MHD_sha1_process_bytes (const void *buffer, size_t len, | 54 | extern void MHD_sha1_process_bytes (const void *buffer, size_t len, |
55 | struct MHD_sha1_ctx *ctx); | 55 | struct MHD_sha1_ctx *ctx); |
56 | 56 | ||
57 | /* Process the remaining bytes in the buffer and put result from CTX | 57 | /* Process the remaining bytes in the buffer and put result from CTX |
58 | in first 20 bytes following RESBUF. The result is always in little | 58 | in first 20 bytes following RESBUF. The result is always in little |
diff --git a/src/daemon/https/minitasn1/coding.c b/src/daemon/https/minitasn1/coding.c index 350828b3..aa2aecb6 100644 --- a/src/daemon/https/minitasn1/coding.c +++ b/src/daemon/https/minitasn1/coding.c | |||
@@ -47,15 +47,16 @@ | |||
47 | /******************************************************/ | 47 | /******************************************************/ |
48 | static void | 48 | static void |
49 | MHD__asn1_error_description_value_not_found (node_asn * node, | 49 | MHD__asn1_error_description_value_not_found (node_asn * node, |
50 | char *ErrorDescription) | 50 | char *ErrorDescription) |
51 | { | 51 | { |
52 | 52 | ||
53 | if (ErrorDescription == NULL) | 53 | if (ErrorDescription == NULL) |
54 | return; | 54 | return; |
55 | 55 | ||
56 | Estrcpy (ErrorDescription, ":: value of element '"); | 56 | Estrcpy (ErrorDescription, ":: value of element '"); |
57 | MHD__asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription), | 57 | MHD__asn1_hierarchical_name (node, |
58 | MAX_ERROR_DESCRIPTION_SIZE - 40); | 58 | ErrorDescription + strlen (ErrorDescription), |
59 | MAX_ERROR_DESCRIPTION_SIZE - 40); | ||
59 | Estrcat (ErrorDescription, "' not found"); | 60 | Estrcat (ErrorDescription, "' not found"); |
60 | 61 | ||
61 | } | 62 | } |
@@ -115,7 +116,7 @@ MHD__asn1_length_der (unsigned long int len, unsigned char *ans, int *ans_len) | |||
115 | /******************************************************/ | 116 | /******************************************************/ |
116 | static void | 117 | static void |
117 | MHD__asn1_tag_der (unsigned char class, unsigned int tag_value, | 118 | MHD__asn1_tag_der (unsigned char class, unsigned int tag_value, |
118 | unsigned char *ans, int *ans_len) | 119 | unsigned char *ans, int *ans_len) |
119 | { | 120 | { |
120 | int k; | 121 | int k; |
121 | unsigned char temp[SIZEOF_UNSIGNED_INT]; | 122 | unsigned char temp[SIZEOF_UNSIGNED_INT]; |
@@ -154,7 +155,7 @@ MHD__asn1_tag_der (unsigned char class, unsigned int tag_value, | |||
154 | **/ | 155 | **/ |
155 | void | 156 | void |
156 | MHD__asn1_octet_der (const unsigned char *str, int str_len, | 157 | MHD__asn1_octet_der (const unsigned char *str, int str_len, |
157 | unsigned char *der, int *der_len) | 158 | unsigned char *der, int *der_len) |
158 | { | 159 | { |
159 | int len_len; | 160 | int len_len; |
160 | 161 | ||
@@ -187,11 +188,12 @@ MHD__asn1_time_der (unsigned char *str, unsigned char *der, int *der_len) | |||
187 | 188 | ||
188 | max_len = *der_len; | 189 | max_len = *der_len; |
189 | 190 | ||
190 | MHD__asn1_length_der (strlen ((const char*) str), (max_len > 0) ? der : NULL, &len_len); | 191 | MHD__asn1_length_der (strlen ((const char *) str), |
192 | (max_len > 0) ? der : NULL, &len_len); | ||
191 | 193 | ||
192 | if ((len_len + (int) strlen ((const char*) str)) <= max_len) | 194 | if ((len_len + (int) strlen ((const char *) str)) <= max_len) |
193 | memcpy (der + len_len, str, strlen ((const char*) str)); | 195 | memcpy (der + len_len, str, strlen ((const char *) str)); |
194 | *der_len = len_len + strlen ((const char*) str); | 196 | *der_len = len_len + strlen ((const char *) str); |
195 | 197 | ||
196 | if ((*der_len) > max_len) | 198 | if ((*der_len) > max_len) |
197 | return ASN1_MEM_ERROR; | 199 | return ASN1_MEM_ERROR; |
@@ -223,11 +225,11 @@ MHD__asn1_objectid_der (unsigned char *str, unsigned char *der, int *der_len) | |||
223 | 225 | ||
224 | max_len = *der_len; | 226 | max_len = *der_len; |
225 | 227 | ||
226 | temp = (char *) MHD__asn1_alloca (strlen ((const char*)str) + 2); | 228 | temp = (char *) MHD__asn1_alloca (strlen ((const char *) str) + 2); |
227 | if (temp == NULL) | 229 | if (temp == NULL) |
228 | return ASN1_MEM_ALLOC_ERROR; | 230 | return ASN1_MEM_ALLOC_ERROR; |
229 | 231 | ||
230 | strcpy (temp, (const char*) str); | 232 | strcpy (temp, (const char *) str); |
231 | strcat (temp, "."); | 233 | strcat (temp, "."); |
232 | 234 | ||
233 | counter = 0; | 235 | counter = 0; |
@@ -284,7 +286,8 @@ MHD__asn1_objectid_der (unsigned char *str, unsigned char *der, int *der_len) | |||
284 | } | 286 | } |
285 | 287 | ||
286 | 288 | ||
287 | const char MHD_bit_mask[] = { 0xFF, 0xFE, 0xFC, 0xF8, 0xF0, 0xE0, 0xC0, 0x80 }; | 289 | const char MHD_bit_mask[] = |
290 | { 0xFF, 0xFE, 0xFC, 0xF8, 0xF0, 0xE0, 0xC0, 0x80 }; | ||
288 | 291 | ||
289 | /** | 292 | /** |
290 | * MHD__asn1_bit_der: | 293 | * MHD__asn1_bit_der: |
@@ -299,7 +302,7 @@ const char MHD_bit_mask[] = { 0xFF, 0xFE, 0xFC, 0xF8, 0xF0, 0xE0, 0xC0, 0x80 }; | |||
299 | **/ | 302 | **/ |
300 | void | 303 | void |
301 | MHD__asn1_bit_der (const unsigned char *str, int bit_len, | 304 | MHD__asn1_bit_der (const unsigned char *str, int bit_len, |
302 | unsigned char *der, int *der_len) | 305 | unsigned char *der, int *der_len) |
303 | { | 306 | { |
304 | int len_len, len_byte, len_pad; | 307 | int len_len, len_byte, len_pad; |
305 | 308 | ||
@@ -335,7 +338,7 @@ MHD__asn1_bit_der (const unsigned char *str, int bit_len, | |||
335 | /******************************************************/ | 338 | /******************************************************/ |
336 | static MHD__asn1_retCode | 339 | static MHD__asn1_retCode |
337 | MHD__asn1_complete_explicit_tag (node_asn * node, unsigned char *der, | 340 | MHD__asn1_complete_explicit_tag (node_asn * node, unsigned char *der, |
338 | int *counter, int *max_len) | 341 | int *counter, int *max_len) |
339 | { | 342 | { |
340 | node_asn *p; | 343 | node_asn *p; |
341 | int is_tag_implicit, len2, len3; | 344 | int is_tag_implicit, len2, len3; |
@@ -408,7 +411,7 @@ MHD__asn1_complete_explicit_tag (node_asn * node, unsigned char *der, | |||
408 | /******************************************************/ | 411 | /******************************************************/ |
409 | static MHD__asn1_retCode | 412 | static MHD__asn1_retCode |
410 | MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter, | 413 | MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter, |
411 | int *max_len) | 414 | int *max_len) |
412 | { | 415 | { |
413 | node_asn *p; | 416 | node_asn *p; |
414 | int tag_len, is_tag_implicit; | 417 | int tag_len, is_tag_implicit; |
@@ -438,21 +441,20 @@ MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter, | |||
438 | { | 441 | { |
439 | if (is_tag_implicit) | 442 | if (is_tag_implicit) |
440 | MHD__asn1_tag_der (class_implicit, tag_implicit, | 443 | MHD__asn1_tag_der (class_implicit, tag_implicit, |
441 | (unsigned char*) tag_der, | 444 | (unsigned char *) tag_der, &tag_len); |
442 | &tag_len); | ||
443 | else | 445 | else |
444 | MHD__asn1_tag_der (class | ASN1_CLASS_STRUCTURED, | 446 | MHD__asn1_tag_der (class | ASN1_CLASS_STRUCTURED, |
445 | strtoul ( (const char*) p->value, NULL, 10), | 447 | strtoul ((const char *) p->value, NULL, |
446 | (unsigned char*) tag_der, | 448 | 10), |
447 | &tag_len); | 449 | (unsigned char *) tag_der, &tag_len); |
448 | 450 | ||
449 | *max_len -= tag_len; | 451 | *max_len -= tag_len; |
450 | if (*max_len >= 0) | 452 | if (*max_len >= 0) |
451 | memcpy (der + *counter, tag_der, tag_len); | 453 | memcpy (der + *counter, tag_der, tag_len); |
452 | *counter += tag_len; | 454 | *counter += tag_len; |
453 | 455 | ||
454 | MHD__asn1_ltostr (*counter, (char*) temp); | 456 | MHD__asn1_ltostr (*counter, (char *) temp); |
455 | MHD__asn1_set_name (p, (const char*) temp); | 457 | MHD__asn1_set_name (p, (const char *) temp); |
456 | 458 | ||
457 | is_tag_implicit = 0; | 459 | is_tag_implicit = 0; |
458 | } | 460 | } |
@@ -466,7 +468,8 @@ MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter, | |||
466 | (type_field (node->type) == TYPE_SET_OF)) | 468 | (type_field (node->type) == TYPE_SET_OF)) |
467 | class |= ASN1_CLASS_STRUCTURED; | 469 | class |= ASN1_CLASS_STRUCTURED; |
468 | class_implicit = class; | 470 | class_implicit = class; |
469 | tag_implicit = strtoul ( (const char*) p->value, NULL, 10); | 471 | tag_implicit = |
472 | strtoul ((const char *) p->value, NULL, 10); | ||
470 | is_tag_implicit = 1; | 473 | is_tag_implicit = 1; |
471 | } | 474 | } |
472 | } | 475 | } |
@@ -477,63 +480,66 @@ MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter, | |||
477 | 480 | ||
478 | if (is_tag_implicit) | 481 | if (is_tag_implicit) |
479 | { | 482 | { |
480 | MHD__asn1_tag_der (class_implicit, tag_implicit, (unsigned char*) tag_der, &tag_len); | 483 | MHD__asn1_tag_der (class_implicit, tag_implicit, |
484 | (unsigned char *) tag_der, &tag_len); | ||
481 | } | 485 | } |
482 | else | 486 | else |
483 | { | 487 | { |
484 | switch (type_field (node->type)) | 488 | switch (type_field (node->type)) |
485 | { | 489 | { |
486 | case TYPE_NULL: | 490 | case TYPE_NULL: |
487 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_NULL, (unsigned char*) tag_der, | 491 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_NULL, |
488 | &tag_len); | 492 | (unsigned char *) tag_der, &tag_len); |
489 | break; | 493 | break; |
490 | case TYPE_BOOLEAN: | 494 | case TYPE_BOOLEAN: |
491 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_BOOLEAN, (unsigned char*) tag_der, | 495 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_BOOLEAN, |
492 | &tag_len); | 496 | (unsigned char *) tag_der, &tag_len); |
493 | break; | 497 | break; |
494 | case TYPE_INTEGER: | 498 | case TYPE_INTEGER: |
495 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_INTEGER, (unsigned char*) tag_der, | 499 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_INTEGER, |
496 | &tag_len); | 500 | (unsigned char *) tag_der, &tag_len); |
497 | break; | 501 | break; |
498 | case TYPE_ENUMERATED: | 502 | case TYPE_ENUMERATED: |
499 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_ENUMERATED, (unsigned char*) tag_der, | 503 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_ENUMERATED, |
500 | &tag_len); | 504 | (unsigned char *) tag_der, &tag_len); |
501 | break; | 505 | break; |
502 | case TYPE_OBJECT_ID: | 506 | case TYPE_OBJECT_ID: |
503 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_OBJECT_ID, (unsigned char*) tag_der, | 507 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_OBJECT_ID, |
504 | &tag_len); | 508 | (unsigned char *) tag_der, &tag_len); |
505 | break; | 509 | break; |
506 | case TYPE_TIME: | 510 | case TYPE_TIME: |
507 | if (node->type & CONST_UTC) | 511 | if (node->type & CONST_UTC) |
508 | { | 512 | { |
509 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_UTCTime, (unsigned char*) tag_der, | 513 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_UTCTime, |
510 | &tag_len); | 514 | (unsigned char *) tag_der, &tag_len); |
511 | } | 515 | } |
512 | else | 516 | else |
513 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_GENERALIZEDTime, | 517 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_GENERALIZEDTime, |
514 | (unsigned char*) tag_der, &tag_len); | 518 | (unsigned char *) tag_der, &tag_len); |
515 | break; | 519 | break; |
516 | case TYPE_OCTET_STRING: | 520 | case TYPE_OCTET_STRING: |
517 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_OCTET_STRING, (unsigned char*) tag_der, | 521 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_OCTET_STRING, |
518 | &tag_len); | 522 | (unsigned char *) tag_der, &tag_len); |
519 | break; | 523 | break; |
520 | case TYPE_GENERALSTRING: | 524 | case TYPE_GENERALSTRING: |
521 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_GENERALSTRING, | 525 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_GENERALSTRING, |
522 | (unsigned char*) tag_der, &tag_len); | 526 | (unsigned char *) tag_der, &tag_len); |
523 | break; | 527 | break; |
524 | case TYPE_BIT_STRING: | 528 | case TYPE_BIT_STRING: |
525 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_BIT_STRING, (unsigned char*) tag_der, | 529 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_BIT_STRING, |
526 | &tag_len); | 530 | (unsigned char *) tag_der, &tag_len); |
527 | break; | 531 | break; |
528 | case TYPE_SEQUENCE: | 532 | case TYPE_SEQUENCE: |
529 | case TYPE_SEQUENCE_OF: | 533 | case TYPE_SEQUENCE_OF: |
530 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, | 534 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, |
531 | ASN1_TAG_SEQUENCE, (unsigned char*) tag_der, &tag_len); | 535 | ASN1_TAG_SEQUENCE, (unsigned char *) tag_der, |
536 | &tag_len); | ||
532 | break; | 537 | break; |
533 | case TYPE_SET: | 538 | case TYPE_SET: |
534 | case TYPE_SET_OF: | 539 | case TYPE_SET_OF: |
535 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, | 540 | MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, |
536 | ASN1_TAG_SET, (unsigned char*) tag_der, &tag_len); | 541 | ASN1_TAG_SET, (unsigned char *) tag_der, |
542 | &tag_len); | ||
537 | break; | 543 | break; |
538 | case TYPE_TAG: | 544 | case TYPE_TAG: |
539 | tag_len = 0; | 545 | tag_len = 0; |
@@ -591,11 +597,11 @@ MHD__asn1_ordering_set (unsigned char *der, int der_len, node_asn * node) | |||
591 | return; | 597 | return; |
592 | 598 | ||
593 | p = node->down; | 599 | p = node->down; |
594 | while ( (p != NULL) && | 600 | while ((p != NULL) && |
595 | ((type_field (p->type) == TYPE_TAG) | 601 | ((type_field (p->type) == TYPE_TAG) |
596 | || (type_field (p->type) == TYPE_SIZE)) ) | 602 | || (type_field (p->type) == TYPE_SIZE))) |
597 | p = p->right; | 603 | p = p->right; |
598 | 604 | ||
599 | if ((p == NULL) || (p->right == NULL)) | 605 | if ((p == NULL) || (p->right == NULL)) |
600 | return; | 606 | return; |
601 | 607 | ||
@@ -623,7 +629,8 @@ MHD__asn1_ordering_set (unsigned char *der, int der_len, node_asn * node) | |||
623 | counter += len2; | 629 | counter += len2; |
624 | 630 | ||
625 | /* extraction and length */ | 631 | /* extraction and length */ |
626 | len2 = MHD__asn1_get_length_der (der + counter, der_len - counter, &len); | 632 | len2 = |
633 | MHD__asn1_get_length_der (der + counter, der_len - counter, &len); | ||
627 | if (len2 < 0) | 634 | if (len2 < 0) |
628 | return; | 635 | return; |
629 | counter += len + len2; | 636 | counter += len + len2; |
@@ -643,7 +650,8 @@ MHD__asn1_ordering_set (unsigned char *der, int der_len, node_asn * node) | |||
643 | if (p_vet->value > p2_vet->value) | 650 | if (p_vet->value > p2_vet->value) |
644 | { | 651 | { |
645 | /* change position */ | 652 | /* change position */ |
646 | temp = (unsigned char *) MHD__asn1_alloca (p_vet->end - counter); | 653 | temp = |
654 | (unsigned char *) MHD__asn1_alloca (p_vet->end - counter); | ||
647 | if (temp == NULL) | 655 | if (temp == NULL) |
648 | return; | 656 | return; |
649 | 657 | ||
@@ -738,7 +746,8 @@ MHD__asn1_ordering_set_of (unsigned char *der, int der_len, node_asn * node) | |||
738 | return; | 746 | return; |
739 | counter += len; | 747 | counter += len; |
740 | 748 | ||
741 | len2 = MHD__asn1_get_length_der (der + counter, der_len - counter, &len); | 749 | len2 = |
750 | MHD__asn1_get_length_der (der + counter, der_len - counter, &len); | ||
742 | if (len2 < 0) | 751 | if (len2 < 0) |
743 | return; | 752 | return; |
744 | counter += len + len2; | 753 | counter += len + len2; |
@@ -781,7 +790,8 @@ MHD__asn1_ordering_set_of (unsigned char *der, int der_len, node_asn * node) | |||
781 | if (change == 1) | 790 | if (change == 1) |
782 | { | 791 | { |
783 | /* change position */ | 792 | /* change position */ |
784 | temp = (unsigned char *) MHD__asn1_alloca (p_vet->end - counter); | 793 | temp = |
794 | (unsigned char *) MHD__asn1_alloca (p_vet->end - counter); | ||
785 | if (temp == NULL) | 795 | if (temp == NULL) |
786 | return; | 796 | return; |
787 | 797 | ||
@@ -837,8 +847,8 @@ MHD__asn1_ordering_set_of (unsigned char *der, int der_len, node_asn * node) | |||
837 | * | 847 | * |
838 | **/ | 848 | **/ |
839 | MHD__asn1_retCode | 849 | MHD__asn1_retCode |
840 | MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | 850 | MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, |
841 | char *ErrorDescription) | 851 | int *len, char *ErrorDescription) |
842 | { | 852 | { |
843 | node_asn *node, *p, *p2; | 853 | node_asn *node, *p, *p2; |
844 | char temp[SIZEOF_UNSIGNED_LONG_INT * 3 + 1]; | 854 | char temp[SIZEOF_UNSIGNED_LONG_INT * 3 + 1]; |
@@ -894,7 +904,7 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
894 | if (p->value == NULL) | 904 | if (p->value == NULL) |
895 | { | 905 | { |
896 | MHD__asn1_error_description_value_not_found (p, | 906 | MHD__asn1_error_description_value_not_found (p, |
897 | ErrorDescription); | 907 | ErrorDescription); |
898 | err = ASN1_VALUE_NOT_FOUND; | 908 | err = ASN1_VALUE_NOT_FOUND; |
899 | goto error; | 909 | goto error; |
900 | } | 910 | } |
@@ -924,7 +934,7 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
924 | if (p->value == NULL) | 934 | if (p->value == NULL) |
925 | { | 935 | { |
926 | MHD__asn1_error_description_value_not_found (p, | 936 | MHD__asn1_error_description_value_not_found (p, |
927 | ErrorDescription); | 937 | ErrorDescription); |
928 | err = ASN1_VALUE_NOT_FOUND; | 938 | err = ASN1_VALUE_NOT_FOUND; |
929 | goto error; | 939 | goto error; |
930 | } | 940 | } |
@@ -952,7 +962,7 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
952 | if (p->value == NULL) | 962 | if (p->value == NULL) |
953 | { | 963 | { |
954 | MHD__asn1_error_description_value_not_found (p, | 964 | MHD__asn1_error_description_value_not_found (p, |
955 | ErrorDescription); | 965 | ErrorDescription); |
956 | err = ASN1_VALUE_NOT_FOUND; | 966 | err = ASN1_VALUE_NOT_FOUND; |
957 | goto error; | 967 | goto error; |
958 | } | 968 | } |
@@ -969,7 +979,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
969 | case TYPE_TIME: | 979 | case TYPE_TIME: |
970 | if (p->value == NULL) | 980 | if (p->value == NULL) |
971 | { | 981 | { |
972 | MHD__asn1_error_description_value_not_found (p, ErrorDescription); | 982 | MHD__asn1_error_description_value_not_found (p, |
983 | ErrorDescription); | ||
973 | err = ASN1_VALUE_NOT_FOUND; | 984 | err = ASN1_VALUE_NOT_FOUND; |
974 | goto error; | 985 | goto error; |
975 | } | 986 | } |
@@ -985,7 +996,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
985 | case TYPE_OCTET_STRING: | 996 | case TYPE_OCTET_STRING: |
986 | if (p->value == NULL) | 997 | if (p->value == NULL) |
987 | { | 998 | { |
988 | MHD__asn1_error_description_value_not_found (p, ErrorDescription); | 999 | MHD__asn1_error_description_value_not_found (p, |
1000 | ErrorDescription); | ||
989 | err = ASN1_VALUE_NOT_FOUND; | 1001 | err = ASN1_VALUE_NOT_FOUND; |
990 | goto error; | 1002 | goto error; |
991 | } | 1003 | } |
@@ -1004,7 +1016,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
1004 | case TYPE_GENERALSTRING: | 1016 | case TYPE_GENERALSTRING: |
1005 | if (p->value == NULL) | 1017 | if (p->value == NULL) |
1006 | { | 1018 | { |
1007 | MHD__asn1_error_description_value_not_found (p, ErrorDescription); | 1019 | MHD__asn1_error_description_value_not_found (p, |
1020 | ErrorDescription); | ||
1008 | err = ASN1_VALUE_NOT_FOUND; | 1021 | err = ASN1_VALUE_NOT_FOUND; |
1009 | goto error; | 1022 | goto error; |
1010 | } | 1023 | } |
@@ -1023,7 +1036,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
1023 | case TYPE_BIT_STRING: | 1036 | case TYPE_BIT_STRING: |
1024 | if (p->value == NULL) | 1037 | if (p->value == NULL) |
1025 | { | 1038 | { |
1026 | MHD__asn1_error_description_value_not_found (p, ErrorDescription); | 1039 | MHD__asn1_error_description_value_not_found (p, |
1040 | ErrorDescription); | ||
1027 | err = ASN1_VALUE_NOT_FOUND; | 1041 | err = ASN1_VALUE_NOT_FOUND; |
1028 | goto error; | 1042 | goto error; |
1029 | } | 1043 | } |
@@ -1069,11 +1083,12 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
1069 | } | 1083 | } |
1070 | else | 1084 | else |
1071 | { /* move==UP */ | 1085 | { /* move==UP */ |
1072 | len2 = strtol ( (const char*) p->value, NULL, 10); | 1086 | len2 = strtol ((const char *) p->value, NULL, 10); |
1073 | MHD__asn1_set_value (p, NULL, 0); | 1087 | MHD__asn1_set_value (p, NULL, 0); |
1074 | if ((type_field (p->type) == TYPE_SET) && (max_len >= 0)) | 1088 | if ((type_field (p->type) == TYPE_SET) && (max_len >= 0)) |
1075 | MHD__asn1_ordering_set (der + len2, max_len - len2, p); | 1089 | MHD__asn1_ordering_set (der + len2, max_len - len2, p); |
1076 | MHD__asn1_length_der (counter - len2, (unsigned char*) temp, &len3); | 1090 | MHD__asn1_length_der (counter - len2, (unsigned char *) temp, |
1091 | &len3); | ||
1077 | max_len -= len3; | 1092 | max_len -= len3; |
1078 | if (max_len >= 0) | 1093 | if (max_len >= 0) |
1079 | { | 1094 | { |
@@ -1109,14 +1124,15 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
1109 | } | 1124 | } |
1110 | if (move == UP) | 1125 | if (move == UP) |
1111 | { | 1126 | { |
1112 | len2 = strtol ( (const char*) p->value, NULL, 10); | 1127 | len2 = strtol ((const char *) p->value, NULL, 10); |
1113 | MHD__asn1_set_value (p, NULL, 0); | 1128 | MHD__asn1_set_value (p, NULL, 0); |
1114 | if ((type_field (p->type) == TYPE_SET_OF) | 1129 | if ((type_field (p->type) == TYPE_SET_OF) |
1115 | && (max_len - len2 > 0)) | 1130 | && (max_len - len2 > 0)) |
1116 | { | 1131 | { |
1117 | MHD__asn1_ordering_set_of (der + len2, max_len - len2, p); | 1132 | MHD__asn1_ordering_set_of (der + len2, max_len - len2, p); |
1118 | } | 1133 | } |
1119 | MHD__asn1_length_der (counter - len2, (unsigned char*) temp, &len3); | 1134 | MHD__asn1_length_der (counter - len2, (unsigned char *) temp, |
1135 | &len3); | ||
1120 | max_len -= len3; | 1136 | max_len -= len3; |
1121 | if (max_len >= 0) | 1137 | if (max_len >= 0) |
1122 | { | 1138 | { |
@@ -1130,7 +1146,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, | |||
1130 | case TYPE_ANY: | 1146 | case TYPE_ANY: |
1131 | if (p->value == NULL) | 1147 | if (p->value == NULL) |
1132 | { | 1148 | { |
1133 | MHD__asn1_error_description_value_not_found (p, ErrorDescription); | 1149 | MHD__asn1_error_description_value_not_found (p, |
1150 | ErrorDescription); | ||
1134 | err = ASN1_VALUE_NOT_FOUND; | 1151 | err = ASN1_VALUE_NOT_FOUND; |
1135 | goto error; | 1152 | goto error; |
1136 | } | 1153 | } |
diff --git a/src/daemon/https/minitasn1/decoding.c b/src/daemon/https/minitasn1/decoding.c index fcee0797..fe0eaef7 100644 --- a/src/daemon/https/minitasn1/decoding.c +++ b/src/daemon/https/minitasn1/decoding.c | |||
@@ -35,12 +35,14 @@ | |||
35 | 35 | ||
36 | 36 | ||
37 | static void | 37 | static void |
38 | MHD__asn1_error_description_tag_error (node_asn * node, char *ErrorDescription) | 38 | MHD__asn1_error_description_tag_error (node_asn * node, |
39 | char *ErrorDescription) | ||
39 | { | 40 | { |
40 | 41 | ||
41 | Estrcpy (ErrorDescription, ":: tag error near element '"); | 42 | Estrcpy (ErrorDescription, ":: tag error near element '"); |
42 | MHD__asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription), | 43 | MHD__asn1_hierarchical_name (node, |
43 | MAX_ERROR_DESCRIPTION_SIZE - 40); | 44 | ErrorDescription + strlen (ErrorDescription), |
45 | MAX_ERROR_DESCRIPTION_SIZE - 40); | ||
44 | Estrcat (ErrorDescription, "'"); | 46 | Estrcat (ErrorDescription, "'"); |
45 | 47 | ||
46 | } | 48 | } |
@@ -117,7 +119,7 @@ MHD__asn1_get_length_der (const unsigned char *der, int der_len, int *len) | |||
117 | **/ | 119 | **/ |
118 | int | 120 | int |
119 | MHD__asn1_get_tag_der (const unsigned char *der, int der_len, | 121 | MHD__asn1_get_tag_der (const unsigned char *der, int der_len, |
120 | unsigned char *cls, int *len, unsigned long *tag) | 122 | unsigned char *cls, int *len, unsigned long *tag) |
121 | { | 123 | { |
122 | int punt, ris; | 124 | int punt, ris; |
123 | 125 | ||
@@ -178,8 +180,8 @@ MHD__asn1_get_tag_der (const unsigned char *der, int der_len, | |||
178 | **/ | 180 | **/ |
179 | int | 181 | int |
180 | MHD__asn1_get_octet_der (const unsigned char *der, int der_len, | 182 | MHD__asn1_get_octet_der (const unsigned char *der, int der_len, |
181 | int *ret_len, unsigned char *str, int str_size, | 183 | int *ret_len, unsigned char *str, int str_size, |
182 | int *str_len) | 184 | int *str_len) |
183 | { | 185 | { |
184 | int len_len; | 186 | int len_len; |
185 | 187 | ||
@@ -209,7 +211,7 @@ MHD__asn1_get_octet_der (const unsigned char *der, int der_len, | |||
209 | */ | 211 | */ |
210 | static int | 212 | static int |
211 | MHD__asn1_get_time_der (const unsigned char *der, int der_len, int *ret_len, | 213 | MHD__asn1_get_time_der (const unsigned char *der, int der_len, int *ret_len, |
212 | char *str, int str_size) | 214 | char *str, int str_size) |
213 | { | 215 | { |
214 | int len_len, str_len; | 216 | int len_len, str_len; |
215 | 217 | ||
@@ -228,8 +230,8 @@ MHD__asn1_get_time_der (const unsigned char *der, int der_len, int *ret_len, | |||
228 | 230 | ||
229 | 231 | ||
230 | static void | 232 | static void |
231 | MHD__asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len, | 233 | MHD__asn1_get_objectid_der (const unsigned char *der, int der_len, |
232 | char *str, int str_size) | 234 | int *ret_len, char *str, int str_size) |
233 | { | 235 | { |
234 | int len_len, len, k; | 236 | int len_len, len, k; |
235 | char temp[20]; | 237 | char temp[20]; |
@@ -286,8 +288,8 @@ MHD__asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len, | |||
286 | **/ | 288 | **/ |
287 | int | 289 | int |
288 | MHD__asn1_get_bit_der (const unsigned char *der, int der_len, | 290 | MHD__asn1_get_bit_der (const unsigned char *der, int der_len, |
289 | int *ret_len, unsigned char *str, int str_size, | 291 | int *ret_len, unsigned char *str, int str_size, |
290 | int *bit_len) | 292 | int *bit_len) |
291 | { | 293 | { |
292 | int len_len, len_byte; | 294 | int len_len, len_byte; |
293 | 295 | ||
@@ -314,8 +316,8 @@ MHD__asn1_get_bit_der (const unsigned char *der, int der_len, | |||
314 | 316 | ||
315 | 317 | ||
316 | static int | 318 | static int |
317 | MHD__asn1_extract_tag_der (node_asn * node, const unsigned char *der, int der_len, | 319 | MHD__asn1_extract_tag_der (node_asn * node, const unsigned char *der, |
318 | int *ret_len) | 320 | int der_len, int *ret_len) |
319 | { | 321 | { |
320 | node_asn *p; | 322 | node_asn *p; |
321 | int counter, len2, len3, is_tag_implicit; | 323 | int counter, len2, len3, is_tag_implicit; |
@@ -353,8 +355,8 @@ MHD__asn1_extract_tag_der (node_asn * node, const unsigned char *der, int der_le | |||
353 | return ASN1_DER_ERROR; | 355 | return ASN1_DER_ERROR; |
354 | counter += len2; | 356 | counter += len2; |
355 | len3 = | 357 | len3 = |
356 | MHD__asn1_get_length_der (der + counter, der_len - counter, | 358 | MHD__asn1_get_length_der (der + counter, |
357 | &len2); | 359 | der_len - counter, &len2); |
358 | if (len3 < 0) | 360 | if (len3 < 0) |
359 | return ASN1_DER_ERROR; | 361 | return ASN1_DER_ERROR; |
360 | counter += len2; | 362 | counter += len2; |
@@ -567,7 +569,8 @@ MHD__asn1_delete_not_used (node_asn * node) | |||
567 | 569 | ||
568 | 570 | ||
569 | static MHD__asn1_retCode | 571 | static MHD__asn1_retCode |
570 | MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node, int *len) | 572 | MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node, |
573 | int *len) | ||
571 | { | 574 | { |
572 | int len2, len3, counter, counter2, counter_end, tot_len, indefinite; | 575 | int len2, len3, counter, counter2, counter_end, tot_len, indefinite; |
573 | unsigned char *temp, *temp2; | 576 | unsigned char *temp, *temp2; |
@@ -606,7 +609,8 @@ MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node, int *len) | |||
606 | 609 | ||
607 | counter++; | 610 | counter++; |
608 | 611 | ||
609 | len2 = MHD__asn1_get_length_der (der + counter, *len - counter, &len3); | 612 | len2 = |
613 | MHD__asn1_get_length_der (der + counter, *len - counter, &len3); | ||
610 | if (len2 <= 0) | 614 | if (len2 <= 0) |
611 | return ASN1_DER_ERROR; | 615 | return ASN1_DER_ERROR; |
612 | 616 | ||
@@ -629,10 +633,10 @@ MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node, int *len) | |||
629 | temp2 = temp + len2; | 633 | temp2 = temp + len2; |
630 | len2 = MHD__asn1_get_length_der (der, *len, &len3); | 634 | len2 = MHD__asn1_get_length_der (der, *len, &len3); |
631 | if (len2 < -1) | 635 | if (len2 < -1) |
632 | { | 636 | { |
633 | MHD__asn1_afree (temp); | 637 | MHD__asn1_afree (temp); |
634 | return ASN1_DER_ERROR; | 638 | return ASN1_DER_ERROR; |
635 | } | 639 | } |
636 | counter2 = len3 + 1; | 640 | counter2 = len3 + 1; |
637 | 641 | ||
638 | if (indefinite == -1) | 642 | if (indefinite == -1) |
@@ -643,12 +647,13 @@ MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node, int *len) | |||
643 | while (counter2 < counter_end) | 647 | while (counter2 < counter_end) |
644 | { | 648 | { |
645 | len2 = | 649 | len2 = |
646 | MHD__asn1_get_length_der (der + counter2, *len - counter, &len3); | 650 | MHD__asn1_get_length_der (der + counter2, *len - counter, |
651 | &len3); | ||
647 | if (len2 < -1) | 652 | if (len2 < -1) |
648 | { | 653 | { |
649 | MHD__asn1_afree (temp); | 654 | MHD__asn1_afree (temp); |
650 | return ASN1_DER_ERROR; | 655 | return ASN1_DER_ERROR; |
651 | } | 656 | } |
652 | 657 | ||
653 | /* FIXME: to be checked. Is this ok? Has the | 658 | /* FIXME: to be checked. Is this ok? Has the |
654 | * size been checked before? | 659 | * size been checked before? |
@@ -757,7 +762,7 @@ MHD__asn1_get_indefinite_length_string (const unsigned char *der, int *len) | |||
757 | 762 | ||
758 | MHD__asn1_retCode | 763 | MHD__asn1_retCode |
759 | MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | 764 | MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, |
760 | char *errorDescription) | 765 | char *errorDescription) |
761 | { | 766 | { |
762 | node_asn *node, *p, *p2, *p3; | 767 | node_asn *node, *p, *p2, *p3; |
763 | char temp[128]; | 768 | char temp[128]; |
@@ -789,7 +794,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
789 | if (p->type & CONST_SET) | 794 | if (p->type & CONST_SET) |
790 | { | 795 | { |
791 | p2 = MHD__asn1_find_up (p); | 796 | p2 = MHD__asn1_find_up (p); |
792 | len2 = strtol ((const char*) p2->value, NULL, 10); | 797 | len2 = strtol ((const char *) p2->value, NULL, 10); |
793 | if (len2 == -1) | 798 | if (len2 == -1) |
794 | { | 799 | { |
795 | if (!der[counter] && !der[counter + 1]) | 800 | if (!der[counter] && !der[counter + 1]) |
@@ -819,7 +824,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
819 | if (type_field (p2->type) != TYPE_CHOICE) | 824 | if (type_field (p2->type) != TYPE_CHOICE) |
820 | ris = | 825 | ris = |
821 | MHD__asn1_extract_tag_der (p2, der + counter, | 826 | MHD__asn1_extract_tag_der (p2, der + counter, |
822 | len - counter, &len2); | 827 | len - counter, &len2); |
823 | else | 828 | else |
824 | { | 829 | { |
825 | p3 = p2->down; | 830 | p3 = p2->down; |
@@ -827,7 +832,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
827 | { | 832 | { |
828 | ris = | 833 | ris = |
829 | MHD__asn1_extract_tag_der (p3, der + counter, | 834 | MHD__asn1_extract_tag_der (p3, der + counter, |
830 | len - counter, &len2); | 835 | len - counter, |
836 | &len2); | ||
831 | if (ris == ASN1_SUCCESS) | 837 | if (ris == ASN1_SUCCESS) |
832 | break; | 838 | break; |
833 | p3 = p3->right; | 839 | p3 = p3->right; |
@@ -852,7 +858,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
852 | if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT)) | 858 | if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT)) |
853 | { | 859 | { |
854 | p2 = MHD__asn1_find_up (p); | 860 | p2 = MHD__asn1_find_up (p); |
855 | len2 = strtol ((const char*) p2->value, NULL, 10); | 861 | len2 = strtol ((const char *) p2->value, NULL, 10); |
856 | if (counter == len2) | 862 | if (counter == len2) |
857 | { | 863 | { |
858 | if (p->right) | 864 | if (p->right) |
@@ -878,7 +884,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
878 | if (counter < len) | 884 | if (counter < len) |
879 | ris = | 885 | ris = |
880 | MHD__asn1_extract_tag_der (p->down, der + counter, | 886 | MHD__asn1_extract_tag_der (p->down, der + counter, |
881 | len - counter, &len2); | 887 | len - counter, &len2); |
882 | else | 888 | else |
883 | ris = ASN1_DER_ERROR; | 889 | ris = ASN1_DER_ERROR; |
884 | if (ris == ASN1_SUCCESS) | 890 | if (ris == ASN1_SUCCESS) |
@@ -917,14 +923,15 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
917 | if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT)) | 923 | if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT)) |
918 | { | 924 | { |
919 | p2 = MHD__asn1_find_up (p); | 925 | p2 = MHD__asn1_find_up (p); |
920 | len2 = strtol ((const char*) p2->value, NULL, 10); | 926 | len2 = strtol ((const char *) p2->value, NULL, 10); |
921 | if ((len2 != -1) && (counter > len2)) | 927 | if ((len2 != -1) && (counter > len2)) |
922 | ris = ASN1_TAG_ERROR; | 928 | ris = ASN1_TAG_ERROR; |
923 | } | 929 | } |
924 | 930 | ||
925 | if (ris == ASN1_SUCCESS) | 931 | if (ris == ASN1_SUCCESS) |
926 | ris = | 932 | ris = |
927 | MHD__asn1_extract_tag_der (p, der + counter, len - counter, &len2); | 933 | MHD__asn1_extract_tag_der (p, der + counter, len - counter, |
934 | &len2); | ||
928 | if (ris != ASN1_SUCCESS) | 935 | if (ris != ASN1_SUCCESS) |
929 | { | 936 | { |
930 | if (p->type & CONST_OPTION) | 937 | if (p->type & CONST_OPTION) |
@@ -940,7 +947,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
940 | else | 947 | else |
941 | { | 948 | { |
942 | if (errorDescription != NULL) | 949 | if (errorDescription != NULL) |
943 | MHD__asn1_error_description_tag_error (p, errorDescription); | 950 | MHD__asn1_error_description_tag_error (p, |
951 | errorDescription); | ||
944 | 952 | ||
945 | MHD__asn1_delete_structure (element); | 953 | MHD__asn1_delete_structure (element); |
946 | return ASN1_TAG_ERROR; | 954 | return ASN1_TAG_ERROR; |
@@ -978,7 +986,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
978 | case TYPE_INTEGER: | 986 | case TYPE_INTEGER: |
979 | case TYPE_ENUMERATED: | 987 | case TYPE_ENUMERATED: |
980 | len2 = | 988 | len2 = |
981 | MHD__asn1_get_length_der (der + counter, len - counter, &len3); | 989 | MHD__asn1_get_length_der (der + counter, len - counter, |
990 | &len3); | ||
982 | if (len2 < 0) | 991 | if (len2 < 0) |
983 | return ASN1_DER_ERROR; | 992 | return ASN1_DER_ERROR; |
984 | if (len2 + len3 > len - counter) | 993 | if (len2 + len3 > len - counter) |
@@ -989,7 +998,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
989 | break; | 998 | break; |
990 | case TYPE_OBJECT_ID: | 999 | case TYPE_OBJECT_ID: |
991 | MHD__asn1_get_objectid_der (der + counter, len - counter, &len2, | 1000 | MHD__asn1_get_objectid_der (der + counter, len - counter, &len2, |
992 | temp, sizeof (temp)); | 1001 | temp, sizeof (temp)); |
993 | tlen = strlen (temp); | 1002 | tlen = strlen (temp); |
994 | if (tlen > 0) | 1003 | if (tlen > 0) |
995 | MHD__asn1_set_value (p, temp, tlen + 1); | 1004 | MHD__asn1_set_value (p, temp, tlen + 1); |
@@ -998,8 +1007,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
998 | break; | 1007 | break; |
999 | case TYPE_TIME: | 1008 | case TYPE_TIME: |
1000 | result = | 1009 | result = |
1001 | MHD__asn1_get_time_der (der + counter, len - counter, &len2, temp, | 1010 | MHD__asn1_get_time_der (der + counter, len - counter, &len2, |
1002 | sizeof (temp) - 1); | 1011 | temp, sizeof (temp) - 1); |
1003 | if (result != ASN1_SUCCESS) | 1012 | if (result != ASN1_SUCCESS) |
1004 | { | 1013 | { |
1005 | MHD__asn1_delete_structure (element); | 1014 | MHD__asn1_delete_structure (element); |
@@ -1021,7 +1030,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1021 | break; | 1030 | break; |
1022 | case TYPE_GENERALSTRING: | 1031 | case TYPE_GENERALSTRING: |
1023 | len2 = | 1032 | len2 = |
1024 | MHD__asn1_get_length_der (der + counter, len - counter, &len3); | 1033 | MHD__asn1_get_length_der (der + counter, len - counter, |
1034 | &len3); | ||
1025 | if (len2 < 0) | 1035 | if (len2 < 0) |
1026 | return ASN1_DER_ERROR; | 1036 | return ASN1_DER_ERROR; |
1027 | if (len3 + len2 > len - counter) | 1037 | if (len3 + len2 > len - counter) |
@@ -1032,7 +1042,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1032 | break; | 1042 | break; |
1033 | case TYPE_BIT_STRING: | 1043 | case TYPE_BIT_STRING: |
1034 | len2 = | 1044 | len2 = |
1035 | MHD__asn1_get_length_der (der + counter, len - counter, &len3); | 1045 | MHD__asn1_get_length_der (der + counter, len - counter, |
1046 | &len3); | ||
1036 | if (len2 < 0) | 1047 | if (len2 < 0) |
1037 | return ASN1_DER_ERROR; | 1048 | return ASN1_DER_ERROR; |
1038 | if (len3 + len2 > len - counter) | 1049 | if (len3 + len2 > len - counter) |
@@ -1045,7 +1056,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1045 | case TYPE_SET: | 1056 | case TYPE_SET: |
1046 | if (move == UP) | 1057 | if (move == UP) |
1047 | { | 1058 | { |
1048 | len2 = strtol ( (const char*) p->value, NULL, 10); | 1059 | len2 = strtol ((const char *) p->value, NULL, 10); |
1049 | MHD__asn1_set_value (p, NULL, 0); | 1060 | MHD__asn1_set_value (p, NULL, 0); |
1050 | if (len2 == -1) | 1061 | if (len2 == -1) |
1051 | { /* indefinite length method */ | 1062 | { /* indefinite length method */ |
@@ -1074,7 +1085,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1074 | else | 1085 | else |
1075 | { /* move==DOWN || move==RIGHT */ | 1086 | { /* move==DOWN || move==RIGHT */ |
1076 | len3 = | 1087 | len3 = |
1077 | MHD__asn1_get_length_der (der + counter, len - counter, &len2); | 1088 | MHD__asn1_get_length_der (der + counter, len - counter, |
1089 | &len2); | ||
1078 | if (len3 < -1) | 1090 | if (len3 < -1) |
1079 | return ASN1_DER_ERROR; | 1091 | return ASN1_DER_ERROR; |
1080 | counter += len2; | 1092 | counter += len2; |
@@ -1113,7 +1125,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1113 | case TYPE_SET_OF: | 1125 | case TYPE_SET_OF: |
1114 | if (move == UP) | 1126 | if (move == UP) |
1115 | { | 1127 | { |
1116 | len2 = strtol ( (const char*) p->value, NULL, 10); | 1128 | len2 = strtol ((const char *) p->value, NULL, 10); |
1117 | if (len2 == -1) | 1129 | if (len2 == -1) |
1118 | { /* indefinite length method */ | 1130 | { /* indefinite length method */ |
1119 | if ((counter + 2) > len) | 1131 | if ((counter + 2) > len) |
@@ -1152,7 +1164,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1152 | else | 1164 | else |
1153 | { /* move==DOWN || move==RIGHT */ | 1165 | { /* move==DOWN || move==RIGHT */ |
1154 | len3 = | 1166 | len3 = |
1155 | MHD__asn1_get_length_der (der + counter, len - counter, &len2); | 1167 | MHD__asn1_get_length_der (der + counter, len - counter, |
1168 | &len2); | ||
1156 | if (len3 < -1) | 1169 | if (len3 < -1) |
1157 | return ASN1_DER_ERROR; | 1170 | return ASN1_DER_ERROR; |
1158 | counter += len2; | 1171 | counter += len2; |
@@ -1190,7 +1203,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1190 | return ASN1_DER_ERROR; | 1203 | return ASN1_DER_ERROR; |
1191 | len4 = | 1204 | len4 = |
1192 | MHD__asn1_get_length_der (der + counter + len2, | 1205 | MHD__asn1_get_length_der (der + counter + len2, |
1193 | len - counter - len2, &len3); | 1206 | len - counter - len2, &len3); |
1194 | if (len4 < -1) | 1207 | if (len4 < -1) |
1195 | return ASN1_DER_ERROR; | 1208 | return ASN1_DER_ERROR; |
1196 | if (len4 > len - counter + len2 + len3) | 1209 | if (len4 > len - counter + len2 + len3) |
@@ -1199,14 +1212,16 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1199 | { | 1212 | { |
1200 | len2 += len4; | 1213 | len2 += len4; |
1201 | MHD__asn1_length_der (len2 + len3, NULL, &len4); | 1214 | MHD__asn1_length_der (len2 + len3, NULL, &len4); |
1202 | temp2 = (unsigned char *) MHD__asn1_alloca (len2 + len3 + len4); | 1215 | temp2 = |
1216 | (unsigned char *) MHD__asn1_alloca (len2 + len3 + len4); | ||
1203 | if (temp2 == NULL) | 1217 | if (temp2 == NULL) |
1204 | { | 1218 | { |
1205 | MHD__asn1_delete_structure (element); | 1219 | MHD__asn1_delete_structure (element); |
1206 | return ASN1_MEM_ALLOC_ERROR; | 1220 | return ASN1_MEM_ALLOC_ERROR; |
1207 | } | 1221 | } |
1208 | 1222 | ||
1209 | MHD__asn1_octet_der (der + counter, len2 + len3, temp2, &len4); | 1223 | MHD__asn1_octet_der (der + counter, len2 + len3, temp2, |
1224 | &len4); | ||
1210 | MHD__asn1_set_value (p, temp2, len4); | 1225 | MHD__asn1_set_value (p, temp2, len4); |
1211 | MHD__asn1_afree (temp2); | 1226 | MHD__asn1_afree (temp2); |
1212 | counter += len2 + len3; | 1227 | counter += len2 + len3; |
@@ -1221,7 +1236,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1221 | 1236 | ||
1222 | len2 = len - counter; | 1237 | len2 = len - counter; |
1223 | ris = | 1238 | ris = |
1224 | MHD__asn1_get_indefinite_length_string (der + counter, &len2); | 1239 | MHD__asn1_get_indefinite_length_string (der + counter, |
1240 | &len2); | ||
1225 | if (ris != ASN1_SUCCESS) | 1241 | if (ris != ASN1_SUCCESS) |
1226 | { | 1242 | { |
1227 | MHD__asn1_delete_structure (element); | 1243 | MHD__asn1_delete_structure (element); |
@@ -1328,7 +1344,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, | |||
1328 | **/ | 1344 | **/ |
1329 | MHD__asn1_retCode | 1345 | MHD__asn1_retCode |
1330 | MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | 1346 | MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, |
1331 | const char *name_element, int *start, int *end) | 1347 | const char *name_element, int *start, |
1348 | int *end) | ||
1332 | { | 1349 | { |
1333 | node_asn *node, *node_to_find, *p, *p2, *p3; | 1350 | node_asn *node, *node_to_find, *p, *p2, *p3; |
1334 | int counter, len2, len3, len4, move, ris; | 1351 | int counter, len2, len3, len4, move, ris; |
@@ -1369,7 +1386,7 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1369 | if (p->type & CONST_SET) | 1386 | if (p->type & CONST_SET) |
1370 | { | 1387 | { |
1371 | p2 = MHD__asn1_find_up (p); | 1388 | p2 = MHD__asn1_find_up (p); |
1372 | len2 = strtol ( (const char* ) p2->value, NULL, 10); | 1389 | len2 = strtol ((const char *) p2->value, NULL, 10); |
1373 | if (len2 == -1) | 1390 | if (len2 == -1) |
1374 | { | 1391 | { |
1375 | if (!der[counter] && !der[counter + 1]) | 1392 | if (!der[counter] && !der[counter + 1]) |
@@ -1396,13 +1413,13 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1396 | if (type_field (p2->type) != TYPE_CHOICE) | 1413 | if (type_field (p2->type) != TYPE_CHOICE) |
1397 | ris = | 1414 | ris = |
1398 | MHD__asn1_extract_tag_der (p2, der + counter, | 1415 | MHD__asn1_extract_tag_der (p2, der + counter, |
1399 | len - counter, &len2); | 1416 | len - counter, &len2); |
1400 | else | 1417 | else |
1401 | { | 1418 | { |
1402 | p3 = p2->down; | 1419 | p3 = p2->down; |
1403 | ris = | 1420 | ris = |
1404 | MHD__asn1_extract_tag_der (p3, der + counter, | 1421 | MHD__asn1_extract_tag_der (p3, der + counter, |
1405 | len - counter, &len2); | 1422 | len - counter, &len2); |
1406 | } | 1423 | } |
1407 | if (ris == ASN1_SUCCESS) | 1424 | if (ris == ASN1_SUCCESS) |
1408 | { | 1425 | { |
@@ -1425,14 +1442,15 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1425 | p = p->down; | 1442 | p = p->down; |
1426 | ris = | 1443 | ris = |
1427 | MHD__asn1_extract_tag_der (p, der + counter, len - counter, | 1444 | MHD__asn1_extract_tag_der (p, der + counter, len - counter, |
1428 | &len2); | 1445 | &len2); |
1429 | if (p == node_to_find) | 1446 | if (p == node_to_find) |
1430 | *start = counter; | 1447 | *start = counter; |
1431 | } | 1448 | } |
1432 | 1449 | ||
1433 | if (ris == ASN1_SUCCESS) | 1450 | if (ris == ASN1_SUCCESS) |
1434 | ris = | 1451 | ris = |
1435 | MHD__asn1_extract_tag_der (p, der + counter, len - counter, &len2); | 1452 | MHD__asn1_extract_tag_der (p, der + counter, len - counter, |
1453 | &len2); | ||
1436 | if (ris != ASN1_SUCCESS) | 1454 | if (ris != ASN1_SUCCESS) |
1437 | { | 1455 | { |
1438 | if (p->type & CONST_OPTION) | 1456 | if (p->type & CONST_OPTION) |
@@ -1472,7 +1490,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1472 | case TYPE_INTEGER: | 1490 | case TYPE_INTEGER: |
1473 | case TYPE_ENUMERATED: | 1491 | case TYPE_ENUMERATED: |
1474 | len2 = | 1492 | len2 = |
1475 | MHD__asn1_get_length_der (der + counter, len - counter, &len3); | 1493 | MHD__asn1_get_length_der (der + counter, len - counter, |
1494 | &len3); | ||
1476 | if (len2 < 0) | 1495 | if (len2 < 0) |
1477 | return ASN1_DER_ERROR; | 1496 | return ASN1_DER_ERROR; |
1478 | counter += len3 + len2; | 1497 | counter += len3 + len2; |
@@ -1480,7 +1499,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1480 | break; | 1499 | break; |
1481 | case TYPE_OBJECT_ID: | 1500 | case TYPE_OBJECT_ID: |
1482 | len2 = | 1501 | len2 = |
1483 | MHD__asn1_get_length_der (der + counter, len - counter, &len3); | 1502 | MHD__asn1_get_length_der (der + counter, len - counter, |
1503 | &len3); | ||
1484 | if (len2 < 0) | 1504 | if (len2 < 0) |
1485 | return ASN1_DER_ERROR; | 1505 | return ASN1_DER_ERROR; |
1486 | counter += len2 + len3; | 1506 | counter += len2 + len3; |
@@ -1488,7 +1508,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1488 | break; | 1508 | break; |
1489 | case TYPE_TIME: | 1509 | case TYPE_TIME: |
1490 | len2 = | 1510 | len2 = |
1491 | MHD__asn1_get_length_der (der + counter, len - counter, &len3); | 1511 | MHD__asn1_get_length_der (der + counter, len - counter, |
1512 | &len3); | ||
1492 | if (len2 < 0) | 1513 | if (len2 < 0) |
1493 | return ASN1_DER_ERROR; | 1514 | return ASN1_DER_ERROR; |
1494 | counter += len2 + len3; | 1515 | counter += len2 + len3; |
@@ -1504,7 +1525,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1504 | break; | 1525 | break; |
1505 | case TYPE_GENERALSTRING: | 1526 | case TYPE_GENERALSTRING: |
1506 | len2 = | 1527 | len2 = |
1507 | MHD__asn1_get_length_der (der + counter, len - counter, &len3); | 1528 | MHD__asn1_get_length_der (der + counter, len - counter, |
1529 | &len3); | ||
1508 | if (len2 < 0) | 1530 | if (len2 < 0) |
1509 | return ASN1_DER_ERROR; | 1531 | return ASN1_DER_ERROR; |
1510 | counter += len3 + len2; | 1532 | counter += len3 + len2; |
@@ -1512,7 +1534,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1512 | break; | 1534 | break; |
1513 | case TYPE_BIT_STRING: | 1535 | case TYPE_BIT_STRING: |
1514 | len2 = | 1536 | len2 = |
1515 | MHD__asn1_get_length_der (der + counter, len - counter, &len3); | 1537 | MHD__asn1_get_length_der (der + counter, len - counter, |
1538 | &len3); | ||
1516 | if (len2 < 0) | 1539 | if (len2 < 0) |
1517 | return ASN1_DER_ERROR; | 1540 | return ASN1_DER_ERROR; |
1518 | counter += len3 + len2; | 1541 | counter += len3 + len2; |
@@ -1523,7 +1546,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1523 | if (move != UP) | 1546 | if (move != UP) |
1524 | { | 1547 | { |
1525 | len3 = | 1548 | len3 = |
1526 | MHD__asn1_get_length_der (der + counter, len - counter, &len2); | 1549 | MHD__asn1_get_length_der (der + counter, len - counter, |
1550 | &len2); | ||
1527 | if (len3 < -1) | 1551 | if (len3 < -1) |
1528 | return ASN1_DER_ERROR; | 1552 | return ASN1_DER_ERROR; |
1529 | counter += len2; | 1553 | counter += len2; |
@@ -1544,7 +1568,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1544 | if (move != UP) | 1568 | if (move != UP) |
1545 | { | 1569 | { |
1546 | len3 = | 1570 | len3 = |
1547 | MHD__asn1_get_length_der (der + counter, len - counter, &len2); | 1571 | MHD__asn1_get_length_der (der + counter, len - counter, |
1572 | &len2); | ||
1548 | if (len3 < -1) | 1573 | if (len3 < -1) |
1549 | return ASN1_DER_ERROR; | 1574 | return ASN1_DER_ERROR; |
1550 | counter += len2; | 1575 | counter += len2; |
@@ -1576,7 +1601,7 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1576 | 1601 | ||
1577 | len4 = | 1602 | len4 = |
1578 | MHD__asn1_get_length_der (der + counter + len2, | 1603 | MHD__asn1_get_length_der (der + counter + len2, |
1579 | len - counter - len2, &len3); | 1604 | len - counter - len2, &len3); |
1580 | if (len4 < -1) | 1605 | if (len4 < -1) |
1581 | return ASN1_DER_ERROR; | 1606 | return ASN1_DER_ERROR; |
1582 | 1607 | ||
@@ -1594,7 +1619,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1594 | 1619 | ||
1595 | len2 = len - counter; | 1620 | len2 = len - counter; |
1596 | ris = | 1621 | ris = |
1597 | MHD__asn1_get_indefinite_length_string (der + counter, &len2); | 1622 | MHD__asn1_get_indefinite_length_string (der + counter, |
1623 | &len2); | ||
1598 | if (ris != ASN1_SUCCESS) | 1624 | if (ris != ASN1_SUCCESS) |
1599 | return ris; | 1625 | return ris; |
1600 | counter += len2; | 1626 | counter += len2; |
@@ -1646,5 +1672,3 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, | |||
1646 | 1672 | ||
1647 | return ASN1_ELEMENT_NOT_FOUND; | 1673 | return ASN1_ELEMENT_NOT_FOUND; |
1648 | } | 1674 | } |
1649 | |||
1650 | |||
diff --git a/src/daemon/https/minitasn1/element.c b/src/daemon/https/minitasn1/element.c index 4e29772e..7cda2174 100644 --- a/src/daemon/https/minitasn1/element.c +++ b/src/daemon/https/minitasn1/element.c | |||
@@ -76,7 +76,7 @@ MHD__asn1_hierarchical_name (node_asn * node, char *name, int name_size) | |||
76 | /******************************************************************/ | 76 | /******************************************************************/ |
77 | MHD__asn1_retCode | 77 | MHD__asn1_retCode |
78 | MHD__asn1_convert_integer (const char *value, unsigned char *value_out, | 78 | MHD__asn1_convert_integer (const char *value, unsigned char *value_out, |
79 | int value_out_size, int *len) | 79 | int value_out_size, int *len) |
80 | { | 80 | { |
81 | char negative; | 81 | char negative; |
82 | unsigned char val[SIZEOF_UNSIGNED_LONG_INT]; | 82 | unsigned char val[SIZEOF_UNSIGNED_LONG_INT]; |
@@ -117,7 +117,8 @@ MHD__asn1_convert_integer (const char *value, unsigned char *value_out, | |||
117 | 117 | ||
118 | 118 | ||
119 | #ifdef LIBTASN1_DEBUG_INTEGER | 119 | #ifdef LIBTASN1_DEBUG_INTEGER |
120 | MHD__libtasn1_log ("MHD__asn1_convert_integer: valueIn=%s, lenOut=%d", value, *len); | 120 | MHD__libtasn1_log ("MHD__asn1_convert_integer: valueIn=%s, lenOut=%d", |
121 | value, *len); | ||
121 | for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT; k++) | 122 | for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT; k++) |
122 | MHD__libtasn1_log (", vOut[%d]=%d", k, value_out[k]); | 123 | MHD__libtasn1_log (", vOut[%d]=%d", k, value_out[k]); |
123 | MHD__libtasn1_log ("\n"); | 124 | MHD__libtasn1_log ("\n"); |
@@ -276,7 +277,7 @@ MHD__asn1_append_sequence_set (node_asn * node) | |||
276 | **/ | 277 | **/ |
277 | MHD__asn1_retCode | 278 | MHD__asn1_retCode |
278 | MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | 279 | MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, |
279 | const void *ivalue, int len) | 280 | const void *ivalue, int len) |
280 | { | 281 | { |
281 | node_asn *node, *p, *p2; | 282 | node_asn *node, *p, *p2; |
282 | unsigned char *temp, *value_temp = NULL, *default_temp = NULL; | 283 | unsigned char *temp, *value_temp = NULL, *default_temp = NULL; |
@@ -355,7 +356,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
355 | return ASN1_MEM_ALLOC_ERROR; | 356 | return ASN1_MEM_ALLOC_ERROR; |
356 | 357 | ||
357 | MHD__asn1_convert_integer (value, value_temp, | 358 | MHD__asn1_convert_integer (value, value_temp, |
358 | SIZEOF_UNSIGNED_LONG_INT, &len); | 359 | SIZEOF_UNSIGNED_LONG_INT, &len); |
359 | } | 360 | } |
360 | else | 361 | else |
361 | { /* is an identifier like v1 */ | 362 | { /* is an identifier like v1 */ |
@@ -374,10 +375,10 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
374 | if (value_temp == NULL) | 375 | if (value_temp == NULL) |
375 | return ASN1_MEM_ALLOC_ERROR; | 376 | return ASN1_MEM_ALLOC_ERROR; |
376 | 377 | ||
377 | MHD__asn1_convert_integer ((const char*) p->value, | 378 | MHD__asn1_convert_integer ((const char *) p->value, |
378 | value_temp, | 379 | value_temp, |
379 | SIZEOF_UNSIGNED_LONG_INT, | 380 | SIZEOF_UNSIGNED_LONG_INT, |
380 | &len); | 381 | &len); |
381 | break; | 382 | break; |
382 | } | 383 | } |
383 | } | 384 | } |
@@ -420,10 +421,10 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
420 | MHD__asn1_length_der (len - k, NULL, &len2); | 421 | MHD__asn1_length_der (len - k, NULL, &len2); |
421 | temp = (unsigned char *) MHD__asn1_alloca (len - k + len2); | 422 | temp = (unsigned char *) MHD__asn1_alloca (len - k + len2); |
422 | if (temp == NULL) | 423 | if (temp == NULL) |
423 | { | 424 | { |
424 | MHD__asn1_afree (value_temp); | 425 | MHD__asn1_afree (value_temp); |
425 | return ASN1_MEM_ALLOC_ERROR; | 426 | return ASN1_MEM_ALLOC_ERROR; |
426 | } | 427 | } |
427 | 428 | ||
428 | MHD__asn1_octet_der (value_temp + k, len - k, temp, &len2); | 429 | MHD__asn1_octet_der (value_temp + k, len - k, temp, &len2); |
429 | MHD__asn1_set_value (node, temp, len2); | 430 | MHD__asn1_set_value (node, temp, len2); |
@@ -441,51 +442,53 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
441 | default_temp = | 442 | default_temp = |
442 | (unsigned char *) MHD__asn1_alloca (SIZEOF_UNSIGNED_LONG_INT); | 443 | (unsigned char *) MHD__asn1_alloca (SIZEOF_UNSIGNED_LONG_INT); |
443 | if (default_temp == NULL) | 444 | if (default_temp == NULL) |
444 | { | 445 | { |
445 | MHD__asn1_afree (value_temp); | 446 | MHD__asn1_afree (value_temp); |
446 | return ASN1_MEM_ALLOC_ERROR; | 447 | return ASN1_MEM_ALLOC_ERROR; |
447 | } | 448 | } |
448 | 449 | ||
449 | MHD__asn1_convert_integer ((const char*) p->value, default_temp, | 450 | MHD__asn1_convert_integer ((const char *) p->value, |
450 | SIZEOF_UNSIGNED_LONG_INT, &len2); | 451 | default_temp, |
452 | SIZEOF_UNSIGNED_LONG_INT, &len2); | ||
451 | } | 453 | } |
452 | else | 454 | else |
453 | { /* is an identifier like v1 */ | 455 | { /* is an identifier like v1 */ |
454 | if (!(node->type & CONST_LIST)) | 456 | if (!(node->type & CONST_LIST)) |
455 | { | 457 | { |
456 | MHD__asn1_afree (value_temp); | 458 | MHD__asn1_afree (value_temp); |
457 | return ASN1_VALUE_NOT_VALID; | 459 | return ASN1_VALUE_NOT_VALID; |
458 | } | 460 | } |
459 | p2 = node->down; | 461 | p2 = node->down; |
460 | while (p2) | 462 | while (p2) |
461 | { | 463 | { |
462 | if (type_field (p2->type) == TYPE_CONSTANT) | 464 | if (type_field (p2->type) == TYPE_CONSTANT) |
463 | { | 465 | { |
464 | if ((p2->name) && (!strcmp (p2->name,(const char*) p->value))) | 466 | if ((p2->name) |
467 | && (!strcmp (p2->name, (const char *) p->value))) | ||
465 | { | 468 | { |
466 | default_temp = | 469 | default_temp = |
467 | (unsigned char *) | 470 | (unsigned char *) |
468 | MHD__asn1_alloca (SIZEOF_UNSIGNED_LONG_INT); | 471 | MHD__asn1_alloca (SIZEOF_UNSIGNED_LONG_INT); |
469 | if (default_temp == NULL) | 472 | if (default_temp == NULL) |
470 | { | 473 | { |
471 | MHD__asn1_afree (value_temp); | 474 | MHD__asn1_afree (value_temp); |
472 | return ASN1_MEM_ALLOC_ERROR; | 475 | return ASN1_MEM_ALLOC_ERROR; |
473 | } | 476 | } |
474 | 477 | ||
475 | MHD__asn1_convert_integer ((const char*) p2->value, | 478 | MHD__asn1_convert_integer ((const char *) p2->value, |
476 | default_temp, | 479 | default_temp, |
477 | SIZEOF_UNSIGNED_LONG_INT, | 480 | SIZEOF_UNSIGNED_LONG_INT, |
478 | &len2); | 481 | &len2); |
479 | break; | 482 | break; |
480 | } | 483 | } |
481 | } | 484 | } |
482 | p2 = p2->right; | 485 | p2 = p2->right; |
483 | } | 486 | } |
484 | if (p2 == NULL) | 487 | if (p2 == NULL) |
485 | { | 488 | { |
486 | MHD__asn1_afree (value_temp); | 489 | MHD__asn1_afree (value_temp); |
487 | return ASN1_VALUE_NOT_VALID; | 490 | return ASN1_VALUE_NOT_VALID; |
488 | } | 491 | } |
489 | } | 492 | } |
490 | 493 | ||
491 | 494 | ||
@@ -512,7 +515,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
512 | p = node->down; | 515 | p = node->down; |
513 | while (type_field (p->type) != TYPE_DEFAULT) | 516 | while (type_field (p->type) != TYPE_DEFAULT) |
514 | p = p->right; | 517 | p = p->right; |
515 | if (!strcmp (value,(const char*) p->value)) | 518 | if (!strcmp (value, (const char *) p->value)) |
516 | { | 519 | { |
517 | MHD__asn1_set_value (node, NULL, 0); | 520 | MHD__asn1_set_value (node, NULL, 0); |
518 | break; | 521 | break; |
@@ -574,7 +577,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
574 | if (temp == NULL) | 577 | if (temp == NULL) |
575 | return ASN1_MEM_ALLOC_ERROR; | 578 | return ASN1_MEM_ALLOC_ERROR; |
576 | 579 | ||
577 | MHD__asn1_octet_der ((const unsigned char*) value, len, temp, &len2); | 580 | MHD__asn1_octet_der ((const unsigned char *) value, len, temp, &len2); |
578 | MHD__asn1_set_value (node, temp, len2); | 581 | MHD__asn1_set_value (node, temp, len2); |
579 | MHD__asn1_afree (temp); | 582 | MHD__asn1_afree (temp); |
580 | break; | 583 | break; |
@@ -586,7 +589,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
586 | if (temp == NULL) | 589 | if (temp == NULL) |
587 | return ASN1_MEM_ALLOC_ERROR; | 590 | return ASN1_MEM_ALLOC_ERROR; |
588 | 591 | ||
589 | MHD__asn1_octet_der ((const unsigned char*)value, len, temp, &len2); | 592 | MHD__asn1_octet_der ((const unsigned char *) value, len, temp, &len2); |
590 | MHD__asn1_set_value (node, temp, len2); | 593 | MHD__asn1_set_value (node, temp, len2); |
591 | MHD__asn1_afree (temp); | 594 | MHD__asn1_afree (temp); |
592 | break; | 595 | break; |
@@ -598,7 +601,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
598 | if (temp == NULL) | 601 | if (temp == NULL) |
599 | return ASN1_MEM_ALLOC_ERROR; | 602 | return ASN1_MEM_ALLOC_ERROR; |
600 | 603 | ||
601 | MHD__asn1_bit_der ((const unsigned char*)value, len, temp, &len2); | 604 | MHD__asn1_bit_der ((const unsigned char *) value, len, temp, &len2); |
602 | MHD__asn1_set_value (node, temp, len2); | 605 | MHD__asn1_set_value (node, temp, len2); |
603 | MHD__asn1_afree (temp); | 606 | MHD__asn1_afree (temp); |
604 | break; | 607 | break; |
@@ -632,7 +635,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
632 | if (temp == NULL) | 635 | if (temp == NULL) |
633 | return ASN1_MEM_ALLOC_ERROR; | 636 | return ASN1_MEM_ALLOC_ERROR; |
634 | 637 | ||
635 | MHD__asn1_octet_der ((const unsigned char*)value, len, temp, &len2); | 638 | MHD__asn1_octet_der ((const unsigned char *) value, len, temp, &len2); |
636 | MHD__asn1_set_value (node, temp, len2); | 639 | MHD__asn1_set_value (node, temp, len2); |
637 | MHD__asn1_afree (temp); | 640 | MHD__asn1_afree (temp); |
638 | break; | 641 | break; |
@@ -744,7 +747,8 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | |||
744 | * | 747 | * |
745 | **/ | 748 | **/ |
746 | MHD__asn1_retCode | 749 | MHD__asn1_retCode |
747 | MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len) | 750 | MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, |
751 | int *len) | ||
748 | { | 752 | { |
749 | node_asn *node, *p, *p2; | 753 | node_asn *node, *p, *p2; |
750 | int len2, len3; | 754 | int len2, len3; |
@@ -801,7 +805,8 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len) | |||
801 | || (p->value[0] == '+')) | 805 | || (p->value[0] == '+')) |
802 | { | 806 | { |
803 | if (MHD__asn1_convert_integer | 807 | if (MHD__asn1_convert_integer |
804 | ((const char*) p->value, (unsigned char*) value, value_size, len) != ASN1_SUCCESS) | 808 | ((const char *) p->value, (unsigned char *) value, |
809 | value_size, len) != ASN1_SUCCESS) | ||
805 | return ASN1_MEM_ERROR; | 810 | return ASN1_MEM_ERROR; |
806 | } | 811 | } |
807 | else | 812 | else |
@@ -811,10 +816,12 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len) | |||
811 | { | 816 | { |
812 | if (type_field (p2->type) == TYPE_CONSTANT) | 817 | if (type_field (p2->type) == TYPE_CONSTANT) |
813 | { | 818 | { |
814 | if ((p2->name) && (!strcmp (p2->name, (const char*) p->value))) | 819 | if ((p2->name) |
820 | && (!strcmp (p2->name, (const char *) p->value))) | ||
815 | { | 821 | { |
816 | if (MHD__asn1_convert_integer | 822 | if (MHD__asn1_convert_integer |
817 | ((const char*) p2->value, (unsigned char*) value, value_size, | 823 | ((const char *) p2->value, |
824 | (unsigned char *) value, value_size, | ||
818 | len) != ASN1_SUCCESS) | 825 | len) != ASN1_SUCCESS) |
819 | return ASN1_MEM_ERROR; | 826 | return ASN1_MEM_ERROR; |
820 | break; | 827 | break; |
@@ -828,8 +835,8 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len) | |||
828 | { | 835 | { |
829 | len2 = -1; | 836 | len2 = -1; |
830 | if (MHD__asn1_get_octet_der | 837 | if (MHD__asn1_get_octet_der |
831 | (node->value, node->value_len, &len2, (unsigned char*) value, value_size, | 838 | (node->value, node->value_len, &len2, (unsigned char *) value, |
832 | len) != ASN1_SUCCESS) | 839 | value_size, len) != ASN1_SUCCESS) |
833 | return ASN1_MEM_ERROR; | 840 | return ASN1_MEM_ERROR; |
834 | } | 841 | } |
835 | break; | 842 | break; |
@@ -842,7 +849,7 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len) | |||
842 | { | 849 | { |
843 | if (type_field (p->type) == TYPE_CONSTANT) | 850 | if (type_field (p->type) == TYPE_CONSTANT) |
844 | { | 851 | { |
845 | ADD_STR_VALUE (value, value_size, (const char*) p->value); | 852 | ADD_STR_VALUE (value, value_size, (const char *) p->value); |
846 | if (p->right) | 853 | if (p->right) |
847 | { | 854 | { |
848 | ADD_STR_VALUE (value, value_size, "."); | 855 | ADD_STR_VALUE (value, value_size, "."); |
@@ -857,35 +864,35 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len) | |||
857 | p = node->down; | 864 | p = node->down; |
858 | while (type_field (p->type) != TYPE_DEFAULT) | 865 | while (type_field (p->type) != TYPE_DEFAULT) |
859 | p = p->right; | 866 | p = p->right; |
860 | PUT_STR_VALUE (value, value_size, (const char*) p->value); | 867 | PUT_STR_VALUE (value, value_size, (const char *) p->value); |
861 | } | 868 | } |
862 | else | 869 | else |
863 | { | 870 | { |
864 | PUT_STR_VALUE (value, value_size, (const char*) node->value); | 871 | PUT_STR_VALUE (value, value_size, (const char *) node->value); |
865 | } | 872 | } |
866 | break; | 873 | break; |
867 | case TYPE_TIME: | 874 | case TYPE_TIME: |
868 | PUT_STR_VALUE (value, value_size, (const char*) node->value); | 875 | PUT_STR_VALUE (value, value_size, (const char *) node->value); |
869 | break; | 876 | break; |
870 | case TYPE_OCTET_STRING: | 877 | case TYPE_OCTET_STRING: |
871 | len2 = -1; | 878 | len2 = -1; |
872 | if (MHD__asn1_get_octet_der | 879 | if (MHD__asn1_get_octet_der |
873 | (node->value, node->value_len, &len2, (unsigned char*) value, value_size, | 880 | (node->value, node->value_len, &len2, (unsigned char *) value, |
874 | len) != ASN1_SUCCESS) | 881 | value_size, len) != ASN1_SUCCESS) |
875 | return ASN1_MEM_ERROR; | 882 | return ASN1_MEM_ERROR; |
876 | break; | 883 | break; |
877 | case TYPE_GENERALSTRING: | 884 | case TYPE_GENERALSTRING: |
878 | len2 = -1; | 885 | len2 = -1; |
879 | if (MHD__asn1_get_octet_der | 886 | if (MHD__asn1_get_octet_der |
880 | (node->value, node->value_len, &len2, (unsigned char*) value, value_size, | 887 | (node->value, node->value_len, &len2, (unsigned char *) value, |
881 | len) != ASN1_SUCCESS) | 888 | value_size, len) != ASN1_SUCCESS) |
882 | return ASN1_MEM_ERROR; | 889 | return ASN1_MEM_ERROR; |
883 | break; | 890 | break; |
884 | case TYPE_BIT_STRING: | 891 | case TYPE_BIT_STRING: |
885 | len2 = -1; | 892 | len2 = -1; |
886 | if (MHD__asn1_get_bit_der | 893 | if (MHD__asn1_get_bit_der |
887 | (node->value, node->value_len, &len2, (unsigned char*) value, value_size, | 894 | (node->value, node->value_len, &len2, (unsigned char *) value, |
888 | len) != ASN1_SUCCESS) | 895 | value_size, len) != ASN1_SUCCESS) |
889 | return ASN1_MEM_ERROR; | 896 | return ASN1_MEM_ERROR; |
890 | break; | 897 | break; |
891 | case TYPE_CHOICE: | 898 | case TYPE_CHOICE: |
@@ -904,5 +911,3 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len) | |||
904 | } | 911 | } |
905 | return ASN1_SUCCESS; | 912 | return ASN1_SUCCESS; |
906 | } | 913 | } |
907 | |||
908 | |||
diff --git a/src/daemon/https/minitasn1/element.h b/src/daemon/https/minitasn1/element.h index eea9839a..e4484925 100644 --- a/src/daemon/https/minitasn1/element.h +++ b/src/daemon/https/minitasn1/element.h | |||
@@ -6,8 +6,8 @@ | |||
6 | MHD__asn1_retCode MHD__asn1_append_sequence_set (node_asn * node); | 6 | MHD__asn1_retCode MHD__asn1_append_sequence_set (node_asn * node); |
7 | 7 | ||
8 | MHD__asn1_retCode MHD__asn1_convert_integer (const char *value, | 8 | MHD__asn1_retCode MHD__asn1_convert_integer (const char *value, |
9 | unsigned char *value_out, | 9 | unsigned char *value_out, |
10 | int value_out_size, int *len); | 10 | int value_out_size, int *len); |
11 | 11 | ||
12 | void MHD__asn1_hierarchical_name (node_asn * node, char *name, int name_size); | 12 | void MHD__asn1_hierarchical_name (node_asn * node, char *name, int name_size); |
13 | 13 | ||
diff --git a/src/daemon/https/minitasn1/libtasn1.h b/src/daemon/https/minitasn1/libtasn1.h index 7379db18..15292cd4 100644 --- a/src/daemon/https/minitasn1/libtasn1.h +++ b/src/daemon/https/minitasn1/libtasn1.h | |||
@@ -43,7 +43,7 @@ extern "C" | |||
43 | /* (null character included) */ | 43 | /* (null character included) */ |
44 | 44 | ||
45 | 45 | ||
46 | typedef int MHD__asn1_retCode; /* type returned by libtasn1 functions */ | 46 | typedef int MHD__asn1_retCode; /* type returned by libtasn1 functions */ |
47 | 47 | ||
48 | /*****************************************/ | 48 | /*****************************************/ |
49 | /* Errors returned by libtasn1 functions */ | 49 | /* Errors returned by libtasn1 functions */ |
@@ -138,49 +138,53 @@ extern "C" | |||
138 | /***********************************/ | 138 | /***********************************/ |
139 | 139 | ||
140 | MHD__asn1_retCode MHD__asn1_parser2tree (const char *file_name, | 140 | MHD__asn1_retCode MHD__asn1_parser2tree (const char *file_name, |
141 | ASN1_TYPE * definitions, | 141 | ASN1_TYPE * definitions, |
142 | char *errorDescription); | 142 | char *errorDescription); |
143 | 143 | ||
144 | MHD__asn1_retCode MHD__asn1_parser2array (const char *inputFileName, | 144 | MHD__asn1_retCode MHD__asn1_parser2array (const char *inputFileName, |
145 | const char *outputFileName, | 145 | const char *outputFileName, |
146 | const char *vectorName, | 146 | const char *vectorName, |
147 | char *errorDescription); | 147 | char *errorDescription); |
148 | 148 | ||
149 | MHD__asn1_retCode MHD__asn1_array2tree (const ASN1_ARRAY_TYPE * array, | 149 | MHD__asn1_retCode MHD__asn1_array2tree (const ASN1_ARRAY_TYPE * array, |
150 | ASN1_TYPE * definitions, | 150 | ASN1_TYPE * definitions, |
151 | char *errorDescription); | 151 | char *errorDescription); |
152 | 152 | ||
153 | MHD__asn1_retCode MHD__asn1_create_element (ASN1_TYPE definitions, | 153 | MHD__asn1_retCode MHD__asn1_create_element (ASN1_TYPE definitions, |
154 | const char *source_name, | 154 | const char *source_name, |
155 | ASN1_TYPE * element); | 155 | ASN1_TYPE * element); |
156 | 156 | ||
157 | MHD__asn1_retCode MHD__asn1_delete_structure (ASN1_TYPE * structure); | 157 | MHD__asn1_retCode MHD__asn1_delete_structure (ASN1_TYPE * structure); |
158 | 158 | ||
159 | MHD__asn1_retCode MHD__asn1_delete_element (ASN1_TYPE structure, | 159 | MHD__asn1_retCode MHD__asn1_delete_element (ASN1_TYPE structure, |
160 | const char *element_name); | 160 | const char *element_name); |
161 | 161 | ||
162 | MHD__asn1_retCode MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, | 162 | MHD__asn1_retCode MHD__asn1_write_value (ASN1_TYPE node_root, |
163 | const void *ivalue, int len); | 163 | const char *name, |
164 | const void *ivalue, int len); | ||
164 | 165 | ||
165 | MHD__asn1_retCode MHD__asn1_read_value (ASN1_TYPE root, const char *name, | 166 | MHD__asn1_retCode MHD__asn1_read_value (ASN1_TYPE root, const char *name, |
166 | void *ivalue, int *len); | 167 | void *ivalue, int *len); |
167 | 168 | ||
168 | MHD__asn1_retCode MHD__asn1_number_of_elements (ASN1_TYPE element, const char *name, | 169 | MHD__asn1_retCode MHD__asn1_number_of_elements (ASN1_TYPE element, |
169 | int *num); | 170 | const char *name, int *num); |
170 | 171 | ||
171 | MHD__asn1_retCode MHD__asn1_der_coding (ASN1_TYPE element, const char *name, | 172 | MHD__asn1_retCode MHD__asn1_der_coding (ASN1_TYPE element, const char *name, |
172 | void *ider, int *len, char *ErrorDescription); | 173 | void *ider, int *len, |
174 | char *ErrorDescription); | ||
173 | 175 | ||
174 | MHD__asn1_retCode MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, | 176 | MHD__asn1_retCode MHD__asn1_der_decoding (ASN1_TYPE * element, |
175 | int len, char *errorDescription); | 177 | const void *ider, int len, |
178 | char *errorDescription); | ||
176 | 179 | ||
177 | MHD__asn1_retCode MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, | 180 | MHD__asn1_retCode MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, |
178 | const void *ider, int len, | 181 | const void *ider, |
179 | const char *name_element, | 182 | int len, |
180 | int *start, int *end); | 183 | const char *name_element, |
184 | int *start, int *end); | ||
181 | 185 | ||
182 | const char *MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions, | 186 | const char *MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions, |
183 | const char *oidValue); | 187 | const char *oidValue); |
184 | 188 | ||
185 | const char *MHD__libtasn1_strerror (MHD__asn1_retCode error); | 189 | const char *MHD__libtasn1_strerror (MHD__asn1_retCode error); |
186 | 190 | ||
@@ -189,34 +193,37 @@ extern "C" | |||
189 | /* DER utility functions. */ | 193 | /* DER utility functions. */ |
190 | 194 | ||
191 | int MHD__asn1_get_tag_der (const unsigned char *der, int der_len, | 195 | int MHD__asn1_get_tag_der (const unsigned char *der, int der_len, |
192 | unsigned char *cls, int *len, unsigned long *tag); | 196 | unsigned char *cls, int *len, |
197 | unsigned long *tag); | ||
193 | 198 | ||
194 | void MHD__asn1_octet_der (const unsigned char *str, int str_len, | 199 | void MHD__asn1_octet_der (const unsigned char *str, int str_len, |
195 | unsigned char *der, int *der_len); | 200 | unsigned char *der, int *der_len); |
196 | 201 | ||
197 | MHD__asn1_retCode MHD__asn1_get_octet_der (const unsigned char *der, int der_len, | 202 | MHD__asn1_retCode MHD__asn1_get_octet_der (const unsigned char *der, |
198 | int *ret_len, unsigned char *str, | 203 | int der_len, int *ret_len, |
199 | int str_size, int *str_len); | 204 | unsigned char *str, int str_size, |
205 | int *str_len); | ||
200 | 206 | ||
201 | void MHD__asn1_bit_der (const unsigned char *str, int bit_len, | 207 | void MHD__asn1_bit_der (const unsigned char *str, int bit_len, |
202 | unsigned char *der, int *der_len); | 208 | unsigned char *der, int *der_len); |
203 | 209 | ||
204 | MHD__asn1_retCode MHD__asn1_get_bit_der (const unsigned char *der, int der_len, | 210 | MHD__asn1_retCode MHD__asn1_get_bit_der (const unsigned char *der, |
205 | int *ret_len, unsigned char *str, | 211 | int der_len, int *ret_len, |
206 | int str_size, int *bit_len); | 212 | unsigned char *str, int str_size, |
213 | int *bit_len); | ||
207 | 214 | ||
208 | signed long MHD__asn1_get_length_der (const unsigned char *der, int der_len, | 215 | signed long MHD__asn1_get_length_der (const unsigned char *der, int der_len, |
209 | int *len); | 216 | int *len); |
210 | 217 | ||
211 | void MHD__asn1_length_der (unsigned long int len, unsigned char *ans, | 218 | void MHD__asn1_length_der (unsigned long int len, unsigned char *ans, |
212 | int *ans_len); | 219 | int *ans_len); |
213 | 220 | ||
214 | /* Other utility functions. */ | 221 | /* Other utility functions. */ |
215 | 222 | ||
216 | ASN1_TYPE MHD__asn1_find_node (ASN1_TYPE pointer, const char *name); | 223 | ASN1_TYPE MHD__asn1_find_node (ASN1_TYPE pointer, const char *name); |
217 | 224 | ||
218 | MHD__asn1_retCode MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name, | 225 | MHD__asn1_retCode MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name, |
219 | ASN1_TYPE src, const char *src_name); | 226 | ASN1_TYPE src, const char *src_name); |
220 | 227 | ||
221 | #ifdef __cplusplus | 228 | #ifdef __cplusplus |
222 | } | 229 | } |
diff --git a/src/daemon/https/minitasn1/parser_aux.c b/src/daemon/https/minitasn1/parser_aux.c index 5f36a5ff..438b8e76 100644 --- a/src/daemon/https/minitasn1/parser_aux.c +++ b/src/daemon/https/minitasn1/parser_aux.c | |||
@@ -29,7 +29,7 @@ | |||
29 | 29 | ||
30 | 30 | ||
31 | 31 | ||
32 | char MHD__asn1_identifierMissing[MAX_NAME_SIZE + 1]; /* identifier name not found */ | 32 | char MHD__asn1_identifierMissing[MAX_NAME_SIZE + 1]; /* identifier name not found */ |
33 | 33 | ||
34 | /***********************************************/ | 34 | /***********************************************/ |
35 | /* Type: list_type */ | 35 | /* Type: list_type */ |
@@ -443,7 +443,8 @@ MHD__asn1_change_integer_value (ASN1_TYPE node) | |||
443 | { | 443 | { |
444 | if (p->value) | 444 | if (p->value) |
445 | { | 445 | { |
446 | MHD__asn1_convert_integer ((const char*) p->value, val, sizeof (val), &len); | 446 | MHD__asn1_convert_integer ((const char *) p->value, val, |
447 | sizeof (val), &len); | ||
447 | MHD__asn1_octet_der (val, len, val2, &len); | 448 | MHD__asn1_octet_der (val, len, val2, &len); |
448 | MHD__asn1_set_value (p, val2, len); | 449 | MHD__asn1_set_value (p, val2, len); |
449 | } | 450 | } |
@@ -521,7 +522,8 @@ MHD__asn1_expand_object_id (ASN1_TYPE node) | |||
521 | { | 522 | { |
522 | MHD__asn1_str_cpy (name2, sizeof (name2), name_root); | 523 | MHD__asn1_str_cpy (name2, sizeof (name2), name_root); |
523 | MHD__asn1_str_cat (name2, sizeof (name2), "."); | 524 | MHD__asn1_str_cat (name2, sizeof (name2), "."); |
524 | MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p2->value); | 525 | MHD__asn1_str_cat (name2, sizeof (name2), |
526 | (const char *) p2->value); | ||
525 | p3 = MHD__asn1_find_node (node, name2); | 527 | p3 = MHD__asn1_find_node (node, name2); |
526 | if (!p3 || (type_field (p3->type) != TYPE_OBJECT_ID) || | 528 | if (!p3 || (type_field (p3->type) != TYPE_OBJECT_ID) || |
527 | !(p3->type & CONST_ASSIGN)) | 529 | !(p3->type & CONST_ASSIGN)) |
@@ -536,7 +538,7 @@ MHD__asn1_expand_object_id (ASN1_TYPE node) | |||
536 | { | 538 | { |
537 | p5 = MHD__asn1_add_node_only (TYPE_CONSTANT); | 539 | p5 = MHD__asn1_add_node_only (TYPE_CONSTANT); |
538 | MHD__asn1_set_name (p5, p4->name); | 540 | MHD__asn1_set_name (p5, p4->name); |
539 | tlen = strlen ( (const char*) p4->value); | 541 | tlen = strlen ((const char *) p4->value); |
540 | if (tlen > 0) | 542 | if (tlen > 0) |
541 | MHD__asn1_set_value (p5, p4->value, tlen + 1); | 543 | MHD__asn1_set_value (p5, p4->value, tlen + 1); |
542 | if (p2 == p) | 544 | if (p2 == p) |
@@ -607,7 +609,8 @@ MHD__asn1_expand_object_id (ASN1_TYPE node) | |||
607 | { | 609 | { |
608 | MHD__asn1_str_cpy (name2, sizeof (name2), name_root); | 610 | MHD__asn1_str_cpy (name2, sizeof (name2), name_root); |
609 | MHD__asn1_str_cat (name2, sizeof (name2), "."); | 611 | MHD__asn1_str_cat (name2, sizeof (name2), "."); |
610 | MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p2->value); | 612 | MHD__asn1_str_cat (name2, sizeof (name2), |
613 | (const char *) p2->value); | ||
611 | p3 = MHD__asn1_find_node (node, name2); | 614 | p3 = MHD__asn1_find_node (node, name2); |
612 | if (!p3 || (type_field (p3->type) != TYPE_OBJECT_ID) || | 615 | if (!p3 || (type_field (p3->type) != TYPE_OBJECT_ID) || |
613 | !(p3->type & CONST_ASSIGN)) | 616 | !(p3->type & CONST_ASSIGN)) |
@@ -620,7 +623,8 @@ MHD__asn1_expand_object_id (ASN1_TYPE node) | |||
620 | { | 623 | { |
621 | if (name2[0]) | 624 | if (name2[0]) |
622 | MHD__asn1_str_cat (name2, sizeof (name2), "."); | 625 | MHD__asn1_str_cat (name2, sizeof (name2), "."); |
623 | MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p4->value); | 626 | MHD__asn1_str_cat (name2, sizeof (name2), |
627 | (const char *) p4->value); | ||
624 | } | 628 | } |
625 | p4 = p4->right; | 629 | p4 = p4->right; |
626 | } | 630 | } |
@@ -691,11 +695,11 @@ MHD__asn1_check_identifier (ASN1_TYPE node) | |||
691 | { | 695 | { |
692 | MHD__asn1_str_cpy (name2, sizeof (name2), node->name); | 696 | MHD__asn1_str_cpy (name2, sizeof (name2), node->name); |
693 | MHD__asn1_str_cat (name2, sizeof (name2), "."); | 697 | MHD__asn1_str_cat (name2, sizeof (name2), "."); |
694 | MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p->value); | 698 | MHD__asn1_str_cat (name2, sizeof (name2), (const char *) p->value); |
695 | p2 = MHD__asn1_find_node (node, name2); | 699 | p2 = MHD__asn1_find_node (node, name2); |
696 | if (p2 == NULL) | 700 | if (p2 == NULL) |
697 | { | 701 | { |
698 | strcpy (MHD__asn1_identifierMissing, (const char*) p->value); | 702 | strcpy (MHD__asn1_identifierMissing, (const char *) p->value); |
699 | return ASN1_IDENTIFIER_NOT_FOUND; | 703 | return ASN1_IDENTIFIER_NOT_FOUND; |
700 | } | 704 | } |
701 | } | 705 | } |
@@ -707,8 +711,9 @@ MHD__asn1_check_identifier (ASN1_TYPE node) | |||
707 | { | 711 | { |
708 | MHD__asn1_str_cpy (name2, sizeof (name2), node->name); | 712 | MHD__asn1_str_cpy (name2, sizeof (name2), node->name); |
709 | MHD__asn1_str_cat (name2, sizeof (name2), "."); | 713 | MHD__asn1_str_cat (name2, sizeof (name2), "."); |
710 | MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p2->value); | 714 | MHD__asn1_str_cat (name2, sizeof (name2), |
711 | strcpy (MHD__asn1_identifierMissing, (const char*) p2->value); | 715 | (const char *) p2->value); |
716 | strcpy (MHD__asn1_identifierMissing, (const char *) p2->value); | ||
712 | p2 = MHD__asn1_find_node (node, name2); | 717 | p2 = MHD__asn1_find_node (node, name2); |
713 | if (!p2 || (type_field (p2->type) != TYPE_OBJECT_ID) || | 718 | if (!p2 || (type_field (p2->type) != TYPE_OBJECT_ID) || |
714 | !(p2->type & CONST_ASSIGN)) | 719 | !(p2->type & CONST_ASSIGN)) |
@@ -727,8 +732,10 @@ MHD__asn1_check_identifier (ASN1_TYPE node) | |||
727 | { | 732 | { |
728 | MHD__asn1_str_cpy (name2, sizeof (name2), node->name); | 733 | MHD__asn1_str_cpy (name2, sizeof (name2), node->name); |
729 | MHD__asn1_str_cat (name2, sizeof (name2), "."); | 734 | MHD__asn1_str_cat (name2, sizeof (name2), "."); |
730 | MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p2->value); | 735 | MHD__asn1_str_cat (name2, sizeof (name2), |
731 | strcpy (MHD__asn1_identifierMissing, (const char*) p2->value); | 736 | (const char *) p2->value); |
737 | strcpy (MHD__asn1_identifierMissing, | ||
738 | (const char *) p2->value); | ||
732 | p2 = MHD__asn1_find_node (node, name2); | 739 | p2 = MHD__asn1_find_node (node, name2); |
733 | if (!p2 || (type_field (p2->type) != TYPE_OBJECT_ID) || | 740 | if (!p2 || (type_field (p2->type) != TYPE_OBJECT_ID) || |
734 | !(p2->type & CONST_ASSIGN)) | 741 | !(p2->type & CONST_ASSIGN)) |
diff --git a/src/daemon/https/minitasn1/parser_aux.h b/src/daemon/https/minitasn1/parser_aux.h index ae54c3be..4437fb19 100644 --- a/src/daemon/https/minitasn1/parser_aux.h +++ b/src/daemon/https/minitasn1/parser_aux.h | |||
@@ -9,7 +9,7 @@ | |||
9 | node_asn *MHD__asn1_add_node (unsigned int type); | 9 | node_asn *MHD__asn1_add_node (unsigned int type); |
10 | 10 | ||
11 | node_asn *MHD__asn1_set_value (node_asn * node, const void *value, | 11 | node_asn *MHD__asn1_set_value (node_asn * node, const void *value, |
12 | unsigned int len); | 12 | unsigned int len); |
13 | 13 | ||
14 | node_asn *MHD__asn1_set_name (node_asn * node, const char *name); | 14 | node_asn *MHD__asn1_set_name (node_asn * node, const char *name); |
15 | 15 | ||
diff --git a/src/daemon/https/minitasn1/structure.c b/src/daemon/https/minitasn1/structure.c index 6a910af6..8a5c899d 100644 --- a/src/daemon/https/minitasn1/structure.c +++ b/src/daemon/https/minitasn1/structure.c | |||
@@ -37,7 +37,8 @@ | |||
37 | 37 | ||
38 | extern char MHD__asn1_identifierMissing[]; | 38 | extern char MHD__asn1_identifierMissing[]; |
39 | 39 | ||
40 | static node_asn *MHD__asn1_copy_structure2 (node_asn * root, const char *source_name); | 40 | static node_asn *MHD__asn1_copy_structure2 (node_asn * root, |
41 | const char *source_name); | ||
41 | 42 | ||
42 | 43 | ||
43 | 44 | ||
@@ -106,7 +107,7 @@ MHD__asn1_find_left (node_asn * node) | |||
106 | **/ | 107 | **/ |
107 | MHD__asn1_retCode | 108 | MHD__asn1_retCode |
108 | MHD__asn1_array2tree (const ASN1_ARRAY_TYPE * array, ASN1_TYPE * definitions, | 109 | MHD__asn1_array2tree (const ASN1_ARRAY_TYPE * array, ASN1_TYPE * definitions, |
109 | char *errorDescription) | 110 | char *errorDescription) |
110 | { | 111 | { |
111 | node_asn *p, *p_last = NULL; | 112 | node_asn *p, *p_last = NULL; |
112 | unsigned long k; | 113 | unsigned long k; |
@@ -421,7 +422,7 @@ MHD__asn1_type_choice_config (node_asn * node) | |||
421 | if (type_field (p3->type) == TYPE_TAG) | 422 | if (type_field (p3->type) == TYPE_TAG) |
422 | { | 423 | { |
423 | p4 = MHD__asn1_add_node_only (p3->type); | 424 | p4 = MHD__asn1_add_node_only (p3->type); |
424 | tlen = strlen ((const char*) p3->value); | 425 | tlen = strlen ((const char *) p3->value); |
425 | if (tlen > 0) | 426 | if (tlen > 0) |
426 | MHD__asn1_set_value (p4, p3->value, tlen + 1); | 427 | MHD__asn1_set_value (p4, p3->value, tlen + 1); |
427 | MHD__asn1_set_right (p4, p2->down); | 428 | MHD__asn1_set_right (p4, p2->down); |
@@ -497,7 +498,8 @@ MHD__asn1_expand_identifier (node_asn ** node, node_asn * root) | |||
497 | { | 498 | { |
498 | MHD__asn1_str_cpy (name2, sizeof (name2), root->name); | 499 | MHD__asn1_str_cpy (name2, sizeof (name2), root->name); |
499 | MHD__asn1_str_cat (name2, sizeof (name2), "."); | 500 | MHD__asn1_str_cat (name2, sizeof (name2), "."); |
500 | MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p->value); | 501 | MHD__asn1_str_cat (name2, sizeof (name2), |
502 | (const char *) p->value); | ||
501 | p2 = MHD__asn1_copy_structure2 (root, name2); | 503 | p2 = MHD__asn1_copy_structure2 (root, name2); |
502 | if (p2 == NULL) | 504 | if (p2 == NULL) |
503 | { | 505 | { |
@@ -606,7 +608,7 @@ MHD__asn1_expand_identifier (node_asn ** node, node_asn * root) | |||
606 | **/ | 608 | **/ |
607 | MHD__asn1_retCode | 609 | MHD__asn1_retCode |
608 | MHD__asn1_create_element (ASN1_TYPE definitions, const char *source_name, | 610 | MHD__asn1_create_element (ASN1_TYPE definitions, const char *source_name, |
609 | ASN1_TYPE * element) | 611 | ASN1_TYPE * element) |
610 | { | 612 | { |
611 | node_asn *dest_node; | 613 | node_asn *dest_node; |
612 | int res; | 614 | int res; |
@@ -685,7 +687,8 @@ MHD__asn1_number_of_elements (ASN1_TYPE element, const char *name, int *num) | |||
685 | * | 687 | * |
686 | **/ | 688 | **/ |
687 | const char * | 689 | const char * |
688 | MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions, const char *oidValue) | 690 | MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions, |
691 | const char *oidValue) | ||
689 | { | 692 | { |
690 | char definitionsName[MAX_NAME_SIZE], name[2 * MAX_NAME_SIZE + 1]; | 693 | char definitionsName[MAX_NAME_SIZE], name[2 * MAX_NAME_SIZE + 1]; |
691 | char value[MAX_NAME_SIZE]; | 694 | char value[MAX_NAME_SIZE]; |
@@ -741,7 +744,7 @@ MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions, const char *oidValue) | |||
741 | **/ | 744 | **/ |
742 | MHD__asn1_retCode | 745 | MHD__asn1_retCode |
743 | MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name, | 746 | MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name, |
744 | ASN1_TYPE src, const char *src_name) | 747 | ASN1_TYPE src, const char *src_name) |
745 | { | 748 | { |
746 | /* FIXME: rewrite using copy_structure(). | 749 | /* FIXME: rewrite using copy_structure(). |
747 | * It seems quite hard to do. | 750 | * It seems quite hard to do. |
diff --git a/src/daemon/https/tls/auth_cert.c b/src/daemon/https/tls/auth_cert.c index 6f34a120..d0191f24 100644 --- a/src/daemon/https/tls/auth_cert.c +++ b/src/daemon/https/tls/auth_cert.c | |||
@@ -45,9 +45,10 @@ | |||
45 | #include <gnutls_x509.h> | 45 | #include <gnutls_x509.h> |
46 | #include "debug.h" | 46 | #include "debug.h" |
47 | 47 | ||
48 | static MHD_gnutls_cert *alloc_and_load_x509_certs (MHD_gnutls_x509_crt_t * certs, | 48 | static MHD_gnutls_cert *alloc_and_load_x509_certs (MHD_gnutls_x509_crt_t * |
49 | unsigned); | 49 | certs, unsigned); |
50 | static MHD_gnutls_privkey *alloc_and_load_x509_key (MHD_gnutls_x509_privkey_t key); | 50 | static MHD_gnutls_privkey *alloc_and_load_x509_key (MHD_gnutls_x509_privkey_t |
51 | key); | ||
51 | 52 | ||
52 | 53 | ||
53 | /* Copies data from a internal certificate struct (MHD_gnutls_cert) to | 54 | /* Copies data from a internal certificate struct (MHD_gnutls_cert) to |
@@ -55,7 +56,7 @@ static MHD_gnutls_privkey *alloc_and_load_x509_key (MHD_gnutls_x509_privkey_t ke | |||
55 | */ | 56 | */ |
56 | static int | 57 | static int |
57 | MHD__gnutls_copy_certificate_auth_info (cert_auth_info_t info, | 58 | MHD__gnutls_copy_certificate_auth_info (cert_auth_info_t info, |
58 | MHD_gnutls_cert * cert, int ncerts) | 59 | MHD_gnutls_cert * cert, int ncerts) |
59 | { | 60 | { |
60 | /* Copy peer's information to auth_info_t | 61 | /* Copy peer's information to auth_info_t |
61 | */ | 62 | */ |
@@ -82,7 +83,7 @@ MHD__gnutls_copy_certificate_auth_info (cert_auth_info_t info, | |||
82 | { | 83 | { |
83 | ret = | 84 | ret = |
84 | MHD__gnutls_set_datum (&info->raw_certificate_list[i], | 85 | MHD__gnutls_set_datum (&info->raw_certificate_list[i], |
85 | cert[i].raw.data, cert[i].raw.size); | 86 | cert[i].raw.data, cert[i].raw.size); |
86 | if (ret < 0) | 87 | if (ret < 0) |
87 | { | 88 | { |
88 | MHD_gnutls_assert (); | 89 | MHD_gnutls_assert (); |
@@ -113,9 +114,9 @@ clear: | |||
113 | */ | 114 | */ |
114 | inline static int | 115 | inline static int |
115 | MHD__gnutls_check_pk_algo_in_list (const enum MHD_GNUTLS_PublicKeyAlgorithm | 116 | MHD__gnutls_check_pk_algo_in_list (const enum MHD_GNUTLS_PublicKeyAlgorithm |
116 | *pk_algos, int pk_algos_length, | 117 | *pk_algos, int pk_algos_length, |
117 | enum MHD_GNUTLS_PublicKeyAlgorithm | 118 | enum MHD_GNUTLS_PublicKeyAlgorithm |
118 | algo_to_check) | 119 | algo_to_check) |
119 | { | 120 | { |
120 | int i; | 121 | int i; |
121 | for (i = 0; i < pk_algos_length; i++) | 122 | for (i = 0; i < pk_algos_length; i++) |
@@ -133,7 +134,8 @@ MHD__gnutls_check_pk_algo_in_list (const enum MHD_GNUTLS_PublicKeyAlgorithm | |||
133 | * specified in cert. | 134 | * specified in cert. |
134 | */ | 135 | */ |
135 | static int | 136 | static int |
136 | MHD__gnutls_cert_get_issuer_dn (MHD_gnutls_cert * cert, MHD_gnutls_datum_t * odn) | 137 | MHD__gnutls_cert_get_issuer_dn (MHD_gnutls_cert * cert, |
138 | MHD_gnutls_datum_t * odn) | ||
137 | { | 139 | { |
138 | ASN1_TYPE dn; | 140 | ASN1_TYPE dn; |
139 | int len, result; | 141 | int len, result; |
@@ -155,8 +157,9 @@ MHD__gnutls_cert_get_issuer_dn (MHD_gnutls_cert * cert, MHD_gnutls_datum_t * odn | |||
155 | return MHD_gtls_asn2err (result); | 157 | return MHD_gtls_asn2err (result); |
156 | } | 158 | } |
157 | 159 | ||
158 | result = MHD__asn1_der_decoding_startEnd (dn, cert->raw.data, cert->raw.size, | 160 | result = |
159 | "tbsCertificate.issuer", &start, &end); | 161 | MHD__asn1_der_decoding_startEnd (dn, cert->raw.data, cert->raw.size, |
162 | "tbsCertificate.issuer", &start, &end); | ||
160 | 163 | ||
161 | if (result != ASN1_SUCCESS) | 164 | if (result != ASN1_SUCCESS) |
162 | { | 165 | { |
@@ -211,7 +214,7 @@ _find_x509_cert (const MHD_gtls_cert_credentials_t cred, | |||
211 | { | 214 | { |
212 | if ((result = | 215 | if ((result = |
213 | MHD__gnutls_cert_get_issuer_dn (&cred->cert_list[i][j], | 216 | MHD__gnutls_cert_get_issuer_dn (&cred->cert_list[i][j], |
214 | &odn)) < 0) | 217 | &odn)) < 0) |
215 | { | 218 | { |
216 | MHD_gnutls_assert (); | 219 | MHD_gnutls_assert (); |
217 | return result; | 220 | return result; |
@@ -483,7 +486,8 @@ _select_client_cert (MHD_gtls_session_t session, | |||
483 | if (issuers_dn_length > 0) | 486 | if (issuers_dn_length > 0) |
484 | { | 487 | { |
485 | issuers_dn = | 488 | issuers_dn = |
486 | MHD_gnutls_malloc (sizeof (MHD_gnutls_datum_t) * issuers_dn_length); | 489 | MHD_gnutls_malloc (sizeof (MHD_gnutls_datum_t) * |
490 | issuers_dn_length); | ||
487 | if (issuers_dn == NULL) | 491 | if (issuers_dn == NULL) |
488 | { | 492 | { |
489 | MHD_gnutls_assert (); | 493 | MHD_gnutls_assert (); |
@@ -712,7 +716,8 @@ MHD_gtls_proc_x509_server_certificate (MHD_gtls_session_t session, | |||
712 | */ | 716 | */ |
713 | 717 | ||
714 | peer_certificate_list = | 718 | peer_certificate_list = |
715 | MHD_gnutls_malloc (sizeof (MHD_gnutls_cert) * (peer_certificate_list_size)); | 719 | MHD_gnutls_malloc (sizeof (MHD_gnutls_cert) * |
720 | (peer_certificate_list_size)); | ||
716 | 721 | ||
717 | if (peer_certificate_list == NULL) | 722 | if (peer_certificate_list == NULL) |
718 | { | 723 | { |
@@ -752,8 +757,9 @@ MHD_gtls_proc_x509_server_certificate (MHD_gtls_session_t session, | |||
752 | 757 | ||
753 | if ((ret = | 758 | if ((ret = |
754 | MHD__gnutls_copy_certificate_auth_info (info, | 759 | MHD__gnutls_copy_certificate_auth_info (info, |
755 | peer_certificate_list, | 760 | peer_certificate_list, |
756 | peer_certificate_list_size)) < 0) | 761 | peer_certificate_list_size)) < |
762 | 0) | ||
757 | { | 763 | { |
758 | MHD_gnutls_assert (); | 764 | MHD_gnutls_assert (); |
759 | goto cleanup; | 765 | goto cleanup; |
@@ -761,7 +767,7 @@ MHD_gtls_proc_x509_server_certificate (MHD_gtls_session_t session, | |||
761 | 767 | ||
762 | if ((ret = | 768 | if ((ret = |
763 | MHD__gnutls_check_key_usage (&peer_certificate_list[0], | 769 | MHD__gnutls_check_key_usage (&peer_certificate_list[0], |
764 | MHD_gnutls_kx_get (session))) < 0) | 770 | MHD_gnutls_kx_get (session))) < 0) |
765 | { | 771 | { |
766 | MHD_gnutls_assert (); | 772 | MHD_gnutls_assert (); |
767 | goto cleanup; | 773 | goto cleanup; |
diff --git a/src/daemon/https/tls/auth_cert.h b/src/daemon/https/tls/auth_cert.h index aabfac76..395fdd29 100644 --- a/src/daemon/https/tls/auth_cert.h +++ b/src/daemon/https/tls/auth_cert.h | |||
@@ -117,9 +117,9 @@ typedef struct MHD_gtls_cert_auth_info_st | |||
117 | MHD_gtls_dh_info_st dh; | 117 | MHD_gtls_dh_info_st dh; |
118 | rsa_info_st rsa_export; | 118 | rsa_info_st rsa_export; |
119 | 119 | ||
120 | MHD_gnutls_datum_t *raw_certificate_list; /* holds the raw certificate of the | 120 | MHD_gnutls_datum_t *raw_certificate_list; /* holds the raw certificate of the |
121 | * peer. | 121 | * peer. |
122 | */ | 122 | */ |
123 | unsigned int ncerts; /* holds the size of the list above */ | 123 | unsigned int ncerts; /* holds the size of the list above */ |
124 | } *cert_auth_info_t; | 124 | } *cert_auth_info_t; |
125 | 125 | ||
diff --git a/src/daemon/https/tls/auth_rsa.c b/src/daemon/https/tls/auth_rsa.c index 97f1901d..f39a91fb 100644 --- a/src/daemon/https/tls/auth_rsa.c +++ b/src/daemon/https/tls/auth_rsa.c | |||
@@ -57,7 +57,7 @@ const MHD_gtls_mod_auth_st MHD_gtls_rsa_auth_struct = { | |||
57 | MHD_gtls_proc_cert_server_certificate, | 57 | MHD_gtls_proc_cert_server_certificate, |
58 | MHD__gnutls_proc_cert_client_certificate, | 58 | MHD__gnutls_proc_cert_client_certificate, |
59 | NULL, /* proc server kx */ | 59 | NULL, /* proc server kx */ |
60 | MHD__gnutls_proc_rsa_client_kx, /* proc client kx */ | 60 | MHD__gnutls_proc_rsa_client_kx, /* proc client kx */ |
61 | MHD_gtls_proc_cert_client_cert_vrfy, /* proc client cert vrfy */ | 61 | MHD_gtls_proc_cert_client_cert_vrfy, /* proc client cert vrfy */ |
62 | MHD_gtls_proc_cert_cert_req /* proc server cert request */ | 62 | MHD_gtls_proc_cert_cert_req /* proc server cert request */ |
63 | }; | 63 | }; |
@@ -66,8 +66,8 @@ const MHD_gtls_mod_auth_st MHD_gtls_rsa_auth_struct = { | |||
66 | */ | 66 | */ |
67 | int | 67 | int |
68 | MHD__gnutls_get_public_rsa_params (MHD_gtls_session_t session, | 68 | MHD__gnutls_get_public_rsa_params (MHD_gtls_session_t session, |
69 | mpi_t params[MAX_PUBLIC_PARAMS_SIZE], | 69 | mpi_t params[MAX_PUBLIC_PARAMS_SIZE], |
70 | int *params_len) | 70 | int *params_len) |
71 | { | 71 | { |
72 | int ret; | 72 | int ret; |
73 | cert_auth_info_t info; | 73 | cert_auth_info_t info; |
@@ -148,7 +148,7 @@ MHD__gnutls_get_public_rsa_params (MHD_gtls_session_t session, | |||
148 | */ | 148 | */ |
149 | int | 149 | int |
150 | MHD__gnutls_get_private_rsa_params (MHD_gtls_session_t session, | 150 | MHD__gnutls_get_private_rsa_params (MHD_gtls_session_t session, |
151 | mpi_t ** params, int *params_size) | 151 | mpi_t ** params, int *params_size) |
152 | { | 152 | { |
153 | int bits; | 153 | int bits; |
154 | MHD_gtls_cert_credentials_t cred; | 154 | MHD_gtls_cert_credentials_t cred; |
@@ -169,8 +169,8 @@ MHD__gnutls_get_private_rsa_params (MHD_gtls_session_t session, | |||
169 | } | 169 | } |
170 | 170 | ||
171 | bits = | 171 | bits = |
172 | MHD__gnutls_mpi_get_nbits (session->internals.selected_cert_list[0]. | 172 | MHD__gnutls_mpi_get_nbits (session->internals. |
173 | params[0]); | 173 | selected_cert_list[0].params[0]); |
174 | 174 | ||
175 | if (MHD_gtls_cipher_suite_get_kx_algo | 175 | if (MHD_gtls_cipher_suite_get_kx_algo |
176 | (&session->security_parameters.current_cipher_suite) | 176 | (&session->security_parameters.current_cipher_suite) |
@@ -207,7 +207,7 @@ MHD__gnutls_get_private_rsa_params (MHD_gtls_session_t session, | |||
207 | 207 | ||
208 | int | 208 | int |
209 | MHD__gnutls_proc_rsa_client_kx (MHD_gtls_session_t session, opaque * data, | 209 | MHD__gnutls_proc_rsa_client_kx (MHD_gtls_session_t session, opaque * data, |
210 | size_t _data_size) | 210 | size_t _data_size) |
211 | { | 211 | { |
212 | MHD_gnutls_datum_t plaintext; | 212 | MHD_gnutls_datum_t plaintext; |
213 | MHD_gnutls_datum_t ciphertext; | 213 | MHD_gnutls_datum_t ciphertext; |
@@ -291,7 +291,8 @@ MHD__gnutls_proc_rsa_client_kx (MHD_gtls_session_t session, opaque * data, | |||
291 | 291 | ||
292 | /* we do not need strong random numbers here. | 292 | /* we do not need strong random numbers here. |
293 | */ | 293 | */ |
294 | if (MHD_gc_nonce ((char*) session->key->key.data, session->key->key.size) != GC_OK) | 294 | if (MHD_gc_nonce |
295 | ((char *) session->key->key.data, session->key->key.size) != GC_OK) | ||
295 | { | 296 | { |
296 | MHD_gnutls_assert (); | 297 | MHD_gnutls_assert (); |
297 | return GNUTLS_E_RANDOM_FAILED; | 298 | return GNUTLS_E_RANDOM_FAILED; |
@@ -321,7 +322,7 @@ int | |||
321 | MHD__gnutls_gen_rsa_client_kx (MHD_gtls_session_t session, opaque ** data) | 322 | MHD__gnutls_gen_rsa_client_kx (MHD_gtls_session_t session, opaque ** data) |
322 | { | 323 | { |
323 | cert_auth_info_t auth; | 324 | cert_auth_info_t auth; |
324 | MHD_gnutls_datum_t sdata; /* data to send */ | 325 | MHD_gnutls_datum_t sdata; /* data to send */ |
325 | mpi_t params[MAX_PUBLIC_PARAMS_SIZE]; | 326 | mpi_t params[MAX_PUBLIC_PARAMS_SIZE]; |
326 | int params_len = MAX_PUBLIC_PARAMS_SIZE; | 327 | int params_len = MAX_PUBLIC_PARAMS_SIZE; |
327 | int ret, i; | 328 | int ret, i; |
@@ -330,7 +331,7 @@ MHD__gnutls_gen_rsa_client_kx (MHD_gtls_session_t session, opaque ** data) | |||
330 | if (session->key == NULL) | 331 | if (session->key == NULL) |
331 | { | 332 | { |
332 | MHD_gnutls_assert (); | 333 | MHD_gnutls_assert (); |
333 | return GNUTLS_E_INSUFFICIENT_CREDENTIALS; | 334 | return GNUTLS_E_INSUFFICIENT_CREDENTIALS; |
334 | } | 335 | } |
335 | 336 | ||
336 | auth = session->key->auth_info; | 337 | auth = session->key->auth_info; |
@@ -352,8 +353,8 @@ MHD__gnutls_gen_rsa_client_kx (MHD_gtls_session_t session, opaque ** data) | |||
352 | return GNUTLS_E_MEMORY_ERROR; | 353 | return GNUTLS_E_MEMORY_ERROR; |
353 | } | 354 | } |
354 | 355 | ||
355 | if (MHD_gc_pseudo_random ((char*) session->key->key.data, | 356 | if (MHD_gc_pseudo_random ((char *) session->key->key.data, |
356 | session->key->key.size) != GC_OK) | 357 | session->key->key.size) != GC_OK) |
357 | { | 358 | { |
358 | MHD_gnutls_assert (); | 359 | MHD_gnutls_assert (); |
359 | return GNUTLS_E_RANDOM_FAILED; | 360 | return GNUTLS_E_RANDOM_FAILED; |
diff --git a/src/daemon/https/tls/auth_rsa_export.c b/src/daemon/https/tls/auth_rsa_export.c index 31a5f2a6..5fdce12e 100644 --- a/src/daemon/https/tls/auth_rsa_export.c +++ b/src/daemon/https/tls/auth_rsa_export.c | |||
@@ -60,7 +60,7 @@ const MHD_gtls_mod_auth_st MHD_rsa_export_auth_struct = { | |||
60 | MHD_gtls_proc_cert_server_certificate, | 60 | MHD_gtls_proc_cert_server_certificate, |
61 | MHD__gnutls_proc_cert_client_certificate, | 61 | MHD__gnutls_proc_cert_client_certificate, |
62 | proc_rsa_export_server_kx, | 62 | proc_rsa_export_server_kx, |
63 | MHD__gnutls_proc_rsa_client_kx, /* proc client kx */ | 63 | MHD__gnutls_proc_rsa_client_kx, /* proc client kx */ |
64 | MHD_gtls_proc_cert_client_cert_vrfy, /* proc client cert vrfy */ | 64 | MHD_gtls_proc_cert_client_cert_vrfy, /* proc client cert vrfy */ |
65 | MHD_gtls_proc_cert_cert_req /* proc server cert request */ | 65 | MHD_gtls_proc_cert_cert_req /* proc server cert request */ |
66 | }; | 66 | }; |
diff --git a/src/daemon/https/tls/debug.c b/src/daemon/https/tls/debug.c index b7408e39..ac657504 100644 --- a/src/daemon/https/tls/debug.c +++ b/src/daemon/https/tls/debug.c | |||
@@ -37,13 +37,15 @@ MHD__gnutls_print_state (MHD_gtls_session_t session) | |||
37 | 37 | ||
38 | MHD__gnutls_debug_log ("GNUTLS State:\n"); | 38 | MHD__gnutls_debug_log ("GNUTLS State:\n"); |
39 | MHD__gnutls_debug_log ("Connection End: %d\n", | 39 | MHD__gnutls_debug_log ("Connection End: %d\n", |
40 | session->security_parameters.entity); | 40 | session->security_parameters.entity); |
41 | MHD__gnutls_debug_log ("Cipher Algorithm: %d\n", | 41 | MHD__gnutls_debug_log ("Cipher Algorithm: %d\n", |
42 | session->security_parameters.read_bulk_cipher_algorithm); | 42 | session->security_parameters. |
43 | read_bulk_cipher_algorithm); | ||
43 | MHD__gnutls_debug_log ("MAC algorithm: %d\n", | 44 | MHD__gnutls_debug_log ("MAC algorithm: %d\n", |
44 | session->security_parameters.read_mac_algorithm); | 45 | session->security_parameters.read_mac_algorithm); |
45 | MHD__gnutls_debug_log ("Compression Algorithm: %d\n", | 46 | MHD__gnutls_debug_log ("Compression Algorithm: %d\n", |
46 | session->security_parameters.read_compression_algorithm); | 47 | session->security_parameters. |
48 | read_compression_algorithm); | ||
47 | MHD__gnutls_debug_log ("\n"); | 49 | MHD__gnutls_debug_log ("\n"); |
48 | 50 | ||
49 | } | 51 | } |
@@ -123,6 +125,7 @@ MHD__gnutls_dump_mpi (const char *prefix, mpi_t a) | |||
123 | size_t n = sizeof buf; | 125 | size_t n = sizeof buf; |
124 | 126 | ||
125 | if (gcry_mpi_print (GCRYMPI_FMT_HEX, buf, n, &n, a)) | 127 | if (gcry_mpi_print (GCRYMPI_FMT_HEX, buf, n, &n, a)) |
126 | strcpy ((char*) buf, "[can't print value]"); /* Flawfinder: ignore */ | 128 | strcpy ((char *) buf, "[can't print value]"); /* Flawfinder: ignore */ |
127 | MHD__gnutls_hard_log ("MPI: length: %d\n\t%s%s\n", (n - 1) / 2, prefix, buf); | 129 | MHD__gnutls_hard_log ("MPI: length: %d\n\t%s%s\n", (n - 1) / 2, prefix, |
130 | buf); | ||
128 | } | 131 | } |
diff --git a/src/daemon/https/tls/debug.h b/src/daemon/https/tls/debug.h index 637beca8..69c6a06e 100644 --- a/src/daemon/https/tls/debug.h +++ b/src/daemon/https/tls/debug.h | |||
@@ -26,5 +26,6 @@ | |||
26 | void MHD__gnutls_print_state (MHD_gtls_session_t session); | 26 | void MHD__gnutls_print_state (MHD_gtls_session_t session); |
27 | #endif | 27 | #endif |
28 | const char *MHD__gnutls_packet2str (content_type_t packet); | 28 | const char *MHD__gnutls_packet2str (content_type_t packet); |
29 | const char *MHD__gnutls_handshake2str (MHD_gnutls_handshake_description_t handshake); | 29 | const char *MHD__gnutls_handshake2str (MHD_gnutls_handshake_description_t |
30 | handshake); | ||
30 | void MHD__gnutls_dump_mpi (const char *prefix, mpi_t a); | 31 | void MHD__gnutls_dump_mpi (const char *prefix, mpi_t a); |
diff --git a/src/daemon/https/tls/ext_cert_type.c b/src/daemon/https/tls/ext_cert_type.c index a104b00b..5fc53167 100644 --- a/src/daemon/https/tls/ext_cert_type.c +++ b/src/daemon/https/tls/ext_cert_type.c | |||
@@ -183,8 +183,8 @@ MHD_gtls_cert_type_send_params (MHD_gtls_session_t session, opaque * data, | |||
183 | for (i = 0; i < len; i++) | 183 | for (i = 0; i < len; i++) |
184 | { | 184 | { |
185 | data[i + 1] = | 185 | data[i + 1] = |
186 | MHD__gnutls_cert_type2num (session->internals. | 186 | MHD__gnutls_cert_type2num (session->internals.priorities. |
187 | priorities.cert_type.priority[i]); | 187 | cert_type.priority[i]); |
188 | } | 188 | } |
189 | return len + 1; | 189 | return len + 1; |
190 | } | 190 | } |
@@ -203,7 +203,8 @@ MHD_gtls_cert_type_send_params (MHD_gtls_session_t session, opaque * data, | |||
203 | } | 203 | } |
204 | 204 | ||
205 | data[0] = | 205 | data[0] = |
206 | MHD__gnutls_cert_type2num (session->security_parameters.cert_type); | 206 | MHD__gnutls_cert_type2num (session->security_parameters. |
207 | cert_type); | ||
207 | return len; | 208 | return len; |
208 | } | 209 | } |
209 | 210 | ||
diff --git a/src/daemon/https/tls/ext_max_record.c b/src/daemon/https/tls/ext_max_record.c index 421a1739..5dcf2225 100644 --- a/src/daemon/https/tls/ext_max_record.c +++ b/src/daemon/https/tls/ext_max_record.c | |||
@@ -121,8 +121,8 @@ MHD_gtls_max_record_send_params (MHD_gtls_session_t session, opaque * data, | |||
121 | } | 121 | } |
122 | 122 | ||
123 | data[0] = | 123 | data[0] = |
124 | (uint8_t) MHD_gtls_mre_record2num (session->internals. | 124 | (uint8_t) MHD_gtls_mre_record2num (session-> |
125 | proposed_record_size); | 125 | internals.proposed_record_size); |
126 | return len; | 126 | return len; |
127 | } | 127 | } |
128 | 128 | ||
diff --git a/src/daemon/https/tls/ext_oprfi.c b/src/daemon/https/tls/ext_oprfi.c index 913820da..8b245404 100644 --- a/src/daemon/https/tls/ext_oprfi.c +++ b/src/daemon/https/tls/ext_oprfi.c | |||
@@ -58,7 +58,8 @@ oprfi_recv_server (MHD_gtls_session_t session, | |||
58 | 58 | ||
59 | /* Store incoming data. */ | 59 | /* Store incoming data. */ |
60 | session->security_parameters.extensions.oprfi_client_len = len; | 60 | session->security_parameters.extensions.oprfi_client_len = len; |
61 | session->security_parameters.extensions.oprfi_client = MHD_gnutls_malloc (len); | 61 | session->security_parameters.extensions.oprfi_client = |
62 | MHD_gnutls_malloc (len); | ||
62 | if (!session->security_parameters.extensions.oprfi_client) | 63 | if (!session->security_parameters.extensions.oprfi_client) |
63 | { | 64 | { |
64 | MHD_gnutls_assert (); | 65 | MHD_gnutls_assert (); |
@@ -101,7 +102,8 @@ oprfi_recv_client (MHD_gtls_session_t session, | |||
101 | 102 | ||
102 | /* Store incoming data. */ | 103 | /* Store incoming data. */ |
103 | session->security_parameters.extensions.oprfi_server_len = len; | 104 | session->security_parameters.extensions.oprfi_server_len = len; |
104 | session->security_parameters.extensions.oprfi_server = MHD_gnutls_malloc (len); | 105 | session->security_parameters.extensions.oprfi_server = |
106 | MHD_gnutls_malloc (len); | ||
105 | if (!session->security_parameters.extensions.oprfi_server) | 107 | if (!session->security_parameters.extensions.oprfi_server) |
106 | { | 108 | { |
107 | MHD_gnutls_assert (); | 109 | MHD_gnutls_assert (); |
@@ -165,7 +167,8 @@ oprfi_send_server (MHD_gtls_session_t session, opaque * data, | |||
165 | session->security_parameters.extensions.oprfi_server_len = | 167 | session->security_parameters.extensions.oprfi_server_len = |
166 | session->security_parameters.extensions.oprfi_client_len; | 168 | session->security_parameters.extensions.oprfi_client_len; |
167 | session->security_parameters.extensions.oprfi_server = | 169 | session->security_parameters.extensions.oprfi_server = |
168 | MHD_gnutls_malloc (session->security_parameters.extensions.oprfi_server_len); | 170 | MHD_gnutls_malloc (session->security_parameters.extensions. |
171 | oprfi_server_len); | ||
169 | if (!session->security_parameters.extensions.oprfi_server) | 172 | if (!session->security_parameters.extensions.oprfi_server) |
170 | { | 173 | { |
171 | MHD_gnutls_assert (); | 174 | MHD_gnutls_assert (); |
@@ -186,8 +189,8 @@ oprfi_send_server (MHD_gtls_session_t session, opaque * data, | |||
186 | } | 189 | } |
187 | 190 | ||
188 | DECR_LENGTH_RET (data_size, 2, GNUTLS_E_SHORT_MEMORY_BUFFER); | 191 | DECR_LENGTH_RET (data_size, 2, GNUTLS_E_SHORT_MEMORY_BUFFER); |
189 | MHD_gtls_write_uint16 (session->security_parameters. | 192 | MHD_gtls_write_uint16 (session->security_parameters.extensions. |
190 | extensions.oprfi_server_len, p); | 193 | oprfi_server_len, p); |
191 | p += 2; | 194 | p += 2; |
192 | 195 | ||
193 | DECR_LENGTH_RET (data_size, | 196 | DECR_LENGTH_RET (data_size, |
@@ -206,10 +209,10 @@ MHD_gtls_oprfi_send_params (MHD_gtls_session_t session, | |||
206 | { | 209 | { |
207 | #if MHD_DEBUG_TLS | 210 | #if MHD_DEBUG_TLS |
208 | if (session->security_parameters.entity == GNUTLS_CLIENT) | 211 | if (session->security_parameters.entity == GNUTLS_CLIENT) |
209 | return oprfi_send_client (session, data, data_size); | 212 | return oprfi_send_client (session, data, data_size); |
210 | else | 213 | else |
211 | #endif | 214 | #endif |
212 | return oprfi_send_server (session, data, data_size); | 215 | return oprfi_send_server (session, data, data_size); |
213 | } | 216 | } |
214 | 217 | ||
215 | /** | 218 | /** |
@@ -255,7 +258,8 @@ MHD_gtls_oprfi_enable_client (MHD_gtls_session_t session, | |||
255 | **/ | 258 | **/ |
256 | void | 259 | void |
257 | MHD_gtls_oprfi_enable_server (MHD_gtls_session_t session, | 260 | MHD_gtls_oprfi_enable_server (MHD_gtls_session_t session, |
258 | MHD_gnutls_oprfi_callback_func cb, void *userdata) | 261 | MHD_gnutls_oprfi_callback_func cb, |
262 | void *userdata) | ||
259 | { | 263 | { |
260 | session->security_parameters.extensions.oprfi_cb = cb; | 264 | session->security_parameters.extensions.oprfi_cb = cb; |
261 | session->security_parameters.extensions.oprfi_userdata = userdata; | 265 | session->security_parameters.extensions.oprfi_userdata = userdata; |
diff --git a/src/daemon/https/tls/ext_server_name.c b/src/daemon/https/tls/ext_server_name.c index 9878fe62..1e3cab02 100644 --- a/src/daemon/https/tls/ext_server_name.c +++ b/src/daemon/https/tls/ext_server_name.c | |||
@@ -104,12 +104,12 @@ MHD_gtls_server_name_recv_params (MHD_gtls_session_t session, | |||
104 | case 0: /* NAME_DNS */ | 104 | case 0: /* NAME_DNS */ |
105 | if (len <= MAX_SERVER_NAME_SIZE) | 105 | if (len <= MAX_SERVER_NAME_SIZE) |
106 | { | 106 | { |
107 | memcpy (session->security_parameters.extensions. | 107 | memcpy (session->security_parameters. |
108 | server_names[i].name, p, len); | 108 | extensions.server_names[i].name, p, len); |
109 | session->security_parameters.extensions. | 109 | session->security_parameters.extensions.server_names[i]. |
110 | server_names[i].name_length = len; | 110 | name_length = len; |
111 | session->security_parameters.extensions. | 111 | session->security_parameters.extensions.server_names[i]. |
112 | server_names[i].type = GNUTLS_NAME_DNS; | 112 | type = GNUTLS_NAME_DNS; |
113 | break; | 113 | break; |
114 | } | 114 | } |
115 | } | 115 | } |
@@ -150,8 +150,8 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session, | |||
150 | /* count the total size | 150 | /* count the total size |
151 | */ | 151 | */ |
152 | len = | 152 | len = |
153 | session->security_parameters.extensions.server_names[i]. | 153 | session->security_parameters.extensions. |
154 | name_length; | 154 | server_names[i].name_length; |
155 | 155 | ||
156 | /* uint8_t + uint16_t + size | 156 | /* uint8_t + uint16_t + size |
157 | */ | 157 | */ |
@@ -170,14 +170,14 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session, | |||
170 | i < session->security_parameters.extensions.server_names_size; i++) | 170 | i < session->security_parameters.extensions.server_names_size; i++) |
171 | { | 171 | { |
172 | 172 | ||
173 | switch (session->security_parameters.extensions. | 173 | switch (session->security_parameters.extensions.server_names[i]. |
174 | server_names[i].type) | 174 | type) |
175 | { | 175 | { |
176 | case GNUTLS_NAME_DNS: | 176 | case GNUTLS_NAME_DNS: |
177 | 177 | ||
178 | len = | 178 | len = |
179 | session->security_parameters.extensions. | 179 | session->security_parameters.extensions.server_names[i]. |
180 | server_names[i].name_length; | 180 | name_length; |
181 | if (len == 0) | 181 | if (len == 0) |
182 | break; | 182 | break; |
183 | 183 | ||
@@ -195,8 +195,8 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session, | |||
195 | p += 2; | 195 | p += 2; |
196 | 196 | ||
197 | memcpy (p, | 197 | memcpy (p, |
198 | session->security_parameters.extensions. | 198 | session->security_parameters.extensions.server_names[0]. |
199 | server_names[0].name, len); | 199 | name, len); |
200 | p += len; | 200 | p += len; |
201 | break; | 201 | break; |
202 | default: | 202 | default: |
@@ -234,8 +234,8 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session, | |||
234 | **/ | 234 | **/ |
235 | int | 235 | int |
236 | MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data, | 236 | MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data, |
237 | size_t * data_length, | 237 | size_t * data_length, |
238 | unsigned int *type, unsigned int indx) | 238 | unsigned int *type, unsigned int indx) |
239 | { | 239 | { |
240 | char *_data = data; | 240 | char *_data = data; |
241 | #if MHD_DEBUG_TLS | 241 | #if MHD_DEBUG_TLS |
@@ -256,8 +256,8 @@ MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data, | |||
256 | session->security_parameters.extensions.server_names[indx].name_length) | 256 | session->security_parameters.extensions.server_names[indx].name_length) |
257 | { | 257 | { |
258 | *data_length = | 258 | *data_length = |
259 | session->security_parameters.extensions.server_names[indx]. | 259 | session->security_parameters.extensions. |
260 | name_length; | 260 | server_names[indx].name_length; |
261 | memcpy (data, | 261 | memcpy (data, |
262 | session->security_parameters.extensions.server_names[indx].name, | 262 | session->security_parameters.extensions.server_names[indx].name, |
263 | *data_length); | 263 | *data_length); |
@@ -269,8 +269,8 @@ MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data, | |||
269 | else | 269 | else |
270 | { | 270 | { |
271 | *data_length = | 271 | *data_length = |
272 | session->security_parameters.extensions.server_names[indx]. | 272 | session->security_parameters.extensions. |
273 | name_length; | 273 | server_names[indx].name_length; |
274 | return GNUTLS_E_SHORT_MEMORY_BUFFER; | 274 | return GNUTLS_E_SHORT_MEMORY_BUFFER; |
275 | } | 275 | } |
276 | 276 | ||
@@ -296,8 +296,8 @@ MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data, | |||
296 | **/ | 296 | **/ |
297 | int | 297 | int |
298 | MHD__gnutls_server_name_set (MHD_gtls_session_t session, | 298 | MHD__gnutls_server_name_set (MHD_gtls_session_t session, |
299 | MHD_gnutls_server_name_type_t type, | 299 | MHD_gnutls_server_name_type_t type, |
300 | const void *name, size_t name_length) | 300 | const void *name, size_t name_length) |
301 | { | 301 | { |
302 | int server_names; | 302 | int server_names; |
303 | 303 | ||
@@ -318,8 +318,8 @@ MHD__gnutls_server_name_set (MHD_gtls_session_t session, | |||
318 | 318 | ||
319 | session->security_parameters.extensions.server_names[server_names - | 319 | session->security_parameters.extensions.server_names[server_names - |
320 | 1].type = type; | 320 | 1].type = type; |
321 | memcpy (session->security_parameters.extensions. | 321 | memcpy (session->security_parameters. |
322 | server_names[server_names - 1].name, name, name_length); | 322 | extensions.server_names[server_names - 1].name, name, name_length); |
323 | session->security_parameters.extensions.server_names[server_names - | 323 | session->security_parameters.extensions.server_names[server_names - |
324 | 1].name_length = | 324 | 1].name_length = |
325 | name_length; | 325 | name_length; |
diff --git a/src/daemon/https/tls/gnutls_alert.c b/src/daemon/https/tls/gnutls_alert.c index b3ad303d..4925f6e7 100644 --- a/src/daemon/https/tls/gnutls_alert.c +++ b/src/daemon/https/tls/gnutls_alert.c | |||
@@ -110,8 +110,9 @@ MHD__gnutls_alert_get_name (MHD_gnutls_alert_description_t alert) | |||
110 | * | 110 | * |
111 | **/ | 111 | **/ |
112 | int | 112 | int |
113 | MHD__gnutls_alert_send (MHD_gtls_session_t session, MHD_gnutls_alert_level_t level, | 113 | MHD__gnutls_alert_send (MHD_gtls_session_t session, |
114 | MHD_gnutls_alert_description_t desc) | 114 | MHD_gnutls_alert_level_t level, |
115 | MHD_gnutls_alert_description_t desc) | ||
115 | { | 116 | { |
116 | uint8_t data[2]; | 117 | uint8_t data[2]; |
117 | int ret; | 118 | int ret; |
@@ -124,7 +125,7 @@ MHD__gnutls_alert_send (MHD_gtls_session_t session, MHD_gnutls_alert_level_t lev | |||
124 | if (name == NULL) | 125 | if (name == NULL) |
125 | name = "(unknown)"; | 126 | name = "(unknown)"; |
126 | MHD__gnutls_record_log ("REC: Sending Alert[%d|%d] - %s\n", data[0], | 127 | MHD__gnutls_record_log ("REC: Sending Alert[%d|%d] - %s\n", data[0], |
127 | data[1], name); | 128 | data[1], name); |
128 | 129 | ||
129 | if ((ret = MHD_gtls_send_int (session, GNUTLS_ALERT, -1, data, 2)) >= 0) | 130 | if ((ret = MHD_gtls_send_int (session, GNUTLS_ALERT, -1, data, 2)) >= 0) |
130 | return 0; | 131 | return 0; |
diff --git a/src/daemon/https/tls/gnutls_algorithms.c b/src/daemon/https/tls/gnutls_algorithms.c index d6e12f48..18ba0457 100644 --- a/src/daemon/https/tls/gnutls_algorithms.c +++ b/src/daemon/https/tls/gnutls_algorithms.c | |||
@@ -352,7 +352,8 @@ const int MHD__gnutls_comp_algorithms_size = MAX_COMP_METHODS; | |||
352 | 352 | ||
353 | /* the compression entry is defined in MHD_gnutls_algorithms.h */ | 353 | /* the compression entry is defined in MHD_gnutls_algorithms.h */ |
354 | 354 | ||
355 | MHD_gnutls_compression_entry MHD__gnutls_compression_algorithms[MAX_COMP_METHODS] = | 355 | MHD_gnutls_compression_entry |
356 | MHD__gnutls_compression_algorithms[MAX_COMP_METHODS] = | ||
356 | { GNUTLS_COMPRESSION_ENTRY (MHD_GNUTLS_COMP_NULL, 0x00, 0, 0, 0), | 357 | { GNUTLS_COMPRESSION_ENTRY (MHD_GNUTLS_COMP_NULL, 0x00, 0, 0, 0), |
357 | #ifdef HAVE_LIBZ | 358 | #ifdef HAVE_LIBZ |
358 | /* draft-ietf-tls-compression-02 */ | 359 | /* draft-ietf-tls-compression-02 */ |
@@ -1310,7 +1311,7 @@ MHD_gtls_version_lowest (MHD_gtls_session_t session) | |||
1310 | } | 1311 | } |
1311 | 1312 | ||
1312 | if (min == 0xff) | 1313 | if (min == 0xff) |
1313 | return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */ | 1314 | return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */ |
1314 | 1315 | ||
1315 | return min; | 1316 | return min; |
1316 | } | 1317 | } |
@@ -1333,7 +1334,7 @@ MHD_gtls_version_max (MHD_gtls_session_t session) | |||
1333 | } | 1334 | } |
1334 | 1335 | ||
1335 | if (max == 0x00) | 1336 | if (max == 0x00) |
1336 | return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */ | 1337 | return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */ |
1337 | 1338 | ||
1338 | return max; | 1339 | return max; |
1339 | } | 1340 | } |
@@ -1542,11 +1543,11 @@ MHD__gnutls_cipher_suite_is_ok (cipher_suite_st * suite) | |||
1542 | #define MAX_ELEM_SIZE 4 | 1543 | #define MAX_ELEM_SIZE 4 |
1543 | static inline int | 1544 | static inline int |
1544 | MHD__gnutls_partition (MHD_gtls_session_t session, | 1545 | MHD__gnutls_partition (MHD_gtls_session_t session, |
1545 | void *_base, | 1546 | void *_base, |
1546 | size_t nmemb, | 1547 | size_t nmemb, |
1547 | size_t size, | 1548 | size_t size, |
1548 | int (*compar) (MHD_gtls_session_t, | 1549 | int (*compar) (MHD_gtls_session_t, |
1549 | const void *, const void *)) | 1550 | const void *, const void *)) |
1550 | { | 1551 | { |
1551 | uint8_t *base = _base; | 1552 | uint8_t *base = _base; |
1552 | uint8_t tmp[MAX_ELEM_SIZE]; | 1553 | uint8_t tmp[MAX_ELEM_SIZE]; |
@@ -1590,10 +1591,11 @@ MHD__gnutls_partition (MHD_gtls_session_t session, | |||
1590 | 1591 | ||
1591 | static void | 1592 | static void |
1592 | MHD__gnutls_qsort (MHD_gtls_session_t session, | 1593 | MHD__gnutls_qsort (MHD_gtls_session_t session, |
1593 | void *_base, | 1594 | void *_base, |
1594 | size_t nmemb, | 1595 | size_t nmemb, |
1595 | size_t size, | 1596 | size_t size, |
1596 | int (*compar) (MHD_gtls_session_t, const void *, const void *)) | 1597 | int (*compar) (MHD_gtls_session_t, const void *, |
1598 | const void *)) | ||
1597 | { | 1599 | { |
1598 | unsigned int pivot; | 1600 | unsigned int pivot; |
1599 | char *base = _base; | 1601 | char *base = _base; |
@@ -1613,9 +1615,9 @@ MHD__gnutls_qsort (MHD_gtls_session_t session, | |||
1613 | pivot = MHD__gnutls_partition (session, _base, nmemb, size, compar); | 1615 | pivot = MHD__gnutls_partition (session, _base, nmemb, size, compar); |
1614 | 1616 | ||
1615 | MHD__gnutls_qsort (session, base, pivot < nmemb ? pivot + 1 | 1617 | MHD__gnutls_qsort (session, base, pivot < nmemb ? pivot + 1 |
1616 | : pivot, size, compar); | 1618 | : pivot, size, compar); |
1617 | MHD__gnutls_qsort (session, &base[(pivot + 1) * size], nmemb - pivot - 1, size, | 1619 | MHD__gnutls_qsort (session, &base[(pivot + 1) * size], nmemb - pivot - 1, |
1618 | compar); | 1620 | size, compar); |
1619 | } | 1621 | } |
1620 | 1622 | ||
1621 | /* a compare function for KX algorithms (using priorities). | 1623 | /* a compare function for KX algorithms (using priorities). |
@@ -1623,7 +1625,7 @@ MHD__gnutls_qsort (MHD_gtls_session_t session, | |||
1623 | */ | 1625 | */ |
1624 | static int | 1626 | static int |
1625 | MHD__gnutls_compare_algo (MHD_gtls_session_t session, | 1627 | MHD__gnutls_compare_algo (MHD_gtls_session_t session, |
1626 | const void *i_A1, const void *i_A2) | 1628 | const void *i_A1, const void *i_A2) |
1627 | { | 1629 | { |
1628 | enum MHD_GNUTLS_KeyExchangeAlgorithm kA1 = | 1630 | enum MHD_GNUTLS_KeyExchangeAlgorithm kA1 = |
1629 | MHD_gtls_cipher_suite_get_kx_algo ((const cipher_suite_st *) i_A1); | 1631 | MHD_gtls_cipher_suite_get_kx_algo ((const cipher_suite_st *) i_A1); |
@@ -1662,8 +1664,8 @@ MHD__gnutls_compare_algo (MHD_gtls_session_t session, | |||
1662 | #ifdef SORT_DEBUG | 1664 | #ifdef SORT_DEBUG |
1663 | static void | 1665 | static void |
1664 | MHD__gnutls_bsort (MHD_gtls_session_t session, void *_base, size_t nmemb, | 1666 | MHD__gnutls_bsort (MHD_gtls_session_t session, void *_base, size_t nmemb, |
1665 | size_t size, int (*compar) (MHD_gtls_session_t, const void *, | 1667 | size_t size, int (*compar) (MHD_gtls_session_t, |
1666 | const void *)) | 1668 | const void *, const void *)) |
1667 | { | 1669 | { |
1668 | unsigned int i, j; | 1670 | unsigned int i, j; |
1669 | int full = nmemb * size; | 1671 | int full = nmemb * size; |
@@ -1704,17 +1706,17 @@ MHD_gtls_supported_ciphersuites_sorted (MHD_gtls_session_t session, | |||
1704 | MHD__gnutls_debug_log ("Unsorted: \n"); | 1706 | MHD__gnutls_debug_log ("Unsorted: \n"); |
1705 | for (i = 0; i < count; i++) | 1707 | for (i = 0; i < count; i++) |
1706 | MHD__gnutls_debug_log ("\t%d: %s\n", i, | 1708 | MHD__gnutls_debug_log ("\t%d: %s\n", i, |
1707 | MHD_gtls_cipher_suite_get_name ((*ciphers)[i])); | 1709 | MHD_gtls_cipher_suite_get_name ((*ciphers)[i])); |
1708 | #endif | 1710 | #endif |
1709 | 1711 | ||
1710 | MHD__gnutls_qsort (session, *ciphers, count, sizeof (cipher_suite_st), | 1712 | MHD__gnutls_qsort (session, *ciphers, count, sizeof (cipher_suite_st), |
1711 | MHD__gnutls_compare_algo); | 1713 | MHD__gnutls_compare_algo); |
1712 | 1714 | ||
1713 | #ifdef SORT_DEBUG | 1715 | #ifdef SORT_DEBUG |
1714 | MHD__gnutls_debug_log ("Sorted: \n"); | 1716 | MHD__gnutls_debug_log ("Sorted: \n"); |
1715 | for (i = 0; i < count; i++) | 1717 | for (i = 0; i < count; i++) |
1716 | MHD__gnutls_debug_log ("\t%d: %s\n", i, | 1718 | MHD__gnutls_debug_log ("\t%d: %s\n", i, |
1717 | MHD_gtls_cipher_suite_get_name ((*ciphers)[i])); | 1719 | MHD_gtls_cipher_suite_get_name ((*ciphers)[i])); |
1718 | #endif | 1720 | #endif |
1719 | 1721 | ||
1720 | return count; | 1722 | return count; |
@@ -1832,15 +1834,16 @@ MHD_gtls_supported_compression_methods (MHD_gtls_session_t session, | |||
1832 | { | 1834 | { |
1833 | unsigned int i, j; | 1835 | unsigned int i, j; |
1834 | 1836 | ||
1835 | *comp = MHD_gnutls_malloc (sizeof (uint8_t) * SUPPORTED_COMPRESSION_METHODS); | 1837 | *comp = |
1838 | MHD_gnutls_malloc (sizeof (uint8_t) * SUPPORTED_COMPRESSION_METHODS); | ||
1836 | if (*comp == NULL) | 1839 | if (*comp == NULL) |
1837 | return GNUTLS_E_MEMORY_ERROR; | 1840 | return GNUTLS_E_MEMORY_ERROR; |
1838 | 1841 | ||
1839 | for (i = j = 0; i < SUPPORTED_COMPRESSION_METHODS; i++) | 1842 | for (i = j = 0; i < SUPPORTED_COMPRESSION_METHODS; i++) |
1840 | { | 1843 | { |
1841 | int tmp = | 1844 | int tmp = |
1842 | MHD_gtls_compression_get_num (session->internals.priorities. | 1845 | MHD_gtls_compression_get_num (session->internals. |
1843 | compression.priority[i]); | 1846 | priorities.compression.priority[i]); |
1844 | 1847 | ||
1845 | /* remove private compression algorithms, if requested. | 1848 | /* remove private compression algorithms, if requested. |
1846 | */ | 1849 | */ |
diff --git a/src/daemon/https/tls/gnutls_algorithms.h b/src/daemon/https/tls/gnutls_algorithms.h index c0cb2332..ba4e83ba 100644 --- a/src/daemon/https/tls/gnutls_algorithms.h +++ b/src/daemon/https/tls/gnutls_algorithms.h | |||
@@ -93,7 +93,8 @@ int MHD_gtls_kx_is_ok (enum MHD_GNUTLS_KeyExchangeAlgorithm algorithm); | |||
93 | int MHD_gtls_compression_is_ok (enum MHD_GNUTLS_CompressionMethod algorithm); | 93 | int MHD_gtls_compression_is_ok (enum MHD_GNUTLS_CompressionMethod algorithm); |
94 | int MHD_gtls_compression_get_num (enum MHD_GNUTLS_CompressionMethod | 94 | int MHD_gtls_compression_get_num (enum MHD_GNUTLS_CompressionMethod |
95 | algorithm); | 95 | algorithm); |
96 | enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get_id_from_int (int num); | 96 | enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get_id_from_int (int |
97 | num); | ||
97 | int MHD_gtls_compression_get_mem_level (enum MHD_GNUTLS_CompressionMethod | 98 | int MHD_gtls_compression_get_mem_level (enum MHD_GNUTLS_CompressionMethod |
98 | algorithm); | 99 | algorithm); |
99 | int MHD_gtls_compression_get_comp_level (enum MHD_GNUTLS_CompressionMethod | 100 | int MHD_gtls_compression_get_comp_level (enum MHD_GNUTLS_CompressionMethod |
@@ -140,13 +141,14 @@ struct MHD_gtls_compression_entry | |||
140 | typedef struct MHD_gtls_compression_entry MHD_gnutls_compression_entry; | 141 | typedef struct MHD_gtls_compression_entry MHD_gnutls_compression_entry; |
141 | 142 | ||
142 | /* Functions for sign algorithms. */ | 143 | /* Functions for sign algorithms. */ |
143 | MHD_gnutls_sign_algorithm_t MHD_gtls_x509_oid2sign_algorithm (const char *oid); | 144 | MHD_gnutls_sign_algorithm_t MHD_gtls_x509_oid2sign_algorithm (const char |
145 | *oid); | ||
144 | MHD_gnutls_sign_algorithm_t MHD_gtls_x509_pk_to_sign (enum | 146 | MHD_gnutls_sign_algorithm_t MHD_gtls_x509_pk_to_sign (enum |
145 | MHD_GNUTLS_PublicKeyAlgorithm | 147 | MHD_GNUTLS_PublicKeyAlgorithm |
146 | pk, | 148 | pk, |
147 | enum | 149 | enum |
148 | MHD_GNUTLS_HashAlgorithm | 150 | MHD_GNUTLS_HashAlgorithm |
149 | mac); | 151 | mac); |
150 | const char *MHD_gtls_x509_sign_to_oid (enum MHD_GNUTLS_PublicKeyAlgorithm, | 152 | const char *MHD_gtls_x509_sign_to_oid (enum MHD_GNUTLS_PublicKeyAlgorithm, |
151 | enum MHD_GNUTLS_HashAlgorithm mac); | 153 | enum MHD_GNUTLS_HashAlgorithm mac); |
152 | 154 | ||
diff --git a/src/daemon/https/tls/gnutls_anon_cred.c b/src/daemon/https/tls/gnutls_anon_cred.c index 665a0758..d73c0edd 100644 --- a/src/daemon/https/tls/gnutls_anon_cred.c +++ b/src/daemon/https/tls/gnutls_anon_cred.c | |||
@@ -44,7 +44,7 @@ static const int anon_dummy; | |||
44 | **/ | 44 | **/ |
45 | void | 45 | void |
46 | MHD__gnutls_anon_free_server_credentials (MHD_gtls_anon_server_credentials_t | 46 | MHD__gnutls_anon_free_server_credentials (MHD_gtls_anon_server_credentials_t |
47 | sc) | 47 | sc) |
48 | { | 48 | { |
49 | 49 | ||
50 | MHD_gnutls_free (sc); | 50 | MHD_gnutls_free (sc); |
@@ -80,7 +80,7 @@ int | |||
80 | **/ | 80 | **/ |
81 | void | 81 | void |
82 | MHD__gnutls_anon_free_client_credentials (MHD_gtls_anon_client_credentials_t | 82 | MHD__gnutls_anon_free_client_credentials (MHD_gtls_anon_client_credentials_t |
83 | sc) | 83 | sc) |
84 | { | 84 | { |
85 | } | 85 | } |
86 | 86 | ||
@@ -116,7 +116,7 @@ int | |||
116 | **/ | 116 | **/ |
117 | void | 117 | void |
118 | MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t res, | 118 | MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t res, |
119 | MHD_gtls_dh_params_t dh_params) | 119 | MHD_gtls_dh_params_t dh_params) |
120 | { | 120 | { |
121 | res->dh_params = dh_params; | 121 | res->dh_params = dh_params; |
122 | } | 122 | } |
@@ -131,9 +131,8 @@ MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t res, | |||
131 | * callback should return zero on success. | 131 | * callback should return zero on success. |
132 | **/ | 132 | **/ |
133 | void | 133 | void |
134 | MHD__gnutls_anon_set_server_params_function (MHD_gtls_anon_server_credentials_t | 134 | MHD__gnutls_anon_set_server_params_function |
135 | res, | 135 | (MHD_gtls_anon_server_credentials_t res, MHD_gnutls_params_function * func) |
136 | MHD_gnutls_params_function * func) | ||
137 | { | 136 | { |
138 | res->params_func = func; | 137 | res->params_func = func; |
139 | } | 138 | } |
diff --git a/src/daemon/https/tls/gnutls_auth.c b/src/daemon/https/tls/gnutls_auth.c index b1e1abe7..6f14d9c8 100644 --- a/src/daemon/https/tls/gnutls_auth.c +++ b/src/daemon/https/tls/gnutls_auth.c | |||
@@ -91,7 +91,7 @@ MHD__gnutls_credentials_clear (MHD_gtls_session_t session) | |||
91 | **/ | 91 | **/ |
92 | int | 92 | int |
93 | MHD__gnutls_credentials_set (MHD_gtls_session_t session, | 93 | MHD__gnutls_credentials_set (MHD_gtls_session_t session, |
94 | enum MHD_GNUTLS_CredentialsType type, void *cred) | 94 | enum MHD_GNUTLS_CredentialsType type, void *cred) |
95 | { | 95 | { |
96 | auth_cred_st *ccred = NULL, *pcred = NULL; | 96 | auth_cred_st *ccred = NULL, *pcred = NULL; |
97 | int exists = 0; | 97 | int exists = 0; |
@@ -170,8 +170,9 @@ MHD_gtls_auth_get_type (MHD_gtls_session_t session) | |||
170 | 170 | ||
171 | return | 171 | return |
172 | MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo | 172 | MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo |
173 | (&session->security_parameters. | 173 | (&session-> |
174 | current_cipher_suite), server); | 174 | security_parameters.current_cipher_suite), |
175 | server); | ||
175 | } | 176 | } |
176 | 177 | ||
177 | /** | 178 | /** |
@@ -188,8 +189,8 @@ MHD_gtls_auth_server_get_type (MHD_gtls_session_t session) | |||
188 | { | 189 | { |
189 | return | 190 | return |
190 | MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo | 191 | MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo |
191 | (&session->security_parameters. | 192 | (&session-> |
192 | current_cipher_suite), 1); | 193 | security_parameters.current_cipher_suite), 1); |
193 | } | 194 | } |
194 | 195 | ||
195 | /** | 196 | /** |
@@ -206,8 +207,8 @@ MHD_gtls_auth_client_get_type (MHD_gtls_session_t session) | |||
206 | { | 207 | { |
207 | return | 208 | return |
208 | MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo | 209 | MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo |
209 | (&session->security_parameters. | 210 | (&session-> |
210 | current_cipher_suite), 0); | 211 | security_parameters.current_cipher_suite), 0); |
211 | } | 212 | } |
212 | 213 | ||
213 | 214 | ||
diff --git a/src/daemon/https/tls/gnutls_buffers.c b/src/daemon/https/tls/gnutls_buffers.c index 0a0f367b..8c6bb750 100644 --- a/src/daemon/https/tls/gnutls_buffers.c +++ b/src/daemon/https/tls/gnutls_buffers.c | |||
@@ -137,19 +137,19 @@ MHD_gnutls_record_buffer_put (content_type_t type, | |||
137 | case GNUTLS_APPLICATION_DATA: | 137 | case GNUTLS_APPLICATION_DATA: |
138 | buf = &session->internals.application_data_buffer; | 138 | buf = &session->internals.application_data_buffer; |
139 | MHD__gnutls_buffers_log ("BUF[REC]: Inserted %d bytes of Data(%d)\n", | 139 | MHD__gnutls_buffers_log ("BUF[REC]: Inserted %d bytes of Data(%d)\n", |
140 | length, type); | 140 | length, type); |
141 | break; | 141 | break; |
142 | 142 | ||
143 | case GNUTLS_HANDSHAKE: | 143 | case GNUTLS_HANDSHAKE: |
144 | buf = &session->internals.handshake_data_buffer; | 144 | buf = &session->internals.handshake_data_buffer; |
145 | MHD__gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data(%d)\n", | 145 | MHD__gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data(%d)\n", |
146 | length, type); | 146 | length, type); |
147 | break; | 147 | break; |
148 | 148 | ||
149 | case GNUTLS_INNER_APPLICATION: | 149 | case GNUTLS_INNER_APPLICATION: |
150 | buf = &session->internals.ia_data_buffer; | 150 | buf = &session->internals.ia_data_buffer; |
151 | MHD__gnutls_buffers_log ("BUF[IA]: Inserted %d bytes of Data(%d)\n", length, | 151 | MHD__gnutls_buffers_log ("BUF[IA]: Inserted %d bytes of Data(%d)\n", |
152 | type); | 152 | length, type); |
153 | break; | 153 | break; |
154 | 154 | ||
155 | default: | 155 | default: |
@@ -223,7 +223,7 @@ MHD_gtls_record_buffer_get (content_type_t type, MHD_gtls_session_t session, | |||
223 | } | 223 | } |
224 | 224 | ||
225 | MHD__gnutls_buffers_log ("BUFFER[REC][AD]: Read %d bytes of Data(%d)\n", | 225 | MHD__gnutls_buffers_log ("BUFFER[REC][AD]: Read %d bytes of Data(%d)\n", |
226 | length, type); | 226 | length, type); |
227 | 227 | ||
228 | session->internals.application_data_buffer.length -= length; | 228 | session->internals.application_data_buffer.length -= length; |
229 | memcpy (data, session->internals.application_data_buffer.data, length); | 229 | memcpy (data, session->internals.application_data_buffer.data, length); |
@@ -246,7 +246,7 @@ MHD_gtls_record_buffer_get (content_type_t type, MHD_gtls_session_t session, | |||
246 | } | 246 | } |
247 | 247 | ||
248 | MHD__gnutls_buffers_log ("BUF[REC][HD]: Read %d bytes of Data(%d)\n", | 248 | MHD__gnutls_buffers_log ("BUF[REC][HD]: Read %d bytes of Data(%d)\n", |
249 | length, type); | 249 | length, type); |
250 | 250 | ||
251 | session->internals.handshake_data_buffer.length -= length; | 251 | session->internals.handshake_data_buffer.length -= length; |
252 | memcpy (data, session->internals.handshake_data_buffer.data, length); | 252 | memcpy (data, session->internals.handshake_data_buffer.data, length); |
@@ -263,7 +263,7 @@ MHD_gtls_record_buffer_get (content_type_t type, MHD_gtls_session_t session, | |||
263 | length = session->internals.ia_data_buffer.length; | 263 | length = session->internals.ia_data_buffer.length; |
264 | 264 | ||
265 | MHD__gnutls_buffers_log ("BUF[REC][IA]: Read %d bytes of Data(%d)\n", | 265 | MHD__gnutls_buffers_log ("BUF[REC][IA]: Read %d bytes of Data(%d)\n", |
266 | length, type); | 266 | length, type); |
267 | 267 | ||
268 | session->internals.ia_data_buffer.length -= length; | 268 | session->internals.ia_data_buffer.length -= length; |
269 | memcpy (data, session->internals.ia_data_buffer.data, length); | 269 | memcpy (data, session->internals.ia_data_buffer.data, length); |
@@ -290,7 +290,7 @@ MHD_gtls_record_buffer_get (content_type_t type, MHD_gtls_session_t session, | |||
290 | */ | 290 | */ |
291 | static ssize_t | 291 | static ssize_t |
292 | MHD__gnutls_read (MHD_gtls_session_t session, void *iptr, | 292 | MHD__gnutls_read (MHD_gtls_session_t session, void *iptr, |
293 | size_t sizeOfPtr, int flags) | 293 | size_t sizeOfPtr, int flags) |
294 | { | 294 | { |
295 | size_t left; | 295 | size_t left; |
296 | ssize_t i = 0; | 296 | ssize_t i = 0; |
@@ -333,16 +333,17 @@ MHD__gnutls_read (MHD_gtls_session_t session, void *iptr, | |||
333 | } | 333 | } |
334 | else | 334 | else |
335 | i = session->internals.MHD__gnutls_pull_func (fd, | 335 | i = session->internals.MHD__gnutls_pull_func (fd, |
336 | &ptr[sizeOfPtr - left], | 336 | &ptr[sizeOfPtr - left], |
337 | left); | 337 | left); |
338 | 338 | ||
339 | if (i < 0) | 339 | if (i < 0) |
340 | { | 340 | { |
341 | int err = session->internals.errnum ? session->internals.errnum | 341 | int err = session->internals.errnum ? session->internals.errnum |
342 | : errno; | 342 | : errno; |
343 | 343 | ||
344 | MHD__gnutls_read_log ("READ: %d returned from %d, errno=%d gerrno=%d\n", | 344 | MHD__gnutls_read_log |
345 | i, fd, errno, session->internals.errnum); | 345 | ("READ: %d returned from %d, errno=%d gerrno=%d\n", i, fd, errno, |
346 | session->internals.errnum); | ||
346 | 347 | ||
347 | if (err == EAGAIN || err == EINTR) | 348 | if (err == EAGAIN || err == EINTR) |
348 | { | 349 | { |
@@ -350,7 +351,7 @@ MHD__gnutls_read (MHD_gtls_session_t session, void *iptr, | |||
350 | { | 351 | { |
351 | 352 | ||
352 | MHD__gnutls_read_log ("READ: returning %d bytes from %d\n", | 353 | MHD__gnutls_read_log ("READ: returning %d bytes from %d\n", |
353 | sizeOfPtr - left, fd); | 354 | sizeOfPtr - left, fd); |
354 | 355 | ||
355 | goto finish; | 356 | goto finish; |
356 | } | 357 | } |
@@ -386,8 +387,8 @@ finish: | |||
386 | char line[128]; | 387 | char line[128]; |
387 | char tmp[16]; | 388 | char tmp[16]; |
388 | 389 | ||
389 | MHD__gnutls_read_log ("READ: read %d bytes from %d\n", (sizeOfPtr - left), | 390 | MHD__gnutls_read_log ("READ: read %d bytes from %d\n", |
390 | fd); | 391 | (sizeOfPtr - left), fd); |
391 | 392 | ||
392 | for (x = 0; x < ((sizeOfPtr - left) / 16) + 1; x++) | 393 | for (x = 0; x < ((sizeOfPtr - left) / 16) + 1; x++) |
393 | { | 394 | { |
@@ -486,7 +487,7 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr, | |||
486 | 487 | ||
487 | if (sizeOfPtr > MAX_RECV_SIZE || sizeOfPtr == 0) | 488 | if (sizeOfPtr > MAX_RECV_SIZE || sizeOfPtr == 0) |
488 | { | 489 | { |
489 | MHD_gnutls_assert (); /* internal error */ | 490 | MHD_gnutls_assert (); /* internal error */ |
490 | return GNUTLS_E_INVALID_REQUEST; | 491 | return GNUTLS_E_INVALID_REQUEST; |
491 | } | 492 | } |
492 | 493 | ||
@@ -536,7 +537,7 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr, | |||
536 | if ((session->internals.record_recv_buffer.length + recvdata) | 537 | if ((session->internals.record_recv_buffer.length + recvdata) |
537 | > MAX_RECV_SIZE) | 538 | > MAX_RECV_SIZE) |
538 | { | 539 | { |
539 | MHD_gnutls_assert (); /* internal error */ | 540 | MHD_gnutls_assert (); /* internal error */ |
540 | return GNUTLS_E_INVALID_REQUEST; | 541 | return GNUTLS_E_INVALID_REQUEST; |
541 | } | 542 | } |
542 | 543 | ||
@@ -559,7 +560,8 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr, | |||
559 | /* READ DATA - but leave RCVLOWAT bytes in the kernel buffer. */ | 560 | /* READ DATA - but leave RCVLOWAT bytes in the kernel buffer. */ |
560 | if (recvdata - recvlowat > 0) | 561 | if (recvdata - recvlowat > 0) |
561 | { | 562 | { |
562 | ret = MHD__gnutls_read (session, &buf[buf_pos], recvdata - recvlowat, 0); | 563 | ret = |
564 | MHD__gnutls_read (session, &buf[buf_pos], recvdata - recvlowat, 0); | ||
563 | 565 | ||
564 | /* return immediately if we got an interrupt or eagain | 566 | /* return immediately if we got an interrupt or eagain |
565 | * error. | 567 | * error. |
@@ -574,8 +576,9 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr, | |||
574 | */ | 576 | */ |
575 | if (ret > 0) | 577 | if (ret > 0) |
576 | { | 578 | { |
577 | MHD__gnutls_read_log ("RB: Have %d bytes into buffer. Adding %d bytes.\n", | 579 | MHD__gnutls_read_log |
578 | session->internals.record_recv_buffer.length, ret); | 580 | ("RB: Have %d bytes into buffer. Adding %d bytes.\n", |
581 | session->internals.record_recv_buffer.length, ret); | ||
579 | MHD__gnutls_read_log ("RB: Requested %d bytes\n", sizeOfPtr); | 582 | MHD__gnutls_read_log ("RB: Requested %d bytes\n", sizeOfPtr); |
580 | session->internals.record_recv_buffer.length += ret; | 583 | session->internals.record_recv_buffer.length += ret; |
581 | } | 584 | } |
@@ -598,7 +601,8 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr, | |||
598 | 601 | ||
599 | if (ret2 > 0) | 602 | if (ret2 > 0) |
600 | { | 603 | { |
601 | MHD__gnutls_read_log ("RB-PEEK: Read %d bytes in PEEK MODE.\n", ret2); | 604 | MHD__gnutls_read_log ("RB-PEEK: Read %d bytes in PEEK MODE.\n", |
605 | ret2); | ||
602 | MHD__gnutls_read_log | 606 | MHD__gnutls_read_log |
603 | ("RB-PEEK: Have %d bytes into buffer. Adding %d bytes.\nRB: Requested %d bytes\n", | 607 | ("RB-PEEK: Have %d bytes into buffer. Adding %d bytes.\nRB: Requested %d bytes\n", |
604 | session->internals.record_recv_buffer.length, ret2, sizeOfPtr); | 608 | session->internals.record_recv_buffer.length, ret2, sizeOfPtr); |
@@ -652,7 +656,7 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr, | |||
652 | 656 | ||
653 | inline static int | 657 | inline static int |
654 | MHD__gnutls_buffer_insert (MHD_gtls_buffer * buffer, | 658 | MHD__gnutls_buffer_insert (MHD_gtls_buffer * buffer, |
655 | const opaque * _data, size_t data_size) | 659 | const opaque * _data, size_t data_size) |
656 | { | 660 | { |
657 | 661 | ||
658 | if ((MEMSUB (_data, buffer->data) >= 0) | 662 | if ((MEMSUB (_data, buffer->data) >= 0) |
@@ -691,7 +695,7 @@ MHD__gnutls_buffer_insert (MHD_gtls_buffer * buffer, | |||
691 | 695 | ||
692 | inline static int | 696 | inline static int |
693 | MHD__gnutls_buffer_get (MHD_gtls_buffer * buffer, | 697 | MHD__gnutls_buffer_get (MHD_gtls_buffer * buffer, |
694 | const opaque ** ptr, size_t * ptr_size) | 698 | const opaque ** ptr, size_t * ptr_size) |
695 | { | 699 | { |
696 | *ptr_size = buffer->length; | 700 | *ptr_size = buffer->length; |
697 | *ptr = buffer->data; | 701 | *ptr = buffer->data; |
@@ -742,7 +746,8 @@ MHD_gtls_io_write_buffered (MHD_gtls_session_t session, | |||
742 | if (iptr == NULL) | 746 | if (iptr == NULL) |
743 | { | 747 | { |
744 | /* checking is handled above */ | 748 | /* checking is handled above */ |
745 | ret = MHD__gnutls_buffer_get (&session->internals.record_send_buffer, &ptr, | 749 | ret = |
750 | MHD__gnutls_buffer_get (&session->internals.record_send_buffer, &ptr, | ||
746 | &n); | 751 | &n); |
747 | if (ret < 0) | 752 | if (ret < 0) |
748 | { | 753 | { |
@@ -750,8 +755,8 @@ MHD_gtls_io_write_buffered (MHD_gtls_session_t session, | |||
750 | return ret; | 755 | return ret; |
751 | } | 756 | } |
752 | 757 | ||
753 | MHD__gnutls_write_log ("WRITE: Restoring old write. (%d bytes to send)\n", | 758 | MHD__gnutls_write_log |
754 | n); | 759 | ("WRITE: Restoring old write. (%d bytes to send)\n", n); |
755 | } | 760 | } |
756 | 761 | ||
757 | MHD__gnutls_write_log ("WRITE: Will write %d bytes to %d.\n", n, fd); | 762 | MHD__gnutls_write_log ("WRITE: Will write %d bytes to %d.\n", n, fd); |
@@ -789,7 +794,8 @@ MHD_gtls_io_write_buffered (MHD_gtls_session_t session, | |||
789 | #endif | 794 | #endif |
790 | } | 795 | } |
791 | else | 796 | else |
792 | i = session->internals.MHD__gnutls_push_func (fd, &ptr[n - left], left); | 797 | i = |
798 | session->internals.MHD__gnutls_push_func (fd, &ptr[n - left], left); | ||
793 | 799 | ||
794 | if (i == -1) | 800 | if (i == -1) |
795 | { | 801 | { |
@@ -801,8 +807,9 @@ MHD_gtls_io_write_buffered (MHD_gtls_session_t session, | |||
801 | session->internals.record_send_buffer_prev_size += n - left; | 807 | session->internals.record_send_buffer_prev_size += n - left; |
802 | 808 | ||
803 | retval = | 809 | retval = |
804 | MHD__gnutls_buffer_insert (&session->internals.record_send_buffer, | 810 | MHD__gnutls_buffer_insert (&session->internals. |
805 | &ptr[n - left], left); | 811 | record_send_buffer, &ptr[n - left], |
812 | left); | ||
806 | if (retval < 0) | 813 | if (retval < 0) |
807 | { | 814 | { |
808 | MHD_gnutls_assert (); | 815 | MHD_gnutls_assert (); |
@@ -881,7 +888,7 @@ MHD_gtls_io_write_flush (MHD_gtls_session_t session) | |||
881 | 888 | ||
882 | ret = MHD_gtls_io_write_buffered (session, NULL, 0); | 889 | ret = MHD_gtls_io_write_buffered (session, NULL, 0); |
883 | MHD__gnutls_write_log ("WRITE FLUSH: %d [buffer: %d]\n", ret, | 890 | MHD__gnutls_write_log ("WRITE FLUSH: %d [buffer: %d]\n", ret, |
884 | session->internals.record_send_buffer.length); | 891 | session->internals.record_send_buffer.length); |
885 | 892 | ||
886 | return ret; | 893 | return ret; |
887 | } | 894 | } |
@@ -935,7 +942,7 @@ MHD_gtls_handshake_io_send_int (MHD_gtls_session_t session, | |||
935 | */ | 942 | */ |
936 | MHD_gnutls_assert (); | 943 | MHD_gnutls_assert (); |
937 | ret = MHD__gnutls_buffer_get (&session->internals.handshake_send_buffer, | 944 | ret = MHD__gnutls_buffer_get (&session->internals.handshake_send_buffer, |
938 | &ptr, &n); | 945 | &ptr, &n); |
939 | if (ret < 0) | 946 | if (ret < 0) |
940 | { | 947 | { |
941 | MHD_gnutls_assert (); | 948 | MHD_gnutls_assert (); |
@@ -957,7 +964,7 @@ MHD_gtls_handshake_io_send_int (MHD_gtls_session_t session, | |||
957 | size_t sum = 0, x, j; | 964 | size_t sum = 0, x, j; |
958 | 965 | ||
959 | MHD__gnutls_write_log ("HWRITE: will write %d bytes to %d.\n", n, | 966 | MHD__gnutls_write_log ("HWRITE: will write %d bytes to %d.\n", n, |
960 | MHD_gnutls_transport_get_ptr (session)); | 967 | MHD_gnutls_transport_get_ptr (session)); |
961 | for (x = 0; x < ((n) / 16) + 1; x++) | 968 | for (x = 0; x < ((n) / 16) + 1; x++) |
962 | { | 969 | { |
963 | if (sum > n) | 970 | if (sum > n) |
@@ -968,7 +975,8 @@ MHD_gtls_handshake_io_send_int (MHD_gtls_session_t session, | |||
968 | { | 975 | { |
969 | if (sum < n) | 976 | if (sum < n) |
970 | { | 977 | { |
971 | MHD__gnutls_write_log ("%.2x ", ((unsigned char *) ptr)[sum++]); | 978 | MHD__gnutls_write_log ("%.2x ", |
979 | ((unsigned char *) ptr)[sum++]); | ||
972 | } | 980 | } |
973 | else | 981 | else |
974 | break; | 982 | break; |
@@ -1009,9 +1017,9 @@ MHD_gtls_handshake_io_send_int (MHD_gtls_session_t session, | |||
1009 | MHD_gnutls_assert (); | 1017 | MHD_gnutls_assert (); |
1010 | 1018 | ||
1011 | retval = | 1019 | retval = |
1012 | MHD__gnutls_buffer_insert (&session->internals. | 1020 | MHD__gnutls_buffer_insert (&session-> |
1013 | handshake_send_buffer, &ptr[n - left], | 1021 | internals.handshake_send_buffer, |
1014 | left); | 1022 | &ptr[n - left], left); |
1015 | if (retval < 0) | 1023 | if (retval < 0) |
1016 | { | 1024 | { |
1017 | MHD_gnutls_assert (); | 1025 | MHD_gnutls_assert (); |
@@ -1112,8 +1120,9 @@ MHD_gtls_handshake_io_recv_int (MHD_gtls_session_t session, | |||
1112 | 1120 | ||
1113 | session->internals.handshake_recv_buffer.data | 1121 | session->internals.handshake_recv_buffer.data |
1114 | = | 1122 | = |
1115 | MHD_gtls_realloc_fast (session->internals. | 1123 | MHD_gtls_realloc_fast (session-> |
1116 | handshake_recv_buffer.data, dsize); | 1124 | internals.handshake_recv_buffer.data, |
1125 | dsize); | ||
1117 | if (session->internals.handshake_recv_buffer.data == NULL) | 1126 | if (session->internals.handshake_recv_buffer.data == NULL) |
1118 | { | 1127 | { |
1119 | MHD_gnutls_assert (); | 1128 | MHD_gnutls_assert (); |
@@ -1164,13 +1173,9 @@ MHD_gtls_handshake_buffer_put (MHD_gtls_session_t session, opaque * data, | |||
1164 | 1173 | ||
1165 | if ((session->internals.max_handshake_data_buffer_size > 0) && ((length | 1174 | if ((session->internals.max_handshake_data_buffer_size > 0) && ((length |
1166 | + | 1175 | + |
1167 | session-> | 1176 | session->internals.handshake_hash_buffer.length) |
1168 | internals. | 1177 | > |
1169 | handshake_hash_buffer. | 1178 | session->internals.max_handshake_data_buffer_size)) |
1170 | length) > | ||
1171 | session-> | ||
1172 | internals. | ||
1173 | max_handshake_data_buffer_size)) | ||
1174 | { | 1179 | { |
1175 | MHD_gnutls_assert (); | 1180 | MHD_gnutls_assert (); |
1176 | return GNUTLS_E_MEMORY_ERROR; | 1181 | return GNUTLS_E_MEMORY_ERROR; |
@@ -1224,7 +1229,7 @@ MHD_gtls_handshake_buffer_get_ptr (MHD_gtls_session_t session, | |||
1224 | *length = session->internals.handshake_hash_buffer.length; | 1229 | *length = session->internals.handshake_hash_buffer.length; |
1225 | 1230 | ||
1226 | MHD__gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n", | 1231 | MHD__gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n", |
1227 | session->internals.handshake_hash_buffer.length); | 1232 | session->internals.handshake_hash_buffer.length); |
1228 | 1233 | ||
1229 | if (data_ptr != NULL) | 1234 | if (data_ptr != NULL) |
1230 | *data_ptr = session->internals.handshake_hash_buffer.data; | 1235 | *data_ptr = session->internals.handshake_hash_buffer.data; |
diff --git a/src/daemon/https/tls/gnutls_cert.c b/src/daemon/https/tls/gnutls_cert.c index 45e001d6..d01d3918 100644 --- a/src/daemon/https/tls/gnutls_cert.c +++ b/src/daemon/https/tls/gnutls_cert.c | |||
@@ -210,7 +210,7 @@ MHD__gnutls_certificate_free_credentials (MHD_gtls_cert_credentials_t sc) | |||
210 | **/ | 210 | **/ |
211 | int | 211 | int |
212 | MHD__gnutls_certificate_allocate_credentials (MHD_gtls_cert_credentials_t * | 212 | MHD__gnutls_certificate_allocate_credentials (MHD_gtls_cert_credentials_t * |
213 | res) | 213 | res) |
214 | { | 214 | { |
215 | *res = MHD_gnutls_calloc (1, sizeof (MHD_gtls_cert_credentials_st)); | 215 | *res = MHD_gnutls_calloc (1, sizeof (MHD_gtls_cert_credentials_st)); |
216 | 216 | ||
@@ -271,7 +271,8 @@ MHD_gtls_selected_cert_supported_kx (MHD_gtls_session_t session, | |||
271 | return GNUTLS_E_INVALID_REQUEST; | 271 | return GNUTLS_E_INVALID_REQUEST; |
272 | } | 272 | } |
273 | 273 | ||
274 | *alg = MHD_gnutls_calloc (1, sizeof (enum MHD_GNUTLS_KeyExchangeAlgorithm) * i); | 274 | *alg = |
275 | MHD_gnutls_calloc (1, sizeof (enum MHD_GNUTLS_KeyExchangeAlgorithm) * i); | ||
275 | if (*alg == NULL) | 276 | if (*alg == NULL) |
276 | return GNUTLS_E_MEMORY_ERROR; | 277 | return GNUTLS_E_MEMORY_ERROR; |
277 | 278 | ||
@@ -550,8 +551,9 @@ MHD_gtls_certificate_expiration_time_peers (MHD_gtls_session_t session) | |||
550 | { | 551 | { |
551 | case MHD_GNUTLS_CRT_X509: | 552 | case MHD_GNUTLS_CRT_X509: |
552 | return | 553 | return |
553 | MHD__gnutls_x509_get_raw_crt_expiration_time (&info->raw_certificate_list | 554 | MHD__gnutls_x509_get_raw_crt_expiration_time (&info-> |
554 | [0]); | 555 | raw_certificate_list |
556 | [0]); | ||
555 | default: | 557 | default: |
556 | return (time_t) - 1; | 558 | return (time_t) - 1; |
557 | } | 559 | } |
@@ -589,8 +591,9 @@ MHD_gtls_certificate_activation_time_peers (MHD_gtls_session_t session) | |||
589 | { | 591 | { |
590 | case MHD_GNUTLS_CRT_X509: | 592 | case MHD_GNUTLS_CRT_X509: |
591 | return | 593 | return |
592 | MHD__gnutls_x509_get_raw_crt_activation_time (&info->raw_certificate_list | 594 | MHD__gnutls_x509_get_raw_crt_activation_time (&info-> |
593 | [0]); | 595 | raw_certificate_list |
596 | [0]); | ||
594 | default: | 597 | default: |
595 | return (time_t) - 1; | 598 | return (time_t) - 1; |
596 | } | 599 | } |
@@ -695,7 +698,8 @@ MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert, | |||
695 | } | 698 | } |
696 | 699 | ||
697 | ret = | 700 | ret = |
698 | MHD_gnutls_x509_crt_export (cert, GNUTLS_X509_FMT_DER, der, &der_size); | 701 | MHD_gnutls_x509_crt_export (cert, GNUTLS_X509_FMT_DER, der, |
702 | &der_size); | ||
699 | if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) | 703 | if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) |
700 | { | 704 | { |
701 | MHD_gnutls_assert (); | 705 | MHD_gnutls_assert (); |
@@ -714,7 +718,7 @@ MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert, | |||
714 | 718 | ||
715 | ret = | 719 | ret = |
716 | MHD_gnutls_x509_crt_export (cert, GNUTLS_X509_FMT_DER, der, | 720 | MHD_gnutls_x509_crt_export (cert, GNUTLS_X509_FMT_DER, der, |
717 | &der_size); | 721 | &der_size); |
718 | if (ret < 0) | 722 | if (ret < 0) |
719 | { | 723 | { |
720 | MHD_gnutls_assert (); | 724 | MHD_gnutls_assert (); |
@@ -736,13 +740,15 @@ MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert, | |||
736 | MHD_gnutls_x509_crt_get_key_usage (cert, &gcert->key_usage, NULL); | 740 | MHD_gnutls_x509_crt_get_key_usage (cert, &gcert->key_usage, NULL); |
737 | gcert->version = MHD_gnutls_x509_crt_get_version (cert); | 741 | gcert->version = MHD_gnutls_x509_crt_get_version (cert); |
738 | } | 742 | } |
739 | gcert->subject_pk_algorithm = MHD_gnutls_x509_crt_get_pk_algorithm (cert, NULL); | 743 | gcert->subject_pk_algorithm = |
744 | MHD_gnutls_x509_crt_get_pk_algorithm (cert, NULL); | ||
740 | 745 | ||
741 | if (flags & CERT_ONLY_PUBKEY || flags == 0) | 746 | if (flags & CERT_ONLY_PUBKEY || flags == 0) |
742 | { | 747 | { |
743 | gcert->params_size = MAX_PUBLIC_PARAMS_SIZE; | 748 | gcert->params_size = MAX_PUBLIC_PARAMS_SIZE; |
744 | ret = | 749 | ret = |
745 | MHD__gnutls_x509_crt_get_mpis (cert, gcert->params, &gcert->params_size); | 750 | MHD__gnutls_x509_crt_get_mpis (cert, gcert->params, |
751 | &gcert->params_size); | ||
746 | if (ret < 0) | 752 | if (ret < 0) |
747 | { | 753 | { |
748 | MHD_gnutls_assert (); | 754 | MHD_gnutls_assert (); |
diff --git a/src/daemon/https/tls/gnutls_cert.h b/src/daemon/https/tls/gnutls_cert.h index b759fca5..ee3b3ca8 100644 --- a/src/daemon/https/tls/gnutls_cert.h +++ b/src/daemon/https/tls/gnutls_cert.h | |||
@@ -110,7 +110,8 @@ typedef enum ConvFlags | |||
110 | int MHD_gtls_x509_raw_cert_to_gcert (MHD_gnutls_cert * gcert, | 110 | int MHD_gtls_x509_raw_cert_to_gcert (MHD_gnutls_cert * gcert, |
111 | const MHD_gnutls_datum_t * derCert, | 111 | const MHD_gnutls_datum_t * derCert, |
112 | int flags); | 112 | int flags); |
113 | int MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert, MHD_gnutls_x509_crt_t cert, | 113 | int MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert, |
114 | MHD_gnutls_x509_crt_t cert, | ||
114 | unsigned int flags); | 115 | unsigned int flags); |
115 | 116 | ||
116 | void MHD_gtls_gkey_deinit (MHD_gnutls_privkey * key); | 117 | void MHD_gtls_gkey_deinit (MHD_gnutls_privkey * key); |
diff --git a/src/daemon/https/tls/gnutls_cipher.c b/src/daemon/https/tls/gnutls_cipher.c index 9ff19759..757fd06d 100644 --- a/src/daemon/https/tls/gnutls_cipher.c +++ b/src/daemon/https/tls/gnutls_cipher.c | |||
@@ -244,7 +244,7 @@ calc_enc_length (MHD_gtls_session_t session, int data_size, | |||
244 | 244 | ||
245 | break; | 245 | break; |
246 | case CIPHER_BLOCK: | 246 | case CIPHER_BLOCK: |
247 | if (MHD_gc_nonce ((char*) &rnd, 1) != GC_OK) | 247 | if (MHD_gc_nonce ((char *) &rnd, 1) != GC_OK) |
248 | { | 248 | { |
249 | MHD_gnutls_assert (); | 249 | MHD_gnutls_assert (); |
250 | return GNUTLS_E_RANDOM_FAILED; | 250 | return GNUTLS_E_RANDOM_FAILED; |
@@ -302,15 +302,15 @@ MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session, | |||
302 | uint8_t type = _type; | 302 | uint8_t type = _type; |
303 | uint8_t major, minor; | 303 | uint8_t major, minor; |
304 | int hash_size = | 304 | int hash_size = |
305 | MHD_gnutls_hash_get_algo_len (session->security_parameters. | 305 | MHD_gnutls_hash_get_algo_len (session-> |
306 | write_mac_algorithm); | 306 | security_parameters.write_mac_algorithm); |
307 | enum MHD_GNUTLS_Protocol ver; | 307 | enum MHD_GNUTLS_Protocol ver; |
308 | int blocksize = | 308 | int blocksize = |
309 | MHD_gtls_cipher_get_block_size (session->security_parameters. | 309 | MHD_gtls_cipher_get_block_size (session-> |
310 | write_bulk_cipher_algorithm); | 310 | security_parameters.write_bulk_cipher_algorithm); |
311 | cipher_type_t block_algo = | 311 | cipher_type_t block_algo = |
312 | MHD_gtls_cipher_is_block (session->security_parameters. | 312 | MHD_gtls_cipher_is_block (session-> |
313 | write_bulk_cipher_algorithm); | 313 | security_parameters.write_bulk_cipher_algorithm); |
314 | opaque *data_ptr; | 314 | opaque *data_ptr; |
315 | 315 | ||
316 | 316 | ||
@@ -337,8 +337,9 @@ MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session, | |||
337 | if (td != GNUTLS_MAC_FAILED) | 337 | if (td != GNUTLS_MAC_FAILED) |
338 | { /* actually when the algorithm in not the NULL one */ | 338 | { /* actually when the algorithm in not the NULL one */ |
339 | MHD_gnutls_hash (td, | 339 | MHD_gnutls_hash (td, |
340 | UINT64DATA (session->connection_state. | 340 | UINT64DATA (session-> |
341 | write_sequence_number), 8); | 341 | connection_state.write_sequence_number), |
342 | 8); | ||
342 | 343 | ||
343 | MHD_gnutls_hash (td, &type, 1); | 344 | MHD_gnutls_hash (td, &type, 1); |
344 | if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0) | 345 | if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0) |
@@ -377,7 +378,7 @@ MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session, | |||
377 | { | 378 | { |
378 | /* copy the random IV. | 379 | /* copy the random IV. |
379 | */ | 380 | */ |
380 | if (MHD_gc_nonce ((char*) data_ptr, blocksize) != GC_OK) | 381 | if (MHD_gc_nonce ((char *) data_ptr, blocksize) != GC_OK) |
381 | { | 382 | { |
382 | MHD_gnutls_assert (); | 383 | MHD_gnutls_assert (); |
383 | return GNUTLS_E_RANDOM_FAILED; | 384 | return GNUTLS_E_RANDOM_FAILED; |
@@ -432,16 +433,16 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session, | |||
432 | uint8_t major, minor; | 433 | uint8_t major, minor; |
433 | enum MHD_GNUTLS_Protocol ver; | 434 | enum MHD_GNUTLS_Protocol ver; |
434 | int hash_size = | 435 | int hash_size = |
435 | MHD_gnutls_hash_get_algo_len (session->security_parameters. | 436 | MHD_gnutls_hash_get_algo_len (session-> |
436 | read_mac_algorithm); | 437 | security_parameters.read_mac_algorithm); |
437 | 438 | ||
438 | ver = MHD__gnutls_protocol_get_version (session); | 439 | ver = MHD__gnutls_protocol_get_version (session); |
439 | minor = MHD_gtls_version_get_minor (ver); | 440 | minor = MHD_gtls_version_get_minor (ver); |
440 | major = MHD_gtls_version_get_major (ver); | 441 | major = MHD_gtls_version_get_major (ver); |
441 | 442 | ||
442 | blocksize = | 443 | blocksize = |
443 | MHD_gtls_cipher_get_block_size (session->security_parameters. | 444 | MHD_gtls_cipher_get_block_size (session-> |
444 | read_bulk_cipher_algorithm); | 445 | security_parameters.read_bulk_cipher_algorithm); |
445 | 446 | ||
446 | /* initialize MAC | 447 | /* initialize MAC |
447 | */ | 448 | */ |
@@ -465,9 +466,9 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session, | |||
465 | { | 466 | { |
466 | case CIPHER_STREAM: | 467 | case CIPHER_STREAM: |
467 | if ((ret = | 468 | if ((ret = |
468 | MHD_gtls_cipher_decrypt (session->connection_state. | 469 | MHD_gtls_cipher_decrypt (session-> |
469 | read_cipher_state, ciphertext.data, | 470 | connection_state.read_cipher_state, |
470 | ciphertext.size)) < 0) | 471 | ciphertext.data, ciphertext.size)) < 0) |
471 | { | 472 | { |
472 | MHD_gnutls_assert (); | 473 | MHD_gnutls_assert (); |
473 | return ret; | 474 | return ret; |
@@ -484,9 +485,9 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session, | |||
484 | } | 485 | } |
485 | 486 | ||
486 | if ((ret = | 487 | if ((ret = |
487 | MHD_gtls_cipher_decrypt (session->connection_state. | 488 | MHD_gtls_cipher_decrypt (session-> |
488 | read_cipher_state, ciphertext.data, | 489 | connection_state.read_cipher_state, |
489 | ciphertext.size)) < 0) | 490 | ciphertext.data, ciphertext.size)) < 0) |
490 | { | 491 | { |
491 | MHD_gnutls_assert (); | 492 | MHD_gnutls_assert (); |
492 | return ret; | 493 | return ret; |
@@ -544,8 +545,8 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session, | |||
544 | if (td != GNUTLS_MAC_FAILED) | 545 | if (td != GNUTLS_MAC_FAILED) |
545 | { | 546 | { |
546 | MHD_gnutls_hash (td, | 547 | MHD_gnutls_hash (td, |
547 | UINT64DATA (session->connection_state. | 548 | UINT64DATA (session-> |
548 | read_sequence_number), 8); | 549 | connection_state.read_sequence_number), 8); |
549 | 550 | ||
550 | MHD_gnutls_hash (td, &type, 1); | 551 | MHD_gnutls_hash (td, &type, 1); |
551 | if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0) | 552 | if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0) |
diff --git a/src/daemon/https/tls/gnutls_cipher.h b/src/daemon/https/tls/gnutls_cipher.h index ab86d380..b8dc0070 100644 --- a/src/daemon/https/tls/gnutls_cipher.h +++ b/src/daemon/https/tls/gnutls_cipher.h | |||
@@ -37,4 +37,5 @@ int MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session, | |||
37 | content_type_t _type, int random_pad); | 37 | content_type_t _type, int random_pad); |
38 | int MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session, | 38 | int MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session, |
39 | opaque * compress_data, int compress_size, | 39 | opaque * compress_data, int compress_size, |
40 | MHD_gnutls_datum_t ciphertext, uint8_t type); | 40 | MHD_gnutls_datum_t ciphertext, |
41 | uint8_t type); | ||
diff --git a/src/daemon/https/tls/gnutls_cipher_int.c b/src/daemon/https/tls/gnutls_cipher_int.c index 21fda10c..9861fab1 100644 --- a/src/daemon/https/tls/gnutls_cipher_int.c +++ b/src/daemon/https/tls/gnutls_cipher_int.c | |||
@@ -29,7 +29,8 @@ | |||
29 | 29 | ||
30 | cipher_hd_t | 30 | cipher_hd_t |
31 | MHD_gtls_cipher_init (enum MHD_GNUTLS_CipherAlgorithm cipher, | 31 | MHD_gtls_cipher_init (enum MHD_GNUTLS_CipherAlgorithm cipher, |
32 | const MHD_gnutls_datum_t * key, const MHD_gnutls_datum_t * iv) | 32 | const MHD_gnutls_datum_t * key, |
33 | const MHD_gnutls_datum_t * iv) | ||
33 | { | 34 | { |
34 | cipher_hd_t ret = NULL; | 35 | cipher_hd_t ret = NULL; |
35 | int err = GC_INVALID_CIPHER; /* doesn't matter */ | 36 | int err = GC_INVALID_CIPHER; /* doesn't matter */ |
@@ -80,9 +81,9 @@ MHD_gtls_cipher_init (enum MHD_GNUTLS_CipherAlgorithm cipher, | |||
80 | 81 | ||
81 | if (err == 0) | 82 | if (err == 0) |
82 | { | 83 | { |
83 | MHD_gc_cipher_setkey (ret, key->size, (const char*) key->data); | 84 | MHD_gc_cipher_setkey (ret, key->size, (const char *) key->data); |
84 | if (iv->data != NULL && iv->size > 0) | 85 | if (iv->data != NULL && iv->size > 0) |
85 | MHD_gc_cipher_setiv (ret, iv->size, (const char*) iv->data); | 86 | MHD_gc_cipher_setiv (ret, iv->size, (const char *) iv->data); |
86 | } | 87 | } |
87 | else if (cipher != MHD_GNUTLS_CIPHER_NULL) | 88 | else if (cipher != MHD_GNUTLS_CIPHER_NULL) |
88 | { | 89 | { |
@@ -114,7 +115,8 @@ MHD_gtls_cipher_decrypt (cipher_hd_t handle, void *ciphertext, | |||
114 | { | 115 | { |
115 | if (handle != GNUTLS_CIPHER_FAILED) | 116 | if (handle != GNUTLS_CIPHER_FAILED) |
116 | { | 117 | { |
117 | if (MHD_gc_cipher_decrypt_inline (handle, ciphertextlen, ciphertext) != 0) | 118 | if (MHD_gc_cipher_decrypt_inline (handle, ciphertextlen, ciphertext) != |
119 | 0) | ||
118 | { | 120 | { |
119 | MHD_gnutls_assert (); | 121 | MHD_gnutls_assert (); |
120 | return GNUTLS_E_INTERNAL_ERROR; | 122 | return GNUTLS_E_INTERNAL_ERROR; |
diff --git a/src/daemon/https/tls/gnutls_compress.c b/src/daemon/https/tls/gnutls_compress.c index 9552a72a..3fc4f41c 100644 --- a/src/daemon/https/tls/gnutls_compress.c +++ b/src/daemon/https/tls/gnutls_compress.c | |||
@@ -35,8 +35,8 @@ | |||
35 | */ | 35 | */ |
36 | int | 36 | int |
37 | MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session, | 37 | MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session, |
38 | MHD_gnutls_datum_t * compressed, | 38 | MHD_gnutls_datum_t * compressed, |
39 | const MHD_gnutls_datum_t * plaintext) | 39 | const MHD_gnutls_datum_t * plaintext) |
40 | { | 40 | { |
41 | int size; | 41 | int size; |
42 | opaque *data; | 42 | opaque *data; |
@@ -58,8 +58,8 @@ MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session, | |||
58 | 58 | ||
59 | int | 59 | int |
60 | MHD__gnutls_m_compressed2plaintext (MHD_gtls_session_t session, | 60 | MHD__gnutls_m_compressed2plaintext (MHD_gtls_session_t session, |
61 | MHD_gnutls_datum_t * plain, | 61 | MHD_gnutls_datum_t * plain, |
62 | const MHD_gnutls_datum_t * compressed) | 62 | const MHD_gnutls_datum_t * compressed) |
63 | { | 63 | { |
64 | int size; | 64 | int size; |
65 | opaque *data; | 65 | opaque *data; |
diff --git a/src/daemon/https/tls/gnutls_compress.h b/src/daemon/https/tls/gnutls_compress.h index c950e95d..c7a95c8b 100644 --- a/src/daemon/https/tls/gnutls_compress.h +++ b/src/daemon/https/tls/gnutls_compress.h | |||
@@ -23,8 +23,9 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | int MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session, | 25 | int MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session, |
26 | MHD_gnutls_datum_t * compressed, | 26 | MHD_gnutls_datum_t * compressed, |
27 | const MHD_gnutls_datum_t * plaintext); | 27 | const MHD_gnutls_datum_t * plaintext); |
28 | int MHD__gnutls_m_compressed2plaintext (MHD_gtls_session_t session, | 28 | int MHD__gnutls_m_compressed2plaintext (MHD_gtls_session_t session, |
29 | MHD_gnutls_datum_t * plain, | 29 | MHD_gnutls_datum_t * plain, |
30 | const MHD_gnutls_datum_t * compressed); | 30 | const MHD_gnutls_datum_t * |
31 | compressed); | ||
diff --git a/src/daemon/https/tls/gnutls_compress_int.c b/src/daemon/https/tls/gnutls_compress_int.c index 07ffd5e1..2006f8e6 100644 --- a/src/daemon/https/tls/gnutls_compress_int.c +++ b/src/daemon/https/tls/gnutls_compress_int.c | |||
@@ -52,7 +52,7 @@ MHD_gtls_comp_init (enum MHD_GNUTLS_CompressionMethod method, int d) | |||
52 | { | 52 | { |
53 | int window_bits, mem_level; | 53 | int window_bits, mem_level; |
54 | int comp_level; | 54 | int comp_level; |
55 | int err; | 55 | int err; |
56 | z_stream *zhandle; | 56 | z_stream *zhandle; |
57 | 57 | ||
58 | window_bits = MHD_gtls_compression_get_wbits (method); | 58 | window_bits = MHD_gtls_compression_get_wbits (method); |
@@ -74,10 +74,10 @@ MHD_gtls_comp_init (enum MHD_GNUTLS_CompressionMethod method, int d) | |||
74 | 74 | ||
75 | if (d) | 75 | if (d) |
76 | err = inflateInit2 (zhandle, window_bits); | 76 | err = inflateInit2 (zhandle, window_bits); |
77 | else | 77 | else |
78 | err = deflateInit2 (zhandle, | 78 | err = deflateInit2 (zhandle, |
79 | comp_level, Z_DEFLATED, | 79 | comp_level, Z_DEFLATED, |
80 | window_bits, mem_level, Z_DEFAULT_STRATEGY); | 80 | window_bits, mem_level, Z_DEFAULT_STRATEGY); |
81 | if (err != Z_OK) | 81 | if (err != Z_OK) |
82 | { | 82 | { |
83 | MHD_gnutls_assert (); | 83 | MHD_gnutls_assert (); |
@@ -111,7 +111,7 @@ MHD_gtls_comp_deinit (comp_hd_t handle, int d) | |||
111 | switch (handle->algo) | 111 | switch (handle->algo) |
112 | { | 112 | { |
113 | #ifdef HAVE_LIBZ | 113 | #ifdef HAVE_LIBZ |
114 | int err; | 114 | int err; |
115 | case MHD_GNUTLS_COMP_DEFLATE: | 115 | case MHD_GNUTLS_COMP_DEFLATE: |
116 | if (d) | 116 | if (d) |
117 | err = inflateEnd (handle->handle); | 117 | err = inflateEnd (handle->handle); |
@@ -154,7 +154,7 @@ MHD_gtls_compress (comp_hd_t handle, const opaque * plain, | |||
154 | { | 154 | { |
155 | uLongf size; | 155 | uLongf size; |
156 | z_stream *zhandle; | 156 | z_stream *zhandle; |
157 | int err; | 157 | int err; |
158 | 158 | ||
159 | size = (plain_size + plain_size) + 10; | 159 | size = (plain_size + plain_size) + 10; |
160 | *compressed = MHD_gnutls_malloc (size); | 160 | *compressed = MHD_gnutls_malloc (size); |
@@ -192,7 +192,8 @@ MHD_gtls_compress (comp_hd_t handle, const opaque * plain, | |||
192 | 192 | ||
193 | #ifdef COMPRESSION_DEBUG | 193 | #ifdef COMPRESSION_DEBUG |
194 | MHD__gnutls_debug_log ("Compression ratio: %f\n", | 194 | MHD__gnutls_debug_log ("Compression ratio: %f\n", |
195 | (float) ((float) compressed_size / (float) plain_size)); | 195 | (float) ((float) compressed_size / |
196 | (float) plain_size)); | ||
196 | #endif | 197 | #endif |
197 | 198 | ||
198 | if ((size_t) compressed_size > max_comp_size) | 199 | if ((size_t) compressed_size > max_comp_size) |
@@ -234,10 +235,10 @@ MHD_gtls_decompress (comp_hd_t handle, opaque * compressed, | |||
234 | #ifdef HAVE_LIBZ | 235 | #ifdef HAVE_LIBZ |
235 | case MHD_GNUTLS_COMP_DEFLATE: | 236 | case MHD_GNUTLS_COMP_DEFLATE: |
236 | { | 237 | { |
237 | int err; | 238 | int err; |
238 | uLongf out_size; | 239 | uLongf out_size; |
239 | z_stream *zhandle; | 240 | z_stream *zhandle; |
240 | unsigned int cur_pos; | 241 | unsigned int cur_pos; |
241 | 242 | ||
242 | *plain = NULL; | 243 | *plain = NULL; |
243 | out_size = compressed_size + compressed_size; | 244 | out_size = compressed_size + compressed_size; |
diff --git a/src/daemon/https/tls/gnutls_constate.c b/src/daemon/https/tls/gnutls_constate.c index 41aff98c..11c8beca 100644 --- a/src/daemon/https/tls/gnutls_constate.c +++ b/src/daemon/https/tls/gnutls_constate.c | |||
@@ -57,7 +57,7 @@ static const int servwrite_length = sizeof (servwrite) - 1; | |||
57 | */ | 57 | */ |
58 | int | 58 | int |
59 | MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, | 59 | MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, |
60 | int key_size, int export_flag) | 60 | int key_size, int export_flag) |
61 | { | 61 | { |
62 | 62 | ||
63 | /* FIXME: This function is too long | 63 | /* FIXME: This function is too long |
@@ -107,8 +107,9 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, | |||
107 | else | 107 | else |
108 | { /* TLS 1.0 */ | 108 | { /* TLS 1.0 */ |
109 | ret = | 109 | ret = |
110 | MHD_gtls_PRF (session, (const unsigned char*) session->security_parameters.master_secret, | 110 | MHD_gtls_PRF (session, |
111 | TLS_MASTER_SIZE, keyexp, keyexp_length, | 111 | (const unsigned char *) session->security_parameters. |
112 | master_secret, TLS_MASTER_SIZE, keyexp, keyexp_length, | ||
112 | rnd, 2 * TLS_RANDOM_SIZE, block_size, key_block); | 113 | rnd, 2 * TLS_RANDOM_SIZE, block_size, key_block); |
113 | } | 114 | } |
114 | 115 | ||
@@ -120,8 +121,8 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, | |||
120 | } | 121 | } |
121 | 122 | ||
122 | MHD__gnutls_hard_log ("INT: KEY BLOCK[%d]: %s\n", block_size, | 123 | MHD__gnutls_hard_log ("INT: KEY BLOCK[%d]: %s\n", block_size, |
123 | MHD_gtls_bin2hex (key_block, block_size, buf, | 124 | MHD_gtls_bin2hex (key_block, block_size, buf, |
124 | sizeof (buf))); | 125 | sizeof (buf))); |
125 | 126 | ||
126 | pos = 0; | 127 | pos = 0; |
127 | if (hash_size > 0) | 128 | if (hash_size > 0) |
@@ -187,7 +188,8 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, | |||
187 | 188 | ||
188 | /* generate the final keys */ | 189 | /* generate the final keys */ |
189 | 190 | ||
190 | if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3) | 191 | if (session->security_parameters.version == |
192 | MHD_GNUTLS_PROTOCOL_SSL3) | ||
191 | { /* SSL 3 */ | 193 | { /* SSL 3 */ |
192 | ret = | 194 | ret = |
193 | MHD_gnutls_ssl3_hash_md5 (&key_block[pos], | 195 | MHD_gnutls_ssl3_hash_md5 (&key_block[pos], |
@@ -219,7 +221,8 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, | |||
219 | client_write_key_size = EXPORT_FINAL_KEY_SIZE; | 221 | client_write_key_size = EXPORT_FINAL_KEY_SIZE; |
220 | pos += key_size; | 222 | pos += key_size; |
221 | 223 | ||
222 | if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3) | 224 | if (session->security_parameters.version == |
225 | MHD_GNUTLS_PROTOCOL_SSL3) | ||
223 | { /* SSL 3 */ | 226 | { /* SSL 3 */ |
224 | ret = | 227 | ret = |
225 | MHD_gnutls_ssl3_hash_md5 (&key_block[pos], key_size, | 228 | MHD_gnutls_ssl3_hash_md5 (&key_block[pos], key_size, |
@@ -259,10 +262,10 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, | |||
259 | return GNUTLS_E_MEMORY_ERROR; | 262 | return GNUTLS_E_MEMORY_ERROR; |
260 | } | 263 | } |
261 | MHD__gnutls_hard_log ("INT: CLIENT WRITE KEY [%d]: %s\n", | 264 | MHD__gnutls_hard_log ("INT: CLIENT WRITE KEY [%d]: %s\n", |
262 | client_write_key_size, | 265 | client_write_key_size, |
263 | MHD_gtls_bin2hex (client_write_key, | 266 | MHD_gtls_bin2hex (client_write_key, |
264 | client_write_key_size, buf, | 267 | client_write_key_size, buf, |
265 | sizeof (buf))); | 268 | sizeof (buf))); |
266 | 269 | ||
267 | if (MHD__gnutls_sset_datum | 270 | if (MHD__gnutls_sset_datum |
268 | (&session->cipher_specs.server_write_key, | 271 | (&session->cipher_specs.server_write_key, |
@@ -275,10 +278,10 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, | |||
275 | } | 278 | } |
276 | 279 | ||
277 | MHD__gnutls_hard_log ("INT: SERVER WRITE KEY [%d]: %s\n", | 280 | MHD__gnutls_hard_log ("INT: SERVER WRITE KEY [%d]: %s\n", |
278 | server_write_key_size, | 281 | server_write_key_size, |
279 | MHD_gtls_bin2hex (server_write_key, | 282 | MHD_gtls_bin2hex (server_write_key, |
280 | server_write_key_size, buf, | 283 | server_write_key_size, buf, |
281 | sizeof (buf))); | 284 | sizeof (buf))); |
282 | 285 | ||
283 | if (free_keys != 0) | 286 | if (free_keys != 0) |
284 | { | 287 | { |
@@ -342,7 +345,7 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, | |||
342 | } | 345 | } |
343 | else | 346 | else |
344 | { /* TLS 1.0 */ | 347 | { /* TLS 1.0 */ |
345 | ret = MHD_gtls_PRF (session, (const unsigned char*) "", 0, | 348 | ret = MHD_gtls_PRF (session, (const unsigned char *) "", 0, |
346 | ivblock, ivblock_length, rrnd, | 349 | ivblock, ivblock_length, rrnd, |
347 | 2 * TLS_RANDOM_SIZE, IV_size * 2, iv_block); | 350 | 2 * TLS_RANDOM_SIZE, IV_size * 2, iv_block); |
348 | } | 351 | } |
@@ -400,7 +403,7 @@ MHD__gnutls_set_read_keys (MHD_gtls_session_t session) | |||
400 | export_flag = MHD_gtls_cipher_get_export_flag (algo); | 403 | export_flag = MHD_gtls_cipher_get_export_flag (algo); |
401 | 404 | ||
402 | return MHD__gnutls_set_keys (session, hash_size, IV_size, key_size, | 405 | return MHD__gnutls_set_keys (session, hash_size, IV_size, key_size, |
403 | export_flag); | 406 | export_flag); |
404 | } | 407 | } |
405 | 408 | ||
406 | int | 409 | int |
@@ -421,7 +424,7 @@ MHD__gnutls_set_write_keys (MHD_gtls_session_t session) | |||
421 | export_flag = MHD_gtls_cipher_get_export_flag (algo); | 424 | export_flag = MHD_gtls_cipher_get_export_flag (algo); |
422 | 425 | ||
423 | return MHD__gnutls_set_keys (session, hash_size, IV_size, key_size, | 426 | return MHD__gnutls_set_keys (session, hash_size, IV_size, key_size, |
424 | export_flag); | 427 | export_flag); |
425 | } | 428 | } |
426 | 429 | ||
427 | #define CPY_COMMON dst->entity = src->entity; \ | 430 | #define CPY_COMMON dst->entity = src->entity; \ |
@@ -442,7 +445,8 @@ MHD__gnutls_set_write_keys (MHD_gtls_session_t session) | |||
442 | 445 | ||
443 | static void | 446 | static void |
444 | MHD__gnutls_cpy_read_security_parameters (MHD_gtls_security_param_st * | 447 | MHD__gnutls_cpy_read_security_parameters (MHD_gtls_security_param_st * |
445 | dst, MHD_gtls_security_param_st * src) | 448 | dst, |
449 | MHD_gtls_security_param_st * src) | ||
446 | { | 450 | { |
447 | CPY_COMMON; | 451 | CPY_COMMON; |
448 | 452 | ||
@@ -453,7 +457,8 @@ MHD__gnutls_cpy_read_security_parameters (MHD_gtls_security_param_st * | |||
453 | 457 | ||
454 | static void | 458 | static void |
455 | MHD__gnutls_cpy_write_security_parameters (MHD_gtls_security_param_st * | 459 | MHD__gnutls_cpy_write_security_parameters (MHD_gtls_security_param_st * |
456 | dst, MHD_gtls_security_param_st * src) | 460 | dst, |
461 | MHD_gtls_security_param_st * src) | ||
457 | { | 462 | { |
458 | CPY_COMMON; | 463 | CPY_COMMON; |
459 | 464 | ||
@@ -504,35 +509,35 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session) | |||
504 | { | 509 | { |
505 | rc = MHD_gtls_set_read_cipher (session, | 510 | rc = MHD_gtls_set_read_cipher (session, |
506 | MHD_gtls_cipher_suite_get_cipher_algo | 511 | MHD_gtls_cipher_suite_get_cipher_algo |
507 | (&session->security_parameters. | 512 | (&session-> |
508 | current_cipher_suite)); | 513 | security_parameters.current_cipher_suite)); |
509 | if (rc < 0) | 514 | if (rc < 0) |
510 | return rc; | 515 | return rc; |
511 | rc = MHD_gtls_set_read_mac (session, | 516 | rc = MHD_gtls_set_read_mac (session, |
512 | MHD_gtls_cipher_suite_get_mac_algo | 517 | MHD_gtls_cipher_suite_get_mac_algo |
513 | (&session->security_parameters. | 518 | (&session-> |
514 | current_cipher_suite)); | 519 | security_parameters.current_cipher_suite)); |
515 | if (rc < 0) | 520 | if (rc < 0) |
516 | return rc; | 521 | return rc; |
517 | 522 | ||
518 | rc = MHD_gtls_set_kx (session, | 523 | rc = MHD_gtls_set_kx (session, |
519 | MHD_gtls_cipher_suite_get_kx_algo | 524 | MHD_gtls_cipher_suite_get_kx_algo |
520 | (&session->security_parameters. | 525 | (&session-> |
521 | current_cipher_suite)); | 526 | security_parameters.current_cipher_suite)); |
522 | if (rc < 0) | 527 | if (rc < 0) |
523 | return rc; | 528 | return rc; |
524 | 529 | ||
525 | rc = MHD_gtls_set_read_compression (session, | 530 | rc = MHD_gtls_set_read_compression (session, |
526 | session->internals. | 531 | session-> |
527 | compression_method); | 532 | internals.compression_method); |
528 | if (rc < 0) | 533 | if (rc < 0) |
529 | return rc; | 534 | return rc; |
530 | } | 535 | } |
531 | else | 536 | else |
532 | { /* RESUME_TRUE */ | 537 | { /* RESUME_TRUE */ |
533 | MHD__gnutls_cpy_read_security_parameters (&session->security_parameters, | 538 | MHD__gnutls_cpy_read_security_parameters (&session->security_parameters, |
534 | &session->internals. | 539 | &session-> |
535 | resumed_security_parameters); | 540 | internals.resumed_security_parameters); |
536 | } | 541 | } |
537 | 542 | ||
538 | 543 | ||
@@ -541,10 +546,10 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session) | |||
541 | return rc; | 546 | return rc; |
542 | 547 | ||
543 | MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", | 548 | MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", |
544 | session, | 549 | session, |
545 | MHD_gtls_cipher_suite_get_name | 550 | MHD_gtls_cipher_suite_get_name |
546 | (&session->security_parameters. | 551 | (&session-> |
547 | current_cipher_suite)); | 552 | security_parameters.current_cipher_suite)); |
548 | 553 | ||
549 | if (MHD_gtls_compression_is_ok | 554 | if (MHD_gtls_compression_is_ok |
550 | (session->security_parameters.read_compression_algorithm) != 0) | 555 | (session->security_parameters.read_compression_algorithm) != 0) |
@@ -574,8 +579,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session) | |||
574 | 579 | ||
575 | 580 | ||
576 | mac_size = | 581 | mac_size = |
577 | MHD_gnutls_hash_get_algo_len (session->security_parameters. | 582 | MHD_gnutls_hash_get_algo_len (session-> |
578 | read_mac_algorithm); | 583 | security_parameters.read_mac_algorithm); |
579 | 584 | ||
580 | MHD__gnutls_handshake_log | 585 | MHD__gnutls_handshake_log |
581 | ("HSK[%x]: Initializing internal [read] cipher sessions\n", session); | 586 | ("HSK[%x]: Initializing internal [read] cipher sessions\n", session); |
@@ -586,8 +591,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session) | |||
586 | /* initialize cipher session | 591 | /* initialize cipher session |
587 | */ | 592 | */ |
588 | session->connection_state.read_cipher_state = | 593 | session->connection_state.read_cipher_state = |
589 | MHD_gtls_cipher_init (session->security_parameters. | 594 | MHD_gtls_cipher_init (session-> |
590 | read_bulk_cipher_algorithm, | 595 | security_parameters.read_bulk_cipher_algorithm, |
591 | &session->cipher_specs.client_write_key, | 596 | &session->cipher_specs.client_write_key, |
592 | &session->cipher_specs.client_write_IV); | 597 | &session->cipher_specs.client_write_IV); |
593 | if (session->connection_state.read_cipher_state == GNUTLS_CIPHER_FAILED | 598 | if (session->connection_state.read_cipher_state == GNUTLS_CIPHER_FAILED |
@@ -603,11 +608,10 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session) | |||
603 | */ | 608 | */ |
604 | if (mac_size > 0) | 609 | if (mac_size > 0) |
605 | { | 610 | { |
606 | if (MHD__gnutls_sset_datum (&session->connection_state.read_mac_secret, | 611 | if (MHD__gnutls_sset_datum |
607 | session->cipher_specs. | 612 | (&session->connection_state.read_mac_secret, |
608 | client_write_mac_secret.data, | 613 | session->cipher_specs.client_write_mac_secret.data, |
609 | session->cipher_specs. | 614 | session->cipher_specs.client_write_mac_secret.size) < 0) |
610 | client_write_mac_secret.size) < 0) | ||
611 | { | 615 | { |
612 | MHD_gnutls_assert (); | 616 | MHD_gnutls_assert (); |
613 | return GNUTLS_E_MEMORY_ERROR; | 617 | return GNUTLS_E_MEMORY_ERROR; |
@@ -619,8 +623,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session) | |||
619 | #if MHD_DEBUG_TLS | 623 | #if MHD_DEBUG_TLS |
620 | case GNUTLS_CLIENT: | 624 | case GNUTLS_CLIENT: |
621 | session->connection_state.read_cipher_state = | 625 | session->connection_state.read_cipher_state = |
622 | MHD_gtls_cipher_init (session->security_parameters. | 626 | MHD_gtls_cipher_init (session-> |
623 | read_bulk_cipher_algorithm, | 627 | security_parameters.read_bulk_cipher_algorithm, |
624 | &session->cipher_specs.server_write_key, | 628 | &session->cipher_specs.server_write_key, |
625 | &session->cipher_specs.server_write_IV); | 629 | &session->cipher_specs.server_write_IV); |
626 | 630 | ||
@@ -638,11 +642,10 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session) | |||
638 | */ | 642 | */ |
639 | if (mac_size > 0) | 643 | if (mac_size > 0) |
640 | { | 644 | { |
641 | if (MHD__gnutls_sset_datum (&session->connection_state.read_mac_secret, | 645 | if (MHD__gnutls_sset_datum |
642 | session->cipher_specs. | 646 | (&session->connection_state.read_mac_secret, |
643 | server_write_mac_secret.data, | 647 | session->cipher_specs.server_write_mac_secret.data, |
644 | session->cipher_specs. | 648 | session->cipher_specs.server_write_mac_secret.size) < 0) |
645 | server_write_mac_secret.size) < 0) | ||
646 | { | 649 | { |
647 | MHD_gnutls_assert (); | 650 | MHD_gnutls_assert (); |
648 | return GNUTLS_E_MEMORY_ERROR; | 651 | return GNUTLS_E_MEMORY_ERROR; |
@@ -657,8 +660,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session) | |||
657 | } | 660 | } |
658 | 661 | ||
659 | session->connection_state.read_compression_state = | 662 | session->connection_state.read_compression_state = |
660 | MHD_gtls_comp_init (session->security_parameters. | 663 | MHD_gtls_comp_init (session-> |
661 | read_compression_algorithm, 1); | 664 | security_parameters.read_compression_algorithm, 1); |
662 | 665 | ||
663 | if (session->connection_state.read_compression_state == GNUTLS_COMP_FAILED) | 666 | if (session->connection_state.read_compression_state == GNUTLS_COMP_FAILED) |
664 | { | 667 | { |
@@ -689,35 +692,36 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session) | |||
689 | { | 692 | { |
690 | rc = MHD_gtls_set_write_cipher (session, | 693 | rc = MHD_gtls_set_write_cipher (session, |
691 | MHD_gtls_cipher_suite_get_cipher_algo | 694 | MHD_gtls_cipher_suite_get_cipher_algo |
692 | (&session->security_parameters. | 695 | (&session-> |
693 | current_cipher_suite)); | 696 | security_parameters.current_cipher_suite)); |
694 | if (rc < 0) | 697 | if (rc < 0) |
695 | return rc; | 698 | return rc; |
696 | rc = MHD_gtls_set_write_mac (session, | 699 | rc = MHD_gtls_set_write_mac (session, |
697 | MHD_gtls_cipher_suite_get_mac_algo | 700 | MHD_gtls_cipher_suite_get_mac_algo |
698 | (&session->security_parameters. | 701 | (&session-> |
699 | current_cipher_suite)); | 702 | security_parameters.current_cipher_suite)); |
700 | if (rc < 0) | 703 | if (rc < 0) |
701 | return rc; | 704 | return rc; |
702 | 705 | ||
703 | rc = MHD_gtls_set_kx (session, | 706 | rc = MHD_gtls_set_kx (session, |
704 | MHD_gtls_cipher_suite_get_kx_algo | 707 | MHD_gtls_cipher_suite_get_kx_algo |
705 | (&session->security_parameters. | 708 | (&session-> |
706 | current_cipher_suite)); | 709 | security_parameters.current_cipher_suite)); |
707 | if (rc < 0) | 710 | if (rc < 0) |
708 | return rc; | 711 | return rc; |
709 | 712 | ||
710 | rc = MHD_gtls_set_write_compression (session, | 713 | rc = MHD_gtls_set_write_compression (session, |
711 | session->internals. | 714 | session-> |
712 | compression_method); | 715 | internals.compression_method); |
713 | if (rc < 0) | 716 | if (rc < 0) |
714 | return rc; | 717 | return rc; |
715 | } | 718 | } |
716 | else | 719 | else |
717 | { /* RESUME_TRUE */ | 720 | { /* RESUME_TRUE */ |
718 | MHD__gnutls_cpy_write_security_parameters (&session->security_parameters, | 721 | MHD__gnutls_cpy_write_security_parameters (&session-> |
719 | &session->internals. | 722 | security_parameters, |
720 | resumed_security_parameters); | 723 | &session-> |
724 | internals.resumed_security_parameters); | ||
721 | } | 725 | } |
722 | 726 | ||
723 | rc = MHD__gnutls_set_write_keys (session); | 727 | rc = MHD__gnutls_set_write_keys (session); |
@@ -725,9 +729,9 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session) | |||
725 | return rc; | 729 | return rc; |
726 | 730 | ||
727 | MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", session, | 731 | MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", session, |
728 | MHD_gtls_cipher_suite_get_name | 732 | MHD_gtls_cipher_suite_get_name |
729 | (&session->security_parameters. | 733 | (&session-> |
730 | current_cipher_suite)); | 734 | security_parameters.current_cipher_suite)); |
731 | 735 | ||
732 | if (MHD_gtls_compression_is_ok | 736 | if (MHD_gtls_compression_is_ok |
733 | (session->security_parameters.write_compression_algorithm) != 0) | 737 | (session->security_parameters.write_compression_algorithm) != 0) |
@@ -758,8 +762,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session) | |||
758 | 0); | 762 | 0); |
759 | 763 | ||
760 | mac_size = | 764 | mac_size = |
761 | MHD_gnutls_hash_get_algo_len (session->security_parameters. | 765 | MHD_gnutls_hash_get_algo_len (session-> |
762 | write_mac_algorithm); | 766 | security_parameters.write_mac_algorithm); |
763 | 767 | ||
764 | MHD__gnutls_handshake_log | 768 | MHD__gnutls_handshake_log |
765 | ("HSK[%x]: Initializing internal [write] cipher sessions\n", session); | 769 | ("HSK[%x]: Initializing internal [write] cipher sessions\n", session); |
@@ -770,8 +774,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session) | |||
770 | /* initialize cipher session | 774 | /* initialize cipher session |
771 | */ | 775 | */ |
772 | session->connection_state.write_cipher_state = | 776 | session->connection_state.write_cipher_state = |
773 | MHD_gtls_cipher_init (session->security_parameters. | 777 | MHD_gtls_cipher_init (session-> |
774 | write_bulk_cipher_algorithm, | 778 | security_parameters.write_bulk_cipher_algorithm, |
775 | &session->cipher_specs.server_write_key, | 779 | &session->cipher_specs.server_write_key, |
776 | &session->cipher_specs.server_write_IV); | 780 | &session->cipher_specs.server_write_IV); |
777 | 781 | ||
@@ -790,11 +794,10 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session) | |||
790 | */ | 794 | */ |
791 | if (mac_size > 0) | 795 | if (mac_size > 0) |
792 | { | 796 | { |
793 | if (MHD__gnutls_sset_datum (&session->connection_state.write_mac_secret, | 797 | if (MHD__gnutls_sset_datum |
794 | session->cipher_specs. | 798 | (&session->connection_state.write_mac_secret, |
795 | server_write_mac_secret.data, | 799 | session->cipher_specs.server_write_mac_secret.data, |
796 | session->cipher_specs. | 800 | session->cipher_specs.server_write_mac_secret.size) < 0) |
797 | server_write_mac_secret.size) < 0) | ||
798 | { | 801 | { |
799 | MHD_gnutls_assert (); | 802 | MHD_gnutls_assert (); |
800 | return GNUTLS_E_MEMORY_ERROR; | 803 | return GNUTLS_E_MEMORY_ERROR; |
@@ -807,8 +810,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session) | |||
807 | #if MHD_DEBUG_TLS | 810 | #if MHD_DEBUG_TLS |
808 | case GNUTLS_CLIENT: | 811 | case GNUTLS_CLIENT: |
809 | session->connection_state.write_cipher_state = | 812 | session->connection_state.write_cipher_state = |
810 | MHD_gtls_cipher_init (session->security_parameters. | 813 | MHD_gtls_cipher_init (session-> |
811 | write_bulk_cipher_algorithm, | 814 | security_parameters.write_bulk_cipher_algorithm, |
812 | &session->cipher_specs.client_write_key, | 815 | &session->cipher_specs.client_write_key, |
813 | &session->cipher_specs.client_write_IV); | 816 | &session->cipher_specs.client_write_IV); |
814 | 817 | ||
@@ -825,11 +828,10 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session) | |||
825 | */ | 828 | */ |
826 | if (mac_size > 0) | 829 | if (mac_size > 0) |
827 | { | 830 | { |
828 | if (MHD__gnutls_sset_datum (&session->connection_state.write_mac_secret, | 831 | if (MHD__gnutls_sset_datum |
829 | session->cipher_specs. | 832 | (&session->connection_state.write_mac_secret, |
830 | client_write_mac_secret.data, | 833 | session->cipher_specs.client_write_mac_secret.data, |
831 | session->cipher_specs. | 834 | session->cipher_specs.client_write_mac_secret.size) < 0) |
832 | client_write_mac_secret.size) < 0) | ||
833 | { | 835 | { |
834 | MHD_gnutls_assert (); | 836 | MHD_gnutls_assert (); |
835 | return GNUTLS_E_MEMORY_ERROR; | 837 | return GNUTLS_E_MEMORY_ERROR; |
@@ -845,8 +847,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session) | |||
845 | 847 | ||
846 | 848 | ||
847 | session->connection_state.write_compression_state = | 849 | session->connection_state.write_compression_state = |
848 | MHD_gtls_comp_init (session->security_parameters. | 850 | MHD_gtls_comp_init (session-> |
849 | write_compression_algorithm, 0); | 851 | security_parameters.write_compression_algorithm, 0); |
850 | 852 | ||
851 | if (session->connection_state.write_compression_state == GNUTLS_COMP_FAILED) | 853 | if (session->connection_state.write_compression_state == GNUTLS_COMP_FAILED) |
852 | { | 854 | { |
diff --git a/src/daemon/https/tls/gnutls_datum.c b/src/daemon/https/tls/gnutls_datum.c index e9a660a4..a62c4204 100644 --- a/src/daemon/https/tls/gnutls_datum.c +++ b/src/daemon/https/tls/gnutls_datum.c | |||
@@ -104,7 +104,8 @@ MHD_gtls_datum_append_m (MHD_gnutls_datum_t * dst, const void *data, | |||
104 | } | 104 | } |
105 | 105 | ||
106 | void | 106 | void |
107 | MHD_gtls_free_datum_m (MHD_gnutls_datum_t * dat, MHD_gnutls_free_function gfree_func) | 107 | MHD_gtls_free_datum_m (MHD_gnutls_datum_t * dat, |
108 | MHD_gnutls_free_function gfree_func) | ||
108 | { | 109 | { |
109 | if (dat->data != NULL) | 110 | if (dat->data != NULL) |
110 | gfree_func (dat->data); | 111 | gfree_func (dat->data); |
diff --git a/src/daemon/https/tls/gnutls_datum.h b/src/daemon/https/tls/gnutls_datum.h index 634d527e..3e787318 100644 --- a/src/daemon/https/tls/gnutls_datum.h +++ b/src/daemon/https/tls/gnutls_datum.h | |||
@@ -36,5 +36,6 @@ int MHD_gtls_datum_append_m (MHD_gnutls_datum_t * dat, const void *data, | |||
36 | size_t data_size, MHD_gnutls_realloc_function); | 36 | size_t data_size, MHD_gnutls_realloc_function); |
37 | #define MHD__gnutls_datum_append(x,y,z) MHD_gtls_datum_append_m(x,y,z, MHD_gnutls_realloc) | 37 | #define MHD__gnutls_datum_append(x,y,z) MHD_gtls_datum_append_m(x,y,z, MHD_gnutls_realloc) |
38 | 38 | ||
39 | void MHD_gtls_free_datum_m (MHD_gnutls_datum_t * dat, MHD_gnutls_free_function); | 39 | void MHD_gtls_free_datum_m (MHD_gnutls_datum_t * dat, |
40 | MHD_gnutls_free_function); | ||
40 | #define MHD__gnutls_free_datum(x) MHD_gtls_free_datum_m(x, MHD_gnutls_free) | 41 | #define MHD__gnutls_free_datum(x) MHD_gtls_free_datum_m(x, MHD_gnutls_free) |
diff --git a/src/daemon/https/tls/gnutls_dh_primes.c b/src/daemon/https/tls/gnutls_dh_primes.c index 83776c42..a25759b0 100644 --- a/src/daemon/https/tls/gnutls_dh_primes.c +++ b/src/daemon/https/tls/gnutls_dh_primes.c | |||
@@ -198,7 +198,7 @@ MHD__gnutls_dh_params_deinit (MHD_gtls_dh_params_t dh_params) | |||
198 | **/ | 198 | **/ |
199 | int | 199 | int |
200 | MHD__gnutls_dh_params_generate2 (MHD_gtls_dh_params_t params, | 200 | MHD__gnutls_dh_params_generate2 (MHD_gtls_dh_params_t params, |
201 | unsigned int bits) | 201 | unsigned int bits) |
202 | { | 202 | { |
203 | int ret; | 203 | int ret; |
204 | 204 | ||
diff --git a/src/daemon/https/tls/gnutls_extensions.c b/src/daemon/https/tls/gnutls_extensions.c index 1f9cf7d0..b8892324 100644 --- a/src/daemon/https/tls/gnutls_extensions.c +++ b/src/daemon/https/tls/gnutls_extensions.c | |||
@@ -154,9 +154,9 @@ MHD_gtls_parse_extensions (MHD_gtls_session_t session, | |||
154 | for (i = 0; i < session->internals.extensions_sent_size; i++) | 154 | for (i = 0; i < session->internals.extensions_sent_size; i++) |
155 | { | 155 | { |
156 | MHD__gnutls_debug_log ("EXT[%d]: expecting extension '%s'\n", | 156 | MHD__gnutls_debug_log ("EXT[%d]: expecting extension '%s'\n", |
157 | session, | 157 | session, |
158 | MHD_gtls_extension_get_name | 158 | MHD_gtls_extension_get_name |
159 | (session->internals.extensions_sent[i])); | 159 | (session->internals.extensions_sent[i])); |
160 | } | 160 | } |
161 | #endif | 161 | #endif |
162 | 162 | ||
@@ -173,7 +173,7 @@ MHD_gtls_parse_extensions (MHD_gtls_session_t session, | |||
173 | pos += 2; | 173 | pos += 2; |
174 | 174 | ||
175 | MHD__gnutls_debug_log ("EXT[%x]: Received extension '%s/%d'\n", session, | 175 | MHD__gnutls_debug_log ("EXT[%x]: Received extension '%s/%d'\n", session, |
176 | MHD_gtls_extension_get_name (type), type); | 176 | MHD_gtls_extension_get_name (type), type); |
177 | 177 | ||
178 | if ((ret = MHD__gnutls_extension_list_check (session, type)) < 0) | 178 | if ((ret = MHD__gnutls_extension_list_check (session, type)) < 0) |
179 | { | 179 | { |
@@ -217,8 +217,9 @@ MHD__gnutls_extension_list_add (MHD_gtls_session_t session, uint16_t type) | |||
217 | { | 217 | { |
218 | if (session->internals.extensions_sent_size < MAX_EXT_TYPES) | 218 | if (session->internals.extensions_sent_size < MAX_EXT_TYPES) |
219 | { | 219 | { |
220 | session->internals.extensions_sent[session->internals. | 220 | session->internals.extensions_sent[session-> |
221 | extensions_sent_size] = type; | 221 | internals.extensions_sent_size] = |
222 | type; | ||
222 | session->internals.extensions_sent_size++; | 223 | session->internals.extensions_sent_size++; |
223 | } | 224 | } |
224 | else | 225 | else |
@@ -288,7 +289,7 @@ MHD_gtls_gen_extensions (MHD_gtls_session_t session, opaque * data, | |||
288 | MHD__gnutls_extension_list_add (session, p->type); | 289 | MHD__gnutls_extension_list_add (session, p->type); |
289 | 290 | ||
290 | MHD__gnutls_debug_log ("EXT[%x]: Sending extension %s\n", session, | 291 | MHD__gnutls_debug_log ("EXT[%x]: Sending extension %s\n", session, |
291 | MHD_gtls_extension_get_name (p->type)); | 292 | MHD_gtls_extension_get_name (p->type)); |
292 | } | 293 | } |
293 | else if (size < 0) | 294 | else if (size < 0) |
294 | { | 295 | { |
diff --git a/src/daemon/https/tls/gnutls_global.c b/src/daemon/https/tls/gnutls_global.c index 781d12fa..635b01eb 100644 --- a/src/daemon/https/tls/gnutls_global.c +++ b/src/daemon/https/tls/gnutls_global.c | |||
@@ -51,7 +51,7 @@ extern const ASN1_ARRAY_TYPE MHD_gnutlsMHD__asn1_tab[]; | |||
51 | extern const ASN1_ARRAY_TYPE MHD_pkix_asn1_tab[]; | 51 | extern const ASN1_ARRAY_TYPE MHD_pkix_asn1_tab[]; |
52 | 52 | ||
53 | LOG_FUNC MHD__gnutls_log_func; | 53 | LOG_FUNC MHD__gnutls_log_func; |
54 | int MHD__gnutls_log_level = 0; /* default log level */ | 54 | int MHD__gnutls_log_level = 0; /* default log level */ |
55 | 55 | ||
56 | ASN1_TYPE MHD__gnutls_pkix1_asn; | 56 | ASN1_TYPE MHD__gnutls_pkix1_asn; |
57 | ASN1_TYPE MHD__gnutlsMHD__gnutls_asn; | 57 | ASN1_TYPE MHD__gnutlsMHD__gnutls_asn; |
@@ -148,7 +148,7 @@ MHD_gtls_global_set_mem_functions (MHD_gnutls_alloc_function alloc_func, | |||
148 | #ifdef DEBUG | 148 | #ifdef DEBUG |
149 | static void | 149 | static void |
150 | MHD__gnutls_gcry_log_handler (void *dummy, int level, | 150 | MHD__gnutls_gcry_log_handler (void *dummy, int level, |
151 | const char *fmt, va_list list) | 151 | const char *fmt, va_list list) |
152 | { | 152 | { |
153 | MHD_gtls_log (level, fmt, list); | 153 | MHD_gtls_log (level, fmt, list); |
154 | } | 154 | } |
@@ -213,7 +213,7 @@ MHD__gnutls_global_init (void) | |||
213 | if (data.wVersion < requested) | 213 | if (data.wVersion < requested) |
214 | { | 214 | { |
215 | MHD__gnutls_debug_log ("WSAStartup version check failed (%d < %d).\n", | 215 | MHD__gnutls_debug_log ("WSAStartup version check failed (%d < %d).\n", |
216 | data.wVersion, requested); | 216 | data.wVersion, requested); |
217 | WSACleanup (); | 217 | WSACleanup (); |
218 | return GNUTLS_E_LIBRARY_VERSION_MISMATCH; | 218 | return GNUTLS_E_LIBRARY_VERSION_MISMATCH; |
219 | } | 219 | } |
@@ -245,9 +245,10 @@ MHD__gnutls_global_init (void) | |||
245 | } | 245 | } |
246 | 246 | ||
247 | /* for gcrypt in order to be able to allocate memory */ | 247 | /* for gcrypt in order to be able to allocate memory */ |
248 | gcry_set_allocation_handler (MHD_gnutls_malloc, MHD_gnutls_secure_malloc, | 248 | gcry_set_allocation_handler (MHD_gnutls_malloc, |
249 | MHD__gnutls_is_secure_memory, MHD_gnutls_realloc, | 249 | MHD_gnutls_secure_malloc, |
250 | MHD_gnutls_free); | 250 | MHD__gnutls_is_secure_memory, |
251 | MHD_gnutls_realloc, MHD_gnutls_free); | ||
251 | 252 | ||
252 | /* gcry_control (GCRYCTL_DISABLE_INTERNAL_LOCKING, NULL, 0); */ | 253 | /* gcry_control (GCRYCTL_DISABLE_INTERNAL_LOCKING, NULL, 0); */ |
253 | 254 | ||
@@ -276,14 +277,17 @@ MHD__gnutls_global_init (void) | |||
276 | * This should not deal with files in the final | 277 | * This should not deal with files in the final |
277 | * version. | 278 | * version. |
278 | */ | 279 | */ |
279 | res = MHD__asn1_array2tree (MHD_pkix_asn1_tab, &MHD__gnutls_pkix1_asn, NULL); | 280 | res = |
281 | MHD__asn1_array2tree (MHD_pkix_asn1_tab, &MHD__gnutls_pkix1_asn, NULL); | ||
280 | if (res != ASN1_SUCCESS) | 282 | if (res != ASN1_SUCCESS) |
281 | { | 283 | { |
282 | result = MHD_gtls_asn2err (res); | 284 | result = MHD_gtls_asn2err (res); |
283 | return result; | 285 | return result; |
284 | } | 286 | } |
285 | 287 | ||
286 | res = MHD__asn1_array2tree (MHD_gnutlsMHD__asn1_tab, &MHD__gnutlsMHD__gnutls_asn, NULL); | 288 | res = |
289 | MHD__asn1_array2tree (MHD_gnutlsMHD__asn1_tab, | ||
290 | &MHD__gnutlsMHD__gnutls_asn, NULL); | ||
287 | if (res != ASN1_SUCCESS) | 291 | if (res != ASN1_SUCCESS) |
288 | { | 292 | { |
289 | MHD__asn1_delete_structure (&MHD__gnutls_pkix1_asn); | 293 | MHD__asn1_delete_structure (&MHD__gnutls_pkix1_asn); |
@@ -341,7 +345,7 @@ MHD__gnutls_global_deinit (void) | |||
341 | **/ | 345 | **/ |
342 | void | 346 | void |
343 | MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session, | 347 | MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session, |
344 | MHD_gtls_pull_func pull_func) | 348 | MHD_gtls_pull_func pull_func) |
345 | { | 349 | { |
346 | session->internals.MHD__gnutls_pull_func = pull_func; | 350 | session->internals.MHD__gnutls_pull_func = pull_func; |
347 | } | 351 | } |
@@ -362,7 +366,7 @@ MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session, | |||
362 | **/ | 366 | **/ |
363 | void | 367 | void |
364 | MHD__gnutls_transport_set_push_function (MHD_gtls_session_t session, | 368 | MHD__gnutls_transport_set_push_function (MHD_gtls_session_t session, |
365 | MHD_gtls_push_func push_func) | 369 | MHD_gtls_push_func push_func) |
366 | { | 370 | { |
367 | session->internals.MHD__gnutls_push_func = push_func; | 371 | session->internals.MHD__gnutls_push_func = push_func; |
368 | } | 372 | } |
diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c index 84cb96cf..291ad03e 100644 --- a/src/daemon/https/tls/gnutls_handshake.c +++ b/src/daemon/https/tls/gnutls_handshake.c | |||
@@ -67,12 +67,13 @@ | |||
67 | 67 | ||
68 | 68 | ||
69 | static int MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session, | 69 | static int MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session, |
70 | cipher_suite_st ** cipherSuites, | 70 | cipher_suite_st ** |
71 | int numCipherSuites, | 71 | cipherSuites, |
72 | enum | 72 | int numCipherSuites, |
73 | MHD_GNUTLS_PublicKeyAlgorithm); | 73 | enum |
74 | static int MHD_gtls_server_select_suite (MHD_gtls_session_t session, opaque * data, | 74 | MHD_GNUTLS_PublicKeyAlgorithm); |
75 | int datalen); | 75 | static int MHD_gtls_server_select_suite (MHD_gtls_session_t session, |
76 | opaque * data, int datalen); | ||
76 | 77 | ||
77 | static int MHD_gtls_generate_session_id (opaque * session_id, uint8_t * len); | 78 | static int MHD_gtls_generate_session_id (opaque * session_id, uint8_t * len); |
78 | 79 | ||
@@ -86,7 +87,7 @@ static int MHD_gtls_handshake_client (MHD_gtls_session_t session); | |||
86 | 87 | ||
87 | 88 | ||
88 | static int MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session, | 89 | static int MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session, |
89 | opaque * data, int datalen); | 90 | opaque * data, int datalen); |
90 | 91 | ||
91 | 92 | ||
92 | /* Clears the handshake hash buffers and handles. | 93 | /* Clears the handshake hash buffers and handles. |
@@ -119,8 +120,8 @@ resume_copy_required_values (MHD_gtls_session_t session) | |||
119 | * hello message. | 120 | * hello message. |
120 | */ | 121 | */ |
121 | memcpy (session->security_parameters.current_cipher_suite.suite, | 122 | memcpy (session->security_parameters.current_cipher_suite.suite, |
122 | session->internals.resumed_security_parameters. | 123 | session->internals.resumed_security_parameters.current_cipher_suite. |
123 | current_cipher_suite.suite, 2); | 124 | suite, 2); |
124 | 125 | ||
125 | session->internals.compression_method = | 126 | session->internals.compression_method = |
126 | session->internals.resumed_security_parameters.read_compression_algorithm; | 127 | session->internals.resumed_security_parameters.read_compression_algorithm; |
@@ -132,8 +133,9 @@ resume_copy_required_values (MHD_gtls_session_t session) | |||
132 | session->internals.resumed_security_parameters.entity; | 133 | session->internals.resumed_security_parameters.entity; |
133 | 134 | ||
134 | MHD_gtls_set_current_version (session, | 135 | MHD_gtls_set_current_version (session, |
135 | session->internals. | 136 | session-> |
136 | resumed_security_parameters.version); | 137 | internals.resumed_security_parameters. |
138 | version); | ||
137 | 139 | ||
138 | session->security_parameters.cert_type = | 140 | session->security_parameters.cert_type = |
139 | session->internals.resumed_security_parameters.cert_type; | 141 | session->internals.resumed_security_parameters.cert_type; |
@@ -157,7 +159,8 @@ resume_copy_required_values (MHD_gtls_session_t session) | |||
157 | * | 159 | * |
158 | **/ | 160 | **/ |
159 | void | 161 | void |
160 | MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session, size_t max) | 162 | MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session, |
163 | size_t max) | ||
161 | { | 164 | { |
162 | session->internals.max_handshake_data_buffer_size = max; | 165 | session->internals.max_handshake_data_buffer_size = max; |
163 | } | 166 | } |
@@ -215,11 +218,13 @@ MHD__gnutls_ssl3_finished (MHD_gtls_session_t session, int type, opaque * ret) | |||
215 | MHD_gnutls_hash (td_sha, mesg, siz); | 218 | MHD_gnutls_hash (td_sha, mesg, siz); |
216 | 219 | ||
217 | MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, ret, | 220 | MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, ret, |
218 | session->security_parameters. | 221 | session-> |
219 | master_secret, TLS_MASTER_SIZE); | 222 | security_parameters.master_secret, |
223 | TLS_MASTER_SIZE); | ||
220 | MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &ret[16], | 224 | MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &ret[16], |
221 | session->security_parameters. | 225 | session-> |
222 | master_secret, TLS_MASTER_SIZE); | 226 | security_parameters.master_secret, |
227 | TLS_MASTER_SIZE); | ||
223 | 228 | ||
224 | return 0; | 229 | return 0; |
225 | } | 230 | } |
@@ -255,7 +260,7 @@ MHD__gnutls_finished (MHD_gtls_session_t session, int type, void *ret) | |||
255 | { | 260 | { |
256 | MHD_gnutls_assert (); | 261 | MHD_gnutls_assert (); |
257 | if (td_md5 != NULL) | 262 | if (td_md5 != NULL) |
258 | MHD_gnutls_hash_deinit (td_md5, NULL); | 263 | MHD_gnutls_hash_deinit (td_md5, NULL); |
259 | return GNUTLS_E_HASH_FAILED; | 264 | return GNUTLS_E_HASH_FAILED; |
260 | } | 265 | } |
261 | 266 | ||
@@ -301,7 +306,7 @@ MHD_gtls_tls_create_random (opaque * dst) | |||
301 | /* generate server random value */ | 306 | /* generate server random value */ |
302 | MHD_gtls_write_uint32 (tim, dst); | 307 | MHD_gtls_write_uint32 (tim, dst); |
303 | 308 | ||
304 | if (MHD_gc_nonce ((char*) &dst[4], TLS_RANDOM_SIZE - 4) != GC_OK) | 309 | if (MHD_gc_nonce ((char *) &dst[4], TLS_RANDOM_SIZE - 4) != GC_OK) |
305 | { | 310 | { |
306 | MHD_gnutls_assert (); | 311 | MHD_gnutls_assert (); |
307 | return GNUTLS_E_RANDOM_FAILED; | 312 | return GNUTLS_E_RANDOM_FAILED; |
@@ -377,7 +382,7 @@ MHD_gtls_user_hello_func (MHD_gtls_session_t session, | |||
377 | */ | 382 | */ |
378 | static int | 383 | static int |
379 | MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data, | 384 | MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data, |
380 | int datalen) | 385 | int datalen) |
381 | { | 386 | { |
382 | uint8_t session_id_len; | 387 | uint8_t session_id_len; |
383 | int pos = 0, ret = 0; | 388 | int pos = 0, ret = 0; |
@@ -390,7 +395,7 @@ MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data, | |||
390 | DECR_LEN (len, 2); | 395 | DECR_LEN (len, 2); |
391 | 396 | ||
392 | MHD__gnutls_handshake_log ("HSK[%x]: Client's version: %d.%d\n", session, | 397 | MHD__gnutls_handshake_log ("HSK[%x]: Client's version: %d.%d\n", session, |
393 | data[pos], data[pos + 1]); | 398 | data[pos], data[pos + 1]); |
394 | 399 | ||
395 | adv_version = MHD_gtls_version_get (data[pos], data[pos + 1]); | 400 | adv_version = MHD_gtls_version_get (data[pos], data[pos + 1]); |
396 | set_adv_version (session, data[pos], data[pos + 1]); | 401 | set_adv_version (session, data[pos], data[pos + 1]); |
@@ -437,8 +442,8 @@ MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data, | |||
437 | else | 442 | else |
438 | { | 443 | { |
439 | MHD_gtls_generate_session_id (session->security_parameters.session_id, | 444 | MHD_gtls_generate_session_id (session->security_parameters.session_id, |
440 | &session->security_parameters. | 445 | &session-> |
441 | session_id_size); | 446 | security_parameters.session_id_size); |
442 | 447 | ||
443 | session->internals.resumed = RESUME_FALSE; | 448 | session->internals.resumed = RESUME_FALSE; |
444 | } | 449 | } |
@@ -573,18 +578,20 @@ MHD__gnutls_send_finished (MHD_gtls_session_t session, int again) | |||
573 | return ret; | 578 | return ret; |
574 | } | 579 | } |
575 | 580 | ||
576 | if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) | 581 | if (MHD__gnutls_protocol_get_version (session) == |
582 | MHD_GNUTLS_PROTOCOL_SSL3) | ||
577 | { | 583 | { |
578 | ret = | 584 | ret = |
579 | MHD__gnutls_ssl3_finished (session, | 585 | MHD__gnutls_ssl3_finished (session, |
580 | session->security_parameters.entity, data); | 586 | session->security_parameters.entity, |
587 | data); | ||
581 | data_size = 36; | 588 | data_size = 36; |
582 | } | 589 | } |
583 | else | 590 | else |
584 | { /* TLS 1.0 */ | 591 | { /* TLS 1.0 */ |
585 | ret = | 592 | ret = |
586 | MHD__gnutls_finished (session, | 593 | MHD__gnutls_finished (session, |
587 | session->security_parameters.entity, data); | 594 | session->security_parameters.entity, data); |
588 | data_size = 12; | 595 | data_size = 12; |
589 | } | 596 | } |
590 | 597 | ||
@@ -645,15 +652,15 @@ MHD__gnutls_recv_finished (MHD_gtls_session_t session) | |||
645 | { | 652 | { |
646 | ret = | 653 | ret = |
647 | MHD__gnutls_ssl3_finished (session, | 654 | MHD__gnutls_ssl3_finished (session, |
648 | (session->security_parameters.entity + 1) % 2, | 655 | (session->security_parameters.entity + |
649 | data); | 656 | 1) % 2, data); |
650 | } | 657 | } |
651 | else | 658 | else |
652 | { /* TLS 1.0 */ | 659 | { /* TLS 1.0 */ |
653 | ret = | 660 | ret = |
654 | MHD__gnutls_finished (session, | 661 | MHD__gnutls_finished (session, |
655 | (session->security_parameters.entity + | 662 | (session->security_parameters.entity + |
656 | 1) % 2, data); | 663 | 1) % 2, data); |
657 | } | 664 | } |
658 | 665 | ||
659 | if (ret < 0) | 666 | if (ret < 0) |
@@ -678,7 +685,7 @@ MHD__gnutls_recv_finished (MHD_gtls_session_t session) | |||
678 | */ | 685 | */ |
679 | static int | 686 | static int |
680 | MHD__gnutls_server_find_pk_algos_in_ciphersuites (const opaque * | 687 | MHD__gnutls_server_find_pk_algos_in_ciphersuites (const opaque * |
681 | data, int datalen) | 688 | data, int datalen) |
682 | { | 689 | { |
683 | int j; | 690 | int j; |
684 | enum MHD_GNUTLS_PublicKeyAlgorithm algo = GNUTLS_PK_NONE, prev_algo = 0; | 691 | enum MHD_GNUTLS_PublicKeyAlgorithm algo = GNUTLS_PK_NONE, prev_algo = 0; |
@@ -763,12 +770,13 @@ MHD_gtls_server_select_suite (MHD_gtls_session_t session, opaque * data, | |||
763 | for (j = 0; j < datalen; j += 2) | 770 | for (j = 0; j < datalen; j += 2) |
764 | { | 771 | { |
765 | memcpy (&cs.suite, &data[j], 2); | 772 | memcpy (&cs.suite, &data[j], 2); |
766 | MHD__gnutls_handshake_log ("\t%s\n", MHD_gtls_cipher_suite_get_name (&cs)); | 773 | MHD__gnutls_handshake_log ("\t%s\n", |
774 | MHD_gtls_cipher_suite_get_name (&cs)); | ||
767 | } | 775 | } |
768 | MHD__gnutls_handshake_log ("HSK[%x]: Supported cipher suites: \n", session); | 776 | MHD__gnutls_handshake_log ("HSK[%x]: Supported cipher suites: \n", session); |
769 | for (j = 0; j < x; j++) | 777 | for (j = 0; j < x; j++) |
770 | MHD__gnutls_handshake_log ("\t%s\n", | 778 | MHD__gnutls_handshake_log ("\t%s\n", |
771 | MHD_gtls_cipher_suite_get_name (&ciphers[j])); | 779 | MHD_gtls_cipher_suite_get_name (&ciphers[j])); |
772 | #endif | 780 | #endif |
773 | memset (session->security_parameters.current_cipher_suite.suite, '\0', 2); | 781 | memset (session->security_parameters.current_cipher_suite.suite, '\0', 2); |
774 | 782 | ||
@@ -806,9 +814,9 @@ finish: | |||
806 | */ | 814 | */ |
807 | if (MHD_gtls_get_kx_cred | 815 | if (MHD_gtls_get_kx_cred |
808 | (session, | 816 | (session, |
809 | MHD_gtls_cipher_suite_get_kx_algo (&session->security_parameters. | 817 | MHD_gtls_cipher_suite_get_kx_algo (&session-> |
810 | current_cipher_suite), &err) == NULL | 818 | security_parameters.current_cipher_suite), |
811 | && err != 0) | 819 | &err) == NULL && err != 0) |
812 | { | 820 | { |
813 | MHD_gnutls_assert (); | 821 | MHD_gnutls_assert (); |
814 | return GNUTLS_E_INSUFFICIENT_CREDENTIALS; | 822 | return GNUTLS_E_INSUFFICIENT_CREDENTIALS; |
@@ -821,8 +829,8 @@ finish: | |||
821 | */ | 829 | */ |
822 | session->internals.auth_struct = | 830 | session->internals.auth_struct = |
823 | MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo | 831 | MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo |
824 | (&session->security_parameters. | 832 | (&session-> |
825 | current_cipher_suite)); | 833 | security_parameters.current_cipher_suite)); |
826 | if (session->internals.auth_struct == NULL) | 834 | if (session->internals.auth_struct == NULL) |
827 | { | 835 | { |
828 | 836 | ||
@@ -842,7 +850,7 @@ finish: | |||
842 | */ | 850 | */ |
843 | static int | 851 | static int |
844 | MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session, | 852 | MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session, |
845 | opaque * data, int datalen) | 853 | opaque * data, int datalen) |
846 | { | 854 | { |
847 | int x, i, j; | 855 | int x, i, j; |
848 | uint8_t *comps; | 856 | uint8_t *comps; |
@@ -871,8 +879,8 @@ MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session, | |||
871 | 879 | ||
872 | MHD__gnutls_handshake_log | 880 | MHD__gnutls_handshake_log |
873 | ("HSK[%x]: Selected Compression Method: %s\n", session, | 881 | ("HSK[%x]: Selected Compression Method: %s\n", session, |
874 | MHD_gtls_compression_get_name (session->internals. | 882 | MHD_gtls_compression_get_name (session-> |
875 | compression_method)); | 883 | internals.compression_method)); |
876 | 884 | ||
877 | 885 | ||
878 | return 0; | 886 | return 0; |
@@ -896,7 +904,8 @@ MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session, | |||
896 | */ | 904 | */ |
897 | static int | 905 | static int |
898 | MHD__gnutls_send_empty_handshake (MHD_gtls_session_t session, | 906 | MHD__gnutls_send_empty_handshake (MHD_gtls_session_t session, |
899 | MHD_gnutls_handshake_description_t type, int again) | 907 | MHD_gnutls_handshake_description_t type, |
908 | int again) | ||
900 | { | 909 | { |
901 | opaque data = 0; | 910 | opaque data = 0; |
902 | opaque *ptr; | 911 | opaque *ptr; |
@@ -913,8 +922,8 @@ MHD__gnutls_send_empty_handshake (MHD_gtls_session_t session, | |||
913 | /* This function will hash the handshake message we sent. */ | 922 | /* This function will hash the handshake message we sent. */ |
914 | static int | 923 | static int |
915 | MHD__gnutls_handshake_hash_add_sent (MHD_gtls_session_t session, | 924 | MHD__gnutls_handshake_hash_add_sent (MHD_gtls_session_t session, |
916 | MHD_gnutls_handshake_description_t type, | 925 | MHD_gnutls_handshake_description_t type, |
917 | opaque * dataptr, uint32_t datalen) | 926 | opaque * dataptr, uint32_t datalen) |
918 | { | 927 | { |
919 | int ret; | 928 | int ret; |
920 | 929 | ||
@@ -987,7 +996,8 @@ MHD_gtls_send_handshake (MHD_gtls_session_t session, void *i_data, | |||
987 | */ | 996 | */ |
988 | if (type != GNUTLS_HANDSHAKE_HELLO_REQUEST) | 997 | if (type != GNUTLS_HANDSHAKE_HELLO_REQUEST) |
989 | if ((ret = | 998 | if ((ret = |
990 | MHD__gnutls_handshake_hash_add_sent (session, type, data, datasize)) < 0) | 999 | MHD__gnutls_handshake_hash_add_sent (session, type, data, |
1000 | datasize)) < 0) | ||
991 | { | 1001 | { |
992 | MHD_gnutls_assert (); | 1002 | MHD_gnutls_assert (); |
993 | MHD_gnutls_afree (data); | 1003 | MHD_gnutls_afree (data); |
@@ -1001,7 +1011,8 @@ MHD_gtls_send_handshake (MHD_gtls_session_t session, void *i_data, | |||
1001 | data, datasize); | 1011 | data, datasize); |
1002 | 1012 | ||
1003 | MHD__gnutls_handshake_log ("HSK[%x]: %s was sent [%ld bytes]\n", | 1013 | MHD__gnutls_handshake_log ("HSK[%x]: %s was sent [%ld bytes]\n", |
1004 | session, MHD__gnutls_handshake2str (type), datasize); | 1014 | session, MHD__gnutls_handshake2str (type), |
1015 | datasize); | ||
1005 | 1016 | ||
1006 | MHD_gnutls_afree (data); | 1017 | MHD_gnutls_afree (data); |
1007 | 1018 | ||
@@ -1017,8 +1028,9 @@ MHD_gtls_send_handshake (MHD_gtls_session_t session, void *i_data, | |||
1017 | #define SSL2_HEADERS 1 | 1028 | #define SSL2_HEADERS 1 |
1018 | static int | 1029 | static int |
1019 | MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session, | 1030 | MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session, |
1020 | MHD_gnutls_handshake_description_t type, | 1031 | MHD_gnutls_handshake_description_t type, |
1021 | MHD_gnutls_handshake_description_t * recv_type) | 1032 | MHD_gnutls_handshake_description_t * |
1033 | recv_type) | ||
1022 | { | 1034 | { |
1023 | int ret; | 1035 | int ret; |
1024 | uint32_t length32 = 0; | 1036 | uint32_t length32 = 0; |
@@ -1032,8 +1044,8 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session, | |||
1032 | if (session->internals.handshake_header_buffer.header_size == | 1044 | if (session->internals.handshake_header_buffer.header_size == |
1033 | handshake_header_size || (session->internals.v2_hello != 0 | 1045 | handshake_header_size || (session->internals.v2_hello != 0 |
1034 | && type == GNUTLS_HANDSHAKE_CLIENT_HELLO | 1046 | && type == GNUTLS_HANDSHAKE_CLIENT_HELLO |
1035 | && session->internals. | 1047 | && session->internals.handshake_header_buffer. |
1036 | handshake_header_buffer.packet_length > 0)) | 1048 | packet_length > 0)) |
1037 | { | 1049 | { |
1038 | 1050 | ||
1039 | *recv_type = session->internals.handshake_header_buffer.recv_type; | 1051 | *recv_type = session->internals.handshake_header_buffer.recv_type; |
@@ -1076,11 +1088,13 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session, | |||
1076 | MHD_gtls_handshake_io_recv_int (session, GNUTLS_HANDSHAKE, | 1088 | MHD_gtls_handshake_io_recv_int (session, GNUTLS_HANDSHAKE, |
1077 | type, | 1089 | type, |
1078 | &dataptr | 1090 | &dataptr |
1079 | [session->internals. | 1091 | [session-> |
1080 | handshake_header_buffer.header_size], | 1092 | internals.handshake_header_buffer. |
1093 | header_size], | ||
1081 | HANDSHAKE_HEADER_SIZE - | 1094 | HANDSHAKE_HEADER_SIZE - |
1082 | session->internals. | 1095 | session-> |
1083 | handshake_header_buffer.header_size); | 1096 | internals.handshake_header_buffer. |
1097 | header_size); | ||
1084 | if (ret <= 0) | 1098 | if (ret <= 0) |
1085 | { | 1099 | { |
1086 | MHD_gnutls_assert (); | 1100 | MHD_gnutls_assert (); |
@@ -1102,8 +1116,9 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session, | |||
1102 | handshake_header_size = HANDSHAKE_HEADER_SIZE; | 1116 | handshake_header_size = HANDSHAKE_HEADER_SIZE; |
1103 | 1117 | ||
1104 | MHD__gnutls_handshake_log ("HSK[%x]: %s was received [%ld bytes]\n", | 1118 | MHD__gnutls_handshake_log ("HSK[%x]: %s was received [%ld bytes]\n", |
1105 | session, MHD__gnutls_handshake2str (dataptr[0]), | 1119 | session, |
1106 | length32 + HANDSHAKE_HEADER_SIZE); | 1120 | MHD__gnutls_handshake2str (dataptr[0]), |
1121 | length32 + HANDSHAKE_HEADER_SIZE); | ||
1107 | 1122 | ||
1108 | } | 1123 | } |
1109 | else | 1124 | else |
@@ -1115,8 +1130,9 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session, | |||
1115 | *recv_type = dataptr[0]; | 1130 | *recv_type = dataptr[0]; |
1116 | 1131 | ||
1117 | MHD__gnutls_handshake_log ("HSK[%x]: %s(v2) was received [%ld bytes]\n", | 1132 | MHD__gnutls_handshake_log ("HSK[%x]: %s(v2) was received [%ld bytes]\n", |
1118 | session, MHD__gnutls_handshake2str (*recv_type), | 1133 | session, |
1119 | length32 + handshake_header_size); | 1134 | MHD__gnutls_handshake2str (*recv_type), |
1135 | length32 + handshake_header_size); | ||
1120 | 1136 | ||
1121 | if (*recv_type != GNUTLS_HANDSHAKE_CLIENT_HELLO) | 1137 | if (*recv_type != GNUTLS_HANDSHAKE_CLIENT_HELLO) |
1122 | { /* it should be one or nothing */ | 1138 | { /* it should be one or nothing */ |
@@ -1147,9 +1163,10 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session, | |||
1147 | */ | 1163 | */ |
1148 | static int | 1164 | static int |
1149 | MHD__gnutls_handshake_hash_add_recvd (MHD_gtls_session_t session, | 1165 | MHD__gnutls_handshake_hash_add_recvd (MHD_gtls_session_t session, |
1150 | MHD_gnutls_handshake_description_t recv_type, | 1166 | MHD_gnutls_handshake_description_t |
1151 | opaque * header, uint16_t header_size, | 1167 | recv_type, opaque * header, |
1152 | opaque * dataptr, uint32_t datalen) | 1168 | uint16_t header_size, opaque * dataptr, |
1169 | uint32_t datalen) | ||
1153 | { | 1170 | { |
1154 | int ret; | 1171 | int ret; |
1155 | 1172 | ||
@@ -1195,7 +1212,8 @@ MHD__gnutls_handshake_hash_add_recvd (MHD_gtls_session_t session, | |||
1195 | */ | 1212 | */ |
1196 | int | 1213 | int |
1197 | MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t ** data, | 1214 | MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t ** data, |
1198 | int *datalen, MHD_gnutls_handshake_description_t type, | 1215 | int *datalen, |
1216 | MHD_gnutls_handshake_description_t type, | ||
1199 | Optional optional) | 1217 | Optional optional) |
1200 | { | 1218 | { |
1201 | int ret; | 1219 | int ret; |
@@ -1259,11 +1277,12 @@ MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t ** data, | |||
1259 | 1277 | ||
1260 | 1278 | ||
1261 | ret = MHD__gnutls_handshake_hash_add_recvd (session, recv_type, | 1279 | ret = MHD__gnutls_handshake_hash_add_recvd (session, recv_type, |
1262 | session->internals. | 1280 | session-> |
1263 | handshake_header_buffer.header, | 1281 | internals.handshake_header_buffer. |
1264 | session->internals. | 1282 | header, |
1265 | handshake_header_buffer.header_size, | 1283 | session-> |
1266 | dataptr, length32); | 1284 | internals.handshake_header_buffer. |
1285 | header_size, dataptr, length32); | ||
1267 | if (ret < 0) | 1286 | if (ret < 0) |
1268 | { | 1287 | { |
1269 | MHD_gnutls_assert (); | 1288 | MHD_gnutls_assert (); |
@@ -1319,7 +1338,8 @@ MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t ** data, | |||
1319 | * to the session; | 1338 | * to the session; |
1320 | */ | 1339 | */ |
1321 | static int | 1340 | static int |
1322 | MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session, opaque suite[2]) | 1341 | MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session, |
1342 | opaque suite[2]) | ||
1323 | { | 1343 | { |
1324 | uint8_t z; | 1344 | uint8_t z; |
1325 | cipher_suite_st *cipher_suites; | 1345 | cipher_suite_st *cipher_suites; |
@@ -1355,9 +1375,9 @@ MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session, opaque suite[2]) | |||
1355 | memcpy (session->security_parameters.current_cipher_suite.suite, suite, 2); | 1375 | memcpy (session->security_parameters.current_cipher_suite.suite, suite, 2); |
1356 | 1376 | ||
1357 | MHD__gnutls_handshake_log ("HSK[%x]: Selected cipher suite: %s\n", session, | 1377 | MHD__gnutls_handshake_log ("HSK[%x]: Selected cipher suite: %s\n", session, |
1358 | MHD_gtls_cipher_suite_get_name | 1378 | MHD_gtls_cipher_suite_get_name |
1359 | (&session->security_parameters. | 1379 | (&session-> |
1360 | current_cipher_suite)); | 1380 | security_parameters.current_cipher_suite)); |
1361 | 1381 | ||
1362 | 1382 | ||
1363 | /* check if the credentials (username, public key etc.) are ok. | 1383 | /* check if the credentials (username, public key etc.) are ok. |
@@ -1380,8 +1400,8 @@ MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session, opaque suite[2]) | |||
1380 | */ | 1400 | */ |
1381 | session->internals.auth_struct = | 1401 | session->internals.auth_struct = |
1382 | MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo | 1402 | MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo |
1383 | (&session->security_parameters. | 1403 | (&session-> |
1384 | current_cipher_suite)); | 1404 | security_parameters.current_cipher_suite)); |
1385 | 1405 | ||
1386 | if (session->internals.auth_struct == NULL) | 1406 | if (session->internals.auth_struct == NULL) |
1387 | { | 1407 | { |
@@ -1402,7 +1422,7 @@ MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session, opaque suite[2]) | |||
1402 | */ | 1422 | */ |
1403 | static int | 1423 | static int |
1404 | MHD__gnutls_client_set_comp_method (MHD_gtls_session_t session, | 1424 | MHD__gnutls_client_set_comp_method (MHD_gtls_session_t session, |
1405 | opaque comp_method) | 1425 | opaque comp_method) |
1406 | { | 1426 | { |
1407 | int comp_methods_num; | 1427 | int comp_methods_num; |
1408 | uint8_t *compression_methods; | 1428 | uint8_t *compression_methods; |
@@ -1446,16 +1466,15 @@ MHD__gnutls_client_set_comp_method (MHD_gtls_session_t session, | |||
1446 | */ | 1466 | */ |
1447 | static int | 1467 | static int |
1448 | MHD__gnutls_client_check_if_resuming (MHD_gtls_session_t session, | 1468 | MHD__gnutls_client_check_if_resuming (MHD_gtls_session_t session, |
1449 | opaque * session_id, int session_id_len) | 1469 | opaque * session_id, int session_id_len) |
1450 | { | 1470 | { |
1451 | opaque buf[2 * TLS_MAX_SESSION_ID_SIZE + 1]; | 1471 | opaque buf[2 * TLS_MAX_SESSION_ID_SIZE + 1]; |
1452 | 1472 | ||
1453 | MHD__gnutls_handshake_log ("HSK[%x]: SessionID length: %d\n", session, | 1473 | MHD__gnutls_handshake_log ("HSK[%x]: SessionID length: %d\n", session, |
1454 | session_id_len); | 1474 | session_id_len); |
1455 | MHD__gnutls_handshake_log ("HSK[%x]: SessionID: %s\n", session, | 1475 | MHD__gnutls_handshake_log ("HSK[%x]: SessionID: %s\n", session, |
1456 | MHD_gtls_bin2hex (session_id, session_id_len, | 1476 | MHD_gtls_bin2hex (session_id, session_id_len, |
1457 | (char*) buf, | 1477 | (char *) buf, sizeof (buf))); |
1458 | sizeof (buf))); | ||
1459 | 1478 | ||
1460 | if (session_id_len > 0 && | 1479 | if (session_id_len > 0 && |
1461 | session->internals.resumed_security_parameters.session_id_size == | 1480 | session->internals.resumed_security_parameters.session_id_size == |
@@ -1491,7 +1510,7 @@ MHD__gnutls_client_check_if_resuming (MHD_gtls_session_t session, | |||
1491 | */ | 1510 | */ |
1492 | static int | 1511 | static int |
1493 | MHD__gnutls_read_server_hello (MHD_gtls_session_t session, | 1512 | MHD__gnutls_read_server_hello (MHD_gtls_session_t session, |
1494 | opaque * data, int datalen) | 1513 | opaque * data, int datalen) |
1495 | { | 1514 | { |
1496 | uint8_t session_id_len = 0; | 1515 | uint8_t session_id_len = 0; |
1497 | int pos = 0; | 1516 | int pos = 0; |
@@ -1506,7 +1525,7 @@ MHD__gnutls_read_server_hello (MHD_gtls_session_t session, | |||
1506 | } | 1525 | } |
1507 | 1526 | ||
1508 | MHD__gnutls_handshake_log ("HSK[%x]: Server's version: %d.%d\n", | 1527 | MHD__gnutls_handshake_log ("HSK[%x]: Server's version: %d.%d\n", |
1509 | session, data[pos], data[pos + 1]); | 1528 | session, data[pos], data[pos + 1]); |
1510 | 1529 | ||
1511 | DECR_LEN (len, 2); | 1530 | DECR_LEN (len, 2); |
1512 | version = MHD_gtls_version_get (data[pos], data[pos + 1]); | 1531 | version = MHD_gtls_version_get (data[pos], data[pos + 1]); |
@@ -1594,7 +1613,7 @@ MHD__gnutls_read_server_hello (MHD_gtls_session_t session, | |||
1594 | */ | 1613 | */ |
1595 | static int | 1614 | static int |
1596 | MHD__gnutls_copy_ciphersuites (MHD_gtls_session_t session, | 1615 | MHD__gnutls_copy_ciphersuites (MHD_gtls_session_t session, |
1597 | opaque * ret_data, size_t ret_data_size) | 1616 | opaque * ret_data, size_t ret_data_size) |
1598 | { | 1617 | { |
1599 | int ret, i; | 1618 | int ret, i; |
1600 | cipher_suite_st *cipher_suites; | 1619 | cipher_suite_st *cipher_suites; |
@@ -1662,7 +1681,7 @@ MHD__gnutls_copy_ciphersuites (MHD_gtls_session_t session, | |||
1662 | */ | 1681 | */ |
1663 | static int | 1682 | static int |
1664 | MHD__gnutls_copy_comp_methods (MHD_gtls_session_t session, | 1683 | MHD__gnutls_copy_comp_methods (MHD_gtls_session_t session, |
1665 | opaque * ret_data, size_t ret_data_size) | 1684 | opaque * ret_data, size_t ret_data_size) |
1666 | { | 1685 | { |
1667 | int ret, i; | 1686 | int ret, i; |
1668 | uint8_t *compression_methods, comp_num; | 1687 | uint8_t *compression_methods, comp_num; |
@@ -1921,7 +1940,7 @@ MHD__gnutls_send_server_hello (MHD_gtls_session_t session, int again) | |||
1921 | */ | 1940 | */ |
1922 | MHD_gnutls_assert (); | 1941 | MHD_gnutls_assert (); |
1923 | ret = MHD__gnutls_alert_send (session, GNUTLS_AL_FATAL, | 1942 | ret = MHD__gnutls_alert_send (session, GNUTLS_AL_FATAL, |
1924 | GNUTLS_A_UNKNOWN_PSK_IDENTITY); | 1943 | GNUTLS_A_UNKNOWN_PSK_IDENTITY); |
1925 | if (ret < 0) | 1944 | if (ret < 0) |
1926 | { | 1945 | { |
1927 | MHD_gnutls_assert (); | 1946 | MHD_gnutls_assert (); |
@@ -1969,16 +1988,17 @@ MHD__gnutls_send_server_hello (MHD_gtls_session_t session, int again) | |||
1969 | pos += session_id_len; | 1988 | pos += session_id_len; |
1970 | 1989 | ||
1971 | MHD__gnutls_handshake_log ("HSK[%x]: SessionID: %s\n", session, | 1990 | MHD__gnutls_handshake_log ("HSK[%x]: SessionID: %s\n", session, |
1972 | MHD_gtls_bin2hex (SessionID, session_id_len, | 1991 | MHD_gtls_bin2hex (SessionID, session_id_len, |
1973 | (char*) buf, sizeof (buf))); | 1992 | (char *) buf, |
1993 | sizeof (buf))); | ||
1974 | 1994 | ||
1975 | memcpy (&data[pos], | 1995 | memcpy (&data[pos], |
1976 | session->security_parameters.current_cipher_suite.suite, 2); | 1996 | session->security_parameters.current_cipher_suite.suite, 2); |
1977 | pos += 2; | 1997 | pos += 2; |
1978 | 1998 | ||
1979 | comp = | 1999 | comp = |
1980 | (uint8_t) MHD_gtls_compression_get_num (session-> | 2000 | (uint8_t) MHD_gtls_compression_get_num (session->internals. |
1981 | internals.compression_method); | 2001 | compression_method); |
1982 | data[pos++] = comp; | 2002 | data[pos++] = comp; |
1983 | 2003 | ||
1984 | 2004 | ||
@@ -2103,7 +2123,7 @@ MHD__gnutls_rehandshake (MHD_gtls_session_t session) | |||
2103 | 2123 | ||
2104 | ret = | 2124 | ret = |
2105 | MHD__gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST, | 2125 | MHD__gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST, |
2106 | AGAIN (STATE50)); | 2126 | AGAIN (STATE50)); |
2107 | STATE = STATE50; | 2127 | STATE = STATE50; |
2108 | 2128 | ||
2109 | if (ret < 0) | 2129 | if (ret < 0) |
@@ -2260,14 +2280,14 @@ MHD__gnutls_handshake (MHD_gtls_session_t session) | |||
2260 | } | 2280 | } |
2261 | #if MHD_DEBUG_TLS | 2281 | #if MHD_DEBUG_TLS |
2262 | if (session->security_parameters.entity == GNUTLS_CLIENT) | 2282 | if (session->security_parameters.entity == GNUTLS_CLIENT) |
2263 | { | 2283 | { |
2264 | ret = MHD_gtls_handshake_client (session); | 2284 | ret = MHD_gtls_handshake_client (session); |
2265 | } | 2285 | } |
2266 | else | 2286 | else |
2267 | #endif | 2287 | #endif |
2268 | { | 2288 | { |
2269 | ret = MHD_gtls_handshake_server (session); | 2289 | ret = MHD_gtls_handshake_server (session); |
2270 | } | 2290 | } |
2271 | 2291 | ||
2272 | if (ret < 0) | 2292 | if (ret < 0) |
2273 | { | 2293 | { |
@@ -2323,13 +2343,11 @@ MHD_gtls_handshake_client (MHD_gtls_session_t session) | |||
2323 | 2343 | ||
2324 | if (session->internals.resumed_security_parameters.session_id_size > 0) | 2344 | if (session->internals.resumed_security_parameters.session_id_size > 0) |
2325 | MHD__gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session, | 2345 | MHD__gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session, |
2326 | MHD_gtls_bin2hex (session->internals. | 2346 | MHD_gtls_bin2hex (session-> |
2327 | resumed_security_parameters. | 2347 | internals.resumed_security_parameters.session_id, |
2328 | session_id, | 2348 | session-> |
2329 | session->internals. | 2349 | internals.resumed_security_parameters.session_id_size, |
2330 | resumed_security_parameters. | 2350 | buf, sizeof (buf))); |
2331 | session_id_size, buf, | ||
2332 | sizeof (buf))); | ||
2333 | #endif | 2351 | #endif |
2334 | 2352 | ||
2335 | switch (STATE) | 2353 | switch (STATE) |
@@ -2613,8 +2631,8 @@ MHD_gtls_handshake_server (MHD_gtls_session_t session) | |||
2613 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ | 2631 | if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ |
2614 | ret = | 2632 | ret = |
2615 | MHD__gnutls_send_empty_handshake (session, | 2633 | MHD__gnutls_send_empty_handshake (session, |
2616 | GNUTLS_HANDSHAKE_SERVER_HELLO_DONE, | 2634 | GNUTLS_HANDSHAKE_SERVER_HELLO_DONE, |
2617 | AGAIN (STATE6)); | 2635 | AGAIN (STATE6)); |
2618 | STATE = STATE6; | 2636 | STATE = STATE6; |
2619 | IMED_RET ("send server hello done", ret); | 2637 | IMED_RET ("send server hello done", ret); |
2620 | 2638 | ||
@@ -2696,7 +2714,7 @@ MHD_gtls_generate_session_id (opaque * session_id, uint8_t * len) | |||
2696 | { | 2714 | { |
2697 | *len = TLS_MAX_SESSION_ID_SIZE; | 2715 | *len = TLS_MAX_SESSION_ID_SIZE; |
2698 | 2716 | ||
2699 | if (MHD_gc_nonce ((char*) session_id, *len) != GC_OK) | 2717 | if (MHD_gc_nonce ((char *) session_id, *len) != GC_OK) |
2700 | { | 2718 | { |
2701 | MHD_gnutls_assert (); | 2719 | MHD_gnutls_assert (); |
2702 | return GNUTLS_E_RANDOM_FAILED; | 2720 | return GNUTLS_E_RANDOM_FAILED; |
@@ -2804,7 +2822,8 @@ check_server_params (MHD_gtls_session_t session, | |||
2804 | { | 2822 | { |
2805 | MHD_gnutls_psk_server_credentials_t psk_cred = | 2823 | MHD_gnutls_psk_server_credentials_t psk_cred = |
2806 | (MHD_gnutls_psk_server_credentials_t) MHD_gtls_get_cred (session->key, | 2824 | (MHD_gnutls_psk_server_credentials_t) MHD_gtls_get_cred (session->key, |
2807 | cred_type, NULL); | 2825 | cred_type, |
2826 | NULL); | ||
2808 | 2827 | ||
2809 | if (psk_cred != NULL) | 2828 | if (psk_cred != NULL) |
2810 | { | 2829 | { |
@@ -2889,8 +2908,9 @@ MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session, | |||
2889 | if (ret < 0) | 2908 | if (ret < 0) |
2890 | { | 2909 | { |
2891 | MHD_gnutls_assert (); | 2910 | MHD_gnutls_assert (); |
2892 | MHD__gnutls_x509_log ("Could not find an appropriate certificate: %s\n", | 2911 | MHD__gnutls_x509_log |
2893 | MHD_gtls_strerror (ret)); | 2912 | ("Could not find an appropriate certificate: %s\n", |
2913 | MHD_gtls_strerror (ret)); | ||
2894 | cert_cred = NULL; | 2914 | cert_cred = NULL; |
2895 | } | 2915 | } |
2896 | } | 2916 | } |
@@ -2954,8 +2974,8 @@ MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session, | |||
2954 | { | 2974 | { |
2955 | 2975 | ||
2956 | MHD__gnutls_handshake_log ("HSK[%x]: Keeping ciphersuite: %s\n", | 2976 | MHD__gnutls_handshake_log ("HSK[%x]: Keeping ciphersuite: %s\n", |
2957 | session, | 2977 | session, |
2958 | MHD_gtls_cipher_suite_get_name (&cs)); | 2978 | MHD_gtls_cipher_suite_get_name (&cs)); |
2959 | 2979 | ||
2960 | memcpy (newSuite[newSuiteSize].suite, (*cipherSuites)[i].suite, 2); | 2980 | memcpy (newSuite[newSuiteSize].suite, (*cipherSuites)[i].suite, 2); |
2961 | newSuiteSize++; | 2981 | newSuiteSize++; |
@@ -2963,8 +2983,8 @@ MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session, | |||
2963 | else | 2983 | else |
2964 | { | 2984 | { |
2965 | MHD__gnutls_handshake_log ("HSK[%x]: Removing ciphersuite: %s\n", | 2985 | MHD__gnutls_handshake_log ("HSK[%x]: Removing ciphersuite: %s\n", |
2966 | session, | 2986 | session, |
2967 | MHD_gtls_cipher_suite_get_name (&cs)); | 2987 | MHD_gtls_cipher_suite_get_name (&cs)); |
2968 | 2988 | ||
2969 | } | 2989 | } |
2970 | } | 2990 | } |
diff --git a/src/daemon/https/tls/gnutls_handshake.h b/src/daemon/https/tls/gnutls_handshake.h index 6ef002c6..58c95a84 100644 --- a/src/daemon/https/tls/gnutls_handshake.h +++ b/src/daemon/https/tls/gnutls_handshake.h | |||
@@ -37,7 +37,8 @@ int MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t **, int *, | |||
37 | MHD_gnutls_handshake_description_t, | 37 | MHD_gnutls_handshake_description_t, |
38 | Optional optional); | 38 | Optional optional); |
39 | void | 39 | void |
40 | MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session, size_t max); | 40 | MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session, |
41 | size_t max); | ||
41 | 42 | ||
42 | #define STATE session->internals.handshake_state | 43 | #define STATE session->internals.handshake_state |
43 | /* This returns true if we have got there | 44 | /* This returns true if we have got there |
diff --git a/src/daemon/https/tls/gnutls_hash_int.c b/src/daemon/https/tls/gnutls_hash_int.c index 97b6680d..cc61203d 100644 --- a/src/daemon/https/tls/gnutls_hash_int.c +++ b/src/daemon/https/tls/gnutls_hash_int.c | |||
@@ -133,7 +133,7 @@ MHD_gnutls_hash_deinit (GNUTLS_HASH_HANDLE handle, void *digest) | |||
133 | 133 | ||
134 | maclen = MHD_gnutls_hash_get_algo_len (handle->algorithm); | 134 | maclen = MHD_gnutls_hash_get_algo_len (handle->algorithm); |
135 | 135 | ||
136 | mac = (unsigned char*) MHD_gc_hash_read (handle->handle); | 136 | mac = (unsigned char *) MHD_gc_hash_read (handle->handle); |
137 | if (digest != NULL) | 137 | if (digest != NULL) |
138 | memcpy (digest, mac, maclen); | 138 | memcpy (digest, mac, maclen); |
139 | 139 | ||
@@ -145,7 +145,7 @@ MHD_gnutls_hash_deinit (GNUTLS_HASH_HANDLE handle, void *digest) | |||
145 | 145 | ||
146 | mac_hd_t | 146 | mac_hd_t |
147 | MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm, | 147 | MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm, |
148 | const void *key, int keylen) | 148 | const void *key, int keylen) |
149 | { | 149 | { |
150 | mac_hd_t ret; | 150 | mac_hd_t ret; |
151 | int result; | 151 | int result; |
@@ -154,7 +154,8 @@ MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm, | |||
154 | if (ret == NULL) | 154 | if (ret == NULL) |
155 | return GNUTLS_MAC_FAILED; | 155 | return GNUTLS_MAC_FAILED; |
156 | 156 | ||
157 | result = MHD_gc_hash_open (MHD__gnutls_mac2gc (algorithm), GC_HMAC, &ret->handle); | 157 | result = |
158 | MHD_gc_hash_open (MHD__gnutls_mac2gc (algorithm), GC_HMAC, &ret->handle); | ||
158 | if (result) | 159 | if (result) |
159 | { | 160 | { |
160 | MHD_gnutls_free (ret); | 161 | MHD_gnutls_free (ret); |
@@ -178,7 +179,7 @@ MHD_gnutls_MHD_hmac_deinit (mac_hd_t handle, void *digest) | |||
178 | 179 | ||
179 | maclen = MHD_gnutls_hash_get_algo_len (handle->algorithm); | 180 | maclen = MHD_gnutls_hash_get_algo_len (handle->algorithm); |
180 | 181 | ||
181 | mac = (unsigned char*) MHD_gc_hash_read (handle->handle); | 182 | mac = (unsigned char *) MHD_gc_hash_read (handle->handle); |
182 | 183 | ||
183 | if (digest != NULL) | 184 | if (digest != NULL) |
184 | memcpy (digest, mac, maclen); | 185 | memcpy (digest, mac, maclen); |
diff --git a/src/daemon/https/tls/gnutls_hash_int.h b/src/daemon/https/tls/gnutls_hash_int.h index 72f805ee..bd3dec29 100644 --- a/src/daemon/https/tls/gnutls_hash_int.h +++ b/src/daemon/https/tls/gnutls_hash_int.h | |||
@@ -43,7 +43,7 @@ typedef mac_hd_t GNUTLS_HASH_HANDLE; | |||
43 | #define GNUTLS_MAC_FAILED NULL | 43 | #define GNUTLS_MAC_FAILED NULL |
44 | 44 | ||
45 | mac_hd_t MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm, | 45 | mac_hd_t MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm, |
46 | const void *key, int keylen); | 46 | const void *key, int keylen); |
47 | 47 | ||
48 | void MHD_gnutls_MHD_hmac_deinit (mac_hd_t handle, void *digest); | 48 | void MHD_gnutls_MHD_hmac_deinit (mac_hd_t handle, void *digest); |
49 | 49 | ||
diff --git a/src/daemon/https/tls/gnutls_kx.c b/src/daemon/https/tls/gnutls_kx.c index 5f0966f8..58850318 100644 --- a/src/daemon/https/tls/gnutls_kx.c +++ b/src/daemon/https/tls/gnutls_kx.c | |||
@@ -62,14 +62,16 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster) | |||
62 | char buf[512]; | 62 | char buf[512]; |
63 | 63 | ||
64 | MHD__gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size, | 64 | MHD__gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size, |
65 | MHD_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf, | 65 | MHD_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf, |
66 | sizeof (buf))); | 66 | sizeof (buf))); |
67 | MHD__gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, | 67 | MHD__gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, |
68 | MHD_gtls_bin2hex (session->security_parameters. | 68 | MHD_gtls_bin2hex (session-> |
69 | client_random, 32, buf, sizeof (buf))); | 69 | security_parameters.client_random, |
70 | 32, buf, sizeof (buf))); | ||
70 | MHD__gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, | 71 | MHD__gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, |
71 | MHD_gtls_bin2hex (session->security_parameters. | 72 | MHD_gtls_bin2hex (session-> |
72 | server_random, 32, buf, sizeof (buf))); | 73 | security_parameters.server_random, |
74 | 32, buf, sizeof (buf))); | ||
73 | 75 | ||
74 | if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) | 76 | if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) |
75 | { | 77 | { |
@@ -84,8 +86,8 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster) | |||
84 | MHD_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, | 86 | MHD_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, |
85 | rnd, 2 * TLS_RANDOM_SIZE, | 87 | rnd, 2 * TLS_RANDOM_SIZE, |
86 | TLS_MASTER_SIZE, | 88 | TLS_MASTER_SIZE, |
87 | session->security_parameters. | 89 | session-> |
88 | master_secret); | 90 | security_parameters.master_secret); |
89 | 91 | ||
90 | } | 92 | } |
91 | else if (session->security_parameters.extensions.oprfi_client_len > 0 && | 93 | else if (session->security_parameters.extensions.oprfi_client_len > 0 && |
@@ -105,21 +107,25 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster) | |||
105 | } | 107 | } |
106 | 108 | ||
107 | MHD__gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n", | 109 | MHD__gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n", |
108 | session->security_parameters. | 110 | session->security_parameters.extensions. |
109 | extensions.oprfi_server_len, | 111 | oprfi_server_len, |
110 | MHD_gtls_bin2hex (session->security_parameters. | 112 | MHD_gtls_bin2hex (session-> |
111 | extensions.oprfi_client, | 113 | security_parameters.extensions. |
112 | session->security_parameters. | 114 | oprfi_client, |
113 | extensions.oprfi_client_len, buf, | 115 | session-> |
114 | sizeof (buf))); | 116 | security_parameters.extensions. |
117 | oprfi_client_len, buf, | ||
118 | sizeof (buf))); | ||
115 | MHD__gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n", | 119 | MHD__gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n", |
116 | session->security_parameters. | 120 | session->security_parameters.extensions. |
117 | extensions.oprfi_server_len, | 121 | oprfi_server_len, |
118 | MHD_gtls_bin2hex (session->security_parameters. | 122 | MHD_gtls_bin2hex (session-> |
119 | extensions.oprfi_server, | 123 | security_parameters.extensions. |
120 | session->security_parameters. | 124 | oprfi_server, |
121 | extensions.oprfi_server_len, buf, | 125 | session-> |
122 | sizeof (buf))); | 126 | security_parameters.extensions. |
127 | oprfi_server_len, buf, | ||
128 | sizeof (buf))); | ||
123 | 129 | ||
124 | memcpy (rnd, session->security_parameters.client_random, | 130 | memcpy (rnd, session->security_parameters.client_random, |
125 | TLS_RANDOM_SIZE); | 131 | TLS_RANDOM_SIZE); |
@@ -169,9 +175,10 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster) | |||
169 | return ret; | 175 | return ret; |
170 | 176 | ||
171 | MHD__gnutls_hard_log ("INT: MASTER SECRET: %s\n", | 177 | MHD__gnutls_hard_log ("INT: MASTER SECRET: %s\n", |
172 | MHD_gtls_bin2hex (session->security_parameters. | 178 | MHD_gtls_bin2hex (session-> |
173 | master_secret, TLS_MASTER_SIZE, buf, | 179 | security_parameters.master_secret, |
174 | sizeof (buf))); | 180 | TLS_MASTER_SIZE, buf, |
181 | sizeof (buf))); | ||
175 | 182 | ||
176 | return ret; | 183 | return ret; |
177 | } | 184 | } |
@@ -237,8 +244,8 @@ MHD_gtls_send_server_certificate_request (MHD_gtls_session_t session, | |||
237 | int data_size = 0; | 244 | int data_size = 0; |
238 | int ret = 0; | 245 | int ret = 0; |
239 | 246 | ||
240 | if (session->internals.auth_struct-> | 247 | if (session->internals. |
241 | MHD_gtls_gen_server_certificate_request == NULL) | 248 | auth_struct->MHD_gtls_gen_server_certificate_request == NULL) |
242 | return 0; | 249 | return 0; |
243 | 250 | ||
244 | if (session->internals.send_cert_req <= 0) | 251 | if (session->internals.send_cert_req <= 0) |
@@ -250,8 +257,8 @@ MHD_gtls_send_server_certificate_request (MHD_gtls_session_t session, | |||
250 | if (again == 0) | 257 | if (again == 0) |
251 | { | 258 | { |
252 | data_size = | 259 | data_size = |
253 | session->internals.auth_struct-> | 260 | session->internals. |
254 | MHD_gtls_gen_server_certificate_request (session, &data); | 261 | auth_struct->MHD_gtls_gen_server_certificate_request (session, &data); |
255 | 262 | ||
256 | if (data_size < 0) | 263 | if (data_size < 0) |
257 | { | 264 | { |
@@ -350,8 +357,8 @@ MHD_gtls_send_client_certificate_verify (MHD_gtls_session_t session, | |||
350 | if (again == 0) | 357 | if (again == 0) |
351 | { | 358 | { |
352 | data_size = | 359 | data_size = |
353 | session->internals.auth_struct-> | 360 | session->internals. |
354 | MHD_gtls_gen_client_cert_vrfy (session, &data); | 361 | auth_struct->MHD_gtls_gen_client_cert_vrfy (session, &data); |
355 | if (data_size < 0) | 362 | if (data_size < 0) |
356 | { | 363 | { |
357 | MHD_gnutls_assert (); | 364 | MHD_gnutls_assert (); |
@@ -423,8 +430,8 @@ MHD_gtls_recv_server_certificate_request (MHD_gtls_session_t session) | |||
423 | int datasize; | 430 | int datasize; |
424 | int ret = 0; | 431 | int ret = 0; |
425 | 432 | ||
426 | if (session->internals.auth_struct-> | 433 | if (session->internals. |
427 | MHD_gtls_process_server_certificate_request != NULL) | 434 | auth_struct->MHD_gtls_process_server_certificate_request != NULL) |
428 | { | 435 | { |
429 | 436 | ||
430 | ret = | 437 | ret = |
@@ -439,8 +446,10 @@ MHD_gtls_recv_server_certificate_request (MHD_gtls_session_t session) | |||
439 | return 0; /* ignored */ | 446 | return 0; /* ignored */ |
440 | 447 | ||
441 | ret = | 448 | ret = |
442 | session->internals.auth_struct-> | 449 | session->internals. |
443 | MHD_gtls_process_server_certificate_request (session, data, datasize); | 450 | auth_struct->MHD_gtls_process_server_certificate_request (session, |
451 | data, | ||
452 | datasize); | ||
444 | MHD_gnutls_free (data); | 453 | MHD_gnutls_free (data); |
445 | if (ret < 0) | 454 | if (ret < 0) |
446 | return ret; | 455 | return ret; |
@@ -504,14 +513,15 @@ MHD_gtls_send_client_certificate (MHD_gtls_session_t session, int again) | |||
504 | 513 | ||
505 | if (again == 0) | 514 | if (again == 0) |
506 | { | 515 | { |
507 | if (MHD__gnutls_protocol_get_version (session) != MHD_GNUTLS_PROTOCOL_SSL3 || | 516 | if (MHD__gnutls_protocol_get_version (session) != |
508 | session->internals.selected_cert_list_length > 0) | 517 | MHD_GNUTLS_PROTOCOL_SSL3 |
518 | || session->internals.selected_cert_list_length > 0) | ||
509 | { | 519 | { |
510 | /* TLS 1.0 or SSL 3.0 with a valid certificate | 520 | /* TLS 1.0 or SSL 3.0 with a valid certificate |
511 | */ | 521 | */ |
512 | data_size = | 522 | data_size = |
513 | session->internals.auth_struct-> | 523 | session->internals. |
514 | MHD_gtls_gen_client_certificate (session, &data); | 524 | auth_struct->MHD_gtls_gen_client_certificate (session, &data); |
515 | 525 | ||
516 | if (data_size < 0) | 526 | if (data_size < 0) |
517 | { | 527 | { |
@@ -525,12 +535,12 @@ MHD_gtls_send_client_certificate (MHD_gtls_session_t session, int again) | |||
525 | * no certificate alert instead of an | 535 | * no certificate alert instead of an |
526 | * empty certificate. | 536 | * empty certificate. |
527 | */ | 537 | */ |
528 | if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && | 538 | if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 |
529 | session->internals.selected_cert_list_length == 0) | 539 | && session->internals.selected_cert_list_length == 0) |
530 | { | 540 | { |
531 | ret = | 541 | ret = |
532 | MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING, | 542 | MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING, |
533 | GNUTLS_A_SSL3_NO_CERTIFICATE); | 543 | GNUTLS_A_SSL3_NO_CERTIFICATE); |
534 | 544 | ||
535 | } | 545 | } |
536 | else | 546 | else |
@@ -571,8 +581,8 @@ MHD_gtls_send_server_certificate (MHD_gtls_session_t session, int again) | |||
571 | if (again == 0) | 581 | if (again == 0) |
572 | { | 582 | { |
573 | data_size = | 583 | data_size = |
574 | session->internals.auth_struct-> | 584 | session->internals. |
575 | MHD_gtls_gen_server_certificate (session, &data); | 585 | auth_struct->MHD_gtls_gen_server_certificate (session, &data); |
576 | 586 | ||
577 | if (data_size < 0) | 587 | if (data_size < 0) |
578 | { | 588 | { |
@@ -632,8 +642,10 @@ MHD_gtls_recv_client_certificate (MHD_gtls_session_t session) | |||
632 | */ | 642 | */ |
633 | if (optional == OPTIONAL_PACKET && | 643 | if (optional == OPTIONAL_PACKET && |
634 | ret == GNUTLS_E_WARNING_ALERT_RECEIVED && | 644 | ret == GNUTLS_E_WARNING_ALERT_RECEIVED && |
635 | MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && | 645 | MHD__gnutls_protocol_get_version (session) == |
636 | MHD_gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE) | 646 | MHD_GNUTLS_PROTOCOL_SSL3 |
647 | && MHD_gnutls_alert_get (session) == | ||
648 | GNUTLS_A_SSL3_NO_CERTIFICATE) | ||
637 | { | 649 | { |
638 | 650 | ||
639 | /* SSL3 does not send an empty certificate, | 651 | /* SSL3 does not send an empty certificate, |
@@ -666,8 +678,9 @@ MHD_gtls_recv_client_certificate (MHD_gtls_session_t session) | |||
666 | return 0; | 678 | return 0; |
667 | } | 679 | } |
668 | ret = | 680 | ret = |
669 | session->internals.auth_struct-> | 681 | session->internals. |
670 | MHD_gtls_process_client_certificate (session, data, datasize); | 682 | auth_struct->MHD_gtls_process_client_certificate (session, data, |
683 | datasize); | ||
671 | 684 | ||
672 | MHD_gnutls_free (data); | 685 | MHD_gnutls_free (data); |
673 | if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) | 686 | if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) |
@@ -711,8 +724,9 @@ MHD_gtls_recv_server_certificate (MHD_gtls_session_t session) | |||
711 | } | 724 | } |
712 | 725 | ||
713 | ret = | 726 | ret = |
714 | session->internals.auth_struct-> | 727 | session->internals. |
715 | MHD_gtls_process_server_certificate (session, data, datasize); | 728 | auth_struct->MHD_gtls_process_server_certificate (session, data, |
729 | datasize); | ||
716 | MHD_gnutls_free (data); | 730 | MHD_gnutls_free (data); |
717 | if (ret < 0) | 731 | if (ret < 0) |
718 | { | 732 | { |
@@ -763,8 +777,9 @@ MHD_gtls_recv_client_certificate_verify_message (MHD_gtls_session_t session) | |||
763 | } | 777 | } |
764 | 778 | ||
765 | ret = | 779 | ret = |
766 | session->internals.auth_struct-> | 780 | session->internals. |
767 | MHD_gtls_process_client_cert_vrfy (session, data, datasize); | 781 | auth_struct->MHD_gtls_process_client_cert_vrfy (session, data, |
782 | datasize); | ||
768 | MHD_gnutls_free (data); | 783 | MHD_gnutls_free (data); |
769 | if (ret < 0) | 784 | if (ret < 0) |
770 | return ret; | 785 | return ret; |
diff --git a/src/daemon/https/tls/gnutls_mem.c b/src/daemon/https/tls/gnutls_mem.c index fda4099b..1f0a743d 100644 --- a/src/daemon/https/tls/gnutls_mem.c +++ b/src/daemon/https/tls/gnutls_mem.c | |||
@@ -40,7 +40,8 @@ MHD__gnutls_is_secure_mem_null (const void *ign) | |||
40 | return 0; | 40 | return 0; |
41 | } | 41 | } |
42 | 42 | ||
43 | int (*MHD__gnutls_is_secure_memory) (const void *) = MHD__gnutls_is_secure_mem_null; | 43 | int (*MHD__gnutls_is_secure_memory) (const void *) = |
44 | MHD__gnutls_is_secure_mem_null; | ||
44 | 45 | ||
45 | 46 | ||
46 | void * | 47 | void * |
diff --git a/src/daemon/https/tls/gnutls_mpi.c b/src/daemon/https/tls/gnutls_mpi.c index 034b189f..918e6480 100644 --- a/src/daemon/https/tls/gnutls_mpi.c +++ b/src/daemon/https/tls/gnutls_mpi.c | |||
@@ -241,7 +241,8 @@ MHD__gnutls_x509_read_int (ASN1_TYPE node, const char *value, mpi_t * ret_mpi) | |||
241 | /* Writes the specified integer into the specified node. | 241 | /* Writes the specified integer into the specified node. |
242 | */ | 242 | */ |
243 | int | 243 | int |
244 | MHD__gnutls_x509_write_int (ASN1_TYPE node, const char *value, mpi_t mpi, int lz) | 244 | MHD__gnutls_x509_write_int (ASN1_TYPE node, const char *value, mpi_t mpi, |
245 | int lz) | ||
245 | { | 246 | { |
246 | opaque *tmpstr; | 247 | opaque *tmpstr; |
247 | size_t s_len; | 248 | size_t s_len; |
diff --git a/src/daemon/https/tls/gnutls_pk.c b/src/daemon/https/tls/gnutls_pk.c index c4ec508a..7e170a32 100644 --- a/src/daemon/https/tls/gnutls_pk.c +++ b/src/daemon/https/tls/gnutls_pk.c | |||
@@ -41,13 +41,13 @@ | |||
41 | #include "mpi.h" | 41 | #include "mpi.h" |
42 | 42 | ||
43 | static int MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data, | 43 | static int MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data, |
44 | mpi_t * pkey, int pkey_len); | 44 | mpi_t * pkey, int pkey_len); |
45 | static int MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, | 45 | static int MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, |
46 | mpi_t * pkey, int); | 46 | mpi_t * pkey, int); |
47 | static int MHD__gnutls_pk_verify (int algo, mpi_t hash, mpi_t * data, | 47 | static int MHD__gnutls_pk_verify (int algo, mpi_t hash, mpi_t * data, |
48 | mpi_t * pkey, int); | 48 | mpi_t * pkey, int); |
49 | static int MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data, | 49 | static int MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data, |
50 | mpi_t * pkey, int); | 50 | mpi_t * pkey, int); |
51 | 51 | ||
52 | 52 | ||
53 | /* Do PKCS-1 RSA encryption. | 53 | /* Do PKCS-1 RSA encryption. |
@@ -104,7 +104,7 @@ MHD_gtls_pkcs1_rsa_encrypt (MHD_gnutls_datum_t * ciphertext, | |||
104 | return GNUTLS_E_INTERNAL_ERROR; | 104 | return GNUTLS_E_INTERNAL_ERROR; |
105 | } | 105 | } |
106 | 106 | ||
107 | if (MHD_gc_pseudo_random ((char*)ps, psize) != GC_OK) | 107 | if (MHD_gc_pseudo_random ((char *) ps, psize) != GC_OK) |
108 | { | 108 | { |
109 | MHD_gnutls_assert (); | 109 | MHD_gnutls_assert (); |
110 | MHD_gnutls_afree (edata); | 110 | MHD_gnutls_afree (edata); |
@@ -113,7 +113,7 @@ MHD_gtls_pkcs1_rsa_encrypt (MHD_gnutls_datum_t * ciphertext, | |||
113 | for (i = 0; i < psize; i++) | 113 | for (i = 0; i < psize; i++) |
114 | while (ps[i] == 0) | 114 | while (ps[i] == 0) |
115 | { | 115 | { |
116 | if (MHD_gc_pseudo_random ((char*) &ps[i], 1) != GC_OK) | 116 | if (MHD_gc_pseudo_random ((char *) &ps[i], 1) != GC_OK) |
117 | { | 117 | { |
118 | MHD_gnutls_assert (); | 118 | MHD_gnutls_assert (); |
119 | MHD_gnutls_afree (edata); | 119 | MHD_gnutls_afree (edata); |
@@ -391,8 +391,8 @@ encode_ber_rs (MHD_gnutls_datum_t * sig_value, mpi_t r, mpi_t s) | |||
391 | 391 | ||
392 | if ((result = | 392 | if ((result = |
393 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), | 393 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
394 | "GNUTLS.DSASignatureValue", | 394 | "GNUTLS.DSASignatureValue", |
395 | &sig)) != ASN1_SUCCESS) | 395 | &sig)) != ASN1_SUCCESS) |
396 | { | 396 | { |
397 | MHD_gnutls_assert (); | 397 | MHD_gnutls_assert (); |
398 | return MHD_gtls_asn2err (result); | 398 | return MHD_gtls_asn2err (result); |
@@ -489,14 +489,15 @@ decode_ber_rs (const MHD_gnutls_datum_t * sig_value, mpi_t * r, mpi_t * s) | |||
489 | 489 | ||
490 | if ((result = | 490 | if ((result = |
491 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), | 491 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
492 | "GNUTLS.DSASignatureValue", | 492 | "GNUTLS.DSASignatureValue", |
493 | &sig)) != ASN1_SUCCESS) | 493 | &sig)) != ASN1_SUCCESS) |
494 | { | 494 | { |
495 | MHD_gnutls_assert (); | 495 | MHD_gnutls_assert (); |
496 | return MHD_gtls_asn2err (result); | 496 | return MHD_gtls_asn2err (result); |
497 | } | 497 | } |
498 | 498 | ||
499 | result = MHD__asn1_der_decoding (&sig, sig_value->data, sig_value->size, NULL); | 499 | result = |
500 | MHD__asn1_der_decoding (&sig, sig_value->data, sig_value->size, NULL); | ||
500 | if (result != ASN1_SUCCESS) | 501 | if (result != ASN1_SUCCESS) |
501 | { | 502 | { |
502 | MHD_gnutls_assert (); | 503 | MHD_gnutls_assert (); |
@@ -585,7 +586,7 @@ MHD_gtls_dsa_verify (const MHD_gnutls_datum_t * vdata, | |||
585 | */ | 586 | */ |
586 | static int | 587 | static int |
587 | MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data, | 588 | MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data, |
588 | mpi_t * pkey, int pkey_len) | 589 | mpi_t * pkey, int pkey_len) |
589 | { | 590 | { |
590 | gcry_sexp_t s_ciph, s_data, s_pkey; | 591 | gcry_sexp_t s_ciph, s_data, s_pkey; |
591 | int rc = -1; | 592 | int rc = -1; |
@@ -657,7 +658,7 @@ MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data, | |||
657 | 658 | ||
658 | static int | 659 | static int |
659 | MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data, mpi_t * pkey, | 660 | MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data, mpi_t * pkey, |
660 | int pkey_len) | 661 | int pkey_len) |
661 | { | 662 | { |
662 | gcry_sexp_t s_plain, s_data, s_pkey; | 663 | gcry_sexp_t s_plain, s_data, s_pkey; |
663 | int rc = -1; | 664 | int rc = -1; |
@@ -724,7 +725,7 @@ MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data, mpi_t * pkey, | |||
724 | */ | 725 | */ |
725 | static int | 726 | static int |
726 | MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, mpi_t * pkey, | 727 | MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, mpi_t * pkey, |
727 | int pkey_len) | 728 | int pkey_len) |
728 | { | 729 | { |
729 | gcry_sexp_t s_hash, s_key, s_sig; | 730 | gcry_sexp_t s_hash, s_key, s_sig; |
730 | int rc = -1; | 731 | int rc = -1; |
@@ -834,7 +835,7 @@ MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, mpi_t * pkey, | |||
834 | 835 | ||
835 | static int | 836 | static int |
836 | MHD__gnutls_pk_verify (int algo, mpi_t hash, mpi_t * data, | 837 | MHD__gnutls_pk_verify (int algo, mpi_t hash, mpi_t * data, |
837 | mpi_t * pkey, int pkey_len) | 838 | mpi_t * pkey, int pkey_len) |
838 | { | 839 | { |
839 | gcry_sexp_t s_sig, s_hash, s_pkey; | 840 | gcry_sexp_t s_sig, s_hash, s_pkey; |
840 | int rc = -1; | 841 | int rc = -1; |
diff --git a/src/daemon/https/tls/gnutls_pk.h b/src/daemon/https/tls/gnutls_pk.h index bd153a45..9c4fa16f 100644 --- a/src/daemon/https/tls/gnutls_pk.h +++ b/src/daemon/https/tls/gnutls_pk.h | |||
@@ -37,8 +37,8 @@ int MHD_gtls_pkcs1_rsa_decrypt (MHD_gnutls_datum_t * plaintext, | |||
37 | mpi_t * params, unsigned params_len, | 37 | mpi_t * params, unsigned params_len, |
38 | unsigned btype); | 38 | unsigned btype); |
39 | int MHD_gtls_rsa_verify (const MHD_gnutls_datum_t * vdata, | 39 | int MHD_gtls_rsa_verify (const MHD_gnutls_datum_t * vdata, |
40 | const MHD_gnutls_datum_t * ciphertext, mpi_t * params, | 40 | const MHD_gnutls_datum_t * ciphertext, |
41 | int params_len, int btype); | 41 | mpi_t * params, int params_len, int btype); |
42 | int MHD_gtls_dsa_verify (const MHD_gnutls_datum_t * vdata, | 42 | int MHD_gtls_dsa_verify (const MHD_gnutls_datum_t * vdata, |
43 | const MHD_gnutls_datum_t * sig_value, mpi_t * params, | 43 | const MHD_gnutls_datum_t * sig_value, mpi_t * params, |
44 | int params_len); | 44 | int params_len); |
diff --git a/src/daemon/https/tls/gnutls_priority.c b/src/daemon/https/tls/gnutls_priority.c index 06398e83..62bf3489 100644 --- a/src/daemon/https/tls/gnutls_priority.c +++ b/src/daemon/https/tls/gnutls_priority.c | |||
@@ -71,11 +71,10 @@ _set_priority (MHD_gtls_priority_st * st, const int *list) | |||
71 | { | 71 | { |
72 | int num = 0; | 72 | int num = 0; |
73 | 73 | ||
74 | while ( (list[num] != 0) && | 74 | while ((list[num] != 0) && (num < MAX_ALGOS)) |
75 | (num < MAX_ALGOS) ) | ||
76 | num++; | 75 | num++; |
77 | st->num_algorithms = num; | 76 | st->num_algorithms = num; |
78 | memcpy(st->priority, list, num * sizeof(int)); | 77 | memcpy (st->priority, list, num * sizeof (int)); |
79 | return 0; | 78 | return 0; |
80 | } | 79 | } |
81 | 80 | ||
@@ -142,7 +141,7 @@ MHD__gnutls_mac_set_priority (MHD_gtls_session_t session, const int *list) | |||
142 | **/ | 141 | **/ |
143 | int | 142 | int |
144 | MHD__gnutls_compression_set_priority (MHD_gtls_session_t session, | 143 | MHD__gnutls_compression_set_priority (MHD_gtls_session_t session, |
145 | const int *list) | 144 | const int *list) |
146 | { | 145 | { |
147 | return _set_priority (&session->internals.priorities.compression, list); | 146 | return _set_priority (&session->internals.priorities.compression, list); |
148 | } | 147 | } |
@@ -160,7 +159,8 @@ MHD__gnutls_compression_set_priority (MHD_gtls_session_t session, | |||
160 | * | 159 | * |
161 | **/ | 160 | **/ |
162 | int | 161 | int |
163 | MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session, const int *list) | 162 | MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session, |
163 | const int *list) | ||
164 | { | 164 | { |
165 | int ret; | 165 | int ret; |
166 | 166 | ||
@@ -190,7 +190,7 @@ MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session, const int *list) | |||
190 | **/ | 190 | **/ |
191 | int | 191 | int |
192 | MHD__gnutls_certificate_type_set_priority (MHD_gtls_session_t session, | 192 | MHD__gnutls_certificate_type_set_priority (MHD_gtls_session_t session, |
193 | const int *list) | 193 | const int *list) |
194 | { | 194 | { |
195 | #if ENABLE_OPENPGP | 195 | #if ENABLE_OPENPGP |
196 | return _set_priority (&session->internals.priorities.cert_type, list); | 196 | return _set_priority (&session->internals.priorities.cert_type, list); |
@@ -243,7 +243,7 @@ typedef void (rmadd_func) (MHD_gtls_priority_st * priority_list, int alg); | |||
243 | **/ | 243 | **/ |
244 | int | 244 | int |
245 | MHD__gnutls_priority_set (MHD_gtls_session_t session, | 245 | MHD__gnutls_priority_set (MHD_gtls_session_t session, |
246 | MHD_gnutls_priority_t priority) | 246 | MHD_gnutls_priority_t priority) |
247 | { | 247 | { |
248 | if (priority == NULL) | 248 | if (priority == NULL) |
249 | { | 249 | { |
@@ -326,7 +326,8 @@ int | |||
326 | MHD_tls_set_default_priority (MHD_gnutls_priority_t * priority_cache, | 326 | MHD_tls_set_default_priority (MHD_gnutls_priority_t * priority_cache, |
327 | const char *priorities, const char **err_pos) | 327 | const char *priorities, const char **err_pos) |
328 | { | 328 | { |
329 | *priority_cache = MHD_gnutls_calloc (1, sizeof (struct MHD_gtls_priority_st)); | 329 | *priority_cache = |
330 | MHD_gnutls_calloc (1, sizeof (struct MHD_gtls_priority_st)); | ||
330 | if (*priority_cache == NULL) | 331 | if (*priority_cache == NULL) |
331 | { | 332 | { |
332 | MHD_gnutls_assert (); | 333 | MHD_gnutls_assert (); |
@@ -375,7 +376,7 @@ MHD__gnutls_priority_deinit (MHD_gnutls_priority_t priority_cache) | |||
375 | **/ | 376 | **/ |
376 | int | 377 | int |
377 | MHD__gnutls_priority_set_direct (MHD_gtls_session_t session, | 378 | MHD__gnutls_priority_set_direct (MHD_gtls_session_t session, |
378 | const char *priorities, const char **err_pos) | 379 | const char *priorities, const char **err_pos) |
379 | { | 380 | { |
380 | MHD_gnutls_priority_t prio; | 381 | MHD_gnutls_priority_t prio; |
381 | int ret; | 382 | int ret; |
diff --git a/src/daemon/https/tls/gnutls_record.c b/src/daemon/https/tls/gnutls_record.c index 9ccdb1e3..80d5f70f 100644 --- a/src/daemon/https/tls/gnutls_record.c +++ b/src/daemon/https/tls/gnutls_record.c | |||
@@ -109,7 +109,7 @@ MHD_gtls_record_disable_padding (MHD_gtls_session_t session) | |||
109 | **/ | 109 | **/ |
110 | void | 110 | void |
111 | MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session, | 111 | MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session, |
112 | MHD_gnutls_transport_ptr_t ptr) | 112 | MHD_gnutls_transport_ptr_t ptr) |
113 | { | 113 | { |
114 | session->internals.transport_recv_ptr = ptr; | 114 | session->internals.transport_recv_ptr = ptr; |
115 | session->internals.transport_send_ptr = ptr; | 115 | session->internals.transport_send_ptr = ptr; |
@@ -128,8 +128,8 @@ MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session, | |||
128 | **/ | 128 | **/ |
129 | void | 129 | void |
130 | MHD__gnutls_transport_set_ptr2 (MHD_gtls_session_t session, | 130 | MHD__gnutls_transport_set_ptr2 (MHD_gtls_session_t session, |
131 | MHD_gnutls_transport_ptr_t recv_ptr, | 131 | MHD_gnutls_transport_ptr_t recv_ptr, |
132 | MHD_gnutls_transport_ptr_t send_ptr) | 132 | MHD_gnutls_transport_ptr_t send_ptr) |
133 | { | 133 | { |
134 | session->internals.transport_send_ptr = send_ptr; | 134 | session->internals.transport_send_ptr = send_ptr; |
135 | session->internals.transport_recv_ptr = recv_ptr; | 135 | session->internals.transport_recv_ptr = recv_ptr; |
@@ -188,7 +188,7 @@ MHD__gnutls_bye (MHD_gtls_session_t session, MHD_gnutls_close_request_t how) | |||
188 | case STATE61: | 188 | case STATE61: |
189 | ret = | 189 | ret = |
190 | MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING, | 190 | MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING, |
191 | GNUTLS_A_CLOSE_NOTIFY); | 191 | GNUTLS_A_CLOSE_NOTIFY); |
192 | STATE = STATE61; | 192 | STATE = STATE61; |
193 | if (ret < 0) | 193 | if (ret < 0) |
194 | { | 194 | { |
@@ -258,7 +258,8 @@ session_is_valid (MHD_gtls_session_t session) | |||
258 | */ | 258 | */ |
259 | inline static void | 259 | inline static void |
260 | copy_record_version (MHD_gtls_session_t session, | 260 | copy_record_version (MHD_gtls_session_t session, |
261 | MHD_gnutls_handshake_description_t htype, opaque version[2]) | 261 | MHD_gnutls_handshake_description_t htype, |
262 | opaque version[2]) | ||
262 | { | 263 | { |
263 | enum MHD_GNUTLS_Protocol lver; | 264 | enum MHD_GNUTLS_Protocol lver; |
264 | 265 | ||
@@ -331,8 +332,8 @@ MHD_gtls_send_int (MHD_gtls_session_t session, | |||
331 | 332 | ||
332 | MHD__gnutls_record_log | 333 | MHD__gnutls_record_log |
333 | ("REC[%x]: Sending Packet[%d] %s(%d) with length: %d\n", session, | 334 | ("REC[%x]: Sending Packet[%d] %s(%d) with length: %d\n", session, |
334 | (int) MHD_gtls_uint64touint32 (&session->connection_state. | 335 | (int) MHD_gtls_uint64touint32 (&session-> |
335 | write_sequence_number), | 336 | connection_state.write_sequence_number), |
336 | MHD__gnutls_packet2str (type), type, sizeofdata); | 337 | MHD__gnutls_packet2str (type), type, sizeofdata); |
337 | 338 | ||
338 | if (sizeofdata > MAX_RECORD_SEND_SIZE) | 339 | if (sizeofdata > MAX_RECORD_SEND_SIZE) |
@@ -424,11 +425,11 @@ MHD_gtls_send_int (MHD_gtls_session_t session, | |||
424 | session->internals.record_send_buffer_user_size = 0; | 425 | session->internals.record_send_buffer_user_size = 0; |
425 | 426 | ||
426 | MHD__gnutls_record_log ("REC[%x]: Sent Packet[%d] %s(%d) with length: %d\n", | 427 | MHD__gnutls_record_log ("REC[%x]: Sent Packet[%d] %s(%d) with length: %d\n", |
427 | session, | 428 | session, |
428 | (int) | 429 | (int) |
429 | MHD_gtls_uint64touint32 | 430 | MHD_gtls_uint64touint32 |
430 | (&session->connection_state.write_sequence_number), | 431 | (&session->connection_state.write_sequence_number), |
431 | MHD__gnutls_packet2str (type), type, cipher_size); | 432 | MHD__gnutls_packet2str (type), type, cipher_size); |
432 | 433 | ||
433 | return retval; | 434 | return retval; |
434 | } | 435 | } |
@@ -547,7 +548,7 @@ record_check_headers (MHD_gtls_session_t session, | |||
547 | session->internals.v2_hello = *length; | 548 | session->internals.v2_hello = *length; |
548 | 549 | ||
549 | MHD__gnutls_record_log ("REC[%x]: V2 packet received. Length: %d\n", | 550 | MHD__gnutls_record_log ("REC[%x]: V2 packet received. Length: %d\n", |
550 | session, *length); | 551 | session, *length); |
551 | 552 | ||
552 | } | 553 | } |
553 | else | 554 | else |
@@ -570,7 +571,8 @@ record_check_headers (MHD_gtls_session_t session, | |||
570 | */ | 571 | */ |
571 | inline static int | 572 | inline static int |
572 | record_check_version (MHD_gtls_session_t session, | 573 | record_check_version (MHD_gtls_session_t session, |
573 | MHD_gnutls_handshake_description_t htype, opaque version[2]) | 574 | MHD_gnutls_handshake_description_t htype, |
575 | opaque version[2]) | ||
574 | { | 576 | { |
575 | if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO) | 577 | if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO) |
576 | { | 578 | { |
@@ -595,7 +597,7 @@ record_check_version (MHD_gtls_session_t session, | |||
595 | */ | 597 | */ |
596 | MHD_gnutls_assert (); | 598 | MHD_gnutls_assert (); |
597 | MHD__gnutls_record_log ("REC[%x]: INVALID VERSION PACKET: (%d) %d.%d\n", | 599 | MHD__gnutls_record_log ("REC[%x]: INVALID VERSION PACKET: (%d) %d.%d\n", |
598 | session, htype, version[0], version[1]); | 600 | session, htype, version[0], version[1]); |
599 | 601 | ||
600 | return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; | 602 | return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; |
601 | } | 603 | } |
@@ -769,7 +771,8 @@ get_temp_recv_buffer (MHD_gtls_session_t session, MHD_gnutls_datum_t * tmp) | |||
769 | */ | 771 | */ |
770 | session->internals.recv_buffer.data | 772 | session->internals.recv_buffer.data |
771 | = | 773 | = |
772 | MHD_gnutls_realloc (session->internals.recv_buffer.data, max_record_size); | 774 | MHD_gnutls_realloc (session->internals.recv_buffer.data, |
775 | max_record_size); | ||
773 | 776 | ||
774 | if (session->internals.recv_buffer.data == NULL) | 777 | if (session->internals.recv_buffer.data == NULL) |
775 | { | 778 | { |
@@ -895,15 +898,14 @@ begin: | |||
895 | 898 | ||
896 | MHD__gnutls_record_log | 899 | MHD__gnutls_record_log |
897 | ("REC[%x]: Expected Packet[%d] %s(%d) with length: %d\n", session, | 900 | ("REC[%x]: Expected Packet[%d] %s(%d) with length: %d\n", session, |
898 | (int) MHD_gtls_uint64touint32 (&session->connection_state. | 901 | (int) MHD_gtls_uint64touint32 (&session-> |
899 | read_sequence_number), | 902 | connection_state.read_sequence_number), |
900 | MHD__gnutls_packet2str (type), type, sizeofdata); | 903 | MHD__gnutls_packet2str (type), type, sizeofdata); |
901 | MHD__gnutls_record_log ("REC[%x]: Received Packet[%d] %s(%d) with length: %d\n", | 904 | MHD__gnutls_record_log |
902 | session, | 905 | ("REC[%x]: Received Packet[%d] %s(%d) with length: %d\n", session, |
903 | (int) | 906 | (int) MHD_gtls_uint64touint32 (&session-> |
904 | MHD_gtls_uint64touint32 (&session->connection_state. | 907 | connection_state.read_sequence_number), |
905 | read_sequence_number), | 908 | MHD__gnutls_packet2str (recv_type), recv_type, length); |
906 | MHD__gnutls_packet2str (recv_type), recv_type, length); | ||
907 | 909 | ||
908 | if (length > MAX_RECV_SIZE) | 910 | if (length > MAX_RECV_SIZE) |
909 | { | 911 | { |
@@ -978,8 +980,8 @@ begin: | |||
978 | 980 | ||
979 | MHD__gnutls_record_log | 981 | MHD__gnutls_record_log |
980 | ("REC[%x]: Decrypted Packet[%d] %s(%d) with length: %d\n", session, | 982 | ("REC[%x]: Decrypted Packet[%d] %s(%d) with length: %d\n", session, |
981 | (int) MHD_gtls_uint64touint32 (&session->connection_state. | 983 | (int) MHD_gtls_uint64touint32 (&session-> |
982 | read_sequence_number), | 984 | connection_state.read_sequence_number), |
983 | MHD__gnutls_packet2str (recv_type), recv_type, decrypted_length); | 985 | MHD__gnutls_packet2str (recv_type), recv_type, decrypted_length); |
984 | 986 | ||
985 | /* increase sequence number | 987 | /* increase sequence number |
@@ -1082,7 +1084,7 @@ begin: | |||
1082 | **/ | 1084 | **/ |
1083 | ssize_t | 1085 | ssize_t |
1084 | MHD__gnutls_record_send (MHD_gtls_session_t session, | 1086 | MHD__gnutls_record_send (MHD_gtls_session_t session, |
1085 | const void *data, size_t sizeofdata) | 1087 | const void *data, size_t sizeofdata) |
1086 | { | 1088 | { |
1087 | return MHD_gtls_send_int (session, GNUTLS_APPLICATION_DATA, -1, data, | 1089 | return MHD_gtls_send_int (session, GNUTLS_APPLICATION_DATA, -1, data, |
1088 | sizeofdata); | 1090 | sizeofdata); |
@@ -1120,7 +1122,7 @@ MHD__gnutls_record_send (MHD_gtls_session_t session, | |||
1120 | **/ | 1122 | **/ |
1121 | ssize_t | 1123 | ssize_t |
1122 | MHD__gnutls_record_recv (MHD_gtls_session_t session, void *data, | 1124 | MHD__gnutls_record_recv (MHD_gtls_session_t session, void *data, |
1123 | size_t sizeofdata) | 1125 | size_t sizeofdata) |
1124 | { | 1126 | { |
1125 | return MHD_gtls_recv_int (session, GNUTLS_APPLICATION_DATA, -1, data, | 1127 | return MHD_gtls_recv_int (session, GNUTLS_APPLICATION_DATA, -1, data, |
1126 | sizeofdata); | 1128 | sizeofdata); |
diff --git a/src/daemon/https/tls/gnutls_rsa_export.c b/src/daemon/https/tls/gnutls_rsa_export.c index d48ee327..65f97c76 100644 --- a/src/daemon/https/tls/gnutls_rsa_export.c +++ b/src/daemon/https/tls/gnutls_rsa_export.c | |||
@@ -61,4 +61,3 @@ MHD__gnutls_rsa_params_deinit (MHD_gtls_rsa_params_t rsa_params) | |||
61 | { | 61 | { |
62 | MHD_gnutls_x509_privkey_deinit (rsa_params); | 62 | MHD_gnutls_x509_privkey_deinit (rsa_params); |
63 | } | 63 | } |
64 | |||
diff --git a/src/daemon/https/tls/gnutls_rsa_export.h b/src/daemon/https/tls/gnutls_rsa_export.h index a34dfe9d..a28f4297 100644 --- a/src/daemon/https/tls/gnutls_rsa_export.h +++ b/src/daemon/https/tls/gnutls_rsa_export.h | |||
@@ -24,4 +24,3 @@ | |||
24 | 24 | ||
25 | const mpi_t *MHD__gnutls_rsa_params_to_mpi (MHD_gtls_rsa_params_t); | 25 | const mpi_t *MHD__gnutls_rsa_params_to_mpi (MHD_gtls_rsa_params_t); |
26 | int MHD__gnutls_peers_cert_less_512 (MHD_gtls_session_t session); | 26 | int MHD__gnutls_peers_cert_less_512 (MHD_gtls_session_t session); |
27 | |||
diff --git a/src/daemon/https/tls/gnutls_session.c b/src/daemon/https/tls/gnutls_session.c index 81a56d5c..b7ba3764 100644 --- a/src/daemon/https/tls/gnutls_session.c +++ b/src/daemon/https/tls/gnutls_session.c | |||
@@ -69,4 +69,3 @@ MHD_gtls_session_get_id (MHD_gtls_session_t session, | |||
69 | 69 | ||
70 | return 0; | 70 | return 0; |
71 | } | 71 | } |
72 | |||
diff --git a/src/daemon/https/tls/gnutls_session_pack.c b/src/daemon/https/tls/gnutls_session_pack.c index 258cd9c2..ab359f6c 100644 --- a/src/daemon/https/tls/gnutls_session_pack.c +++ b/src/daemon/https/tls/gnutls_session_pack.c | |||
@@ -50,7 +50,8 @@ static int unpack_certificate_auth_info (MHD_gtls_session_t, | |||
50 | packed_session); | 50 | packed_session); |
51 | 51 | ||
52 | static int unpack_security_parameters (MHD_gtls_session_t session, | 52 | static int unpack_security_parameters (MHD_gtls_session_t session, |
53 | const MHD_gnutls_datum_t * packed_session); | 53 | const MHD_gnutls_datum_t * |
54 | packed_session); | ||
54 | static int pack_security_parameters (MHD_gtls_session_t session, | 55 | static int pack_security_parameters (MHD_gtls_session_t session, |
55 | MHD_gnutls_datum_t * packed_session); | 56 | MHD_gnutls_datum_t * packed_session); |
56 | 57 | ||
@@ -180,7 +181,8 @@ unpack_anon_auth_info (MHD_gtls_session_t session, | |||
180 | 181 | ||
181 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); | 182 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); |
182 | pos += 4; | 183 | pos += 4; |
183 | ret = MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size); | 184 | ret = |
185 | MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size); | ||
184 | if (ret < 0) | 186 | if (ret < 0) |
185 | { | 187 | { |
186 | MHD_gnutls_assert (); | 188 | MHD_gnutls_assert (); |
@@ -191,7 +193,8 @@ unpack_anon_auth_info (MHD_gtls_session_t session, | |||
191 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); | 193 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); |
192 | pos += 4; | 194 | pos += 4; |
193 | ret = | 195 | ret = |
194 | MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos], size); | 196 | MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos], |
197 | size); | ||
195 | if (ret < 0) | 198 | if (ret < 0) |
196 | { | 199 | { |
197 | MHD_gnutls_assert (); | 200 | MHD_gnutls_assert (); |
@@ -203,7 +206,7 @@ unpack_anon_auth_info (MHD_gtls_session_t session, | |||
203 | pos += 4; | 206 | pos += 4; |
204 | ret = | 207 | ret = |
205 | MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos], | 208 | MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos], |
206 | size); | 209 | size); |
207 | if (ret < 0) | 210 | if (ret < 0) |
208 | { | 211 | { |
209 | MHD_gnutls_assert (); | 212 | MHD_gnutls_assert (); |
@@ -534,7 +537,8 @@ unpack_certificate_auth_info (MHD_gtls_session_t session, | |||
534 | 537 | ||
535 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); | 538 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); |
536 | pos += 4; | 539 | pos += 4; |
537 | ret = MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size); | 540 | ret = |
541 | MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size); | ||
538 | if (ret < 0) | 542 | if (ret < 0) |
539 | { | 543 | { |
540 | MHD_gnutls_assert (); | 544 | MHD_gnutls_assert (); |
@@ -545,7 +549,8 @@ unpack_certificate_auth_info (MHD_gtls_session_t session, | |||
545 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); | 549 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); |
546 | pos += 4; | 550 | pos += 4; |
547 | ret = | 551 | ret = |
548 | MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos], size); | 552 | MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos], |
553 | size); | ||
549 | if (ret < 0) | 554 | if (ret < 0) |
550 | { | 555 | { |
551 | MHD_gnutls_assert (); | 556 | MHD_gnutls_assert (); |
@@ -557,7 +562,7 @@ unpack_certificate_auth_info (MHD_gtls_session_t session, | |||
557 | pos += 4; | 562 | pos += 4; |
558 | ret = | 563 | ret = |
559 | MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos], | 564 | MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos], |
560 | size); | 565 | size); |
561 | if (ret < 0) | 566 | if (ret < 0) |
562 | { | 567 | { |
563 | MHD_gnutls_assert (); | 568 | MHD_gnutls_assert (); |
@@ -569,7 +574,7 @@ unpack_certificate_auth_info (MHD_gtls_session_t session, | |||
569 | pos += 4; | 574 | pos += 4; |
570 | ret = | 575 | ret = |
571 | MHD__gnutls_set_datum (&info->rsa_export.modulus, | 576 | MHD__gnutls_set_datum (&info->rsa_export.modulus, |
572 | &packed_session->data[pos], size); | 577 | &packed_session->data[pos], size); |
573 | if (ret < 0) | 578 | if (ret < 0) |
574 | { | 579 | { |
575 | MHD_gnutls_assert (); | 580 | MHD_gnutls_assert (); |
@@ -581,7 +586,7 @@ unpack_certificate_auth_info (MHD_gtls_session_t session, | |||
581 | pos += 4; | 586 | pos += 4; |
582 | ret = | 587 | ret = |
583 | MHD__gnutls_set_datum (&info->rsa_export.exponent, | 588 | MHD__gnutls_set_datum (&info->rsa_export.exponent, |
584 | &packed_session->data[pos], size); | 589 | &packed_session->data[pos], size); |
585 | if (ret < 0) | 590 | if (ret < 0) |
586 | { | 591 | { |
587 | MHD_gnutls_assert (); | 592 | MHD_gnutls_assert (); |
@@ -611,7 +616,7 @@ unpack_certificate_auth_info (MHD_gtls_session_t session, | |||
611 | 616 | ||
612 | ret = | 617 | ret = |
613 | MHD__gnutls_set_datum (&info->raw_certificate_list[i], | 618 | MHD__gnutls_set_datum (&info->raw_certificate_list[i], |
614 | &packed_session->data[pos], size); | 619 | &packed_session->data[pos], size); |
615 | pos += size; | 620 | pos += size; |
616 | 621 | ||
617 | if (ret < 0) | 622 | if (ret < 0) |
@@ -881,7 +886,8 @@ unpack_psk_auth_info (MHD_gtls_session_t session, | |||
881 | 886 | ||
882 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); | 887 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); |
883 | pos += 4; | 888 | pos += 4; |
884 | ret = MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size); | 889 | ret = |
890 | MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size); | ||
885 | if (ret < 0) | 891 | if (ret < 0) |
886 | { | 892 | { |
887 | MHD_gnutls_assert (); | 893 | MHD_gnutls_assert (); |
@@ -892,7 +898,8 @@ unpack_psk_auth_info (MHD_gtls_session_t session, | |||
892 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); | 898 | size = MHD_gtls_read_uint32 (&packed_session->data[pos]); |
893 | pos += 4; | 899 | pos += 4; |
894 | ret = | 900 | ret = |
895 | MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos], size); | 901 | MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos], |
902 | size); | ||
896 | if (ret < 0) | 903 | if (ret < 0) |
897 | { | 904 | { |
898 | MHD_gnutls_assert (); | 905 | MHD_gnutls_assert (); |
@@ -904,7 +911,7 @@ unpack_psk_auth_info (MHD_gtls_session_t session, | |||
904 | pos += 4; | 911 | pos += 4; |
905 | ret = | 912 | ret = |
906 | MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos], | 913 | MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos], |
907 | size); | 914 | size); |
908 | if (ret < 0) | 915 | if (ret < 0) |
909 | { | 916 | { |
910 | MHD_gnutls_assert (); | 917 | MHD_gnutls_assert (); |
@@ -1045,8 +1052,9 @@ pack_security_parameters (MHD_gtls_session_t session, | |||
1045 | session->security_parameters.extensions.srp_username, len); | 1052 | session->security_parameters.extensions.srp_username, len); |
1046 | pos += len; | 1053 | pos += len; |
1047 | 1054 | ||
1048 | MHD_gtls_write_uint16 (session->security_parameters.extensions. | 1055 | MHD_gtls_write_uint16 (session->security_parameters. |
1049 | server_names_size, &packed_session->data[pos]); | 1056 | extensions.server_names_size, |
1057 | &packed_session->data[pos]); | ||
1050 | pos += 2; | 1058 | pos += 2; |
1051 | 1059 | ||
1052 | for (i = 0; i < session->security_parameters.extensions.server_names_size; | 1060 | for (i = 0; i < session->security_parameters.extensions.server_names_size; |
@@ -1054,15 +1062,15 @@ pack_security_parameters (MHD_gtls_session_t session, | |||
1054 | { | 1062 | { |
1055 | packed_session->data[pos++] = | 1063 | packed_session->data[pos++] = |
1056 | session->security_parameters.extensions.server_names[i].type; | 1064 | session->security_parameters.extensions.server_names[i].type; |
1057 | MHD_gtls_write_uint16 (session->security_parameters.extensions. | 1065 | MHD_gtls_write_uint16 (session->security_parameters. |
1058 | server_names[i].name_length, | 1066 | extensions.server_names[i].name_length, |
1059 | &packed_session->data[pos]); | 1067 | &packed_session->data[pos]); |
1060 | pos += 2; | 1068 | pos += 2; |
1061 | 1069 | ||
1062 | memcpy (&packed_session->data[pos], | 1070 | memcpy (&packed_session->data[pos], |
1063 | session->security_parameters.extensions.server_names[i].name, | 1071 | session->security_parameters.extensions.server_names[i].name, |
1064 | session->security_parameters.extensions.server_names[i]. | 1072 | session->security_parameters.extensions. |
1065 | name_length); | 1073 | server_names[i].name_length); |
1066 | pos += | 1074 | pos += |
1067 | session->security_parameters.extensions.server_names[i].name_length; | 1075 | session->security_parameters.extensions.server_names[i].name_length; |
1068 | } | 1076 | } |
@@ -1121,10 +1129,10 @@ unpack_security_parameters (MHD_gtls_session_t session, | |||
1121 | packed_session->data[pos++]; | 1129 | packed_session->data[pos++]; |
1122 | session->internals.resumed_security_parameters.write_compression_algorithm = | 1130 | session->internals.resumed_security_parameters.write_compression_algorithm = |
1123 | packed_session->data[pos++]; | 1131 | packed_session->data[pos++]; |
1124 | session->internals.resumed_security_parameters.current_cipher_suite. | 1132 | session->internals.resumed_security_parameters. |
1125 | suite[0] = packed_session->data[pos++]; | 1133 | current_cipher_suite.suite[0] = packed_session->data[pos++]; |
1126 | session->internals.resumed_security_parameters.current_cipher_suite. | 1134 | session->internals.resumed_security_parameters. |
1127 | suite[1] = packed_session->data[pos++]; | 1135 | current_cipher_suite.suite[1] = packed_session->data[pos++]; |
1128 | 1136 | ||
1129 | session->internals.resumed_security_parameters.cert_type = | 1137 | session->internals.resumed_security_parameters.cert_type = |
1130 | packed_session->data[pos++]; | 1138 | packed_session->data[pos++]; |
@@ -1173,34 +1181,35 @@ unpack_security_parameters (MHD_gtls_session_t session, | |||
1173 | 1181 | ||
1174 | /* SRP */ | 1182 | /* SRP */ |
1175 | len = packed_session->data[pos++]; /* srp username length */ | 1183 | len = packed_session->data[pos++]; /* srp username length */ |
1176 | memcpy (session->internals.resumed_security_parameters.extensions. | 1184 | memcpy (session->internals.resumed_security_parameters. |
1177 | srp_username, &packed_session->data[pos], len); | 1185 | extensions.srp_username, &packed_session->data[pos], len); |
1178 | session->internals.resumed_security_parameters.extensions. | 1186 | session->internals.resumed_security_parameters. |
1179 | srp_username[len] = 0; | 1187 | extensions.srp_username[len] = 0; |
1180 | pos += len; | 1188 | pos += len; |
1181 | 1189 | ||
1182 | session->internals.resumed_security_parameters.extensions. | 1190 | session->internals.resumed_security_parameters. |
1183 | server_names_size = MHD_gtls_read_uint16 (&packed_session->data[pos]); | 1191 | extensions.server_names_size = |
1192 | MHD_gtls_read_uint16 (&packed_session->data[pos]); | ||
1184 | pos += 2; | 1193 | pos += 2; |
1185 | for (i = 0; | 1194 | for (i = 0; |
1186 | i < | 1195 | i < |
1187 | session->internals.resumed_security_parameters.extensions. | 1196 | session->internals.resumed_security_parameters. |
1188 | server_names_size; i++) | 1197 | extensions.server_names_size; i++) |
1189 | { | 1198 | { |
1190 | session->internals.resumed_security_parameters.extensions. | 1199 | session->internals.resumed_security_parameters. |
1191 | server_names[i].type = packed_session->data[pos++]; | 1200 | extensions.server_names[i].type = packed_session->data[pos++]; |
1192 | session->internals.resumed_security_parameters.extensions. | 1201 | session->internals.resumed_security_parameters. |
1193 | server_names[i].name_length = | 1202 | extensions.server_names[i].name_length = |
1194 | MHD_gtls_read_uint16 (&packed_session->data[pos]); | 1203 | MHD_gtls_read_uint16 (&packed_session->data[pos]); |
1195 | pos += 2; | 1204 | pos += 2; |
1196 | 1205 | ||
1197 | memcpy (session->internals.resumed_security_parameters.extensions. | 1206 | memcpy (session->internals.resumed_security_parameters. |
1198 | server_names[i].name, &packed_session->data[pos], | 1207 | extensions.server_names[i].name, &packed_session->data[pos], |
1199 | session->internals.resumed_security_parameters.extensions. | 1208 | session->internals.resumed_security_parameters. |
1200 | server_names[i].name_length); | 1209 | extensions.server_names[i].name_length); |
1201 | pos += | 1210 | pos += |
1202 | session->internals.resumed_security_parameters.extensions. | 1211 | session->internals.resumed_security_parameters. |
1203 | server_names[i].name_length; | 1212 | extensions.server_names[i].name_length; |
1204 | } | 1213 | } |
1205 | return 0; | 1214 | return 0; |
1206 | } | 1215 | } |
diff --git a/src/daemon/https/tls/gnutls_sig.c b/src/daemon/https/tls/gnutls_sig.c index 0309e588..fcd756b5 100644 --- a/src/daemon/https/tls/gnutls_sig.c +++ b/src/daemon/https/tls/gnutls_sig.c | |||
@@ -38,10 +38,10 @@ | |||
38 | #include <gnutls_kx.h> | 38 | #include <gnutls_kx.h> |
39 | 39 | ||
40 | static int MHD__gnutls_tls_sign (MHD_gtls_session_t session, | 40 | static int MHD__gnutls_tls_sign (MHD_gtls_session_t session, |
41 | MHD_gnutls_cert * cert, | 41 | MHD_gnutls_cert * cert, |
42 | MHD_gnutls_privkey * pkey, | 42 | MHD_gnutls_privkey * pkey, |
43 | const MHD_gnutls_datum_t * hash_concat, | 43 | const MHD_gnutls_datum_t * hash_concat, |
44 | MHD_gnutls_datum_t * signature); | 44 | MHD_gnutls_datum_t * signature); |
45 | 45 | ||
46 | /* Generates a signature of all the previous sent packets in the | 46 | /* Generates a signature of all the previous sent packets in the |
47 | * handshake procedure. (20040227: now it works for SSL 3.0 as well) | 47 | * handshake procedure. (20040227: now it works for SSL 3.0 as well) |
@@ -49,7 +49,8 @@ static int MHD__gnutls_tls_sign (MHD_gtls_session_t session, | |||
49 | int | 49 | int |
50 | MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session, | 50 | MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session, |
51 | MHD_gnutls_cert * cert, | 51 | MHD_gnutls_cert * cert, |
52 | MHD_gnutls_privkey * pkey, MHD_gnutls_datum_t * signature) | 52 | MHD_gnutls_privkey * pkey, |
53 | MHD_gnutls_datum_t * signature) | ||
53 | { | 54 | { |
54 | MHD_gnutls_datum_t dconcat; | 55 | MHD_gnutls_datum_t dconcat; |
55 | int ret; | 56 | int ret; |
@@ -75,8 +76,9 @@ MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session, | |||
75 | } | 76 | } |
76 | 77 | ||
77 | MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16], | 78 | MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16], |
78 | session->security_parameters. | 79 | session-> |
79 | master_secret, TLS_MASTER_SIZE); | 80 | security_parameters.master_secret, |
81 | TLS_MASTER_SIZE); | ||
80 | } | 82 | } |
81 | else | 83 | else |
82 | MHD_gnutls_hash_deinit (td_sha, &concat[16]); | 84 | MHD_gnutls_hash_deinit (td_sha, &concat[16]); |
@@ -94,8 +96,9 @@ MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session, | |||
94 | 96 | ||
95 | if (ver == MHD_GNUTLS_PROTOCOL_SSL3) | 97 | if (ver == MHD_GNUTLS_PROTOCOL_SSL3) |
96 | MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat, | 98 | MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat, |
97 | session->security_parameters. | 99 | session-> |
98 | master_secret, TLS_MASTER_SIZE); | 100 | security_parameters.master_secret, |
101 | TLS_MASTER_SIZE); | ||
99 | else | 102 | else |
100 | MHD_gnutls_hash_deinit (td_md5, concat); | 103 | MHD_gnutls_hash_deinit (td_md5, concat); |
101 | 104 | ||
@@ -122,7 +125,8 @@ int | |||
122 | MHD_gtls_tls_sign_params (MHD_gtls_session_t session, | 125 | MHD_gtls_tls_sign_params (MHD_gtls_session_t session, |
123 | MHD_gnutls_cert * cert, | 126 | MHD_gnutls_cert * cert, |
124 | MHD_gnutls_privkey * pkey, | 127 | MHD_gnutls_privkey * pkey, |
125 | MHD_gnutls_datum_t * params, MHD_gnutls_datum_t * signature) | 128 | MHD_gnutls_datum_t * params, |
129 | MHD_gnutls_datum_t * signature) | ||
126 | { | 130 | { |
127 | MHD_gnutls_datum_t dconcat; | 131 | MHD_gnutls_datum_t dconcat; |
128 | int ret; | 132 | int ret; |
@@ -207,7 +211,8 @@ int | |||
207 | MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo, | 211 | MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo, |
208 | mpi_t * params, | 212 | mpi_t * params, |
209 | int params_size, | 213 | int params_size, |
210 | const MHD_gnutls_datum_t * data, MHD_gnutls_datum_t * signature) | 214 | const MHD_gnutls_datum_t * data, |
215 | MHD_gnutls_datum_t * signature) | ||
211 | { | 216 | { |
212 | int ret; | 217 | int ret; |
213 | 218 | ||
@@ -239,10 +244,10 @@ MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo, | |||
239 | */ | 244 | */ |
240 | static int | 245 | static int |
241 | MHD__gnutls_tls_sign (MHD_gtls_session_t session, | 246 | MHD__gnutls_tls_sign (MHD_gtls_session_t session, |
242 | MHD_gnutls_cert * cert, | 247 | MHD_gnutls_cert * cert, |
243 | MHD_gnutls_privkey * pkey, | 248 | MHD_gnutls_privkey * pkey, |
244 | const MHD_gnutls_datum_t * hash_concat, | 249 | const MHD_gnutls_datum_t * hash_concat, |
245 | MHD_gnutls_datum_t * signature) | 250 | MHD_gnutls_datum_t * signature) |
246 | { | 251 | { |
247 | 252 | ||
248 | /* If our certificate supports signing | 253 | /* If our certificate supports signing |
@@ -263,8 +268,8 @@ MHD__gnutls_tls_sign (MHD_gtls_session_t session, | |||
263 | return GNUTLS_E_INSUFFICIENT_CREDENTIALS; | 268 | return GNUTLS_E_INSUFFICIENT_CREDENTIALS; |
264 | 269 | ||
265 | return (*session->internals.sign_func) (session, | 270 | return (*session->internals.sign_func) (session, |
266 | session->internals. | 271 | session-> |
267 | sign_func_userdata, | 272 | internals.sign_func_userdata, |
268 | cert->cert_type, &cert->raw, | 273 | cert->cert_type, &cert->raw, |
269 | hash_concat, signature); | 274 | hash_concat, signature); |
270 | } | 275 | } |
@@ -275,13 +280,13 @@ MHD__gnutls_tls_sign (MHD_gtls_session_t session, | |||
275 | 280 | ||
276 | static int | 281 | static int |
277 | MHD__gnutls_verify_sig (MHD_gnutls_cert * cert, | 282 | MHD__gnutls_verify_sig (MHD_gnutls_cert * cert, |
278 | const MHD_gnutls_datum_t * hash_concat, | 283 | const MHD_gnutls_datum_t * hash_concat, |
279 | MHD_gnutls_datum_t * signature, size_t sha1pos) | 284 | MHD_gnutls_datum_t * signature, size_t sha1pos) |
280 | { | 285 | { |
281 | int ret; | 286 | int ret; |
282 | MHD_gnutls_datum_t vdata; | 287 | MHD_gnutls_datum_t vdata; |
283 | 288 | ||
284 | if ( (cert == NULL) || (cert->version == 0) ) | 289 | if ((cert == NULL) || (cert->version == 0)) |
285 | { /* this is the only way to check | 290 | { /* this is the only way to check |
286 | * if it is initialized | 291 | * if it is initialized |
287 | */ | 292 | */ |
@@ -328,7 +333,8 @@ MHD__gnutls_verify_sig (MHD_gnutls_cert * cert, | |||
328 | */ | 333 | */ |
329 | int | 334 | int |
330 | MHD_gtls_verify_sig_hdata (MHD_gtls_session_t session, | 335 | MHD_gtls_verify_sig_hdata (MHD_gtls_session_t session, |
331 | MHD_gnutls_cert * cert, MHD_gnutls_datum_t * signature) | 336 | MHD_gnutls_cert * cert, |
337 | MHD_gnutls_datum_t * signature) | ||
332 | { | 338 | { |
333 | int ret; | 339 | int ret; |
334 | opaque concat[36]; | 340 | opaque concat[36]; |
@@ -362,11 +368,13 @@ MHD_gtls_verify_sig_hdata (MHD_gtls_session_t session, | |||
362 | } | 368 | } |
363 | 369 | ||
364 | MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat, | 370 | MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat, |
365 | session->security_parameters. | 371 | session-> |
366 | master_secret, TLS_MASTER_SIZE); | 372 | security_parameters.master_secret, |
373 | TLS_MASTER_SIZE); | ||
367 | MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16], | 374 | MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16], |
368 | session->security_parameters. | 375 | session-> |
369 | master_secret, TLS_MASTER_SIZE); | 376 | security_parameters.master_secret, |
377 | TLS_MASTER_SIZE); | ||
370 | } | 378 | } |
371 | else | 379 | else |
372 | { | 380 | { |
diff --git a/src/daemon/https/tls/gnutls_sig.h b/src/daemon/https/tls/gnutls_sig.h index 6259191d..19793020 100644 --- a/src/daemon/https/tls/gnutls_sig.h +++ b/src/daemon/https/tls/gnutls_sig.h | |||
@@ -47,6 +47,7 @@ int MHD_gtls_verify_sig_params (MHD_gtls_session_t session, | |||
47 | 47 | ||
48 | int MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo, | 48 | int MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo, |
49 | mpi_t * params, int params_size, | 49 | mpi_t * params, int params_size, |
50 | const MHD_gnutls_datum_t * data, MHD_gnutls_datum_t * signature); | 50 | const MHD_gnutls_datum_t * data, |
51 | MHD_gnutls_datum_t * signature); | ||
51 | 52 | ||
52 | #endif | 53 | #endif |
diff --git a/src/daemon/https/tls/gnutls_state.c b/src/daemon/https/tls/gnutls_state.c index 49802b2e..4f4ea122 100644 --- a/src/daemon/https/tls/gnutls_state.c +++ b/src/daemon/https/tls/gnutls_state.c | |||
@@ -44,7 +44,7 @@ | |||
44 | 44 | ||
45 | void | 45 | void |
46 | MHD__gnutls_session_cert_type_set (MHD_gtls_session_t session, | 46 | MHD__gnutls_session_cert_type_set (MHD_gtls_session_t session, |
47 | enum MHD_GNUTLS_CertificateType ct) | 47 | enum MHD_GNUTLS_CertificateType ct) |
48 | { | 48 | { |
49 | session->security_parameters.cert_type = ct; | 49 | session->security_parameters.cert_type = ct; |
50 | } | 50 | } |
@@ -236,7 +236,7 @@ MHD_gtls_handshake_internal_state_clear (MHD_gtls_session_t session) | |||
236 | /* TODO rm redundent pointer ref */ | 236 | /* TODO rm redundent pointer ref */ |
237 | int | 237 | int |
238 | MHD__gnutls_init (MHD_gtls_session_t * session, | 238 | MHD__gnutls_init (MHD_gtls_session_t * session, |
239 | MHD_gnutls_connection_end_t con_end) | 239 | MHD_gnutls_connection_end_t con_end) |
240 | { | 240 | { |
241 | *session = MHD_gnutls_calloc (1, sizeof (struct MHD_gtls_session_int)); | 241 | *session = MHD_gnutls_calloc (1, sizeof (struct MHD_gtls_session_int)); |
242 | if (*session == NULL) | 242 | if (*session == NULL) |
@@ -286,10 +286,10 @@ MHD__gnutls_init (MHD_gtls_session_t * session, | |||
286 | 286 | ||
287 | MHD__gnutls_dh_set_prime_bits ((*session), MIN_DH_BITS); | 287 | MHD__gnutls_dh_set_prime_bits ((*session), MIN_DH_BITS); |
288 | 288 | ||
289 | MHD__gnutls_transport_set_lowat ((*session), DEFAULT_LOWAT); /* the default for tcp */ | 289 | MHD__gnutls_transport_set_lowat ((*session), DEFAULT_LOWAT); /* the default for tcp */ |
290 | 290 | ||
291 | MHD__gnutls_handshake_set_max_packet_length ((*session), | 291 | MHD__gnutls_handshake_set_max_packet_length ((*session), |
292 | MAX_HANDSHAKE_PACKET_SIZE); | 292 | MAX_HANDSHAKE_PACKET_SIZE); |
293 | 293 | ||
294 | /* Allocate a minimum size for recv_data | 294 | /* Allocate a minimum size for recv_data |
295 | * This is allocated in order to avoid small messages, making | 295 | * This is allocated in order to avoid small messages, making |
@@ -612,7 +612,7 @@ MHD_gtls_dh_set_group (MHD_gtls_session_t session, mpi_t gen, mpi_t prime) | |||
612 | **/ | 612 | **/ |
613 | void | 613 | void |
614 | MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t session, | 614 | MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t session, |
615 | int status) | 615 | int status) |
616 | { | 616 | { |
617 | session->internals.ignore_rdn_sequence = status; | 617 | session->internals.ignore_rdn_sequence = status; |
618 | } | 618 | } |
@@ -630,7 +630,8 @@ MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t session, | |||
630 | -*/ | 630 | -*/ |
631 | void | 631 | void |
632 | MHD__gnutls_record_set_default_version (MHD_gtls_session_t session, | 632 | MHD__gnutls_record_set_default_version (MHD_gtls_session_t session, |
633 | unsigned char major, unsigned char minor) | 633 | unsigned char major, |
634 | unsigned char minor) | ||
634 | { | 635 | { |
635 | session->internals.default_record_version[0] = major; | 636 | session->internals.default_record_version[0] = major; |
636 | session->internals.default_record_version[1] = minor; | 637 | session->internals.default_record_version[1] = minor; |
@@ -661,9 +662,9 @@ MHD_gtls_handshake_set_private_extensions (MHD_gtls_session_t session, | |||
661 | 662 | ||
662 | inline static int | 663 | inline static int |
663 | MHD__gnutls_cal_PRF_A (enum MHD_GNUTLS_HashAlgorithm algorithm, | 664 | MHD__gnutls_cal_PRF_A (enum MHD_GNUTLS_HashAlgorithm algorithm, |
664 | const void *secret, | 665 | const void *secret, |
665 | int secret_size, | 666 | int secret_size, |
666 | const void *seed, int seed_size, void *result) | 667 | const void *seed, int seed_size, void *result) |
667 | { | 668 | { |
668 | mac_hd_t td1; | 669 | mac_hd_t td1; |
669 | 670 | ||
@@ -687,10 +688,10 @@ MHD__gnutls_cal_PRF_A (enum MHD_GNUTLS_HashAlgorithm algorithm, | |||
687 | */ | 688 | */ |
688 | static int | 689 | static int |
689 | MHD__gnutls_P_hash (enum MHD_GNUTLS_HashAlgorithm algorithm, | 690 | MHD__gnutls_P_hash (enum MHD_GNUTLS_HashAlgorithm algorithm, |
690 | const opaque * secret, | 691 | const opaque * secret, |
691 | int secret_size, | 692 | int secret_size, |
692 | const opaque * seed, | 693 | const opaque * seed, |
693 | int seed_size, int total_bytes, opaque * ret) | 694 | int seed_size, int total_bytes, opaque * ret) |
694 | { | 695 | { |
695 | 696 | ||
696 | mac_hd_t td2; | 697 | mac_hd_t td2; |
@@ -730,8 +731,9 @@ MHD__gnutls_P_hash (enum MHD_GNUTLS_HashAlgorithm algorithm, | |||
730 | } | 731 | } |
731 | 732 | ||
732 | /* here we calculate A(i+1) */ | 733 | /* here we calculate A(i+1) */ |
733 | if ((result = MHD__gnutls_cal_PRF_A (algorithm, secret, secret_size, Atmp, | 734 | if ((result = |
734 | A_size, Atmp)) < 0) | 735 | MHD__gnutls_cal_PRF_A (algorithm, secret, secret_size, Atmp, |
736 | A_size, Atmp)) < 0) | ||
735 | { | 737 | { |
736 | MHD_gnutls_assert (); | 738 | MHD_gnutls_assert (); |
737 | MHD_gnutls_MHD_hmac_deinit (td2, final); | 739 | MHD_gnutls_MHD_hmac_deinit (td2, final); |
@@ -816,7 +818,7 @@ MHD_gtls_PRF (MHD_gtls_session_t session, | |||
816 | { | 818 | { |
817 | result = | 819 | result = |
818 | MHD__gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, secret, secret_size, s_seed, | 820 | MHD__gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, secret, secret_size, s_seed, |
819 | s_seed_size, total_bytes, ret); | 821 | s_seed_size, total_bytes, ret); |
820 | if (result < 0) | 822 | if (result < 0) |
821 | { | 823 | { |
822 | MHD_gnutls_assert (); | 824 | MHD_gnutls_assert (); |
@@ -837,7 +839,7 @@ MHD_gtls_PRF (MHD_gtls_session_t session, | |||
837 | 839 | ||
838 | result = | 840 | result = |
839 | MHD__gnutls_P_hash (MHD_GNUTLS_MAC_MD5, s1, l_s, s_seed, s_seed_size, | 841 | MHD__gnutls_P_hash (MHD_GNUTLS_MAC_MD5, s1, l_s, s_seed, s_seed_size, |
840 | total_bytes, o1); | 842 | total_bytes, o1); |
841 | if (result < 0) | 843 | if (result < 0) |
842 | { | 844 | { |
843 | MHD_gnutls_assert (); | 845 | MHD_gnutls_assert (); |
@@ -846,7 +848,7 @@ MHD_gtls_PRF (MHD_gtls_session_t session, | |||
846 | 848 | ||
847 | result = | 849 | result = |
848 | MHD__gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, s2, l_s, s_seed, s_seed_size, | 850 | MHD__gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, s2, l_s, s_seed, s_seed_size, |
849 | total_bytes, o2); | 851 | total_bytes, o2); |
850 | if (result < 0) | 852 | if (result < 0) |
851 | { | 853 | { |
852 | MHD_gnutls_assert (); | 854 | MHD_gnutls_assert (); |
@@ -893,10 +895,10 @@ MHD_gtls_PRF (MHD_gtls_session_t session, | |||
893 | **/ | 895 | **/ |
894 | int | 896 | int |
895 | MHD__gnutls_prf_raw (MHD_gtls_session_t session, | 897 | MHD__gnutls_prf_raw (MHD_gtls_session_t session, |
896 | size_t label_size, | 898 | size_t label_size, |
897 | const char *label, | 899 | const char *label, |
898 | size_t seed_size, const char *seed, size_t outsize, | 900 | size_t seed_size, const char *seed, size_t outsize, |
899 | char *out) | 901 | char *out) |
900 | { | 902 | { |
901 | int ret; | 903 | int ret; |
902 | 904 | ||
@@ -938,11 +940,11 @@ MHD__gnutls_prf_raw (MHD_gtls_session_t session, | |||
938 | **/ | 940 | **/ |
939 | int | 941 | int |
940 | MHD__gnutls_prf (MHD_gtls_session_t session, | 942 | MHD__gnutls_prf (MHD_gtls_session_t session, |
941 | size_t label_size, | 943 | size_t label_size, |
942 | const char *label, | 944 | const char *label, |
943 | int server_random_first, | 945 | int server_random_first, |
944 | size_t extra_size, const char *extra, size_t outsize, | 946 | size_t extra_size, const char *extra, size_t outsize, |
945 | char *out) | 947 | char *out) |
946 | { | 948 | { |
947 | int ret; | 949 | int ret; |
948 | opaque *seed; | 950 | opaque *seed; |
@@ -1050,8 +1052,8 @@ MHD_gtls_session_is_resumed (MHD_gtls_session_t session) | |||
1050 | && session->security_parameters.session_id_size | 1052 | && session->security_parameters.session_id_size |
1051 | == session->internals.resumed_security_parameters.session_id_size | 1053 | == session->internals.resumed_security_parameters.session_id_size |
1052 | && memcmp (session->security_parameters.session_id, | 1054 | && memcmp (session->security_parameters.session_id, |
1053 | session->internals.resumed_security_parameters. | 1055 | session->internals. |
1054 | session_id, | 1056 | resumed_security_parameters.session_id, |
1055 | session->security_parameters.session_id_size) == 0) | 1057 | session->security_parameters.session_id_size) == 0) |
1056 | return 1; | 1058 | return 1; |
1057 | } | 1059 | } |
@@ -1078,8 +1080,8 @@ MHD_gtls_session_is_export (MHD_gtls_session_t session) | |||
1078 | enum MHD_GNUTLS_CipherAlgorithm cipher; | 1080 | enum MHD_GNUTLS_CipherAlgorithm cipher; |
1079 | 1081 | ||
1080 | cipher = | 1082 | cipher = |
1081 | MHD_gtls_cipher_suite_get_cipher_algo (&session->security_parameters. | 1083 | MHD_gtls_cipher_suite_get_cipher_algo (&session-> |
1082 | current_cipher_suite); | 1084 | security_parameters.current_cipher_suite); |
1083 | 1085 | ||
1084 | if (MHD_gtls_cipher_get_export_flag (cipher) != 0) | 1086 | if (MHD_gtls_cipher_get_export_flag (cipher) != 0) |
1085 | return 1; | 1087 | return 1; |
@@ -1151,7 +1153,7 @@ MHD__gnutls_record_get_direction (MHD_gtls_session_t session) | |||
1151 | -*/ | 1153 | -*/ |
1152 | void | 1154 | void |
1153 | MHD__gnutls_rsa_pms_set_version (MHD_gtls_session_t session, | 1155 | MHD__gnutls_rsa_pms_set_version (MHD_gtls_session_t session, |
1154 | unsigned char major, unsigned char minor) | 1156 | unsigned char major, unsigned char minor) |
1155 | { | 1157 | { |
1156 | session->internals.rsa_pms_version[0] = major; | 1158 | session->internals.rsa_pms_version[0] = major; |
1157 | session->internals.rsa_pms_version[1] = minor; | 1159 | session->internals.rsa_pms_version[1] = minor; |
@@ -1181,9 +1183,9 @@ MHD__gnutls_rsa_pms_set_version (MHD_gtls_session_t session, | |||
1181 | **/ | 1183 | **/ |
1182 | void | 1184 | void |
1183 | MHD__gnutls_handshake_set_post_client_hello_function (MHD_gtls_session_t | 1185 | MHD__gnutls_handshake_set_post_client_hello_function (MHD_gtls_session_t |
1184 | session, | 1186 | session, |
1185 | MHD_gnutls_handshake_post_client_hello_func | 1187 | MHD_gnutls_handshake_post_client_hello_func |
1186 | func) | 1188 | func) |
1187 | { | 1189 | { |
1188 | session->internals.user_hello_func = func; | 1190 | session->internals.user_hello_func = func; |
1189 | } | 1191 | } |
diff --git a/src/daemon/https/tls/gnutls_state.h b/src/daemon/https/tls/gnutls_state.h index 34aeda93..a6ff5892 100644 --- a/src/daemon/https/tls/gnutls_state.h +++ b/src/daemon/https/tls/gnutls_state.h | |||
@@ -28,11 +28,11 @@ | |||
28 | #include <gnutls_int.h> | 28 | #include <gnutls_int.h> |
29 | 29 | ||
30 | void MHD__gnutls_session_cert_type_set (MHD_gtls_session_t session, | 30 | void MHD__gnutls_session_cert_type_set (MHD_gtls_session_t session, |
31 | enum MHD_GNUTLS_CertificateType); | 31 | enum MHD_GNUTLS_CertificateType); |
32 | enum MHD_GNUTLS_KeyExchangeAlgorithm MHD_gnutls_kx_get (MHD_gtls_session_t | 32 | enum MHD_GNUTLS_KeyExchangeAlgorithm MHD_gnutls_kx_get (MHD_gtls_session_t |
33 | session); | 33 | session); |
34 | enum MHD_GNUTLS_CipherAlgorithm MHD_gnutls_cipher_get (MHD_gtls_session_t | 34 | enum MHD_GNUTLS_CipherAlgorithm MHD_gnutls_cipher_get (MHD_gtls_session_t |
35 | session); | 35 | session); |
36 | enum MHD_GNUTLS_CertificateType | 36 | enum MHD_GNUTLS_CertificateType |
37 | MHD_gnutls_certificate_type_get (MHD_gtls_session_t); | 37 | MHD_gnutls_certificate_type_get (MHD_gtls_session_t); |
38 | 38 | ||
@@ -72,6 +72,6 @@ int MHD_gtls_PRF (MHD_gtls_session_t session, | |||
72 | int total_bytes, void *ret); | 72 | int total_bytes, void *ret); |
73 | 73 | ||
74 | int MHD__gnutls_init (MHD_gtls_session_t * session, | 74 | int MHD__gnutls_init (MHD_gtls_session_t * session, |
75 | MHD_gnutls_connection_end_t con_end); | 75 | MHD_gnutls_connection_end_t con_end); |
76 | 76 | ||
77 | #define DEFAULT_CERT_TYPE MHD_GNUTLS_CRT_X509 | 77 | #define DEFAULT_CERT_TYPE MHD_GNUTLS_CRT_X509 |
diff --git a/src/daemon/https/tls/gnutls_str.h b/src/daemon/https/tls/gnutls_str.h index bedee1df..befa957e 100644 --- a/src/daemon/https/tls/gnutls_str.h +++ b/src/daemon/https/tls/gnutls_str.h | |||
@@ -43,7 +43,8 @@ typedef struct | |||
43 | } MHD_gtls_string; | 43 | } MHD_gtls_string; |
44 | 44 | ||
45 | void MHD_gtls_string_init (MHD_gtls_string *, MHD_gnutls_alloc_function, | 45 | void MHD_gtls_string_init (MHD_gtls_string *, MHD_gnutls_alloc_function, |
46 | MHD_gnutls_realloc_function, MHD_gnutls_free_function); | 46 | MHD_gnutls_realloc_function, |
47 | MHD_gnutls_free_function); | ||
47 | void MHD_gtls_string_clear (MHD_gtls_string *); | 48 | void MHD_gtls_string_clear (MHD_gtls_string *); |
48 | 49 | ||
49 | /* Beware, do not clear the string, after calling this | 50 | /* Beware, do not clear the string, after calling this |
diff --git a/src/daemon/https/tls/gnutls_supplemental.c b/src/daemon/https/tls/gnutls_supplemental.c index 7b265031..0419917c 100644 --- a/src/daemon/https/tls/gnutls_supplemental.c +++ b/src/daemon/https/tls/gnutls_supplemental.c | |||
@@ -68,7 +68,8 @@ MHD_gnutls_supplemental_entry MHD__gnutls_supplemental[] = { | |||
68 | }; | 68 | }; |
69 | 69 | ||
70 | const char * | 70 | const char * |
71 | MHD_gtls_supplemental_get_name (MHD_gnutls_supplemental_data_format_type_t type) | 71 | MHD_gtls_supplemental_get_name (MHD_gnutls_supplemental_data_format_type_t |
72 | type) | ||
72 | { | 73 | { |
73 | MHD_gnutls_supplemental_entry *p; | 74 | MHD_gnutls_supplemental_entry *p; |
74 | 75 | ||
@@ -92,7 +93,8 @@ get_supp_func_recv (MHD_gnutls_supplemental_data_format_type_t type) | |||
92 | } | 93 | } |
93 | 94 | ||
94 | int | 95 | int |
95 | MHD__gnutls_gen_supplemental (MHD_gtls_session_t session, MHD_gtls_buffer * buf) | 96 | MHD__gnutls_gen_supplemental (MHD_gtls_session_t session, |
97 | MHD_gtls_buffer * buf) | ||
96 | { | 98 | { |
97 | MHD_gnutls_supplemental_entry *p; | 99 | MHD_gnutls_supplemental_entry *p; |
98 | int ret; | 100 | int ret; |
@@ -143,14 +145,14 @@ MHD__gnutls_gen_supplemental (MHD_gtls_session_t session, MHD_gtls_buffer * buf) | |||
143 | buf->data[2] = (buf->length - 3) & 0xFF; | 145 | buf->data[2] = (buf->length - 3) & 0xFF; |
144 | 146 | ||
145 | MHD__gnutls_debug_log ("EXT[%x]: Sending %d bytes of supplemental data\n", | 147 | MHD__gnutls_debug_log ("EXT[%x]: Sending %d bytes of supplemental data\n", |
146 | session, buf->length); | 148 | session, buf->length); |
147 | 149 | ||
148 | return buf->length; | 150 | return buf->length; |
149 | } | 151 | } |
150 | 152 | ||
151 | int | 153 | int |
152 | MHD__gnutls_parse_supplemental (MHD_gtls_session_t session, | 154 | MHD__gnutls_parse_supplemental (MHD_gtls_session_t session, |
153 | const uint8_t * data, int datalen) | 155 | const uint8_t * data, int datalen) |
154 | { | 156 | { |
155 | const opaque *p = data; | 157 | const opaque *p = data; |
156 | ssize_t dsize = datalen; | 158 | ssize_t dsize = datalen; |
@@ -180,8 +182,9 @@ MHD__gnutls_parse_supplemental (MHD_gtls_session_t session, | |||
180 | supp_data_length = MHD_gtls_read_uint16 (p); | 182 | supp_data_length = MHD_gtls_read_uint16 (p); |
181 | p += 2; | 183 | p += 2; |
182 | 184 | ||
183 | MHD__gnutls_debug_log ("EXT[%x]: Got supplemental type=%02x length=%d\n", | 185 | MHD__gnutls_debug_log |
184 | session, supp_data_type, supp_data_length); | 186 | ("EXT[%x]: Got supplemental type=%02x length=%d\n", session, |
187 | supp_data_type, supp_data_length); | ||
185 | 188 | ||
186 | recv_func = get_supp_func_recv (supp_data_type); | 189 | recv_func = get_supp_func_recv (supp_data_type); |
187 | if (recv_func) | 190 | if (recv_func) |
diff --git a/src/daemon/https/tls/gnutls_supplemental.h b/src/daemon/https/tls/gnutls_supplemental.h index a215ab56..b7ad0c29 100644 --- a/src/daemon/https/tls/gnutls_supplemental.h +++ b/src/daemon/https/tls/gnutls_supplemental.h | |||
@@ -25,6 +25,6 @@ | |||
25 | #include <gnutls_int.h> | 25 | #include <gnutls_int.h> |
26 | 26 | ||
27 | int MHD__gnutls_parse_supplemental (MHD_gtls_session_t session, | 27 | int MHD__gnutls_parse_supplemental (MHD_gtls_session_t session, |
28 | const uint8_t * data, int data_size); | 28 | const uint8_t * data, int data_size); |
29 | int MHD__gnutls_gen_supplemental (MHD_gtls_session_t session, | 29 | int MHD__gnutls_gen_supplemental (MHD_gtls_session_t session, |
30 | MHD_gtls_buffer * buf); | 30 | MHD_gtls_buffer * buf); |
diff --git a/src/daemon/https/tls/gnutls_ui.c b/src/daemon/https/tls/gnutls_ui.c index 7709b2b7..a2594332 100644 --- a/src/daemon/https/tls/gnutls_ui.c +++ b/src/daemon/https/tls/gnutls_ui.c | |||
@@ -74,7 +74,8 @@ MHD__gnutls_dh_set_prime_bits (MHD_gtls_session_t session, unsigned int bits) | |||
74 | **/ | 74 | **/ |
75 | int | 75 | int |
76 | MHD__gnutls_dh_get_group (MHD_gtls_session_t session, | 76 | MHD__gnutls_dh_get_group (MHD_gtls_session_t session, |
77 | MHD_gnutls_datum_t * raw_gen, MHD_gnutls_datum_t * raw_prime) | 77 | MHD_gnutls_datum_t * raw_gen, |
78 | MHD_gnutls_datum_t * raw_prime) | ||
78 | { | 79 | { |
79 | MHD_gtls_dh_info_st *dh; | 80 | MHD_gtls_dh_info_st *dh; |
80 | int ret; | 81 | int ret; |
@@ -107,7 +108,8 @@ MHD__gnutls_dh_get_group (MHD_gtls_session_t session, | |||
107 | return ret; | 108 | return ret; |
108 | } | 109 | } |
109 | 110 | ||
110 | ret = MHD__gnutls_set_datum (raw_gen, dh->generator.data, dh->generator.size); | 111 | ret = |
112 | MHD__gnutls_set_datum (raw_gen, dh->generator.data, dh->generator.size); | ||
111 | if (ret < 0) | 113 | if (ret < 0) |
112 | { | 114 | { |
113 | MHD_gnutls_assert (); | 115 | MHD_gnutls_assert (); |
@@ -132,7 +134,7 @@ MHD__gnutls_dh_get_group (MHD_gtls_session_t session, | |||
132 | **/ | 134 | **/ |
133 | int | 135 | int |
134 | MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session, | 136 | MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session, |
135 | MHD_gnutls_datum_t * raw_key) | 137 | MHD_gnutls_datum_t * raw_key) |
136 | { | 138 | { |
137 | MHD_gtls_dh_info_st *dh; | 139 | MHD_gtls_dh_info_st *dh; |
138 | mhd_anon_auth_info_t anon_info; | 140 | mhd_anon_auth_info_t anon_info; |
@@ -172,7 +174,7 @@ MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session, | |||
172 | } | 174 | } |
173 | 175 | ||
174 | return MHD__gnutls_set_datum (raw_key, dh->public_key.data, | 176 | return MHD__gnutls_set_datum (raw_key, dh->public_key.data, |
175 | dh->public_key.size); | 177 | dh->public_key.size); |
176 | } | 178 | } |
177 | 179 | ||
178 | /** | 180 | /** |
@@ -203,7 +205,7 @@ MHD_gtls_rsa_export_get_pubkey (MHD_gtls_session_t session, | |||
203 | return GNUTLS_E_INTERNAL_ERROR; | 205 | return GNUTLS_E_INTERNAL_ERROR; |
204 | 206 | ||
205 | ret = MHD__gnutls_set_datum (modulus, info->rsa_export.modulus.data, | 207 | ret = MHD__gnutls_set_datum (modulus, info->rsa_export.modulus.data, |
206 | info->rsa_export.modulus.size); | 208 | info->rsa_export.modulus.size); |
207 | if (ret < 0) | 209 | if (ret < 0) |
208 | { | 210 | { |
209 | MHD_gnutls_assert (); | 211 | MHD_gnutls_assert (); |
@@ -211,7 +213,7 @@ MHD_gtls_rsa_export_get_pubkey (MHD_gtls_session_t session, | |||
211 | } | 213 | } |
212 | 214 | ||
213 | ret = MHD__gnutls_set_datum (exponent, info->rsa_export.exponent.data, | 215 | ret = MHD__gnutls_set_datum (exponent, info->rsa_export.exponent.data, |
214 | info->rsa_export.exponent.size); | 216 | info->rsa_export.exponent.size); |
215 | if (ret < 0) | 217 | if (ret < 0) |
216 | { | 218 | { |
217 | MHD_gnutls_assert (); | 219 | MHD_gnutls_assert (); |
@@ -491,8 +493,8 @@ MHD_gtls_certificate_client_get_request_status (MHD_gtls_session_t session) | |||
491 | **/ | 493 | **/ |
492 | int | 494 | int |
493 | MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo, | 495 | MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo, |
494 | const MHD_gnutls_datum_t * data, | 496 | const MHD_gnutls_datum_t * data, |
495 | void *result, size_t * result_size) | 497 | void *result, size_t * result_size) |
496 | { | 498 | { |
497 | GNUTLS_HASH_HANDLE td; | 499 | GNUTLS_HASH_HANDLE td; |
498 | int hash_len = MHD_gnutls_hash_get_algo_len (HASH2MAC (algo)); | 500 | int hash_len = MHD_gnutls_hash_get_algo_len (HASH2MAC (algo)); |
@@ -533,7 +535,7 @@ MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo, | |||
533 | **/ | 535 | **/ |
534 | void | 536 | void |
535 | MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res, | 537 | MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res, |
536 | MHD_gtls_dh_params_t dh_params) | 538 | MHD_gtls_dh_params_t dh_params) |
537 | { | 539 | { |
538 | res->dh_params = dh_params; | 540 | res->dh_params = dh_params; |
539 | } | 541 | } |
@@ -550,7 +552,7 @@ MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res, | |||
550 | **/ | 552 | **/ |
551 | void | 553 | void |
552 | MHD_gnutls_certificate_set_params_function (MHD_gtls_cert_credentials_t res, | 554 | MHD_gnutls_certificate_set_params_function (MHD_gtls_cert_credentials_t res, |
553 | MHD_gnutls_params_function * func) | 555 | MHD_gnutls_params_function * func) |
554 | { | 556 | { |
555 | res->params_func = func; | 557 | res->params_func = func; |
556 | } | 558 | } |
@@ -567,7 +569,7 @@ MHD_gnutls_certificate_set_params_function (MHD_gtls_cert_credentials_t res, | |||
567 | **/ | 569 | **/ |
568 | void | 570 | void |
569 | MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t | 571 | MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t |
570 | res, unsigned int flags) | 572 | res, unsigned int flags) |
571 | { | 573 | { |
572 | res->verify_flags = flags; | 574 | res->verify_flags = flags; |
573 | } | 575 | } |
@@ -585,9 +587,9 @@ MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t | |||
585 | **/ | 587 | **/ |
586 | void | 588 | void |
587 | MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t | 589 | MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t |
588 | res, | 590 | res, |
589 | unsigned int max_bits, | 591 | unsigned int max_bits, |
590 | unsigned int max_depth) | 592 | unsigned int max_depth) |
591 | { | 593 | { |
592 | res->verify_depth = max_depth; | 594 | res->verify_depth = max_depth; |
593 | res->verify_bits = max_bits; | 595 | res->verify_bits = max_bits; |
@@ -605,9 +607,9 @@ MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t | |||
605 | **/ | 607 | **/ |
606 | void | 608 | void |
607 | MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t | 609 | MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t |
608 | res, | 610 | res, |
609 | MHD_gtls_rsa_params_t | 611 | MHD_gtls_rsa_params_t |
610 | rsa_params) | 612 | rsa_params) |
611 | { | 613 | { |
612 | res->rsa_params = rsa_params; | 614 | res->rsa_params = rsa_params; |
613 | } | 615 | } |
@@ -624,7 +626,7 @@ MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t | |||
624 | **/ | 626 | **/ |
625 | void | 627 | void |
626 | MHD_gnutls_anon_set_params_function (MHD_gtls_anon_server_credentials_t res, | 628 | MHD_gnutls_anon_set_params_function (MHD_gtls_anon_server_credentials_t res, |
627 | MHD_gnutls_params_function * func) | 629 | MHD_gnutls_params_function * func) |
628 | { | 630 | { |
629 | res->params_func = func; | 631 | res->params_func = func; |
630 | } | 632 | } |
diff --git a/src/daemon/https/tls/gnutls_x509.c b/src/daemon/https/tls/gnutls_x509.c index 503bea9b..06ee8635 100644 --- a/src/daemon/https/tls/gnutls_x509.c +++ b/src/daemon/https/tls/gnutls_x509.c | |||
@@ -103,7 +103,7 @@ check_bits (MHD_gnutls_x509_crt_t crt, unsigned int max_bits) | |||
103 | -*/ | 103 | -*/ |
104 | int | 104 | int |
105 | MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, | 105 | MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, |
106 | unsigned int *status) | 106 | unsigned int *status) |
107 | { | 107 | { |
108 | cert_auth_info_t info; | 108 | cert_auth_info_t info; |
109 | MHD_gtls_cert_credentials_t cred; | 109 | MHD_gtls_cert_credentials_t cred; |
@@ -142,7 +142,8 @@ MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, | |||
142 | peer_certificate_list_size = info->ncerts; | 142 | peer_certificate_list_size = info->ncerts; |
143 | peer_certificate_list = | 143 | peer_certificate_list = |
144 | MHD_gnutls_calloc (1, | 144 | MHD_gnutls_calloc (1, |
145 | peer_certificate_list_size * sizeof (MHD_gnutls_x509_crt_t)); | 145 | peer_certificate_list_size * |
146 | sizeof (MHD_gnutls_x509_crt_t)); | ||
146 | if (peer_certificate_list == NULL) | 147 | if (peer_certificate_list == NULL) |
147 | { | 148 | { |
148 | MHD_gnutls_assert (); | 149 | MHD_gnutls_assert (); |
@@ -161,8 +162,8 @@ MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, | |||
161 | 162 | ||
162 | ret = | 163 | ret = |
163 | MHD_gnutls_x509_crt_import (peer_certificate_list[i], | 164 | MHD_gnutls_x509_crt_import (peer_certificate_list[i], |
164 | &info->raw_certificate_list[i], | 165 | &info->raw_certificate_list[i], |
165 | GNUTLS_X509_FMT_DER); | 166 | GNUTLS_X509_FMT_DER); |
166 | if (ret < 0) | 167 | if (ret < 0) |
167 | { | 168 | { |
168 | MHD_gnutls_assert (); | 169 | MHD_gnutls_assert (); |
@@ -184,10 +185,10 @@ MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, | |||
184 | */ | 185 | */ |
185 | ret = | 186 | ret = |
186 | MHD_gnutls_x509_crt_list_verify (peer_certificate_list, | 187 | MHD_gnutls_x509_crt_list_verify (peer_certificate_list, |
187 | peer_certificate_list_size, | 188 | peer_certificate_list_size, |
188 | cred->x509_ca_list, cred->x509_ncas, | 189 | cred->x509_ca_list, cred->x509_ncas, |
189 | cred->x509_crl_list, cred->x509_ncrls, | 190 | cred->x509_crl_list, cred->x509_ncrls, |
190 | cred->verify_flags, status); | 191 | cred->verify_flags, status); |
191 | 192 | ||
192 | CLEAR_CERTS; | 193 | CLEAR_CERTS; |
193 | 194 | ||
@@ -221,13 +222,14 @@ MHD__gnutls_check_key_cert_match (MHD_gtls_cert_credentials_t res) | |||
221 | } | 222 | } |
222 | 223 | ||
223 | MHD__gnutls_x509_write_rsa_params (res->pkey[res->ncerts - 1].params, | 224 | MHD__gnutls_x509_write_rsa_params (res->pkey[res->ncerts - 1].params, |
224 | res->pkey[res->ncerts - | 225 | res->pkey[res->ncerts - |
225 | 1].params_size, &kid); | 226 | 1].params_size, &kid); |
226 | 227 | ||
227 | 228 | ||
228 | MHD__gnutls_x509_write_rsa_params (res->cert_list[res->ncerts - 1][0].params, | 229 | MHD__gnutls_x509_write_rsa_params (res->cert_list[res->ncerts - 1][0]. |
229 | res->cert_list[res->ncerts - | 230 | params, |
230 | 1][0].params_size, &cid); | 231 | res->cert_list[res->ncerts - |
232 | 1][0].params_size, &cid); | ||
231 | 233 | ||
232 | if (cid.size != kid.size) | 234 | if (cid.size != kid.size) |
233 | { | 235 | { |
@@ -265,7 +267,7 @@ parse_crt_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts, | |||
265 | 267 | ||
266 | *cert_list = | 268 | *cert_list = |
267 | (MHD_gnutls_cert *) MHD_gtls_realloc_fast (*cert_list, | 269 | (MHD_gnutls_cert *) MHD_gtls_realloc_fast (*cert_list, |
268 | i * sizeof (MHD_gnutls_cert)); | 270 | i * sizeof (MHD_gnutls_cert)); |
269 | 271 | ||
270 | if (*cert_list == NULL) | 272 | if (*cert_list == NULL) |
271 | { | 273 | { |
@@ -286,7 +288,7 @@ parse_crt_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts, | |||
286 | } | 288 | } |
287 | 289 | ||
288 | /* Reads a DER encoded certificate list from memory and stores it to | 290 | /* Reads a DER encoded certificate list from memory and stores it to |
289 | * a MHD_gnutls_cert structure. | 291 | * a MHD_gnutls_cert structure. |
290 | * Returns the number of certificates parsed. | 292 | * Returns the number of certificates parsed. |
291 | */ | 293 | */ |
292 | static int | 294 | static int |
@@ -355,7 +357,9 @@ parse_pem_cert_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts, | |||
355 | do | 357 | do |
356 | { | 358 | { |
357 | 359 | ||
358 | siz2 = MHD__gnutls_fbase64_decode (NULL, (const unsigned char*) ptr, size, &ptr2); | 360 | siz2 = |
361 | MHD__gnutls_fbase64_decode (NULL, (const unsigned char *) ptr, size, | ||
362 | &ptr2); | ||
359 | 363 | ||
360 | if (siz2 < 0) | 364 | if (siz2 < 0) |
361 | { | 365 | { |
@@ -365,7 +369,8 @@ parse_pem_cert_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts, | |||
365 | 369 | ||
366 | *cert_list = | 370 | *cert_list = |
367 | (MHD_gnutls_cert *) MHD_gtls_realloc_fast (*cert_list, | 371 | (MHD_gnutls_cert *) MHD_gtls_realloc_fast (*cert_list, |
368 | i * sizeof (MHD_gnutls_cert)); | 372 | i * |
373 | sizeof (MHD_gnutls_cert)); | ||
369 | 374 | ||
370 | if (*cert_list == NULL) | 375 | if (*cert_list == NULL) |
371 | { | 376 | { |
@@ -382,7 +387,7 @@ parse_pem_cert_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts, | |||
382 | MHD_gnutls_assert (); | 387 | MHD_gnutls_assert (); |
383 | return ret; | 388 | return ret; |
384 | } | 389 | } |
385 | MHD__gnutls_free_datum (&tmp); /* free ptr2 */ | 390 | MHD__gnutls_free_datum (&tmp); /* free ptr2 */ |
386 | 391 | ||
387 | /* now we move ptr after the pem header | 392 | /* now we move ptr after the pem header |
388 | */ | 393 | */ |
@@ -453,8 +458,8 @@ read_cert_mem (MHD_gtls_cert_credentials_t res, const void *cert, | |||
453 | 458 | ||
454 | if (type == GNUTLS_X509_FMT_DER) | 459 | if (type == GNUTLS_X509_FMT_DER) |
455 | ret = parse_der_cert_mem (&res->cert_list[res->ncerts], | 460 | ret = parse_der_cert_mem (&res->cert_list[res->ncerts], |
456 | &res->cert_list_length[res->ncerts], | 461 | &res->cert_list_length[res->ncerts], |
457 | cert, cert_size); | 462 | cert, cert_size); |
458 | else | 463 | else |
459 | ret = | 464 | ret = |
460 | parse_pem_cert_mem (&res->cert_list[res->ncerts], | 465 | parse_pem_cert_mem (&res->cert_list[res->ncerts], |
@@ -473,7 +478,7 @@ read_cert_mem (MHD_gtls_cert_credentials_t res, const void *cert, | |||
473 | 478 | ||
474 | int | 479 | int |
475 | MHD__gnutls_x509_privkey_to_gkey (MHD_gnutls_privkey * dest, | 480 | MHD__gnutls_x509_privkey_to_gkey (MHD_gnutls_privkey * dest, |
476 | MHD_gnutls_x509_privkey_t src) | 481 | MHD_gnutls_x509_privkey_t src) |
477 | { | 482 | { |
478 | int i, ret; | 483 | int i, ret; |
479 | 484 | ||
@@ -519,8 +524,8 @@ MHD_gtls_gkey_deinit (MHD_gnutls_privkey * key) | |||
519 | 524 | ||
520 | int | 525 | int |
521 | MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey, | 526 | MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey, |
522 | const MHD_gnutls_datum_t * raw_key, | 527 | const MHD_gnutls_datum_t * raw_key, |
523 | MHD_gnutls_x509_crt_fmt_t type) | 528 | MHD_gnutls_x509_crt_fmt_t type) |
524 | { | 529 | { |
525 | MHD_gnutls_x509_privkey_t tmpkey; | 530 | MHD_gnutls_x509_privkey_t tmpkey; |
526 | int ret; | 531 | int ret; |
@@ -539,7 +544,7 @@ MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey, | |||
539 | if (ret < 0) | 544 | if (ret < 0) |
540 | ret = | 545 | ret = |
541 | MHD_gnutls_x509_privkey_import_pkcs8 (tmpkey, raw_key, type, NULL, | 546 | MHD_gnutls_x509_privkey_import_pkcs8 (tmpkey, raw_key, type, NULL, |
542 | GNUTLS_PKCS_PLAIN); | 547 | GNUTLS_PKCS_PLAIN); |
543 | #endif | 548 | #endif |
544 | 549 | ||
545 | if (ret < 0) | 550 | if (ret < 0) |
@@ -591,7 +596,7 @@ read_key_mem (MHD_gtls_cert_credentials_t res, | |||
591 | 596 | ||
592 | ret = | 597 | ret = |
593 | MHD__gnutls_x509_raw_privkey_to_gkey (&res->pkey[res->ncerts], &tmp, | 598 | MHD__gnutls_x509_raw_privkey_to_gkey (&res->pkey[res->ncerts], &tmp, |
594 | type); | 599 | type); |
595 | if (ret < 0) | 600 | if (ret < 0) |
596 | { | 601 | { |
597 | MHD_gnutls_assert (); | 602 | MHD_gnutls_assert (); |
@@ -636,9 +641,10 @@ read_key_mem (MHD_gtls_cert_credentials_t res, | |||
636 | **/ | 641 | **/ |
637 | int | 642 | int |
638 | MHD__gnutls_certificate_set_x509_key_mem (MHD_gtls_cert_credentials_t | 643 | MHD__gnutls_certificate_set_x509_key_mem (MHD_gtls_cert_credentials_t |
639 | res, const MHD_gnutls_datum_t * cert, | 644 | res, |
640 | const MHD_gnutls_datum_t * key, | 645 | const MHD_gnutls_datum_t * cert, |
641 | MHD_gnutls_x509_crt_fmt_t type) | 646 | const MHD_gnutls_datum_t * key, |
647 | MHD_gnutls_x509_crt_fmt_t type) | ||
642 | { | 648 | { |
643 | int ret; | 649 | int ret; |
644 | 650 | ||
@@ -684,7 +690,8 @@ generate_rdn_seq (MHD_gtls_cert_credentials_t res) | |||
684 | size = 0; | 690 | size = 0; |
685 | for (i = 0; i < res->x509_ncas; i++) | 691 | for (i = 0; i < res->x509_ncas; i++) |
686 | { | 692 | { |
687 | if ((ret = MHD_gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0) | 693 | if ((ret = |
694 | MHD_gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0) | ||
688 | { | 695 | { |
689 | MHD_gnutls_assert (); | 696 | MHD_gnutls_assert (); |
690 | return ret; | 697 | return ret; |
@@ -708,7 +715,8 @@ generate_rdn_seq (MHD_gtls_cert_credentials_t res) | |||
708 | 715 | ||
709 | for (i = 0; i < res->x509_ncas; i++) | 716 | for (i = 0; i < res->x509_ncas; i++) |
710 | { | 717 | { |
711 | if ((ret = MHD_gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0) | 718 | if ((ret = |
719 | MHD_gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0) | ||
712 | { | 720 | { |
713 | MHD__gnutls_free_datum (&res->x509_rdn_sequence); | 721 | MHD__gnutls_free_datum (&res->x509_rdn_sequence); |
714 | MHD_gnutls_assert (); | 722 | MHD_gnutls_assert (); |
@@ -728,7 +736,7 @@ generate_rdn_seq (MHD_gtls_cert_credentials_t res) | |||
728 | */ | 736 | */ |
729 | int | 737 | int |
730 | MHD__gnutls_check_key_usage (const MHD_gnutls_cert * cert, | 738 | MHD__gnutls_check_key_usage (const MHD_gnutls_cert * cert, |
731 | enum MHD_GNUTLS_KeyExchangeAlgorithm alg) | 739 | enum MHD_GNUTLS_KeyExchangeAlgorithm alg) |
732 | { | 740 | { |
733 | unsigned int key_usage = 0; | 741 | unsigned int key_usage = 0; |
734 | int encipher_type; | 742 | int encipher_type; |
@@ -814,9 +822,9 @@ parse_pem_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts, | |||
814 | 822 | ||
815 | *cert_list = | 823 | *cert_list = |
816 | (MHD_gnutls_x509_crt_t *) MHD_gtls_realloc_fast (*cert_list, | 824 | (MHD_gnutls_x509_crt_t *) MHD_gtls_realloc_fast (*cert_list, |
817 | i * | 825 | i * |
818 | sizeof | 826 | sizeof |
819 | (MHD_gnutls_x509_crt_t)); | 827 | (MHD_gnutls_x509_crt_t)); |
820 | 828 | ||
821 | if (*cert_list == NULL) | 829 | if (*cert_list == NULL) |
822 | { | 830 | { |
@@ -836,7 +844,7 @@ parse_pem_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts, | |||
836 | 844 | ||
837 | ret = | 845 | ret = |
838 | MHD_gnutls_x509_crt_import (cert_list[0][i - 1], | 846 | MHD_gnutls_x509_crt_import (cert_list[0][i - 1], |
839 | &tmp, GNUTLS_X509_FMT_PEM); | 847 | &tmp, GNUTLS_X509_FMT_PEM); |
840 | if (ret < 0) | 848 | if (ret < 0) |
841 | { | 849 | { |
842 | MHD_gnutls_assert (); | 850 | MHD_gnutls_assert (); |
@@ -892,8 +900,9 @@ parse_der_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts, | |||
892 | 900 | ||
893 | *cert_list = | 901 | *cert_list = |
894 | (MHD_gnutls_x509_crt_t *) MHD_gtls_realloc_fast (*cert_list, | 902 | (MHD_gnutls_x509_crt_t *) MHD_gtls_realloc_fast (*cert_list, |
895 | i * | 903 | i * |
896 | sizeof (MHD_gnutls_x509_crt_t)); | 904 | sizeof |
905 | (MHD_gnutls_x509_crt_t)); | ||
897 | 906 | ||
898 | if (*cert_list == NULL) | 907 | if (*cert_list == NULL) |
899 | { | 908 | { |
@@ -912,7 +921,8 @@ parse_der_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts, | |||
912 | } | 921 | } |
913 | 922 | ||
914 | ret = | 923 | ret = |
915 | MHD_gnutls_x509_crt_import (cert_list[0][i - 1], &tmp, GNUTLS_X509_FMT_DER); | 924 | MHD_gnutls_x509_crt_import (cert_list[0][i - 1], &tmp, |
925 | GNUTLS_X509_FMT_DER); | ||
916 | if (ret < 0) | 926 | if (ret < 0) |
917 | { | 927 | { |
918 | MHD_gnutls_assert (); | 928 | MHD_gnutls_assert (); |
@@ -945,8 +955,9 @@ parse_der_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts, | |||
945 | **/ | 955 | **/ |
946 | int | 956 | int |
947 | MHD__gnutls_certificate_set_x509_trust_mem (MHD_gtls_cert_credentials_t | 957 | MHD__gnutls_certificate_set_x509_trust_mem (MHD_gtls_cert_credentials_t |
948 | res, const MHD_gnutls_datum_t * ca, | 958 | res, |
949 | MHD_gnutls_x509_crt_fmt_t type) | 959 | const MHD_gnutls_datum_t * ca, |
960 | MHD_gnutls_x509_crt_fmt_t type) | ||
950 | { | 961 | { |
951 | int ret, ret2; | 962 | int ret, ret2; |
952 | 963 | ||
@@ -994,9 +1005,9 @@ parse_pem_crl_mem (MHD_gnutls_x509_crl_t ** crl_list, unsigned *ncrls, | |||
994 | 1005 | ||
995 | *crl_list = | 1006 | *crl_list = |
996 | (MHD_gnutls_x509_crl_t *) MHD_gtls_realloc_fast (*crl_list, | 1007 | (MHD_gnutls_x509_crl_t *) MHD_gtls_realloc_fast (*crl_list, |
997 | i * | 1008 | i * |
998 | sizeof | 1009 | sizeof |
999 | (MHD_gnutls_x509_crl_t)); | 1010 | (MHD_gnutls_x509_crl_t)); |
1000 | 1011 | ||
1001 | if (*crl_list == NULL) | 1012 | if (*crl_list == NULL) |
1002 | { | 1013 | { |
@@ -1010,13 +1021,13 @@ parse_pem_crl_mem (MHD_gnutls_x509_crl_t ** crl_list, unsigned *ncrls, | |||
1010 | MHD_gnutls_assert (); | 1021 | MHD_gnutls_assert (); |
1011 | return ret; | 1022 | return ret; |
1012 | } | 1023 | } |
1013 | 1024 | ||
1014 | tmp.data = (unsigned char *) ptr; | 1025 | tmp.data = (unsigned char *) ptr; |
1015 | tmp.size = size; | 1026 | tmp.size = size; |
1016 | 1027 | ||
1017 | ret = | 1028 | ret = |
1018 | MHD_gnutls_x509_crl_import (crl_list[0][i - 1], | 1029 | MHD_gnutls_x509_crl_import (crl_list[0][i - 1], |
1019 | &tmp, GNUTLS_X509_FMT_PEM); | 1030 | &tmp, GNUTLS_X509_FMT_PEM); |
1020 | if (ret < 0) | 1031 | if (ret < 0) |
1021 | { | 1032 | { |
1022 | MHD_gnutls_assert (); | 1033 | MHD_gnutls_assert (); |
@@ -1062,8 +1073,9 @@ parse_der_crl_mem (MHD_gnutls_x509_crl_t ** crl_list, unsigned *ncrls, | |||
1062 | 1073 | ||
1063 | *crl_list = | 1074 | *crl_list = |
1064 | (MHD_gnutls_x509_crl_t *) MHD_gtls_realloc_fast (*crl_list, | 1075 | (MHD_gnutls_x509_crl_t *) MHD_gtls_realloc_fast (*crl_list, |
1065 | i * | 1076 | i * |
1066 | sizeof (MHD_gnutls_x509_crl_t)); | 1077 | sizeof |
1078 | (MHD_gnutls_x509_crl_t)); | ||
1067 | 1079 | ||
1068 | if (*crl_list == NULL) | 1080 | if (*crl_list == NULL) |
1069 | { | 1081 | { |
@@ -1082,7 +1094,8 @@ parse_der_crl_mem (MHD_gnutls_x509_crl_t ** crl_list, unsigned *ncrls, | |||
1082 | } | 1094 | } |
1083 | 1095 | ||
1084 | ret = | 1096 | ret = |
1085 | MHD_gnutls_x509_crl_import (crl_list[0][i - 1], &tmp, GNUTLS_X509_FMT_DER); | 1097 | MHD_gnutls_x509_crl_import (crl_list[0][i - 1], &tmp, |
1098 | GNUTLS_X509_FMT_DER); | ||
1086 | if (ret < 0) | 1099 | if (ret < 0) |
1087 | { | 1100 | { |
1088 | MHD_gnutls_assert (); | 1101 | MHD_gnutls_assert (); |
@@ -1147,8 +1160,8 @@ read_crl_mem (MHD_gtls_cert_credentials_t res, const void *crl, | |||
1147 | **/ | 1160 | **/ |
1148 | int | 1161 | int |
1149 | MHD__gnutls_certificate_set_x509_crl_mem (MHD_gtls_cert_credentials_t | 1162 | MHD__gnutls_certificate_set_x509_crl_mem (MHD_gtls_cert_credentials_t |
1150 | res, const MHD_gnutls_datum_t * CRL, | 1163 | res, const MHD_gnutls_datum_t * CRL, |
1151 | MHD_gnutls_x509_crt_fmt_t type) | 1164 | MHD_gnutls_x509_crt_fmt_t type) |
1152 | { | 1165 | { |
1153 | int ret; | 1166 | int ret; |
1154 | 1167 | ||
diff --git a/src/daemon/https/tls/gnutls_x509.h b/src/daemon/https/tls/gnutls_x509.h index b2d92603..07269328 100644 --- a/src/daemon/https/tls/gnutls_x509.h +++ b/src/daemon/https/tls/gnutls_x509.h | |||
@@ -25,7 +25,7 @@ | |||
25 | #include <libtasn1.h> | 25 | #include <libtasn1.h> |
26 | 26 | ||
27 | int MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, | 27 | int MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, |
28 | unsigned int *status); | 28 | unsigned int *status); |
29 | 29 | ||
30 | #define PEM_CERT_SEP2 "-----BEGIN X509 CERTIFICATE" | 30 | #define PEM_CERT_SEP2 "-----BEGIN X509 CERTIFICATE" |
31 | #define PEM_CERT_SEP "-----BEGIN CERTIFICATE" | 31 | #define PEM_CERT_SEP "-----BEGIN CERTIFICATE" |
@@ -36,13 +36,15 @@ int MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, | |||
36 | #define PEM_KEY_DSA_SEP "-----BEGIN DSA" | 36 | #define PEM_KEY_DSA_SEP "-----BEGIN DSA" |
37 | 37 | ||
38 | int MHD__gnutls_check_key_usage (const MHD_gnutls_cert * cert, | 38 | int MHD__gnutls_check_key_usage (const MHD_gnutls_cert * cert, |
39 | enum MHD_GNUTLS_KeyExchangeAlgorithm alg); | 39 | enum MHD_GNUTLS_KeyExchangeAlgorithm alg); |
40 | 40 | ||
41 | int MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize, mpi_t * params); | 41 | int MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize, |
42 | int MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, mpi_t * params); | 42 | mpi_t * params); |
43 | int MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, | ||
44 | mpi_t * params); | ||
43 | 45 | ||
44 | int MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey, | 46 | int MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey, |
45 | const MHD_gnutls_datum_t * raw_key, | 47 | const MHD_gnutls_datum_t * raw_key, |
46 | MHD_gnutls_x509_crt_fmt_t type); | 48 | MHD_gnutls_x509_crt_fmt_t type); |
47 | int MHD__gnutls_x509_privkey_to_gkey (MHD_gnutls_privkey * privkey, | 49 | int MHD__gnutls_x509_privkey_to_gkey (MHD_gnutls_privkey * privkey, |
48 | MHD_gnutls_x509_privkey_t); | 50 | MHD_gnutls_x509_privkey_t); |
diff --git a/src/daemon/https/tls/x509_b64.c b/src/daemon/https/tls/x509_b64.c index abe3fb40..152f7409 100644 --- a/src/daemon/https/tls/x509_b64.c +++ b/src/daemon/https/tls/x509_b64.c | |||
@@ -154,7 +154,7 @@ decode (uint8_t * result, const opaque * data) | |||
154 | */ | 154 | */ |
155 | int | 155 | int |
156 | MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data, | 156 | MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data, |
157 | int data_size, uint8_t ** result) | 157 | int data_size, uint8_t ** result) |
158 | { | 158 | { |
159 | int i, ret, tmp, j; | 159 | int i, ret, tmp, j; |
160 | char tmpres[4]; | 160 | char tmpres[4]; |
@@ -173,16 +173,16 @@ MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data, | |||
173 | memset (bottom, 0, sizeof (bottom)); | 173 | memset (bottom, 0, sizeof (bottom)); |
174 | memset (top, 0, sizeof (top)); | 174 | memset (top, 0, sizeof (top)); |
175 | 175 | ||
176 | strcat ((char*) top, "-----BEGIN "); /* Flawfinder: ignore */ | 176 | strcat ((char *) top, "-----BEGIN "); /* Flawfinder: ignore */ |
177 | strcat ((char*)top, msg); /* Flawfinder: ignore */ | 177 | strcat ((char *) top, msg); /* Flawfinder: ignore */ |
178 | strcat ((char*)top, "-----"); /* Flawfinder: ignore */ | 178 | strcat ((char *) top, "-----"); /* Flawfinder: ignore */ |
179 | 179 | ||
180 | strcat ((char*)bottom, "\n-----END "); /* Flawfinder: ignore */ | 180 | strcat ((char *) bottom, "\n-----END "); /* Flawfinder: ignore */ |
181 | strcat ((char*)bottom, msg); /* Flawfinder: ignore */ | 181 | strcat ((char *) bottom, msg); /* Flawfinder: ignore */ |
182 | strcat ((char*)bottom, "-----\n"); /* Flawfinder: ignore */ | 182 | strcat ((char *) bottom, "-----\n"); /* Flawfinder: ignore */ |
183 | 183 | ||
184 | top_len = strlen ((char*)top); | 184 | top_len = strlen ((char *) top); |
185 | bottom_len = strlen ((char*)bottom); | 185 | bottom_len = strlen ((char *) bottom); |
186 | 186 | ||
187 | ret = B64FSIZE (msglen, data_size); | 187 | ret = B64FSIZE (msglen, data_size); |
188 | 188 | ||
@@ -197,7 +197,7 @@ MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data, | |||
197 | INCR (bytes, top_len); | 197 | INCR (bytes, top_len); |
198 | pos = top_len; | 198 | pos = top_len; |
199 | 199 | ||
200 | strcpy ((char*)*result,(char*) top); /* Flawfinder: ignore */ | 200 | strcpy ((char *) *result, (char *) top); /* Flawfinder: ignore */ |
201 | 201 | ||
202 | for (i = j = 0; i < data_size; i += 3, j += 4) | 202 | for (i = j = 0; i < data_size; i += 3, j += 4) |
203 | { | 203 | { |
@@ -260,7 +260,7 @@ MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data, | |||
260 | */ | 260 | */ |
261 | int | 261 | int |
262 | MHD__gnutls_base64_decode (const uint8_t * data, size_t data_size, | 262 | MHD__gnutls_base64_decode (const uint8_t * data, size_t data_size, |
263 | uint8_t ** result) | 263 | uint8_t ** result) |
264 | { | 264 | { |
265 | unsigned int i, j; | 265 | unsigned int i, j; |
266 | int ret, tmp, est; | 266 | int ret, tmp, est; |
@@ -318,7 +318,7 @@ cpydata (const uint8_t * data, int data_size, uint8_t ** result) | |||
318 | #define ENDSTR2 "-----\r" | 318 | #define ENDSTR2 "-----\r" |
319 | int | 319 | int |
320 | MHD__gnutls_fbase64_decode (const char *header, const opaque * data, | 320 | MHD__gnutls_fbase64_decode (const char *header, const opaque * data, |
321 | size_t data_size, uint8_t ** result) | 321 | size_t data_size, uint8_t ** result) |
322 | { | 322 | { |
323 | int ret; | 323 | int ret; |
324 | static const char top[] = "-----BEGIN "; | 324 | static const char top[] = "-----BEGIN "; |
@@ -411,4 +411,3 @@ MHD__gnutls_fbase64_decode (const char *header, const opaque * data, | |||
411 | 411 | ||
412 | return ret; | 412 | return ret; |
413 | } | 413 | } |
414 | |||
diff --git a/src/daemon/https/tls/x509_b64.h b/src/daemon/https/tls/x509_b64.h index 9cb27c86..ebb48639 100644 --- a/src/daemon/https/tls/x509_b64.h +++ b/src/daemon/https/tls/x509_b64.h | |||
@@ -23,11 +23,11 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | int MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data, | 25 | int MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data, |
26 | int data_size, uint8_t ** result); | 26 | int data_size, uint8_t ** result); |
27 | int MHD__gnutls_base64_decode (const uint8_t * data, size_t data_size, | 27 | int MHD__gnutls_base64_decode (const uint8_t * data, size_t data_size, |
28 | uint8_t ** result); | 28 | uint8_t ** result); |
29 | int MHD__gnutls_fbase64_decode (const char *header, const uint8_t * data, | 29 | int MHD__gnutls_fbase64_decode (const char *header, const uint8_t * data, |
30 | size_t data_size, uint8_t ** result); | 30 | size_t data_size, uint8_t ** result); |
31 | 31 | ||
32 | #define B64SIZE( data_size) ((data_size%3==0)?((data_size*4)/3):(4+((data_size/3)*4))) | 32 | #define B64SIZE( data_size) ((data_size%3==0)?((data_size*4)/3):(4+((data_size/3)*4))) |
33 | 33 | ||
diff --git a/src/daemon/https/x509/common.c b/src/daemon/https/x509/common.c index 6e7e0853..ca2e355f 100644 --- a/src/daemon/https/x509/common.c +++ b/src/daemon/https/x509/common.c | |||
@@ -258,8 +258,9 @@ MHD__gnutls_x509_oid2ldap_string (const char *oid) | |||
258 | */ | 258 | */ |
259 | int | 259 | int |
260 | MHD__gnutls_x509_oid_data2string (const char *oid, | 260 | MHD__gnutls_x509_oid_data2string (const char *oid, |
261 | void *value, | 261 | void *value, |
262 | int value_size, char *res, size_t * res_size) | 262 | int value_size, char *res, |
263 | size_t * res_size) | ||
263 | { | 264 | { |
264 | char str[MAX_STRING_LEN], tmpname[128]; | 265 | char str[MAX_STRING_LEN], tmpname[128]; |
265 | const char *ANAME = NULL; | 266 | const char *ANAME = NULL; |
@@ -292,17 +293,19 @@ MHD__gnutls_x509_oid_data2string (const char *oid, | |||
292 | MHD_gtls_str_cat (str, sizeof (str), ANAME); | 293 | MHD_gtls_str_cat (str, sizeof (str), ANAME); |
293 | 294 | ||
294 | if ((result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), str, | 295 | if ((result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), str, |
295 | &tmpasn)) != ASN1_SUCCESS) | 296 | &tmpasn)) != ASN1_SUCCESS) |
296 | { | 297 | { |
297 | MHD_gnutls_assert (); | 298 | MHD_gnutls_assert (); |
298 | return MHD_gtls_asn2err (result); | 299 | return MHD_gtls_asn2err (result); |
299 | } | 300 | } |
300 | 301 | ||
301 | if ((result = MHD__asn1_der_decoding (&tmpasn, value, value_size, MHD__asn1_err)) | 302 | if ((result = |
302 | != ASN1_SUCCESS) | 303 | MHD__asn1_der_decoding (&tmpasn, value, value_size, |
304 | MHD__asn1_err)) != ASN1_SUCCESS) | ||
303 | { | 305 | { |
304 | MHD_gnutls_assert (); | 306 | MHD_gnutls_assert (); |
305 | MHD__gnutls_x509_log ("MHD__asn1_der_decoding: %s:%s\n", str, MHD__asn1_err); | 307 | MHD__gnutls_x509_log ("MHD__asn1_der_decoding: %s:%s\n", str, |
308 | MHD__asn1_err); | ||
306 | MHD__asn1_delete_structure (&tmpasn); | 309 | MHD__asn1_delete_structure (&tmpasn); |
307 | return MHD_gtls_asn2err (result); | 310 | return MHD_gtls_asn2err (result); |
308 | } | 311 | } |
@@ -381,7 +384,9 @@ MHD__gnutls_x509_oid_data2string (const char *oid, | |||
381 | } | 384 | } |
382 | else | 385 | else |
383 | { | 386 | { |
384 | result = MHD__gnutls_x509_data2hex ((const unsigned char*) str, len, (unsigned char*) res, res_size); | 387 | result = |
388 | MHD__gnutls_x509_data2hex ((const unsigned char *) str, len, | ||
389 | (unsigned char *) res, res_size); | ||
385 | if (result < 0) | 390 | if (result < 0) |
386 | { | 391 | { |
387 | MHD_gnutls_assert (); | 392 | MHD_gnutls_assert (); |
@@ -400,7 +405,8 @@ MHD__gnutls_x509_oid_data2string (const char *oid, | |||
400 | */ | 405 | */ |
401 | int | 406 | int |
402 | MHD__gnutls_x509_data2hex (const opaque * data, | 407 | MHD__gnutls_x509_data2hex (const opaque * data, |
403 | size_t data_size, opaque * out, size_t * sizeof_out) | 408 | size_t data_size, opaque * out, |
409 | size_t * sizeof_out) | ||
404 | { | 410 | { |
405 | char *res; | 411 | char *res; |
406 | char escaped[MAX_STRING_LEN]; | 412 | char escaped[MAX_STRING_LEN]; |
@@ -425,8 +431,8 @@ MHD__gnutls_x509_data2hex (const opaque * data, | |||
425 | 431 | ||
426 | if (out) | 432 | if (out) |
427 | { | 433 | { |
428 | strcpy ((char*) out, "#"); | 434 | strcpy ((char *) out, "#"); |
429 | strcat ((char*) out, res); | 435 | strcat ((char *) out, res); |
430 | } | 436 | } |
431 | 437 | ||
432 | return 0; | 438 | return 0; |
@@ -726,10 +732,10 @@ MHD__gnutls_x509_san_find_type (char *str_type) | |||
726 | */ | 732 | */ |
727 | int | 733 | int |
728 | MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, | 734 | MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, |
729 | MHD_gnutls_x509_crt_fmt_t format, | 735 | MHD_gnutls_x509_crt_fmt_t format, |
730 | char *pem_header, | 736 | char *pem_header, |
731 | unsigned char *output_data, | 737 | unsigned char *output_data, |
732 | size_t * output_data_size) | 738 | size_t * output_data_size) |
733 | { | 739 | { |
734 | int result, len; | 740 | int result, len; |
735 | 741 | ||
@@ -741,8 +747,9 @@ MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, | |||
741 | 747 | ||
742 | len = *output_data_size; | 748 | len = *output_data_size; |
743 | 749 | ||
744 | if ((result = MHD__asn1_der_coding (MHD__asn1_data, "", output_data, &len, | 750 | if ((result = |
745 | NULL)) != ASN1_SUCCESS) | 751 | MHD__asn1_der_coding (MHD__asn1_data, "", output_data, &len, |
752 | NULL)) != ASN1_SUCCESS) | ||
746 | { | 753 | { |
747 | *output_data_size = len; | 754 | *output_data_size = len; |
748 | if (result == ASN1_MEM_ERROR) | 755 | if (result == ASN1_MEM_ERROR) |
@@ -768,7 +775,8 @@ MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, | |||
768 | return result; | 775 | return result; |
769 | } | 776 | } |
770 | 777 | ||
771 | result = MHD__gnutls_fbase64_encode (pem_header, tmp.data, tmp.size, &out); | 778 | result = |
779 | MHD__gnutls_fbase64_encode (pem_header, tmp.data, tmp.size, &out); | ||
772 | 780 | ||
773 | MHD__gnutls_free_datum (&tmp); | 781 | MHD__gnutls_free_datum (&tmp); |
774 | 782 | ||
@@ -815,9 +823,9 @@ MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, | |||
815 | */ | 823 | */ |
816 | int | 824 | int |
817 | MHD__gnutls_x509_decode_octet_string (const char *string_type, | 825 | MHD__gnutls_x509_decode_octet_string (const char *string_type, |
818 | const opaque * der, | 826 | const opaque * der, |
819 | size_t der_size, | 827 | size_t der_size, |
820 | opaque * output, size_t * output_size) | 828 | opaque * output, size_t * output_size) |
821 | { | 829 | { |
822 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 830 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
823 | int result, tmp_output_size; | 831 | int result, tmp_output_size; |
@@ -833,7 +841,7 @@ MHD__gnutls_x509_decode_octet_string (const char *string_type, | |||
833 | 841 | ||
834 | if ((result = | 842 | if ((result = |
835 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), strname, | 843 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), strname, |
836 | &c2)) != ASN1_SUCCESS) | 844 | &c2)) != ASN1_SUCCESS) |
837 | { | 845 | { |
838 | MHD_gnutls_assert (); | 846 | MHD_gnutls_assert (); |
839 | result = MHD_gtls_asn2err (result); | 847 | result = MHD_gtls_asn2err (result); |
@@ -875,7 +883,8 @@ cleanup:if (c2) | |||
875 | */ | 883 | */ |
876 | int | 884 | int |
877 | MHD__gnutls_x509_read_value (ASN1_TYPE c, | 885 | MHD__gnutls_x509_read_value (ASN1_TYPE c, |
878 | const char *root, MHD_gnutls_datum_t * ret, int flags) | 886 | const char *root, MHD_gnutls_datum_t * ret, |
887 | int flags) | ||
879 | { | 888 | { |
880 | int len = 0, result; | 889 | int len = 0, result; |
881 | size_t slen; | 890 | size_t slen; |
@@ -917,7 +926,8 @@ MHD__gnutls_x509_read_value (ASN1_TYPE c, | |||
917 | if (flags == 1) | 926 | if (flags == 1) |
918 | { | 927 | { |
919 | slen = len; | 928 | slen = len; |
920 | result = MHD__gnutls_x509_decode_octet_string (NULL, tmp, slen, tmp, &slen); | 929 | result = |
930 | MHD__gnutls_x509_decode_octet_string (NULL, tmp, slen, tmp, &slen); | ||
921 | if (result < 0) | 931 | if (result < 0) |
922 | { | 932 | { |
923 | MHD_gnutls_assert (); | 933 | MHD_gnutls_assert (); |
@@ -942,7 +952,8 @@ cleanup:MHD_gnutls_free (tmp); | |||
942 | */ | 952 | */ |
943 | int | 953 | int |
944 | MHD__gnutls_x509_der_encode (ASN1_TYPE src, | 954 | MHD__gnutls_x509_der_encode (ASN1_TYPE src, |
945 | const char *src_name, MHD_gnutls_datum_t * res, int str) | 955 | const char *src_name, MHD_gnutls_datum_t * res, |
956 | int str) | ||
946 | { | 957 | { |
947 | int size, result; | 958 | int size, result; |
948 | int asize; | 959 | int asize; |
@@ -984,8 +995,9 @@ MHD__gnutls_x509_der_encode (ASN1_TYPE src, | |||
984 | if (str) | 995 | if (str) |
985 | { | 996 | { |
986 | if ((result = | 997 | if ((result = |
987 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.pkcs-7-Data", | 998 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
988 | &c2)) != ASN1_SUCCESS) | 999 | "PKIX1.pkcs-7-Data", |
1000 | &c2)) != ASN1_SUCCESS) | ||
989 | { | 1001 | { |
990 | MHD_gnutls_assert (); | 1002 | MHD_gnutls_assert (); |
991 | result = MHD_gtls_asn2err (result); | 1003 | result = MHD_gtls_asn2err (result); |
@@ -1030,9 +1042,9 @@ cleanup:MHD_gnutls_free (data); | |||
1030 | */ | 1042 | */ |
1031 | int | 1043 | int |
1032 | MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, | 1044 | MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, |
1033 | const char *src_name, | 1045 | const char *src_name, |
1034 | ASN1_TYPE dest, | 1046 | ASN1_TYPE dest, |
1035 | const char *dest_name, int str) | 1047 | const char *dest_name, int str) |
1036 | { | 1048 | { |
1037 | int result; | 1049 | int result; |
1038 | MHD_gnutls_datum_t encoded; | 1050 | MHD_gnutls_datum_t encoded; |
@@ -1047,7 +1059,8 @@ MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, | |||
1047 | 1059 | ||
1048 | /* Write the data. | 1060 | /* Write the data. |
1049 | */ | 1061 | */ |
1050 | result = MHD__asn1_write_value (dest, dest_name, encoded.data, encoded.size); | 1062 | result = |
1063 | MHD__asn1_write_value (dest, dest_name, encoded.data, encoded.size); | ||
1051 | 1064 | ||
1052 | MHD__gnutls_free_datum (&encoded); | 1065 | MHD__gnutls_free_datum (&encoded); |
1053 | 1066 | ||
@@ -1065,8 +1078,8 @@ MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, | |||
1065 | */ | 1078 | */ |
1066 | int | 1079 | int |
1067 | MHD__gnutls_x509_write_value (ASN1_TYPE c, | 1080 | MHD__gnutls_x509_write_value (ASN1_TYPE c, |
1068 | const char *root, | 1081 | const char *root, |
1069 | const MHD_gnutls_datum_t * data, int str) | 1082 | const MHD_gnutls_datum_t * data, int str) |
1070 | { | 1083 | { |
1071 | int result; | 1084 | int result; |
1072 | int asize; | 1085 | int asize; |
@@ -1088,8 +1101,9 @@ MHD__gnutls_x509_write_value (ASN1_TYPE c, | |||
1088 | /* Convert it to OCTET STRING | 1101 | /* Convert it to OCTET STRING |
1089 | */ | 1102 | */ |
1090 | if ((result = | 1103 | if ((result = |
1091 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.pkcs-7-Data", | 1104 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
1092 | &c2)) != ASN1_SUCCESS) | 1105 | "PKIX1.pkcs-7-Data", |
1106 | &c2)) != ASN1_SUCCESS) | ||
1093 | { | 1107 | { |
1094 | MHD_gnutls_assert (); | 1108 | MHD_gnutls_assert (); |
1095 | result = MHD_gtls_asn2err (result); | 1109 | result = MHD_gtls_asn2err (result); |
@@ -1144,10 +1158,11 @@ cleanup:if (val.data != data->data) | |||
1144 | */ | 1158 | */ |
1145 | int | 1159 | int |
1146 | MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst, | 1160 | MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst, |
1147 | const char *dst_name, | 1161 | const char *dst_name, |
1148 | enum MHD_GNUTLS_PublicKeyAlgorithm | 1162 | enum |
1149 | pk_algorithm, | 1163 | MHD_GNUTLS_PublicKeyAlgorithm |
1150 | mpi_t * params, int params_size) | 1164 | pk_algorithm, mpi_t * params, |
1165 | int params_size) | ||
1151 | { | 1166 | { |
1152 | const char *pk; | 1167 | const char *pk; |
1153 | MHD_gnutls_datum_t der = { NULL, | 1168 | MHD_gnutls_datum_t der = { NULL, |
@@ -1219,7 +1234,7 @@ MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst, | |||
1219 | */ | 1234 | */ |
1220 | int | 1235 | int |
1221 | MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src, | 1236 | MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src, |
1222 | const char *src_name, unsigned int *bits) | 1237 | const char *src_name, unsigned int *bits) |
1223 | { | 1238 | { |
1224 | int result; | 1239 | int result; |
1225 | opaque *str = NULL; | 1240 | opaque *str = NULL; |
@@ -1295,7 +1310,8 @@ MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src, | |||
1295 | { | 1310 | { |
1296 | case MHD_GNUTLS_PK_RSA: | 1311 | case MHD_GNUTLS_PK_RSA: |
1297 | { | 1312 | { |
1298 | if ((result = MHD__gnutls_x509_read_rsa_params (str, len, params)) < 0) | 1313 | if ((result = |
1314 | MHD__gnutls_x509_read_rsa_params (str, len, params)) < 0) | ||
1299 | { | 1315 | { |
1300 | MHD_gnutls_assert (); | 1316 | MHD_gnutls_assert (); |
1301 | return result; | 1317 | return result; |
@@ -1321,8 +1337,8 @@ MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src, | |||
1321 | */ | 1337 | */ |
1322 | int | 1338 | int |
1323 | MHD__gnutls_x509_get_signed_data (ASN1_TYPE src, | 1339 | MHD__gnutls_x509_get_signed_data (ASN1_TYPE src, |
1324 | const char *src_name, | 1340 | const char *src_name, |
1325 | MHD_gnutls_datum_t * signed_data) | 1341 | MHD_gnutls_datum_t * signed_data) |
1326 | { | 1342 | { |
1327 | MHD_gnutls_datum_t der; | 1343 | MHD_gnutls_datum_t der; |
1328 | int start, end, result; | 1344 | int start, end, result; |
@@ -1337,7 +1353,7 @@ MHD__gnutls_x509_get_signed_data (ASN1_TYPE src, | |||
1337 | /* Get the signed data | 1353 | /* Get the signed data |
1338 | */ | 1354 | */ |
1339 | result = MHD__asn1_der_decoding_startEnd (src, der.data, der.size, src_name, | 1355 | result = MHD__asn1_der_decoding_startEnd (src, der.data, der.size, src_name, |
1340 | &start, &end); | 1356 | &start, &end); |
1341 | if (result != ASN1_SUCCESS) | 1357 | if (result != ASN1_SUCCESS) |
1342 | { | 1358 | { |
1343 | result = MHD_gtls_asn2err (result); | 1359 | result = MHD_gtls_asn2err (result); |
@@ -1345,7 +1361,8 @@ MHD__gnutls_x509_get_signed_data (ASN1_TYPE src, | |||
1345 | goto cleanup; | 1361 | goto cleanup; |
1346 | } | 1362 | } |
1347 | 1363 | ||
1348 | result = MHD__gnutls_set_datum (signed_data, &der.data[start], end - start + 1); | 1364 | result = |
1365 | MHD__gnutls_set_datum (signed_data, &der.data[start], end - start + 1); | ||
1349 | 1366 | ||
1350 | if (result < 0) | 1367 | if (result < 0) |
1351 | { | 1368 | { |
@@ -1365,7 +1382,8 @@ cleanup:MHD__gnutls_free_datum (&der); | |||
1365 | */ | 1382 | */ |
1366 | int | 1383 | int |
1367 | MHD__gnutls_x509_get_signature (ASN1_TYPE src, | 1384 | MHD__gnutls_x509_get_signature (ASN1_TYPE src, |
1368 | const char *src_name, MHD_gnutls_datum_t * signature) | 1385 | const char *src_name, |
1386 | MHD_gnutls_datum_t * signature) | ||
1369 | { | 1387 | { |
1370 | int bits, result, len; | 1388 | int bits, result, len; |
1371 | 1389 | ||
diff --git a/src/daemon/https/x509/common.h b/src/daemon/https/x509/common.h index 0102c5a7..7ddb4b08 100644 --- a/src/daemon/https/x509/common.h +++ b/src/daemon/https/x509/common.h | |||
@@ -59,13 +59,14 @@ | |||
59 | #define SIG_GOST_R3410_2001_OID "1.2.643.2.2.3" | 59 | #define SIG_GOST_R3410_2001_OID "1.2.643.2.2.3" |
60 | 60 | ||
61 | int MHD__gnutls_x509_decode_octet_string (const char *string_type, | 61 | int MHD__gnutls_x509_decode_octet_string (const char *string_type, |
62 | const opaque * der, size_t der_size, | 62 | const opaque * der, size_t der_size, |
63 | opaque * output, size_t * output_size); | 63 | opaque * output, |
64 | size_t * output_size); | ||
64 | int MHD__gnutls_x509_oid_data2string (const char *OID, void *value, | 65 | int MHD__gnutls_x509_oid_data2string (const char *OID, void *value, |
65 | int value_size, char *res, | 66 | int value_size, char *res, |
66 | size_t * res_size); | 67 | size_t * res_size); |
67 | int MHD__gnutls_x509_data2hex (const opaque * data, size_t data_size, | 68 | int MHD__gnutls_x509_data2hex (const opaque * data, size_t data_size, |
68 | opaque * out, size_t * sizeof_out); | 69 | opaque * out, size_t * sizeof_out); |
69 | 70 | ||
70 | const char *MHD__gnutls_x509_oid2ldap_string (const char *OID); | 71 | const char *MHD__gnutls_x509_oid2ldap_string (const char *OID); |
71 | 72 | ||
@@ -74,50 +75,51 @@ int MHD__gnutls_x509_oid_data_printable (const char *OID); | |||
74 | 75 | ||
75 | time_t MHD__gnutls_x509_get_time (ASN1_TYPE c2, const char *when); | 76 | time_t MHD__gnutls_x509_get_time (ASN1_TYPE c2, const char *when); |
76 | 77 | ||
77 | MHD_gnutls_x509_subject_alt_name_t MHD__gnutls_x509_san_find_type (char *str_type); | 78 | MHD_gnutls_x509_subject_alt_name_t MHD__gnutls_x509_san_find_type (char |
79 | *str_type); | ||
78 | 80 | ||
79 | int MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, const char *src_name, | 81 | int MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, const char *src_name, |
80 | ASN1_TYPE dest, const char *dest_name, | 82 | ASN1_TYPE dest, |
81 | int str); | 83 | const char *dest_name, int str); |
82 | int MHD__gnutls_x509_der_encode (ASN1_TYPE src, const char *src_name, | 84 | int MHD__gnutls_x509_der_encode (ASN1_TYPE src, const char *src_name, |
83 | MHD_gnutls_datum_t * res, int str); | 85 | MHD_gnutls_datum_t * res, int str); |
84 | 86 | ||
85 | int MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, | 87 | int MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, |
86 | MHD_gnutls_x509_crt_fmt_t format, char *pem_header, | 88 | MHD_gnutls_x509_crt_fmt_t format, |
87 | unsigned char *output_data, | 89 | char *pem_header, unsigned char *output_data, |
88 | size_t * output_data_size); | 90 | size_t * output_data_size); |
89 | 91 | ||
90 | int MHD__gnutls_x509_read_value (ASN1_TYPE c, const char *root, | 92 | int MHD__gnutls_x509_read_value (ASN1_TYPE c, const char *root, |
91 | MHD_gnutls_datum_t * ret, int str); | 93 | MHD_gnutls_datum_t * ret, int str); |
92 | int MHD__gnutls_x509_write_value (ASN1_TYPE c, const char *root, | 94 | int MHD__gnutls_x509_write_value (ASN1_TYPE c, const char *root, |
93 | const MHD_gnutls_datum_t * data, int str); | 95 | const MHD_gnutls_datum_t * data, int str); |
94 | 96 | ||
95 | int MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, | 97 | int MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, |
96 | ASN1_TYPE MHD__asn1_struct, | 98 | ASN1_TYPE MHD__asn1_struct, |
97 | const char *where, | 99 | const char *where, |
98 | const void *data, | 100 | const void *data, |
99 | int sizeof_data, int multi); | 101 | int sizeof_data, int multi); |
100 | int MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, | 102 | int MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, |
101 | const char *where, char *oid, | 103 | const char *where, char *oid, |
102 | int oid_size, | 104 | int oid_size, |
103 | MHD_gnutls_datum_t * value, int multi, | 105 | MHD_gnutls_datum_t * value, |
104 | int octet); | 106 | int multi, int octet); |
105 | 107 | ||
106 | int MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src, const char *src_name, | 108 | int MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src, const char *src_name, |
107 | unsigned int *bits); | 109 | unsigned int *bits); |
108 | 110 | ||
109 | int MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst, | 111 | int MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst, |
110 | const char *dst_name, | 112 | const char *dst_name, |
111 | enum | 113 | enum |
112 | MHD_GNUTLS_PublicKeyAlgorithm | 114 | MHD_GNUTLS_PublicKeyAlgorithm |
113 | pk_algorithm, mpi_t * params, | 115 | pk_algorithm, mpi_t * params, |
114 | int params_size); | 116 | int params_size); |
115 | int MHD__gnutls_asn1_copy_node (ASN1_TYPE * dst, const char *dst_name, | 117 | int MHD__gnutls_asn1_copy_node (ASN1_TYPE * dst, const char *dst_name, |
116 | ASN1_TYPE src, const char *src_name); | 118 | ASN1_TYPE src, const char *src_name); |
117 | 119 | ||
118 | int MHD__gnutls_x509_get_signed_data (ASN1_TYPE src, const char *src_name, | 120 | int MHD__gnutls_x509_get_signed_data (ASN1_TYPE src, const char *src_name, |
119 | MHD_gnutls_datum_t * signed_data); | 121 | MHD_gnutls_datum_t * signed_data); |
120 | int MHD__gnutls_x509_get_signature (ASN1_TYPE src, const char *src_name, | 122 | int MHD__gnutls_x509_get_signature (ASN1_TYPE src, const char *src_name, |
121 | MHD_gnutls_datum_t * signature); | 123 | MHD_gnutls_datum_t * signature); |
122 | 124 | ||
123 | #endif | 125 | #endif |
diff --git a/src/daemon/https/x509/crl.c b/src/daemon/https/x509/crl.c index 17703b91..e023a193 100644 --- a/src/daemon/https/x509/crl.c +++ b/src/daemon/https/x509/crl.c | |||
@@ -56,8 +56,8 @@ MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl) | |||
56 | if (*crl) | 56 | if (*crl) |
57 | { | 57 | { |
58 | int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 58 | int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
59 | "PKIX1.CertificateList", | 59 | "PKIX1.CertificateList", |
60 | &(*crl)->crl); | 60 | &(*crl)->crl); |
61 | if (result != ASN1_SUCCESS) | 61 | if (result != ASN1_SUCCESS) |
62 | { | 62 | { |
63 | MHD_gnutls_assert (); | 63 | MHD_gnutls_assert (); |
@@ -104,8 +104,8 @@ MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl) | |||
104 | **/ | 104 | **/ |
105 | int | 105 | int |
106 | MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, | 106 | MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, |
107 | const MHD_gnutls_datum_t * data, | 107 | const MHD_gnutls_datum_t * data, |
108 | MHD_gnutls_x509_crt_fmt_t format) | 108 | MHD_gnutls_x509_crt_fmt_t format) |
109 | { | 109 | { |
110 | int result = 0, need_free = 0; | 110 | int result = 0, need_free = 0; |
111 | MHD_gnutls_datum_t _data; | 111 | MHD_gnutls_datum_t _data; |
@@ -125,7 +125,8 @@ MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, | |||
125 | { | 125 | { |
126 | opaque *out; | 126 | opaque *out; |
127 | 127 | ||
128 | result = MHD__gnutls_fbase64_decode (PEM_CRL, data->data, data->size, &out); | 128 | result = |
129 | MHD__gnutls_fbase64_decode (PEM_CRL, data->data, data->size, &out); | ||
129 | 130 | ||
130 | if (result <= 0) | 131 | if (result <= 0) |
131 | { | 132 | { |
@@ -181,7 +182,7 @@ cleanup: | |||
181 | **/ | 182 | **/ |
182 | int | 183 | int |
183 | MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf, | 184 | MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf, |
184 | size_t * sizeof_buf) | 185 | size_t * sizeof_buf) |
185 | { | 186 | { |
186 | if (crl == NULL) | 187 | if (crl == NULL) |
187 | { | 188 | { |
@@ -190,8 +191,8 @@ MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf, | |||
190 | } | 191 | } |
191 | 192 | ||
192 | return MHD__gnutls_x509_parse_dn (crl->crl, | 193 | return MHD__gnutls_x509_parse_dn (crl->crl, |
193 | "tbsCertList.issuer.rdnSequence", | 194 | "tbsCertList.issuer.rdnSequence", |
194 | buf, sizeof_buf); | 195 | buf, sizeof_buf); |
195 | } | 196 | } |
196 | 197 | ||
197 | /** | 198 | /** |
@@ -221,9 +222,9 @@ MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf, | |||
221 | **/ | 222 | **/ |
222 | int | 223 | int |
223 | MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, | 224 | MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, |
224 | const char *oid, int indx, | 225 | const char *oid, int indx, |
225 | unsigned int raw_flag, void *buf, | 226 | unsigned int raw_flag, void *buf, |
226 | size_t * sizeof_buf) | 227 | size_t * sizeof_buf) |
227 | { | 228 | { |
228 | if (crl == NULL) | 229 | if (crl == NULL) |
229 | { | 230 | { |
@@ -232,8 +233,8 @@ MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, | |||
232 | } | 233 | } |
233 | 234 | ||
234 | return MHD__gnutls_x509_parse_dn_oid (crl->crl, | 235 | return MHD__gnutls_x509_parse_dn_oid (crl->crl, |
235 | "tbsCertList.issuer.rdnSequence", | 236 | "tbsCertList.issuer.rdnSequence", |
236 | oid, indx, raw_flag, buf, sizeof_buf); | 237 | oid, indx, raw_flag, buf, sizeof_buf); |
237 | } | 238 | } |
238 | 239 | ||
239 | /** | 240 | /** |
@@ -255,7 +256,7 @@ MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, | |||
255 | **/ | 256 | **/ |
256 | int | 257 | int |
257 | MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, | 258 | MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, |
258 | int indx, void *oid, size_t * sizeof_oid) | 259 | int indx, void *oid, size_t * sizeof_oid) |
259 | { | 260 | { |
260 | if (crl == NULL) | 261 | if (crl == NULL) |
261 | { | 262 | { |
@@ -264,8 +265,8 @@ MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, | |||
264 | } | 265 | } |
265 | 266 | ||
266 | return MHD__gnutls_x509_get_dn_oid (crl->crl, | 267 | return MHD__gnutls_x509_get_dn_oid (crl->crl, |
267 | "tbsCertList.issuer.rdnSequence", indx, | 268 | "tbsCertList.issuer.rdnSequence", indx, |
268 | oid, sizeof_oid); | 269 | oid, sizeof_oid); |
269 | } | 270 | } |
270 | 271 | ||
271 | 272 | ||
@@ -297,7 +298,7 @@ MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl) | |||
297 | 298 | ||
298 | result = | 299 | result = |
299 | MHD__gnutls_x509_read_value (crl->crl, "signatureAlgorithm.algorithm", | 300 | MHD__gnutls_x509_read_value (crl->crl, "signatureAlgorithm.algorithm", |
300 | &sa, 0); | 301 | &sa, 0); |
301 | 302 | ||
302 | if (result < 0) | 303 | if (result < 0) |
303 | { | 304 | { |
@@ -324,7 +325,7 @@ MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl) | |||
324 | **/ | 325 | **/ |
325 | int | 326 | int |
326 | MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, | 327 | MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, |
327 | char *sig, size_t * sizeof_sig) | 328 | char *sig, size_t * sizeof_sig) |
328 | { | 329 | { |
329 | int result; | 330 | int result; |
330 | int bits, len; | 331 | int bits, len; |
@@ -391,7 +392,7 @@ MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl) | |||
391 | len = sizeof (version); | 392 | len = sizeof (version); |
392 | if ((result = | 393 | if ((result = |
393 | MHD__asn1_read_value (crl->crl, "tbsCertList.version", version, | 394 | MHD__asn1_read_value (crl->crl, "tbsCertList.version", version, |
394 | &len)) != ASN1_SUCCESS) | 395 | &len)) != ASN1_SUCCESS) |
395 | { | 396 | { |
396 | MHD_gnutls_assert (); | 397 | MHD_gnutls_assert (); |
397 | return MHD_gtls_asn2err (result); | 398 | return MHD_gtls_asn2err (result); |
@@ -468,7 +469,7 @@ MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl) | |||
468 | 469 | ||
469 | result = | 470 | result = |
470 | MHD__asn1_number_of_elements (crl->crl, | 471 | MHD__asn1_number_of_elements (crl->crl, |
471 | "tbsCertList.revokedCertificates", &count); | 472 | "tbsCertList.revokedCertificates", &count); |
472 | 473 | ||
473 | if (result != ASN1_SUCCESS) | 474 | if (result != ASN1_SUCCESS) |
474 | { | 475 | { |
@@ -495,8 +496,8 @@ MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl) | |||
495 | **/ | 496 | **/ |
496 | int | 497 | int |
497 | MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, int indx, | 498 | MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, int indx, |
498 | unsigned char *serial, | 499 | unsigned char *serial, |
499 | size_t * serial_size, time_t * t) | 500 | size_t * serial_size, time_t * t) |
500 | { | 501 | { |
501 | 502 | ||
502 | int result, _serial_size; | 503 | int result, _serial_size; |
@@ -515,7 +516,8 @@ MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, int indx, | |||
515 | "tbsCertList.revokedCertificates.?%u.revocationDate", indx + 1); | 516 | "tbsCertList.revokedCertificates.?%u.revocationDate", indx + 1); |
516 | 517 | ||
517 | _serial_size = *serial_size; | 518 | _serial_size = *serial_size; |
518 | result = MHD__asn1_read_value (crl->crl, serial_name, serial, &_serial_size); | 519 | result = |
520 | MHD__asn1_read_value (crl->crl, serial_name, serial, &_serial_size); | ||
519 | 521 | ||
520 | *serial_size = _serial_size; | 522 | *serial_size = _serial_size; |
521 | if (result != ASN1_SUCCESS) | 523 | if (result != ASN1_SUCCESS) |
@@ -547,7 +549,7 @@ MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, int indx, | |||
547 | -*/ | 549 | -*/ |
548 | int | 550 | int |
549 | MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, | 551 | MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, |
550 | MHD_gnutls_datum_t * dn) | 552 | MHD_gnutls_datum_t * dn) |
551 | { | 553 | { |
552 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 554 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
553 | int result, len1; | 555 | int result, len1; |
@@ -564,14 +566,15 @@ MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, | |||
564 | */ | 566 | */ |
565 | if ((result = | 567 | if ((result = |
566 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.TBSCertList", | 568 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.TBSCertList", |
567 | &c2)) != ASN1_SUCCESS) | 569 | &c2)) != ASN1_SUCCESS) |
568 | { | 570 | { |
569 | MHD_gnutls_assert (); | 571 | MHD_gnutls_assert (); |
570 | return MHD_gtls_asn2err (result); | 572 | return MHD_gtls_asn2err (result); |
571 | } | 573 | } |
572 | 574 | ||
573 | result = | 575 | result = |
574 | MHD__gnutls_x509_get_signed_data (crl->crl, "tbsCertList", &crl_signed_data); | 576 | MHD__gnutls_x509_get_signed_data (crl->crl, "tbsCertList", |
577 | &crl_signed_data); | ||
575 | if (result < 0) | 578 | if (result < 0) |
576 | { | 579 | { |
577 | MHD_gnutls_assert (); | 580 | MHD_gnutls_assert (); |
@@ -579,7 +582,8 @@ MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, | |||
579 | } | 582 | } |
580 | 583 | ||
581 | result = | 584 | result = |
582 | MHD__asn1_der_decoding (&c2, crl_signed_data.data, crl_signed_data.size, NULL); | 585 | MHD__asn1_der_decoding (&c2, crl_signed_data.data, crl_signed_data.size, |
586 | NULL); | ||
583 | if (result != ASN1_SUCCESS) | 587 | if (result != ASN1_SUCCESS) |
584 | { | 588 | { |
585 | /* couldn't decode DER */ | 589 | /* couldn't decode DER */ |
@@ -591,8 +595,8 @@ MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, | |||
591 | 595 | ||
592 | result = | 596 | result = |
593 | MHD__asn1_der_decoding_startEnd (c2, crl_signed_data.data, | 597 | MHD__asn1_der_decoding_startEnd (c2, crl_signed_data.data, |
594 | crl_signed_data.size, "issuer", | 598 | crl_signed_data.size, "issuer", |
595 | &start1, &end1); | 599 | &start1, &end1); |
596 | 600 | ||
597 | if (result != ASN1_SUCCESS) | 601 | if (result != ASN1_SUCCESS) |
598 | { | 602 | { |
@@ -633,8 +637,8 @@ cleanup: | |||
633 | **/ | 637 | **/ |
634 | int | 638 | int |
635 | MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, | 639 | MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, |
636 | MHD_gnutls_x509_crt_fmt_t format, void *output_data, | 640 | MHD_gnutls_x509_crt_fmt_t format, |
637 | size_t * output_data_size) | 641 | void *output_data, size_t * output_data_size) |
638 | { | 642 | { |
639 | if (crl == NULL) | 643 | if (crl == NULL) |
640 | { | 644 | { |
@@ -643,7 +647,7 @@ MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, | |||
643 | } | 647 | } |
644 | 648 | ||
645 | return MHD__gnutls_x509_export_int (crl->crl, format, PEM_CRL, | 649 | return MHD__gnutls_x509_export_int (crl->crl, format, PEM_CRL, |
646 | output_data, output_data_size); | 650 | output_data, output_data_size); |
647 | } | 651 | } |
648 | 652 | ||
649 | /*- | 653 | /*- |
@@ -657,14 +661,16 @@ MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, | |||
657 | * | 661 | * |
658 | -*/ | 662 | -*/ |
659 | int | 663 | int |
660 | MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest, MHD_gnutls_x509_crl_t src) | 664 | MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest, |
665 | MHD_gnutls_x509_crl_t src) | ||
661 | { | 666 | { |
662 | int ret; | 667 | int ret; |
663 | size_t der_size; | 668 | size_t der_size; |
664 | opaque *der; | 669 | opaque *der; |
665 | MHD_gnutls_datum_t tmp; | 670 | MHD_gnutls_datum_t tmp; |
666 | 671 | ||
667 | ret = MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, NULL, &der_size); | 672 | ret = |
673 | MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, NULL, &der_size); | ||
668 | if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) | 674 | if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) |
669 | { | 675 | { |
670 | MHD_gnutls_assert (); | 676 | MHD_gnutls_assert (); |
diff --git a/src/daemon/https/x509/crq.c b/src/daemon/https/x509/crq.c index 147be276..88ac349d 100644 --- a/src/daemon/https/x509/crq.c +++ b/src/daemon/https/x509/crq.c | |||
@@ -59,8 +59,8 @@ MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq) | |||
59 | if (*crq) | 59 | if (*crq) |
60 | { | 60 | { |
61 | int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 61 | int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
62 | "PKIX1.pkcs-10-CertificationRequest", | 62 | "PKIX1.pkcs-10-CertificationRequest", |
63 | &((*crq)->crq)); | 63 | &((*crq)->crq)); |
64 | if (result != ASN1_SUCCESS) | 64 | if (result != ASN1_SUCCESS) |
65 | { | 65 | { |
66 | MHD_gnutls_assert (); | 66 | MHD_gnutls_assert (); |
@@ -110,8 +110,8 @@ MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq) | |||
110 | **/ | 110 | **/ |
111 | int | 111 | int |
112 | MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq, | 112 | MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq, |
113 | const MHD_gnutls_datum_t * data, | 113 | const MHD_gnutls_datum_t * data, |
114 | MHD_gnutls_x509_crt_fmt_t format) | 114 | MHD_gnutls_x509_crt_fmt_t format) |
115 | { | 115 | { |
116 | int result = 0, need_free = 0; | 116 | int result = 0, need_free = 0; |
117 | MHD_gnutls_datum_t _data; | 117 | MHD_gnutls_datum_t _data; |
@@ -132,7 +132,8 @@ MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq, | |||
132 | opaque *out; | 132 | opaque *out; |
133 | 133 | ||
134 | /* Try the first header */ | 134 | /* Try the first header */ |
135 | result = MHD__gnutls_fbase64_decode (PEM_CRQ, data->data, data->size, &out); | 135 | result = |
136 | MHD__gnutls_fbase64_decode (PEM_CRQ, data->data, data->size, &out); | ||
136 | 137 | ||
137 | if (result <= 0) /* Go for the second header */ | 138 | if (result <= 0) /* Go for the second header */ |
138 | result = | 139 | result = |
@@ -189,7 +190,8 @@ cleanup: | |||
189 | * | 190 | * |
190 | **/ | 191 | **/ |
191 | int | 192 | int |
192 | MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf, size_t * sizeof_buf) | 193 | MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf, |
194 | size_t * sizeof_buf) | ||
193 | { | 195 | { |
194 | if (crq == NULL) | 196 | if (crq == NULL) |
195 | { | 197 | { |
@@ -198,8 +200,8 @@ MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf, size_t * sizeo | |||
198 | } | 200 | } |
199 | 201 | ||
200 | return MHD__gnutls_x509_parse_dn (crq->crq, | 202 | return MHD__gnutls_x509_parse_dn (crq->crq, |
201 | "certificationRequestInfo.subject.rdnSequence", | 203 | "certificationRequestInfo.subject.rdnSequence", |
202 | buf, sizeof_buf); | 204 | buf, sizeof_buf); |
203 | } | 205 | } |
204 | 206 | ||
205 | /** | 207 | /** |
@@ -232,8 +234,8 @@ MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf, size_t * sizeo | |||
232 | **/ | 234 | **/ |
233 | int | 235 | int |
234 | MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, | 236 | MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, |
235 | int indx, unsigned int raw_flag, | 237 | int indx, unsigned int raw_flag, |
236 | void *buf, size_t * sizeof_buf) | 238 | void *buf, size_t * sizeof_buf) |
237 | { | 239 | { |
238 | if (crq == NULL) | 240 | if (crq == NULL) |
239 | { | 241 | { |
@@ -242,8 +244,8 @@ MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, | |||
242 | } | 244 | } |
243 | 245 | ||
244 | return MHD__gnutls_x509_parse_dn_oid (crq->crq, | 246 | return MHD__gnutls_x509_parse_dn_oid (crq->crq, |
245 | "certificationRequestInfo.subject.rdnSequence", | 247 | "certificationRequestInfo.subject.rdnSequence", |
246 | oid, indx, raw_flag, buf, sizeof_buf); | 248 | oid, indx, raw_flag, buf, sizeof_buf); |
247 | } | 249 | } |
248 | 250 | ||
249 | /** | 251 | /** |
@@ -265,7 +267,7 @@ MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, | |||
265 | **/ | 267 | **/ |
266 | int | 268 | int |
267 | MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq, | 269 | MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq, |
268 | int indx, void *oid, size_t * sizeof_oid) | 270 | int indx, void *oid, size_t * sizeof_oid) |
269 | { | 271 | { |
270 | if (crq == NULL) | 272 | if (crq == NULL) |
271 | { | 273 | { |
@@ -274,8 +276,8 @@ MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq, | |||
274 | } | 276 | } |
275 | 277 | ||
276 | return MHD__gnutls_x509_get_dn_oid (crq->crq, | 278 | return MHD__gnutls_x509_get_dn_oid (crq->crq, |
277 | "certificationRequestInfo.subject.rdnSequence", | 279 | "certificationRequestInfo.subject.rdnSequence", |
278 | indx, oid, sizeof_oid); | 280 | indx, oid, sizeof_oid); |
279 | } | 281 | } |
280 | 282 | ||
281 | /* Parses an Attribute list in the MHD__asn1_struct, and searches for the | 283 | /* Parses an Attribute list in the MHD__asn1_struct, and searches for the |
@@ -319,7 +321,8 @@ parse_attribute (ASN1_TYPE MHD__asn1_struct, | |||
319 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); | 321 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); |
320 | 322 | ||
321 | len = sizeof (value) - 1; | 323 | len = sizeof (value) - 1; |
322 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | 324 | result = |
325 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | ||
323 | 326 | ||
324 | if (result == ASN1_ELEMENT_NOT_FOUND) | 327 | if (result == ASN1_ELEMENT_NOT_FOUND) |
325 | { | 328 | { |
@@ -362,7 +365,8 @@ parse_attribute (ASN1_TYPE MHD__asn1_struct, | |||
362 | tmpbuffer1, indx + 1); | 365 | tmpbuffer1, indx + 1); |
363 | 366 | ||
364 | len = sizeof (value) - 1; | 367 | len = sizeof (value) - 1; |
365 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value, &len); | 368 | result = |
369 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value, &len); | ||
366 | 370 | ||
367 | if (result != ASN1_SUCCESS) | 371 | if (result != ASN1_SUCCESS) |
368 | { | 372 | { |
@@ -434,7 +438,7 @@ cleanup: | |||
434 | **/ | 438 | **/ |
435 | int | 439 | int |
436 | MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq, | 440 | MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq, |
437 | char *pass, size_t * sizeof_pass) | 441 | char *pass, size_t * sizeof_pass) |
438 | { | 442 | { |
439 | if (crq == NULL) | 443 | if (crq == NULL) |
440 | { | 444 | { |
@@ -461,8 +465,8 @@ MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq, | |||
461 | **/ | 465 | **/ |
462 | int | 466 | int |
463 | MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | 467 | MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, |
464 | const char *oid, void *buf, | 468 | const char *oid, void *buf, |
465 | size_t sizeof_buf) | 469 | size_t sizeof_buf) |
466 | { | 470 | { |
467 | int result; | 471 | int result; |
468 | 472 | ||
@@ -476,7 +480,7 @@ MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | |||
476 | */ | 480 | */ |
477 | result = | 481 | result = |
478 | MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes", | 482 | MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes", |
479 | "NEW", 1); | 483 | "NEW", 1); |
480 | if (result != ASN1_SUCCESS) | 484 | if (result != ASN1_SUCCESS) |
481 | { | 485 | { |
482 | MHD_gnutls_assert (); | 486 | MHD_gnutls_assert (); |
@@ -485,9 +489,9 @@ MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | |||
485 | 489 | ||
486 | result = | 490 | result = |
487 | MHD__gnutls_x509_encode_and_write_attribute (oid, | 491 | MHD__gnutls_x509_encode_and_write_attribute (oid, |
488 | crq->crq, | 492 | crq->crq, |
489 | "certificationRequestInfo.attributes.?LAST", | 493 | "certificationRequestInfo.attributes.?LAST", |
490 | buf, sizeof_buf, 1); | 494 | buf, sizeof_buf, 1); |
491 | 495 | ||
492 | if (result < 0) | 496 | if (result < 0) |
493 | { | 497 | { |
@@ -515,8 +519,8 @@ MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | |||
515 | **/ | 519 | **/ |
516 | int | 520 | int |
517 | MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | 521 | MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq, |
518 | const char *oid, int indx, void *buf, | 522 | const char *oid, int indx, |
519 | size_t * sizeof_buf) | 523 | void *buf, size_t * sizeof_buf) |
520 | { | 524 | { |
521 | if (crq == NULL) | 525 | if (crq == NULL) |
522 | { | 526 | { |
@@ -550,8 +554,8 @@ MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | |||
550 | **/ | 554 | **/ |
551 | int | 555 | int |
552 | MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, | 556 | MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, |
553 | unsigned int raw_flag, const void *data, | 557 | unsigned int raw_flag, const void *data, |
554 | unsigned int sizeof_data) | 558 | unsigned int sizeof_data) |
555 | { | 559 | { |
556 | if (sizeof_data == 0 || data == NULL || crq == NULL) | 560 | if (sizeof_data == 0 || data == NULL || crq == NULL) |
557 | { | 561 | { |
@@ -559,8 +563,8 @@ MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, | |||
559 | } | 563 | } |
560 | 564 | ||
561 | return MHD__gnutls_x509_set_dn_oid (crq->crq, | 565 | return MHD__gnutls_x509_set_dn_oid (crq->crq, |
562 | "certificationRequestInfo.subject", oid, | 566 | "certificationRequestInfo.subject", oid, |
563 | raw_flag, data, sizeof_data); | 567 | raw_flag, data, sizeof_data); |
564 | } | 568 | } |
565 | 569 | ||
566 | /** | 570 | /** |
@@ -575,7 +579,8 @@ MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, | |||
575 | * | 579 | * |
576 | **/ | 580 | **/ |
577 | int | 581 | int |
578 | MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, unsigned int version) | 582 | MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, |
583 | unsigned int version) | ||
579 | { | 584 | { |
580 | int result; | 585 | int result; |
581 | unsigned char null = version; | 586 | unsigned char null = version; |
@@ -590,7 +595,8 @@ MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, unsigned int version | |||
590 | null--; | 595 | null--; |
591 | 596 | ||
592 | result = | 597 | result = |
593 | MHD__asn1_write_value (crq->crq, "certificationRequestInfo.version", &null, 1); | 598 | MHD__asn1_write_value (crq->crq, "certificationRequestInfo.version", |
599 | &null, 1); | ||
594 | if (result != ASN1_SUCCESS) | 600 | if (result != ASN1_SUCCESS) |
595 | { | 601 | { |
596 | MHD_gnutls_assert (); | 602 | MHD_gnutls_assert (); |
@@ -624,7 +630,7 @@ MHD_gnutls_x509_crq_get_version (MHD_gnutls_x509_crq_t crq) | |||
624 | len = sizeof (version); | 630 | len = sizeof (version); |
625 | if ((result = | 631 | if ((result = |
626 | MHD__asn1_read_value (crq->crq, "certificationRequestInfo.version", | 632 | MHD__asn1_read_value (crq->crq, "certificationRequestInfo.version", |
627 | version, &len)) != ASN1_SUCCESS) | 633 | version, &len)) != ASN1_SUCCESS) |
628 | { | 634 | { |
629 | 635 | ||
630 | if (result == ASN1_ELEMENT_NOT_FOUND) | 636 | if (result == ASN1_ELEMENT_NOT_FOUND) |
@@ -648,7 +654,8 @@ MHD_gnutls_x509_crq_get_version (MHD_gnutls_x509_crq_t crq) | |||
648 | * | 654 | * |
649 | **/ | 655 | **/ |
650 | int | 656 | int |
651 | MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t key) | 657 | MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, |
658 | MHD_gnutls_x509_privkey_t key) | ||
652 | { | 659 | { |
653 | int result; | 660 | int result; |
654 | 661 | ||
@@ -659,10 +666,10 @@ MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_ | |||
659 | } | 666 | } |
660 | 667 | ||
661 | result = MHD__gnutls_x509_encode_and_copy_PKI_params (crq->crq, | 668 | result = MHD__gnutls_x509_encode_and_copy_PKI_params (crq->crq, |
662 | "certificationRequestInfo.subjectPKInfo", | 669 | "certificationRequestInfo.subjectPKInfo", |
663 | key->pk_algorithm, | 670 | key->pk_algorithm, |
664 | key->params, | 671 | key->params, |
665 | key->params_size); | 672 | key->params_size); |
666 | 673 | ||
667 | if (result < 0) | 674 | if (result < 0) |
668 | { | 675 | { |
@@ -685,7 +692,7 @@ MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_ | |||
685 | **/ | 692 | **/ |
686 | int | 693 | int |
687 | MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, | 694 | MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, |
688 | const char *pass) | 695 | const char *pass) |
689 | { | 696 | { |
690 | int result; | 697 | int result; |
691 | 698 | ||
@@ -699,7 +706,7 @@ MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, | |||
699 | */ | 706 | */ |
700 | result = | 707 | result = |
701 | MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes", | 708 | MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes", |
702 | "NEW", 1); | 709 | "NEW", 1); |
703 | if (result != ASN1_SUCCESS) | 710 | if (result != ASN1_SUCCESS) |
704 | { | 711 | { |
705 | MHD_gnutls_assert (); | 712 | MHD_gnutls_assert (); |
@@ -708,9 +715,9 @@ MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, | |||
708 | 715 | ||
709 | result = | 716 | result = |
710 | MHD__gnutls_x509_encode_and_write_attribute ("1.2.840.113549.1.9.7", | 717 | MHD__gnutls_x509_encode_and_write_attribute ("1.2.840.113549.1.9.7", |
711 | crq->crq, | 718 | crq->crq, |
712 | "certificationRequestInfo.attributes.?LAST", | 719 | "certificationRequestInfo.attributes.?LAST", |
713 | pass, strlen (pass), 1); | 720 | pass, strlen (pass), 1); |
714 | 721 | ||
715 | if (result < 0) | 722 | if (result < 0) |
716 | { | 723 | { |
@@ -739,8 +746,10 @@ MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, | |||
739 | * | 746 | * |
740 | **/ | 747 | **/ |
741 | int | 748 | int |
742 | MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t key, | 749 | MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, |
743 | enum MHD_GNUTLS_HashAlgorithm dig, unsigned int flags) | 750 | MHD_gnutls_x509_privkey_t key, |
751 | enum MHD_GNUTLS_HashAlgorithm dig, | ||
752 | unsigned int flags) | ||
744 | { | 753 | { |
745 | int result; | 754 | int result; |
746 | MHD_gnutls_datum_t signature; | 755 | MHD_gnutls_datum_t signature; |
@@ -755,7 +764,7 @@ MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t | |||
755 | */ | 764 | */ |
756 | result = | 765 | result = |
757 | MHD__gnutls_x509_sign_tbs (crq->crq, "certificationRequestInfo", | 766 | MHD__gnutls_x509_sign_tbs (crq->crq, "certificationRequestInfo", |
758 | dig, key, &signature); | 767 | dig, key, &signature); |
759 | 768 | ||
760 | if (result < 0) | 769 | if (result < 0) |
761 | { | 770 | { |
@@ -767,7 +776,7 @@ MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t | |||
767 | */ | 776 | */ |
768 | result = | 777 | result = |
769 | MHD__asn1_write_value (crq->crq, "signature", signature.data, | 778 | MHD__asn1_write_value (crq->crq, "signature", signature.data, |
770 | signature.size * 8); | 779 | signature.size * 8); |
771 | 780 | ||
772 | MHD__gnutls_free_datum (&signature); | 781 | MHD__gnutls_free_datum (&signature); |
773 | 782 | ||
@@ -780,8 +789,8 @@ MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t | |||
780 | /* Step 3. Write the signatureAlgorithm field. | 789 | /* Step 3. Write the signatureAlgorithm field. |
781 | */ | 790 | */ |
782 | result = MHD__gnutls_x509_write_sig_params (crq->crq, "signatureAlgorithm", | 791 | result = MHD__gnutls_x509_write_sig_params (crq->crq, "signatureAlgorithm", |
783 | key->pk_algorithm, dig, key->params, | 792 | key->pk_algorithm, dig, |
784 | key->params_size); | 793 | key->params, key->params_size); |
785 | if (result < 0) | 794 | if (result < 0) |
786 | { | 795 | { |
787 | MHD_gnutls_assert (); | 796 | MHD_gnutls_assert (); |
@@ -803,7 +812,8 @@ MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t | |||
803 | * | 812 | * |
804 | **/ | 813 | **/ |
805 | int | 814 | int |
806 | MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t key) | 815 | MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, |
816 | MHD_gnutls_x509_privkey_t key) | ||
807 | { | 817 | { |
808 | return MHD_gnutls_x509_crq_sign2 (crq, key, MHD_GNUTLS_MAC_SHA1, 0); | 818 | return MHD_gnutls_x509_crq_sign2 (crq, key, MHD_GNUTLS_MAC_SHA1, 0); |
809 | } | 819 | } |
@@ -831,8 +841,8 @@ MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t k | |||
831 | **/ | 841 | **/ |
832 | int | 842 | int |
833 | MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, | 843 | MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, |
834 | MHD_gnutls_x509_crt_fmt_t format, void *output_data, | 844 | MHD_gnutls_x509_crt_fmt_t format, |
835 | size_t * output_data_size) | 845 | void *output_data, size_t * output_data_size) |
836 | { | 846 | { |
837 | if (crq == NULL) | 847 | if (crq == NULL) |
838 | { | 848 | { |
@@ -841,7 +851,7 @@ MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, | |||
841 | } | 851 | } |
842 | 852 | ||
843 | return MHD__gnutls_x509_export_int (crq->crq, format, PEM_CRQ, | 853 | return MHD__gnutls_x509_export_int (crq->crq, format, PEM_CRQ, |
844 | output_data, output_data_size); | 854 | output_data, output_data_size); |
845 | } | 855 | } |
846 | 856 | ||
847 | /** | 857 | /** |
@@ -862,7 +872,8 @@ MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, | |||
862 | * | 872 | * |
863 | **/ | 873 | **/ |
864 | int | 874 | int |
865 | MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, unsigned int *bits) | 875 | MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, |
876 | unsigned int *bits) | ||
866 | { | 877 | { |
867 | int result; | 878 | int result; |
868 | 879 | ||
@@ -874,8 +885,8 @@ MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, unsigned int *b | |||
874 | 885 | ||
875 | result = | 886 | result = |
876 | MHD__gnutls_x509_get_pk_algorithm (crq->crq, | 887 | MHD__gnutls_x509_get_pk_algorithm (crq->crq, |
877 | "certificationRequestInfo.subjectPKInfo", | 888 | "certificationRequestInfo.subjectPKInfo", |
878 | bits); | 889 | bits); |
879 | if (result < 0) | 890 | if (result < 0) |
880 | { | 891 | { |
881 | MHD_gnutls_assert (); | 892 | MHD_gnutls_assert (); |
diff --git a/src/daemon/https/x509/dn.c b/src/daemon/https/x509/dn.c index eac31f33..17b4ed76 100644 --- a/src/daemon/https/x509/dn.c +++ b/src/daemon/https/x509/dn.c | |||
@@ -88,8 +88,8 @@ str_escape (char *str, char *buffer, unsigned int buffer_size) | |||
88 | */ | 88 | */ |
89 | int | 89 | int |
90 | MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, | 90 | MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, |
91 | const char *MHD__asn1_rdn_name, char *buf, | 91 | const char *MHD__asn1_rdn_name, char *buf, |
92 | size_t * sizeof_buf) | 92 | size_t * sizeof_buf) |
93 | { | 93 | { |
94 | MHD_gtls_string out_str; | 94 | MHD_gtls_string out_str; |
95 | int k2, k1, result; | 95 | int k2, k1, result; |
@@ -115,7 +115,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, | |||
115 | else | 115 | else |
116 | *sizeof_buf = 0; | 116 | *sizeof_buf = 0; |
117 | 117 | ||
118 | MHD_gtls_string_init (&out_str, MHD_gnutls_malloc, MHD_gnutls_realloc, MHD_gnutls_free); | 118 | MHD_gtls_string_init (&out_str, MHD_gnutls_malloc, MHD_gnutls_realloc, |
119 | MHD_gnutls_free); | ||
119 | 120 | ||
120 | k1 = 0; | 121 | k1 = 0; |
121 | do | 122 | do |
@@ -125,13 +126,14 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, | |||
125 | /* create a string like "tbsCertList.issuer.rdnSequence.?1" | 126 | /* create a string like "tbsCertList.issuer.rdnSequence.?1" |
126 | */ | 127 | */ |
127 | if (MHD__asn1_rdn_name[0] != 0) | 128 | if (MHD__asn1_rdn_name[0] != 0) |
128 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", MHD__asn1_rdn_name, | 129 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", |
129 | k1); | 130 | MHD__asn1_rdn_name, k1); |
130 | else | 131 | else |
131 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); | 132 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); |
132 | 133 | ||
133 | len = sizeof (value) - 1; | 134 | len = sizeof (value) - 1; |
134 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | 135 | result = |
136 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | ||
135 | 137 | ||
136 | if (result == ASN1_ELEMENT_NOT_FOUND) | 138 | if (result == ASN1_ELEMENT_NOT_FOUND) |
137 | { | 139 | { |
@@ -162,7 +164,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, | |||
162 | */ | 164 | */ |
163 | 165 | ||
164 | len = sizeof (value) - 1; | 166 | len = sizeof (value) - 1; |
165 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); | 167 | result = |
168 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); | ||
166 | 169 | ||
167 | if (result == ASN1_ELEMENT_NOT_FOUND) | 170 | if (result == ASN1_ELEMENT_NOT_FOUND) |
168 | break; | 171 | break; |
@@ -179,7 +182,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, | |||
179 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); | 182 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); |
180 | 183 | ||
181 | len = sizeof (oid) - 1; | 184 | len = sizeof (oid) - 1; |
182 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); | 185 | result = |
186 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); | ||
183 | 187 | ||
184 | if (result == ASN1_ELEMENT_NOT_FOUND) | 188 | if (result == ASN1_ELEMENT_NOT_FOUND) |
185 | break; | 189 | break; |
@@ -196,7 +200,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, | |||
196 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".value"); | 200 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".value"); |
197 | 201 | ||
198 | len = 0; | 202 | len = 0; |
199 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, NULL, &len); | 203 | result = |
204 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, NULL, &len); | ||
200 | 205 | ||
201 | value2 = MHD_gnutls_malloc (len); | 206 | value2 = MHD_gnutls_malloc (len); |
202 | if (value2 == NULL) | 207 | if (value2 == NULL) |
@@ -206,7 +211,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, | |||
206 | goto cleanup; | 211 | goto cleanup; |
207 | } | 212 | } |
208 | 213 | ||
209 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value2, &len); | 214 | result = |
215 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value2, &len); | ||
210 | 216 | ||
211 | if (result != ASN1_SUCCESS) | 217 | if (result != ASN1_SUCCESS) |
212 | { | 218 | { |
@@ -268,12 +274,14 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, | |||
268 | if (printable) | 274 | if (printable) |
269 | result = | 275 | result = |
270 | MHD__gnutls_x509_oid_data2string (oid, | 276 | MHD__gnutls_x509_oid_data2string (oid, |
271 | value2, len, | 277 | value2, len, |
272 | string, &sizeof_string); | 278 | string, &sizeof_string); |
273 | 279 | ||
274 | if (!printable || result < 0) | 280 | if (!printable || result < 0) |
275 | result = | 281 | result = |
276 | MHD__gnutls_x509_data2hex ((const unsigned char*) value2, len, (unsigned char*) string, &sizeof_string); | 282 | MHD__gnutls_x509_data2hex ((const unsigned char *) value2, len, |
283 | (unsigned char *) string, | ||
284 | &sizeof_string); | ||
277 | 285 | ||
278 | if (result < 0) | 286 | if (result < 0) |
279 | { | 287 | { |
@@ -338,10 +346,10 @@ cleanup: | |||
338 | */ | 346 | */ |
339 | int | 347 | int |
340 | MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, | 348 | MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, |
341 | const char *MHD__asn1_rdn_name, | 349 | const char *MHD__asn1_rdn_name, |
342 | const char *given_oid, int indx, | 350 | const char *given_oid, int indx, |
343 | unsigned int raw_flag, | 351 | unsigned int raw_flag, |
344 | void *buf, size_t * sizeof_buf) | 352 | void *buf, size_t * sizeof_buf) |
345 | { | 353 | { |
346 | int k2, k1, result; | 354 | int k2, k1, result; |
347 | char tmpbuffer1[MAX_NAME_SIZE]; | 355 | char tmpbuffer1[MAX_NAME_SIZE]; |
@@ -366,13 +374,14 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
366 | /* create a string like "tbsCertList.issuer.rdnSequence.?1" | 374 | /* create a string like "tbsCertList.issuer.rdnSequence.?1" |
367 | */ | 375 | */ |
368 | if (MHD__asn1_rdn_name[0] != 0) | 376 | if (MHD__asn1_rdn_name[0] != 0) |
369 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", MHD__asn1_rdn_name, | 377 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", |
370 | k1); | 378 | MHD__asn1_rdn_name, k1); |
371 | else | 379 | else |
372 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); | 380 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); |
373 | 381 | ||
374 | len = sizeof (value) - 1; | 382 | len = sizeof (value) - 1; |
375 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | 383 | result = |
384 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | ||
376 | 385 | ||
377 | if (result == ASN1_ELEMENT_NOT_FOUND) | 386 | if (result == ASN1_ELEMENT_NOT_FOUND) |
378 | { | 387 | { |
@@ -404,7 +413,8 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
404 | */ | 413 | */ |
405 | 414 | ||
406 | len = sizeof (value) - 1; | 415 | len = sizeof (value) - 1; |
407 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); | 416 | result = |
417 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); | ||
408 | 418 | ||
409 | if (result == ASN1_ELEMENT_NOT_FOUND) | 419 | if (result == ASN1_ELEMENT_NOT_FOUND) |
410 | { | 420 | { |
@@ -423,7 +433,8 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
423 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); | 433 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); |
424 | 434 | ||
425 | len = sizeof (oid) - 1; | 435 | len = sizeof (oid) - 1; |
426 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); | 436 | result = |
437 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); | ||
427 | 438 | ||
428 | if (result == ASN1_ELEMENT_NOT_FOUND) | 439 | if (result == ASN1_ELEMENT_NOT_FOUND) |
429 | break; | 440 | break; |
@@ -443,7 +454,9 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
443 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".value"); | 454 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".value"); |
444 | 455 | ||
445 | len = *sizeof_buf; | 456 | len = *sizeof_buf; |
446 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, buf, &len); | 457 | result = |
458 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, buf, | ||
459 | &len); | ||
447 | 460 | ||
448 | if (result != ASN1_SUCCESS) | 461 | if (result != ASN1_SUCCESS) |
449 | { | 462 | { |
@@ -474,10 +487,12 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
474 | if (printable == 1) | 487 | if (printable == 1) |
475 | result = | 488 | result = |
476 | MHD__gnutls_x509_oid_data2string (oid, buf, len, | 489 | MHD__gnutls_x509_oid_data2string (oid, buf, len, |
477 | cbuf, sizeof_buf); | 490 | cbuf, sizeof_buf); |
478 | else | 491 | else |
479 | result = | 492 | result = |
480 | MHD__gnutls_x509_data2hex (buf, len, (unsigned char*) cbuf, sizeof_buf); | 493 | MHD__gnutls_x509_data2hex (buf, len, |
494 | (unsigned char *) cbuf, | ||
495 | sizeof_buf); | ||
481 | 496 | ||
482 | if (result < 0) | 497 | if (result < 0) |
483 | { | 498 | { |
@@ -515,8 +530,8 @@ cleanup: | |||
515 | */ | 530 | */ |
516 | int | 531 | int |
517 | MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, | 532 | MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, |
518 | const char *MHD__asn1_rdn_name, | 533 | const char *MHD__asn1_rdn_name, |
519 | int indx, void *_oid, size_t * sizeof_oid) | 534 | int indx, void *_oid, size_t * sizeof_oid) |
520 | { | 535 | { |
521 | int k2, k1, result; | 536 | int k2, k1, result; |
522 | char tmpbuffer1[MAX_NAME_SIZE]; | 537 | char tmpbuffer1[MAX_NAME_SIZE]; |
@@ -535,13 +550,14 @@ MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
535 | /* create a string like "tbsCertList.issuer.rdnSequence.?1" | 550 | /* create a string like "tbsCertList.issuer.rdnSequence.?1" |
536 | */ | 551 | */ |
537 | if (MHD__asn1_rdn_name[0] != 0) | 552 | if (MHD__asn1_rdn_name[0] != 0) |
538 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", MHD__asn1_rdn_name, | 553 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", |
539 | k1); | 554 | MHD__asn1_rdn_name, k1); |
540 | else | 555 | else |
541 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); | 556 | snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); |
542 | 557 | ||
543 | len = sizeof (value) - 1; | 558 | len = sizeof (value) - 1; |
544 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | 559 | result = |
560 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); | ||
545 | 561 | ||
546 | if (result == ASN1_ELEMENT_NOT_FOUND) | 562 | if (result == ASN1_ELEMENT_NOT_FOUND) |
547 | { | 563 | { |
@@ -573,7 +589,8 @@ MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
573 | */ | 589 | */ |
574 | 590 | ||
575 | len = sizeof (value) - 1; | 591 | len = sizeof (value) - 1; |
576 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); | 592 | result = |
593 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); | ||
577 | 594 | ||
578 | if (result == ASN1_ELEMENT_NOT_FOUND) | 595 | if (result == ASN1_ELEMENT_NOT_FOUND) |
579 | { | 596 | { |
@@ -592,7 +609,8 @@ MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
592 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); | 609 | MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); |
593 | 610 | ||
594 | len = sizeof (oid) - 1; | 611 | len = sizeof (oid) - 1; |
595 | result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); | 612 | result = |
613 | MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); | ||
596 | 614 | ||
597 | if (result == ASN1_ELEMENT_NOT_FOUND) | 615 | if (result == ASN1_ELEMENT_NOT_FOUND) |
598 | break; | 616 | break; |
@@ -640,10 +658,10 @@ cleanup: | |||
640 | */ | 658 | */ |
641 | int | 659 | int |
642 | MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, | 660 | MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, |
643 | ASN1_TYPE MHD__asn1_struct, | 661 | ASN1_TYPE MHD__asn1_struct, |
644 | const char *where, | 662 | const char *where, |
645 | const void *_data, | 663 | const void *_data, |
646 | int sizeof_data, int multi) | 664 | int sizeof_data, int multi) |
647 | { | 665 | { |
648 | const char *val_name; | 666 | const char *val_name; |
649 | const opaque *data = _data; | 667 | const opaque *data = _data; |
@@ -654,7 +672,8 @@ MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, | |||
654 | 672 | ||
655 | /* Find how to encode the data. | 673 | /* Find how to encode the data. |
656 | */ | 674 | */ |
657 | val_name = MHD__asn1_find_structure_from_oid (MHD__gnutls_get_pkix (), given_oid); | 675 | val_name = |
676 | MHD__asn1_find_structure_from_oid (MHD__gnutls_get_pkix (), given_oid); | ||
658 | if (val_name == NULL) | 677 | if (val_name == NULL) |
659 | { | 678 | { |
660 | MHD_gnutls_assert (); | 679 | MHD_gnutls_assert (); |
@@ -736,7 +755,8 @@ MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, | |||
736 | 755 | ||
737 | } | 756 | } |
738 | 757 | ||
739 | result = MHD__gnutls_x509_der_encode_and_copy (c2, "", MHD__asn1_struct, tmp, 0); | 758 | result = |
759 | MHD__gnutls_x509_der_encode_and_copy (c2, "", MHD__asn1_struct, tmp, 0); | ||
740 | if (result < 0) | 760 | if (result < 0) |
741 | { | 761 | { |
742 | MHD_gnutls_assert (); | 762 | MHD_gnutls_assert (); |
@@ -763,8 +783,9 @@ MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, | |||
763 | */ | 783 | */ |
764 | static int | 784 | static int |
765 | MHD__gnutls_x509_write_attribute (const char *given_oid, | 785 | MHD__gnutls_x509_write_attribute (const char *given_oid, |
766 | ASN1_TYPE MHD__asn1_struct, const char *where, | 786 | ASN1_TYPE MHD__asn1_struct, |
767 | const void *_data, int sizeof_data) | 787 | const char *where, const void *_data, |
788 | int sizeof_data) | ||
768 | { | 789 | { |
769 | char tmp[128]; | 790 | char tmp[128]; |
770 | int result; | 791 | int result; |
@@ -808,9 +829,10 @@ MHD__gnutls_x509_write_attribute (const char *given_oid, | |||
808 | */ | 829 | */ |
809 | int | 830 | int |
810 | MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, | 831 | MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, |
811 | const char *where, char *oid, | 832 | const char *where, char *oid, |
812 | int oid_size, MHD_gnutls_datum_t * value, | 833 | int oid_size, |
813 | int multi, int octet_string) | 834 | MHD_gnutls_datum_t * value, |
835 | int multi, int octet_string) | ||
814 | { | 836 | { |
815 | char tmpbuffer[128]; | 837 | char tmpbuffer[128]; |
816 | int len, result; | 838 | int len, result; |
@@ -840,7 +862,8 @@ MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, | |||
840 | MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), "s.?1"); /* .values.?1 */ | 862 | MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), "s.?1"); /* .values.?1 */ |
841 | 863 | ||
842 | result = | 864 | result = |
843 | MHD__gnutls_x509_read_value (MHD__asn1_struct, tmpbuffer, value, octet_string); | 865 | MHD__gnutls_x509_read_value (MHD__asn1_struct, tmpbuffer, value, |
866 | octet_string); | ||
844 | if (result < 0) | 867 | if (result < 0) |
845 | { | 868 | { |
846 | MHD_gnutls_assert (); | 869 | MHD_gnutls_assert (); |
@@ -860,8 +883,9 @@ MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, | |||
860 | */ | 883 | */ |
861 | int | 884 | int |
862 | MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, | 885 | MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, |
863 | const char *MHD__asn1_name, const char *given_oid, | 886 | const char *MHD__asn1_name, |
864 | int raw_flag, const char *name, int sizeof_name) | 887 | const char *given_oid, int raw_flag, |
888 | const char *name, int sizeof_name) | ||
865 | { | 889 | { |
866 | int result; | 890 | int result; |
867 | char tmp[MAX_NAME_SIZE], MHD__asn1_rdn_name[MAX_NAME_SIZE]; | 891 | char tmp[MAX_NAME_SIZE], MHD__asn1_rdn_name[MAX_NAME_SIZE]; |
@@ -874,19 +898,24 @@ MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
874 | 898 | ||
875 | /* create the rdnSequence | 899 | /* create the rdnSequence |
876 | */ | 900 | */ |
877 | result = MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_name, "rdnSequence", 1); | 901 | result = |
902 | MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_name, "rdnSequence", | ||
903 | 1); | ||
878 | if (result != ASN1_SUCCESS) | 904 | if (result != ASN1_SUCCESS) |
879 | { | 905 | { |
880 | MHD_gnutls_assert (); | 906 | MHD_gnutls_assert (); |
881 | return MHD_gtls_asn2err (result); | 907 | return MHD_gtls_asn2err (result); |
882 | } | 908 | } |
883 | 909 | ||
884 | MHD_gtls_str_cpy (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), MHD__asn1_name); | 910 | MHD_gtls_str_cpy (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), |
885 | MHD_gtls_str_cat (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), ".rdnSequence"); | 911 | MHD__asn1_name); |
912 | MHD_gtls_str_cat (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), | ||
913 | ".rdnSequence"); | ||
886 | 914 | ||
887 | /* create a new element | 915 | /* create a new element |
888 | */ | 916 | */ |
889 | result = MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_rdn_name, "NEW", 1); | 917 | result = |
918 | MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_rdn_name, "NEW", 1); | ||
890 | if (result != ASN1_SUCCESS) | 919 | if (result != ASN1_SUCCESS) |
891 | { | 920 | { |
892 | MHD_gnutls_assert (); | 921 | MHD_gnutls_assert (); |
@@ -915,14 +944,15 @@ MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
915 | { | 944 | { |
916 | result = | 945 | result = |
917 | MHD__gnutls_x509_encode_and_write_attribute (given_oid, | 946 | MHD__gnutls_x509_encode_and_write_attribute (given_oid, |
918 | MHD__asn1_struct, | 947 | MHD__asn1_struct, |
919 | tmp, name, sizeof_name, 0); | 948 | tmp, name, sizeof_name, |
949 | 0); | ||
920 | } | 950 | } |
921 | else | 951 | else |
922 | { | 952 | { |
923 | result = | 953 | result = |
924 | MHD__gnutls_x509_write_attribute (given_oid, MHD__asn1_struct, | 954 | MHD__gnutls_x509_write_attribute (given_oid, MHD__asn1_struct, |
925 | tmp, name, sizeof_name); | 955 | tmp, name, sizeof_name); |
926 | } | 956 | } |
927 | 957 | ||
928 | if (result < 0) | 958 | if (result < 0) |
@@ -952,7 +982,7 @@ MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, | |||
952 | **/ | 982 | **/ |
953 | int | 983 | int |
954 | MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, | 984 | MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, |
955 | char *buf, size_t * sizeof_buf) | 985 | char *buf, size_t * sizeof_buf) |
956 | { | 986 | { |
957 | int result; | 987 | int result; |
958 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; | 988 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; |
@@ -969,7 +999,7 @@ MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, | |||
969 | 999 | ||
970 | if ((result = | 1000 | if ((result = |
971 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 1001 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
972 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) | 1002 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) |
973 | { | 1003 | { |
974 | MHD_gnutls_assert (); | 1004 | MHD_gnutls_assert (); |
975 | return MHD_gtls_asn2err (result); | 1005 | return MHD_gtls_asn2err (result); |
@@ -1010,9 +1040,10 @@ MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, | |||
1010 | * | 1040 | * |
1011 | **/ | 1041 | **/ |
1012 | int | 1042 | int |
1013 | MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, const char *oid, | 1043 | MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, |
1014 | int indx, unsigned int raw_flag, | 1044 | const char *oid, int indx, |
1015 | void *buf, size_t * sizeof_buf) | 1045 | unsigned int raw_flag, void *buf, |
1046 | size_t * sizeof_buf) | ||
1016 | { | 1047 | { |
1017 | int result; | 1048 | int result; |
1018 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; | 1049 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; |
@@ -1024,7 +1055,7 @@ MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, const char *oid, | |||
1024 | 1055 | ||
1025 | if ((result = | 1056 | if ((result = |
1026 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 1057 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
1027 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) | 1058 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) |
1028 | { | 1059 | { |
1029 | MHD_gnutls_assert (); | 1060 | MHD_gnutls_assert (); |
1030 | return MHD_gtls_asn2err (result); | 1061 | return MHD_gtls_asn2err (result); |
@@ -1041,7 +1072,7 @@ MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, const char *oid, | |||
1041 | 1072 | ||
1042 | result = | 1073 | result = |
1043 | MHD__gnutls_x509_parse_dn_oid (dn, "rdnSequence", oid, indx, | 1074 | MHD__gnutls_x509_parse_dn_oid (dn, "rdnSequence", oid, indx, |
1044 | raw_flag, buf, sizeof_buf); | 1075 | raw_flag, buf, sizeof_buf); |
1045 | 1076 | ||
1046 | MHD__asn1_delete_structure (&dn); | 1077 | MHD__asn1_delete_structure (&dn); |
1047 | return result; | 1078 | return result; |
@@ -1064,7 +1095,7 @@ MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, const char *oid, | |||
1064 | **/ | 1095 | **/ |
1065 | int | 1096 | int |
1066 | MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, | 1097 | MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, |
1067 | int indx, void *buf, size_t * sizeof_buf) | 1098 | int indx, void *buf, size_t * sizeof_buf) |
1068 | { | 1099 | { |
1069 | int result; | 1100 | int result; |
1070 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; | 1101 | ASN1_TYPE dn = ASN1_TYPE_EMPTY; |
@@ -1076,7 +1107,7 @@ MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, | |||
1076 | 1107 | ||
1077 | if ((result = | 1108 | if ((result = |
1078 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 1109 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
1079 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) | 1110 | "PKIX1.Name", &dn)) != ASN1_SUCCESS) |
1080 | { | 1111 | { |
1081 | MHD_gnutls_assert (); | 1112 | MHD_gnutls_assert (); |
1082 | return MHD_gtls_asn2err (result); | 1113 | return MHD_gtls_asn2err (result); |
@@ -1091,7 +1122,8 @@ MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, | |||
1091 | return MHD_gtls_asn2err (result); | 1122 | return MHD_gtls_asn2err (result); |
1092 | } | 1123 | } |
1093 | 1124 | ||
1094 | result = MHD__gnutls_x509_get_dn_oid (dn, "rdnSequence", indx, buf, sizeof_buf); | 1125 | result = |
1126 | MHD__gnutls_x509_get_dn_oid (dn, "rdnSequence", indx, buf, sizeof_buf); | ||
1095 | 1127 | ||
1096 | MHD__asn1_delete_structure (&dn); | 1128 | MHD__asn1_delete_structure (&dn); |
1097 | return result; | 1129 | return result; |
@@ -1108,7 +1140,7 @@ MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, | |||
1108 | */ | 1140 | */ |
1109 | int | 1141 | int |
1110 | MHD__gnutls_x509_compare_raw_dn (const MHD_gnutls_datum_t * dn1, | 1142 | MHD__gnutls_x509_compare_raw_dn (const MHD_gnutls_datum_t * dn1, |
1111 | const MHD_gnutls_datum_t * dn2) | 1143 | const MHD_gnutls_datum_t * dn2) |
1112 | { | 1144 | { |
1113 | 1145 | ||
1114 | if (dn1->size != dn2->size) | 1146 | if (dn1->size != dn2->size) |
diff --git a/src/daemon/https/x509/dn.h b/src/daemon/https/x509/dn.h index 04352b10..a0c6ac45 100644 --- a/src/daemon/https/x509/dn.h +++ b/src/daemon/https/x509/dn.h | |||
@@ -38,21 +38,23 @@ | |||
38 | #define OID_PKCS9_EMAIL "1.2.840.113549.1.9.1" | 38 | #define OID_PKCS9_EMAIL "1.2.840.113549.1.9.1" |
39 | 39 | ||
40 | int MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, | 40 | int MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, |
41 | const char *MHD__asn1_rdn_name, char *buf, | 41 | const char *MHD__asn1_rdn_name, char *buf, |
42 | size_t * sizeof_buf); | 42 | size_t * sizeof_buf); |
43 | 43 | ||
44 | int MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, | 44 | int MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, |
45 | const char *MHD__asn1_rdn_name, const char *oid, | 45 | const char *MHD__asn1_rdn_name, |
46 | int indx, unsigned int raw_flag, void *buf, | 46 | const char *oid, int indx, |
47 | size_t * sizeof_buf); | 47 | unsigned int raw_flag, void *buf, |
48 | size_t * sizeof_buf); | ||
48 | 49 | ||
49 | int MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, | 50 | int MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, |
50 | const char *MHD__asn1_rdn_name, const char *oid, | 51 | const char *MHD__asn1_rdn_name, |
51 | int raw_flag, const char *name, int sizeof_name); | 52 | const char *oid, int raw_flag, |
53 | const char *name, int sizeof_name); | ||
52 | 54 | ||
53 | int MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, | 55 | int MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, |
54 | const char *MHD__asn1_rdn_name, | 56 | const char *MHD__asn1_rdn_name, |
55 | int indx, void *_oid, size_t * sizeof_oid); | 57 | int indx, void *_oid, size_t * sizeof_oid); |
56 | 58 | ||
57 | 59 | ||
58 | #endif | 60 | #endif |
diff --git a/src/daemon/https/x509/dsa.h b/src/daemon/https/x509/dsa.h index bed87a7d..bda01f83 100644 --- a/src/daemon/https/x509/dsa.h +++ b/src/daemon/https/x509/dsa.h | |||
@@ -22,4 +22,5 @@ | |||
22 | * | 22 | * |
23 | */ | 23 | */ |
24 | 24 | ||
25 | int MHD__gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len, int bits); | 25 | int MHD__gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len, |
26 | int bits); | ||
diff --git a/src/daemon/https/x509/extensions.c b/src/daemon/https/x509/extensions.c index 8bf36000..3b8bf494 100644 --- a/src/daemon/https/x509/extensions.c +++ b/src/daemon/https/x509/extensions.c | |||
@@ -46,8 +46,9 @@ | |||
46 | */ | 46 | */ |
47 | int | 47 | int |
48 | MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert, | 48 | MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert, |
49 | const char *extension_id, int indx, | 49 | const char *extension_id, int indx, |
50 | MHD_gnutls_datum_t * ret, unsigned int *_critical) | 50 | MHD_gnutls_datum_t * ret, |
51 | unsigned int *_critical) | ||
51 | { | 52 | { |
52 | int k, result, len; | 53 | int k, result, len; |
53 | char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE]; | 54 | char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE]; |
@@ -136,7 +137,8 @@ MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert, | |||
136 | MHD_gtls_str_cpy (name2, sizeof (name2), name); | 137 | MHD_gtls_str_cpy (name2, sizeof (name2), name); |
137 | MHD_gtls_str_cat (name2, sizeof (name2), ".extnValue"); | 138 | MHD_gtls_str_cat (name2, sizeof (name2), ".extnValue"); |
138 | 139 | ||
139 | result = MHD__gnutls_x509_read_value (cert->cert, name2, &value, 0); | 140 | result = |
141 | MHD__gnutls_x509_read_value (cert->cert, name2, &value, 0); | ||
140 | if (result < 0) | 142 | if (result < 0) |
141 | { | 143 | { |
142 | MHD_gnutls_assert (); | 144 | MHD_gnutls_assert (); |
@@ -177,7 +179,8 @@ MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert, | |||
177 | */ | 179 | */ |
178 | int | 180 | int |
179 | MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert, | 181 | MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert, |
180 | int indx, void *oid, size_t * sizeof_oid) | 182 | int indx, void *oid, |
183 | size_t * sizeof_oid) | ||
181 | { | 184 | { |
182 | int k, result, len; | 185 | int k, result, len; |
183 | char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE]; | 186 | char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE]; |
@@ -264,7 +267,7 @@ MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert, | |||
264 | */ | 267 | */ |
265 | int | 268 | int |
266 | MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage, | 269 | MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage, |
267 | opaque * extnValue, int extnValueLen) | 270 | opaque * extnValue, int extnValueLen) |
268 | { | 271 | { |
269 | ASN1_TYPE ext = ASN1_TYPE_EMPTY; | 272 | ASN1_TYPE ext = ASN1_TYPE_EMPTY; |
270 | int len, result; | 273 | int len, result; |
@@ -309,16 +312,17 @@ MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage, | |||
309 | */ | 312 | */ |
310 | int | 313 | int |
311 | MHD__gnutls_x509_ext_extract_basicConstraints (int *CA, | 314 | MHD__gnutls_x509_ext_extract_basicConstraints (int *CA, |
312 | int *pathLenConstraint, | 315 | int *pathLenConstraint, |
313 | opaque * extnValue, | 316 | opaque * extnValue, |
314 | int extnValueLen) | 317 | int extnValueLen) |
315 | { | 318 | { |
316 | ASN1_TYPE ext = ASN1_TYPE_EMPTY; | 319 | ASN1_TYPE ext = ASN1_TYPE_EMPTY; |
317 | char str[128]; | 320 | char str[128]; |
318 | int len, result; | 321 | int len, result; |
319 | 322 | ||
320 | if ((result = MHD__asn1_create_element | 323 | if ((result = MHD__asn1_create_element |
321 | (MHD__gnutls_get_pkix (), "PKIX1.BasicConstraints", &ext)) != ASN1_SUCCESS) | 324 | (MHD__gnutls_get_pkix (), "PKIX1.BasicConstraints", |
325 | &ext)) != ASN1_SUCCESS) | ||
322 | { | 326 | { |
323 | MHD_gnutls_assert (); | 327 | MHD_gnutls_assert (); |
324 | return MHD_gtls_asn2err (result); | 328 | return MHD_gtls_asn2err (result); |
@@ -335,7 +339,8 @@ MHD__gnutls_x509_ext_extract_basicConstraints (int *CA, | |||
335 | if (pathLenConstraint) | 339 | if (pathLenConstraint) |
336 | { | 340 | { |
337 | result = MHD__gnutls_x509_read_uint (ext, "pathLenConstraint", | 341 | result = MHD__gnutls_x509_read_uint (ext, "pathLenConstraint", |
338 | (unsigned int*) pathLenConstraint); | 342 | (unsigned int *) |
343 | pathLenConstraint); | ||
339 | if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) | 344 | if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) |
340 | *pathLenConstraint = -1; | 345 | *pathLenConstraint = -1; |
341 | else if (result != GNUTLS_E_SUCCESS) | 346 | else if (result != GNUTLS_E_SUCCESS) |
diff --git a/src/daemon/https/x509/extensions.h b/src/daemon/https/x509/extensions.h index a124290e..fe4372f8 100644 --- a/src/daemon/https/x509/extensions.h +++ b/src/daemon/https/x509/extensions.h | |||
@@ -23,16 +23,17 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | int MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert, | 25 | int MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert, |
26 | const char *extension_id, int indx, | 26 | const char *extension_id, int indx, |
27 | MHD_gnutls_datum_t * ret, | 27 | MHD_gnutls_datum_t * ret, |
28 | unsigned int *critical); | 28 | unsigned int *critical); |
29 | 29 | ||
30 | int MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert, | 30 | int MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert, |
31 | int indx, void *ret, | 31 | int indx, void *ret, |
32 | size_t * ret_size); | 32 | size_t * ret_size); |
33 | int MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage, | 33 | int MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage, |
34 | opaque * extnValue, int extnValueLen); | 34 | opaque * extnValue, |
35 | int extnValueLen); | ||
35 | int MHD__gnutls_x509_ext_extract_basicConstraints (int *CA, | 36 | int MHD__gnutls_x509_ext_extract_basicConstraints (int *CA, |
36 | int *pathLenConstraint, | 37 | int *pathLenConstraint, |
37 | opaque * extnValue, | 38 | opaque * extnValue, |
38 | int extnValueLen); | 39 | int extnValueLen); |
diff --git a/src/daemon/https/x509/mpi.c b/src/daemon/https/x509/mpi.c index 4e3c8cd1..76995fdb 100644 --- a/src/daemon/https/x509/mpi.c +++ b/src/daemon/https/x509/mpi.c | |||
@@ -44,8 +44,9 @@ MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize, mpi_t * params) | |||
44 | ASN1_TYPE spk = ASN1_TYPE_EMPTY; | 44 | ASN1_TYPE spk = ASN1_TYPE_EMPTY; |
45 | 45 | ||
46 | if ((result = | 46 | if ((result = |
47 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.RSAPublicKey", | 47 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
48 | &spk)) != ASN1_SUCCESS) | 48 | "GNUTLS.RSAPublicKey", |
49 | &spk)) != ASN1_SUCCESS) | ||
49 | { | 50 | { |
50 | MHD_gnutls_assert (); | 51 | MHD_gnutls_assert (); |
51 | return MHD_gtls_asn2err (result); | 52 | return MHD_gtls_asn2err (result); |
@@ -94,7 +95,7 @@ MHD__gnutls_x509_read_dsa_params (opaque * der, int dersize, mpi_t * params) | |||
94 | 95 | ||
95 | if ((result = | 96 | if ((result = |
96 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.Dss-Parms", | 97 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.Dss-Parms", |
97 | &spk)) != ASN1_SUCCESS) | 98 | &spk)) != ASN1_SUCCESS) |
98 | { | 99 | { |
99 | MHD_gnutls_assert (); | 100 | MHD_gnutls_assert (); |
100 | return MHD_gtls_asn2err (result); | 101 | return MHD_gtls_asn2err (result); |
@@ -161,8 +162,9 @@ MHD__gnutls_x509_read_der_int (opaque * der, int dersize, mpi_t * out) | |||
161 | 162 | ||
162 | /* == INTEGER */ | 163 | /* == INTEGER */ |
163 | if ((result = | 164 | if ((result = |
164 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.DSAPublicKey", | 165 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
165 | &spk)) != ASN1_SUCCESS) | 166 | "GNUTLS.DSAPublicKey", |
167 | &spk)) != ASN1_SUCCESS) | ||
166 | { | 168 | { |
167 | MHD_gnutls_assert (); | 169 | MHD_gnutls_assert (); |
168 | return MHD_gtls_asn2err (result); | 170 | return MHD_gtls_asn2err (result); |
@@ -206,7 +208,7 @@ MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, mpi_t * params) | |||
206 | */ | 208 | */ |
207 | int | 209 | int |
208 | MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert, | 210 | MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert, |
209 | mpi_t * params, int *params_size) | 211 | mpi_t * params, int *params_size) |
210 | { | 212 | { |
211 | int result; | 213 | int result; |
212 | int pk_algorithm; | 214 | int pk_algorithm; |
@@ -220,8 +222,8 @@ MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert, | |||
220 | */ | 222 | */ |
221 | result | 223 | result |
222 | = MHD__gnutls_x509_read_value (cert->cert, | 224 | = MHD__gnutls_x509_read_value (cert->cert, |
223 | "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey", | 225 | "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey", |
224 | &tmp, 2); | 226 | &tmp, 2); |
225 | 227 | ||
226 | if (result < 0) | 228 | if (result < 0) |
227 | { | 229 | { |
@@ -276,7 +278,7 @@ error:MHD__gnutls_free_datum (&tmp); | |||
276 | */ | 278 | */ |
277 | int | 279 | int |
278 | MHD__gnutls_x509_write_rsa_params (mpi_t * params, | 280 | MHD__gnutls_x509_write_rsa_params (mpi_t * params, |
279 | int params_size, MHD_gnutls_datum_t * der) | 281 | int params_size, MHD_gnutls_datum_t * der) |
280 | { | 282 | { |
281 | int result; | 283 | int result; |
282 | ASN1_TYPE spk = ASN1_TYPE_EMPTY; | 284 | ASN1_TYPE spk = ASN1_TYPE_EMPTY; |
@@ -292,8 +294,9 @@ MHD__gnutls_x509_write_rsa_params (mpi_t * params, | |||
292 | } | 294 | } |
293 | 295 | ||
294 | if ((result = | 296 | if ((result = |
295 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.RSAPublicKey", | 297 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
296 | &spk)) != ASN1_SUCCESS) | 298 | "GNUTLS.RSAPublicKey", |
299 | &spk)) != ASN1_SUCCESS) | ||
297 | { | 300 | { |
298 | MHD_gnutls_assert (); | 301 | MHD_gnutls_assert (); |
299 | return MHD_gtls_asn2err (result); | 302 | return MHD_gtls_asn2err (result); |
@@ -334,11 +337,11 @@ cleanup:MHD__asn1_delete_structure (&spk); | |||
334 | */ | 337 | */ |
335 | int | 338 | int |
336 | MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst, | 339 | MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst, |
337 | const char *dst_name, | 340 | const char *dst_name, |
338 | enum MHD_GNUTLS_PublicKeyAlgorithm | 341 | enum MHD_GNUTLS_PublicKeyAlgorithm |
339 | pk_algorithm, | 342 | pk_algorithm, |
340 | enum MHD_GNUTLS_HashAlgorithm dig, | 343 | enum MHD_GNUTLS_HashAlgorithm dig, |
341 | mpi_t * params, int params_size) | 344 | mpi_t * params, int params_size) |
342 | { | 345 | { |
343 | int result; | 346 | int result; |
344 | char name[128]; | 347 | char name[128]; |
@@ -391,7 +394,7 @@ MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst, | |||
391 | */ | 394 | */ |
392 | int | 395 | int |
393 | MHD__gnutls_x509_write_dsa_params (mpi_t * params, | 396 | MHD__gnutls_x509_write_dsa_params (mpi_t * params, |
394 | int params_size, MHD_gnutls_datum_t * der) | 397 | int params_size, MHD_gnutls_datum_t * der) |
395 | { | 398 | { |
396 | int result; | 399 | int result; |
397 | ASN1_TYPE spk = ASN1_TYPE_EMPTY; | 400 | ASN1_TYPE spk = ASN1_TYPE_EMPTY; |
@@ -407,8 +410,9 @@ MHD__gnutls_x509_write_dsa_params (mpi_t * params, | |||
407 | } | 410 | } |
408 | 411 | ||
409 | if ((result = | 412 | if ((result = |
410 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.DSAParameters", | 413 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
411 | &spk)) != ASN1_SUCCESS) | 414 | "GNUTLS.DSAParameters", |
415 | &spk)) != ASN1_SUCCESS) | ||
412 | { | 416 | { |
413 | MHD_gnutls_assert (); | 417 | MHD_gnutls_assert (); |
414 | return MHD_gtls_asn2err (result); | 418 | return MHD_gtls_asn2err (result); |
@@ -456,7 +460,8 @@ cleanup:MHD__asn1_delete_structure (&spk); | |||
456 | */ | 460 | */ |
457 | int | 461 | int |
458 | MHD__gnutls_x509_write_dsa_public_key (mpi_t * params, | 462 | MHD__gnutls_x509_write_dsa_public_key (mpi_t * params, |
459 | int params_size, MHD_gnutls_datum_t * der) | 463 | int params_size, |
464 | MHD_gnutls_datum_t * der) | ||
460 | { | 465 | { |
461 | int result; | 466 | int result; |
462 | ASN1_TYPE spk = ASN1_TYPE_EMPTY; | 467 | ASN1_TYPE spk = ASN1_TYPE_EMPTY; |
@@ -472,8 +477,9 @@ MHD__gnutls_x509_write_dsa_public_key (mpi_t * params, | |||
472 | } | 477 | } |
473 | 478 | ||
474 | if ((result = | 479 | if ((result = |
475 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.DSAPublicKey", | 480 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
476 | &spk)) != ASN1_SUCCESS) | 481 | "GNUTLS.DSAPublicKey", |
482 | &spk)) != ASN1_SUCCESS) | ||
477 | { | 483 | { |
478 | MHD_gnutls_assert (); | 484 | MHD_gnutls_assert (); |
479 | return MHD_gtls_asn2err (result); | 485 | return MHD_gtls_asn2err (result); |
@@ -505,7 +511,8 @@ cleanup:MHD__asn1_delete_structure (&spk); | |||
505 | * steps. | 511 | * steps. |
506 | */ | 512 | */ |
507 | int | 513 | int |
508 | MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value, unsigned int *ret) | 514 | MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value, |
515 | unsigned int *ret) | ||
509 | { | 516 | { |
510 | int len, result; | 517 | int len, result; |
511 | opaque *tmpstr; | 518 | opaque *tmpstr; |
@@ -557,7 +564,8 @@ MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value, unsigned int *ret | |||
557 | /* Writes the specified integer into the specified node. | 564 | /* Writes the specified integer into the specified node. |
558 | */ | 565 | */ |
559 | int | 566 | int |
560 | MHD__gnutls_x509_write_uint32 (ASN1_TYPE node, const char *value, uint32_t num) | 567 | MHD__gnutls_x509_write_uint32 (ASN1_TYPE node, const char *value, |
568 | uint32_t num) | ||
561 | { | 569 | { |
562 | opaque tmpstr[4]; | 570 | opaque tmpstr[4]; |
563 | int result; | 571 | int result; |
diff --git a/src/daemon/https/x509/mpi.h b/src/daemon/https/x509/mpi.h index 6c4534b4..edac2eee 100644 --- a/src/daemon/https/x509/mpi.h +++ b/src/daemon/https/x509/mpi.h | |||
@@ -26,32 +26,35 @@ | |||
26 | #include "x509.h" | 26 | #include "x509.h" |
27 | 27 | ||
28 | int MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert, | 28 | int MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert, |
29 | mpi_t * params, int *params_size); | 29 | mpi_t * params, int *params_size); |
30 | int MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize, mpi_t * params); | 30 | int MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize, |
31 | int MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, mpi_t * params); | 31 | mpi_t * params); |
32 | int MHD__gnutls_x509_read_dsa_params (opaque * der, int dersize, mpi_t * params); | 32 | int MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, |
33 | mpi_t * params); | ||
34 | int MHD__gnutls_x509_read_dsa_params (opaque * der, int dersize, | ||
35 | mpi_t * params); | ||
33 | 36 | ||
34 | int MHD__gnutls_x509_write_rsa_params (mpi_t * params, int params_size, | 37 | int MHD__gnutls_x509_write_rsa_params (mpi_t * params, int params_size, |
35 | MHD_gnutls_datum_t * der); | 38 | MHD_gnutls_datum_t * der); |
36 | int MHD__gnutls_x509_write_dsa_params (mpi_t * params, int params_size, | 39 | int MHD__gnutls_x509_write_dsa_params (mpi_t * params, int params_size, |
37 | MHD_gnutls_datum_t * der); | ||
38 | int MHD__gnutls_x509_write_dsa_public_key (mpi_t * params, int params_size, | ||
39 | MHD_gnutls_datum_t * der); | 40 | MHD_gnutls_datum_t * der); |
41 | int MHD__gnutls_x509_write_dsa_public_key (mpi_t * params, int params_size, | ||
42 | MHD_gnutls_datum_t * der); | ||
40 | 43 | ||
41 | int MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value, | 44 | int MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value, |
42 | unsigned int *ret); | 45 | unsigned int *ret); |
43 | 46 | ||
44 | int MHD__gnutls_x509_read_der_int (opaque * der, int dersize, mpi_t * out); | 47 | int MHD__gnutls_x509_read_der_int (opaque * der, int dersize, mpi_t * out); |
45 | 48 | ||
46 | int MHD__gnutls_x509_read_int (ASN1_TYPE node, const char *value, | 49 | int MHD__gnutls_x509_read_int (ASN1_TYPE node, const char *value, |
47 | mpi_t * ret_mpi); | 50 | mpi_t * ret_mpi); |
48 | int MHD__gnutls_x509_write_int (ASN1_TYPE node, const char *value, mpi_t mpi, | 51 | int MHD__gnutls_x509_write_int (ASN1_TYPE node, const char *value, mpi_t mpi, |
49 | int lz); | 52 | int lz); |
50 | int MHD__gnutls_x509_write_uint32 (ASN1_TYPE node, const char *value, | 53 | int MHD__gnutls_x509_write_uint32 (ASN1_TYPE node, const char *value, |
51 | uint32_t num); | 54 | uint32_t num); |
52 | 55 | ||
53 | int MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst, const char *dst_name, | 56 | int MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst, const char *dst_name, |
54 | enum MHD_GNUTLS_PublicKeyAlgorithm | 57 | enum MHD_GNUTLS_PublicKeyAlgorithm |
55 | pk_algorithm, | 58 | pk_algorithm, |
56 | enum MHD_GNUTLS_HashAlgorithm, | 59 | enum MHD_GNUTLS_HashAlgorithm, |
57 | mpi_t * params, int params_size); | 60 | mpi_t * params, int params_size); |
diff --git a/src/daemon/https/x509/pkcs12.h b/src/daemon/https/x509/pkcs12.h index a9738b94..74d4d06b 100644 --- a/src/daemon/https/x509/pkcs12.h +++ b/src/daemon/https/x509/pkcs12.h | |||
@@ -81,37 +81,40 @@ extern "C" | |||
81 | int MHD_gnutls_pkcs12_init (MHD_gnutls_pkcs12_t * pkcs12); | 81 | int MHD_gnutls_pkcs12_init (MHD_gnutls_pkcs12_t * pkcs12); |
82 | void MHD_gnutls_pkcs12_deinit (MHD_gnutls_pkcs12_t pkcs12); | 82 | void MHD_gnutls_pkcs12_deinit (MHD_gnutls_pkcs12_t pkcs12); |
83 | int MHD_gnutls_pkcs12_import (MHD_gnutls_pkcs12_t pkcs12, | 83 | int MHD_gnutls_pkcs12_import (MHD_gnutls_pkcs12_t pkcs12, |
84 | const MHD_gnutls_datum_t * data, | 84 | const MHD_gnutls_datum_t * data, |
85 | MHD_gnutls_x509_crt_fmt_t format, unsigned int flags); | 85 | MHD_gnutls_x509_crt_fmt_t format, |
86 | unsigned int flags); | ||
86 | int MHD_gnutls_pkcs12_export (MHD_gnutls_pkcs12_t pkcs12, | 87 | int MHD_gnutls_pkcs12_export (MHD_gnutls_pkcs12_t pkcs12, |
87 | MHD_gnutls_x509_crt_fmt_t format, | 88 | MHD_gnutls_x509_crt_fmt_t format, |
88 | void *output_data, size_t * output_data_size); | 89 | void *output_data, size_t * output_data_size); |
89 | 90 | ||
90 | int MHD_gnutls_pkcs12_bag_decrypt (MHD_gnutls_pkcs12_bag_t bag, const char *pass); | 91 | int MHD_gnutls_pkcs12_bag_decrypt (MHD_gnutls_pkcs12_bag_t bag, |
92 | const char *pass); | ||
91 | int MHD_gnutls_pkcs12_bag_encrypt (MHD_gnutls_pkcs12_bag_t bag, | 93 | int MHD_gnutls_pkcs12_bag_encrypt (MHD_gnutls_pkcs12_bag_t bag, |
92 | const char *pass, unsigned int flags); | 94 | const char *pass, unsigned int flags); |
93 | 95 | ||
94 | int MHD_gnutls_pkcs12_bag_get_data (MHD_gnutls_pkcs12_bag_t bag, | 96 | int MHD_gnutls_pkcs12_bag_get_data (MHD_gnutls_pkcs12_bag_t bag, |
95 | int indx, MHD_gnutls_datum_t * data); | 97 | int indx, MHD_gnutls_datum_t * data); |
96 | int MHD_gnutls_pkcs12_bag_set_data (MHD_gnutls_pkcs12_bag_t bag, | 98 | int MHD_gnutls_pkcs12_bag_set_data (MHD_gnutls_pkcs12_bag_t bag, |
97 | MHD_gnutls_pkcs12_bag_type_t type, | 99 | MHD_gnutls_pkcs12_bag_type_t type, |
98 | const MHD_gnutls_datum_t * data); | 100 | const MHD_gnutls_datum_t * data); |
99 | int MHD_gnutls_pkcs12_bag_set_crl (MHD_gnutls_pkcs12_bag_t bag, | 101 | int MHD_gnutls_pkcs12_bag_set_crl (MHD_gnutls_pkcs12_bag_t bag, |
100 | MHD_gnutls_x509_crl_t crl); | 102 | MHD_gnutls_x509_crl_t crl); |
101 | int MHD_gnutls_pkcs12_bag_set_crt (MHD_gnutls_pkcs12_bag_t bag, | 103 | int MHD_gnutls_pkcs12_bag_set_crt (MHD_gnutls_pkcs12_bag_t bag, |
102 | MHD_gnutls_x509_crt_t crt); | 104 | MHD_gnutls_x509_crt_t crt); |
103 | 105 | ||
104 | int MHD_gnutls_pkcs12_bag_get_count (MHD_gnutls_pkcs12_bag_t bag); | 106 | int MHD_gnutls_pkcs12_bag_get_count (MHD_gnutls_pkcs12_bag_t bag); |
105 | 107 | ||
106 | int MHD_gnutls_pkcs12_bag_get_key_id (MHD_gnutls_pkcs12_bag_t bag, | 108 | int MHD_gnutls_pkcs12_bag_get_key_id (MHD_gnutls_pkcs12_bag_t bag, |
107 | int indx, MHD_gnutls_datum_t * id); | 109 | int indx, MHD_gnutls_datum_t * id); |
108 | int MHD_gnutls_pkcs12_bag_set_key_id (MHD_gnutls_pkcs12_bag_t bag, | 110 | int MHD_gnutls_pkcs12_bag_set_key_id (MHD_gnutls_pkcs12_bag_t bag, |
109 | int indx, const MHD_gnutls_datum_t * id); | 111 | int indx, |
112 | const MHD_gnutls_datum_t * id); | ||
110 | 113 | ||
111 | int MHD_gnutls_pkcs12_bag_get_friendly_name (MHD_gnutls_pkcs12_bag_t bag, | 114 | int MHD_gnutls_pkcs12_bag_get_friendly_name (MHD_gnutls_pkcs12_bag_t bag, |
112 | int indx, char **name); | 115 | int indx, char **name); |
113 | int MHD_gnutls_pkcs12_bag_set_friendly_name (MHD_gnutls_pkcs12_bag_t bag, | 116 | int MHD_gnutls_pkcs12_bag_set_friendly_name (MHD_gnutls_pkcs12_bag_t bag, |
114 | int indx, const char *name); | 117 | int indx, const char *name); |
115 | 118 | ||
116 | #ifdef __cplusplus | 119 | #ifdef __cplusplus |
117 | } | 120 | } |
@@ -136,10 +139,10 @@ typedef enum schema_id | |||
136 | } schema_id; | 139 | } schema_id; |
137 | 140 | ||
138 | int MHD_pkcs12_string_to_key (unsigned int id, | 141 | int MHD_pkcs12_string_to_key (unsigned int id, |
139 | const opaque * salt, | 142 | const opaque * salt, |
140 | unsigned int salt_size, | 143 | unsigned int salt_size, |
141 | unsigned int iter, | 144 | unsigned int iter, |
142 | const char *pw, | 145 | const char *pw, |
143 | unsigned int req_keylen, opaque * keybuf); | 146 | unsigned int req_keylen, opaque * keybuf); |
144 | 147 | ||
145 | #endif /* GNUTLS_PKCS12_H */ | 148 | #endif /* GNUTLS_PKCS12_H */ |
diff --git a/src/daemon/https/x509/pkcs12_encr.c b/src/daemon/https/x509/pkcs12_encr.c index 0cfb59e5..e534489c 100644 --- a/src/daemon/https/x509/pkcs12_encr.c +++ b/src/daemon/https/x509/pkcs12_encr.c | |||
@@ -55,9 +55,9 @@ MHD_pkcs12_check_pass (const char *pass, size_t plen) | |||
55 | */ | 55 | */ |
56 | int | 56 | int |
57 | MHD_pkcs12_string_to_key (unsigned int id, const opaque * salt, | 57 | MHD_pkcs12_string_to_key (unsigned int id, const opaque * salt, |
58 | unsigned int salt_size, unsigned int iter, | 58 | unsigned int salt_size, unsigned int iter, |
59 | const char *pw, unsigned int req_keylen, | 59 | const char *pw, unsigned int req_keylen, |
60 | opaque * keybuf) | 60 | opaque * keybuf) |
61 | { | 61 | { |
62 | int rc; | 62 | int rc; |
63 | unsigned int i, j; | 63 | unsigned int i, j; |
@@ -115,13 +115,13 @@ MHD_pkcs12_string_to_key (unsigned int id, const opaque * salt, | |||
115 | for (i = 0; i < 64; i++) | 115 | for (i = 0; i < 64; i++) |
116 | { | 116 | { |
117 | unsigned char lid = id & 0xFF; | 117 | unsigned char lid = id & 0xFF; |
118 | MHD_gc_hash_write (md, 1, (const char*) &lid); | 118 | MHD_gc_hash_write (md, 1, (const char *) &lid); |
119 | } | 119 | } |
120 | MHD_gc_hash_write (md, pw ? 128 : 64, (const char*) buf_i); | 120 | MHD_gc_hash_write (md, pw ? 128 : 64, (const char *) buf_i); |
121 | memcpy (hash, MHD_gc_hash_read (md), 20); | 121 | memcpy (hash, MHD_gc_hash_read (md), 20); |
122 | MHD_gc_hash_close (md); | 122 | MHD_gc_hash_close (md); |
123 | for (i = 1; i < iter; i++) | 123 | for (i = 1; i < iter; i++) |
124 | MHD_gc_hash_buffer (GC_SHA1, hash, 20, (char*) hash); | 124 | MHD_gc_hash_buffer (GC_SHA1, hash, 20, (char *) hash); |
125 | for (i = 0; i < 20 && cur_keylen < req_keylen; i++) | 125 | for (i = 0; i < 20 && cur_keylen < req_keylen; i++) |
126 | keybuf[cur_keylen++] = hash[i]; | 126 | keybuf[cur_keylen++] = hash[i]; |
127 | if (cur_keylen == req_keylen) | 127 | if (cur_keylen == req_keylen) |
diff --git a/src/daemon/https/x509/pkcs7.c b/src/daemon/https/x509/pkcs7.c index 8b0b6b54..45f2b03c 100644 --- a/src/daemon/https/x509/pkcs7.c +++ b/src/daemon/https/x509/pkcs7.c | |||
@@ -69,7 +69,8 @@ _decode_pkcs7_signed_data (ASN1_TYPE pkcs7, ASN1_TYPE * sdata, | |||
69 | } | 69 | } |
70 | 70 | ||
71 | if ((result = MHD__asn1_create_element | 71 | if ((result = MHD__asn1_create_element |
72 | (MHD__gnutls_get_pkix (), "PKIX1.pkcs-7-SignedData", &c2)) != ASN1_SUCCESS) | 72 | (MHD__gnutls_get_pkix (), "PKIX1.pkcs-7-SignedData", |
73 | &c2)) != ASN1_SUCCESS) | ||
73 | { | 74 | { |
74 | MHD_gnutls_assert (); | 75 | MHD_gnutls_assert (); |
75 | return MHD_gtls_asn2err (result); | 76 | return MHD_gtls_asn2err (result); |
@@ -158,8 +159,8 @@ MHD_gnutls_pkcs7_init (MHD_gnutls_pkcs7_t * pkcs7) | |||
158 | if (*pkcs7) | 159 | if (*pkcs7) |
159 | { | 160 | { |
160 | int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 161 | int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
161 | "PKIX1.pkcs-7-ContentInfo", | 162 | "PKIX1.pkcs-7-ContentInfo", |
162 | &(*pkcs7)->pkcs7); | 163 | &(*pkcs7)->pkcs7); |
163 | if (result != ASN1_SUCCESS) | 164 | if (result != ASN1_SUCCESS) |
164 | { | 165 | { |
165 | MHD_gnutls_assert (); | 166 | MHD_gnutls_assert (); |
@@ -205,8 +206,9 @@ MHD_gnutls_pkcs7_deinit (MHD_gnutls_pkcs7_t pkcs7) | |||
205 | * | 206 | * |
206 | **/ | 207 | **/ |
207 | int | 208 | int |
208 | MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * data, | 209 | MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, |
209 | MHD_gnutls_x509_crt_fmt_t format) | 210 | const MHD_gnutls_datum_t * data, |
211 | MHD_gnutls_x509_crt_fmt_t format) | ||
210 | { | 212 | { |
211 | int result = 0, need_free = 0; | 213 | int result = 0, need_free = 0; |
212 | MHD_gnutls_datum_t _data; | 214 | MHD_gnutls_datum_t _data; |
@@ -224,7 +226,7 @@ MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * da | |||
224 | opaque *out; | 226 | opaque *out; |
225 | 227 | ||
226 | result = MHD__gnutls_fbase64_decode (PEM_PKCS7, data->data, data->size, | 228 | result = MHD__gnutls_fbase64_decode (PEM_PKCS7, data->data, data->size, |
227 | &out); | 229 | &out); |
228 | 230 | ||
229 | if (result <= 0) | 231 | if (result <= 0) |
230 | { | 232 | { |
@@ -241,7 +243,8 @@ MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * da | |||
241 | } | 243 | } |
242 | 244 | ||
243 | 245 | ||
244 | result = MHD__asn1_der_decoding (&pkcs7->pkcs7, _data.data, _data.size, NULL); | 246 | result = |
247 | MHD__asn1_der_decoding (&pkcs7->pkcs7, _data.data, _data.size, NULL); | ||
245 | if (result != ASN1_SUCCESS) | 248 | if (result != ASN1_SUCCESS) |
246 | { | 249 | { |
247 | result = MHD_gtls_asn2err (result); | 250 | result = MHD_gtls_asn2err (result); |
@@ -277,8 +280,8 @@ cleanup: | |||
277 | **/ | 280 | **/ |
278 | int | 281 | int |
279 | MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7, | 282 | MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7, |
280 | int indx, void *certificate, | 283 | int indx, void *certificate, |
281 | size_t * certificate_size) | 284 | size_t * certificate_size) |
282 | { | 285 | { |
283 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 286 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
284 | int result, len; | 287 | int result, len; |
@@ -327,7 +330,7 @@ MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7, | |||
327 | int start, end; | 330 | int start, end; |
328 | 331 | ||
329 | result = MHD__asn1_der_decoding_startEnd (c2, tmp.data, tmp.size, | 332 | result = MHD__asn1_der_decoding_startEnd (c2, tmp.data, tmp.size, |
330 | root2, &start, &end); | 333 | root2, &start, &end); |
331 | 334 | ||
332 | if (result != ASN1_SUCCESS) | 335 | if (result != ASN1_SUCCESS) |
333 | { | 336 | { |
@@ -432,14 +435,14 @@ MHD_gnutls_pkcs7_get_crt_count (MHD_gnutls_pkcs7_t pkcs7) | |||
432 | **/ | 435 | **/ |
433 | int | 436 | int |
434 | MHD_gnutls_pkcs7_export (MHD_gnutls_pkcs7_t pkcs7, | 437 | MHD_gnutls_pkcs7_export (MHD_gnutls_pkcs7_t pkcs7, |
435 | MHD_gnutls_x509_crt_fmt_t format, void *output_data, | 438 | MHD_gnutls_x509_crt_fmt_t format, void *output_data, |
436 | size_t * output_data_size) | 439 | size_t * output_data_size) |
437 | { | 440 | { |
438 | if (pkcs7 == NULL) | 441 | if (pkcs7 == NULL) |
439 | return GNUTLS_E_INVALID_REQUEST; | 442 | return GNUTLS_E_INVALID_REQUEST; |
440 | 443 | ||
441 | return MHD__gnutls_x509_export_int (pkcs7->pkcs7, format, PEM_PKCS7, | 444 | return MHD__gnutls_x509_export_int (pkcs7->pkcs7, format, PEM_PKCS7, |
442 | output_data, output_data_size); | 445 | output_data, output_data_size); |
443 | } | 446 | } |
444 | 447 | ||
445 | /* Creates an empty signed data structure in the pkcs7 | 448 | /* Creates an empty signed data structure in the pkcs7 |
@@ -478,7 +481,7 @@ create_empty_signed_data (ASN1_TYPE pkcs7, ASN1_TYPE * sdata) | |||
478 | /* id-data */ | 481 | /* id-data */ |
479 | result = | 482 | result = |
480 | MHD__asn1_write_value (*sdata, "encapContentInfo.eContentType", | 483 | MHD__asn1_write_value (*sdata, "encapContentInfo.eContentType", |
481 | "1.2.840.113549.1.7.5", 1); | 484 | "1.2.840.113549.1.7.5", 1); |
482 | if (result != ASN1_SUCCESS) | 485 | if (result != ASN1_SUCCESS) |
483 | { | 486 | { |
484 | MHD_gnutls_assert (); | 487 | MHD_gnutls_assert (); |
@@ -486,7 +489,8 @@ create_empty_signed_data (ASN1_TYPE pkcs7, ASN1_TYPE * sdata) | |||
486 | goto cleanup; | 489 | goto cleanup; |
487 | } | 490 | } |
488 | 491 | ||
489 | result = MHD__asn1_write_value (*sdata, "encapContentInfo.eContent", NULL, 0); | 492 | result = |
493 | MHD__asn1_write_value (*sdata, "encapContentInfo.eContent", NULL, 0); | ||
490 | if (result != ASN1_SUCCESS) | 494 | if (result != ASN1_SUCCESS) |
491 | { | 495 | { |
492 | MHD_gnutls_assert (); | 496 | MHD_gnutls_assert (); |
@@ -531,7 +535,8 @@ cleanup: | |||
531 | * | 535 | * |
532 | **/ | 536 | **/ |
533 | int | 537 | int |
534 | MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * crt) | 538 | MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7, |
539 | const MHD_gnutls_datum_t * crt) | ||
535 | { | 540 | { |
536 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 541 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
537 | int result; | 542 | int result; |
@@ -585,7 +590,7 @@ MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t | |||
585 | 590 | ||
586 | result = | 591 | result = |
587 | MHD__asn1_write_value (c2, "certificates.?LAST.certificate", crt->data, | 592 | MHD__asn1_write_value (c2, "certificates.?LAST.certificate", crt->data, |
588 | crt->size); | 593 | crt->size); |
589 | if (result != ASN1_SUCCESS) | 594 | if (result != ASN1_SUCCESS) |
590 | { | 595 | { |
591 | MHD_gnutls_assert (); | 596 | MHD_gnutls_assert (); |
@@ -735,7 +740,7 @@ cleanup: | |||
735 | **/ | 740 | **/ |
736 | int | 741 | int |
737 | MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7, | 742 | MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7, |
738 | int indx, void *crl, size_t * crl_size) | 743 | int indx, void *crl, size_t * crl_size) |
739 | { | 744 | { |
740 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 745 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
741 | int result; | 746 | int result; |
@@ -763,7 +768,7 @@ MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7, | |||
763 | /* Get the raw CRL | 768 | /* Get the raw CRL |
764 | */ | 769 | */ |
765 | result = MHD__asn1_der_decoding_startEnd (c2, tmp.data, tmp.size, | 770 | result = MHD__asn1_der_decoding_startEnd (c2, tmp.data, tmp.size, |
766 | root2, &start, &end); | 771 | root2, &start, &end); |
767 | 772 | ||
768 | if (result != ASN1_SUCCESS) | 773 | if (result != ASN1_SUCCESS) |
769 | { | 774 | { |
@@ -849,7 +854,8 @@ MHD_gnutls_pkcs7_get_crl_count (MHD_gnutls_pkcs7_t pkcs7) | |||
849 | * | 854 | * |
850 | **/ | 855 | **/ |
851 | int | 856 | int |
852 | MHD_gnutls_pkcs7_set_crl_raw (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * crl) | 857 | MHD_gnutls_pkcs7_set_crl_raw (MHD_gnutls_pkcs7_t pkcs7, |
858 | const MHD_gnutls_datum_t * crl) | ||
853 | { | 859 | { |
854 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 860 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
855 | int result; | 861 | int result; |
diff --git a/src/daemon/https/x509/privkey.h b/src/daemon/https/x509/privkey.h index 31fc2d72..37c68703 100644 --- a/src/daemon/https/x509/privkey.h +++ b/src/daemon/https/x509/privkey.h | |||
@@ -25,7 +25,8 @@ | |||
25 | #include "x509.h" | 25 | #include "x509.h" |
26 | 26 | ||
27 | ASN1_TYPE MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * | 27 | ASN1_TYPE MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * |
28 | raw_key, | 28 | raw_key, |
29 | MHD_gnutls_x509_privkey_t pkey); | 29 | MHD_gnutls_x509_privkey_t |
30 | pkey); | ||
30 | 31 | ||
31 | int MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params); | 32 | int MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params); |
diff --git a/src/daemon/https/x509/privkey_pkcs8.c b/src/daemon/https/x509/privkey_pkcs8.c index 741552e1..30f2caae 100644 --- a/src/daemon/https/x509/privkey_pkcs8.c +++ b/src/daemon/https/x509/privkey_pkcs8.c | |||
@@ -82,7 +82,7 @@ static int decrypt_data (schema_id, ASN1_TYPE pkcs8_asn, const char *root, | |||
82 | static int decode_private_key_info (const MHD_gnutls_datum_t * der, | 82 | static int decode_private_key_info (const MHD_gnutls_datum_t * der, |
83 | MHD_gnutls_x509_privkey_t pkey); | 83 | MHD_gnutls_x509_privkey_t pkey); |
84 | static int readMHD_pkcs12_kdf_params (ASN1_TYPE pbes2_asn, | 84 | static int readMHD_pkcs12_kdf_params (ASN1_TYPE pbes2_asn, |
85 | struct pbkdf2_params *params); | 85 | struct pbkdf2_params *params); |
86 | 86 | ||
87 | #define PEM_PKCS8 "ENCRYPTED PRIVATE KEY" | 87 | #define PEM_PKCS8 "ENCRYPTED PRIVATE KEY" |
88 | #define PEM_UNENCRYPTED_PKCS8 "PRIVATE KEY" | 88 | #define PEM_UNENCRYPTED_PKCS8 "PRIVATE KEY" |
@@ -106,7 +106,8 @@ check_schema (const char *oid) | |||
106 | if (strcmp (oid, PKCS12_PBE_RC2_40_SHA1_OID) == 0) | 106 | if (strcmp (oid, PKCS12_PBE_RC2_40_SHA1_OID) == 0) |
107 | return PKCS12_RC2_40_SHA1; | 107 | return PKCS12_RC2_40_SHA1; |
108 | 108 | ||
109 | MHD__gnutls_x509_log ("PKCS encryption schema OID '%s' is unsupported.\n", oid); | 109 | MHD__gnutls_x509_log ("PKCS encryption schema OID '%s' is unsupported.\n", |
110 | oid); | ||
110 | 111 | ||
111 | return GNUTLS_E_UNKNOWN_CIPHER_TYPE; | 112 | return GNUTLS_E_UNKNOWN_CIPHER_TYPE; |
112 | } | 113 | } |
@@ -134,8 +135,8 @@ read_pkcs_schema_params (schema_id schema, const char *password, | |||
134 | */ | 135 | */ |
135 | if ((result = | 136 | if ((result = |
136 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 137 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
137 | "PKIX1.pkcs-5-PBES2-params", | 138 | "PKIX1.pkcs-5-PBES2-params", |
138 | &pbes2_asn)) != ASN1_SUCCESS) | 139 | &pbes2_asn)) != ASN1_SUCCESS) |
139 | { | 140 | { |
140 | MHD_gnutls_assert (); | 141 | MHD_gnutls_assert (); |
141 | result = MHD_gtls_asn2err (result); | 142 | result = MHD_gtls_asn2err (result); |
@@ -197,8 +198,8 @@ read_pkcs_schema_params (schema_id schema, const char *password, | |||
197 | 198 | ||
198 | if ((result = | 199 | if ((result = |
199 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 200 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
200 | "PKIX1.pkcs-12-PbeParams", | 201 | "PKIX1.pkcs-12-PbeParams", |
201 | &pbes2_asn)) != ASN1_SUCCESS) | 202 | &pbes2_asn)) != ASN1_SUCCESS) |
202 | { | 203 | { |
203 | MHD_gnutls_assert (); | 204 | MHD_gnutls_assert (); |
204 | result = MHD_gtls_asn2err (result); | 205 | result = MHD_gtls_asn2err (result); |
@@ -226,9 +227,9 @@ read_pkcs_schema_params (schema_id schema, const char *password, | |||
226 | { | 227 | { |
227 | result = | 228 | result = |
228 | MHD_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt, | 229 | MHD_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt, |
229 | kdf_params->salt_size, | 230 | kdf_params->salt_size, |
230 | kdf_params->iter_count, password, | 231 | kdf_params->iter_count, password, |
231 | enc_params->iv_size, enc_params->iv); | 232 | enc_params->iv_size, enc_params->iv); |
232 | if (result < 0) | 233 | if (result < 0) |
233 | { | 234 | { |
234 | MHD_gnutls_assert (); | 235 | MHD_gnutls_assert (); |
@@ -270,15 +271,16 @@ decode_pkcs8_key (const MHD_gnutls_datum_t * raw_key, | |||
270 | 271 | ||
271 | if ((result = | 272 | if ((result = |
272 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 273 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
273 | "PKIX1.pkcs-8-EncryptedPrivateKeyInfo", | 274 | "PKIX1.pkcs-8-EncryptedPrivateKeyInfo", |
274 | &pkcs8_asn)) != ASN1_SUCCESS) | 275 | &pkcs8_asn)) != ASN1_SUCCESS) |
275 | { | 276 | { |
276 | MHD_gnutls_assert (); | 277 | MHD_gnutls_assert (); |
277 | result = MHD_gtls_asn2err (result); | 278 | result = MHD_gtls_asn2err (result); |
278 | goto error; | 279 | goto error; |
279 | } | 280 | } |
280 | 281 | ||
281 | result = MHD__asn1_der_decoding (&pkcs8_asn, raw_key->data, raw_key->size, NULL); | 282 | result = |
283 | MHD__asn1_der_decoding (&pkcs8_asn, raw_key->data, raw_key->size, NULL); | ||
282 | if (result != ASN1_SUCCESS) | 284 | if (result != ASN1_SUCCESS) |
283 | { | 285 | { |
284 | MHD_gnutls_assert (); | 286 | MHD_gnutls_assert (); |
@@ -291,7 +293,7 @@ decode_pkcs8_key (const MHD_gnutls_datum_t * raw_key, | |||
291 | len = sizeof (enc_oid); | 293 | len = sizeof (enc_oid); |
292 | result = | 294 | result = |
293 | MHD__asn1_read_value (pkcs8_asn, "encryptionAlgorithm.algorithm", | 295 | MHD__asn1_read_value (pkcs8_asn, "encryptionAlgorithm.algorithm", |
294 | enc_oid, &len); | 296 | enc_oid, &len); |
295 | if (result != ASN1_SUCCESS) | 297 | if (result != ASN1_SUCCESS) |
296 | { | 298 | { |
297 | MHD_gnutls_assert (); | 299 | MHD_gnutls_assert (); |
@@ -310,9 +312,9 @@ decode_pkcs8_key (const MHD_gnutls_datum_t * raw_key, | |||
310 | */ | 312 | */ |
311 | result = | 313 | result = |
312 | MHD__asn1_der_decoding_startEnd (pkcs8_asn, raw_key->data, | 314 | MHD__asn1_der_decoding_startEnd (pkcs8_asn, raw_key->data, |
313 | raw_key->size, | 315 | raw_key->size, |
314 | "encryptionAlgorithm.parameters", | 316 | "encryptionAlgorithm.parameters", |
315 | ¶ms_start, ¶ms_end); | 317 | ¶ms_start, ¶ms_end); |
316 | if (result != ASN1_SUCCESS) | 318 | if (result != ASN1_SUCCESS) |
317 | { | 319 | { |
318 | MHD_gnutls_assert (); | 320 | MHD_gnutls_assert (); |
@@ -416,8 +418,8 @@ decode_private_key_info (const MHD_gnutls_datum_t * der, | |||
416 | 418 | ||
417 | if ((result = | 419 | if ((result = |
418 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 420 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
419 | "PKIX1.pkcs-8-PrivateKeyInfo", | 421 | "PKIX1.pkcs-8-PrivateKeyInfo", |
420 | &pkcs8_asn)) != ASN1_SUCCESS) | 422 | &pkcs8_asn)) != ASN1_SUCCESS) |
421 | { | 423 | { |
422 | MHD_gnutls_assert (); | 424 | MHD_gnutls_assert (); |
423 | result = MHD_gtls_asn2err (result); | 425 | result = MHD_gtls_asn2err (result); |
@@ -436,7 +438,8 @@ decode_private_key_info (const MHD_gnutls_datum_t * der, | |||
436 | */ | 438 | */ |
437 | len = sizeof (oid); | 439 | len = sizeof (oid); |
438 | result = | 440 | result = |
439 | MHD__asn1_read_value (pkcs8_asn, "privateKeyAlgorithm.algorithm", oid, &len); | 441 | MHD__asn1_read_value (pkcs8_asn, "privateKeyAlgorithm.algorithm", oid, |
442 | &len); | ||
440 | if (result != ASN1_SUCCESS) | 443 | if (result != ASN1_SUCCESS) |
441 | { | 444 | { |
442 | MHD_gnutls_assert (); | 445 | MHD_gnutls_assert (); |
@@ -446,7 +449,7 @@ decode_private_key_info (const MHD_gnutls_datum_t * der, | |||
446 | 449 | ||
447 | /* we only support RSA and DSA private keys. | 450 | /* we only support RSA and DSA private keys. |
448 | */ | 451 | */ |
449 | if (strcmp ((const char*) oid, PK_PKIX1_RSA_OID) == 0) | 452 | if (strcmp ((const char *) oid, PK_PKIX1_RSA_OID) == 0) |
450 | pkey->pk_algorithm = MHD_GNUTLS_PK_RSA; | 453 | pkey->pk_algorithm = MHD_GNUTLS_PK_RSA; |
451 | else | 454 | else |
452 | { | 455 | { |
@@ -502,9 +505,10 @@ error: | |||
502 | **/ | 505 | **/ |
503 | int | 506 | int |
504 | MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key, | 507 | MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key, |
505 | const MHD_gnutls_datum_t * data, | 508 | const MHD_gnutls_datum_t * data, |
506 | MHD_gnutls_x509_crt_fmt_t format, | 509 | MHD_gnutls_x509_crt_fmt_t format, |
507 | const char *password, unsigned int flags) | 510 | const char *password, |
511 | unsigned int flags) | ||
508 | { | 512 | { |
509 | int result = 0, need_free = 0; | 513 | int result = 0, need_free = 0; |
510 | MHD_gnutls_datum_t _data; | 514 | MHD_gnutls_datum_t _data; |
@@ -530,13 +534,14 @@ MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key, | |||
530 | */ | 534 | */ |
531 | result = | 535 | result = |
532 | MHD__gnutls_fbase64_decode (PEM_UNENCRYPTED_PKCS8, | 536 | MHD__gnutls_fbase64_decode (PEM_UNENCRYPTED_PKCS8, |
533 | data->data, data->size, &out); | 537 | data->data, data->size, &out); |
534 | 538 | ||
535 | if (result < 0) | 539 | if (result < 0) |
536 | { /* Try the encrypted header | 540 | { /* Try the encrypted header |
537 | */ | 541 | */ |
538 | result = | 542 | result = |
539 | MHD__gnutls_fbase64_decode (PEM_PKCS8, data->data, data->size, &out); | 543 | MHD__gnutls_fbase64_decode (PEM_PKCS8, data->data, data->size, |
544 | &out); | ||
540 | 545 | ||
541 | if (result <= 0) | 546 | if (result <= 0) |
542 | { | 547 | { |
@@ -589,7 +594,8 @@ cleanup: | |||
589 | */ | 594 | */ |
590 | static int | 595 | static int |
591 | read_pbkdf2_params (ASN1_TYPE pbes2_asn, | 596 | read_pbkdf2_params (ASN1_TYPE pbes2_asn, |
592 | const MHD_gnutls_datum_t * der, struct pbkdf2_params *params) | 597 | const MHD_gnutls_datum_t * der, |
598 | struct pbkdf2_params *params) | ||
593 | { | 599 | { |
594 | int params_start, params_end; | 600 | int params_start, params_end; |
595 | int params_len, len, result; | 601 | int params_len, len, result; |
@@ -602,7 +608,8 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn, | |||
602 | */ | 608 | */ |
603 | len = sizeof (oid); | 609 | len = sizeof (oid); |
604 | result = | 610 | result = |
605 | MHD__asn1_read_value (pbes2_asn, "keyDerivationFunc.algorithm", oid, &len); | 611 | MHD__asn1_read_value (pbes2_asn, "keyDerivationFunc.algorithm", oid, |
612 | &len); | ||
606 | if (result != ASN1_SUCCESS) | 613 | if (result != ASN1_SUCCESS) |
607 | { | 614 | { |
608 | MHD_gnutls_assert (); | 615 | MHD_gnutls_assert (); |
@@ -620,8 +627,8 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn, | |||
620 | 627 | ||
621 | result = | 628 | result = |
622 | MHD__asn1_der_decoding_startEnd (pbes2_asn, der->data, der->size, | 629 | MHD__asn1_der_decoding_startEnd (pbes2_asn, der->data, der->size, |
623 | "keyDerivationFunc.parameters", | 630 | "keyDerivationFunc.parameters", |
624 | ¶ms_start, ¶ms_end); | 631 | ¶ms_start, ¶ms_end); |
625 | if (result != ASN1_SUCCESS) | 632 | if (result != ASN1_SUCCESS) |
626 | { | 633 | { |
627 | MHD_gnutls_assert (); | 634 | MHD_gnutls_assert (); |
@@ -634,8 +641,8 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn, | |||
634 | */ | 641 | */ |
635 | if ((result = | 642 | if ((result = |
636 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 643 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
637 | "PKIX1.pkcs-5-PBKDF2-params", | 644 | "PKIX1.pkcs-5-PBKDF2-params", |
638 | &pbkdf2_asn)) != ASN1_SUCCESS) | 645 | &pbkdf2_asn)) != ASN1_SUCCESS) |
639 | { | 646 | { |
640 | MHD_gnutls_assert (); | 647 | MHD_gnutls_assert (); |
641 | return MHD_gtls_asn2err (result); | 648 | return MHD_gtls_asn2err (result); |
@@ -643,7 +650,7 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn, | |||
643 | 650 | ||
644 | result = | 651 | result = |
645 | MHD__asn1_der_decoding (&pbkdf2_asn, &der->data[params_start], | 652 | MHD__asn1_der_decoding (&pbkdf2_asn, &der->data[params_start], |
646 | params_len, NULL); | 653 | params_len, NULL); |
647 | if (result != ASN1_SUCCESS) | 654 | if (result != ASN1_SUCCESS) |
648 | { | 655 | { |
649 | MHD_gnutls_assert (); | 656 | MHD_gnutls_assert (); |
@@ -655,7 +662,7 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn, | |||
655 | params->salt_size = sizeof (params->salt); | 662 | params->salt_size = sizeof (params->salt); |
656 | result = | 663 | result = |
657 | MHD__asn1_read_value (pbkdf2_asn, "salt.specified", params->salt, | 664 | MHD__asn1_read_value (pbkdf2_asn, "salt.specified", params->salt, |
658 | ¶ms->salt_size); | 665 | ¶ms->salt_size); |
659 | if (result != ASN1_SUCCESS) | 666 | if (result != ASN1_SUCCESS) |
660 | { | 667 | { |
661 | MHD_gnutls_assert (); | 668 | MHD_gnutls_assert (); |
@@ -668,7 +675,7 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn, | |||
668 | */ | 675 | */ |
669 | result = | 676 | result = |
670 | MHD__gnutls_x509_read_uint (pbkdf2_asn, "iterationCount", | 677 | MHD__gnutls_x509_read_uint (pbkdf2_asn, "iterationCount", |
671 | ¶ms->iter_count); | 678 | ¶ms->iter_count); |
672 | if (result != ASN1_SUCCESS) | 679 | if (result != ASN1_SUCCESS) |
673 | { | 680 | { |
674 | MHD_gnutls_assert (); | 681 | MHD_gnutls_assert (); |
@@ -709,7 +716,8 @@ readMHD_pkcs12_kdf_params (ASN1_TYPE pbes2_asn, struct pbkdf2_params *params) | |||
709 | /* read the salt */ | 716 | /* read the salt */ |
710 | params->salt_size = sizeof (params->salt); | 717 | params->salt_size = sizeof (params->salt); |
711 | result = | 718 | result = |
712 | MHD__asn1_read_value (pbes2_asn, "salt", params->salt, ¶ms->salt_size); | 719 | MHD__asn1_read_value (pbes2_asn, "salt", params->salt, |
720 | ¶ms->salt_size); | ||
713 | if (result != ASN1_SUCCESS) | 721 | if (result != ASN1_SUCCESS) |
714 | { | 722 | { |
715 | MHD_gnutls_assert (); | 723 | MHD_gnutls_assert (); |
@@ -794,8 +802,8 @@ read_pbe_enc_params (ASN1_TYPE pbes2_asn, | |||
794 | 802 | ||
795 | result = | 803 | result = |
796 | MHD__asn1_der_decoding_startEnd (pbes2_asn, der->data, der->size, | 804 | MHD__asn1_der_decoding_startEnd (pbes2_asn, der->data, der->size, |
797 | "encryptionScheme.parameters", | 805 | "encryptionScheme.parameters", |
798 | ¶ms_start, ¶ms_end); | 806 | ¶ms_start, ¶ms_end); |
799 | if (result != ASN1_SUCCESS) | 807 | if (result != ASN1_SUCCESS) |
800 | { | 808 | { |
801 | MHD_gnutls_assert (); | 809 | MHD_gnutls_assert (); |
@@ -807,15 +815,16 @@ read_pbe_enc_params (ASN1_TYPE pbes2_asn, | |||
807 | */ | 815 | */ |
808 | if ((result = | 816 | if ((result = |
809 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 817 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
810 | "PKIX1.pkcs-5-des-EDE3-CBC-params", | 818 | "PKIX1.pkcs-5-des-EDE3-CBC-params", |
811 | &pbe_asn)) != ASN1_SUCCESS) | 819 | &pbe_asn)) != ASN1_SUCCESS) |
812 | { | 820 | { |
813 | MHD_gnutls_assert (); | 821 | MHD_gnutls_assert (); |
814 | return MHD_gtls_asn2err (result); | 822 | return MHD_gtls_asn2err (result); |
815 | } | 823 | } |
816 | 824 | ||
817 | result = | 825 | result = |
818 | MHD__asn1_der_decoding (&pbe_asn, &der->data[params_start], params_len, NULL); | 826 | MHD__asn1_der_decoding (&pbe_asn, &der->data[params_start], params_len, |
827 | NULL); | ||
819 | if (result != ASN1_SUCCESS) | 828 | if (result != ASN1_SUCCESS) |
820 | { | 829 | { |
821 | MHD_gnutls_assert (); | 830 | MHD_gnutls_assert (); |
@@ -899,9 +908,10 @@ decrypt_data (schema_id schema, ASN1_TYPE pkcs8_asn, | |||
899 | if (schema == PBES2) | 908 | if (schema == PBES2) |
900 | { | 909 | { |
901 | result = MHD_gc_pbkdf2_sha1 (password, strlen (password), | 910 | result = MHD_gc_pbkdf2_sha1 (password, strlen (password), |
902 | (const char*) kdf_params->salt, kdf_params->salt_size, | 911 | (const char *) kdf_params->salt, |
903 | kdf_params->iter_count, | 912 | kdf_params->salt_size, |
904 | (char*) key, key_size); | 913 | kdf_params->iter_count, (char *) key, |
914 | key_size); | ||
905 | 915 | ||
906 | if (result != GC_OK) | 916 | if (result != GC_OK) |
907 | { | 917 | { |
@@ -914,9 +924,9 @@ decrypt_data (schema_id schema, ASN1_TYPE pkcs8_asn, | |||
914 | { | 924 | { |
915 | result = | 925 | result = |
916 | MHD_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt, | 926 | MHD_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt, |
917 | kdf_params->salt_size, | 927 | kdf_params->salt_size, |
918 | kdf_params->iter_count, password, | 928 | kdf_params->iter_count, password, |
919 | key_size, key); | 929 | key_size, key); |
920 | 930 | ||
921 | if (result < 0) | 931 | if (result < 0) |
922 | { | 932 | { |
diff --git a/src/daemon/https/x509/rfc2818_hostname.c b/src/daemon/https/x509/rfc2818_hostname.c index fe03af33..be49a778 100644 --- a/src/daemon/https/x509/rfc2818_hostname.c +++ b/src/daemon/https/x509/rfc2818_hostname.c | |||
@@ -84,7 +84,8 @@ MHD__gnutls_hostname_compare (const char *certname, const char *hostname) | |||
84 | * Returns non zero for a successful match, and zero on failure. | 84 | * Returns non zero for a successful match, and zero on failure. |
85 | **/ | 85 | **/ |
86 | int | 86 | int |
87 | MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, const char *hostname) | 87 | MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, |
88 | const char *hostname) | ||
88 | { | 89 | { |
89 | 90 | ||
90 | char dnsname[MAX_CN]; | 91 | char dnsname[MAX_CN]; |
@@ -112,8 +113,8 @@ MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, const char *host | |||
112 | 113 | ||
113 | dnsnamesize = sizeof (dnsname); | 114 | dnsnamesize = sizeof (dnsname); |
114 | ret = MHD_gnutls_x509_crt_get_subject_alt_name (cert, i, | 115 | ret = MHD_gnutls_x509_crt_get_subject_alt_name (cert, i, |
115 | dnsname, &dnsnamesize, | 116 | dnsname, &dnsnamesize, |
116 | NULL); | 117 | NULL); |
117 | 118 | ||
118 | if (ret == GNUTLS_SAN_DNSNAME) | 119 | if (ret == GNUTLS_SAN_DNSNAME) |
119 | { | 120 | { |
@@ -141,7 +142,7 @@ MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, const char *host | |||
141 | */ | 142 | */ |
142 | dnsnamesize = sizeof (dnsname); | 143 | dnsnamesize = sizeof (dnsname); |
143 | if (MHD_gnutls_x509_crt_get_dn_by_oid (cert, OID_X520_COMMON_NAME, 0, | 144 | if (MHD_gnutls_x509_crt_get_dn_by_oid (cert, OID_X520_COMMON_NAME, 0, |
144 | 0, dnsname, &dnsnamesize) < 0) | 145 | 0, dnsname, &dnsnamesize) < 0) |
145 | { | 146 | { |
146 | /* got an error, can't find a name | 147 | /* got an error, can't find a name |
147 | */ | 148 | */ |
diff --git a/src/daemon/https/x509/sign.c b/src/daemon/https/x509/sign.c index eb3da891..1cc032be 100644 --- a/src/daemon/https/x509/sign.c +++ b/src/daemon/https/x509/sign.c | |||
@@ -50,7 +50,8 @@ | |||
50 | */ | 50 | */ |
51 | static int | 51 | static int |
52 | encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash, | 52 | encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash, |
53 | const MHD_gnutls_datum_t * digest, MHD_gnutls_datum_t * info) | 53 | const MHD_gnutls_datum_t * digest, |
54 | MHD_gnutls_datum_t * info) | ||
54 | { | 55 | { |
55 | ASN1_TYPE dinfo = ASN1_TYPE_EMPTY; | 56 | ASN1_TYPE dinfo = ASN1_TYPE_EMPTY; |
56 | int result; | 57 | int result; |
@@ -65,14 +66,15 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash, | |||
65 | } | 66 | } |
66 | 67 | ||
67 | if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), | 68 | if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
68 | "GNUTLS.DigestInfo", | 69 | "GNUTLS.DigestInfo", |
69 | &dinfo)) != ASN1_SUCCESS) | 70 | &dinfo)) != ASN1_SUCCESS) |
70 | { | 71 | { |
71 | MHD_gnutls_assert (); | 72 | MHD_gnutls_assert (); |
72 | return MHD_gtls_asn2err (result); | 73 | return MHD_gtls_asn2err (result); |
73 | } | 74 | } |
74 | 75 | ||
75 | result = MHD__asn1_write_value (dinfo, "digestAlgorithm.algorithm", algo, 1); | 76 | result = |
77 | MHD__asn1_write_value (dinfo, "digestAlgorithm.algorithm", algo, 1); | ||
76 | if (result != ASN1_SUCCESS) | 78 | if (result != ASN1_SUCCESS) |
77 | { | 79 | { |
78 | MHD_gnutls_assert (); | 80 | MHD_gnutls_assert (); |
@@ -86,7 +88,7 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash, | |||
86 | Regardless of what is correct, this appears to be what most | 88 | Regardless of what is correct, this appears to be what most |
87 | implementations do. */ | 89 | implementations do. */ |
88 | result = MHD__asn1_write_value (dinfo, "digestAlgorithm.parameters", | 90 | result = MHD__asn1_write_value (dinfo, "digestAlgorithm.parameters", |
89 | "\x05\x00", 2); | 91 | "\x05\x00", 2); |
90 | if (result != ASN1_SUCCESS) | 92 | if (result != ASN1_SUCCESS) |
91 | { | 93 | { |
92 | MHD_gnutls_assert (); | 94 | MHD_gnutls_assert (); |
@@ -94,7 +96,8 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash, | |||
94 | return MHD_gtls_asn2err (result); | 96 | return MHD_gtls_asn2err (result); |
95 | } | 97 | } |
96 | 98 | ||
97 | result = MHD__asn1_write_value (dinfo, "digest", digest->data, digest->size); | 99 | result = |
100 | MHD__asn1_write_value (dinfo, "digest", digest->data, digest->size); | ||
98 | if (result != ASN1_SUCCESS) | 101 | if (result != ASN1_SUCCESS) |
99 | { | 102 | { |
100 | MHD_gnutls_assert (); | 103 | MHD_gnutls_assert (); |
@@ -103,7 +106,7 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash, | |||
103 | } | 106 | } |
104 | 107 | ||
105 | info->size = 0; | 108 | info->size = 0; |
106 | MHD__asn1_der_coding (dinfo, "", NULL, (int*) &info->size, NULL); | 109 | MHD__asn1_der_coding (dinfo, "", NULL, (int *) &info->size, NULL); |
107 | 110 | ||
108 | info->data = MHD_gnutls_malloc (info->size); | 111 | info->data = MHD_gnutls_malloc (info->size); |
109 | if (info->data == NULL) | 112 | if (info->data == NULL) |
@@ -113,7 +116,8 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash, | |||
113 | return GNUTLS_E_MEMORY_ERROR; | 116 | return GNUTLS_E_MEMORY_ERROR; |
114 | } | 117 | } |
115 | 118 | ||
116 | result = MHD__asn1_der_coding (dinfo, "", info->data, (int*) &info->size, NULL); | 119 | result = |
120 | MHD__asn1_der_coding (dinfo, "", info->data, (int *) &info->size, NULL); | ||
117 | if (result != ASN1_SUCCESS) | 121 | if (result != ASN1_SUCCESS) |
118 | { | 122 | { |
119 | MHD_gnutls_assert (); | 123 | MHD_gnutls_assert (); |
@@ -133,8 +137,8 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash, | |||
133 | */ | 137 | */ |
134 | static int | 138 | static int |
135 | pkcs1_rsa_sign (enum MHD_GNUTLS_HashAlgorithm hash, | 139 | pkcs1_rsa_sign (enum MHD_GNUTLS_HashAlgorithm hash, |
136 | const MHD_gnutls_datum_t * text, mpi_t * params, int params_len, | 140 | const MHD_gnutls_datum_t * text, mpi_t * params, |
137 | MHD_gnutls_datum_t * signature) | 141 | int params_len, MHD_gnutls_datum_t * signature) |
138 | { | 142 | { |
139 | int ret; | 143 | int ret; |
140 | opaque _digest[MAX_HASH_SIZE]; | 144 | opaque _digest[MAX_HASH_SIZE]; |
@@ -187,8 +191,9 @@ pkcs1_rsa_sign (enum MHD_GNUTLS_HashAlgorithm hash, | |||
187 | */ | 191 | */ |
188 | static int | 192 | static int |
189 | MHD__gnutls_x509_sign (const MHD_gnutls_datum_t * tbs, | 193 | MHD__gnutls_x509_sign (const MHD_gnutls_datum_t * tbs, |
190 | enum MHD_GNUTLS_HashAlgorithm hash, | 194 | enum MHD_GNUTLS_HashAlgorithm hash, |
191 | MHD_gnutls_x509_privkey_t signer, MHD_gnutls_datum_t * signature) | 195 | MHD_gnutls_x509_privkey_t signer, |
196 | MHD_gnutls_datum_t * signature) | ||
192 | { | 197 | { |
193 | int ret; | 198 | int ret; |
194 | 199 | ||
@@ -218,9 +223,9 @@ MHD__gnutls_x509_sign (const MHD_gnutls_datum_t * tbs, | |||
218 | */ | 223 | */ |
219 | int | 224 | int |
220 | MHD__gnutls_x509_sign_tbs (ASN1_TYPE cert, const char *tbs_name, | 225 | MHD__gnutls_x509_sign_tbs (ASN1_TYPE cert, const char *tbs_name, |
221 | enum MHD_GNUTLS_HashAlgorithm hash, | 226 | enum MHD_GNUTLS_HashAlgorithm hash, |
222 | MHD_gnutls_x509_privkey_t signer, | 227 | MHD_gnutls_x509_privkey_t signer, |
223 | MHD_gnutls_datum_t * signature) | 228 | MHD_gnutls_datum_t * signature) |
224 | { | 229 | { |
225 | int result; | 230 | int result; |
226 | opaque *buf; | 231 | opaque *buf; |
diff --git a/src/daemon/https/x509/sign.h b/src/daemon/https/x509/sign.h index 03993157..51e51b92 100644 --- a/src/daemon/https/x509/sign.h +++ b/src/daemon/https/x509/sign.h | |||
@@ -23,6 +23,6 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | int MHD__gnutls_x509_sign_tbs (ASN1_TYPE cert, const char *tbs_name, | 25 | int MHD__gnutls_x509_sign_tbs (ASN1_TYPE cert, const char *tbs_name, |
26 | enum MHD_GNUTLS_HashAlgorithm hash, | 26 | enum MHD_GNUTLS_HashAlgorithm hash, |
27 | MHD_gnutls_x509_privkey_t signer, | 27 | MHD_gnutls_x509_privkey_t signer, |
28 | MHD_gnutls_datum_t * signature); | 28 | MHD_gnutls_datum_t * signature); |
diff --git a/src/daemon/https/x509/verify.h b/src/daemon/https/x509/verify.h index 0a2e020c..bd9978e3 100644 --- a/src/daemon/https/x509/verify.h +++ b/src/daemon/https/x509/verify.h | |||
@@ -25,10 +25,12 @@ | |||
25 | #include "x509.h" | 25 | #include "x509.h" |
26 | 26 | ||
27 | int MHD_gnutls_x509_crt_is_issuer (MHD_gnutls_x509_crt_t cert, | 27 | int MHD_gnutls_x509_crt_is_issuer (MHD_gnutls_x509_crt_t cert, |
28 | MHD_gnutls_x509_crt_t issuer); | ||
29 | int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, | ||
30 | const MHD_gnutls_datum_t * signature, | ||
31 | MHD_gnutls_x509_crt_t issuer); | 28 | MHD_gnutls_x509_crt_t issuer); |
29 | int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, | ||
30 | const MHD_gnutls_datum_t * signature, | ||
31 | MHD_gnutls_x509_crt_t issuer); | ||
32 | int MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs, | 32 | int MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs, |
33 | const MHD_gnutls_datum_t * signature, | 33 | const MHD_gnutls_datum_t * |
34 | MHD_gnutls_x509_privkey_t issuer); | 34 | signature, |
35 | MHD_gnutls_x509_privkey_t | ||
36 | issuer); | ||
diff --git a/src/daemon/https/x509/x509.c b/src/daemon/https/x509/x509.c index 7bb907ab..e64d34b2 100644 --- a/src/daemon/https/x509/x509.c +++ b/src/daemon/https/x509/x509.c | |||
@@ -51,14 +51,15 @@ | |||
51 | int | 51 | int |
52 | MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert) | 52 | MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert) |
53 | { | 53 | { |
54 | MHD_gnutls_x509_crt_t tmp = MHD_gnutls_calloc (1, sizeof (MHD_gnutls_x509_crt_int)); | 54 | MHD_gnutls_x509_crt_t tmp = |
55 | MHD_gnutls_calloc (1, sizeof (MHD_gnutls_x509_crt_int)); | ||
55 | int result; | 56 | int result; |
56 | 57 | ||
57 | if (!tmp) | 58 | if (!tmp) |
58 | return GNUTLS_E_MEMORY_ERROR; | 59 | return GNUTLS_E_MEMORY_ERROR; |
59 | 60 | ||
60 | result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), | 61 | result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
61 | "PKIX1.Certificate", &tmp->cert); | 62 | "PKIX1.Certificate", &tmp->cert); |
62 | if (result != ASN1_SUCCESS) | 63 | if (result != ASN1_SUCCESS) |
63 | { | 64 | { |
64 | MHD_gnutls_assert (); | 65 | MHD_gnutls_assert (); |
@@ -107,8 +108,8 @@ MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert) | |||
107 | **/ | 108 | **/ |
108 | int | 109 | int |
109 | MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, | 110 | MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, |
110 | const MHD_gnutls_datum_t * data, | 111 | const MHD_gnutls_datum_t * data, |
111 | MHD_gnutls_x509_crt_fmt_t format) | 112 | MHD_gnutls_x509_crt_fmt_t format) |
112 | { | 113 | { |
113 | int result = 0, need_free = 0; | 114 | int result = 0, need_free = 0; |
114 | MHD_gnutls_datum_t _data; | 115 | MHD_gnutls_datum_t _data; |
@@ -130,14 +131,15 @@ MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, | |||
130 | opaque *out; | 131 | opaque *out; |
131 | 132 | ||
132 | /* Try the first header */ | 133 | /* Try the first header */ |
133 | result = MHD__gnutls_fbase64_decode (PEM_X509_CERT2, data->data, data->size, | 134 | result = |
134 | &out); | 135 | MHD__gnutls_fbase64_decode (PEM_X509_CERT2, data->data, data->size, |
136 | &out); | ||
135 | 137 | ||
136 | if (result <= 0) | 138 | if (result <= 0) |
137 | { | 139 | { |
138 | /* try for the second header */ | 140 | /* try for the second header */ |
139 | result = MHD__gnutls_fbase64_decode (PEM_X509_CERT, data->data, | 141 | result = MHD__gnutls_fbase64_decode (PEM_X509_CERT, data->data, |
140 | data->size, &out); | 142 | data->size, &out); |
141 | 143 | ||
142 | if (result <= 0) | 144 | if (result <= 0) |
143 | { | 145 | { |
@@ -205,10 +207,10 @@ cleanup:MHD_gnutls_free (signature); | |||
205 | **/ | 207 | **/ |
206 | int | 208 | int |
207 | MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, | 209 | MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, |
208 | const char *oid, | 210 | const char *oid, |
209 | int indx, | 211 | int indx, |
210 | unsigned int raw_flag, | 212 | unsigned int raw_flag, |
211 | void *buf, size_t * sizeof_buf) | 213 | void *buf, size_t * sizeof_buf) |
212 | { | 214 | { |
213 | if (cert == NULL) | 215 | if (cert == NULL) |
214 | { | 216 | { |
@@ -217,8 +219,8 @@ MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, | |||
217 | } | 219 | } |
218 | 220 | ||
219 | return MHD__gnutls_x509_parse_dn_oid (cert->cert, | 221 | return MHD__gnutls_x509_parse_dn_oid (cert->cert, |
220 | "tbsCertificate.subject.rdnSequence", oid, | 222 | "tbsCertificate.subject.rdnSequence", |
221 | indx, raw_flag, buf, sizeof_buf); | 223 | oid, indx, raw_flag, buf, sizeof_buf); |
222 | } | 224 | } |
223 | 225 | ||
224 | /** | 226 | /** |
@@ -247,8 +249,8 @@ MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert) | |||
247 | * read. They will be read from the issuer's certificate if needed. | 249 | * read. They will be read from the issuer's certificate if needed. |
248 | */ | 250 | */ |
249 | result = | 251 | result = |
250 | MHD__gnutls_x509_read_value (cert->cert, "signatureAlgorithm.algorithm", &sa, | 252 | MHD__gnutls_x509_read_value (cert->cert, "signatureAlgorithm.algorithm", |
251 | 0); | 253 | &sa, 0); |
252 | 254 | ||
253 | if (result < 0) | 255 | if (result < 0) |
254 | { | 256 | { |
@@ -256,7 +258,7 @@ MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert) | |||
256 | return result; | 258 | return result; |
257 | } | 259 | } |
258 | 260 | ||
259 | result = MHD_gtls_x509_oid2sign_algorithm ((const char*) sa.data); | 261 | result = MHD_gtls_x509_oid2sign_algorithm ((const char *) sa.data); |
260 | 262 | ||
261 | MHD__gnutls_free_datum (&sa); | 263 | MHD__gnutls_free_datum (&sa); |
262 | 264 | ||
@@ -275,7 +277,7 @@ MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert) | |||
275 | **/ | 277 | **/ |
276 | int | 278 | int |
277 | MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert, | 279 | MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert, |
278 | char *sig, size_t * sizeof_sig) | 280 | char *sig, size_t * sizeof_sig) |
279 | { | 281 | { |
280 | int result; | 282 | int result; |
281 | int bits, len; | 283 | int bits, len; |
@@ -342,7 +344,7 @@ MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert) | |||
342 | len = sizeof (version); | 344 | len = sizeof (version); |
343 | if ((result = | 345 | if ((result = |
344 | MHD__asn1_read_value (cert->cert, "tbsCertificate.version", version, | 346 | MHD__asn1_read_value (cert->cert, "tbsCertificate.version", version, |
345 | &len)) != ASN1_SUCCESS) | 347 | &len)) != ASN1_SUCCESS) |
346 | { | 348 | { |
347 | 349 | ||
348 | if (result == ASN1_ELEMENT_NOT_FOUND) | 350 | if (result == ASN1_ELEMENT_NOT_FOUND) |
@@ -373,7 +375,7 @@ MHD_gnutls_x509_crt_get_activation_time (MHD_gnutls_x509_crt_t cert) | |||
373 | } | 375 | } |
374 | 376 | ||
375 | return MHD__gnutls_x509_get_time (cert->cert, | 377 | return MHD__gnutls_x509_get_time (cert->cert, |
376 | "tbsCertificate.validity.notBefore"); | 378 | "tbsCertificate.validity.notBefore"); |
377 | } | 379 | } |
378 | 380 | ||
379 | /** | 381 | /** |
@@ -395,7 +397,7 @@ MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert) | |||
395 | } | 397 | } |
396 | 398 | ||
397 | return MHD__gnutls_x509_get_time (cert->cert, | 399 | return MHD__gnutls_x509_get_time (cert->cert, |
398 | "tbsCertificate.validity.notAfter"); | 400 | "tbsCertificate.validity.notAfter"); |
399 | } | 401 | } |
400 | 402 | ||
401 | /** | 403 | /** |
@@ -415,7 +417,7 @@ MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert) | |||
415 | **/ | 417 | **/ |
416 | int | 418 | int |
417 | MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, | 419 | MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, |
418 | void *result, size_t * result_size) | 420 | void *result, size_t * result_size) |
419 | { | 421 | { |
420 | int ret, len; | 422 | int ret, len; |
421 | 423 | ||
@@ -428,7 +430,8 @@ MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, | |||
428 | len = *result_size; | 430 | len = *result_size; |
429 | ret | 431 | ret |
430 | = | 432 | = |
431 | MHD__asn1_read_value (cert->cert, "tbsCertificate.serialNumber", result, &len); | 433 | MHD__asn1_read_value (cert->cert, "tbsCertificate.serialNumber", result, |
434 | &len); | ||
432 | *result_size = len; | 435 | *result_size = len; |
433 | 436 | ||
434 | if (ret != ASN1_SUCCESS) | 437 | if (ret != ASN1_SUCCESS) |
@@ -459,7 +462,8 @@ MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, | |||
459 | * | 462 | * |
460 | **/ | 463 | **/ |
461 | int | 464 | int |
462 | MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, unsigned int *bits) | 465 | MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, |
466 | unsigned int *bits) | ||
463 | { | 467 | { |
464 | int result; | 468 | int result; |
465 | 469 | ||
@@ -470,8 +474,8 @@ MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, unsigned int * | |||
470 | } | 474 | } |
471 | 475 | ||
472 | result = MHD__gnutls_x509_get_pk_algorithm (cert->cert, | 476 | result = MHD__gnutls_x509_get_pk_algorithm (cert->cert, |
473 | "tbsCertificate.subjectPublicKeyInfo", | 477 | "tbsCertificate.subjectPublicKeyInfo", |
474 | bits); | 478 | bits); |
475 | 479 | ||
476 | if (result < 0) | 480 | if (result < 0) |
477 | { | 481 | { |
@@ -533,7 +537,7 @@ parse_general_name (ASN1_TYPE src, | |||
533 | return MHD_gtls_asn2err (result); | 537 | return MHD_gtls_asn2err (result); |
534 | } | 538 | } |
535 | 539 | ||
536 | type = MHD__gnutls_x509_san_find_type ((char*) choice_type); | 540 | type = MHD__gnutls_x509_san_find_type ((char *) choice_type); |
537 | if (type == (MHD_gnutls_x509_subject_alt_name_t) - 1) | 541 | if (type == (MHD_gnutls_x509_subject_alt_name_t) - 1) |
538 | { | 542 | { |
539 | MHD_gnutls_assert (); | 543 | MHD_gnutls_assert (); |
@@ -591,8 +595,8 @@ parse_general_name (ASN1_TYPE src, | |||
591 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 595 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
592 | 596 | ||
593 | result = | 597 | result = |
594 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.XmppAddr", | 598 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
595 | &c2); | 599 | "PKIX1.XmppAddr", &c2); |
596 | if (result != ASN1_SUCCESS) | 600 | if (result != ASN1_SUCCESS) |
597 | { | 601 | { |
598 | MHD_gnutls_assert (); | 602 | MHD_gnutls_assert (); |
@@ -636,7 +640,7 @@ parse_general_name (ASN1_TYPE src, | |||
636 | size_t orig_name_size = *name_size; | 640 | size_t orig_name_size = *name_size; |
637 | 641 | ||
638 | MHD_gtls_str_cat (nptr, sizeof (nptr), "."); | 642 | MHD_gtls_str_cat (nptr, sizeof (nptr), "."); |
639 | MHD_gtls_str_cat (nptr, sizeof (nptr), (const char*) choice_type); | 643 | MHD_gtls_str_cat (nptr, sizeof (nptr), (const char *) choice_type); |
640 | 644 | ||
641 | len = *name_size; | 645 | len = *name_size; |
642 | result = MHD__asn1_read_value (src, nptr, name, &len); | 646 | result = MHD__asn1_read_value (src, nptr, name, &len); |
@@ -700,7 +704,7 @@ get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | |||
700 | 704 | ||
701 | if ((result = | 705 | if ((result = |
702 | MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.17", 0, &dnsname, | 706 | MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.17", 0, &dnsname, |
703 | critical)) < 0) | 707 | critical)) < 0) |
704 | { | 708 | { |
705 | return result; | 709 | return result; |
706 | } | 710 | } |
@@ -712,7 +716,8 @@ get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | |||
712 | } | 716 | } |
713 | 717 | ||
714 | result = | 718 | result = |
715 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.SubjectAltName", &c2); | 719 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.SubjectAltName", |
720 | &c2); | ||
716 | if (result != ASN1_SUCCESS) | 721 | if (result != ASN1_SUCCESS) |
717 | { | 722 | { |
718 | MHD_gnutls_assert (); | 723 | MHD_gnutls_assert (); |
@@ -781,10 +786,10 @@ get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | |||
781 | **/ | 786 | **/ |
782 | int | 787 | int |
783 | MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | 788 | MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, |
784 | unsigned int seq, | 789 | unsigned int seq, |
785 | void *ret, | 790 | void *ret, |
786 | size_t * ret_size, | 791 | size_t * ret_size, |
787 | unsigned int *critical) | 792 | unsigned int *critical) |
788 | { | 793 | { |
789 | return get_subject_alt_name (cert, seq, ret, ret_size, NULL, critical, 0); | 794 | return get_subject_alt_name (cert, seq, ret, ret_size, NULL, critical, 0); |
790 | } | 795 | } |
@@ -811,8 +816,8 @@ MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | |||
811 | **/ | 816 | **/ |
812 | static int | 817 | static int |
813 | MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, | 818 | MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, |
814 | unsigned int *critical, | 819 | unsigned int *critical, |
815 | int *ca, int *pathlen) | 820 | int *ca, int *pathlen) |
816 | { | 821 | { |
817 | int result; | 822 | int result; |
818 | MHD_gnutls_datum_t basicConstraints; | 823 | MHD_gnutls_datum_t basicConstraints; |
@@ -825,8 +830,8 @@ MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, | |||
825 | } | 830 | } |
826 | 831 | ||
827 | if ((result = MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.19", 0, | 832 | if ((result = MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.19", 0, |
828 | &basicConstraints, critical)) | 833 | &basicConstraints, |
829 | < 0) | 834 | critical)) < 0) |
830 | { | 835 | { |
831 | return result; | 836 | return result; |
832 | } | 837 | } |
@@ -838,8 +843,10 @@ MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, | |||
838 | } | 843 | } |
839 | 844 | ||
840 | result = MHD__gnutls_x509_ext_extract_basicConstraints (&tmp_ca, pathlen, | 845 | result = MHD__gnutls_x509_ext_extract_basicConstraints (&tmp_ca, pathlen, |
841 | basicConstraints.data, | 846 | basicConstraints. |
842 | basicConstraints.size); | 847 | data, |
848 | basicConstraints. | ||
849 | size); | ||
843 | if (ca) | 850 | if (ca) |
844 | *ca = tmp_ca; | 851 | *ca = tmp_ca; |
845 | MHD__gnutls_free_datum (&basicConstraints); | 852 | MHD__gnutls_free_datum (&basicConstraints); |
@@ -872,11 +879,12 @@ MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, | |||
872 | * | 879 | * |
873 | **/ | 880 | **/ |
874 | int | 881 | int |
875 | MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, unsigned int *critical) | 882 | MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, |
883 | unsigned int *critical) | ||
876 | { | 884 | { |
877 | int ca, pathlen; | 885 | int ca, pathlen; |
878 | return MHD_gnutls_x509_crt_get_basic_constraints (cert, critical, &ca, | 886 | return MHD_gnutls_x509_crt_get_basic_constraints (cert, critical, &ca, |
879 | &pathlen); | 887 | &pathlen); |
880 | } | 888 | } |
881 | 889 | ||
882 | /** | 890 | /** |
@@ -900,8 +908,8 @@ MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, unsigned int *cri | |||
900 | **/ | 908 | **/ |
901 | int | 909 | int |
902 | MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | 910 | MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, |
903 | unsigned int *key_usage, | 911 | unsigned int *key_usage, |
904 | unsigned int *critical) | 912 | unsigned int *critical) |
905 | { | 913 | { |
906 | int result; | 914 | int result; |
907 | MHD_gnutls_datum_t keyUsage; | 915 | MHD_gnutls_datum_t keyUsage; |
@@ -915,7 +923,7 @@ MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | |||
915 | 923 | ||
916 | if ((result = | 924 | if ((result = |
917 | MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.15", 0, &keyUsage, | 925 | MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.15", 0, &keyUsage, |
918 | critical)) < 0) | 926 | critical)) < 0) |
919 | { | 927 | { |
920 | return result; | 928 | return result; |
921 | } | 929 | } |
@@ -927,7 +935,7 @@ MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | |||
927 | } | 935 | } |
928 | 936 | ||
929 | result = MHD__gnutls_x509_ext_extract_keyUsage (&_usage, keyUsage.data, | 937 | result = MHD__gnutls_x509_ext_extract_keyUsage (&_usage, keyUsage.data, |
930 | keyUsage.size); | 938 | keyUsage.size); |
931 | MHD__gnutls_free_datum (&keyUsage); | 939 | MHD__gnutls_free_datum (&keyUsage); |
932 | 940 | ||
933 | *key_usage = _usage; | 941 | *key_usage = _usage; |
@@ -944,7 +952,8 @@ MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | |||
944 | 952 | ||
945 | static int | 953 | static int |
946 | MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert, | 954 | MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert, |
947 | const char *whom, MHD_gnutls_datum_t * start) | 955 | const char *whom, |
956 | MHD_gnutls_datum_t * start) | ||
948 | { | 957 | { |
949 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; | 958 | ASN1_TYPE c2 = ASN1_TYPE_EMPTY; |
950 | int result, len1; | 959 | int result, len1; |
@@ -956,22 +965,24 @@ MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert, | |||
956 | /* get the issuer of 'cert' | 965 | /* get the issuer of 'cert' |
957 | */ | 966 | */ |
958 | if ((result = | 967 | if ((result = |
959 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.TBSCertificate", | 968 | MHD__asn1_create_element (MHD__gnutls_get_pkix (), |
960 | &c2)) != ASN1_SUCCESS) | 969 | "PKIX1.TBSCertificate", |
970 | &c2)) != ASN1_SUCCESS) | ||
961 | { | 971 | { |
962 | MHD_gnutls_assert (); | 972 | MHD_gnutls_assert (); |
963 | return MHD_gtls_asn2err (result); | 973 | return MHD_gtls_asn2err (result); |
964 | } | 974 | } |
965 | 975 | ||
966 | result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", | 976 | result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", |
967 | &signed_data); | 977 | &signed_data); |
968 | if (result < 0) | 978 | if (result < 0) |
969 | { | 979 | { |
970 | MHD_gnutls_assert (); | 980 | MHD_gnutls_assert (); |
971 | goto cleanup; | 981 | goto cleanup; |
972 | } | 982 | } |
973 | 983 | ||
974 | result = MHD__asn1_der_decoding (&c2, signed_data.data, signed_data.size, NULL); | 984 | result = |
985 | MHD__asn1_der_decoding (&c2, signed_data.data, signed_data.size, NULL); | ||
975 | if (result != ASN1_SUCCESS) | 986 | if (result != ASN1_SUCCESS) |
976 | { | 987 | { |
977 | MHD_gnutls_assert (); | 988 | MHD_gnutls_assert (); |
@@ -980,8 +991,9 @@ MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert, | |||
980 | goto cleanup; | 991 | goto cleanup; |
981 | } | 992 | } |
982 | 993 | ||
983 | result = MHD__asn1_der_decoding_startEnd (c2, signed_data.data, signed_data.size, | 994 | result = |
984 | whom, &start1, &end1); | 995 | MHD__asn1_der_decoding_startEnd (c2, signed_data.data, signed_data.size, |
996 | whom, &start1, &end1); | ||
985 | 997 | ||
986 | if (result != ASN1_SUCCESS) | 998 | if (result != ASN1_SUCCESS) |
987 | { | 999 | { |
@@ -1014,7 +1026,7 @@ cleanup:MHD__asn1_delete_structure (&c2); | |||
1014 | **/ | 1026 | **/ |
1015 | int | 1027 | int |
1016 | MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, | 1028 | MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, |
1017 | MHD_gnutls_datum_t * start) | 1029 | MHD_gnutls_datum_t * start) |
1018 | { | 1030 | { |
1019 | return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "issuer", start); | 1031 | return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "issuer", start); |
1020 | } | 1032 | } |
@@ -1031,13 +1043,15 @@ MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, | |||
1031 | * | 1043 | * |
1032 | **/ | 1044 | **/ |
1033 | int | 1045 | int |
1034 | MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, MHD_gnutls_datum_t * start) | 1046 | MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, |
1047 | MHD_gnutls_datum_t * start) | ||
1035 | { | 1048 | { |
1036 | return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "subject", start); | 1049 | return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "subject", start); |
1037 | } | 1050 | } |
1038 | 1051 | ||
1039 | static int | 1052 | static int |
1040 | get_dn (MHD_gnutls_x509_crt_t cert, const char *whom, MHD_gnutls_x509_dn_t * dn) | 1053 | get_dn (MHD_gnutls_x509_crt_t cert, const char *whom, |
1054 | MHD_gnutls_x509_dn_t * dn) | ||
1041 | { | 1055 | { |
1042 | *dn = MHD__asn1_find_node (cert->cert, whom); | 1056 | *dn = MHD__asn1_find_node (cert->cert, whom); |
1043 | if (!*dn) | 1057 | if (!*dn) |
@@ -1056,7 +1070,8 @@ get_dn (MHD_gnutls_x509_crt_t cert, const char *whom, MHD_gnutls_x509_dn_t * dn) | |||
1056 | * Returns: Returns 0 on success, or an error code. | 1070 | * Returns: Returns 0 on success, or an error code. |
1057 | **/ | 1071 | **/ |
1058 | int | 1072 | int |
1059 | MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, MHD_gnutls_x509_dn_t * dn) | 1073 | MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, |
1074 | MHD_gnutls_x509_dn_t * dn) | ||
1060 | { | 1075 | { |
1061 | return get_dn (cert, "tbsCertificate.subject.rdnSequence", dn); | 1076 | return get_dn (cert, "tbsCertificate.subject.rdnSequence", dn); |
1062 | } | 1077 | } |
@@ -1083,8 +1098,8 @@ MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, MHD_gnutls_x509_dn_ | |||
1083 | **/ | 1098 | **/ |
1084 | int | 1099 | int |
1085 | MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, | 1100 | MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, |
1086 | MHD_gnutls_x509_crt_fmt_t format, | 1101 | MHD_gnutls_x509_crt_fmt_t format, |
1087 | void *output_data, size_t * output_data_size) | 1102 | void *output_data, size_t * output_data_size) |
1088 | { | 1103 | { |
1089 | if (cert == NULL) | 1104 | if (cert == NULL) |
1090 | { | 1105 | { |
@@ -1093,7 +1108,7 @@ MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, | |||
1093 | } | 1108 | } |
1094 | 1109 | ||
1095 | return MHD__gnutls_x509_export_int (cert->cert, format, "CERTIFICATE", | 1110 | return MHD__gnutls_x509_export_int (cert->cert, format, "CERTIFICATE", |
1096 | output_data, output_data_size); | 1111 | output_data, output_data_size); |
1097 | } | 1112 | } |
1098 | 1113 | ||
1099 | #ifdef ENABLE_PKI | 1114 | #ifdef ENABLE_PKI |
@@ -1112,8 +1127,8 @@ MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, | |||
1112 | **/ | 1127 | **/ |
1113 | int | 1128 | int |
1114 | MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | 1129 | MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, |
1115 | const MHD_gnutls_x509_crl_t * crl_list, | 1130 | const MHD_gnutls_x509_crl_t * crl_list, |
1116 | int crl_list_length) | 1131 | int crl_list_length) |
1117 | { | 1132 | { |
1118 | opaque serial[64]; | 1133 | opaque serial[64]; |
1119 | opaque cert_serial[64]; | 1134 | opaque cert_serial[64]; |
@@ -1160,7 +1175,8 @@ MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | |||
1160 | /* Step 2. Read the certificate's serial number | 1175 | /* Step 2. Read the certificate's serial number |
1161 | */ | 1176 | */ |
1162 | cert_serial_size = sizeof (cert_serial); | 1177 | cert_serial_size = sizeof (cert_serial); |
1163 | ret = MHD_gnutls_x509_crt_get_serial (cert, cert_serial, &cert_serial_size); | 1178 | ret = |
1179 | MHD_gnutls_x509_crt_get_serial (cert, cert_serial, &cert_serial_size); | ||
1164 | if (ret < 0) | 1180 | if (ret < 0) |
1165 | { | 1181 | { |
1166 | MHD_gnutls_assert (); | 1182 | MHD_gnutls_assert (); |
@@ -1182,7 +1198,7 @@ MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | |||
1182 | { | 1198 | { |
1183 | serial_size = sizeof (serial); | 1199 | serial_size = sizeof (serial); |
1184 | ret = MHD_gnutls_x509_crl_get_crt_serial (crl_list[j], i, serial, | 1200 | ret = MHD_gnutls_x509_crl_get_crt_serial (crl_list[j], i, serial, |
1185 | &serial_size, NULL); | 1201 | &serial_size, NULL); |
1186 | 1202 | ||
1187 | if (ret < 0) | 1203 | if (ret < 0) |
1188 | { | 1204 | { |
@@ -1205,4 +1221,3 @@ MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | |||
1205 | } | 1221 | } |
1206 | 1222 | ||
1207 | #endif | 1223 | #endif |
1208 | |||
diff --git a/src/daemon/https/x509/x509.h b/src/daemon/https/x509/x509.h index 87a81954..3afda0da 100644 --- a/src/daemon/https/x509/x509.h +++ b/src/daemon/https/x509/x509.h | |||
@@ -90,17 +90,19 @@ extern "C" | |||
90 | int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert); | 90 | int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert); |
91 | void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert); | 91 | void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert); |
92 | int MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, | 92 | int MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, |
93 | const MHD_gnutls_datum_t * data, | 93 | const MHD_gnutls_datum_t * data, |
94 | MHD_gnutls_x509_crt_fmt_t format); | 94 | MHD_gnutls_x509_crt_fmt_t format); |
95 | int MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, | 95 | int MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, |
96 | MHD_gnutls_x509_crt_fmt_t format, | 96 | MHD_gnutls_x509_crt_fmt_t format, |
97 | void *output_data, size_t * output_data_size); | 97 | void *output_data, |
98 | size_t * output_data_size); | ||
98 | int MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, | 99 | int MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, |
99 | const char *hostname); | 100 | const char *hostname); |
100 | 101 | ||
101 | int MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert); | 102 | int MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t |
103 | cert); | ||
102 | int MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert, | 104 | int MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert, |
103 | char *sig, size_t * sizeof_sig); | 105 | char *sig, size_t * sizeof_sig); |
104 | int MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert); | 106 | int MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert); |
105 | 107 | ||
106 | #define GNUTLS_CRL_REASON_UNUSED 128 | 108 | #define GNUTLS_CRL_REASON_UNUSED 128 |
@@ -116,86 +118,90 @@ extern "C" | |||
116 | time_t MHD_gnutls_x509_crt_get_activation_time (MHD_gnutls_x509_crt_t cert); | 118 | time_t MHD_gnutls_x509_crt_get_activation_time (MHD_gnutls_x509_crt_t cert); |
117 | time_t MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert); | 119 | time_t MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert); |
118 | int MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, | 120 | int MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, |
119 | void *result, size_t * result_size); | 121 | void *result, size_t * result_size); |
120 | 122 | ||
121 | int MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, | 123 | int MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, |
122 | unsigned int *bits); | 124 | unsigned int *bits); |
123 | int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | 125 | int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, |
124 | unsigned int seq, | 126 | unsigned int seq, |
125 | void *ret, | 127 | void *ret, |
126 | size_t * ret_size, | 128 | size_t * ret_size, |
127 | unsigned int *critical); | 129 | unsigned int *critical); |
128 | int MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, | 130 | int MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, |
129 | unsigned int *critical); | 131 | unsigned int *critical); |
130 | /* The key_usage flags are defined in gnutls.h. They are the | 132 | /* The key_usage flags are defined in gnutls.h. They are the |
131 | * GNUTLS_KEY_* definitions. | 133 | * GNUTLS_KEY_* definitions. |
132 | */ | 134 | */ |
133 | int MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | 135 | int MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, |
134 | unsigned int *key_usage, | 136 | unsigned int *key_usage, |
135 | unsigned int *critical); | 137 | unsigned int *critical); |
136 | int MHD_gnutls_x509_crt_set_key_usage (MHD_gnutls_x509_crt_t crt, | 138 | int MHD_gnutls_x509_crt_set_key_usage (MHD_gnutls_x509_crt_t crt, |
137 | unsigned int usage); | 139 | unsigned int usage); |
138 | 140 | ||
139 | int MHD_gnutls_x509_dn_oid_known (const char *oid); | 141 | int MHD_gnutls_x509_dn_oid_known (const char *oid); |
140 | 142 | ||
141 | /* Read extensions by sequence number. */ | 143 | /* Read extensions by sequence number. */ |
142 | int MHD_gnutls_x509_crt_set_extension_by_oid (MHD_gnutls_x509_crt_t crt, | 144 | int MHD_gnutls_x509_crt_set_extension_by_oid (MHD_gnutls_x509_crt_t crt, |
143 | const char *oid, | 145 | const char *oid, |
144 | const void *buf, | 146 | const void *buf, |
145 | size_t sizeof_buf, | 147 | size_t sizeof_buf, |
146 | unsigned int critical); | 148 | unsigned int critical); |
147 | 149 | ||
148 | /* X.509 Certificate writing. | 150 | /* X.509 Certificate writing. |
149 | */ | 151 | */ |
150 | int MHD_gnutls_x509_crt_set_dn_by_oid (MHD_gnutls_x509_crt_t crt, | 152 | int MHD_gnutls_x509_crt_set_dn_by_oid (MHD_gnutls_x509_crt_t crt, |
151 | const char *oid, | 153 | const char *oid, |
152 | unsigned int raw_flag, | 154 | unsigned int raw_flag, |
153 | const void *name, | 155 | const void *name, |
154 | unsigned int sizeof_name); | 156 | unsigned int sizeof_name); |
155 | int MHD_gnutls_x509_crt_set_issuer_dn_by_oid (MHD_gnutls_x509_crt_t crt, | 157 | int MHD_gnutls_x509_crt_set_issuer_dn_by_oid (MHD_gnutls_x509_crt_t crt, |
156 | const char *oid, | 158 | const char *oid, |
157 | unsigned int raw_flag, | 159 | unsigned int raw_flag, |
158 | const void *name, | 160 | const void *name, |
159 | unsigned int sizeof_name); | 161 | unsigned int sizeof_name); |
160 | int MHD_gnutls_x509_crt_set_version (MHD_gnutls_x509_crt_t crt, | 162 | int MHD_gnutls_x509_crt_set_version (MHD_gnutls_x509_crt_t crt, |
161 | unsigned int version); | 163 | unsigned int version); |
162 | int MHD_gnutls_x509_crt_set_key (MHD_gnutls_x509_crt_t crt, | 164 | int MHD_gnutls_x509_crt_set_key (MHD_gnutls_x509_crt_t crt, |
163 | MHD_gnutls_x509_privkey_t key); | 165 | MHD_gnutls_x509_privkey_t key); |
164 | int MHD_gnutls_x509_crt_set_ca_status (MHD_gnutls_x509_crt_t crt, unsigned int ca); | 166 | int MHD_gnutls_x509_crt_set_ca_status (MHD_gnutls_x509_crt_t crt, |
167 | unsigned int ca); | ||
165 | int MHD_gnutls_x509_crt_set_basic_constraints (MHD_gnutls_x509_crt_t crt, | 168 | int MHD_gnutls_x509_crt_set_basic_constraints (MHD_gnutls_x509_crt_t crt, |
166 | unsigned int ca, | 169 | unsigned int ca, |
167 | int pathLenConstraint); | 170 | int pathLenConstraint); |
168 | int MHD_gnutls_x509_crt_set_subject_alternative_name (MHD_gnutls_x509_crt_t crt, | 171 | int MHD_gnutls_x509_crt_set_subject_alternative_name (MHD_gnutls_x509_crt_t |
169 | MHD_gnutls_x509_subject_alt_name_t | 172 | crt, |
170 | type, | 173 | MHD_gnutls_x509_subject_alt_name_t |
171 | const char *data_string); | 174 | type, |
175 | const char | ||
176 | *data_string); | ||
172 | int MHD_gnutls_x509_crt_sign (MHD_gnutls_x509_crt_t crt, | 177 | int MHD_gnutls_x509_crt_sign (MHD_gnutls_x509_crt_t crt, |
173 | MHD_gnutls_x509_crt_t issuer, | 178 | MHD_gnutls_x509_crt_t issuer, |
174 | MHD_gnutls_x509_privkey_t issuer_key); | 179 | MHD_gnutls_x509_privkey_t issuer_key); |
175 | int MHD_gnutls_x509_crt_sign2 (MHD_gnutls_x509_crt_t crt, | 180 | int MHD_gnutls_x509_crt_sign2 (MHD_gnutls_x509_crt_t crt, |
176 | MHD_gnutls_x509_crt_t issuer, | 181 | MHD_gnutls_x509_crt_t issuer, |
177 | MHD_gnutls_x509_privkey_t issuer_key, | 182 | MHD_gnutls_x509_privkey_t issuer_key, |
178 | enum MHD_GNUTLS_HashAlgorithm, | 183 | enum MHD_GNUTLS_HashAlgorithm, |
179 | unsigned int flags); | 184 | unsigned int flags); |
180 | int MHD_gnutls_x509_crt_set_activation_time (MHD_gnutls_x509_crt_t cert, | 185 | int MHD_gnutls_x509_crt_set_activation_time (MHD_gnutls_x509_crt_t cert, |
181 | time_t act_time); | 186 | time_t act_time); |
182 | int MHD_gnutls_x509_crt_set_expiration_time (MHD_gnutls_x509_crt_t cert, | 187 | int MHD_gnutls_x509_crt_set_expiration_time (MHD_gnutls_x509_crt_t cert, |
183 | time_t exp_time); | 188 | time_t exp_time); |
184 | int MHD_gnutls_x509_crt_set_serial (MHD_gnutls_x509_crt_t cert, | 189 | int MHD_gnutls_x509_crt_set_serial (MHD_gnutls_x509_crt_t cert, |
185 | const void *serial, size_t serial_size); | 190 | const void *serial, size_t serial_size); |
186 | 191 | ||
187 | int MHD_gnutls_x509_crt_set_subject_key_id (MHD_gnutls_x509_crt_t cert, | 192 | int MHD_gnutls_x509_crt_set_subject_key_id (MHD_gnutls_x509_crt_t cert, |
188 | const void *id, size_t id_size); | 193 | const void *id, size_t id_size); |
189 | 194 | ||
190 | int MHD_gnutls_x509_crt_set_proxy_dn (MHD_gnutls_x509_crt_t crt, | 195 | int MHD_gnutls_x509_crt_set_proxy_dn (MHD_gnutls_x509_crt_t crt, |
191 | MHD_gnutls_x509_crt_t eecrt, | 196 | MHD_gnutls_x509_crt_t eecrt, |
192 | unsigned int raw_flag, | 197 | unsigned int raw_flag, |
193 | const void *name, | 198 | const void *name, |
194 | unsigned int sizeof_name); | 199 | unsigned int sizeof_name); |
195 | int MHD_gnutls_x509_crt_set_proxy (MHD_gnutls_x509_crt_t crt, | 200 | int MHD_gnutls_x509_crt_set_proxy (MHD_gnutls_x509_crt_t crt, |
196 | int pathLenConstraint, | 201 | int pathLenConstraint, |
197 | const char *policyLanguage, | 202 | const char *policyLanguage, |
198 | const char *policy, size_t sizeof_policy); | 203 | const char *policy, |
204 | size_t sizeof_policy); | ||
199 | 205 | ||
200 | typedef enum MHD_gnutls_certificate_print_formats | 206 | typedef enum MHD_gnutls_certificate_print_formats |
201 | { | 207 | { |
@@ -205,31 +211,31 @@ extern "C" | |||
205 | } MHD_gnutls_certificate_print_formats_t; | 211 | } MHD_gnutls_certificate_print_formats_t; |
206 | 212 | ||
207 | int MHD_gnutls_x509_crt_print (MHD_gnutls_x509_crt_t cert, | 213 | int MHD_gnutls_x509_crt_print (MHD_gnutls_x509_crt_t cert, |
208 | MHD_gnutls_certificate_print_formats_t format, | 214 | MHD_gnutls_certificate_print_formats_t |
209 | MHD_gnutls_datum_t * out); | 215 | format, MHD_gnutls_datum_t * out); |
210 | int MHD_gnutls_x509_crl_print (MHD_gnutls_x509_crl_t crl, | 216 | int MHD_gnutls_x509_crl_print (MHD_gnutls_x509_crl_t crl, |
211 | MHD_gnutls_certificate_print_formats_t format, | 217 | MHD_gnutls_certificate_print_formats_t |
212 | MHD_gnutls_datum_t * out); | 218 | format, MHD_gnutls_datum_t * out); |
213 | 219 | ||
214 | /* Access to internal Certificate fields. | 220 | /* Access to internal Certificate fields. |
215 | */ | 221 | */ |
216 | int MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, | 222 | int MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, |
217 | MHD_gnutls_datum_t * start); | 223 | MHD_gnutls_datum_t * start); |
218 | int MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, | 224 | int MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, |
219 | MHD_gnutls_datum_t * start); | 225 | MHD_gnutls_datum_t * start); |
220 | 226 | ||
221 | /* RDN handling. | 227 | /* RDN handling. |
222 | */ | 228 | */ |
223 | int MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, | 229 | int MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, |
224 | char *buf, size_t * sizeof_buf); | 230 | char *buf, size_t * sizeof_buf); |
225 | int MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, | 231 | int MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, |
226 | int indx, void *buf, size_t * sizeof_buf); | 232 | int indx, void *buf, size_t * sizeof_buf); |
227 | 233 | ||
228 | int MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, | 234 | int MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, |
229 | const char *oid, | 235 | const char *oid, |
230 | int indx, | 236 | int indx, |
231 | unsigned int raw_flag, | 237 | unsigned int raw_flag, |
232 | void *buf, size_t * sizeof_buf); | 238 | void *buf, size_t * sizeof_buf); |
233 | 239 | ||
234 | typedef void *MHD_gnutls_x509_dn_t; | 240 | typedef void *MHD_gnutls_x509_dn_t; |
235 | 241 | ||
@@ -241,30 +247,32 @@ extern "C" | |||
241 | } MHD_gnutls_x509_ava_st; | 247 | } MHD_gnutls_x509_ava_st; |
242 | 248 | ||
243 | int MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, | 249 | int MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, |
244 | MHD_gnutls_x509_dn_t * dn); | 250 | MHD_gnutls_x509_dn_t * dn); |
245 | /* CRL handling functions. | 251 | /* CRL handling functions. |
246 | */ | 252 | */ |
247 | int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl); | 253 | int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl); |
248 | void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl); | 254 | void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl); |
249 | 255 | ||
250 | int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, | 256 | int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, |
251 | const MHD_gnutls_datum_t * data, | 257 | const MHD_gnutls_datum_t * data, |
252 | MHD_gnutls_x509_crt_fmt_t format); | 258 | MHD_gnutls_x509_crt_fmt_t format); |
253 | int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, | 259 | int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, |
254 | MHD_gnutls_x509_crt_fmt_t format, | 260 | MHD_gnutls_x509_crt_fmt_t format, |
255 | void *output_data, size_t * output_data_size); | 261 | void *output_data, |
262 | size_t * output_data_size); | ||
256 | 263 | ||
257 | int MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, | 264 | int MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, |
258 | const char *oid, | 265 | const char *oid, |
259 | int indx, | 266 | int indx, |
260 | unsigned int raw_flag, | 267 | unsigned int raw_flag, |
261 | void *buf, size_t * sizeof_buf); | 268 | void *buf, |
262 | int MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, | 269 | size_t * sizeof_buf); |
263 | int indx, void *oid, size_t * sizeof_oid); | 270 | int MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, int indx, |
271 | void *oid, size_t * sizeof_oid); | ||
264 | 272 | ||
265 | int MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl); | 273 | int MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl); |
266 | int MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, | 274 | int MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, |
267 | char *sig, size_t * sizeof_sig); | 275 | char *sig, size_t * sizeof_sig); |
268 | int MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl); | 276 | int MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl); |
269 | 277 | ||
270 | time_t MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl); | 278 | time_t MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl); |
@@ -272,37 +280,38 @@ extern "C" | |||
272 | 280 | ||
273 | int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); | 281 | int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); |
274 | int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, | 282 | int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, |
275 | int indx, | 283 | int indx, |
276 | unsigned char *serial, | 284 | unsigned char *serial, |
277 | size_t * serial_size, time_t * t); | 285 | size_t * serial_size, time_t * t); |
278 | #define MHD_gnutls_x509_crl_get_certificate_count MHD_gnutls_x509_crl_get_crt_count | 286 | #define MHD_gnutls_x509_crl_get_certificate_count MHD_gnutls_x509_crl_get_crt_count |
279 | #define MHD_gnutls_x509_crl_get_certificate MHD_gnutls_x509_crl_get_crt_serial | 287 | #define MHD_gnutls_x509_crl_get_certificate MHD_gnutls_x509_crl_get_crt_serial |
280 | 288 | ||
281 | int MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t crl, | 289 | int MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t crl, |
282 | MHD_gnutls_x509_crt_t issuer); | 290 | MHD_gnutls_x509_crt_t issuer); |
283 | 291 | ||
284 | /* CRL writing. | 292 | /* CRL writing. |
285 | */ | 293 | */ |
286 | int MHD_gnutls_x509_crl_set_version (MHD_gnutls_x509_crl_t crl, | 294 | int MHD_gnutls_x509_crl_set_version (MHD_gnutls_x509_crl_t crl, |
287 | unsigned int version); | 295 | unsigned int version); |
288 | int MHD_gnutls_x509_crl_sign (MHD_gnutls_x509_crl_t crl, | 296 | int MHD_gnutls_x509_crl_sign (MHD_gnutls_x509_crl_t crl, |
289 | MHD_gnutls_x509_crt_t issuer, | 297 | MHD_gnutls_x509_crt_t issuer, |
290 | MHD_gnutls_x509_privkey_t issuer_key); | 298 | MHD_gnutls_x509_privkey_t issuer_key); |
291 | int MHD_gnutls_x509_crl_sign2 (MHD_gnutls_x509_crl_t crl, | 299 | int MHD_gnutls_x509_crl_sign2 (MHD_gnutls_x509_crl_t crl, |
292 | MHD_gnutls_x509_crt_t issuer, | 300 | MHD_gnutls_x509_crt_t issuer, |
293 | MHD_gnutls_x509_privkey_t issuer_key, | 301 | MHD_gnutls_x509_privkey_t issuer_key, |
294 | enum MHD_GNUTLS_HashAlgorithm, | 302 | enum MHD_GNUTLS_HashAlgorithm, |
295 | unsigned int flags); | 303 | unsigned int flags); |
296 | int MHD_gnutls_x509_crl_set_this_update (MHD_gnutls_x509_crl_t crl, | 304 | int MHD_gnutls_x509_crl_set_this_update (MHD_gnutls_x509_crl_t crl, |
297 | time_t act_time); | 305 | time_t act_time); |
298 | int MHD_gnutls_x509_crl_set_next_update (MHD_gnutls_x509_crl_t crl, | 306 | int MHD_gnutls_x509_crl_set_next_update (MHD_gnutls_x509_crl_t crl, |
299 | time_t exp_time); | 307 | time_t exp_time); |
300 | int MHD_gnutls_x509_crl_set_crt_serial (MHD_gnutls_x509_crl_t crl, | 308 | int MHD_gnutls_x509_crl_set_crt_serial (MHD_gnutls_x509_crl_t crl, |
301 | const void *serial, | 309 | const void *serial, |
302 | size_t serial_size, | 310 | size_t serial_size, |
303 | time_t revocation_time); | 311 | time_t revocation_time); |
304 | int MHD_gnutls_x509_crl_set_crt (MHD_gnutls_x509_crl_t crl, | 312 | int MHD_gnutls_x509_crl_set_crt (MHD_gnutls_x509_crl_t crl, |
305 | MHD_gnutls_x509_crt_t crt, time_t revocation_time); | 313 | MHD_gnutls_x509_crt_t crt, |
314 | time_t revocation_time); | ||
306 | 315 | ||
307 | /* PKCS7 structures handling | 316 | /* PKCS7 structures handling |
308 | */ | 317 | */ |
@@ -312,29 +321,32 @@ extern "C" | |||
312 | int MHD_gnutls_pkcs7_init (MHD_gnutls_pkcs7_t * pkcs7); | 321 | int MHD_gnutls_pkcs7_init (MHD_gnutls_pkcs7_t * pkcs7); |
313 | void MHD_gnutls_pkcs7_deinit (MHD_gnutls_pkcs7_t pkcs7); | 322 | void MHD_gnutls_pkcs7_deinit (MHD_gnutls_pkcs7_t pkcs7); |
314 | int MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, | 323 | int MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, |
315 | const MHD_gnutls_datum_t * data, | 324 | const MHD_gnutls_datum_t * data, |
316 | MHD_gnutls_x509_crt_fmt_t format); | 325 | MHD_gnutls_x509_crt_fmt_t format); |
317 | int MHD_gnutls_pkcs7_export (MHD_gnutls_pkcs7_t pkcs7, | 326 | int MHD_gnutls_pkcs7_export (MHD_gnutls_pkcs7_t pkcs7, |
318 | MHD_gnutls_x509_crt_fmt_t format, | 327 | MHD_gnutls_x509_crt_fmt_t format, |
319 | void *output_data, size_t * output_data_size); | 328 | void *output_data, size_t * output_data_size); |
320 | 329 | ||
321 | int MHD_gnutls_pkcs7_get_crt_count (MHD_gnutls_pkcs7_t pkcs7); | 330 | int MHD_gnutls_pkcs7_get_crt_count (MHD_gnutls_pkcs7_t pkcs7); |
322 | int MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7, | 331 | int MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7, |
323 | int indx, | 332 | int indx, |
324 | void *certificate, size_t * certificate_size); | 333 | void *certificate, |
334 | size_t * certificate_size); | ||
325 | 335 | ||
326 | int MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7, | 336 | int MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7, |
327 | const MHD_gnutls_datum_t * crt); | 337 | const MHD_gnutls_datum_t * crt); |
328 | int MHD_gnutls_pkcs7_set_crt (MHD_gnutls_pkcs7_t pkcs7, MHD_gnutls_x509_crt_t crt); | 338 | int MHD_gnutls_pkcs7_set_crt (MHD_gnutls_pkcs7_t pkcs7, |
339 | MHD_gnutls_x509_crt_t crt); | ||
329 | int MHD_gnutls_pkcs7_delete_crt (MHD_gnutls_pkcs7_t pkcs7, int indx); | 340 | int MHD_gnutls_pkcs7_delete_crt (MHD_gnutls_pkcs7_t pkcs7, int indx); |
330 | 341 | ||
331 | int MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7, | 342 | int MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7, |
332 | int indx, void *crl, size_t * crl_size); | 343 | int indx, void *crl, size_t * crl_size); |
333 | int MHD_gnutls_pkcs7_get_crl_count (MHD_gnutls_pkcs7_t pkcs7); | 344 | int MHD_gnutls_pkcs7_get_crl_count (MHD_gnutls_pkcs7_t pkcs7); |
334 | 345 | ||
335 | int MHD_gnutls_pkcs7_set_crl_raw (MHD_gnutls_pkcs7_t pkcs7, | 346 | int MHD_gnutls_pkcs7_set_crl_raw (MHD_gnutls_pkcs7_t pkcs7, |
336 | const MHD_gnutls_datum_t * crt); | 347 | const MHD_gnutls_datum_t * crt); |
337 | int MHD_gnutls_pkcs7_set_crl (MHD_gnutls_pkcs7_t pkcs7, MHD_gnutls_x509_crl_t crl); | 348 | int MHD_gnutls_pkcs7_set_crl (MHD_gnutls_pkcs7_t pkcs7, |
349 | MHD_gnutls_x509_crl_t crl); | ||
338 | int MHD_gnutls_pkcs7_delete_crl (MHD_gnutls_pkcs7_t pkcs7, int indx); | 350 | int MHD_gnutls_pkcs7_delete_crl (MHD_gnutls_pkcs7_t pkcs7, int indx); |
339 | 351 | ||
340 | /* X.509 Certificate verification functions. | 352 | /* X.509 Certificate verification functions. |
@@ -375,28 +387,29 @@ extern "C" | |||
375 | } MHD_gnutls_certificate_verify_flags; | 387 | } MHD_gnutls_certificate_verify_flags; |
376 | 388 | ||
377 | int MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert, | 389 | int MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert, |
378 | MHD_gnutls_x509_crt_t issuer); | 390 | MHD_gnutls_x509_crt_t issuer); |
379 | 391 | ||
380 | int MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list, | 392 | int MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * |
381 | int cert_list_length, | 393 | cert_list, int cert_list_length, |
382 | const MHD_gnutls_x509_crt_t * CA_list, | 394 | const MHD_gnutls_x509_crt_t * CA_list, |
383 | int CA_list_length, | 395 | int CA_list_length, |
384 | const MHD_gnutls_x509_crl_t * CRL_list, | 396 | const MHD_gnutls_x509_crl_t * CRL_list, |
385 | int CRL_list_length, | 397 | int CRL_list_length, |
386 | unsigned int flags, unsigned int *verify); | 398 | unsigned int flags, |
399 | unsigned int *verify); | ||
387 | 400 | ||
388 | int MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert, | 401 | int MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert, |
389 | const MHD_gnutls_x509_crt_t * CA_list, | 402 | const MHD_gnutls_x509_crt_t * CA_list, |
390 | int CA_list_length, | 403 | int CA_list_length, |
391 | unsigned int flags, unsigned int *verify); | 404 | unsigned int flags, unsigned int *verify); |
392 | int MHD_gnutls_x509_crl_verify (MHD_gnutls_x509_crl_t crl, | 405 | int MHD_gnutls_x509_crl_verify (MHD_gnutls_x509_crl_t crl, |
393 | const MHD_gnutls_x509_crt_t * CA_list, | 406 | const MHD_gnutls_x509_crt_t * CA_list, |
394 | int CA_list_length, | 407 | int CA_list_length, |
395 | unsigned int flags, unsigned int *verify); | 408 | unsigned int flags, unsigned int *verify); |
396 | 409 | ||
397 | int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | 410 | int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, |
398 | const MHD_gnutls_x509_crl_t * | 411 | const MHD_gnutls_x509_crl_t * |
399 | crl_list, int crl_list_length); | 412 | crl_list, int crl_list_length); |
400 | 413 | ||
401 | 414 | ||
402 | /* Flags for the MHD_gnutls_x509_privkey_export_pkcs8() function. | 415 | /* Flags for the MHD_gnutls_x509_privkey_export_pkcs8() function. |
@@ -420,62 +433,65 @@ extern "C" | |||
420 | int MHD_gnutls_x509_privkey_init (MHD_gnutls_x509_privkey_t * key); | 433 | int MHD_gnutls_x509_privkey_init (MHD_gnutls_x509_privkey_t * key); |
421 | void MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key); | 434 | void MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key); |
422 | int MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, | 435 | int MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, |
423 | MHD_gnutls_x509_privkey_t src); | 436 | MHD_gnutls_x509_privkey_t src); |
424 | int MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, | 437 | int MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, |
425 | const MHD_gnutls_datum_t * data, | 438 | const MHD_gnutls_datum_t * data, |
426 | MHD_gnutls_x509_crt_fmt_t format); | 439 | MHD_gnutls_x509_crt_fmt_t format); |
427 | int MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key, | 440 | int MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key, |
428 | const MHD_gnutls_datum_t * data, | 441 | const MHD_gnutls_datum_t * data, |
429 | MHD_gnutls_x509_crt_fmt_t format, | 442 | MHD_gnutls_x509_crt_fmt_t format, |
430 | const char *pass, unsigned int flags); | 443 | const char *pass, |
444 | unsigned int flags); | ||
431 | int MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, | 445 | int MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, |
432 | const MHD_gnutls_datum_t * m, | 446 | const MHD_gnutls_datum_t * m, |
433 | const MHD_gnutls_datum_t * e, | 447 | const MHD_gnutls_datum_t * e, |
434 | const MHD_gnutls_datum_t * d, | 448 | const MHD_gnutls_datum_t * d, |
435 | const MHD_gnutls_datum_t * p, | 449 | const MHD_gnutls_datum_t * p, |
436 | const MHD_gnutls_datum_t * q, | 450 | const MHD_gnutls_datum_t * q, |
437 | const MHD_gnutls_datum_t * u); | 451 | const MHD_gnutls_datum_t * u); |
438 | int MHD_gnutls_x509_privkey_export_dsa_raw (MHD_gnutls_x509_privkey_t key, | 452 | int MHD_gnutls_x509_privkey_export_dsa_raw (MHD_gnutls_x509_privkey_t key, |
439 | MHD_gnutls_datum_t * p, | 453 | MHD_gnutls_datum_t * p, |
440 | MHD_gnutls_datum_t * q, | 454 | MHD_gnutls_datum_t * q, |
441 | MHD_gnutls_datum_t * g, | 455 | MHD_gnutls_datum_t * g, |
442 | MHD_gnutls_datum_t * y, | 456 | MHD_gnutls_datum_t * y, |
443 | MHD_gnutls_datum_t * x); | 457 | MHD_gnutls_datum_t * x); |
444 | int MHD_gnutls_x509_privkey_import_dsa_raw (MHD_gnutls_x509_privkey_t key, | 458 | int MHD_gnutls_x509_privkey_import_dsa_raw (MHD_gnutls_x509_privkey_t key, |
445 | const MHD_gnutls_datum_t * p, | 459 | const MHD_gnutls_datum_t * p, |
446 | const MHD_gnutls_datum_t * q, | 460 | const MHD_gnutls_datum_t * q, |
447 | const MHD_gnutls_datum_t * g, | 461 | const MHD_gnutls_datum_t * g, |
448 | const MHD_gnutls_datum_t * y, | 462 | const MHD_gnutls_datum_t * y, |
449 | const MHD_gnutls_datum_t * x); | 463 | const MHD_gnutls_datum_t * x); |
450 | 464 | ||
451 | int MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t key); | 465 | int MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t |
466 | key); | ||
452 | int MHD_gnutls_x509_privkey_get_key_id (MHD_gnutls_x509_privkey_t key, | 467 | int MHD_gnutls_x509_privkey_get_key_id (MHD_gnutls_x509_privkey_t key, |
453 | unsigned int flags, | 468 | unsigned int flags, |
454 | unsigned char *output_data, | 469 | unsigned char *output_data, |
455 | size_t * output_data_size); | 470 | size_t * output_data_size); |
456 | 471 | ||
457 | int MHD_gnutls_x509_privkey_export (MHD_gnutls_x509_privkey_t key, | 472 | int MHD_gnutls_x509_privkey_export (MHD_gnutls_x509_privkey_t key, |
458 | MHD_gnutls_x509_crt_fmt_t format, | 473 | MHD_gnutls_x509_crt_fmt_t format, |
459 | void *output_data, | 474 | void *output_data, |
460 | size_t * output_data_size); | 475 | size_t * output_data_size); |
461 | int MHD_gnutls_x509_privkey_export_pkcs8 (MHD_gnutls_x509_privkey_t key, | 476 | int MHD_gnutls_x509_privkey_export_pkcs8 (MHD_gnutls_x509_privkey_t key, |
462 | MHD_gnutls_x509_crt_fmt_t format, | 477 | MHD_gnutls_x509_crt_fmt_t format, |
463 | const char *password, | 478 | const char *password, |
464 | unsigned int flags, | 479 | unsigned int flags, |
465 | void *output_data, | 480 | void *output_data, |
466 | size_t * output_data_size); | 481 | size_t * output_data_size); |
467 | int MHD_gnutls_x509_privkey_export_rsa_raw (MHD_gnutls_x509_privkey_t key, | 482 | int MHD_gnutls_x509_privkey_export_rsa_raw (MHD_gnutls_x509_privkey_t key, |
468 | MHD_gnutls_datum_t * m, | 483 | MHD_gnutls_datum_t * m, |
469 | MHD_gnutls_datum_t * e, | 484 | MHD_gnutls_datum_t * e, |
470 | MHD_gnutls_datum_t * d, | 485 | MHD_gnutls_datum_t * d, |
471 | MHD_gnutls_datum_t * p, | 486 | MHD_gnutls_datum_t * p, |
472 | MHD_gnutls_datum_t * q, | 487 | MHD_gnutls_datum_t * q, |
473 | MHD_gnutls_datum_t * u); | 488 | MHD_gnutls_datum_t * u); |
474 | 489 | ||
475 | int MHD_gnutls_x509_privkey_verify_data (MHD_gnutls_x509_privkey_t key, | 490 | int MHD_gnutls_x509_privkey_verify_data (MHD_gnutls_x509_privkey_t key, |
476 | unsigned int flags, | 491 | unsigned int flags, |
477 | const MHD_gnutls_datum_t * data, | 492 | const MHD_gnutls_datum_t * data, |
478 | const MHD_gnutls_datum_t * signature); | 493 | const MHD_gnutls_datum_t * |
494 | signature); | ||
479 | 495 | ||
480 | /* Certificate request stuff. | 496 | /* Certificate request stuff. |
481 | */ | 497 | */ |
@@ -485,53 +501,57 @@ extern "C" | |||
485 | int MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq); | 501 | int MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq); |
486 | void MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq); | 502 | void MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq); |
487 | int MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq, | 503 | int MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq, |
488 | const MHD_gnutls_datum_t * data, | 504 | const MHD_gnutls_datum_t * data, |
489 | MHD_gnutls_x509_crt_fmt_t format); | 505 | MHD_gnutls_x509_crt_fmt_t format); |
490 | int MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, | 506 | int MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, |
491 | unsigned int *bits); | 507 | unsigned int *bits); |
492 | int MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, | 508 | int MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, |
493 | char *buf, size_t * sizeof_buf); | 509 | char *buf, size_t * sizeof_buf); |
494 | int MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq, | 510 | int MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq, |
495 | int indx, void *oid, size_t * sizeof_oid); | 511 | int indx, void *oid, |
512 | size_t * sizeof_oid); | ||
496 | int MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, | 513 | int MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, |
497 | const char *oid, | 514 | const char *oid, int indx, |
498 | int indx, | 515 | unsigned int raw_flag, void *buf, |
499 | unsigned int raw_flag, | 516 | size_t * sizeof_buf); |
500 | void *buf, size_t * sizeof_buf); | ||
501 | int MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, | 517 | int MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, |
502 | const char *oid, | 518 | const char *oid, |
503 | unsigned int raw_flag, | 519 | unsigned int raw_flag, |
504 | const void *name, | 520 | const void *name, |
505 | unsigned int sizeof_name); | 521 | unsigned int sizeof_name); |
506 | int MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, | 522 | int MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, |
507 | unsigned int version); | 523 | unsigned int version); |
508 | int MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, | 524 | int MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, |
509 | MHD_gnutls_x509_privkey_t key); | 525 | MHD_gnutls_x509_privkey_t key); |
510 | int MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, | 526 | int MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, |
511 | MHD_gnutls_x509_privkey_t key, | 527 | MHD_gnutls_x509_privkey_t key, |
512 | enum MHD_GNUTLS_HashAlgorithm, | 528 | enum MHD_GNUTLS_HashAlgorithm, |
513 | unsigned int flags); | 529 | unsigned int flags); |
514 | int MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t key); | 530 | int MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, |
531 | MHD_gnutls_x509_privkey_t key); | ||
515 | 532 | ||
516 | int MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, | 533 | int MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, |
517 | const char *pass); | 534 | const char *pass); |
518 | int MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq, | 535 | int MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq, |
519 | char *pass, | 536 | char *pass, |
520 | size_t * sizeof_pass); | 537 | size_t * sizeof_pass); |
521 | 538 | ||
522 | int MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | 539 | int MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, |
523 | const char *oid, | 540 | const char *oid, |
524 | void *buf, size_t sizeof_buf); | 541 | void *buf, size_t sizeof_buf); |
525 | int MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq, | 542 | int MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq, |
526 | const char *oid, | 543 | const char *oid, |
527 | int indx, | 544 | int indx, |
528 | void *buf, size_t * sizeof_buf); | 545 | void *buf, |
546 | size_t * sizeof_buf); | ||
529 | 547 | ||
530 | int MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, | 548 | int MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, |
531 | MHD_gnutls_x509_crt_fmt_t format, | 549 | MHD_gnutls_x509_crt_fmt_t format, |
532 | void *output_data, size_t * output_data_size); | 550 | void *output_data, |
551 | size_t * output_data_size); | ||
533 | 552 | ||
534 | int MHD_gnutls_x509_crt_set_crq (MHD_gnutls_x509_crt_t crt, MHD_gnutls_x509_crq_t crq); | 553 | int MHD_gnutls_x509_crt_set_crq (MHD_gnutls_x509_crt_t crt, |
554 | MHD_gnutls_x509_crq_t crq); | ||
535 | 555 | ||
536 | #ifdef __cplusplus | 556 | #ifdef __cplusplus |
537 | } | 557 | } |
@@ -605,65 +625,66 @@ typedef struct MHD_gtls_x509_privkey_int | |||
605 | } MHD_gnutls_x509_privkey_int; | 625 | } MHD_gnutls_x509_privkey_int; |
606 | 626 | ||
607 | int MHD_gnutls_x509_crt_get_issuer_dn_by_oid (MHD_gnutls_x509_crt_t cert, | 627 | int MHD_gnutls_x509_crt_get_issuer_dn_by_oid (MHD_gnutls_x509_crt_t cert, |
608 | const char *oid, | 628 | const char *oid, |
609 | int indx, | 629 | int indx, |
610 | unsigned int raw_flag, | 630 | unsigned int raw_flag, |
611 | void *buf, size_t * sizeof_buf); | 631 | void *buf, size_t * sizeof_buf); |
612 | int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, | 632 | int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, |
613 | unsigned int seq, | 633 | unsigned int seq, |
614 | void *ret, | 634 | void *ret, |
615 | size_t * ret_size, | 635 | size_t * ret_size, |
616 | unsigned int *critical); | 636 | unsigned int *critical); |
617 | int MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, | 637 | int MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, |
618 | const char *oid, | 638 | const char *oid, |
619 | int indx, | 639 | int indx, |
620 | unsigned int raw_flag, | 640 | unsigned int raw_flag, |
621 | void *buf, size_t * sizeof_buf); | 641 | void *buf, size_t * sizeof_buf); |
622 | int MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, | 642 | int MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, |
623 | unsigned int *critical); | 643 | unsigned int *critical); |
624 | int MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, | 644 | int MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, |
625 | unsigned int *bits); | 645 | unsigned int *bits); |
626 | 646 | ||
627 | int MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, | 647 | int MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, |
628 | void *result, size_t * result_size); | 648 | void *result, size_t * result_size); |
629 | 649 | ||
630 | int MHD__gnutls_x509_compare_raw_dn (const MHD_gnutls_datum_t * dn1, | 650 | int MHD__gnutls_x509_compare_raw_dn (const MHD_gnutls_datum_t * dn1, |
631 | const MHD_gnutls_datum_t * dn2); | 651 | const MHD_gnutls_datum_t * dn2); |
632 | 652 | ||
633 | int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, | 653 | int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, |
634 | const MHD_gnutls_x509_crl_t * crl_list, | 654 | const MHD_gnutls_x509_crl_t * |
635 | int crl_list_length); | 655 | crl_list, int crl_list_length); |
636 | 656 | ||
637 | int MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest, MHD_gnutls_x509_crl_t src); | 657 | int MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest, |
658 | MHD_gnutls_x509_crl_t src); | ||
638 | int MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, | 659 | int MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, |
639 | MHD_gnutls_datum_t * dn); | 660 | MHD_gnutls_datum_t * dn); |
640 | int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); | 661 | int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); |
641 | int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, | 662 | int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, |
642 | int indx, | 663 | int indx, |
643 | unsigned char *serial, | 664 | unsigned char *serial, |
644 | size_t * serial_size, time_t * t); | 665 | size_t * serial_size, time_t * t); |
645 | 666 | ||
646 | void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl); | 667 | void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl); |
647 | int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl); | 668 | int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl); |
648 | int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, | 669 | int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, |
649 | const MHD_gnutls_datum_t * data, | 670 | const MHD_gnutls_datum_t * data, |
650 | MHD_gnutls_x509_crt_fmt_t format); | 671 | MHD_gnutls_x509_crt_fmt_t format); |
651 | int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, | 672 | int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, |
652 | MHD_gnutls_x509_crt_fmt_t format, | 673 | MHD_gnutls_x509_crt_fmt_t format, |
653 | void *output_data, size_t * output_data_size); | 674 | void *output_data, size_t * output_data_size); |
654 | 675 | ||
655 | int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert); | 676 | int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert); |
656 | void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert); | 677 | void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert); |
657 | int MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, | 678 | int MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, |
658 | const MHD_gnutls_datum_t * data, | 679 | const MHD_gnutls_datum_t * data, |
659 | MHD_gnutls_x509_crt_fmt_t format); | 680 | MHD_gnutls_x509_crt_fmt_t format); |
660 | int MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, | 681 | int MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, |
661 | MHD_gnutls_x509_crt_fmt_t format, | 682 | MHD_gnutls_x509_crt_fmt_t format, |
662 | void *output_data, size_t * output_data_size); | 683 | void *output_data, size_t * output_data_size); |
663 | 684 | ||
664 | int MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, | 685 | int MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, |
665 | unsigned int *key_usage, | 686 | unsigned int *key_usage, |
666 | unsigned int *critical); | 687 | unsigned int *critical); |
667 | int MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert); | 688 | int MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert); |
668 | int MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert); | 689 | int MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert); |
669 | 690 | ||
@@ -671,30 +692,31 @@ int MHD_gnutls_x509_privkey_init (MHD_gnutls_x509_privkey_t * key); | |||
671 | void MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key); | 692 | void MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key); |
672 | 693 | ||
673 | int MHD_gnutls_x509_privkey_generate (MHD_gnutls_x509_privkey_t key, | 694 | int MHD_gnutls_x509_privkey_generate (MHD_gnutls_x509_privkey_t key, |
674 | enum MHD_GNUTLS_PublicKeyAlgorithm algo, | 695 | enum MHD_GNUTLS_PublicKeyAlgorithm algo, |
675 | unsigned int bits, unsigned int flags); | 696 | unsigned int bits, unsigned int flags); |
676 | 697 | ||
677 | int MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, | 698 | int MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, |
678 | const MHD_gnutls_datum_t * data, | 699 | const MHD_gnutls_datum_t * data, |
679 | MHD_gnutls_x509_crt_fmt_t format); | 700 | MHD_gnutls_x509_crt_fmt_t format); |
680 | int MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t key); | 701 | int MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t key); |
681 | int MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, | 702 | int MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, |
682 | const MHD_gnutls_datum_t * m, | 703 | const MHD_gnutls_datum_t * m, |
683 | const MHD_gnutls_datum_t * e, | 704 | const MHD_gnutls_datum_t * e, |
684 | const MHD_gnutls_datum_t * d, | 705 | const MHD_gnutls_datum_t * d, |
685 | const MHD_gnutls_datum_t * p, | 706 | const MHD_gnutls_datum_t * p, |
686 | const MHD_gnutls_datum_t * q, | 707 | const MHD_gnutls_datum_t * q, |
687 | const MHD_gnutls_datum_t * u); | 708 | const MHD_gnutls_datum_t * u); |
688 | int MHD_gnutls_x509_privkey_export_rsa_raw (MHD_gnutls_x509_privkey_t key, | 709 | int MHD_gnutls_x509_privkey_export_rsa_raw (MHD_gnutls_x509_privkey_t key, |
689 | MHD_gnutls_datum_t * m, | 710 | MHD_gnutls_datum_t * m, |
690 | MHD_gnutls_datum_t * e, | 711 | MHD_gnutls_datum_t * e, |
691 | MHD_gnutls_datum_t * d, | 712 | MHD_gnutls_datum_t * d, |
692 | MHD_gnutls_datum_t * p, | 713 | MHD_gnutls_datum_t * p, |
693 | MHD_gnutls_datum_t * q, | 714 | MHD_gnutls_datum_t * q, |
694 | MHD_gnutls_datum_t * u); | 715 | MHD_gnutls_datum_t * u); |
695 | int MHD_gnutls_x509_privkey_export (MHD_gnutls_x509_privkey_t key, | 716 | int MHD_gnutls_x509_privkey_export (MHD_gnutls_x509_privkey_t key, |
696 | MHD_gnutls_x509_crt_fmt_t format, | 717 | MHD_gnutls_x509_crt_fmt_t format, |
697 | void *output_data, size_t * output_data_size); | 718 | void *output_data, |
719 | size_t * output_data_size); | ||
698 | 720 | ||
699 | #define GNUTLS_CRL_REASON_UNUSED 128 | 721 | #define GNUTLS_CRL_REASON_UNUSED 128 |
700 | #define GNUTLS_CRL_REASON_KEY_COMPROMISE 64 | 722 | #define GNUTLS_CRL_REASON_KEY_COMPROMISE 64 |
diff --git a/src/daemon/https/x509/x509_privkey.c b/src/daemon/https/x509/x509_privkey.c index 579ce664..d94a6a5d 100644 --- a/src/daemon/https/x509/x509_privkey.c +++ b/src/daemon/https/x509/x509_privkey.c | |||
@@ -104,7 +104,8 @@ MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key) | |||
104 | * | 104 | * |
105 | **/ | 105 | **/ |
106 | int | 106 | int |
107 | MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, MHD_gnutls_x509_privkey_t src) | 107 | MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, |
108 | MHD_gnutls_x509_privkey_t src) | ||
108 | { | 109 | { |
109 | int i, ret; | 110 | int i, ret; |
110 | 111 | ||
@@ -148,14 +149,14 @@ MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, MHD_gnutls_x509_priv | |||
148 | */ | 149 | */ |
149 | ASN1_TYPE | 150 | ASN1_TYPE |
150 | MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * raw_key, | 151 | MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * raw_key, |
151 | MHD_gnutls_x509_privkey_t pkey) | 152 | MHD_gnutls_x509_privkey_t pkey) |
152 | { | 153 | { |
153 | int result; | 154 | int result; |
154 | ASN1_TYPE pkey_asn; | 155 | ASN1_TYPE pkey_asn; |
155 | 156 | ||
156 | if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), | 157 | if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
157 | "GNUTLS.RSAPrivateKey", | 158 | "GNUTLS.RSAPrivateKey", |
158 | &pkey_asn)) != ASN1_SUCCESS) | 159 | &pkey_asn)) != ASN1_SUCCESS) |
159 | { | 160 | { |
160 | MHD_gnutls_assert (); | 161 | MHD_gnutls_assert (); |
161 | return NULL; | 162 | return NULL; |
@@ -168,43 +169,44 @@ MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * raw_key, | |||
168 | return NULL; | 169 | return NULL; |
169 | } | 170 | } |
170 | 171 | ||
171 | result = MHD__asn1_der_decoding (&pkey_asn, raw_key->data, raw_key->size, NULL); | 172 | result = |
173 | MHD__asn1_der_decoding (&pkey_asn, raw_key->data, raw_key->size, NULL); | ||
172 | if (result != ASN1_SUCCESS) | 174 | if (result != ASN1_SUCCESS) |
173 | { | 175 | { |
174 | MHD_gnutls_assert (); | 176 | MHD_gnutls_assert (); |
175 | goto error; | 177 | goto error; |
176 | } | 178 | } |
177 | 179 | ||
178 | if ((result = MHD__gnutls_x509_read_int (pkey_asn, "modulus", &pkey->params[0])) | 180 | if ((result = |
179 | < 0) | 181 | MHD__gnutls_x509_read_int (pkey_asn, "modulus", &pkey->params[0])) < 0) |
180 | { | 182 | { |
181 | MHD_gnutls_assert (); | 183 | MHD_gnutls_assert (); |
182 | goto error; | 184 | goto error; |
183 | } | 185 | } |
184 | 186 | ||
185 | if ((result = MHD__gnutls_x509_read_int (pkey_asn, "publicExponent", | 187 | if ((result = MHD__gnutls_x509_read_int (pkey_asn, "publicExponent", |
186 | &pkey->params[1])) < 0) | 188 | &pkey->params[1])) < 0) |
187 | { | 189 | { |
188 | MHD_gnutls_assert (); | 190 | MHD_gnutls_assert (); |
189 | goto error; | 191 | goto error; |
190 | } | 192 | } |
191 | 193 | ||
192 | if ((result = MHD__gnutls_x509_read_int (pkey_asn, "privateExponent", | 194 | if ((result = MHD__gnutls_x509_read_int (pkey_asn, "privateExponent", |
193 | &pkey->params[2])) < 0) | 195 | &pkey->params[2])) < 0) |
194 | { | 196 | { |
195 | MHD_gnutls_assert (); | 197 | MHD_gnutls_assert (); |
196 | goto error; | 198 | goto error; |
197 | } | 199 | } |
198 | 200 | ||
199 | if ((result = MHD__gnutls_x509_read_int (pkey_asn, "prime1", &pkey->params[3])) | 201 | if ((result = |
200 | < 0) | 202 | MHD__gnutls_x509_read_int (pkey_asn, "prime1", &pkey->params[3])) < 0) |
201 | { | 203 | { |
202 | MHD_gnutls_assert (); | 204 | MHD_gnutls_assert (); |
203 | goto error; | 205 | goto error; |
204 | } | 206 | } |
205 | 207 | ||
206 | if ((result = MHD__gnutls_x509_read_int (pkey_asn, "prime2", &pkey->params[4])) | 208 | if ((result = |
207 | < 0) | 209 | MHD__gnutls_x509_read_int (pkey_asn, "prime2", &pkey->params[4])) < 0) |
208 | { | 210 | { |
209 | MHD_gnutls_assert (); | 211 | MHD_gnutls_assert (); |
210 | goto error; | 212 | goto error; |
@@ -227,7 +229,7 @@ MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * raw_key, | |||
227 | /* p, q */ | 229 | /* p, q */ |
228 | #else | 230 | #else |
229 | if ((result = MHD__gnutls_x509_read_int (pkey_asn, "coefficient", | 231 | if ((result = MHD__gnutls_x509_read_int (pkey_asn, "coefficient", |
230 | &pkey->params[5])) < 0) | 232 | &pkey->params[5])) < 0) |
231 | { | 233 | { |
232 | MHD_gnutls_assert (); | 234 | MHD_gnutls_assert (); |
233 | goto error; | 235 | goto error; |
@@ -267,8 +269,8 @@ error:MHD__asn1_delete_structure (&pkey_asn); | |||
267 | **/ | 269 | **/ |
268 | int | 270 | int |
269 | MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, | 271 | MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, |
270 | const MHD_gnutls_datum_t * data, | 272 | const MHD_gnutls_datum_t * data, |
271 | MHD_gnutls_x509_crt_fmt_t format) | 273 | MHD_gnutls_x509_crt_fmt_t format) |
272 | { | 274 | { |
273 | int result = 0, need_free = 0; | 275 | int result = 0, need_free = 0; |
274 | MHD_gnutls_datum_t _data; | 276 | MHD_gnutls_datum_t _data; |
@@ -291,7 +293,9 @@ MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, | |||
291 | 293 | ||
292 | /* Try the first header */ | 294 | /* Try the first header */ |
293 | result | 295 | result |
294 | = MHD__gnutls_fbase64_decode (PEM_KEY_RSA, data->data, data->size, &out); | 296 | = |
297 | MHD__gnutls_fbase64_decode (PEM_KEY_RSA, data->data, data->size, | ||
298 | &out); | ||
295 | key->pk_algorithm = MHD_GNUTLS_PK_RSA; | 299 | key->pk_algorithm = MHD_GNUTLS_PK_RSA; |
296 | 300 | ||
297 | _data.data = out; | 301 | _data.data = out; |
@@ -360,12 +364,12 @@ MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, | |||
360 | **/ | 364 | **/ |
361 | int | 365 | int |
362 | MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, | 366 | MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, |
363 | const MHD_gnutls_datum_t * m, | 367 | const MHD_gnutls_datum_t * m, |
364 | const MHD_gnutls_datum_t * e, | 368 | const MHD_gnutls_datum_t * e, |
365 | const MHD_gnutls_datum_t * d, | 369 | const MHD_gnutls_datum_t * d, |
366 | const MHD_gnutls_datum_t * p, | 370 | const MHD_gnutls_datum_t * p, |
367 | const MHD_gnutls_datum_t * q, | 371 | const MHD_gnutls_datum_t * q, |
368 | const MHD_gnutls_datum_t * u) | 372 | const MHD_gnutls_datum_t * u) |
369 | { | 373 | { |
370 | int i = 0, ret; | 374 | int i = 0, ret; |
371 | size_t siz = 0; | 375 | size_t siz = 0; |
@@ -417,7 +421,8 @@ MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, | |||
417 | } | 421 | } |
418 | 422 | ||
419 | #ifdef CALC_COEFF | 423 | #ifdef CALC_COEFF |
420 | key->params[5] = MHD__gnutls_mpi_snew (MHD__gnutls_mpi_get_nbits (key->params[0])); | 424 | key->params[5] = |
425 | MHD__gnutls_mpi_snew (MHD__gnutls_mpi_get_nbits (key->params[0])); | ||
421 | 426 | ||
422 | if (key->params[5] == NULL) | 427 | if (key->params[5] == NULL) |
423 | { | 428 | { |
@@ -501,7 +506,7 @@ MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params) | |||
501 | 506 | ||
502 | /* Now generate exp1 and exp2 | 507 | /* Now generate exp1 and exp2 |
503 | */ | 508 | */ |
504 | exp1 = MHD__gnutls_mpi_salloc_like (params[0]); /* like modulus */ | 509 | exp1 = MHD__gnutls_mpi_salloc_like (params[0]); /* like modulus */ |
505 | if (exp1 == NULL) | 510 | if (exp1 == NULL) |
506 | { | 511 | { |
507 | MHD_gnutls_assert (); | 512 | MHD_gnutls_assert (); |
@@ -600,8 +605,8 @@ MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params) | |||
600 | */ | 605 | */ |
601 | 606 | ||
602 | if ((result = | 607 | if ((result = |
603 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.RSAPrivateKey", | 608 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
604 | c2)) != ASN1_SUCCESS) | 609 | "GNUTLS.RSAPrivateKey", c2)) != ASN1_SUCCESS) |
605 | { | 610 | { |
606 | MHD_gnutls_assert (); | 611 | MHD_gnutls_assert (); |
607 | result = MHD_gtls_asn2err (result); | 612 | result = MHD_gtls_asn2err (result); |
@@ -618,16 +623,18 @@ MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params) | |||
618 | goto cleanup; | 623 | goto cleanup; |
619 | } | 624 | } |
620 | 625 | ||
621 | if ((result = MHD__asn1_write_value (*c2, "publicExponent", pube_data, size[1])) | 626 | if ((result = |
622 | != ASN1_SUCCESS) | 627 | MHD__asn1_write_value (*c2, "publicExponent", pube_data, |
628 | size[1])) != ASN1_SUCCESS) | ||
623 | { | 629 | { |
624 | MHD_gnutls_assert (); | 630 | MHD_gnutls_assert (); |
625 | result = MHD_gtls_asn2err (result); | 631 | result = MHD_gtls_asn2err (result); |
626 | goto cleanup; | 632 | goto cleanup; |
627 | } | 633 | } |
628 | 634 | ||
629 | if ((result = MHD__asn1_write_value (*c2, "privateExponent", prie_data, size[2])) | 635 | if ((result = |
630 | != ASN1_SUCCESS) | 636 | MHD__asn1_write_value (*c2, "privateExponent", prie_data, |
637 | size[2])) != ASN1_SUCCESS) | ||
631 | { | 638 | { |
632 | MHD_gnutls_assert (); | 639 | MHD_gnutls_assert (); |
633 | result = MHD_gtls_asn2err (result); | 640 | result = MHD_gtls_asn2err (result); |
@@ -682,14 +689,15 @@ MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params) | |||
682 | MHD_gnutls_free (all_data); | 689 | MHD_gnutls_free (all_data); |
683 | 690 | ||
684 | if ((result = MHD__asn1_write_value (*c2, "otherPrimeInfos", | 691 | if ((result = MHD__asn1_write_value (*c2, "otherPrimeInfos", |
685 | NULL, 0)) != ASN1_SUCCESS) | 692 | NULL, 0)) != ASN1_SUCCESS) |
686 | { | 693 | { |
687 | MHD_gnutls_assert (); | 694 | MHD_gnutls_assert (); |
688 | result = MHD_gtls_asn2err (result); | 695 | result = MHD_gtls_asn2err (result); |
689 | goto cleanup; | 696 | goto cleanup; |
690 | } | 697 | } |
691 | 698 | ||
692 | if ((result = MHD__asn1_write_value (*c2, "version", &null, 1)) != ASN1_SUCCESS) | 699 | if ((result = |
700 | MHD__asn1_write_value (*c2, "version", &null, 1)) != ASN1_SUCCESS) | ||
693 | { | 701 | { |
694 | MHD_gnutls_assert (); | 702 | MHD_gnutls_assert (); |
695 | result = MHD_gtls_asn2err (result); | 703 | result = MHD_gtls_asn2err (result); |
@@ -760,8 +768,8 @@ MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params) | |||
760 | */ | 768 | */ |
761 | 769 | ||
762 | if ((result = | 770 | if ((result = |
763 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.DSAPrivateKey", | 771 | MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
764 | c2)) != ASN1_SUCCESS) | 772 | "GNUTLS.DSAPrivateKey", c2)) != ASN1_SUCCESS) |
765 | { | 773 | { |
766 | MHD_gnutls_assert (); | 774 | MHD_gnutls_assert (); |
767 | result = MHD_gtls_asn2err (result); | 775 | result = MHD_gtls_asn2err (result); |
@@ -770,28 +778,32 @@ MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params) | |||
770 | 778 | ||
771 | /* Write PRIME | 779 | /* Write PRIME |
772 | */ | 780 | */ |
773 | if ((result = MHD__asn1_write_value (*c2, "p", p_data, size[0])) != ASN1_SUCCESS) | 781 | if ((result = |
782 | MHD__asn1_write_value (*c2, "p", p_data, size[0])) != ASN1_SUCCESS) | ||
774 | { | 783 | { |
775 | MHD_gnutls_assert (); | 784 | MHD_gnutls_assert (); |
776 | result = MHD_gtls_asn2err (result); | 785 | result = MHD_gtls_asn2err (result); |
777 | goto cleanup; | 786 | goto cleanup; |
778 | } | 787 | } |
779 | 788 | ||
780 | if ((result = MHD__asn1_write_value (*c2, "q", q_data, size[1])) != ASN1_SUCCESS) | 789 | if ((result = |
790 | MHD__asn1_write_value (*c2, "q", q_data, size[1])) != ASN1_SUCCESS) | ||
781 | { | 791 | { |
782 | MHD_gnutls_assert (); | 792 | MHD_gnutls_assert (); |
783 | result = MHD_gtls_asn2err (result); | 793 | result = MHD_gtls_asn2err (result); |
784 | goto cleanup; | 794 | goto cleanup; |
785 | } | 795 | } |
786 | 796 | ||
787 | if ((result = MHD__asn1_write_value (*c2, "g", g_data, size[2])) != ASN1_SUCCESS) | 797 | if ((result = |
798 | MHD__asn1_write_value (*c2, "g", g_data, size[2])) != ASN1_SUCCESS) | ||
788 | { | 799 | { |
789 | MHD_gnutls_assert (); | 800 | MHD_gnutls_assert (); |
790 | result = MHD_gtls_asn2err (result); | 801 | result = MHD_gtls_asn2err (result); |
791 | goto cleanup; | 802 | goto cleanup; |
792 | } | 803 | } |
793 | 804 | ||
794 | if ((result = MHD__asn1_write_value (*c2, "Y", y_data, size[3])) != ASN1_SUCCESS) | 805 | if ((result = |
806 | MHD__asn1_write_value (*c2, "Y", y_data, size[3])) != ASN1_SUCCESS) | ||
795 | { | 807 | { |
796 | MHD_gnutls_assert (); | 808 | MHD_gnutls_assert (); |
797 | result = MHD_gtls_asn2err (result); | 809 | result = MHD_gtls_asn2err (result); |
@@ -808,7 +820,8 @@ MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params) | |||
808 | 820 | ||
809 | MHD_gnutls_free (all_data); | 821 | MHD_gnutls_free (all_data); |
810 | 822 | ||
811 | if ((result = MHD__asn1_write_value (*c2, "version", &null, 1)) != ASN1_SUCCESS) | 823 | if ((result = |
824 | MHD__asn1_write_value (*c2, "version", &null, 1)) != ASN1_SUCCESS) | ||
812 | { | 825 | { |
813 | MHD_gnutls_assert (); | 826 | MHD_gnutls_assert (); |
814 | result = MHD_gtls_asn2err (result); | 827 | result = MHD_gtls_asn2err (result); |
@@ -822,4 +835,3 @@ cleanup:MHD__asn1_delete_structure (c2); | |||
822 | 835 | ||
823 | return result; | 836 | return result; |
824 | } | 837 | } |
825 | |||
diff --git a/src/daemon/https/x509/x509_verify.c b/src/daemon/https/x509/x509_verify.c index c85aa52e..35513810 100644 --- a/src/daemon/https/x509/x509_verify.c +++ b/src/daemon/https/x509/x509_verify.c | |||
@@ -42,20 +42,21 @@ | |||
42 | #include <verify.h> | 42 | #include <verify.h> |
43 | 43 | ||
44 | static int MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert, | 44 | static int MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert, |
45 | const MHD_gnutls_x509_crt_t * trusted_cas, | 45 | const MHD_gnutls_x509_crt_t * |
46 | int tcas_size, | 46 | trusted_cas, int tcas_size, |
47 | unsigned int flags, | 47 | unsigned int flags, |
48 | unsigned int *output); | 48 | unsigned int *output); |
49 | int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * signed_data, | 49 | int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * signed_data, |
50 | const MHD_gnutls_datum_t * signature, | 50 | const MHD_gnutls_datum_t * signature, |
51 | MHD_gnutls_x509_crt_t issuer); | 51 | MHD_gnutls_x509_crt_t issuer); |
52 | 52 | ||
53 | static | 53 | static |
54 | int is_crl_issuer (MHD_gnutls_x509_crl_t crl, MHD_gnutls_x509_crt_t issuer_cert); | 54 | int is_crl_issuer (MHD_gnutls_x509_crl_t crl, |
55 | MHD_gnutls_x509_crt_t issuer_cert); | ||
55 | static int MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl, | 56 | static int MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl, |
56 | const MHD_gnutls_x509_crt_t * trusted_cas, | 57 | const MHD_gnutls_x509_crt_t * trusted_cas, |
57 | int tcas_size, | 58 | int tcas_size, unsigned int flags, |
58 | unsigned int flags, unsigned int *output); | 59 | unsigned int *output); |
59 | 60 | ||
60 | /* Checks if the issuer of a certificate is a | 61 | /* Checks if the issuer of a certificate is a |
61 | * Certificate Authority, or if the certificate is the same | 62 | * Certificate Authority, or if the certificate is the same |
@@ -88,7 +89,7 @@ check_if_ca (MHD_gnutls_x509_crt_t cert, | |||
88 | */ | 89 | */ |
89 | 90 | ||
90 | result = MHD__gnutls_x509_get_signed_data (issuer->cert, "tbsCertificate", | 91 | result = MHD__gnutls_x509_get_signed_data (issuer->cert, "tbsCertificate", |
91 | &issuer_signed_data); | 92 | &issuer_signed_data); |
92 | if (result < 0) | 93 | if (result < 0) |
93 | { | 94 | { |
94 | MHD_gnutls_assert (); | 95 | MHD_gnutls_assert (); |
@@ -96,7 +97,7 @@ check_if_ca (MHD_gnutls_x509_crt_t cert, | |||
96 | } | 97 | } |
97 | 98 | ||
98 | result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", | 99 | result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", |
99 | &cert_signed_data); | 100 | &cert_signed_data); |
100 | if (result < 0) | 101 | if (result < 0) |
101 | { | 102 | { |
102 | MHD_gnutls_assert (); | 103 | MHD_gnutls_assert (); |
@@ -104,7 +105,7 @@ check_if_ca (MHD_gnutls_x509_crt_t cert, | |||
104 | } | 105 | } |
105 | 106 | ||
106 | result = MHD__gnutls_x509_get_signature (issuer->cert, "signature", | 107 | result = MHD__gnutls_x509_get_signature (issuer->cert, "signature", |
107 | &issuer_signature); | 108 | &issuer_signature); |
108 | if (result < 0) | 109 | if (result < 0) |
109 | { | 110 | { |
110 | MHD_gnutls_assert (); | 111 | MHD_gnutls_assert (); |
@@ -228,9 +229,9 @@ find_issuer (MHD_gnutls_x509_crt_t cert, | |||
228 | */ | 229 | */ |
229 | static int | 230 | static int |
230 | MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert, | 231 | MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert, |
231 | const MHD_gnutls_x509_crt_t * trusted_cas, | 232 | const MHD_gnutls_x509_crt_t * trusted_cas, |
232 | int tcas_size, | 233 | int tcas_size, |
233 | unsigned int flags, unsigned int *output) | 234 | unsigned int flags, unsigned int *output) |
234 | { | 235 | { |
235 | MHD_gnutls_datum_t cert_signed_data = { NULL, | 236 | MHD_gnutls_datum_t cert_signed_data = { NULL, |
236 | 0 | 237 | 0 |
@@ -287,7 +288,7 @@ MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert, | |||
287 | } | 288 | } |
288 | 289 | ||
289 | result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", | 290 | result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", |
290 | &cert_signed_data); | 291 | &cert_signed_data); |
291 | if (result < 0) | 292 | if (result < 0) |
292 | { | 293 | { |
293 | MHD_gnutls_assert (); | 294 | MHD_gnutls_assert (); |
@@ -303,7 +304,7 @@ MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert, | |||
303 | } | 304 | } |
304 | 305 | ||
305 | ret = MHD__gnutls_x509_verify_signature (&cert_signed_data, &cert_signature, | 306 | ret = MHD__gnutls_x509_verify_signature (&cert_signed_data, &cert_signature, |
306 | issuer); | 307 | issuer); |
307 | if (ret < 0) | 308 | if (ret < 0) |
308 | { | 309 | { |
309 | MHD_gnutls_assert (); | 310 | MHD_gnutls_assert (); |
@@ -360,7 +361,7 @@ cleanup:MHD__gnutls_free_datum (&cert_signed_data); | |||
360 | **/ | 361 | **/ |
361 | int | 362 | int |
362 | MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert, | 363 | MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert, |
363 | MHD_gnutls_x509_crt_t issuer) | 364 | MHD_gnutls_x509_crt_t issuer) |
364 | { | 365 | { |
365 | return is_issuer (cert, issuer); | 366 | return is_issuer (cert, issuer); |
366 | } | 367 | } |
@@ -377,12 +378,12 @@ MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert, | |||
377 | * lead to a trusted CA in order to be trusted. | 378 | * lead to a trusted CA in order to be trusted. |
378 | */ | 379 | */ |
379 | static unsigned int | 380 | static unsigned int |
380 | MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_list, | 381 | MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * |
381 | int clist_size, | 382 | certificate_list, int clist_size, |
382 | const MHD_gnutls_x509_crt_t * trusted_cas, | 383 | const MHD_gnutls_x509_crt_t * |
383 | int tcas_size, | 384 | trusted_cas, int tcas_size, |
384 | const MHD_gnutls_x509_crl_t * CRLs, | 385 | const MHD_gnutls_x509_crl_t * CRLs, |
385 | int crls_size, unsigned int flags) | 386 | int crls_size, unsigned int flags) |
386 | { | 387 | { |
387 | int i = 0, ret; | 388 | int i = 0, ret; |
388 | unsigned int status = 0, output; | 389 | unsigned int status = 0, output; |
@@ -394,7 +395,8 @@ MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_l | |||
394 | * in self signed etc certificates. | 395 | * in self signed etc certificates. |
395 | */ | 396 | */ |
396 | ret = MHD__gnutls_verify_certificate2 (certificate_list[clist_size - 1], | 397 | ret = MHD__gnutls_verify_certificate2 (certificate_list[clist_size - 1], |
397 | trusted_cas, tcas_size, flags, &output); | 398 | trusted_cas, tcas_size, flags, |
399 | &output); | ||
398 | 400 | ||
399 | if (ret == 0) | 401 | if (ret == 0) |
400 | { | 402 | { |
@@ -414,7 +416,7 @@ MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_l | |||
414 | for (i = 0; i < clist_size; i++) | 416 | for (i = 0; i < clist_size; i++) |
415 | { | 417 | { |
416 | ret = MHD_gnutls_x509_crt_check_revocation (certificate_list[i], | 418 | ret = MHD_gnutls_x509_crt_check_revocation (certificate_list[i], |
417 | CRLs, crls_size); | 419 | CRLs, crls_size); |
418 | if (ret == 1) | 420 | if (ret == 1) |
419 | { /* revoked */ | 421 | { /* revoked */ |
420 | status |= GNUTLS_CERT_REVOKED; | 422 | status |= GNUTLS_CERT_REVOKED; |
@@ -429,7 +431,7 @@ MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_l | |||
429 | * leads to a trusted party by us, not the server's). | 431 | * leads to a trusted party by us, not the server's). |
430 | */ | 432 | */ |
431 | if (MHD_gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1], | 433 | if (MHD_gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1], |
432 | certificate_list[clist_size - 1]) > 0 | 434 | certificate_list[clist_size - 1]) > 0 |
433 | && clist_size > 0) | 435 | && clist_size > 0) |
434 | { | 436 | { |
435 | clist_size--; | 437 | clist_size--; |
@@ -448,8 +450,8 @@ MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_l | |||
448 | if (!(flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT)) | 450 | if (!(flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT)) |
449 | flags ^= GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT; | 451 | flags ^= GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT; |
450 | if ((ret = MHD__gnutls_verify_certificate2 (certificate_list[i - 1], | 452 | if ((ret = MHD__gnutls_verify_certificate2 (certificate_list[i - 1], |
451 | &certificate_list[i], 1, flags, | 453 | &certificate_list[i], 1, |
452 | NULL)) == 0) | 454 | flags, NULL)) == 0) |
453 | { | 455 | { |
454 | status |= GNUTLS_CERT_INVALID; | 456 | status |= GNUTLS_CERT_INVALID; |
455 | return status; | 457 | return status; |
@@ -474,8 +476,8 @@ decode_ber_digest_info (const MHD_gnutls_datum_t * info, | |||
474 | int len; | 476 | int len; |
475 | 477 | ||
476 | if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), | 478 | if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), |
477 | "GNUTLS.DigestInfo", | 479 | "GNUTLS.DigestInfo", |
478 | &dinfo)) != ASN1_SUCCESS) | 480 | &dinfo)) != ASN1_SUCCESS) |
479 | { | 481 | { |
480 | MHD_gnutls_assert (); | 482 | MHD_gnutls_assert (); |
481 | return MHD_gtls_asn2err (result); | 483 | return MHD_gtls_asn2err (result); |
@@ -490,7 +492,8 @@ decode_ber_digest_info (const MHD_gnutls_datum_t * info, | |||
490 | } | 492 | } |
491 | 493 | ||
492 | len = sizeof (str) - 1; | 494 | len = sizeof (str) - 1; |
493 | result = MHD__asn1_read_value (dinfo, "digestAlgorithm.algorithm", str, &len); | 495 | result = |
496 | MHD__asn1_read_value (dinfo, "digestAlgorithm.algorithm", str, &len); | ||
494 | if (result != ASN1_SUCCESS) | 497 | if (result != ASN1_SUCCESS) |
495 | { | 498 | { |
496 | MHD_gnutls_assert (); | 499 | MHD_gnutls_assert (); |
@@ -511,7 +514,8 @@ decode_ber_digest_info (const MHD_gnutls_datum_t * info, | |||
511 | } | 514 | } |
512 | 515 | ||
513 | len = sizeof (str) - 1; | 516 | len = sizeof (str) - 1; |
514 | result = MHD__asn1_read_value (dinfo, "digestAlgorithm.parameters", str, &len); | 517 | result = |
518 | MHD__asn1_read_value (dinfo, "digestAlgorithm.parameters", str, &len); | ||
515 | /* To avoid permitting garbage in the parameters field, either the | 519 | /* To avoid permitting garbage in the parameters field, either the |
516 | parameters field is not present, or it contains 0x05 0x00. */ | 520 | parameters field is not present, or it contains 0x05 0x00. */ |
517 | if (! | 521 | if (! |
@@ -640,8 +644,8 @@ verify_sig (const MHD_gnutls_datum_t * tbs, | |||
640 | */ | 644 | */ |
641 | int | 645 | int |
642 | MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, | 646 | MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, |
643 | const MHD_gnutls_datum_t * signature, | 647 | const MHD_gnutls_datum_t * signature, |
644 | MHD_gnutls_x509_crt_t issuer) | 648 | MHD_gnutls_x509_crt_t issuer) |
645 | { | 649 | { |
646 | mpi_t issuer_params[MAX_PUBLIC_PARAMS_SIZE]; | 650 | mpi_t issuer_params[MAX_PUBLIC_PARAMS_SIZE]; |
647 | int ret, issuer_params_size, i; | 651 | int ret, issuer_params_size, i; |
@@ -650,16 +654,18 @@ MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, | |||
650 | */ | 654 | */ |
651 | issuer_params_size = MAX_PUBLIC_PARAMS_SIZE; | 655 | issuer_params_size = MAX_PUBLIC_PARAMS_SIZE; |
652 | ret = | 656 | ret = |
653 | MHD__gnutls_x509_crt_get_mpis (issuer, issuer_params, &issuer_params_size); | 657 | MHD__gnutls_x509_crt_get_mpis (issuer, issuer_params, |
658 | &issuer_params_size); | ||
654 | if (ret < 0) | 659 | if (ret < 0) |
655 | { | 660 | { |
656 | MHD_gnutls_assert (); | 661 | MHD_gnutls_assert (); |
657 | return ret; | 662 | return ret; |
658 | } | 663 | } |
659 | 664 | ||
660 | ret = verify_sig (tbs, signature, MHD_gnutls_x509_crt_get_pk_algorithm (issuer, | 665 | ret = |
661 | NULL), | 666 | verify_sig (tbs, signature, |
662 | issuer_params, issuer_params_size); | 667 | MHD_gnutls_x509_crt_get_pk_algorithm (issuer, NULL), |
668 | issuer_params, issuer_params_size); | ||
663 | if (ret < 0) | 669 | if (ret < 0) |
664 | { | 670 | { |
665 | MHD_gnutls_assert (); | 671 | MHD_gnutls_assert (); |
@@ -683,8 +689,9 @@ MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, | |||
683 | */ | 689 | */ |
684 | int | 690 | int |
685 | MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs, | 691 | MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs, |
686 | const MHD_gnutls_datum_t * signature, | 692 | const MHD_gnutls_datum_t * |
687 | MHD_gnutls_x509_privkey_t issuer) | 693 | signature, |
694 | MHD_gnutls_x509_privkey_t issuer) | ||
688 | { | 695 | { |
689 | int ret; | 696 | int ret; |
690 | 697 | ||
@@ -734,12 +741,12 @@ MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs, | |||
734 | **/ | 741 | **/ |
735 | int | 742 | int |
736 | MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list, | 743 | MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list, |
737 | int cert_list_length, | 744 | int cert_list_length, |
738 | const MHD_gnutls_x509_crt_t * CA_list, | 745 | const MHD_gnutls_x509_crt_t * CA_list, |
739 | int CA_list_length, | 746 | int CA_list_length, |
740 | const MHD_gnutls_x509_crl_t * CRL_list, | 747 | const MHD_gnutls_x509_crl_t * CRL_list, |
741 | int CRL_list_length, | 748 | int CRL_list_length, |
742 | unsigned int flags, unsigned int *verify) | 749 | unsigned int flags, unsigned int *verify) |
743 | { | 750 | { |
744 | if (cert_list == NULL || cert_list_length == 0) | 751 | if (cert_list == NULL || cert_list_length == 0) |
745 | return GNUTLS_E_NO_CERTIFICATE_FOUND; | 752 | return GNUTLS_E_NO_CERTIFICATE_FOUND; |
@@ -747,9 +754,9 @@ MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list, | |||
747 | /* Verify certificate | 754 | /* Verify certificate |
748 | */ | 755 | */ |
749 | *verify = MHD__gnutls_x509_verify_certificate (cert_list, cert_list_length, | 756 | *verify = MHD__gnutls_x509_verify_certificate (cert_list, cert_list_length, |
750 | CA_list, CA_list_length, | 757 | CA_list, CA_list_length, |
751 | CRL_list, CRL_list_length, | 758 | CRL_list, CRL_list_length, |
752 | flags); | 759 | flags); |
753 | 760 | ||
754 | return 0; | 761 | return 0; |
755 | } | 762 | } |
@@ -770,15 +777,15 @@ MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list, | |||
770 | **/ | 777 | **/ |
771 | int | 778 | int |
772 | MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert, | 779 | MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert, |
773 | const MHD_gnutls_x509_crt_t * CA_list, | 780 | const MHD_gnutls_x509_crt_t * CA_list, |
774 | int CA_list_length, | 781 | int CA_list_length, |
775 | unsigned int flags, unsigned int *verify) | 782 | unsigned int flags, unsigned int *verify) |
776 | { | 783 | { |
777 | int ret; | 784 | int ret; |
778 | /* Verify certificate | 785 | /* Verify certificate |
779 | */ | 786 | */ |
780 | ret = MHD__gnutls_verify_certificate2 (cert, CA_list, CA_list_length, flags, | 787 | ret = MHD__gnutls_verify_certificate2 (cert, CA_list, CA_list_length, flags, |
781 | verify); | 788 | verify); |
782 | if (ret < 0) | 789 | if (ret < 0) |
783 | { | 790 | { |
784 | MHD_gnutls_assert (); | 791 | MHD_gnutls_assert (); |
@@ -804,7 +811,7 @@ MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert, | |||
804 | **/ | 811 | **/ |
805 | int | 812 | int |
806 | MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t cert, | 813 | MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t cert, |
807 | MHD_gnutls_x509_crt_t issuer) | 814 | MHD_gnutls_x509_crt_t issuer) |
808 | { | 815 | { |
809 | return is_crl_issuer (cert, issuer); | 816 | return is_crl_issuer (cert, issuer); |
810 | } | 817 | } |
@@ -826,9 +833,9 @@ MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t cert, | |||
826 | **/ | 833 | **/ |
827 | int | 834 | int |
828 | MHD_gnutls_x509_crl_verify (MHD_gnutls_x509_crl_t crl, | 835 | MHD_gnutls_x509_crl_verify (MHD_gnutls_x509_crl_t crl, |
829 | const MHD_gnutls_x509_crt_t * CA_list, | 836 | const MHD_gnutls_x509_crt_t * CA_list, |
830 | int CA_list_length, unsigned int flags, | 837 | int CA_list_length, unsigned int flags, |
831 | unsigned int *verify) | 838 | unsigned int *verify) |
832 | { | 839 | { |
833 | int ret; | 840 | int ret; |
834 | /* Verify crl | 841 | /* Verify crl |
@@ -906,8 +913,9 @@ find_crl_issuer (MHD_gnutls_x509_crl_t crl, | |||
906 | */ | 913 | */ |
907 | static int | 914 | static int |
908 | MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl, | 915 | MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl, |
909 | const MHD_gnutls_x509_crt_t * trusted_cas, | 916 | const MHD_gnutls_x509_crt_t * trusted_cas, |
910 | int tcas_size, unsigned int flags, unsigned int *output) | 917 | int tcas_size, unsigned int flags, |
918 | unsigned int *output) | ||
911 | { | 919 | { |
912 | /* CRL is ignored for now */ | 920 | /* CRL is ignored for now */ |
913 | MHD_gnutls_datum_t crl_signed_data = { NULL, 0 }; | 921 | MHD_gnutls_datum_t crl_signed_data = { NULL, 0 }; |
@@ -951,14 +959,16 @@ MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl, | |||
951 | } | 959 | } |
952 | 960 | ||
953 | result = | 961 | result = |
954 | MHD__gnutls_x509_get_signed_data (crl->crl, "tbsCertList", &crl_signed_data); | 962 | MHD__gnutls_x509_get_signed_data (crl->crl, "tbsCertList", |
963 | &crl_signed_data); | ||
955 | if (result < 0) | 964 | if (result < 0) |
956 | { | 965 | { |
957 | MHD_gnutls_assert (); | 966 | MHD_gnutls_assert (); |
958 | goto cleanup; | 967 | goto cleanup; |
959 | } | 968 | } |
960 | 969 | ||
961 | result = MHD__gnutls_x509_get_signature (crl->crl, "signature", &crl_signature); | 970 | result = |
971 | MHD__gnutls_x509_get_signature (crl->crl, "signature", &crl_signature); | ||
962 | if (result < 0) | 972 | if (result < 0) |
963 | { | 973 | { |
964 | MHD_gnutls_assert (); | 974 | MHD_gnutls_assert (); |
@@ -966,7 +976,8 @@ MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl, | |||
966 | } | 976 | } |
967 | 977 | ||
968 | ret = | 978 | ret = |
969 | MHD__gnutls_x509_verify_signature (&crl_signed_data, &crl_signature, issuer); | 979 | MHD__gnutls_x509_verify_signature (&crl_signed_data, &crl_signature, |
980 | issuer); | ||
970 | if (ret < 0) | 981 | if (ret < 0) |
971 | { | 982 | { |
972 | MHD_gnutls_assert (); | 983 | MHD_gnutls_assert (); |