aboutsummaryrefslogtreecommitdiff
path: root/src/daemon/https
diff options
context:
space:
mode:
Diffstat (limited to 'src/daemon/https')
-rw-r--r--src/daemon/https/gnutls.h284
-rw-r--r--src/daemon/https/lgl/des.c14
-rw-r--r--src/daemon/https/lgl/des.h14
-rw-r--r--src/daemon/https/lgl/gc-gnulib.c45
-rw-r--r--src/daemon/https/lgl/gc-libgcrypt.c33
-rw-r--r--src/daemon/https/lgl/gc-pbkdf2-sha1.c4
-rw-r--r--src/daemon/https/lgl/gc.h54
-rw-r--r--src/daemon/https/lgl/hmac-md5.c2
-rw-r--r--src/daemon/https/lgl/hmac-sha1.c2
-rw-r--r--src/daemon/https/lgl/hmac.h4
-rw-r--r--src/daemon/https/lgl/md5.c6
-rw-r--r--src/daemon/https/lgl/md5.h10
-rw-r--r--src/daemon/https/lgl/rijndael-alg-fst.c8
-rw-r--r--src/daemon/https/lgl/rijndael-alg-fst.h8
-rw-r--r--src/daemon/https/lgl/rijndael-api-fst.c24
-rw-r--r--src/daemon/https/lgl/rijndael-api-fst.h24
-rw-r--r--src/daemon/https/lgl/sha1.c9
-rw-r--r--src/daemon/https/lgl/sha1.h4
-rw-r--r--src/daemon/https/minitasn1/coding.c149
-rw-r--r--src/daemon/https/minitasn1/decoding.c156
-rw-r--r--src/daemon/https/minitasn1/element.c123
-rw-r--r--src/daemon/https/minitasn1/element.h4
-rw-r--r--src/daemon/https/minitasn1/libtasn1.h77
-rw-r--r--src/daemon/https/minitasn1/parser_aux.c31
-rw-r--r--src/daemon/https/minitasn1/parser_aux.h2
-rw-r--r--src/daemon/https/minitasn1/structure.c17
-rw-r--r--src/daemon/https/tls/auth_cert.c40
-rw-r--r--src/daemon/https/tls/auth_cert.h6
-rw-r--r--src/daemon/https/tls/auth_rsa.c25
-rw-r--r--src/daemon/https/tls/auth_rsa_export.c2
-rw-r--r--src/daemon/https/tls/debug.c15
-rw-r--r--src/daemon/https/tls/debug.h3
-rw-r--r--src/daemon/https/tls/ext_cert_type.c7
-rw-r--r--src/daemon/https/tls/ext_max_record.c4
-rw-r--r--src/daemon/https/tls/ext_oprfi.c20
-rw-r--r--src/daemon/https/tls/ext_server_name.c48
-rw-r--r--src/daemon/https/tls/gnutls_alert.c7
-rw-r--r--src/daemon/https/tls/gnutls_algorithms.c51
-rw-r--r--src/daemon/https/tls/gnutls_algorithms.h16
-rw-r--r--src/daemon/https/tls/gnutls_anon_cred.c11
-rw-r--r--src/daemon/https/tls/gnutls_auth.c15
-rw-r--r--src/daemon/https/tls/gnutls_buffers.c97
-rw-r--r--src/daemon/https/tls/gnutls_cert.c26
-rw-r--r--src/daemon/https/tls/gnutls_cert.h3
-rw-r--r--src/daemon/https/tls/gnutls_cipher.c45
-rw-r--r--src/daemon/https/tls/gnutls_cipher.h3
-rw-r--r--src/daemon/https/tls/gnutls_cipher_int.c10
-rw-r--r--src/daemon/https/tls/gnutls_compress.c8
-rw-r--r--src/daemon/https/tls/gnutls_compress.h9
-rw-r--r--src/daemon/https/tls/gnutls_compress_int.c21
-rw-r--r--src/daemon/https/tls/gnutls_constate.c170
-rw-r--r--src/daemon/https/tls/gnutls_datum.c3
-rw-r--r--src/daemon/https/tls/gnutls_datum.h3
-rw-r--r--src/daemon/https/tls/gnutls_dh_primes.c2
-rw-r--r--src/daemon/https/tls/gnutls_extensions.c15
-rw-r--r--src/daemon/https/tls/gnutls_global.c24
-rw-r--r--src/daemon/https/tls/gnutls_handshake.c244
-rw-r--r--src/daemon/https/tls/gnutls_handshake.h3
-rw-r--r--src/daemon/https/tls/gnutls_hash_int.c9
-rw-r--r--src/daemon/https/tls/gnutls_hash_int.h2
-rw-r--r--src/daemon/https/tls/gnutls_kx.c119
-rw-r--r--src/daemon/https/tls/gnutls_mem.c3
-rw-r--r--src/daemon/https/tls/gnutls_mpi.c3
-rw-r--r--src/daemon/https/tls/gnutls_pk.c31
-rw-r--r--src/daemon/https/tls/gnutls_pk.h4
-rw-r--r--src/daemon/https/tls/gnutls_priority.c19
-rw-r--r--src/daemon/https/tls/gnutls_record.c58
-rw-r--r--src/daemon/https/tls/gnutls_rsa_export.c1
-rw-r--r--src/daemon/https/tls/gnutls_rsa_export.h1
-rw-r--r--src/daemon/https/tls/gnutls_session.c1
-rw-r--r--src/daemon/https/tls/gnutls_session_pack.c91
-rw-r--r--src/daemon/https/tls/gnutls_sig.c58
-rw-r--r--src/daemon/https/tls/gnutls_sig.h3
-rw-r--r--src/daemon/https/tls/gnutls_state.c72
-rw-r--r--src/daemon/https/tls/gnutls_state.h8
-rw-r--r--src/daemon/https/tls/gnutls_str.h3
-rw-r--r--src/daemon/https/tls/gnutls_supplemental.c15
-rw-r--r--src/daemon/https/tls/gnutls_supplemental.h4
-rw-r--r--src/daemon/https/tls/gnutls_ui.c38
-rw-r--r--src/daemon/https/tls/gnutls_x509.c113
-rw-r--r--src/daemon/https/tls/gnutls_x509.h16
-rw-r--r--src/daemon/https/tls/x509_b64.c25
-rw-r--r--src/daemon/https/tls/x509_b64.h6
-rw-r--r--src/daemon/https/x509/common.c108
-rw-r--r--src/daemon/https/x509/common.h64
-rw-r--r--src/daemon/https/x509/crl.c74
-rw-r--r--src/daemon/https/x509/crq.c123
-rw-r--r--src/daemon/https/x509/dn.c160
-rw-r--r--src/daemon/https/x509/dn.h20
-rw-r--r--src/daemon/https/x509/dsa.h3
-rw-r--r--src/daemon/https/x509/extensions.c25
-rw-r--r--src/daemon/https/x509/extensions.h19
-rw-r--r--src/daemon/https/x509/mpi.c56
-rw-r--r--src/daemon/https/x509/mpi.h33
-rw-r--r--src/daemon/https/x509/pkcs12.h43
-rw-r--r--src/daemon/https/x509/pkcs12_encr.c12
-rw-r--r--src/daemon/https/x509/pkcs7.c46
-rw-r--r--src/daemon/https/x509/privkey.h5
-rw-r--r--src/daemon/https/x509/privkey_pkcs8.c102
-rw-r--r--src/daemon/https/x509/rfc2818_hostname.c9
-rw-r--r--src/daemon/https/x509/sign.c35
-rw-r--r--src/daemon/https/x509/sign.h6
-rw-r--r--src/daemon/https/x509/verify.h12
-rw-r--r--src/daemon/https/x509/x509.c147
-rw-r--r--src/daemon/https/x509/x509.h520
-rw-r--r--src/daemon/https/x509/x509_privkey.c94
-rw-r--r--src/daemon/https/x509/x509_verify.c139
107 files changed, 2527 insertions, 2095 deletions
diff --git a/src/daemon/https/gnutls.h b/src/daemon/https/gnutls.h
index 3c17d803..217e0fb7 100644
--- a/src/daemon/https/gnutls.h
+++ b/src/daemon/https/gnutls.h
@@ -211,32 +211,36 @@ extern "C"
211 } MHD_gnutls_params_st; 211 } MHD_gnutls_params_st;
212 212
213 typedef int MHD_gnutls_params_function (MHD_gtls_session_t, 213 typedef int MHD_gnutls_params_function (MHD_gtls_session_t,
214 MHD_gnutls_params_type_t, 214 MHD_gnutls_params_type_t,
215 MHD_gnutls_params_st *); 215 MHD_gnutls_params_st *);
216 216
217/* internal functions */ 217/* internal functions */
218 int MHD__gnutls_global_init (void); 218 int MHD__gnutls_global_init (void);
219 void MHD__gnutls_global_deinit (void); 219 void MHD__gnutls_global_deinit (void);
220 220
221 int MHD__gnutls_init (MHD_gtls_session_t * session, 221 int MHD__gnutls_init (MHD_gtls_session_t * session,
222 MHD_gnutls_connection_end_t con_end); 222 MHD_gnutls_connection_end_t con_end);
223 void MHD__gnutls_deinit (MHD_gtls_session_t session); 223 void MHD__gnutls_deinit (MHD_gtls_session_t session);
224 224
225 int MHD__gnutls_bye (MHD_gtls_session_t session, MHD_gnutls_close_request_t how); 225 int MHD__gnutls_bye (MHD_gtls_session_t session,
226 MHD_gnutls_close_request_t how);
226 int MHD__gnutls_handshake (MHD_gtls_session_t session); 227 int MHD__gnutls_handshake (MHD_gtls_session_t session);
227 int MHD__gnutls_rehandshake (MHD_gtls_session_t session); 228 int MHD__gnutls_rehandshake (MHD_gtls_session_t session);
228 229
229 int MHD_gtls_handshake_client (MHD_gtls_session_t session); 230 int MHD_gtls_handshake_client (MHD_gtls_session_t session);
230 231
231 MHD_gnutls_alert_description_t MHD_gnutls_alert_get (MHD_gtls_session_t session); 232 MHD_gnutls_alert_description_t MHD_gnutls_alert_get (MHD_gtls_session_t
233 session);
232 int MHD__gnutls_alert_send (MHD_gtls_session_t session, 234 int MHD__gnutls_alert_send (MHD_gtls_session_t session,
233 MHD_gnutls_alert_level_t level, 235 MHD_gnutls_alert_level_t level,
234 MHD_gnutls_alert_description_t desc); 236 MHD_gnutls_alert_description_t desc);
235 int MHD__gnutls_alert_send_appropriate (MHD_gtls_session_t session, int err); 237 int MHD__gnutls_alert_send_appropriate (MHD_gtls_session_t session,
236 const char *MHD__gnutls_alert_get_name (MHD_gnutls_alert_description_t alert); 238 int err);
237 239 const char *MHD__gnutls_alert_get_name (MHD_gnutls_alert_description_t
238 enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get (MHD_gtls_session_t 240 alert);
239 session); 241
242 enum MHD_GNUTLS_CompressionMethod
243 MHD_gtls_compression_get (MHD_gtls_session_t session);
240// enum MHD_GNUTLS_CipherAlgorithm MHD_gnutls_cipher_get (MHD_gtls_session_t session); 244// enum MHD_GNUTLS_CipherAlgorithm MHD_gnutls_cipher_get (MHD_gtls_session_t session);
241// enum MHD_GNUTLS_KeyExchangeAlgorithm MHD_gnutls_kx_get (MHD_gtls_session_t session); 245// enum MHD_GNUTLS_KeyExchangeAlgorithm MHD_gnutls_kx_get (MHD_gtls_session_t session);
242// enum MHD_GNUTLS_HashAlgorithm MHD_gnutls_mac_get (MHD_gtls_session_t session); 246// enum MHD_GNUTLS_HashAlgorithm MHD_gnutls_mac_get (MHD_gtls_session_t session);
@@ -244,23 +248,23 @@ extern "C"
244// session); 248// session);
245 249
246 size_t MHD__gnutls_cipher_get_key_size (enum MHD_GNUTLS_CipherAlgorithm 250 size_t MHD__gnutls_cipher_get_key_size (enum MHD_GNUTLS_CipherAlgorithm
247 algorithm); 251 algorithm);
248 size_t MHD__gnutls_mac_get_key_size (enum MHD_GNUTLS_HashAlgorithm 252 size_t MHD__gnutls_mac_get_key_size (enum MHD_GNUTLS_HashAlgorithm
249 algorithm); 253 algorithm);
250 254
251/* the name of the specified algorithms */ 255/* the name of the specified algorithms */
252 const char *MHD__gnutls_cipher_get_name (enum MHD_GNUTLS_CipherAlgorithm 256 const char *MHD__gnutls_cipher_get_name (enum MHD_GNUTLS_CipherAlgorithm
253 algorithm); 257 algorithm);
254 const char *MHD__gnutls_mac_get_name (enum MHD_GNUTLS_HashAlgorithm 258 const char *MHD__gnutls_mac_get_name (enum MHD_GNUTLS_HashAlgorithm
255 algorithm); 259 algorithm);
256 const char *MHD_gtls_compression_get_name (enum 260 const char *MHD_gtls_compression_get_name (enum
257 MHD_GNUTLS_CompressionMethod 261 MHD_GNUTLS_CompressionMethod
258 algorithm); 262 algorithm);
259 const char *MHD__gnutls_kx_get_name (enum MHD_GNUTLS_KeyExchangeAlgorithm 263 const char *MHD__gnutls_kx_get_name (enum MHD_GNUTLS_KeyExchangeAlgorithm
260 algorithm); 264 algorithm);
261 const char *MHD__gnutls_certificate_type_get_name (enum 265 const char *MHD__gnutls_certificate_type_get_name (enum
262 MHD_GNUTLS_CertificateType 266 MHD_GNUTLS_CertificateType
263 type); 267 type);
264 268
265 enum MHD_GNUTLS_HashAlgorithm MHD_gtls_mac_get_id (const char *name); 269 enum MHD_GNUTLS_HashAlgorithm MHD_gtls_mac_get_id (const char *name);
266 enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get_id (const char 270 enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get_id (const char
@@ -292,9 +296,9 @@ extern "C"
292 * Record layer functions. 296 * Record layer functions.
293 */ 297 */
294 ssize_t MHD__gnutls_record_send (MHD_gtls_session_t session, 298 ssize_t MHD__gnutls_record_send (MHD_gtls_session_t session,
295 const void *data, size_t sizeofdata); 299 const void *data, size_t sizeofdata);
296 ssize_t MHD__gnutls_record_recv (MHD_gtls_session_t session, void *data, 300 ssize_t MHD__gnutls_record_recv (MHD_gtls_session_t session, void *data,
297 size_t sizeofdata); 301 size_t sizeofdata);
298 302
299 /* provides extra compatibility */ 303 /* provides extra compatibility */
300 void MHD_gtls_record_disable_padding (MHD_gtls_session_t session); 304 void MHD_gtls_record_disable_padding (MHD_gtls_session_t session);
@@ -303,19 +307,19 @@ extern "C"
303 int MHD__gnutls_record_get_direction (MHD_gtls_session_t session); 307 int MHD__gnutls_record_get_direction (MHD_gtls_session_t session);
304 size_t MHD__gnutls_record_get_max_size (MHD_gtls_session_t session); 308 size_t MHD__gnutls_record_get_max_size (MHD_gtls_session_t session);
305 ssize_t MHD__gnutls_record_set_max_size (MHD_gtls_session_t session, 309 ssize_t MHD__gnutls_record_set_max_size (MHD_gtls_session_t session,
306 size_t size); 310 size_t size);
307 311
308 312
309 int MHD__gnutls_prf (MHD_gtls_session_t session, 313 int MHD__gnutls_prf (MHD_gtls_session_t session,
310 size_t label_size, const char *label, 314 size_t label_size, const char *label,
311 int server_random_first, 315 int server_random_first,
312 size_t extra_size, const char *extra, 316 size_t extra_size, const char *extra,
313 size_t outsize, char *out); 317 size_t outsize, char *out);
314 318
315 int MHD__gnutls_prf_raw (MHD_gtls_session_t session, 319 int MHD__gnutls_prf_raw (MHD_gtls_session_t session,
316 size_t label_size, const char *label, 320 size_t label_size, const char *label,
317 size_t seed_size, const char *seed, 321 size_t seed_size, const char *seed,
318 size_t outsize, char *out); 322 size_t outsize, char *out);
319 323
320/* 324/*
321 * TLS Extensions 325 * TLS Extensions
@@ -326,12 +330,12 @@ extern "C"
326 } MHD_gnutls_server_name_type_t; 330 } MHD_gnutls_server_name_type_t;
327 331
328 int MHD__gnutls_server_name_set (MHD_gtls_session_t session, 332 int MHD__gnutls_server_name_set (MHD_gtls_session_t session,
329 MHD_gnutls_server_name_type_t type, 333 MHD_gnutls_server_name_type_t type,
330 const void *name, size_t name_length); 334 const void *name, size_t name_length);
331 335
332 int MHD__gnutls_server_name_get (MHD_gtls_session_t session, 336 int MHD__gnutls_server_name_get (MHD_gtls_session_t session,
333 void *data, size_t * data_length, 337 void *data, size_t * data_length,
334 unsigned int *type, unsigned int indx); 338 unsigned int *type, unsigned int indx);
335 339
336 /* Opaque PRF Input 340 /* Opaque PRF Input
337 * http://tools.ietf.org/id/draft-rescorla-tls-opaque-prf-input-00.txt 341 * http://tools.ietf.org/id/draft-rescorla-tls-opaque-prf-input-00.txt
@@ -342,10 +346,11 @@ extern "C"
342 size_t len, unsigned char *data); 346 size_t len, unsigned char *data);
343 347
344 typedef int (*MHD_gnutls_oprfi_callback_func) (MHD_gtls_session_t session, 348 typedef int (*MHD_gnutls_oprfi_callback_func) (MHD_gtls_session_t session,
345 void *userdata, 349 void *userdata,
346 size_t oprfi_len, 350 size_t oprfi_len,
347 const unsigned char *in_oprfi, 351 const unsigned char
348 unsigned char *out_oprfi); 352 *in_oprfi,
353 unsigned char *out_oprfi);
349 354
350 void 355 void
351 MHD_gtls_oprfi_enable_server (MHD_gtls_session_t session, 356 MHD_gtls_oprfi_enable_server (MHD_gtls_session_t session,
@@ -362,32 +367,35 @@ extern "C"
362 (MHD_gnutls_supplemental_data_format_type_t type); 367 (MHD_gnutls_supplemental_data_format_type_t type);
363 368
364 int MHD__gnutls_cipher_set_priority (MHD_gtls_session_t session, 369 int MHD__gnutls_cipher_set_priority (MHD_gtls_session_t session,
365 const int *list); 370 const int *list);
366 int MHD__gnutls_mac_set_priority (MHD_gtls_session_t session, 371 int MHD__gnutls_mac_set_priority (MHD_gtls_session_t session,
367 const int *list); 372 const int *list);
368 int MHD__gnutls_compression_set_priority (MHD_gtls_session_t session, 373 int MHD__gnutls_compression_set_priority (MHD_gtls_session_t session,
369 const int *list); 374 const int *list);
370 int MHD__gnutls_kx_set_priority (MHD_gtls_session_t session, 375 int MHD__gnutls_kx_set_priority (MHD_gtls_session_t session,
371 const int *list); 376 const int *list);
372 int MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session, 377 int MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session,
373 const int *list); 378 const int *list);
374 int MHD__gnutls_certificate_type_set_priority (MHD_gtls_session_t session, 379 int MHD__gnutls_certificate_type_set_priority (MHD_gtls_session_t session,
375 const int *list); 380 const int *list);
376 381
377 int MHD_tls_set_default_priority (MHD_gnutls_priority_t *, const char *priority, 382 int MHD_tls_set_default_priority (MHD_gnutls_priority_t *,
383 const char *priority,
378 const char **err_pos); 384 const char **err_pos);
379 void MHD__gnutls_priority_deinit (MHD_gnutls_priority_t); 385 void MHD__gnutls_priority_deinit (MHD_gnutls_priority_t);
380 386
381 int MHD__gnutls_priority_set (MHD_gtls_session_t session, MHD_gnutls_priority_t); 387 int MHD__gnutls_priority_set (MHD_gtls_session_t session,
388 MHD_gnutls_priority_t);
382 int MHD__gnutls_priority_set_direct (MHD_gtls_session_t session, 389 int MHD__gnutls_priority_set_direct (MHD_gtls_session_t session,
383 const char *priority, 390 const char *priority,
384 const char **err_pos); 391 const char **err_pos);
385 392
386/* get the currently used protocol version */ 393/* get the currently used protocol version */
387 enum MHD_GNUTLS_Protocol MHD__gnutls_protocol_get_version (MHD_gtls_session_t 394 enum MHD_GNUTLS_Protocol
388 session); 395 MHD__gnutls_protocol_get_version (MHD_gtls_session_t session);
389 396
390 const char *MHD__gnutls_protocol_get_name (enum MHD_GNUTLS_Protocol version); 397 const char *MHD__gnutls_protocol_get_name (enum MHD_GNUTLS_Protocol
398 version);
391 399
392/* 400/*
393 * get/set session 401 * get/set session
@@ -412,13 +420,14 @@ extern "C"
412 420
413 int MHD_gtls_session_is_resumed (MHD_gtls_session_t session); 421 int MHD_gtls_session_is_resumed (MHD_gtls_session_t session);
414 422
415 typedef int (*MHD_gnutls_handshake_post_client_hello_func) (MHD_gtls_session_t); 423 typedef
424 int (*MHD_gnutls_handshake_post_client_hello_func) (MHD_gtls_session_t);
416 void 425 void
417 MHD__gnutls_handshake_set_post_client_hello_function (MHD_gtls_session_t, 426 MHD__gnutls_handshake_set_post_client_hello_function (MHD_gtls_session_t,
418 MHD_gnutls_handshake_post_client_hello_func); 427 MHD_gnutls_handshake_post_client_hello_func);
419 428
420 void MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session, 429 void MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t
421 size_t max); 430 session, size_t max);
422 431
423/* 432/*
424 * Functions for setting/clearing credentials 433 * Functions for setting/clearing credentials
@@ -429,8 +438,8 @@ extern "C"
429 * cred is a structure defined by the kx algorithm 438 * cred is a structure defined by the kx algorithm
430 */ 439 */
431 int MHD__gnutls_credentials_set (MHD_gtls_session_t session, 440 int MHD__gnutls_credentials_set (MHD_gtls_session_t session,
432 enum MHD_GNUTLS_CredentialsType type, 441 enum MHD_GNUTLS_CredentialsType type,
433 void *cred); 442 void *cred);
434 443
435/* Credential structures - used in MHD__gnutls_credentials_set(); */ 444/* Credential structures - used in MHD__gnutls_credentials_set(); */
436 struct MHD_gtls_certificate_credentials_st; 445 struct MHD_gtls_certificate_credentials_st;
@@ -453,12 +462,13 @@ extern "C"
453 462
454 void 463 void
455 MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t 464 MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t
456 res, 465 res,
457 MHD_gtls_dh_params_t dh_params); 466 MHD_gtls_dh_params_t dh_params);
458 467
459 void 468 void
460 MHD__gnutls_anon_set_server_params_function 469 MHD__gnutls_anon_set_server_params_function
461 (MHD_gtls_anon_server_credentials_t res, MHD_gnutls_params_function * func); 470 (MHD_gtls_anon_server_credentials_t res,
471 MHD_gnutls_params_function * func);
462 472
463 void 473 void
464 MHD__gnutls_anon_free_client_credentials 474 MHD__gnutls_anon_free_client_credentials
@@ -468,10 +478,10 @@ extern "C"
468 (MHD_gtls_anon_client_credentials_t * sc); 478 (MHD_gtls_anon_client_credentials_t * sc);
469 479
470 void MHD__gnutls_certificate_free_credentials (MHD_gtls_cert_credentials_t 480 void MHD__gnutls_certificate_free_credentials (MHD_gtls_cert_credentials_t
471 sc); 481 sc);
472 int 482 int
473 MHD__gnutls_certificate_allocate_credentials (MHD_gtls_cert_credentials_t 483 MHD__gnutls_certificate_allocate_credentials (MHD_gtls_cert_credentials_t
474 * res); 484 * res);
475 485
476 void MHD__gnutls_certificate_free_keys (MHD_gtls_cert_credentials_t sc); 486 void MHD__gnutls_certificate_free_keys (MHD_gtls_cert_credentials_t sc);
477 void MHD__gnutls_certificate_free_cas (MHD_gtls_cert_credentials_t sc); 487 void MHD__gnutls_certificate_free_cas (MHD_gtls_cert_credentials_t sc);
@@ -479,50 +489,60 @@ extern "C"
479 void MHD__gnutls_certificate_free_crls (MHD_gtls_cert_credentials_t sc); 489 void MHD__gnutls_certificate_free_crls (MHD_gtls_cert_credentials_t sc);
480 490
481 void MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res, 491 void MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res,
482 MHD_gtls_dh_params_t dh_params); 492 MHD_gtls_dh_params_t dh_params);
483 void 493 void
484 MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t 494 MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t
485 res, 495 res,
486 MHD_gtls_rsa_params_t 496 MHD_gtls_rsa_params_t
487 rsa_params); 497 rsa_params);
488 void MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t 498 void MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t
489 res, unsigned int flags); 499 res, unsigned int flags);
490 void MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t 500 void MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t
491 res, unsigned int max_bits, 501 res, unsigned int max_bits,
492 unsigned int max_depth); 502 unsigned int max_depth);
493 503
494 int MHD__gnutls_certificate_set_x509_trust_file (MHD_gtls_cert_credentials_t 504 int MHD__gnutls_certificate_set_x509_trust_file (MHD_gtls_cert_credentials_t
495 res, const char *CAFILE, 505 res, const char *CAFILE,
496 MHD_gnutls_x509_crt_fmt_t type); 506 MHD_gnutls_x509_crt_fmt_t
507 type);
497 int MHD__gnutls_certificate_set_x509_trust_mem (MHD_gtls_cert_credentials_t 508 int MHD__gnutls_certificate_set_x509_trust_mem (MHD_gtls_cert_credentials_t
498 res, 509 res,
499 const MHD_gnutls_datum_t * CA, 510 const MHD_gnutls_datum_t *
500 MHD_gnutls_x509_crt_fmt_t type); 511 CA,
512 MHD_gnutls_x509_crt_fmt_t
513 type);
501 514
502 int MHD__gnutls_certificate_set_x509_crl_file (MHD_gtls_cert_credentials_t 515 int MHD__gnutls_certificate_set_x509_crl_file (MHD_gtls_cert_credentials_t
503 res, const char *crlfile, 516 res, const char *crlfile,
504 MHD_gnutls_x509_crt_fmt_t type); 517 MHD_gnutls_x509_crt_fmt_t
518 type);
505 int MHD__gnutls_certificate_set_x509_crl_mem (MHD_gtls_cert_credentials_t 519 int MHD__gnutls_certificate_set_x509_crl_mem (MHD_gtls_cert_credentials_t
506 res, 520 res,
507 const MHD_gnutls_datum_t * CRL, 521 const MHD_gnutls_datum_t *
508 MHD_gnutls_x509_crt_fmt_t type); 522 CRL,
523 MHD_gnutls_x509_crt_fmt_t
524 type);
509 525
510 /* 526 /*
511 * CERTFILE is an x509 certificate in PEM form. 527 * CERTFILE is an x509 certificate in PEM form.
512 * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys). 528 * KEYFILE is a pkcs-1 private key in PEM form (for RSA keys).
513 */ 529 */
514 int MHD__gnutls_certificate_set_x509_key_file (MHD_gtls_cert_credentials_t 530 int MHD__gnutls_certificate_set_x509_key_file (MHD_gtls_cert_credentials_t
515 res, const char *CERTFILE, 531 res, const char *CERTFILE,
516 const char *KEYFILE, 532 const char *KEYFILE,
517 MHD_gnutls_x509_crt_fmt_t type); 533 MHD_gnutls_x509_crt_fmt_t
534 type);
518 int MHD__gnutls_certificate_set_x509_key_mem (MHD_gtls_cert_credentials_t 535 int MHD__gnutls_certificate_set_x509_key_mem (MHD_gtls_cert_credentials_t
519 res, 536 res,
520 const MHD_gnutls_datum_t * CERT, 537 const MHD_gnutls_datum_t *
521 const MHD_gnutls_datum_t * KEY, 538 CERT,
522 MHD_gnutls_x509_crt_fmt_t type); 539 const MHD_gnutls_datum_t *
540 KEY,
541 MHD_gnutls_x509_crt_fmt_t
542 type);
523 543
524 void MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t 544 void MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t
525 session, int status); 545 session, int status);
526 546
527/* 547/*
528 * New functions to allow setting already parsed X.509 stuff. 548 * New functions to allow setting already parsed X.509 stuff.
@@ -558,7 +578,8 @@ extern "C"
558 typedef void *(*MHD_gnutls_realloc_function) (void *, size_t); 578 typedef void *(*MHD_gnutls_realloc_function) (void *, size_t);
559 579
560 extern void 580 extern void
561 MHD_gtls_global_set_mem_functions (MHD_gnutls_alloc_function gt_alloc_func, 581 MHD_gtls_global_set_mem_functions (MHD_gnutls_alloc_function
582 gt_alloc_func,
562 MHD_gnutls_alloc_function 583 MHD_gnutls_alloc_function
563 gt_secure_alloc_func, 584 gt_secure_alloc_func,
564 MHD_gnutls_is_secure_function 585 MHD_gnutls_is_secure_function
@@ -586,14 +607,14 @@ extern "C"
586 int MHD__gnutls_dh_params_init (MHD_gtls_dh_params_t * dh_params); 607 int MHD__gnutls_dh_params_init (MHD_gtls_dh_params_t * dh_params);
587 void MHD__gnutls_dh_params_deinit (MHD_gtls_dh_params_t dh_params); 608 void MHD__gnutls_dh_params_deinit (MHD_gtls_dh_params_t dh_params);
588 int MHD__gnutls_dh_params_generate2 (MHD_gtls_dh_params_t params, 609 int MHD__gnutls_dh_params_generate2 (MHD_gtls_dh_params_t params,
589 unsigned int bits); 610 unsigned int bits);
590 611
591 612
592/* RSA params */ 613/* RSA params */
593 int MHD__gnutls_rsa_params_init (MHD_gtls_rsa_params_t * rsa_params); 614 int MHD__gnutls_rsa_params_init (MHD_gtls_rsa_params_t * rsa_params);
594 void MHD__gnutls_rsa_params_deinit (MHD_gtls_rsa_params_t rsa_params); 615 void MHD__gnutls_rsa_params_deinit (MHD_gtls_rsa_params_t rsa_params);
595 int MHD__gnutls_rsa_params_generate2 (MHD_gtls_rsa_params_t params, 616 int MHD__gnutls_rsa_params_generate2 (MHD_gtls_rsa_params_t params,
596 unsigned int bits); 617 unsigned int bits);
597 618
598 619
599/* 620/*
@@ -601,21 +622,21 @@ extern "C"
601 */ 622 */
602 typedef ssize_t (*MHD_gtls_pull_func) (MHD_gnutls_transport_ptr_t, void *, 623 typedef ssize_t (*MHD_gtls_pull_func) (MHD_gnutls_transport_ptr_t, void *,
603 size_t); 624 size_t);
604 typedef ssize_t (*MHD_gtls_push_func) (MHD_gnutls_transport_ptr_t, const void *, 625 typedef ssize_t (*MHD_gtls_push_func) (MHD_gnutls_transport_ptr_t,
605 size_t); 626 const void *, size_t);
606 void MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session, 627 void MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session,
607 MHD_gnutls_transport_ptr_t ptr); 628 MHD_gnutls_transport_ptr_t ptr);
608 void MHD__gnutls_transport_set_ptr2 (MHD_gtls_session_t session, 629 void MHD__gnutls_transport_set_ptr2 (MHD_gtls_session_t session,
609 MHD_gnutls_transport_ptr_t recv_ptr, 630 MHD_gnutls_transport_ptr_t recv_ptr,
610 MHD_gnutls_transport_ptr_t send_ptr); 631 MHD_gnutls_transport_ptr_t send_ptr);
611 632
612 void MHD__gnutls_transport_set_lowat (MHD_gtls_session_t session, int num); 633 void MHD__gnutls_transport_set_lowat (MHD_gtls_session_t session, int num);
613 634
614 635
615 void MHD__gnutls_transport_set_push_function (MHD_gtls_session_t session, 636 void MHD__gnutls_transport_set_push_function (MHD_gtls_session_t session,
616 MHD_gtls_push_func push_func); 637 MHD_gtls_push_func push_func);
617 void MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session, 638 void MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session,
618 MHD_gtls_pull_func pull_func); 639 MHD_gtls_pull_func pull_func);
619 640
620 void MHD__gnutls_transport_set_errno (MHD_gtls_session_t session, int err); 641 void MHD__gnutls_transport_set_errno (MHD_gtls_session_t session, int err);
621 void MHD__gnutls_transport_set_global_errno (int err); 642 void MHD__gnutls_transport_set_global_errno (int err);
@@ -630,8 +651,8 @@ extern "C"
630 * this function returns the hash of the given data. 651 * this function returns the hash of the given data.
631 */ 652 */
632 int MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo, 653 int MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo,
633 const MHD_gnutls_datum_t * data, void *result, 654 const MHD_gnutls_datum_t * data, void *result,
634 size_t * result_size); 655 size_t * result_size);
635 656
636 typedef enum MHD_gnutls_x509_subject_alt_name_t 657 typedef enum MHD_gnutls_x509_subject_alt_name_t
637 { 658 {
@@ -664,21 +685,19 @@ extern "C"
664 unsigned int deinit_all; /* if non zero all keys will be deinited */ 685 unsigned int deinit_all; /* if non zero all keys will be deinited */
665 } MHD_gnutls_retr_st; 686 } MHD_gnutls_retr_st;
666 687
667 typedef int MHD_gnutls_certificate_client_retrieve_function (MHD_gtls_session_t, 688 typedef int
668 const 689 MHD_gnutls_certificate_client_retrieve_function (MHD_gtls_session_t,
669 MHD_gnutls_datum_t * 690 const MHD_gnutls_datum_t
670 req_ca_rdn, 691 * req_ca_rdn, int nreqs,
671 int nreqs, 692 const enum
672 const 693 MHD_GNUTLS_PublicKeyAlgorithm
673 enum 694 *pk_algos,
674 MHD_GNUTLS_PublicKeyAlgorithm 695 int pk_algos_length,
675 *pk_algos, 696 MHD_gnutls_retr_st *);
676 int 697
677 pk_algos_length, 698 typedef int
678 MHD_gnutls_retr_st *); 699 MHD_gnutls_certificate_server_retrieve_function (MHD_gtls_session_t,
679 700 MHD_gnutls_retr_st *);
680 typedef int MHD_gnutls_certificate_server_retrieve_function (MHD_gtls_session_t,
681 MHD_gnutls_retr_st *);
682 701
683 /* 702 /*
684 * Functions that allow auth_info_t structures handling 703 * Functions that allow auth_info_t structures handling
@@ -694,16 +713,16 @@ extern "C"
694 * DH 713 * DH
695 */ 714 */
696 void MHD__gnutls_dh_set_prime_bits (MHD_gtls_session_t session, 715 void MHD__gnutls_dh_set_prime_bits (MHD_gtls_session_t session,
697 unsigned int bits); 716 unsigned int bits);
698 int MHD__gnutls_dh_get_secret_bits (MHD_gtls_session_t session); 717 int MHD__gnutls_dh_get_secret_bits (MHD_gtls_session_t session);
699 int MHD__gnutls_dh_get_peers_public_bits (MHD_gtls_session_t session); 718 int MHD__gnutls_dh_get_peers_public_bits (MHD_gtls_session_t session);
700 int MHD__gnutls_dh_get_prime_bits (MHD_gtls_session_t session); 719 int MHD__gnutls_dh_get_prime_bits (MHD_gtls_session_t session);
701 720
702 int MHD__gnutls_dh_get_group (MHD_gtls_session_t session, 721 int MHD__gnutls_dh_get_group (MHD_gtls_session_t session,
703 MHD_gnutls_datum_t * raw_gen, 722 MHD_gnutls_datum_t * raw_gen,
704 MHD_gnutls_datum_t * raw_prime); 723 MHD_gnutls_datum_t * raw_prime);
705 int MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session, 724 int MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session,
706 MHD_gnutls_datum_t * raw_key); 725 MHD_gnutls_datum_t * raw_key);
707 726
708 /* 727 /*
709 * RSA 728 * RSA
@@ -715,17 +734,18 @@ extern "C"
715 734
716 /* External signing callback. Experimental. */ 735 /* External signing callback. Experimental. */
717 typedef int (*MHD_gnutls_sign_func) (MHD_gtls_session_t session, 736 typedef int (*MHD_gnutls_sign_func) (MHD_gtls_session_t session,
718 void *userdata, 737 void *userdata,
719 enum MHD_GNUTLS_CertificateType cert_type, 738 enum MHD_GNUTLS_CertificateType
720 const MHD_gnutls_datum_t * cert, 739 cert_type,
721 const MHD_gnutls_datum_t * hash, 740 const MHD_gnutls_datum_t * cert,
722 MHD_gnutls_datum_t * signature); 741 const MHD_gnutls_datum_t * hash,
742 MHD_gnutls_datum_t * signature);
723 743
724 void MHD_gtls_sign_callback_set (MHD_gtls_session_t session, 744 void MHD_gtls_sign_callback_set (MHD_gtls_session_t session,
725 MHD_gnutls_sign_func sign_func, 745 MHD_gnutls_sign_func sign_func,
726 void *userdata); 746 void *userdata);
727 MHD_gnutls_sign_func MHD_gtls_sign_callback_get (MHD_gtls_session_t session, 747 MHD_gnutls_sign_func MHD_gtls_sign_callback_get (MHD_gtls_session_t session,
728 void **userdata); 748 void **userdata);
729 749
730 /* These are set on the credentials structure. 750 /* These are set on the credentials structure.
731 */ 751 */
@@ -742,11 +762,11 @@ extern "C"
742 762
743 /* get data from the session */ 763 /* get data from the session */
744 const MHD_gnutls_datum_t *MHD_gtls_certificate_get_peers (MHD_gtls_session_t 764 const MHD_gnutls_datum_t *MHD_gtls_certificate_get_peers (MHD_gtls_session_t
745 session, 765 session,
746 unsigned int 766 unsigned int
747 *list_size); 767 *list_size);
748 const MHD_gnutls_datum_t *MHD_gtls_certificate_get_ours (MHD_gtls_session_t 768 const MHD_gnutls_datum_t *MHD_gtls_certificate_get_ours (MHD_gtls_session_t
749 session); 769 session);
750 770
751 time_t MHD_gtls_certificate_activation_time_peers (MHD_gtls_session_t 771 time_t MHD_gtls_certificate_activation_time_peers (MHD_gtls_session_t
752 session); 772 session);
@@ -762,8 +782,8 @@ extern "C"
762 int MHD_gtls_certificate_verify_peers (MHD_gtls_session_t session); 782 int MHD_gtls_certificate_verify_peers (MHD_gtls_session_t session);
763 783
764 int MHD_gtls_pem_base64_encode (const char *msg, 784 int MHD_gtls_pem_base64_encode (const char *msg,
765 const MHD_gnutls_datum_t * data, char *result, 785 const MHD_gnutls_datum_t * data,
766 size_t * result_size); 786 char *result, size_t * result_size);
767 int MHD_gtls_pem_base64_decode (const char *header, 787 int MHD_gtls_pem_base64_decode (const char *header,
768 const MHD_gnutls_datum_t * b64_data, 788 const MHD_gnutls_datum_t * b64_data,
769 unsigned char *result, 789 unsigned char *result,
diff --git a/src/daemon/https/lgl/des.c b/src/daemon/https/lgl/des.c
index 7bc4c4d0..dbe5f3c6 100644
--- a/src/daemon/https/lgl/des.c
+++ b/src/daemon/https/lgl/des.c
@@ -543,7 +543,8 @@ MHD_gl_des_makekey (MHD_gl_des_ctx * ctx, const char *key, size_t keylen)
543} 543}
544 544
545void 545void
546MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *_from, char *_to, int mode) 546MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *_from, char *_to,
547 int mode)
547{ 548{
548 const unsigned char *from = (const unsigned char *) _from; 549 const unsigned char *from = (const unsigned char *) _from;
549 unsigned char *to = (unsigned char *) _to; 550 unsigned char *to = (unsigned char *) _to;
@@ -565,7 +566,8 @@ READ_64BIT_DATA (from, left, right)
565 FINAL_PERMUTATION (right, work, left) WRITE_64BIT_DATA (to, right, left)} 566 FINAL_PERMUTATION (right, work, left) WRITE_64BIT_DATA (to, right, left)}
566 567
567void 568void
568MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, const char *key2) 569MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1,
570 const char *key2)
569{ 571{
570 int i; 572 int i;
571 573
@@ -590,7 +592,7 @@ MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, const char *key2)
590 592
591void 593void
592MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx, const char *key1, 594MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx, const char *key1,
593 const char *key2, const char *key3) 595 const char *key2, const char *key3)
594{ 596{
595 int i; 597 int i;
596 598
@@ -612,7 +614,8 @@ MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx, const char *key1,
612} 614}
613 615
614void 616void
615MHD_gl_3des_ecb_crypt (MHD_gl_3des_ctx * ctx, const char *_from, char *_to, int mode) 617MHD_gl_3des_ecb_crypt (MHD_gl_3des_ctx * ctx, const char *_from, char *_to,
618 int mode)
616{ 619{
617 const unsigned char *from = (const unsigned char *) _from; 620 const unsigned char *from = (const unsigned char *) _from;
618 unsigned char *to = (unsigned char *) _to; 621 unsigned char *to = (unsigned char *) _to;
@@ -658,5 +661,6 @@ MHD_gl_3des_makekey (MHD_gl_3des_ctx * ctx, const char *key, size_t keylen)
658 MHD_gl_3des_set3keys (ctx, key, key + 8, key + 16); 661 MHD_gl_3des_set3keys (ctx, key, key + 8, key + 16);
659 662
660 return !(MHD_gl_des_is_weak_key (key) 663 return !(MHD_gl_des_is_weak_key (key)
661 || MHD_gl_des_is_weak_key (key + 8) || MHD_gl_des_is_weak_key (key + 16)); 664 || MHD_gl_des_is_weak_key (key + 8)
665 || MHD_gl_des_is_weak_key (key + 16));
662} 666}
diff --git a/src/daemon/https/lgl/des.h b/src/daemon/https/lgl/des.h
index 4d9eb20c..d2ad058e 100644
--- a/src/daemon/https/lgl/des.h
+++ b/src/daemon/https/lgl/des.h
@@ -62,12 +62,14 @@ extern void MHD_gl_des_setkey (MHD_gl_des_ctx * ctx, const char *key);
62/* Fill a DES context CTX with subkeys calculated from 64bit KEY, with 62/* Fill a DES context CTX with subkeys calculated from 64bit KEY, with
63 * weak key checking. Does not check parity bits, but simply ignore 63 * weak key checking. Does not check parity bits, but simply ignore
64 * them. */ 64 * them. */
65extern bool MHD_gl_des_makekey (MHD_gl_des_ctx * ctx, const char *key, size_t keylen); 65extern bool MHD_gl_des_makekey (MHD_gl_des_ctx * ctx, const char *key,
66 size_t keylen);
66 67
67/* Electronic Codebook Mode DES encryption/decryption of data 68/* Electronic Codebook Mode DES encryption/decryption of data
68 * according to 'mode'. */ 69 * according to 'mode'. */
69extern void 70extern void
70MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *from, char *to, int mode); 71MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *from, char *to,
72 int mode);
71 73
72#define MHD_gl_des_ecb_encrypt(ctx, from, to) MHD_gl_des_ecb_crypt(ctx, from, to, 0) 74#define MHD_gl_des_ecb_encrypt(ctx, from, to) MHD_gl_des_ecb_crypt(ctx, from, to, 0)
73#define MHD_gl_des_ecb_decrypt(ctx, from, to) MHD_gl_des_ecb_crypt(ctx, from, to, 1) 75#define MHD_gl_des_ecb_decrypt(ctx, from, to) MHD_gl_des_ecb_crypt(ctx, from, to, 1)
@@ -80,7 +82,8 @@ MHD_gl_des_ecb_crypt (MHD_gl_des_ctx * ctx, const char *from, char *to, int mode
80 * 64bit keys in KEY1 and KEY2. Does not check the parity bits of the 82 * 64bit keys in KEY1 and KEY2. Does not check the parity bits of the
81 * keys, but simply ignore them. Does not check for weak keys. */ 83 * keys, but simply ignore them. Does not check for weak keys. */
82extern void 84extern void
83MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, const char *key2); 85MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1,
86 const char *key2);
84 87
85/* 88/*
86 * Fill a Triple-DES context CTX with subkeys calculated from three 89 * Fill a Triple-DES context CTX with subkeys calculated from three
@@ -89,7 +92,7 @@ MHD_gl_3des_set2keys (MHD_gl_3des_ctx * ctx, const char *key1, const char *key2)
89 * keys. */ 92 * keys. */
90extern void 93extern void
91MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx, 94MHD_gl_3des_set3keys (MHD_gl_3des_ctx * ctx,
92 const char *key1, const char *key2, const char *key3); 95 const char *key1, const char *key2, const char *key3);
93 96
94/* Fill a Triple-DES context CTX with subkeys calculated from three 97/* Fill a Triple-DES context CTX with subkeys calculated from three
95 * concatenated 64bit keys in KEY, with weak key checking. Does not 98 * concatenated 64bit keys in KEY, with weak key checking. Does not
@@ -101,7 +104,8 @@ MHD_gl_3des_makekey (MHD_gl_3des_ctx * ctx, const char *key, size_t keylen);
101 * according to 'mode'. Sometimes this mode is named 'EDE' mode 104 * according to 'mode'. Sometimes this mode is named 'EDE' mode
102 * (Encryption-Decryption-Encryption). */ 105 * (Encryption-Decryption-Encryption). */
103extern void 106extern void
104MHD_gl_3des_ecb_crypt (MHD_gl_3des_ctx * ctx, const char *from, char *to, int mode); 107MHD_gl_3des_ecb_crypt (MHD_gl_3des_ctx * ctx, const char *from, char *to,
108 int mode);
105 109
106#define MHD_gl_3des_ecb_encrypt(ctx, from, to) MHD_gl_3des_ecb_crypt(ctx,from,to,0) 110#define MHD_gl_3des_ecb_encrypt(ctx, from, to) MHD_gl_3des_ecb_crypt(ctx,from,to,0)
107#define MHD_gl_3des_ecb_decrypt(ctx, from, to) MHD_gl_3des_ecb_crypt(ctx,from,to,1) 111#define MHD_gl_3des_ecb_decrypt(ctx, from, to) MHD_gl_3des_ecb_crypt(ctx,from,to,1)
diff --git a/src/daemon/https/lgl/gc-gnulib.c b/src/daemon/https/lgl/gc-gnulib.c
index 7c16d443..52fce18b 100644
--- a/src/daemon/https/lgl/gc-gnulib.c
+++ b/src/daemon/https/lgl/gc-gnulib.c
@@ -161,9 +161,9 @@ MHD_gc_random (char *data, size_t datalen)
161/* Memory allocation. */ 161/* Memory allocation. */
162void 162void
163MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, 163MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc,
164 MHD_gc_malloc_t secure_malloc, 164 MHD_gc_malloc_t secure_malloc,
165 MHD_gc_secure_check_t secure_check, 165 MHD_gc_secure_check_t secure_check,
166 MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free) 166 MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free)
167{ 167{
168 return; 168 return;
169} 169}
@@ -193,7 +193,7 @@ typedef struct _MHD_gc_cipher_ctx
193 193
194Gc_rc 194Gc_rc
195MHD_gc_cipher_open (Gc_cipher alg, 195MHD_gc_cipher_open (Gc_cipher alg,
196 Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle) 196 Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle)
197{ 197{
198 _MHD_gc_cipher_ctx *ctx; 198 _MHD_gc_cipher_ctx *ctx;
199 Gc_rc rc = GC_OK; 199 Gc_rc rc = GC_OK;
@@ -277,7 +277,8 @@ MHD_gc_cipher_open (Gc_cipher alg,
277} 277}
278 278
279Gc_rc 279Gc_rc
280MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *key) 280MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen,
281 const char *key)
281{ 282{
282 _MHD_gc_cipher_ctx *ctx = handle; 283 _MHD_gc_cipher_ctx *ctx = handle;
283 284
@@ -317,16 +318,18 @@ MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *ke
317 sprintf (&keyMaterial[2 * i], "%02x", key[i] & 0xFF); 318 sprintf (&keyMaterial[2 * i], "%02x", key[i] & 0xFF);
318 319
319 rc = MHD_rijndaelMakeKey (&ctx->aesEncKey, RIJNDAEL_DIR_ENCRYPT, 320 rc = MHD_rijndaelMakeKey (&ctx->aesEncKey, RIJNDAEL_DIR_ENCRYPT,
320 keylen * 8, keyMaterial); 321 keylen * 8, keyMaterial);
321 if (rc < 0) 322 if (rc < 0)
322 return GC_INVALID_CIPHER; 323 return GC_INVALID_CIPHER;
323 324
324 rc = MHD_rijndaelMakeKey (&ctx->aesDecKey, RIJNDAEL_DIR_DECRYPT, 325 rc = MHD_rijndaelMakeKey (&ctx->aesDecKey, RIJNDAEL_DIR_DECRYPT,
325 keylen * 8, keyMaterial); 326 keylen * 8, keyMaterial);
326 if (rc < 0) 327 if (rc < 0)
327 return GC_INVALID_CIPHER; 328 return GC_INVALID_CIPHER;
328 329
329 rc = MHD_MHD_rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_ECB, NULL); 330 rc =
331 MHD_MHD_rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_ECB,
332 NULL);
330 if (rc < 0) 333 if (rc < 0)
331 return GC_INVALID_CIPHER; 334 return GC_INVALID_CIPHER;
332 } 335 }
@@ -341,7 +344,8 @@ MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *ke
341} 344}
342 345
343Gc_rc 346Gc_rc
344MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv) 347MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen,
348 const char *iv)
345{ 349{
346 _MHD_gc_cipher_ctx *ctx = handle; 350 _MHD_gc_cipher_ctx *ctx = handle;
347 351
@@ -374,8 +378,9 @@ MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv)
374 for (i = 0; i < ivlen; i++) 378 for (i = 0; i < ivlen; i++)
375 sprintf (&ivMaterial[2 * i], "%02x", iv[i] & 0xFF); 379 sprintf (&ivMaterial[2 * i], "%02x", iv[i] & 0xFF);
376 380
377 rc = MHD_MHD_rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_CBC, 381 rc =
378 ivMaterial); 382 MHD_MHD_rijndaelCipherInit (&ctx->aesContext, RIJNDAEL_MODE_CBC,
383 ivMaterial);
379 if (rc < 0) 384 if (rc < 0)
380 return GC_INVALID_CIPHER; 385 return GC_INVALID_CIPHER;
381 } 386 }
@@ -395,7 +400,8 @@ MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv)
395} 400}
396 401
397Gc_rc 402Gc_rc
398MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *data) 403MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len,
404 char *data)
399{ 405{
400 _MHD_gc_cipher_ctx *ctx = handle; 406 _MHD_gc_cipher_ctx *ctx = handle;
401 407
@@ -450,7 +456,7 @@ MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *dat
450 int nblocks; 456 int nblocks;
451 457
452 nblocks = MHD_rijndaelBlockEncrypt (&ctx->aesContext, &ctx->aesEncKey, 458 nblocks = MHD_rijndaelBlockEncrypt (&ctx->aesContext, &ctx->aesEncKey,
453 data, 8 * len, data); 459 data, 8 * len, data);
454 if (nblocks < 0) 460 if (nblocks < 0)
455 return GC_INVALID_CIPHER; 461 return GC_INVALID_CIPHER;
456 } 462 }
@@ -465,7 +471,8 @@ MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *dat
465} 471}
466 472
467Gc_rc 473Gc_rc
468MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *data) 474MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len,
475 char *data)
469{ 476{
470 _MHD_gc_cipher_ctx *ctx = handle; 477 _MHD_gc_cipher_ctx *ctx = handle;
471 478
@@ -522,7 +529,7 @@ MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *dat
522 int nblocks; 529 int nblocks;
523 530
524 nblocks = MHD_rijndaelBlockDecrypt (&ctx->aesContext, &ctx->aesDecKey, 531 nblocks = MHD_rijndaelBlockDecrypt (&ctx->aesContext, &ctx->aesDecKey,
525 data, 8 * len, data); 532 data, 8 * len, data);
526 if (nblocks < 0) 533 if (nblocks < 0)
527 return GC_INVALID_CIPHER; 534 return GC_INVALID_CIPHER;
528 } 535 }
@@ -565,7 +572,8 @@ typedef struct _MHD_gc_hash_ctx
565} _MHD_gc_hash_ctx; 572} _MHD_gc_hash_ctx;
566 573
567Gc_rc 574Gc_rc
568MHD_gc_hash_open (Gc_hash hash, Gc_hash_mode mode, MHD_gc_hash_handle * outhandle) 575MHD_gc_hash_open (Gc_hash hash, Gc_hash_mode mode,
576 MHD_gc_hash_handle * outhandle)
569{ 577{
570 _MHD_gc_hash_ctx *ctx; 578 _MHD_gc_hash_ctx *ctx;
571 Gc_rc rc = GC_OK; 579 Gc_rc rc = GC_OK;
@@ -769,7 +777,7 @@ MHD_gc_sha1 (const void *in, size_t inlen, void *resbuf)
769#ifdef GNULIB_GC_HMAC_MD5 777#ifdef GNULIB_GC_HMAC_MD5
770Gc_rc 778Gc_rc
771MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen, 779MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen,
772 const void *in, size_t inlen, char *resbuf) 780 const void *in, size_t inlen, char *resbuf)
773{ 781{
774 MHD_hmac_md5 (key, keylen, in, inlen, resbuf); 782 MHD_hmac_md5 (key, keylen, in, inlen, resbuf);
775 return GC_OK; 783 return GC_OK;
@@ -779,7 +787,8 @@ MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen,
779#ifdef GNULIB_GC_HMAC_SHA1 787#ifdef GNULIB_GC_HMAC_SHA1
780Gc_rc 788Gc_rc
781MHD_gc_MHD_hmac_sha1 (const void *key, 789MHD_gc_MHD_hmac_sha1 (const void *key,
782 size_t keylen, const void *in, size_t inlen, char *resbuf) 790 size_t keylen, const void *in, size_t inlen,
791 char *resbuf)
783{ 792{
784 MHD_hmac_sha1 (key, keylen, in, inlen, resbuf); 793 MHD_hmac_sha1 (key, keylen, in, inlen, resbuf);
785 return GC_OK; 794 return GC_OK;
diff --git a/src/daemon/https/lgl/gc-libgcrypt.c b/src/daemon/https/lgl/gc-libgcrypt.c
index a51a7bb4..e4429bd2 100644
--- a/src/daemon/https/lgl/gc-libgcrypt.c
+++ b/src/daemon/https/lgl/gc-libgcrypt.c
@@ -90,9 +90,9 @@ MHD_gc_random (char *data, size_t datalen)
90 90
91void 91void
92MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, 92MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc,
93 MHD_gc_malloc_t secure_malloc, 93 MHD_gc_malloc_t secure_malloc,
94 MHD_gc_secure_check_t secure_check, 94 MHD_gc_secure_check_t secure_check,
95 MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free) 95 MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free)
96{ 96{
97 gcry_set_allocation_handler (func_malloc, secure_malloc, secure_check, 97 gcry_set_allocation_handler (func_malloc, secure_malloc, secure_check,
98 func_realloc, func_free); 98 func_realloc, func_free);
@@ -102,7 +102,7 @@ MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc,
102 102
103Gc_rc 103Gc_rc
104MHD_gc_cipher_open (Gc_cipher alg, 104MHD_gc_cipher_open (Gc_cipher alg,
105 Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle) 105 Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle)
106{ 106{
107 int gcryalg, gcrymode; 107 int gcryalg, gcrymode;
108 gcry_error_t err; 108 gcry_error_t err;
@@ -179,7 +179,8 @@ MHD_gc_cipher_open (Gc_cipher alg,
179} 179}
180 180
181Gc_rc 181Gc_rc
182MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *key) 182MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen,
183 const char *key)
183{ 184{
184 gcry_error_t err; 185 gcry_error_t err;
185 186
@@ -191,7 +192,8 @@ MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen, const char *ke
191} 192}
192 193
193Gc_rc 194Gc_rc
194MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv) 195MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen,
196 const char *iv)
195{ 197{
196 gcry_error_t err; 198 gcry_error_t err;
197 199
@@ -203,7 +205,8 @@ MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv)
203} 205}
204 206
205Gc_rc 207Gc_rc
206MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *data) 208MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len,
209 char *data)
207{ 210{
208 if (gcry_cipher_encrypt ((gcry_cipher_hd_t) handle, data, len, NULL, len) != 211 if (gcry_cipher_encrypt ((gcry_cipher_hd_t) handle, data, len, NULL, len) !=
209 0) 212 0)
@@ -213,7 +216,8 @@ MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *dat
213} 216}
214 217
215Gc_rc 218Gc_rc
216MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len, char *data) 219MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len,
220 char *data)
217{ 221{
218 if (gcry_cipher_decrypt ((gcry_cipher_hd_t) handle, data, len, NULL, len) != 222 if (gcry_cipher_decrypt ((gcry_cipher_hd_t) handle, data, len, NULL, len) !=
219 0) 223 0)
@@ -240,7 +244,8 @@ typedef struct _MHD_gc_hash_ctx
240} _MHD_gc_hash_ctx; 244} _MHD_gc_hash_ctx;
241 245
242Gc_rc 246Gc_rc
243MHD_gc_hash_open (Gc_hash hash, Gc_hash_mode mode, MHD_gc_hash_handle * outhandle) 247MHD_gc_hash_open (Gc_hash hash, Gc_hash_mode mode,
248 MHD_gc_hash_handle * outhandle)
244{ 249{
245 _MHD_gc_hash_ctx *ctx; 250 _MHD_gc_hash_ctx *ctx;
246 int gcryalg = 0, gcrymode = 0; 251 int gcryalg = 0, gcrymode = 0;
@@ -391,7 +396,8 @@ MHD_gc_hash_digest_length (Gc_hash hash)
391} 396}
392 397
393void 398void
394MHD_gc_hash_MHD_hmac_setkey (MHD_gc_hash_handle handle, size_t len, const char *key) 399MHD_gc_hash_MHD_hmac_setkey (MHD_gc_hash_handle handle, size_t len,
400 const char *key)
395{ 401{
396 _MHD_gc_hash_ctx *ctx = handle; 402 _MHD_gc_hash_ctx *ctx = handle;
397 gcry_md_setkey (ctx->gch, key, len); 403 gcry_md_setkey (ctx->gch, key, len);
@@ -411,7 +417,7 @@ MHD_gc_hash_read (MHD_gc_hash_handle handle)
411 const char *digest; 417 const char *digest;
412 { 418 {
413 gcry_md_final (ctx->gch); 419 gcry_md_final (ctx->gch);
414 digest = (const char*) gcry_md_read (ctx->gch, 0); 420 digest = (const char *) gcry_md_read (ctx->gch, 0);
415 } 421 }
416 422
417 return digest; 423 return digest;
@@ -547,7 +553,7 @@ MHD_gc_sha1 (const void *in, size_t inlen, void *resbuf)
547#ifdef GNULIB_GC_HMAC_MD5 553#ifdef GNULIB_GC_HMAC_MD5
548Gc_rc 554Gc_rc
549MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen, 555MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen,
550 const void *in, size_t inlen, char *resbuf) 556 const void *in, size_t inlen, char *resbuf)
551{ 557{
552 size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_MD5); 558 size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_MD5);
553 gcry_md_hd_t mdh; 559 gcry_md_hd_t mdh;
@@ -587,7 +593,8 @@ MHD_gc_MHD_hmac_md5 (const void *key, size_t keylen,
587#ifdef GNULIB_GC_HMAC_SHA1 593#ifdef GNULIB_GC_HMAC_SHA1
588Gc_rc 594Gc_rc
589MHD_gc_MHD_hmac_sha1 (const void *key, 595MHD_gc_MHD_hmac_sha1 (const void *key,
590 size_t keylen, const void *in, size_t inlen, char *resbuf) 596 size_t keylen, const void *in, size_t inlen,
597 char *resbuf)
591{ 598{
592 size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_SHA1); 599 size_t hlen = gcry_md_get_algo_dlen (GCRY_MD_SHA1);
593 gcry_md_hd_t mdh; 600 gcry_md_hd_t mdh;
diff --git a/src/daemon/https/lgl/gc-pbkdf2-sha1.c b/src/daemon/https/lgl/gc-pbkdf2-sha1.c
index 98ac9f96..f58ba491 100644
--- a/src/daemon/https/lgl/gc-pbkdf2-sha1.c
+++ b/src/daemon/https/lgl/gc-pbkdf2-sha1.c
@@ -53,8 +53,8 @@
53 53
54Gc_rc 54Gc_rc
55MHD_gc_pbkdf2_sha1 (const char *P, size_t Plen, 55MHD_gc_pbkdf2_sha1 (const char *P, size_t Plen,
56 const char *S, size_t Slen, 56 const char *S, size_t Slen,
57 unsigned int c, char *DK, size_t dkLen) 57 unsigned int c, char *DK, size_t dkLen)
58{ 58{
59 unsigned int hLen = 20; 59 unsigned int hLen = 20;
60 char U[20]; 60 char U[20];
diff --git a/src/daemon/https/lgl/gc.h b/src/daemon/https/lgl/gc.h
index ecc506fc..4d6b2c93 100644
--- a/src/daemon/https/lgl/gc.h
+++ b/src/daemon/https/lgl/gc.h
@@ -105,9 +105,10 @@ typedef int (*MHD_gc_secure_check_t) (const void *);
105typedef void *(*MHD_gc_realloc_t) (void *p, size_t n); 105typedef void *(*MHD_gc_realloc_t) (void *p, size_t n);
106typedef void (*MHD_gc_free_t) (void *); 106typedef void (*MHD_gc_free_t) (void *);
107void MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc, 107void MHD_gc_set_allocators (MHD_gc_malloc_t func_malloc,
108 MHD_gc_malloc_t secure_malloc, 108 MHD_gc_malloc_t secure_malloc,
109 MHD_gc_secure_check_t secure_check, 109 MHD_gc_secure_check_t secure_check,
110 MHD_gc_realloc_t func_realloc, MHD_gc_free_t func_free); 110 MHD_gc_realloc_t func_realloc,
111 MHD_gc_free_t func_free);
111 112
112/* Randomness. */ 113/* Randomness. */
113Gc_rc MHD_gc_nonce (char *data, size_t datalen); 114Gc_rc MHD_gc_nonce (char *data, size_t datalen);
@@ -116,24 +117,29 @@ Gc_rc MHD_gc_random (char *data, size_t datalen);
116 117
117/* Ciphers. */ 118/* Ciphers. */
118Gc_rc MHD_gc_cipher_open (Gc_cipher cipher, 119Gc_rc MHD_gc_cipher_open (Gc_cipher cipher,
119 Gc_cipher_mode mode, MHD_gc_cipher_handle * outhandle); 120 Gc_cipher_mode mode,
120Gc_rc MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, 121 MHD_gc_cipher_handle * outhandle);
121 size_t keylen, const char *key); 122Gc_rc MHD_gc_cipher_setkey (MHD_gc_cipher_handle handle, size_t keylen,
122Gc_rc MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen, const char *iv); 123 const char *key);
123Gc_rc MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, 124Gc_rc MHD_gc_cipher_setiv (MHD_gc_cipher_handle handle, size_t ivlen,
124 size_t len, char *data); 125 const char *iv);
125Gc_rc MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, 126Gc_rc MHD_gc_cipher_encrypt_inline (MHD_gc_cipher_handle handle, size_t len,
126 size_t len, char *data); 127 char *data);
128Gc_rc MHD_gc_cipher_decrypt_inline (MHD_gc_cipher_handle handle, size_t len,
129 char *data);
127Gc_rc MHD_gc_cipher_close (MHD_gc_cipher_handle handle); 130Gc_rc MHD_gc_cipher_close (MHD_gc_cipher_handle handle);
128 131
129/* Hashes. */ 132/* Hashes. */
130 133
131Gc_rc MHD_gc_hash_open (Gc_hash hash, 134Gc_rc MHD_gc_hash_open (Gc_hash hash,
132 Gc_hash_mode mode, MHD_gc_hash_handle * outhandle); 135 Gc_hash_mode mode, MHD_gc_hash_handle * outhandle);
133Gc_rc MHD_gc_hash_clone (MHD_gc_hash_handle handle, MHD_gc_hash_handle * outhandle); 136Gc_rc MHD_gc_hash_clone (MHD_gc_hash_handle handle,
137 MHD_gc_hash_handle * outhandle);
134size_t MHD_gc_hash_digest_length (Gc_hash hash); 138size_t MHD_gc_hash_digest_length (Gc_hash hash);
135void MHD_gc_hash_MHD_hmac_setkey (MHD_gc_hash_handle handle, size_t len, const char *key); 139void MHD_gc_hash_MHD_hmac_setkey (MHD_gc_hash_handle handle, size_t len,
136void MHD_gc_hash_write (MHD_gc_hash_handle handle, size_t len, const char *data); 140 const char *key);
141void MHD_gc_hash_write (MHD_gc_hash_handle handle, size_t len,
142 const char *data);
137const char *MHD_gc_hash_read (MHD_gc_hash_handle handle); 143const char *MHD_gc_hash_read (MHD_gc_hash_handle handle);
138void MHD_gc_hash_close (MHD_gc_hash_handle handle); 144void MHD_gc_hash_close (MHD_gc_hash_handle handle);
139 145
@@ -143,7 +149,8 @@ void MHD_gc_hash_close (MHD_gc_hash_handle handle);
143 GC_<HASH>_DIGEST_SIZE. For example, for GC_MD5 the output buffer 149 GC_<HASH>_DIGEST_SIZE. For example, for GC_MD5 the output buffer
144 must be 16 bytes. The return value is 0 (GC_OK) on success, or 150 must be 16 bytes. The return value is 0 (GC_OK) on success, or
145 another Gc_rc error code. */ 151 another Gc_rc error code. */
146Gc_rc MHD_gc_hash_buffer (Gc_hash hash, const void *in, size_t inlen, char *out); 152Gc_rc MHD_gc_hash_buffer (Gc_hash hash, const void *in, size_t inlen,
153 char *out);
147 154
148/* One-call interface. */ 155/* One-call interface. */
149Gc_rc MHD_gc_md2 (const void *in, size_t inlen, void *resbuf); 156Gc_rc MHD_gc_md2 (const void *in, size_t inlen, void *resbuf);
@@ -151,10 +158,10 @@ Gc_rc MHD_gc_md4 (const void *in, size_t inlen, void *resbuf);
151Gc_rc MHD_gc_md5 (const void *in, size_t inlen, void *resbuf); 158Gc_rc MHD_gc_md5 (const void *in, size_t inlen, void *resbuf);
152Gc_rc MHD_gc_sha1 (const void *in, size_t inlen, void *resbuf); 159Gc_rc MHD_gc_sha1 (const void *in, size_t inlen, void *resbuf);
153Gc_rc MHD_gc_MHD_hmac_md5 (const void *key, 160Gc_rc MHD_gc_MHD_hmac_md5 (const void *key,
154 size_t keylen, const void *in, size_t inlen, char *resbuf); 161 size_t keylen, const void *in, size_t inlen,
155Gc_rc MHD_gc_MHD_hmac_sha1 (const void *key, 162 char *resbuf);
156 size_t keylen, 163Gc_rc MHD_gc_MHD_hmac_sha1 (const void *key, size_t keylen, const void *in,
157 const void *in, size_t inlen, char *resbuf); 164 size_t inlen, char *resbuf);
158 165
159/* Derive cryptographic keys from a password P of length PLEN, with 166/* Derive cryptographic keys from a password P of length PLEN, with
160 salt S of length SLEN, placing the result in pre-allocated buffer 167 salt S of length SLEN, placing the result in pre-allocated buffer
@@ -164,9 +171,10 @@ Gc_rc MHD_gc_MHD_hmac_sha1 (const void *key,
164 exactly dkLen bytes long. GC_OK is returned on success, otherwise 171 exactly dkLen bytes long. GC_OK is returned on success, otherwise
165 an Gc_rc error code is returned. */ 172 an Gc_rc error code is returned. */
166Gc_rc MHD_gc_pbkdf2_sha1 (const char *P, 173Gc_rc MHD_gc_pbkdf2_sha1 (const char *P,
167 size_t Plen, 174 size_t Plen,
168 const char *S, 175 const char *S,
169 size_t Slen, unsigned int c, char *DK, size_t dkLen); 176 size_t Slen, unsigned int c, char *DK,
177 size_t dkLen);
170 178
171/* 179/*
172 TODO: 180 TODO:
diff --git a/src/daemon/https/lgl/hmac-md5.c b/src/daemon/https/lgl/hmac-md5.c
index fc6902a9..1fd943f0 100644
--- a/src/daemon/https/lgl/hmac-md5.c
+++ b/src/daemon/https/lgl/hmac-md5.c
@@ -31,7 +31,7 @@
31 31
32int 32int
33MHD_hmac_md5 (const void *key, size_t keylen, 33MHD_hmac_md5 (const void *key, size_t keylen,
34 const void *in, size_t inlen, void *resbuf) 34 const void *in, size_t inlen, void *resbuf)
35{ 35{
36 struct MHD_md5_ctx inner; 36 struct MHD_md5_ctx inner;
37 struct MHD_md5_ctx outer; 37 struct MHD_md5_ctx outer;
diff --git a/src/daemon/https/lgl/hmac-sha1.c b/src/daemon/https/lgl/hmac-sha1.c
index 5d341cb4..4d2e4f37 100644
--- a/src/daemon/https/lgl/hmac-sha1.c
+++ b/src/daemon/https/lgl/hmac-sha1.c
@@ -31,7 +31,7 @@
31 31
32int 32int
33MHD_hmac_sha1 (const void *key, size_t keylen, 33MHD_hmac_sha1 (const void *key, size_t keylen,
34 const void *in, size_t inlen, void *resbuf) 34 const void *in, size_t inlen, void *resbuf)
35{ 35{
36 struct MHD_sha1_ctx inner; 36 struct MHD_sha1_ctx inner;
37 struct MHD_sha1_ctx outer; 37 struct MHD_sha1_ctx outer;
diff --git a/src/daemon/https/lgl/hmac.h b/src/daemon/https/lgl/hmac.h
index 29764056..c4791504 100644
--- a/src/daemon/https/lgl/hmac.h
+++ b/src/daemon/https/lgl/hmac.h
@@ -28,7 +28,7 @@
28 RESBUF buffer. Return 0 on success. */ 28 RESBUF buffer. Return 0 on success. */
29int 29int
30MHD_hmac_md5 (const void *key, size_t keylen, 30MHD_hmac_md5 (const void *key, size_t keylen,
31 const void *buffer, size_t buflen, void *resbuf); 31 const void *buffer, size_t buflen, void *resbuf);
32 32
33/* Compute Hashed Message Authentication Code with SHA-1, over BUFFER 33/* Compute Hashed Message Authentication Code with SHA-1, over BUFFER
34 data of BUFLEN bytes using the KEY of KEYLEN bytes, writing the 34 data of BUFLEN bytes using the KEY of KEYLEN bytes, writing the
@@ -36,6 +36,6 @@ MHD_hmac_md5 (const void *key, size_t keylen,
36 success. */ 36 success. */
37int 37int
38MHD_hmac_sha1 (const void *key, size_t keylen, 38MHD_hmac_sha1 (const void *key, size_t keylen,
39 const void *in, size_t inlen, void *resbuf); 39 const void *in, size_t inlen, void *resbuf);
40 40
41#endif /* HMAC_H */ 41#endif /* HMAC_H */
diff --git a/src/daemon/https/lgl/md5.c b/src/daemon/https/lgl/md5.c
index bc1fccbc..8cca27f5 100644
--- a/src/daemon/https/lgl/md5.c
+++ b/src/daemon/https/lgl/md5.c
@@ -212,7 +212,8 @@ MHD_md5_buffer (const char *buffer, size_t len, void *resblock)
212 212
213 213
214void 214void
215MHD_md5_process_bytes (const void *buffer, size_t len, struct MHD_md5_ctx *ctx) 215MHD_md5_process_bytes (const void *buffer, size_t len,
216 struct MHD_md5_ctx *ctx)
216{ 217{
217 /* When we already have some bits in our internal buffer concatenate 218 /* When we already have some bits in our internal buffer concatenate
218 both inputs first. */ 219 both inputs first. */
@@ -292,7 +293,8 @@ MHD_md5_process_bytes (const void *buffer, size_t len, struct MHD_md5_ctx *ctx)
292 It is assumed that LEN % 64 == 0. */ 293 It is assumed that LEN % 64 == 0. */
293 294
294void 295void
295MHD_md5_process_block (const void *buffer, size_t len, struct MHD_md5_ctx *ctx) 296MHD_md5_process_block (const void *buffer, size_t len,
297 struct MHD_md5_ctx *ctx)
296{ 298{
297 uint32_t correct_words[16]; 299 uint32_t correct_words[16];
298 const uint32_t *words = buffer; 300 const uint32_t *words = buffer;
diff --git a/src/daemon/https/lgl/md5.h b/src/daemon/https/lgl/md5.h
index 80793b66..94247e46 100644
--- a/src/daemon/https/lgl/md5.h
+++ b/src/daemon/https/lgl/md5.h
@@ -83,14 +83,14 @@ __MHD_md5_init_ctx (struct MHD_md5_ctx *ctx)
83 starting at BUFFER. 83 starting at BUFFER.
84 It is necessary that LEN is a multiple of 64!!! */ 84 It is necessary that LEN is a multiple of 64!!! */
85 extern void __MHD_md5_process_block (const void *buffer, size_t len, 85 extern void __MHD_md5_process_block (const void *buffer, size_t len,
86 struct MHD_md5_ctx *ctx) __THROW; 86 struct MHD_md5_ctx *ctx) __THROW;
87 87
88/* Starting with the result of former calls of this function (or the 88/* Starting with the result of former calls of this function (or the
89 initialization function update the context for the next LEN bytes 89 initialization function update the context for the next LEN bytes
90 starting at BUFFER. 90 starting at BUFFER.
91 It is NOT required that LEN is a multiple of 64. */ 91 It is NOT required that LEN is a multiple of 64. */
92 extern void __MHD_md5_process_bytes (const void *buffer, size_t len, 92 extern void __MHD_md5_process_bytes (const void *buffer, size_t len,
93 struct MHD_md5_ctx *ctx) __THROW; 93 struct MHD_md5_ctx *ctx) __THROW;
94 94
95/* Process the remaining bytes in the buffer and put result from CTX 95/* Process the remaining bytes in the buffer and put result from CTX
96 in first 16 bytes following RESBUF. The result is always in little 96 in first 16 bytes following RESBUF. The result is always in little
@@ -100,7 +100,7 @@ __MHD_md5_init_ctx (struct MHD_md5_ctx *ctx)
100 IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit 100 IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit
101 boundary. */ 101 boundary. */
102 extern void *__MHD_md5_finish_ctx (struct MHD_md5_ctx *ctx, 102 extern void *__MHD_md5_finish_ctx (struct MHD_md5_ctx *ctx,
103 void *resbuf) __THROW; 103 void *resbuf) __THROW;
104 104
105 105
106/* Put result from CTX in first 16 bytes following RESBUF. The result is 106/* Put result from CTX in first 16 bytes following RESBUF. The result is
@@ -110,7 +110,7 @@ __MHD_md5_init_ctx (struct MHD_md5_ctx *ctx)
110 IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit 110 IMPORTANT: On some systems, RESBUF must be aligned to a 32-bit
111 boundary. */ 111 boundary. */
112 extern void *__MHD_md5_read_ctx (const struct MHD_md5_ctx *ctx, 112 extern void *__MHD_md5_read_ctx (const struct MHD_md5_ctx *ctx,
113 void *resbuf) __THROW; 113 void *resbuf) __THROW;
114 114
115 115
116/* Compute MD5 message digest for bytes read from STREAM. The 116/* Compute MD5 message digest for bytes read from STREAM. The
@@ -123,6 +123,6 @@ __MHD_md5_init_ctx (struct MHD_md5_ctx *ctx)
123 output yields to the wanted ASCII representation of the message 123 output yields to the wanted ASCII representation of the message
124 digest. */ 124 digest. */
125 extern void *__MHD_md5_buffer (const char *buffer, size_t len, 125 extern void *__MHD_md5_buffer (const char *buffer, size_t len,
126 void *resblock) __THROW; 126 void *resblock) __THROW;
127 127
128#endif /* md5.h */ 128#endif /* md5.h */
diff --git a/src/daemon/https/lgl/rijndael-alg-fst.c b/src/daemon/https/lgl/rijndael-alg-fst.c
index d17fbeed..516fff15 100644
--- a/src/daemon/https/lgl/rijndael-alg-fst.c
+++ b/src/daemon/https/lgl/rijndael-alg-fst.c
@@ -763,7 +763,7 @@ static const uint32_t rcon[] = {
763 */ 763 */
764int 764int
765MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ], 765MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ],
766 const char cipherKey[], size_t keyBits) 766 const char cipherKey[], size_t keyBits)
767{ 767{
768 size_t i = 0; 768 size_t i = 0;
769 uint32_t temp; 769 uint32_t temp;
@@ -858,7 +858,7 @@ MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ],
858 */ 858 */
859int 859int
860MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ], 860MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ],
861 const char cipherKey[], size_t keyBits) 861 const char cipherKey[], size_t keyBits)
862{ 862{
863 size_t Nr, i, j; 863 size_t Nr, i, j;
864 uint32_t temp; 864 uint32_t temp;
@@ -912,7 +912,7 @@ MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ],
912 912
913void 913void
914MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, 914MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr,
915 const char pt[16], char ct[16]) 915 const char pt[16], char ct[16])
916{ 916{
917 uint32_t s0, s1, s2, s3, t0, t1, t2, t3; 917 uint32_t s0, s1, s2, s3, t0, t1, t2, t3;
918 size_t r; 918 size_t r;
@@ -1003,7 +1003,7 @@ MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr,
1003 1003
1004void 1004void
1005MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, 1005MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr,
1006 const char ct[16], char pt[16]) 1006 const char ct[16], char pt[16])
1007{ 1007{
1008 uint32_t s0, s1, s2, s3, t0, t1, t2, t3; 1008 uint32_t s0, s1, s2, s3, t0, t1, t2, t3;
1009 size_t r; 1009 size_t r;
diff --git a/src/daemon/https/lgl/rijndael-alg-fst.h b/src/daemon/https/lgl/rijndael-alg-fst.h
index c5496181..b04c1deb 100644
--- a/src/daemon/https/lgl/rijndael-alg-fst.h
+++ b/src/daemon/https/lgl/rijndael-alg-fst.h
@@ -56,12 +56,12 @@
56#define RIJNDAEL_MAXNR 14 56#define RIJNDAEL_MAXNR 14
57 57
58int MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ], 58int MHD_rijndaelKeySetupEnc (uint32_t rk[ /*4*(Nr + 1) */ ],
59 const char cipherKey[], size_t keyBits); 59 const char cipherKey[], size_t keyBits);
60int MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ], 60int MHD_rijndaelKeySetupDec (uint32_t rk[ /*4*(Nr + 1) */ ],
61 const char cipherKey[], size_t keyBits); 61 const char cipherKey[], size_t keyBits);
62void MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, 62void MHD_rijndaelEncrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr,
63 const char pt[16], char ct[16]); 63 const char pt[16], char ct[16]);
64void MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr, 64void MHD_rijndaelDecrypt (const uint32_t rk[ /*4*(Nr + 1) */ ], size_t Nr,
65 const char ct[16], char pt[16]); 65 const char ct[16], char pt[16]);
66 66
67#endif /* __RIJNDAEL_ALG_FST_H */ 67#endif /* __RIJNDAEL_ALG_FST_H */
diff --git a/src/daemon/https/lgl/rijndael-api-fst.c b/src/daemon/https/lgl/rijndael-api-fst.c
index 62d2a4e6..d4196948 100644
--- a/src/daemon/https/lgl/rijndael-api-fst.c
+++ b/src/daemon/https/lgl/rijndael-api-fst.c
@@ -73,7 +73,7 @@
73 73
74rijndael_rc 74rijndael_rc
75MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, 75MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction,
76 size_t keyLen, const char *keyMaterial) 76 size_t keyLen, const char *keyMaterial)
77{ 77{
78 size_t i; 78 size_t i;
79 char *keyMat; 79 char *keyMat;
@@ -149,8 +149,8 @@ MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction,
149} 149}
150 150
151rijndael_rc 151rijndael_rc
152MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, rijndael_mode mode, 152MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher,
153 const char *IV) 153 rijndael_mode mode, const char *IV)
154{ 154{
155 if ((mode == RIJNDAEL_MODE_ECB) || (mode == RIJNDAEL_MODE_CBC) 155 if ((mode == RIJNDAEL_MODE_ECB) || (mode == RIJNDAEL_MODE_CBC)
156 || (mode == RIJNDAEL_MODE_CFB1)) 156 || (mode == RIJNDAEL_MODE_CFB1))
@@ -200,8 +200,8 @@ MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, rijndael_mode mode,
200 200
201int 201int
202MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, 202MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher,
203 const rijndaelKeyInstance * key, 203 const rijndaelKeyInstance * key,
204 const char *input, size_t inputLen, char *outBuffer) 204 const char *input, size_t inputLen, char *outBuffer)
205{ 205{
206 size_t i, k, t, numBlocks; 206 size_t i, k, t, numBlocks;
207 char block[16], *iv; 207 char block[16], *iv;
@@ -277,8 +277,9 @@ MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher,
277 277
278int 278int
279MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, 279MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher,
280 const rijndaelKeyInstance * key, 280 const rijndaelKeyInstance * key,
281 const char *input, size_t inputOctets, char *outBuffer) 281 const char *input, size_t inputOctets,
282 char *outBuffer)
282{ 283{
283 size_t i, numBlocks, padLen; 284 size_t i, numBlocks, padLen;
284 char block[16], *iv; 285 char block[16], *iv;
@@ -350,8 +351,8 @@ MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher,
350 351
351int 352int
352MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, 353MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher,
353 const rijndaelKeyInstance * key, 354 const rijndaelKeyInstance * key,
354 const char *input, size_t inputLen, char *outBuffer) 355 const char *input, size_t inputLen, char *outBuffer)
355{ 356{
356 size_t i, k, t, numBlocks; 357 size_t i, k, t, numBlocks;
357 char block[16], *iv; 358 char block[16], *iv;
@@ -426,8 +427,9 @@ MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher,
426 427
427int 428int
428MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher, 429MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher,
429 const rijndaelKeyInstance * key, 430 const rijndaelKeyInstance * key,
430 const char *input, size_t inputOctets, char *outBuffer) 431 const char *input, size_t inputOctets,
432 char *outBuffer)
431{ 433{
432 size_t i, numBlocks, padLen; 434 size_t i, numBlocks, padLen;
433 char block[16]; 435 char block[16];
diff --git a/src/daemon/https/lgl/rijndael-api-fst.h b/src/daemon/https/lgl/rijndael-api-fst.h
index 088e6bfd..893021fc 100644
--- a/src/daemon/https/lgl/rijndael-api-fst.h
+++ b/src/daemon/https/lgl/rijndael-api-fst.h
@@ -138,7 +138,7 @@ typedef struct
138 128, 192 or 256. Returns 0 on success, or an error code. */ 138 128, 192 or 256. Returns 0 on success, or an error code. */
139extern rijndael_rc 139extern rijndael_rc
140MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction, 140MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction,
141 size_t keyLen, const char *keyMaterial); 141 size_t keyLen, const char *keyMaterial);
142 142
143/* Initialize cipher state CIPHER for encryption MODE (e.g., 143/* Initialize cipher state CIPHER for encryption MODE (e.g.,
144 RIJNDAEL_MODE_CBC) with initialization vector IV, a hex string of 144 RIJNDAEL_MODE_CBC) with initialization vector IV, a hex string of
@@ -146,7 +146,7 @@ MHD_rijndaelMakeKey (rijndaelKeyInstance * key, rijndael_direction direction,
146 not need an IV (i.e., RIJNDAEL_MODE_ECB). */ 146 not need an IV (i.e., RIJNDAEL_MODE_ECB). */
147extern rijndael_rc 147extern rijndael_rc
148MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher, 148MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher,
149 rijndael_mode mode, const char *IV); 149 rijndael_mode mode, const char *IV);
150 150
151/* Encrypt data in INPUT, of INPUTLEN/8 bytes length, placing the 151/* Encrypt data in INPUT, of INPUTLEN/8 bytes length, placing the
152 output in the pre-allocated OUTBUFFER which must hold at least 152 output in the pre-allocated OUTBUFFER which must hold at least
@@ -157,8 +157,9 @@ MHD_MHD_rijndaelCipherInit (rijndaelCipherInstance * cipher,
157 negative rijndael_rc error code. */ 157 negative rijndael_rc error code. */
158extern int 158extern int
159MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher, 159MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher,
160 const rijndaelKeyInstance * key, 160 const rijndaelKeyInstance * key,
161 const char *input, size_t inputLen, char *outBuffer); 161 const char *input, size_t inputLen,
162 char *outBuffer);
162 163
163/* Encrypt data in INPUT, of INPUTOCTETS bytes length, placing the 164/* Encrypt data in INPUT, of INPUTOCTETS bytes length, placing the
164 output in the pre-allocated OUTBUFFER which must hold at least 165 output in the pre-allocated OUTBUFFER which must hold at least
@@ -171,8 +172,9 @@ MHD_rijndaelBlockEncrypt (rijndaelCipherInstance * cipher,
171 negative rijndael_rc error code. */ 172 negative rijndael_rc error code. */
172extern int 173extern int
173MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher, 174MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher,
174 const rijndaelKeyInstance * key, 175 const rijndaelKeyInstance * key,
175 const char *input, size_t inputOctets, char *outBuffer); 176 const char *input, size_t inputOctets,
177 char *outBuffer);
176 178
177/* Decrypt data in INPUT, of INPUTLEN/8 bytes length, placing the 179/* Decrypt data in INPUT, of INPUTLEN/8 bytes length, placing the
178 output in the pre-allocated OUTBUFFER which must hold at least 180 output in the pre-allocated OUTBUFFER which must hold at least
@@ -183,8 +185,9 @@ MHD_rijndaelPadEncrypt (rijndaelCipherInstance * cipher,
183 negative rijndael_rc error code. */ 185 negative rijndael_rc error code. */
184extern int 186extern int
185MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher, 187MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher,
186 const rijndaelKeyInstance * key, 188 const rijndaelKeyInstance * key,
187 const char *input, size_t inputLen, char *outBuffer); 189 const char *input, size_t inputLen,
190 char *outBuffer);
188 191
189/* Decrypt data in INPUT, of INPUTOCTETS bytes length, placing the 192/* Decrypt data in INPUT, of INPUTOCTETS bytes length, placing the
190 output in the pre-allocated OUTBUFFER which must hold at least 193 output in the pre-allocated OUTBUFFER which must hold at least
@@ -197,7 +200,8 @@ MHD_rijndaelBlockDecrypt (rijndaelCipherInstance * cipher,
197 negative rijndael_rc error code. */ 200 negative rijndael_rc error code. */
198extern int 201extern int
199MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher, 202MHD_rijndaelPadDecrypt (rijndaelCipherInstance * cipher,
200 const rijndaelKeyInstance * key, 203 const rijndaelKeyInstance * key,
201 const char *input, size_t inputOctets, char *outBuffer); 204 const char *input, size_t inputOctets,
205 char *outBuffer);
202 206
203#endif /* __RIJNDAEL_API_FST_H */ 207#endif /* __RIJNDAEL_API_FST_H */
diff --git a/src/daemon/https/lgl/sha1.c b/src/daemon/https/lgl/sha1.c
index c336cc4e..573e7c69 100644
--- a/src/daemon/https/lgl/sha1.c
+++ b/src/daemon/https/lgl/sha1.c
@@ -199,7 +199,8 @@ MHD_sha1_buffer (const char *buffer, size_t len, void *resblock)
199} 199}
200 200
201void 201void
202MHD_sha1_process_bytes (const void *buffer, size_t len, struct MHD_sha1_ctx *ctx) 202MHD_sha1_process_bytes (const void *buffer, size_t len,
203 struct MHD_sha1_ctx *ctx)
203{ 204{
204 /* When we already have some bits in our internal buffer concatenate 205 /* When we already have some bits in our internal buffer concatenate
205 both inputs first. */ 206 both inputs first. */
@@ -235,7 +236,8 @@ MHD_sha1_process_bytes (const void *buffer, size_t len, struct MHD_sha1_ctx *ctx
235 if (UNALIGNED_P (buffer)) 236 if (UNALIGNED_P (buffer))
236 while (len > 64) 237 while (len > 64)
237 { 238 {
238 MHD_sha1_process_block (memcpy (ctx->buffer, buffer, 64), 64, ctx); 239 MHD_sha1_process_block (memcpy (ctx->buffer, buffer, 64), 64,
240 ctx);
239 buffer = (const char *) buffer + 64; 241 buffer = (const char *) buffer + 64;
240 len -= 64; 242 len -= 64;
241 } 243 }
@@ -284,7 +286,8 @@ MHD_sha1_process_bytes (const void *buffer, size_t len, struct MHD_sha1_ctx *ctx
284 Most of this code comes from GnuPG's cipher/sha1.c. */ 286 Most of this code comes from GnuPG's cipher/sha1.c. */
285 287
286void 288void
287MHD_sha1_process_block (const void *buffer, size_t len, struct MHD_sha1_ctx *ctx) 289MHD_sha1_process_block (const void *buffer, size_t len,
290 struct MHD_sha1_ctx *ctx)
288{ 291{
289 const uint32_t *words = buffer; 292 const uint32_t *words = buffer;
290 size_t nwords = len / sizeof (uint32_t); 293 size_t nwords = len / sizeof (uint32_t);
diff --git a/src/daemon/https/lgl/sha1.h b/src/daemon/https/lgl/sha1.h
index 382d96cf..b6e40cdb 100644
--- a/src/daemon/https/lgl/sha1.h
+++ b/src/daemon/https/lgl/sha1.h
@@ -45,14 +45,14 @@ extern void MHD_sha1_init_ctx (struct MHD_sha1_ctx *ctx);
45 starting at BUFFER. 45 starting at BUFFER.
46 It is necessary that LEN is a multiple of 64!!! */ 46 It is necessary that LEN is a multiple of 64!!! */
47extern void MHD_sha1_process_block (const void *buffer, size_t len, 47extern void MHD_sha1_process_block (const void *buffer, size_t len,
48 struct MHD_sha1_ctx *ctx); 48 struct MHD_sha1_ctx *ctx);
49 49
50/* Starting with the result of former calls of this function (or the 50/* Starting with the result of former calls of this function (or the
51 initialization function update the context for the next LEN bytes 51 initialization function update the context for the next LEN bytes
52 starting at BUFFER. 52 starting at BUFFER.
53 It is NOT required that LEN is a multiple of 64. */ 53 It is NOT required that LEN is a multiple of 64. */
54extern void MHD_sha1_process_bytes (const void *buffer, size_t len, 54extern void MHD_sha1_process_bytes (const void *buffer, size_t len,
55 struct MHD_sha1_ctx *ctx); 55 struct MHD_sha1_ctx *ctx);
56 56
57/* Process the remaining bytes in the buffer and put result from CTX 57/* Process the remaining bytes in the buffer and put result from CTX
58 in first 20 bytes following RESBUF. The result is always in little 58 in first 20 bytes following RESBUF. The result is always in little
diff --git a/src/daemon/https/minitasn1/coding.c b/src/daemon/https/minitasn1/coding.c
index 350828b3..aa2aecb6 100644
--- a/src/daemon/https/minitasn1/coding.c
+++ b/src/daemon/https/minitasn1/coding.c
@@ -47,15 +47,16 @@
47/******************************************************/ 47/******************************************************/
48static void 48static void
49MHD__asn1_error_description_value_not_found (node_asn * node, 49MHD__asn1_error_description_value_not_found (node_asn * node,
50 char *ErrorDescription) 50 char *ErrorDescription)
51{ 51{
52 52
53 if (ErrorDescription == NULL) 53 if (ErrorDescription == NULL)
54 return; 54 return;
55 55
56 Estrcpy (ErrorDescription, ":: value of element '"); 56 Estrcpy (ErrorDescription, ":: value of element '");
57 MHD__asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription), 57 MHD__asn1_hierarchical_name (node,
58 MAX_ERROR_DESCRIPTION_SIZE - 40); 58 ErrorDescription + strlen (ErrorDescription),
59 MAX_ERROR_DESCRIPTION_SIZE - 40);
59 Estrcat (ErrorDescription, "' not found"); 60 Estrcat (ErrorDescription, "' not found");
60 61
61} 62}
@@ -115,7 +116,7 @@ MHD__asn1_length_der (unsigned long int len, unsigned char *ans, int *ans_len)
115/******************************************************/ 116/******************************************************/
116static void 117static void
117MHD__asn1_tag_der (unsigned char class, unsigned int tag_value, 118MHD__asn1_tag_der (unsigned char class, unsigned int tag_value,
118 unsigned char *ans, int *ans_len) 119 unsigned char *ans, int *ans_len)
119{ 120{
120 int k; 121 int k;
121 unsigned char temp[SIZEOF_UNSIGNED_INT]; 122 unsigned char temp[SIZEOF_UNSIGNED_INT];
@@ -154,7 +155,7 @@ MHD__asn1_tag_der (unsigned char class, unsigned int tag_value,
154 **/ 155 **/
155void 156void
156MHD__asn1_octet_der (const unsigned char *str, int str_len, 157MHD__asn1_octet_der (const unsigned char *str, int str_len,
157 unsigned char *der, int *der_len) 158 unsigned char *der, int *der_len)
158{ 159{
159 int len_len; 160 int len_len;
160 161
@@ -187,11 +188,12 @@ MHD__asn1_time_der (unsigned char *str, unsigned char *der, int *der_len)
187 188
188 max_len = *der_len; 189 max_len = *der_len;
189 190
190 MHD__asn1_length_der (strlen ((const char*) str), (max_len > 0) ? der : NULL, &len_len); 191 MHD__asn1_length_der (strlen ((const char *) str),
192 (max_len > 0) ? der : NULL, &len_len);
191 193
192 if ((len_len + (int) strlen ((const char*) str)) <= max_len) 194 if ((len_len + (int) strlen ((const char *) str)) <= max_len)
193 memcpy (der + len_len, str, strlen ((const char*) str)); 195 memcpy (der + len_len, str, strlen ((const char *) str));
194 *der_len = len_len + strlen ((const char*) str); 196 *der_len = len_len + strlen ((const char *) str);
195 197
196 if ((*der_len) > max_len) 198 if ((*der_len) > max_len)
197 return ASN1_MEM_ERROR; 199 return ASN1_MEM_ERROR;
@@ -223,11 +225,11 @@ MHD__asn1_objectid_der (unsigned char *str, unsigned char *der, int *der_len)
223 225
224 max_len = *der_len; 226 max_len = *der_len;
225 227
226 temp = (char *) MHD__asn1_alloca (strlen ((const char*)str) + 2); 228 temp = (char *) MHD__asn1_alloca (strlen ((const char *) str) + 2);
227 if (temp == NULL) 229 if (temp == NULL)
228 return ASN1_MEM_ALLOC_ERROR; 230 return ASN1_MEM_ALLOC_ERROR;
229 231
230 strcpy (temp, (const char*) str); 232 strcpy (temp, (const char *) str);
231 strcat (temp, "."); 233 strcat (temp, ".");
232 234
233 counter = 0; 235 counter = 0;
@@ -284,7 +286,8 @@ MHD__asn1_objectid_der (unsigned char *str, unsigned char *der, int *der_len)
284} 286}
285 287
286 288
287const char MHD_bit_mask[] = { 0xFF, 0xFE, 0xFC, 0xF8, 0xF0, 0xE0, 0xC0, 0x80 }; 289const char MHD_bit_mask[] =
290 { 0xFF, 0xFE, 0xFC, 0xF8, 0xF0, 0xE0, 0xC0, 0x80 };
288 291
289/** 292/**
290 * MHD__asn1_bit_der: 293 * MHD__asn1_bit_der:
@@ -299,7 +302,7 @@ const char MHD_bit_mask[] = { 0xFF, 0xFE, 0xFC, 0xF8, 0xF0, 0xE0, 0xC0, 0x80 };
299 **/ 302 **/
300void 303void
301MHD__asn1_bit_der (const unsigned char *str, int bit_len, 304MHD__asn1_bit_der (const unsigned char *str, int bit_len,
302 unsigned char *der, int *der_len) 305 unsigned char *der, int *der_len)
303{ 306{
304 int len_len, len_byte, len_pad; 307 int len_len, len_byte, len_pad;
305 308
@@ -335,7 +338,7 @@ MHD__asn1_bit_der (const unsigned char *str, int bit_len,
335/******************************************************/ 338/******************************************************/
336static MHD__asn1_retCode 339static MHD__asn1_retCode
337MHD__asn1_complete_explicit_tag (node_asn * node, unsigned char *der, 340MHD__asn1_complete_explicit_tag (node_asn * node, unsigned char *der,
338 int *counter, int *max_len) 341 int *counter, int *max_len)
339{ 342{
340 node_asn *p; 343 node_asn *p;
341 int is_tag_implicit, len2, len3; 344 int is_tag_implicit, len2, len3;
@@ -408,7 +411,7 @@ MHD__asn1_complete_explicit_tag (node_asn * node, unsigned char *der,
408/******************************************************/ 411/******************************************************/
409static MHD__asn1_retCode 412static MHD__asn1_retCode
410MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter, 413MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter,
411 int *max_len) 414 int *max_len)
412{ 415{
413 node_asn *p; 416 node_asn *p;
414 int tag_len, is_tag_implicit; 417 int tag_len, is_tag_implicit;
@@ -438,21 +441,20 @@ MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter,
438 { 441 {
439 if (is_tag_implicit) 442 if (is_tag_implicit)
440 MHD__asn1_tag_der (class_implicit, tag_implicit, 443 MHD__asn1_tag_der (class_implicit, tag_implicit,
441 (unsigned char*) tag_der, 444 (unsigned char *) tag_der, &tag_len);
442 &tag_len);
443 else 445 else
444 MHD__asn1_tag_der (class | ASN1_CLASS_STRUCTURED, 446 MHD__asn1_tag_der (class | ASN1_CLASS_STRUCTURED,
445 strtoul ( (const char*) p->value, NULL, 10), 447 strtoul ((const char *) p->value, NULL,
446 (unsigned char*) tag_der, 448 10),
447 &tag_len); 449 (unsigned char *) tag_der, &tag_len);
448 450
449 *max_len -= tag_len; 451 *max_len -= tag_len;
450 if (*max_len >= 0) 452 if (*max_len >= 0)
451 memcpy (der + *counter, tag_der, tag_len); 453 memcpy (der + *counter, tag_der, tag_len);
452 *counter += tag_len; 454 *counter += tag_len;
453 455
454 MHD__asn1_ltostr (*counter, (char*) temp); 456 MHD__asn1_ltostr (*counter, (char *) temp);
455 MHD__asn1_set_name (p, (const char*) temp); 457 MHD__asn1_set_name (p, (const char *) temp);
456 458
457 is_tag_implicit = 0; 459 is_tag_implicit = 0;
458 } 460 }
@@ -466,7 +468,8 @@ MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter,
466 (type_field (node->type) == TYPE_SET_OF)) 468 (type_field (node->type) == TYPE_SET_OF))
467 class |= ASN1_CLASS_STRUCTURED; 469 class |= ASN1_CLASS_STRUCTURED;
468 class_implicit = class; 470 class_implicit = class;
469 tag_implicit = strtoul ( (const char*) p->value, NULL, 10); 471 tag_implicit =
472 strtoul ((const char *) p->value, NULL, 10);
470 is_tag_implicit = 1; 473 is_tag_implicit = 1;
471 } 474 }
472 } 475 }
@@ -477,63 +480,66 @@ MHD__asn1_insert_tag_der (node_asn * node, unsigned char *der, int *counter,
477 480
478 if (is_tag_implicit) 481 if (is_tag_implicit)
479 { 482 {
480 MHD__asn1_tag_der (class_implicit, tag_implicit, (unsigned char*) tag_der, &tag_len); 483 MHD__asn1_tag_der (class_implicit, tag_implicit,
484 (unsigned char *) tag_der, &tag_len);
481 } 485 }
482 else 486 else
483 { 487 {
484 switch (type_field (node->type)) 488 switch (type_field (node->type))
485 { 489 {
486 case TYPE_NULL: 490 case TYPE_NULL:
487 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_NULL, (unsigned char*) tag_der, 491 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_NULL,
488 &tag_len); 492 (unsigned char *) tag_der, &tag_len);
489 break; 493 break;
490 case TYPE_BOOLEAN: 494 case TYPE_BOOLEAN:
491 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_BOOLEAN, (unsigned char*) tag_der, 495 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_BOOLEAN,
492 &tag_len); 496 (unsigned char *) tag_der, &tag_len);
493 break; 497 break;
494 case TYPE_INTEGER: 498 case TYPE_INTEGER:
495 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_INTEGER, (unsigned char*) tag_der, 499 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_INTEGER,
496 &tag_len); 500 (unsigned char *) tag_der, &tag_len);
497 break; 501 break;
498 case TYPE_ENUMERATED: 502 case TYPE_ENUMERATED:
499 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_ENUMERATED, (unsigned char*) tag_der, 503 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_ENUMERATED,
500 &tag_len); 504 (unsigned char *) tag_der, &tag_len);
501 break; 505 break;
502 case TYPE_OBJECT_ID: 506 case TYPE_OBJECT_ID:
503 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_OBJECT_ID, (unsigned char*) tag_der, 507 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_OBJECT_ID,
504 &tag_len); 508 (unsigned char *) tag_der, &tag_len);
505 break; 509 break;
506 case TYPE_TIME: 510 case TYPE_TIME:
507 if (node->type & CONST_UTC) 511 if (node->type & CONST_UTC)
508 { 512 {
509 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_UTCTime, (unsigned char*) tag_der, 513 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_UTCTime,
510 &tag_len); 514 (unsigned char *) tag_der, &tag_len);
511 } 515 }
512 else 516 else
513 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_GENERALIZEDTime, 517 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_GENERALIZEDTime,
514 (unsigned char*) tag_der, &tag_len); 518 (unsigned char *) tag_der, &tag_len);
515 break; 519 break;
516 case TYPE_OCTET_STRING: 520 case TYPE_OCTET_STRING:
517 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_OCTET_STRING, (unsigned char*) tag_der, 521 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_OCTET_STRING,
518 &tag_len); 522 (unsigned char *) tag_der, &tag_len);
519 break; 523 break;
520 case TYPE_GENERALSTRING: 524 case TYPE_GENERALSTRING:
521 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_GENERALSTRING, 525 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_GENERALSTRING,
522 (unsigned char*) tag_der, &tag_len); 526 (unsigned char *) tag_der, &tag_len);
523 break; 527 break;
524 case TYPE_BIT_STRING: 528 case TYPE_BIT_STRING:
525 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_BIT_STRING, (unsigned char*) tag_der, 529 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL, ASN1_TAG_BIT_STRING,
526 &tag_len); 530 (unsigned char *) tag_der, &tag_len);
527 break; 531 break;
528 case TYPE_SEQUENCE: 532 case TYPE_SEQUENCE:
529 case TYPE_SEQUENCE_OF: 533 case TYPE_SEQUENCE_OF:
530 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, 534 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED,
531 ASN1_TAG_SEQUENCE, (unsigned char*) tag_der, &tag_len); 535 ASN1_TAG_SEQUENCE, (unsigned char *) tag_der,
536 &tag_len);
532 break; 537 break;
533 case TYPE_SET: 538 case TYPE_SET:
534 case TYPE_SET_OF: 539 case TYPE_SET_OF:
535 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED, 540 MHD__asn1_tag_der (ASN1_CLASS_UNIVERSAL | ASN1_CLASS_STRUCTURED,
536 ASN1_TAG_SET, (unsigned char*) tag_der, &tag_len); 541 ASN1_TAG_SET, (unsigned char *) tag_der,
542 &tag_len);
537 break; 543 break;
538 case TYPE_TAG: 544 case TYPE_TAG:
539 tag_len = 0; 545 tag_len = 0;
@@ -591,11 +597,11 @@ MHD__asn1_ordering_set (unsigned char *der, int der_len, node_asn * node)
591 return; 597 return;
592 598
593 p = node->down; 599 p = node->down;
594 while ( (p != NULL) && 600 while ((p != NULL) &&
595 ((type_field (p->type) == TYPE_TAG) 601 ((type_field (p->type) == TYPE_TAG)
596 || (type_field (p->type) == TYPE_SIZE)) ) 602 || (type_field (p->type) == TYPE_SIZE)))
597 p = p->right; 603 p = p->right;
598 604
599 if ((p == NULL) || (p->right == NULL)) 605 if ((p == NULL) || (p->right == NULL))
600 return; 606 return;
601 607
@@ -623,7 +629,8 @@ MHD__asn1_ordering_set (unsigned char *der, int der_len, node_asn * node)
623 counter += len2; 629 counter += len2;
624 630
625 /* extraction and length */ 631 /* extraction and length */
626 len2 = MHD__asn1_get_length_der (der + counter, der_len - counter, &len); 632 len2 =
633 MHD__asn1_get_length_der (der + counter, der_len - counter, &len);
627 if (len2 < 0) 634 if (len2 < 0)
628 return; 635 return;
629 counter += len + len2; 636 counter += len + len2;
@@ -643,7 +650,8 @@ MHD__asn1_ordering_set (unsigned char *der, int der_len, node_asn * node)
643 if (p_vet->value > p2_vet->value) 650 if (p_vet->value > p2_vet->value)
644 { 651 {
645 /* change position */ 652 /* change position */
646 temp = (unsigned char *) MHD__asn1_alloca (p_vet->end - counter); 653 temp =
654 (unsigned char *) MHD__asn1_alloca (p_vet->end - counter);
647 if (temp == NULL) 655 if (temp == NULL)
648 return; 656 return;
649 657
@@ -738,7 +746,8 @@ MHD__asn1_ordering_set_of (unsigned char *der, int der_len, node_asn * node)
738 return; 746 return;
739 counter += len; 747 counter += len;
740 748
741 len2 = MHD__asn1_get_length_der (der + counter, der_len - counter, &len); 749 len2 =
750 MHD__asn1_get_length_der (der + counter, der_len - counter, &len);
742 if (len2 < 0) 751 if (len2 < 0)
743 return; 752 return;
744 counter += len + len2; 753 counter += len + len2;
@@ -781,7 +790,8 @@ MHD__asn1_ordering_set_of (unsigned char *der, int der_len, node_asn * node)
781 if (change == 1) 790 if (change == 1)
782 { 791 {
783 /* change position */ 792 /* change position */
784 temp = (unsigned char *) MHD__asn1_alloca (p_vet->end - counter); 793 temp =
794 (unsigned char *) MHD__asn1_alloca (p_vet->end - counter);
785 if (temp == NULL) 795 if (temp == NULL)
786 return; 796 return;
787 797
@@ -837,8 +847,8 @@ MHD__asn1_ordering_set_of (unsigned char *der, int der_len, node_asn * node)
837 * 847 *
838 **/ 848 **/
839MHD__asn1_retCode 849MHD__asn1_retCode
840MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len, 850MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider,
841 char *ErrorDescription) 851 int *len, char *ErrorDescription)
842{ 852{
843 node_asn *node, *p, *p2; 853 node_asn *node, *p, *p2;
844 char temp[SIZEOF_UNSIGNED_LONG_INT * 3 + 1]; 854 char temp[SIZEOF_UNSIGNED_LONG_INT * 3 + 1];
@@ -894,7 +904,7 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
894 if (p->value == NULL) 904 if (p->value == NULL)
895 { 905 {
896 MHD__asn1_error_description_value_not_found (p, 906 MHD__asn1_error_description_value_not_found (p,
897 ErrorDescription); 907 ErrorDescription);
898 err = ASN1_VALUE_NOT_FOUND; 908 err = ASN1_VALUE_NOT_FOUND;
899 goto error; 909 goto error;
900 } 910 }
@@ -924,7 +934,7 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
924 if (p->value == NULL) 934 if (p->value == NULL)
925 { 935 {
926 MHD__asn1_error_description_value_not_found (p, 936 MHD__asn1_error_description_value_not_found (p,
927 ErrorDescription); 937 ErrorDescription);
928 err = ASN1_VALUE_NOT_FOUND; 938 err = ASN1_VALUE_NOT_FOUND;
929 goto error; 939 goto error;
930 } 940 }
@@ -952,7 +962,7 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
952 if (p->value == NULL) 962 if (p->value == NULL)
953 { 963 {
954 MHD__asn1_error_description_value_not_found (p, 964 MHD__asn1_error_description_value_not_found (p,
955 ErrorDescription); 965 ErrorDescription);
956 err = ASN1_VALUE_NOT_FOUND; 966 err = ASN1_VALUE_NOT_FOUND;
957 goto error; 967 goto error;
958 } 968 }
@@ -969,7 +979,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
969 case TYPE_TIME: 979 case TYPE_TIME:
970 if (p->value == NULL) 980 if (p->value == NULL)
971 { 981 {
972 MHD__asn1_error_description_value_not_found (p, ErrorDescription); 982 MHD__asn1_error_description_value_not_found (p,
983 ErrorDescription);
973 err = ASN1_VALUE_NOT_FOUND; 984 err = ASN1_VALUE_NOT_FOUND;
974 goto error; 985 goto error;
975 } 986 }
@@ -985,7 +996,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
985 case TYPE_OCTET_STRING: 996 case TYPE_OCTET_STRING:
986 if (p->value == NULL) 997 if (p->value == NULL)
987 { 998 {
988 MHD__asn1_error_description_value_not_found (p, ErrorDescription); 999 MHD__asn1_error_description_value_not_found (p,
1000 ErrorDescription);
989 err = ASN1_VALUE_NOT_FOUND; 1001 err = ASN1_VALUE_NOT_FOUND;
990 goto error; 1002 goto error;
991 } 1003 }
@@ -1004,7 +1016,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
1004 case TYPE_GENERALSTRING: 1016 case TYPE_GENERALSTRING:
1005 if (p->value == NULL) 1017 if (p->value == NULL)
1006 { 1018 {
1007 MHD__asn1_error_description_value_not_found (p, ErrorDescription); 1019 MHD__asn1_error_description_value_not_found (p,
1020 ErrorDescription);
1008 err = ASN1_VALUE_NOT_FOUND; 1021 err = ASN1_VALUE_NOT_FOUND;
1009 goto error; 1022 goto error;
1010 } 1023 }
@@ -1023,7 +1036,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
1023 case TYPE_BIT_STRING: 1036 case TYPE_BIT_STRING:
1024 if (p->value == NULL) 1037 if (p->value == NULL)
1025 { 1038 {
1026 MHD__asn1_error_description_value_not_found (p, ErrorDescription); 1039 MHD__asn1_error_description_value_not_found (p,
1040 ErrorDescription);
1027 err = ASN1_VALUE_NOT_FOUND; 1041 err = ASN1_VALUE_NOT_FOUND;
1028 goto error; 1042 goto error;
1029 } 1043 }
@@ -1069,11 +1083,12 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
1069 } 1083 }
1070 else 1084 else
1071 { /* move==UP */ 1085 { /* move==UP */
1072 len2 = strtol ( (const char*) p->value, NULL, 10); 1086 len2 = strtol ((const char *) p->value, NULL, 10);
1073 MHD__asn1_set_value (p, NULL, 0); 1087 MHD__asn1_set_value (p, NULL, 0);
1074 if ((type_field (p->type) == TYPE_SET) && (max_len >= 0)) 1088 if ((type_field (p->type) == TYPE_SET) && (max_len >= 0))
1075 MHD__asn1_ordering_set (der + len2, max_len - len2, p); 1089 MHD__asn1_ordering_set (der + len2, max_len - len2, p);
1076 MHD__asn1_length_der (counter - len2, (unsigned char*) temp, &len3); 1090 MHD__asn1_length_der (counter - len2, (unsigned char *) temp,
1091 &len3);
1077 max_len -= len3; 1092 max_len -= len3;
1078 if (max_len >= 0) 1093 if (max_len >= 0)
1079 { 1094 {
@@ -1109,14 +1124,15 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
1109 } 1124 }
1110 if (move == UP) 1125 if (move == UP)
1111 { 1126 {
1112 len2 = strtol ( (const char*) p->value, NULL, 10); 1127 len2 = strtol ((const char *) p->value, NULL, 10);
1113 MHD__asn1_set_value (p, NULL, 0); 1128 MHD__asn1_set_value (p, NULL, 0);
1114 if ((type_field (p->type) == TYPE_SET_OF) 1129 if ((type_field (p->type) == TYPE_SET_OF)
1115 && (max_len - len2 > 0)) 1130 && (max_len - len2 > 0))
1116 { 1131 {
1117 MHD__asn1_ordering_set_of (der + len2, max_len - len2, p); 1132 MHD__asn1_ordering_set_of (der + len2, max_len - len2, p);
1118 } 1133 }
1119 MHD__asn1_length_der (counter - len2, (unsigned char*) temp, &len3); 1134 MHD__asn1_length_der (counter - len2, (unsigned char *) temp,
1135 &len3);
1120 max_len -= len3; 1136 max_len -= len3;
1121 if (max_len >= 0) 1137 if (max_len >= 0)
1122 { 1138 {
@@ -1130,7 +1146,8 @@ MHD__asn1_der_coding (ASN1_TYPE element, const char *name, void *ider, int *len,
1130 case TYPE_ANY: 1146 case TYPE_ANY:
1131 if (p->value == NULL) 1147 if (p->value == NULL)
1132 { 1148 {
1133 MHD__asn1_error_description_value_not_found (p, ErrorDescription); 1149 MHD__asn1_error_description_value_not_found (p,
1150 ErrorDescription);
1134 err = ASN1_VALUE_NOT_FOUND; 1151 err = ASN1_VALUE_NOT_FOUND;
1135 goto error; 1152 goto error;
1136 } 1153 }
diff --git a/src/daemon/https/minitasn1/decoding.c b/src/daemon/https/minitasn1/decoding.c
index fcee0797..fe0eaef7 100644
--- a/src/daemon/https/minitasn1/decoding.c
+++ b/src/daemon/https/minitasn1/decoding.c
@@ -35,12 +35,14 @@
35 35
36 36
37static void 37static void
38MHD__asn1_error_description_tag_error (node_asn * node, char *ErrorDescription) 38MHD__asn1_error_description_tag_error (node_asn * node,
39 char *ErrorDescription)
39{ 40{
40 41
41 Estrcpy (ErrorDescription, ":: tag error near element '"); 42 Estrcpy (ErrorDescription, ":: tag error near element '");
42 MHD__asn1_hierarchical_name (node, ErrorDescription + strlen (ErrorDescription), 43 MHD__asn1_hierarchical_name (node,
43 MAX_ERROR_DESCRIPTION_SIZE - 40); 44 ErrorDescription + strlen (ErrorDescription),
45 MAX_ERROR_DESCRIPTION_SIZE - 40);
44 Estrcat (ErrorDescription, "'"); 46 Estrcat (ErrorDescription, "'");
45 47
46} 48}
@@ -117,7 +119,7 @@ MHD__asn1_get_length_der (const unsigned char *der, int der_len, int *len)
117 **/ 119 **/
118int 120int
119MHD__asn1_get_tag_der (const unsigned char *der, int der_len, 121MHD__asn1_get_tag_der (const unsigned char *der, int der_len,
120 unsigned char *cls, int *len, unsigned long *tag) 122 unsigned char *cls, int *len, unsigned long *tag)
121{ 123{
122 int punt, ris; 124 int punt, ris;
123 125
@@ -178,8 +180,8 @@ MHD__asn1_get_tag_der (const unsigned char *der, int der_len,
178 **/ 180 **/
179int 181int
180MHD__asn1_get_octet_der (const unsigned char *der, int der_len, 182MHD__asn1_get_octet_der (const unsigned char *der, int der_len,
181 int *ret_len, unsigned char *str, int str_size, 183 int *ret_len, unsigned char *str, int str_size,
182 int *str_len) 184 int *str_len)
183{ 185{
184 int len_len; 186 int len_len;
185 187
@@ -209,7 +211,7 @@ MHD__asn1_get_octet_der (const unsigned char *der, int der_len,
209 */ 211 */
210static int 212static int
211MHD__asn1_get_time_der (const unsigned char *der, int der_len, int *ret_len, 213MHD__asn1_get_time_der (const unsigned char *der, int der_len, int *ret_len,
212 char *str, int str_size) 214 char *str, int str_size)
213{ 215{
214 int len_len, str_len; 216 int len_len, str_len;
215 217
@@ -228,8 +230,8 @@ MHD__asn1_get_time_der (const unsigned char *der, int der_len, int *ret_len,
228 230
229 231
230static void 232static void
231MHD__asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len, 233MHD__asn1_get_objectid_der (const unsigned char *der, int der_len,
232 char *str, int str_size) 234 int *ret_len, char *str, int str_size)
233{ 235{
234 int len_len, len, k; 236 int len_len, len, k;
235 char temp[20]; 237 char temp[20];
@@ -286,8 +288,8 @@ MHD__asn1_get_objectid_der (const unsigned char *der, int der_len, int *ret_len,
286 **/ 288 **/
287int 289int
288MHD__asn1_get_bit_der (const unsigned char *der, int der_len, 290MHD__asn1_get_bit_der (const unsigned char *der, int der_len,
289 int *ret_len, unsigned char *str, int str_size, 291 int *ret_len, unsigned char *str, int str_size,
290 int *bit_len) 292 int *bit_len)
291{ 293{
292 int len_len, len_byte; 294 int len_len, len_byte;
293 295
@@ -314,8 +316,8 @@ MHD__asn1_get_bit_der (const unsigned char *der, int der_len,
314 316
315 317
316static int 318static int
317MHD__asn1_extract_tag_der (node_asn * node, const unsigned char *der, int der_len, 319MHD__asn1_extract_tag_der (node_asn * node, const unsigned char *der,
318 int *ret_len) 320 int der_len, int *ret_len)
319{ 321{
320 node_asn *p; 322 node_asn *p;
321 int counter, len2, len3, is_tag_implicit; 323 int counter, len2, len3, is_tag_implicit;
@@ -353,8 +355,8 @@ MHD__asn1_extract_tag_der (node_asn * node, const unsigned char *der, int der_le
353 return ASN1_DER_ERROR; 355 return ASN1_DER_ERROR;
354 counter += len2; 356 counter += len2;
355 len3 = 357 len3 =
356 MHD__asn1_get_length_der (der + counter, der_len - counter, 358 MHD__asn1_get_length_der (der + counter,
357 &len2); 359 der_len - counter, &len2);
358 if (len3 < 0) 360 if (len3 < 0)
359 return ASN1_DER_ERROR; 361 return ASN1_DER_ERROR;
360 counter += len2; 362 counter += len2;
@@ -567,7 +569,8 @@ MHD__asn1_delete_not_used (node_asn * node)
567 569
568 570
569static MHD__asn1_retCode 571static MHD__asn1_retCode
570MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node, int *len) 572MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node,
573 int *len)
571{ 574{
572 int len2, len3, counter, counter2, counter_end, tot_len, indefinite; 575 int len2, len3, counter, counter2, counter_end, tot_len, indefinite;
573 unsigned char *temp, *temp2; 576 unsigned char *temp, *temp2;
@@ -606,7 +609,8 @@ MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node, int *len)
606 609
607 counter++; 610 counter++;
608 611
609 len2 = MHD__asn1_get_length_der (der + counter, *len - counter, &len3); 612 len2 =
613 MHD__asn1_get_length_der (der + counter, *len - counter, &len3);
610 if (len2 <= 0) 614 if (len2 <= 0)
611 return ASN1_DER_ERROR; 615 return ASN1_DER_ERROR;
612 616
@@ -629,10 +633,10 @@ MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node, int *len)
629 temp2 = temp + len2; 633 temp2 = temp + len2;
630 len2 = MHD__asn1_get_length_der (der, *len, &len3); 634 len2 = MHD__asn1_get_length_der (der, *len, &len3);
631 if (len2 < -1) 635 if (len2 < -1)
632 { 636 {
633 MHD__asn1_afree (temp); 637 MHD__asn1_afree (temp);
634 return ASN1_DER_ERROR; 638 return ASN1_DER_ERROR;
635 } 639 }
636 counter2 = len3 + 1; 640 counter2 = len3 + 1;
637 641
638 if (indefinite == -1) 642 if (indefinite == -1)
@@ -643,12 +647,13 @@ MHD__asn1_get_octet_string (const unsigned char *der, node_asn * node, int *len)
643 while (counter2 < counter_end) 647 while (counter2 < counter_end)
644 { 648 {
645 len2 = 649 len2 =
646 MHD__asn1_get_length_der (der + counter2, *len - counter, &len3); 650 MHD__asn1_get_length_der (der + counter2, *len - counter,
651 &len3);
647 if (len2 < -1) 652 if (len2 < -1)
648 { 653 {
649 MHD__asn1_afree (temp); 654 MHD__asn1_afree (temp);
650 return ASN1_DER_ERROR; 655 return ASN1_DER_ERROR;
651 } 656 }
652 657
653 /* FIXME: to be checked. Is this ok? Has the 658 /* FIXME: to be checked. Is this ok? Has the
654 * size been checked before? 659 * size been checked before?
@@ -757,7 +762,7 @@ MHD__asn1_get_indefinite_length_string (const unsigned char *der, int *len)
757 762
758MHD__asn1_retCode 763MHD__asn1_retCode
759MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len, 764MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
760 char *errorDescription) 765 char *errorDescription)
761{ 766{
762 node_asn *node, *p, *p2, *p3; 767 node_asn *node, *p, *p2, *p3;
763 char temp[128]; 768 char temp[128];
@@ -789,7 +794,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
789 if (p->type & CONST_SET) 794 if (p->type & CONST_SET)
790 { 795 {
791 p2 = MHD__asn1_find_up (p); 796 p2 = MHD__asn1_find_up (p);
792 len2 = strtol ((const char*) p2->value, NULL, 10); 797 len2 = strtol ((const char *) p2->value, NULL, 10);
793 if (len2 == -1) 798 if (len2 == -1)
794 { 799 {
795 if (!der[counter] && !der[counter + 1]) 800 if (!der[counter] && !der[counter + 1])
@@ -819,7 +824,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
819 if (type_field (p2->type) != TYPE_CHOICE) 824 if (type_field (p2->type) != TYPE_CHOICE)
820 ris = 825 ris =
821 MHD__asn1_extract_tag_der (p2, der + counter, 826 MHD__asn1_extract_tag_der (p2, der + counter,
822 len - counter, &len2); 827 len - counter, &len2);
823 else 828 else
824 { 829 {
825 p3 = p2->down; 830 p3 = p2->down;
@@ -827,7 +832,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
827 { 832 {
828 ris = 833 ris =
829 MHD__asn1_extract_tag_der (p3, der + counter, 834 MHD__asn1_extract_tag_der (p3, der + counter,
830 len - counter, &len2); 835 len - counter,
836 &len2);
831 if (ris == ASN1_SUCCESS) 837 if (ris == ASN1_SUCCESS)
832 break; 838 break;
833 p3 = p3->right; 839 p3 = p3->right;
@@ -852,7 +858,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
852 if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT)) 858 if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT))
853 { 859 {
854 p2 = MHD__asn1_find_up (p); 860 p2 = MHD__asn1_find_up (p);
855 len2 = strtol ((const char*) p2->value, NULL, 10); 861 len2 = strtol ((const char *) p2->value, NULL, 10);
856 if (counter == len2) 862 if (counter == len2)
857 { 863 {
858 if (p->right) 864 if (p->right)
@@ -878,7 +884,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
878 if (counter < len) 884 if (counter < len)
879 ris = 885 ris =
880 MHD__asn1_extract_tag_der (p->down, der + counter, 886 MHD__asn1_extract_tag_der (p->down, der + counter,
881 len - counter, &len2); 887 len - counter, &len2);
882 else 888 else
883 ris = ASN1_DER_ERROR; 889 ris = ASN1_DER_ERROR;
884 if (ris == ASN1_SUCCESS) 890 if (ris == ASN1_SUCCESS)
@@ -917,14 +923,15 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
917 if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT)) 923 if ((p->type & CONST_OPTION) || (p->type & CONST_DEFAULT))
918 { 924 {
919 p2 = MHD__asn1_find_up (p); 925 p2 = MHD__asn1_find_up (p);
920 len2 = strtol ((const char*) p2->value, NULL, 10); 926 len2 = strtol ((const char *) p2->value, NULL, 10);
921 if ((len2 != -1) && (counter > len2)) 927 if ((len2 != -1) && (counter > len2))
922 ris = ASN1_TAG_ERROR; 928 ris = ASN1_TAG_ERROR;
923 } 929 }
924 930
925 if (ris == ASN1_SUCCESS) 931 if (ris == ASN1_SUCCESS)
926 ris = 932 ris =
927 MHD__asn1_extract_tag_der (p, der + counter, len - counter, &len2); 933 MHD__asn1_extract_tag_der (p, der + counter, len - counter,
934 &len2);
928 if (ris != ASN1_SUCCESS) 935 if (ris != ASN1_SUCCESS)
929 { 936 {
930 if (p->type & CONST_OPTION) 937 if (p->type & CONST_OPTION)
@@ -940,7 +947,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
940 else 947 else
941 { 948 {
942 if (errorDescription != NULL) 949 if (errorDescription != NULL)
943 MHD__asn1_error_description_tag_error (p, errorDescription); 950 MHD__asn1_error_description_tag_error (p,
951 errorDescription);
944 952
945 MHD__asn1_delete_structure (element); 953 MHD__asn1_delete_structure (element);
946 return ASN1_TAG_ERROR; 954 return ASN1_TAG_ERROR;
@@ -978,7 +986,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
978 case TYPE_INTEGER: 986 case TYPE_INTEGER:
979 case TYPE_ENUMERATED: 987 case TYPE_ENUMERATED:
980 len2 = 988 len2 =
981 MHD__asn1_get_length_der (der + counter, len - counter, &len3); 989 MHD__asn1_get_length_der (der + counter, len - counter,
990 &len3);
982 if (len2 < 0) 991 if (len2 < 0)
983 return ASN1_DER_ERROR; 992 return ASN1_DER_ERROR;
984 if (len2 + len3 > len - counter) 993 if (len2 + len3 > len - counter)
@@ -989,7 +998,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
989 break; 998 break;
990 case TYPE_OBJECT_ID: 999 case TYPE_OBJECT_ID:
991 MHD__asn1_get_objectid_der (der + counter, len - counter, &len2, 1000 MHD__asn1_get_objectid_der (der + counter, len - counter, &len2,
992 temp, sizeof (temp)); 1001 temp, sizeof (temp));
993 tlen = strlen (temp); 1002 tlen = strlen (temp);
994 if (tlen > 0) 1003 if (tlen > 0)
995 MHD__asn1_set_value (p, temp, tlen + 1); 1004 MHD__asn1_set_value (p, temp, tlen + 1);
@@ -998,8 +1007,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
998 break; 1007 break;
999 case TYPE_TIME: 1008 case TYPE_TIME:
1000 result = 1009 result =
1001 MHD__asn1_get_time_der (der + counter, len - counter, &len2, temp, 1010 MHD__asn1_get_time_der (der + counter, len - counter, &len2,
1002 sizeof (temp) - 1); 1011 temp, sizeof (temp) - 1);
1003 if (result != ASN1_SUCCESS) 1012 if (result != ASN1_SUCCESS)
1004 { 1013 {
1005 MHD__asn1_delete_structure (element); 1014 MHD__asn1_delete_structure (element);
@@ -1021,7 +1030,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1021 break; 1030 break;
1022 case TYPE_GENERALSTRING: 1031 case TYPE_GENERALSTRING:
1023 len2 = 1032 len2 =
1024 MHD__asn1_get_length_der (der + counter, len - counter, &len3); 1033 MHD__asn1_get_length_der (der + counter, len - counter,
1034 &len3);
1025 if (len2 < 0) 1035 if (len2 < 0)
1026 return ASN1_DER_ERROR; 1036 return ASN1_DER_ERROR;
1027 if (len3 + len2 > len - counter) 1037 if (len3 + len2 > len - counter)
@@ -1032,7 +1042,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1032 break; 1042 break;
1033 case TYPE_BIT_STRING: 1043 case TYPE_BIT_STRING:
1034 len2 = 1044 len2 =
1035 MHD__asn1_get_length_der (der + counter, len - counter, &len3); 1045 MHD__asn1_get_length_der (der + counter, len - counter,
1046 &len3);
1036 if (len2 < 0) 1047 if (len2 < 0)
1037 return ASN1_DER_ERROR; 1048 return ASN1_DER_ERROR;
1038 if (len3 + len2 > len - counter) 1049 if (len3 + len2 > len - counter)
@@ -1045,7 +1056,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1045 case TYPE_SET: 1056 case TYPE_SET:
1046 if (move == UP) 1057 if (move == UP)
1047 { 1058 {
1048 len2 = strtol ( (const char*) p->value, NULL, 10); 1059 len2 = strtol ((const char *) p->value, NULL, 10);
1049 MHD__asn1_set_value (p, NULL, 0); 1060 MHD__asn1_set_value (p, NULL, 0);
1050 if (len2 == -1) 1061 if (len2 == -1)
1051 { /* indefinite length method */ 1062 { /* indefinite length method */
@@ -1074,7 +1085,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1074 else 1085 else
1075 { /* move==DOWN || move==RIGHT */ 1086 { /* move==DOWN || move==RIGHT */
1076 len3 = 1087 len3 =
1077 MHD__asn1_get_length_der (der + counter, len - counter, &len2); 1088 MHD__asn1_get_length_der (der + counter, len - counter,
1089 &len2);
1078 if (len3 < -1) 1090 if (len3 < -1)
1079 return ASN1_DER_ERROR; 1091 return ASN1_DER_ERROR;
1080 counter += len2; 1092 counter += len2;
@@ -1113,7 +1125,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1113 case TYPE_SET_OF: 1125 case TYPE_SET_OF:
1114 if (move == UP) 1126 if (move == UP)
1115 { 1127 {
1116 len2 = strtol ( (const char*) p->value, NULL, 10); 1128 len2 = strtol ((const char *) p->value, NULL, 10);
1117 if (len2 == -1) 1129 if (len2 == -1)
1118 { /* indefinite length method */ 1130 { /* indefinite length method */
1119 if ((counter + 2) > len) 1131 if ((counter + 2) > len)
@@ -1152,7 +1164,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1152 else 1164 else
1153 { /* move==DOWN || move==RIGHT */ 1165 { /* move==DOWN || move==RIGHT */
1154 len3 = 1166 len3 =
1155 MHD__asn1_get_length_der (der + counter, len - counter, &len2); 1167 MHD__asn1_get_length_der (der + counter, len - counter,
1168 &len2);
1156 if (len3 < -1) 1169 if (len3 < -1)
1157 return ASN1_DER_ERROR; 1170 return ASN1_DER_ERROR;
1158 counter += len2; 1171 counter += len2;
@@ -1190,7 +1203,7 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1190 return ASN1_DER_ERROR; 1203 return ASN1_DER_ERROR;
1191 len4 = 1204 len4 =
1192 MHD__asn1_get_length_der (der + counter + len2, 1205 MHD__asn1_get_length_der (der + counter + len2,
1193 len - counter - len2, &len3); 1206 len - counter - len2, &len3);
1194 if (len4 < -1) 1207 if (len4 < -1)
1195 return ASN1_DER_ERROR; 1208 return ASN1_DER_ERROR;
1196 if (len4 > len - counter + len2 + len3) 1209 if (len4 > len - counter + len2 + len3)
@@ -1199,14 +1212,16 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1199 { 1212 {
1200 len2 += len4; 1213 len2 += len4;
1201 MHD__asn1_length_der (len2 + len3, NULL, &len4); 1214 MHD__asn1_length_der (len2 + len3, NULL, &len4);
1202 temp2 = (unsigned char *) MHD__asn1_alloca (len2 + len3 + len4); 1215 temp2 =
1216 (unsigned char *) MHD__asn1_alloca (len2 + len3 + len4);
1203 if (temp2 == NULL) 1217 if (temp2 == NULL)
1204 { 1218 {
1205 MHD__asn1_delete_structure (element); 1219 MHD__asn1_delete_structure (element);
1206 return ASN1_MEM_ALLOC_ERROR; 1220 return ASN1_MEM_ALLOC_ERROR;
1207 } 1221 }
1208 1222
1209 MHD__asn1_octet_der (der + counter, len2 + len3, temp2, &len4); 1223 MHD__asn1_octet_der (der + counter, len2 + len3, temp2,
1224 &len4);
1210 MHD__asn1_set_value (p, temp2, len4); 1225 MHD__asn1_set_value (p, temp2, len4);
1211 MHD__asn1_afree (temp2); 1226 MHD__asn1_afree (temp2);
1212 counter += len2 + len3; 1227 counter += len2 + len3;
@@ -1221,7 +1236,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1221 1236
1222 len2 = len - counter; 1237 len2 = len - counter;
1223 ris = 1238 ris =
1224 MHD__asn1_get_indefinite_length_string (der + counter, &len2); 1239 MHD__asn1_get_indefinite_length_string (der + counter,
1240 &len2);
1225 if (ris != ASN1_SUCCESS) 1241 if (ris != ASN1_SUCCESS)
1226 { 1242 {
1227 MHD__asn1_delete_structure (element); 1243 MHD__asn1_delete_structure (element);
@@ -1328,7 +1344,8 @@ MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, int len,
1328 **/ 1344 **/
1329MHD__asn1_retCode 1345MHD__asn1_retCode
1330MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len, 1346MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1331 const char *name_element, int *start, int *end) 1347 const char *name_element, int *start,
1348 int *end)
1332{ 1349{
1333 node_asn *node, *node_to_find, *p, *p2, *p3; 1350 node_asn *node, *node_to_find, *p, *p2, *p3;
1334 int counter, len2, len3, len4, move, ris; 1351 int counter, len2, len3, len4, move, ris;
@@ -1369,7 +1386,7 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1369 if (p->type & CONST_SET) 1386 if (p->type & CONST_SET)
1370 { 1387 {
1371 p2 = MHD__asn1_find_up (p); 1388 p2 = MHD__asn1_find_up (p);
1372 len2 = strtol ( (const char* ) p2->value, NULL, 10); 1389 len2 = strtol ((const char *) p2->value, NULL, 10);
1373 if (len2 == -1) 1390 if (len2 == -1)
1374 { 1391 {
1375 if (!der[counter] && !der[counter + 1]) 1392 if (!der[counter] && !der[counter + 1])
@@ -1396,13 +1413,13 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1396 if (type_field (p2->type) != TYPE_CHOICE) 1413 if (type_field (p2->type) != TYPE_CHOICE)
1397 ris = 1414 ris =
1398 MHD__asn1_extract_tag_der (p2, der + counter, 1415 MHD__asn1_extract_tag_der (p2, der + counter,
1399 len - counter, &len2); 1416 len - counter, &len2);
1400 else 1417 else
1401 { 1418 {
1402 p3 = p2->down; 1419 p3 = p2->down;
1403 ris = 1420 ris =
1404 MHD__asn1_extract_tag_der (p3, der + counter, 1421 MHD__asn1_extract_tag_der (p3, der + counter,
1405 len - counter, &len2); 1422 len - counter, &len2);
1406 } 1423 }
1407 if (ris == ASN1_SUCCESS) 1424 if (ris == ASN1_SUCCESS)
1408 { 1425 {
@@ -1425,14 +1442,15 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1425 p = p->down; 1442 p = p->down;
1426 ris = 1443 ris =
1427 MHD__asn1_extract_tag_der (p, der + counter, len - counter, 1444 MHD__asn1_extract_tag_der (p, der + counter, len - counter,
1428 &len2); 1445 &len2);
1429 if (p == node_to_find) 1446 if (p == node_to_find)
1430 *start = counter; 1447 *start = counter;
1431 } 1448 }
1432 1449
1433 if (ris == ASN1_SUCCESS) 1450 if (ris == ASN1_SUCCESS)
1434 ris = 1451 ris =
1435 MHD__asn1_extract_tag_der (p, der + counter, len - counter, &len2); 1452 MHD__asn1_extract_tag_der (p, der + counter, len - counter,
1453 &len2);
1436 if (ris != ASN1_SUCCESS) 1454 if (ris != ASN1_SUCCESS)
1437 { 1455 {
1438 if (p->type & CONST_OPTION) 1456 if (p->type & CONST_OPTION)
@@ -1472,7 +1490,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1472 case TYPE_INTEGER: 1490 case TYPE_INTEGER:
1473 case TYPE_ENUMERATED: 1491 case TYPE_ENUMERATED:
1474 len2 = 1492 len2 =
1475 MHD__asn1_get_length_der (der + counter, len - counter, &len3); 1493 MHD__asn1_get_length_der (der + counter, len - counter,
1494 &len3);
1476 if (len2 < 0) 1495 if (len2 < 0)
1477 return ASN1_DER_ERROR; 1496 return ASN1_DER_ERROR;
1478 counter += len3 + len2; 1497 counter += len3 + len2;
@@ -1480,7 +1499,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1480 break; 1499 break;
1481 case TYPE_OBJECT_ID: 1500 case TYPE_OBJECT_ID:
1482 len2 = 1501 len2 =
1483 MHD__asn1_get_length_der (der + counter, len - counter, &len3); 1502 MHD__asn1_get_length_der (der + counter, len - counter,
1503 &len3);
1484 if (len2 < 0) 1504 if (len2 < 0)
1485 return ASN1_DER_ERROR; 1505 return ASN1_DER_ERROR;
1486 counter += len2 + len3; 1506 counter += len2 + len3;
@@ -1488,7 +1508,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1488 break; 1508 break;
1489 case TYPE_TIME: 1509 case TYPE_TIME:
1490 len2 = 1510 len2 =
1491 MHD__asn1_get_length_der (der + counter, len - counter, &len3); 1511 MHD__asn1_get_length_der (der + counter, len - counter,
1512 &len3);
1492 if (len2 < 0) 1513 if (len2 < 0)
1493 return ASN1_DER_ERROR; 1514 return ASN1_DER_ERROR;
1494 counter += len2 + len3; 1515 counter += len2 + len3;
@@ -1504,7 +1525,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1504 break; 1525 break;
1505 case TYPE_GENERALSTRING: 1526 case TYPE_GENERALSTRING:
1506 len2 = 1527 len2 =
1507 MHD__asn1_get_length_der (der + counter, len - counter, &len3); 1528 MHD__asn1_get_length_der (der + counter, len - counter,
1529 &len3);
1508 if (len2 < 0) 1530 if (len2 < 0)
1509 return ASN1_DER_ERROR; 1531 return ASN1_DER_ERROR;
1510 counter += len3 + len2; 1532 counter += len3 + len2;
@@ -1512,7 +1534,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1512 break; 1534 break;
1513 case TYPE_BIT_STRING: 1535 case TYPE_BIT_STRING:
1514 len2 = 1536 len2 =
1515 MHD__asn1_get_length_der (der + counter, len - counter, &len3); 1537 MHD__asn1_get_length_der (der + counter, len - counter,
1538 &len3);
1516 if (len2 < 0) 1539 if (len2 < 0)
1517 return ASN1_DER_ERROR; 1540 return ASN1_DER_ERROR;
1518 counter += len3 + len2; 1541 counter += len3 + len2;
@@ -1523,7 +1546,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1523 if (move != UP) 1546 if (move != UP)
1524 { 1547 {
1525 len3 = 1548 len3 =
1526 MHD__asn1_get_length_der (der + counter, len - counter, &len2); 1549 MHD__asn1_get_length_der (der + counter, len - counter,
1550 &len2);
1527 if (len3 < -1) 1551 if (len3 < -1)
1528 return ASN1_DER_ERROR; 1552 return ASN1_DER_ERROR;
1529 counter += len2; 1553 counter += len2;
@@ -1544,7 +1568,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1544 if (move != UP) 1568 if (move != UP)
1545 { 1569 {
1546 len3 = 1570 len3 =
1547 MHD__asn1_get_length_der (der + counter, len - counter, &len2); 1571 MHD__asn1_get_length_der (der + counter, len - counter,
1572 &len2);
1548 if (len3 < -1) 1573 if (len3 < -1)
1549 return ASN1_DER_ERROR; 1574 return ASN1_DER_ERROR;
1550 counter += len2; 1575 counter += len2;
@@ -1576,7 +1601,7 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1576 1601
1577 len4 = 1602 len4 =
1578 MHD__asn1_get_length_der (der + counter + len2, 1603 MHD__asn1_get_length_der (der + counter + len2,
1579 len - counter - len2, &len3); 1604 len - counter - len2, &len3);
1580 if (len4 < -1) 1605 if (len4 < -1)
1581 return ASN1_DER_ERROR; 1606 return ASN1_DER_ERROR;
1582 1607
@@ -1594,7 +1619,8 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1594 1619
1595 len2 = len - counter; 1620 len2 = len - counter;
1596 ris = 1621 ris =
1597 MHD__asn1_get_indefinite_length_string (der + counter, &len2); 1622 MHD__asn1_get_indefinite_length_string (der + counter,
1623 &len2);
1598 if (ris != ASN1_SUCCESS) 1624 if (ris != ASN1_SUCCESS)
1599 return ris; 1625 return ris;
1600 counter += len2; 1626 counter += len2;
@@ -1646,5 +1672,3 @@ MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, const void *ider, int len,
1646 1672
1647 return ASN1_ELEMENT_NOT_FOUND; 1673 return ASN1_ELEMENT_NOT_FOUND;
1648} 1674}
1649
1650
diff --git a/src/daemon/https/minitasn1/element.c b/src/daemon/https/minitasn1/element.c
index 4e29772e..7cda2174 100644
--- a/src/daemon/https/minitasn1/element.c
+++ b/src/daemon/https/minitasn1/element.c
@@ -76,7 +76,7 @@ MHD__asn1_hierarchical_name (node_asn * node, char *name, int name_size)
76/******************************************************************/ 76/******************************************************************/
77MHD__asn1_retCode 77MHD__asn1_retCode
78MHD__asn1_convert_integer (const char *value, unsigned char *value_out, 78MHD__asn1_convert_integer (const char *value, unsigned char *value_out,
79 int value_out_size, int *len) 79 int value_out_size, int *len)
80{ 80{
81 char negative; 81 char negative;
82 unsigned char val[SIZEOF_UNSIGNED_LONG_INT]; 82 unsigned char val[SIZEOF_UNSIGNED_LONG_INT];
@@ -117,7 +117,8 @@ MHD__asn1_convert_integer (const char *value, unsigned char *value_out,
117 117
118 118
119#ifdef LIBTASN1_DEBUG_INTEGER 119#ifdef LIBTASN1_DEBUG_INTEGER
120 MHD__libtasn1_log ("MHD__asn1_convert_integer: valueIn=%s, lenOut=%d", value, *len); 120 MHD__libtasn1_log ("MHD__asn1_convert_integer: valueIn=%s, lenOut=%d",
121 value, *len);
121 for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT; k++) 122 for (k = 0; k < SIZEOF_UNSIGNED_LONG_INT; k++)
122 MHD__libtasn1_log (", vOut[%d]=%d", k, value_out[k]); 123 MHD__libtasn1_log (", vOut[%d]=%d", k, value_out[k]);
123 MHD__libtasn1_log ("\n"); 124 MHD__libtasn1_log ("\n");
@@ -276,7 +277,7 @@ MHD__asn1_append_sequence_set (node_asn * node)
276 **/ 277 **/
277MHD__asn1_retCode 278MHD__asn1_retCode
278MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, 279MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
279 const void *ivalue, int len) 280 const void *ivalue, int len)
280{ 281{
281 node_asn *node, *p, *p2; 282 node_asn *node, *p, *p2;
282 unsigned char *temp, *value_temp = NULL, *default_temp = NULL; 283 unsigned char *temp, *value_temp = NULL, *default_temp = NULL;
@@ -355,7 +356,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
355 return ASN1_MEM_ALLOC_ERROR; 356 return ASN1_MEM_ALLOC_ERROR;
356 357
357 MHD__asn1_convert_integer (value, value_temp, 358 MHD__asn1_convert_integer (value, value_temp,
358 SIZEOF_UNSIGNED_LONG_INT, &len); 359 SIZEOF_UNSIGNED_LONG_INT, &len);
359 } 360 }
360 else 361 else
361 { /* is an identifier like v1 */ 362 { /* is an identifier like v1 */
@@ -374,10 +375,10 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
374 if (value_temp == NULL) 375 if (value_temp == NULL)
375 return ASN1_MEM_ALLOC_ERROR; 376 return ASN1_MEM_ALLOC_ERROR;
376 377
377 MHD__asn1_convert_integer ((const char*) p->value, 378 MHD__asn1_convert_integer ((const char *) p->value,
378 value_temp, 379 value_temp,
379 SIZEOF_UNSIGNED_LONG_INT, 380 SIZEOF_UNSIGNED_LONG_INT,
380 &len); 381 &len);
381 break; 382 break;
382 } 383 }
383 } 384 }
@@ -420,10 +421,10 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
420 MHD__asn1_length_der (len - k, NULL, &len2); 421 MHD__asn1_length_der (len - k, NULL, &len2);
421 temp = (unsigned char *) MHD__asn1_alloca (len - k + len2); 422 temp = (unsigned char *) MHD__asn1_alloca (len - k + len2);
422 if (temp == NULL) 423 if (temp == NULL)
423 { 424 {
424 MHD__asn1_afree (value_temp); 425 MHD__asn1_afree (value_temp);
425 return ASN1_MEM_ALLOC_ERROR; 426 return ASN1_MEM_ALLOC_ERROR;
426 } 427 }
427 428
428 MHD__asn1_octet_der (value_temp + k, len - k, temp, &len2); 429 MHD__asn1_octet_der (value_temp + k, len - k, temp, &len2);
429 MHD__asn1_set_value (node, temp, len2); 430 MHD__asn1_set_value (node, temp, len2);
@@ -441,51 +442,53 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
441 default_temp = 442 default_temp =
442 (unsigned char *) MHD__asn1_alloca (SIZEOF_UNSIGNED_LONG_INT); 443 (unsigned char *) MHD__asn1_alloca (SIZEOF_UNSIGNED_LONG_INT);
443 if (default_temp == NULL) 444 if (default_temp == NULL)
444 { 445 {
445 MHD__asn1_afree (value_temp); 446 MHD__asn1_afree (value_temp);
446 return ASN1_MEM_ALLOC_ERROR; 447 return ASN1_MEM_ALLOC_ERROR;
447 } 448 }
448 449
449 MHD__asn1_convert_integer ((const char*) p->value, default_temp, 450 MHD__asn1_convert_integer ((const char *) p->value,
450 SIZEOF_UNSIGNED_LONG_INT, &len2); 451 default_temp,
452 SIZEOF_UNSIGNED_LONG_INT, &len2);
451 } 453 }
452 else 454 else
453 { /* is an identifier like v1 */ 455 { /* is an identifier like v1 */
454 if (!(node->type & CONST_LIST)) 456 if (!(node->type & CONST_LIST))
455 { 457 {
456 MHD__asn1_afree (value_temp); 458 MHD__asn1_afree (value_temp);
457 return ASN1_VALUE_NOT_VALID; 459 return ASN1_VALUE_NOT_VALID;
458 } 460 }
459 p2 = node->down; 461 p2 = node->down;
460 while (p2) 462 while (p2)
461 { 463 {
462 if (type_field (p2->type) == TYPE_CONSTANT) 464 if (type_field (p2->type) == TYPE_CONSTANT)
463 { 465 {
464 if ((p2->name) && (!strcmp (p2->name,(const char*) p->value))) 466 if ((p2->name)
467 && (!strcmp (p2->name, (const char *) p->value)))
465 { 468 {
466 default_temp = 469 default_temp =
467 (unsigned char *) 470 (unsigned char *)
468 MHD__asn1_alloca (SIZEOF_UNSIGNED_LONG_INT); 471 MHD__asn1_alloca (SIZEOF_UNSIGNED_LONG_INT);
469 if (default_temp == NULL) 472 if (default_temp == NULL)
470 { 473 {
471 MHD__asn1_afree (value_temp); 474 MHD__asn1_afree (value_temp);
472 return ASN1_MEM_ALLOC_ERROR; 475 return ASN1_MEM_ALLOC_ERROR;
473 } 476 }
474 477
475 MHD__asn1_convert_integer ((const char*) p2->value, 478 MHD__asn1_convert_integer ((const char *) p2->value,
476 default_temp, 479 default_temp,
477 SIZEOF_UNSIGNED_LONG_INT, 480 SIZEOF_UNSIGNED_LONG_INT,
478 &len2); 481 &len2);
479 break; 482 break;
480 } 483 }
481 } 484 }
482 p2 = p2->right; 485 p2 = p2->right;
483 } 486 }
484 if (p2 == NULL) 487 if (p2 == NULL)
485 { 488 {
486 MHD__asn1_afree (value_temp); 489 MHD__asn1_afree (value_temp);
487 return ASN1_VALUE_NOT_VALID; 490 return ASN1_VALUE_NOT_VALID;
488 } 491 }
489 } 492 }
490 493
491 494
@@ -512,7 +515,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
512 p = node->down; 515 p = node->down;
513 while (type_field (p->type) != TYPE_DEFAULT) 516 while (type_field (p->type) != TYPE_DEFAULT)
514 p = p->right; 517 p = p->right;
515 if (!strcmp (value,(const char*) p->value)) 518 if (!strcmp (value, (const char *) p->value))
516 { 519 {
517 MHD__asn1_set_value (node, NULL, 0); 520 MHD__asn1_set_value (node, NULL, 0);
518 break; 521 break;
@@ -574,7 +577,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
574 if (temp == NULL) 577 if (temp == NULL)
575 return ASN1_MEM_ALLOC_ERROR; 578 return ASN1_MEM_ALLOC_ERROR;
576 579
577 MHD__asn1_octet_der ((const unsigned char*) value, len, temp, &len2); 580 MHD__asn1_octet_der ((const unsigned char *) value, len, temp, &len2);
578 MHD__asn1_set_value (node, temp, len2); 581 MHD__asn1_set_value (node, temp, len2);
579 MHD__asn1_afree (temp); 582 MHD__asn1_afree (temp);
580 break; 583 break;
@@ -586,7 +589,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
586 if (temp == NULL) 589 if (temp == NULL)
587 return ASN1_MEM_ALLOC_ERROR; 590 return ASN1_MEM_ALLOC_ERROR;
588 591
589 MHD__asn1_octet_der ((const unsigned char*)value, len, temp, &len2); 592 MHD__asn1_octet_der ((const unsigned char *) value, len, temp, &len2);
590 MHD__asn1_set_value (node, temp, len2); 593 MHD__asn1_set_value (node, temp, len2);
591 MHD__asn1_afree (temp); 594 MHD__asn1_afree (temp);
592 break; 595 break;
@@ -598,7 +601,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
598 if (temp == NULL) 601 if (temp == NULL)
599 return ASN1_MEM_ALLOC_ERROR; 602 return ASN1_MEM_ALLOC_ERROR;
600 603
601 MHD__asn1_bit_der ((const unsigned char*)value, len, temp, &len2); 604 MHD__asn1_bit_der ((const unsigned char *) value, len, temp, &len2);
602 MHD__asn1_set_value (node, temp, len2); 605 MHD__asn1_set_value (node, temp, len2);
603 MHD__asn1_afree (temp); 606 MHD__asn1_afree (temp);
604 break; 607 break;
@@ -632,7 +635,7 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
632 if (temp == NULL) 635 if (temp == NULL)
633 return ASN1_MEM_ALLOC_ERROR; 636 return ASN1_MEM_ALLOC_ERROR;
634 637
635 MHD__asn1_octet_der ((const unsigned char*)value, len, temp, &len2); 638 MHD__asn1_octet_der ((const unsigned char *) value, len, temp, &len2);
636 MHD__asn1_set_value (node, temp, len2); 639 MHD__asn1_set_value (node, temp, len2);
637 MHD__asn1_afree (temp); 640 MHD__asn1_afree (temp);
638 break; 641 break;
@@ -744,7 +747,8 @@ MHD__asn1_write_value (ASN1_TYPE node_root, const char *name,
744 * 747 *
745 **/ 748 **/
746MHD__asn1_retCode 749MHD__asn1_retCode
747MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len) 750MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue,
751 int *len)
748{ 752{
749 node_asn *node, *p, *p2; 753 node_asn *node, *p, *p2;
750 int len2, len3; 754 int len2, len3;
@@ -801,7 +805,8 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len)
801 || (p->value[0] == '+')) 805 || (p->value[0] == '+'))
802 { 806 {
803 if (MHD__asn1_convert_integer 807 if (MHD__asn1_convert_integer
804 ((const char*) p->value, (unsigned char*) value, value_size, len) != ASN1_SUCCESS) 808 ((const char *) p->value, (unsigned char *) value,
809 value_size, len) != ASN1_SUCCESS)
805 return ASN1_MEM_ERROR; 810 return ASN1_MEM_ERROR;
806 } 811 }
807 else 812 else
@@ -811,10 +816,12 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len)
811 { 816 {
812 if (type_field (p2->type) == TYPE_CONSTANT) 817 if (type_field (p2->type) == TYPE_CONSTANT)
813 { 818 {
814 if ((p2->name) && (!strcmp (p2->name, (const char*) p->value))) 819 if ((p2->name)
820 && (!strcmp (p2->name, (const char *) p->value)))
815 { 821 {
816 if (MHD__asn1_convert_integer 822 if (MHD__asn1_convert_integer
817 ((const char*) p2->value, (unsigned char*) value, value_size, 823 ((const char *) p2->value,
824 (unsigned char *) value, value_size,
818 len) != ASN1_SUCCESS) 825 len) != ASN1_SUCCESS)
819 return ASN1_MEM_ERROR; 826 return ASN1_MEM_ERROR;
820 break; 827 break;
@@ -828,8 +835,8 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len)
828 { 835 {
829 len2 = -1; 836 len2 = -1;
830 if (MHD__asn1_get_octet_der 837 if (MHD__asn1_get_octet_der
831 (node->value, node->value_len, &len2, (unsigned char*) value, value_size, 838 (node->value, node->value_len, &len2, (unsigned char *) value,
832 len) != ASN1_SUCCESS) 839 value_size, len) != ASN1_SUCCESS)
833 return ASN1_MEM_ERROR; 840 return ASN1_MEM_ERROR;
834 } 841 }
835 break; 842 break;
@@ -842,7 +849,7 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len)
842 { 849 {
843 if (type_field (p->type) == TYPE_CONSTANT) 850 if (type_field (p->type) == TYPE_CONSTANT)
844 { 851 {
845 ADD_STR_VALUE (value, value_size, (const char*) p->value); 852 ADD_STR_VALUE (value, value_size, (const char *) p->value);
846 if (p->right) 853 if (p->right)
847 { 854 {
848 ADD_STR_VALUE (value, value_size, "."); 855 ADD_STR_VALUE (value, value_size, ".");
@@ -857,35 +864,35 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len)
857 p = node->down; 864 p = node->down;
858 while (type_field (p->type) != TYPE_DEFAULT) 865 while (type_field (p->type) != TYPE_DEFAULT)
859 p = p->right; 866 p = p->right;
860 PUT_STR_VALUE (value, value_size, (const char*) p->value); 867 PUT_STR_VALUE (value, value_size, (const char *) p->value);
861 } 868 }
862 else 869 else
863 { 870 {
864 PUT_STR_VALUE (value, value_size, (const char*) node->value); 871 PUT_STR_VALUE (value, value_size, (const char *) node->value);
865 } 872 }
866 break; 873 break;
867 case TYPE_TIME: 874 case TYPE_TIME:
868 PUT_STR_VALUE (value, value_size, (const char*) node->value); 875 PUT_STR_VALUE (value, value_size, (const char *) node->value);
869 break; 876 break;
870 case TYPE_OCTET_STRING: 877 case TYPE_OCTET_STRING:
871 len2 = -1; 878 len2 = -1;
872 if (MHD__asn1_get_octet_der 879 if (MHD__asn1_get_octet_der
873 (node->value, node->value_len, &len2, (unsigned char*) value, value_size, 880 (node->value, node->value_len, &len2, (unsigned char *) value,
874 len) != ASN1_SUCCESS) 881 value_size, len) != ASN1_SUCCESS)
875 return ASN1_MEM_ERROR; 882 return ASN1_MEM_ERROR;
876 break; 883 break;
877 case TYPE_GENERALSTRING: 884 case TYPE_GENERALSTRING:
878 len2 = -1; 885 len2 = -1;
879 if (MHD__asn1_get_octet_der 886 if (MHD__asn1_get_octet_der
880 (node->value, node->value_len, &len2, (unsigned char*) value, value_size, 887 (node->value, node->value_len, &len2, (unsigned char *) value,
881 len) != ASN1_SUCCESS) 888 value_size, len) != ASN1_SUCCESS)
882 return ASN1_MEM_ERROR; 889 return ASN1_MEM_ERROR;
883 break; 890 break;
884 case TYPE_BIT_STRING: 891 case TYPE_BIT_STRING:
885 len2 = -1; 892 len2 = -1;
886 if (MHD__asn1_get_bit_der 893 if (MHD__asn1_get_bit_der
887 (node->value, node->value_len, &len2, (unsigned char*) value, value_size, 894 (node->value, node->value_len, &len2, (unsigned char *) value,
888 len) != ASN1_SUCCESS) 895 value_size, len) != ASN1_SUCCESS)
889 return ASN1_MEM_ERROR; 896 return ASN1_MEM_ERROR;
890 break; 897 break;
891 case TYPE_CHOICE: 898 case TYPE_CHOICE:
@@ -904,5 +911,3 @@ MHD__asn1_read_value (ASN1_TYPE root, const char *name, void *ivalue, int *len)
904 } 911 }
905 return ASN1_SUCCESS; 912 return ASN1_SUCCESS;
906} 913}
907
908
diff --git a/src/daemon/https/minitasn1/element.h b/src/daemon/https/minitasn1/element.h
index eea9839a..e4484925 100644
--- a/src/daemon/https/minitasn1/element.h
+++ b/src/daemon/https/minitasn1/element.h
@@ -6,8 +6,8 @@
6MHD__asn1_retCode MHD__asn1_append_sequence_set (node_asn * node); 6MHD__asn1_retCode MHD__asn1_append_sequence_set (node_asn * node);
7 7
8MHD__asn1_retCode MHD__asn1_convert_integer (const char *value, 8MHD__asn1_retCode MHD__asn1_convert_integer (const char *value,
9 unsigned char *value_out, 9 unsigned char *value_out,
10 int value_out_size, int *len); 10 int value_out_size, int *len);
11 11
12void MHD__asn1_hierarchical_name (node_asn * node, char *name, int name_size); 12void MHD__asn1_hierarchical_name (node_asn * node, char *name, int name_size);
13 13
diff --git a/src/daemon/https/minitasn1/libtasn1.h b/src/daemon/https/minitasn1/libtasn1.h
index 7379db18..15292cd4 100644
--- a/src/daemon/https/minitasn1/libtasn1.h
+++ b/src/daemon/https/minitasn1/libtasn1.h
@@ -43,7 +43,7 @@ extern "C"
43 /* (null character included) */ 43 /* (null character included) */
44 44
45 45
46 typedef int MHD__asn1_retCode; /* type returned by libtasn1 functions */ 46 typedef int MHD__asn1_retCode; /* type returned by libtasn1 functions */
47 47
48 /*****************************************/ 48 /*****************************************/
49 /* Errors returned by libtasn1 functions */ 49 /* Errors returned by libtasn1 functions */
@@ -138,49 +138,53 @@ extern "C"
138 /***********************************/ 138 /***********************************/
139 139
140 MHD__asn1_retCode MHD__asn1_parser2tree (const char *file_name, 140 MHD__asn1_retCode MHD__asn1_parser2tree (const char *file_name,
141 ASN1_TYPE * definitions, 141 ASN1_TYPE * definitions,
142 char *errorDescription); 142 char *errorDescription);
143 143
144 MHD__asn1_retCode MHD__asn1_parser2array (const char *inputFileName, 144 MHD__asn1_retCode MHD__asn1_parser2array (const char *inputFileName,
145 const char *outputFileName, 145 const char *outputFileName,
146 const char *vectorName, 146 const char *vectorName,
147 char *errorDescription); 147 char *errorDescription);
148 148
149 MHD__asn1_retCode MHD__asn1_array2tree (const ASN1_ARRAY_TYPE * array, 149 MHD__asn1_retCode MHD__asn1_array2tree (const ASN1_ARRAY_TYPE * array,
150 ASN1_TYPE * definitions, 150 ASN1_TYPE * definitions,
151 char *errorDescription); 151 char *errorDescription);
152 152
153 MHD__asn1_retCode MHD__asn1_create_element (ASN1_TYPE definitions, 153 MHD__asn1_retCode MHD__asn1_create_element (ASN1_TYPE definitions,
154 const char *source_name, 154 const char *source_name,
155 ASN1_TYPE * element); 155 ASN1_TYPE * element);
156 156
157 MHD__asn1_retCode MHD__asn1_delete_structure (ASN1_TYPE * structure); 157 MHD__asn1_retCode MHD__asn1_delete_structure (ASN1_TYPE * structure);
158 158
159 MHD__asn1_retCode MHD__asn1_delete_element (ASN1_TYPE structure, 159 MHD__asn1_retCode MHD__asn1_delete_element (ASN1_TYPE structure,
160 const char *element_name); 160 const char *element_name);
161 161
162 MHD__asn1_retCode MHD__asn1_write_value (ASN1_TYPE node_root, const char *name, 162 MHD__asn1_retCode MHD__asn1_write_value (ASN1_TYPE node_root,
163 const void *ivalue, int len); 163 const char *name,
164 const void *ivalue, int len);
164 165
165 MHD__asn1_retCode MHD__asn1_read_value (ASN1_TYPE root, const char *name, 166 MHD__asn1_retCode MHD__asn1_read_value (ASN1_TYPE root, const char *name,
166 void *ivalue, int *len); 167 void *ivalue, int *len);
167 168
168 MHD__asn1_retCode MHD__asn1_number_of_elements (ASN1_TYPE element, const char *name, 169 MHD__asn1_retCode MHD__asn1_number_of_elements (ASN1_TYPE element,
169 int *num); 170 const char *name, int *num);
170 171
171 MHD__asn1_retCode MHD__asn1_der_coding (ASN1_TYPE element, const char *name, 172 MHD__asn1_retCode MHD__asn1_der_coding (ASN1_TYPE element, const char *name,
172 void *ider, int *len, char *ErrorDescription); 173 void *ider, int *len,
174 char *ErrorDescription);
173 175
174 MHD__asn1_retCode MHD__asn1_der_decoding (ASN1_TYPE * element, const void *ider, 176 MHD__asn1_retCode MHD__asn1_der_decoding (ASN1_TYPE * element,
175 int len, char *errorDescription); 177 const void *ider, int len,
178 char *errorDescription);
176 179
177 MHD__asn1_retCode MHD__asn1_der_decoding_startEnd (ASN1_TYPE element, 180 MHD__asn1_retCode MHD__asn1_der_decoding_startEnd (ASN1_TYPE element,
178 const void *ider, int len, 181 const void *ider,
179 const char *name_element, 182 int len,
180 int *start, int *end); 183 const char *name_element,
184 int *start, int *end);
181 185
182 const char *MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions, 186 const char *MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions,
183 const char *oidValue); 187 const char *oidValue);
184 188
185 const char *MHD__libtasn1_strerror (MHD__asn1_retCode error); 189 const char *MHD__libtasn1_strerror (MHD__asn1_retCode error);
186 190
@@ -189,34 +193,37 @@ extern "C"
189 /* DER utility functions. */ 193 /* DER utility functions. */
190 194
191 int MHD__asn1_get_tag_der (const unsigned char *der, int der_len, 195 int MHD__asn1_get_tag_der (const unsigned char *der, int der_len,
192 unsigned char *cls, int *len, unsigned long *tag); 196 unsigned char *cls, int *len,
197 unsigned long *tag);
193 198
194 void MHD__asn1_octet_der (const unsigned char *str, int str_len, 199 void MHD__asn1_octet_der (const unsigned char *str, int str_len,
195 unsigned char *der, int *der_len); 200 unsigned char *der, int *der_len);
196 201
197 MHD__asn1_retCode MHD__asn1_get_octet_der (const unsigned char *der, int der_len, 202 MHD__asn1_retCode MHD__asn1_get_octet_der (const unsigned char *der,
198 int *ret_len, unsigned char *str, 203 int der_len, int *ret_len,
199 int str_size, int *str_len); 204 unsigned char *str, int str_size,
205 int *str_len);
200 206
201 void MHD__asn1_bit_der (const unsigned char *str, int bit_len, 207 void MHD__asn1_bit_der (const unsigned char *str, int bit_len,
202 unsigned char *der, int *der_len); 208 unsigned char *der, int *der_len);
203 209
204 MHD__asn1_retCode MHD__asn1_get_bit_der (const unsigned char *der, int der_len, 210 MHD__asn1_retCode MHD__asn1_get_bit_der (const unsigned char *der,
205 int *ret_len, unsigned char *str, 211 int der_len, int *ret_len,
206 int str_size, int *bit_len); 212 unsigned char *str, int str_size,
213 int *bit_len);
207 214
208 signed long MHD__asn1_get_length_der (const unsigned char *der, int der_len, 215 signed long MHD__asn1_get_length_der (const unsigned char *der, int der_len,
209 int *len); 216 int *len);
210 217
211 void MHD__asn1_length_der (unsigned long int len, unsigned char *ans, 218 void MHD__asn1_length_der (unsigned long int len, unsigned char *ans,
212 int *ans_len); 219 int *ans_len);
213 220
214 /* Other utility functions. */ 221 /* Other utility functions. */
215 222
216 ASN1_TYPE MHD__asn1_find_node (ASN1_TYPE pointer, const char *name); 223 ASN1_TYPE MHD__asn1_find_node (ASN1_TYPE pointer, const char *name);
217 224
218 MHD__asn1_retCode MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name, 225 MHD__asn1_retCode MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name,
219 ASN1_TYPE src, const char *src_name); 226 ASN1_TYPE src, const char *src_name);
220 227
221#ifdef __cplusplus 228#ifdef __cplusplus
222} 229}
diff --git a/src/daemon/https/minitasn1/parser_aux.c b/src/daemon/https/minitasn1/parser_aux.c
index 5f36a5ff..438b8e76 100644
--- a/src/daemon/https/minitasn1/parser_aux.c
+++ b/src/daemon/https/minitasn1/parser_aux.c
@@ -29,7 +29,7 @@
29 29
30 30
31 31
32char MHD__asn1_identifierMissing[MAX_NAME_SIZE + 1]; /* identifier name not found */ 32char MHD__asn1_identifierMissing[MAX_NAME_SIZE + 1]; /* identifier name not found */
33 33
34/***********************************************/ 34/***********************************************/
35/* Type: list_type */ 35/* Type: list_type */
@@ -443,7 +443,8 @@ MHD__asn1_change_integer_value (ASN1_TYPE node)
443 { 443 {
444 if (p->value) 444 if (p->value)
445 { 445 {
446 MHD__asn1_convert_integer ((const char*) p->value, val, sizeof (val), &len); 446 MHD__asn1_convert_integer ((const char *) p->value, val,
447 sizeof (val), &len);
447 MHD__asn1_octet_der (val, len, val2, &len); 448 MHD__asn1_octet_der (val, len, val2, &len);
448 MHD__asn1_set_value (p, val2, len); 449 MHD__asn1_set_value (p, val2, len);
449 } 450 }
@@ -521,7 +522,8 @@ MHD__asn1_expand_object_id (ASN1_TYPE node)
521 { 522 {
522 MHD__asn1_str_cpy (name2, sizeof (name2), name_root); 523 MHD__asn1_str_cpy (name2, sizeof (name2), name_root);
523 MHD__asn1_str_cat (name2, sizeof (name2), "."); 524 MHD__asn1_str_cat (name2, sizeof (name2), ".");
524 MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p2->value); 525 MHD__asn1_str_cat (name2, sizeof (name2),
526 (const char *) p2->value);
525 p3 = MHD__asn1_find_node (node, name2); 527 p3 = MHD__asn1_find_node (node, name2);
526 if (!p3 || (type_field (p3->type) != TYPE_OBJECT_ID) || 528 if (!p3 || (type_field (p3->type) != TYPE_OBJECT_ID) ||
527 !(p3->type & CONST_ASSIGN)) 529 !(p3->type & CONST_ASSIGN))
@@ -536,7 +538,7 @@ MHD__asn1_expand_object_id (ASN1_TYPE node)
536 { 538 {
537 p5 = MHD__asn1_add_node_only (TYPE_CONSTANT); 539 p5 = MHD__asn1_add_node_only (TYPE_CONSTANT);
538 MHD__asn1_set_name (p5, p4->name); 540 MHD__asn1_set_name (p5, p4->name);
539 tlen = strlen ( (const char*) p4->value); 541 tlen = strlen ((const char *) p4->value);
540 if (tlen > 0) 542 if (tlen > 0)
541 MHD__asn1_set_value (p5, p4->value, tlen + 1); 543 MHD__asn1_set_value (p5, p4->value, tlen + 1);
542 if (p2 == p) 544 if (p2 == p)
@@ -607,7 +609,8 @@ MHD__asn1_expand_object_id (ASN1_TYPE node)
607 { 609 {
608 MHD__asn1_str_cpy (name2, sizeof (name2), name_root); 610 MHD__asn1_str_cpy (name2, sizeof (name2), name_root);
609 MHD__asn1_str_cat (name2, sizeof (name2), "."); 611 MHD__asn1_str_cat (name2, sizeof (name2), ".");
610 MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p2->value); 612 MHD__asn1_str_cat (name2, sizeof (name2),
613 (const char *) p2->value);
611 p3 = MHD__asn1_find_node (node, name2); 614 p3 = MHD__asn1_find_node (node, name2);
612 if (!p3 || (type_field (p3->type) != TYPE_OBJECT_ID) || 615 if (!p3 || (type_field (p3->type) != TYPE_OBJECT_ID) ||
613 !(p3->type & CONST_ASSIGN)) 616 !(p3->type & CONST_ASSIGN))
@@ -620,7 +623,8 @@ MHD__asn1_expand_object_id (ASN1_TYPE node)
620 { 623 {
621 if (name2[0]) 624 if (name2[0])
622 MHD__asn1_str_cat (name2, sizeof (name2), "."); 625 MHD__asn1_str_cat (name2, sizeof (name2), ".");
623 MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p4->value); 626 MHD__asn1_str_cat (name2, sizeof (name2),
627 (const char *) p4->value);
624 } 628 }
625 p4 = p4->right; 629 p4 = p4->right;
626 } 630 }
@@ -691,11 +695,11 @@ MHD__asn1_check_identifier (ASN1_TYPE node)
691 { 695 {
692 MHD__asn1_str_cpy (name2, sizeof (name2), node->name); 696 MHD__asn1_str_cpy (name2, sizeof (name2), node->name);
693 MHD__asn1_str_cat (name2, sizeof (name2), "."); 697 MHD__asn1_str_cat (name2, sizeof (name2), ".");
694 MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p->value); 698 MHD__asn1_str_cat (name2, sizeof (name2), (const char *) p->value);
695 p2 = MHD__asn1_find_node (node, name2); 699 p2 = MHD__asn1_find_node (node, name2);
696 if (p2 == NULL) 700 if (p2 == NULL)
697 { 701 {
698 strcpy (MHD__asn1_identifierMissing, (const char*) p->value); 702 strcpy (MHD__asn1_identifierMissing, (const char *) p->value);
699 return ASN1_IDENTIFIER_NOT_FOUND; 703 return ASN1_IDENTIFIER_NOT_FOUND;
700 } 704 }
701 } 705 }
@@ -707,8 +711,9 @@ MHD__asn1_check_identifier (ASN1_TYPE node)
707 { 711 {
708 MHD__asn1_str_cpy (name2, sizeof (name2), node->name); 712 MHD__asn1_str_cpy (name2, sizeof (name2), node->name);
709 MHD__asn1_str_cat (name2, sizeof (name2), "."); 713 MHD__asn1_str_cat (name2, sizeof (name2), ".");
710 MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p2->value); 714 MHD__asn1_str_cat (name2, sizeof (name2),
711 strcpy (MHD__asn1_identifierMissing, (const char*) p2->value); 715 (const char *) p2->value);
716 strcpy (MHD__asn1_identifierMissing, (const char *) p2->value);
712 p2 = MHD__asn1_find_node (node, name2); 717 p2 = MHD__asn1_find_node (node, name2);
713 if (!p2 || (type_field (p2->type) != TYPE_OBJECT_ID) || 718 if (!p2 || (type_field (p2->type) != TYPE_OBJECT_ID) ||
714 !(p2->type & CONST_ASSIGN)) 719 !(p2->type & CONST_ASSIGN))
@@ -727,8 +732,10 @@ MHD__asn1_check_identifier (ASN1_TYPE node)
727 { 732 {
728 MHD__asn1_str_cpy (name2, sizeof (name2), node->name); 733 MHD__asn1_str_cpy (name2, sizeof (name2), node->name);
729 MHD__asn1_str_cat (name2, sizeof (name2), "."); 734 MHD__asn1_str_cat (name2, sizeof (name2), ".");
730 MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p2->value); 735 MHD__asn1_str_cat (name2, sizeof (name2),
731 strcpy (MHD__asn1_identifierMissing, (const char*) p2->value); 736 (const char *) p2->value);
737 strcpy (MHD__asn1_identifierMissing,
738 (const char *) p2->value);
732 p2 = MHD__asn1_find_node (node, name2); 739 p2 = MHD__asn1_find_node (node, name2);
733 if (!p2 || (type_field (p2->type) != TYPE_OBJECT_ID) || 740 if (!p2 || (type_field (p2->type) != TYPE_OBJECT_ID) ||
734 !(p2->type & CONST_ASSIGN)) 741 !(p2->type & CONST_ASSIGN))
diff --git a/src/daemon/https/minitasn1/parser_aux.h b/src/daemon/https/minitasn1/parser_aux.h
index ae54c3be..4437fb19 100644
--- a/src/daemon/https/minitasn1/parser_aux.h
+++ b/src/daemon/https/minitasn1/parser_aux.h
@@ -9,7 +9,7 @@
9node_asn *MHD__asn1_add_node (unsigned int type); 9node_asn *MHD__asn1_add_node (unsigned int type);
10 10
11node_asn *MHD__asn1_set_value (node_asn * node, const void *value, 11node_asn *MHD__asn1_set_value (node_asn * node, const void *value,
12 unsigned int len); 12 unsigned int len);
13 13
14node_asn *MHD__asn1_set_name (node_asn * node, const char *name); 14node_asn *MHD__asn1_set_name (node_asn * node, const char *name);
15 15
diff --git a/src/daemon/https/minitasn1/structure.c b/src/daemon/https/minitasn1/structure.c
index 6a910af6..8a5c899d 100644
--- a/src/daemon/https/minitasn1/structure.c
+++ b/src/daemon/https/minitasn1/structure.c
@@ -37,7 +37,8 @@
37 37
38extern char MHD__asn1_identifierMissing[]; 38extern char MHD__asn1_identifierMissing[];
39 39
40static node_asn *MHD__asn1_copy_structure2 (node_asn * root, const char *source_name); 40static node_asn *MHD__asn1_copy_structure2 (node_asn * root,
41 const char *source_name);
41 42
42 43
43 44
@@ -106,7 +107,7 @@ MHD__asn1_find_left (node_asn * node)
106 **/ 107 **/
107MHD__asn1_retCode 108MHD__asn1_retCode
108MHD__asn1_array2tree (const ASN1_ARRAY_TYPE * array, ASN1_TYPE * definitions, 109MHD__asn1_array2tree (const ASN1_ARRAY_TYPE * array, ASN1_TYPE * definitions,
109 char *errorDescription) 110 char *errorDescription)
110{ 111{
111 node_asn *p, *p_last = NULL; 112 node_asn *p, *p_last = NULL;
112 unsigned long k; 113 unsigned long k;
@@ -421,7 +422,7 @@ MHD__asn1_type_choice_config (node_asn * node)
421 if (type_field (p3->type) == TYPE_TAG) 422 if (type_field (p3->type) == TYPE_TAG)
422 { 423 {
423 p4 = MHD__asn1_add_node_only (p3->type); 424 p4 = MHD__asn1_add_node_only (p3->type);
424 tlen = strlen ((const char*) p3->value); 425 tlen = strlen ((const char *) p3->value);
425 if (tlen > 0) 426 if (tlen > 0)
426 MHD__asn1_set_value (p4, p3->value, tlen + 1); 427 MHD__asn1_set_value (p4, p3->value, tlen + 1);
427 MHD__asn1_set_right (p4, p2->down); 428 MHD__asn1_set_right (p4, p2->down);
@@ -497,7 +498,8 @@ MHD__asn1_expand_identifier (node_asn ** node, node_asn * root)
497 { 498 {
498 MHD__asn1_str_cpy (name2, sizeof (name2), root->name); 499 MHD__asn1_str_cpy (name2, sizeof (name2), root->name);
499 MHD__asn1_str_cat (name2, sizeof (name2), "."); 500 MHD__asn1_str_cat (name2, sizeof (name2), ".");
500 MHD__asn1_str_cat (name2, sizeof (name2), (const char*) p->value); 501 MHD__asn1_str_cat (name2, sizeof (name2),
502 (const char *) p->value);
501 p2 = MHD__asn1_copy_structure2 (root, name2); 503 p2 = MHD__asn1_copy_structure2 (root, name2);
502 if (p2 == NULL) 504 if (p2 == NULL)
503 { 505 {
@@ -606,7 +608,7 @@ MHD__asn1_expand_identifier (node_asn ** node, node_asn * root)
606 **/ 608 **/
607MHD__asn1_retCode 609MHD__asn1_retCode
608MHD__asn1_create_element (ASN1_TYPE definitions, const char *source_name, 610MHD__asn1_create_element (ASN1_TYPE definitions, const char *source_name,
609 ASN1_TYPE * element) 611 ASN1_TYPE * element)
610{ 612{
611 node_asn *dest_node; 613 node_asn *dest_node;
612 int res; 614 int res;
@@ -685,7 +687,8 @@ MHD__asn1_number_of_elements (ASN1_TYPE element, const char *name, int *num)
685 * 687 *
686 **/ 688 **/
687const char * 689const char *
688MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions, const char *oidValue) 690MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions,
691 const char *oidValue)
689{ 692{
690 char definitionsName[MAX_NAME_SIZE], name[2 * MAX_NAME_SIZE + 1]; 693 char definitionsName[MAX_NAME_SIZE], name[2 * MAX_NAME_SIZE + 1];
691 char value[MAX_NAME_SIZE]; 694 char value[MAX_NAME_SIZE];
@@ -741,7 +744,7 @@ MHD__asn1_find_structure_from_oid (ASN1_TYPE definitions, const char *oidValue)
741 **/ 744 **/
742MHD__asn1_retCode 745MHD__asn1_retCode
743MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name, 746MHD__asn1_copy_node (ASN1_TYPE dst, const char *dst_name,
744 ASN1_TYPE src, const char *src_name) 747 ASN1_TYPE src, const char *src_name)
745{ 748{
746/* FIXME: rewrite using copy_structure(). 749/* FIXME: rewrite using copy_structure().
747 * It seems quite hard to do. 750 * It seems quite hard to do.
diff --git a/src/daemon/https/tls/auth_cert.c b/src/daemon/https/tls/auth_cert.c
index 6f34a120..d0191f24 100644
--- a/src/daemon/https/tls/auth_cert.c
+++ b/src/daemon/https/tls/auth_cert.c
@@ -45,9 +45,10 @@
45#include <gnutls_x509.h> 45#include <gnutls_x509.h>
46#include "debug.h" 46#include "debug.h"
47 47
48static MHD_gnutls_cert *alloc_and_load_x509_certs (MHD_gnutls_x509_crt_t * certs, 48static MHD_gnutls_cert *alloc_and_load_x509_certs (MHD_gnutls_x509_crt_t *
49 unsigned); 49 certs, unsigned);
50static MHD_gnutls_privkey *alloc_and_load_x509_key (MHD_gnutls_x509_privkey_t key); 50static MHD_gnutls_privkey *alloc_and_load_x509_key (MHD_gnutls_x509_privkey_t
51 key);
51 52
52 53
53/* Copies data from a internal certificate struct (MHD_gnutls_cert) to 54/* Copies data from a internal certificate struct (MHD_gnutls_cert) to
@@ -55,7 +56,7 @@ static MHD_gnutls_privkey *alloc_and_load_x509_key (MHD_gnutls_x509_privkey_t ke
55 */ 56 */
56static int 57static int
57MHD__gnutls_copy_certificate_auth_info (cert_auth_info_t info, 58MHD__gnutls_copy_certificate_auth_info (cert_auth_info_t info,
58 MHD_gnutls_cert * cert, int ncerts) 59 MHD_gnutls_cert * cert, int ncerts)
59{ 60{
60 /* Copy peer's information to auth_info_t 61 /* Copy peer's information to auth_info_t
61 */ 62 */
@@ -82,7 +83,7 @@ MHD__gnutls_copy_certificate_auth_info (cert_auth_info_t info,
82 { 83 {
83 ret = 84 ret =
84 MHD__gnutls_set_datum (&info->raw_certificate_list[i], 85 MHD__gnutls_set_datum (&info->raw_certificate_list[i],
85 cert[i].raw.data, cert[i].raw.size); 86 cert[i].raw.data, cert[i].raw.size);
86 if (ret < 0) 87 if (ret < 0)
87 { 88 {
88 MHD_gnutls_assert (); 89 MHD_gnutls_assert ();
@@ -113,9 +114,9 @@ clear:
113 */ 114 */
114inline static int 115inline static int
115MHD__gnutls_check_pk_algo_in_list (const enum MHD_GNUTLS_PublicKeyAlgorithm 116MHD__gnutls_check_pk_algo_in_list (const enum MHD_GNUTLS_PublicKeyAlgorithm
116 *pk_algos, int pk_algos_length, 117 *pk_algos, int pk_algos_length,
117 enum MHD_GNUTLS_PublicKeyAlgorithm 118 enum MHD_GNUTLS_PublicKeyAlgorithm
118 algo_to_check) 119 algo_to_check)
119{ 120{
120 int i; 121 int i;
121 for (i = 0; i < pk_algos_length; i++) 122 for (i = 0; i < pk_algos_length; i++)
@@ -133,7 +134,8 @@ MHD__gnutls_check_pk_algo_in_list (const enum MHD_GNUTLS_PublicKeyAlgorithm
133 * specified in cert. 134 * specified in cert.
134 */ 135 */
135static int 136static int
136MHD__gnutls_cert_get_issuer_dn (MHD_gnutls_cert * cert, MHD_gnutls_datum_t * odn) 137MHD__gnutls_cert_get_issuer_dn (MHD_gnutls_cert * cert,
138 MHD_gnutls_datum_t * odn)
137{ 139{
138 ASN1_TYPE dn; 140 ASN1_TYPE dn;
139 int len, result; 141 int len, result;
@@ -155,8 +157,9 @@ MHD__gnutls_cert_get_issuer_dn (MHD_gnutls_cert * cert, MHD_gnutls_datum_t * odn
155 return MHD_gtls_asn2err (result); 157 return MHD_gtls_asn2err (result);
156 } 158 }
157 159
158 result = MHD__asn1_der_decoding_startEnd (dn, cert->raw.data, cert->raw.size, 160 result =
159 "tbsCertificate.issuer", &start, &end); 161 MHD__asn1_der_decoding_startEnd (dn, cert->raw.data, cert->raw.size,
162 "tbsCertificate.issuer", &start, &end);
160 163
161 if (result != ASN1_SUCCESS) 164 if (result != ASN1_SUCCESS)
162 { 165 {
@@ -211,7 +214,7 @@ _find_x509_cert (const MHD_gtls_cert_credentials_t cred,
211 { 214 {
212 if ((result = 215 if ((result =
213 MHD__gnutls_cert_get_issuer_dn (&cred->cert_list[i][j], 216 MHD__gnutls_cert_get_issuer_dn (&cred->cert_list[i][j],
214 &odn)) < 0) 217 &odn)) < 0)
215 { 218 {
216 MHD_gnutls_assert (); 219 MHD_gnutls_assert ();
217 return result; 220 return result;
@@ -483,7 +486,8 @@ _select_client_cert (MHD_gtls_session_t session,
483 if (issuers_dn_length > 0) 486 if (issuers_dn_length > 0)
484 { 487 {
485 issuers_dn = 488 issuers_dn =
486 MHD_gnutls_malloc (sizeof (MHD_gnutls_datum_t) * issuers_dn_length); 489 MHD_gnutls_malloc (sizeof (MHD_gnutls_datum_t) *
490 issuers_dn_length);
487 if (issuers_dn == NULL) 491 if (issuers_dn == NULL)
488 { 492 {
489 MHD_gnutls_assert (); 493 MHD_gnutls_assert ();
@@ -712,7 +716,8 @@ MHD_gtls_proc_x509_server_certificate (MHD_gtls_session_t session,
712 */ 716 */
713 717
714 peer_certificate_list = 718 peer_certificate_list =
715 MHD_gnutls_malloc (sizeof (MHD_gnutls_cert) * (peer_certificate_list_size)); 719 MHD_gnutls_malloc (sizeof (MHD_gnutls_cert) *
720 (peer_certificate_list_size));
716 721
717 if (peer_certificate_list == NULL) 722 if (peer_certificate_list == NULL)
718 { 723 {
@@ -752,8 +757,9 @@ MHD_gtls_proc_x509_server_certificate (MHD_gtls_session_t session,
752 757
753 if ((ret = 758 if ((ret =
754 MHD__gnutls_copy_certificate_auth_info (info, 759 MHD__gnutls_copy_certificate_auth_info (info,
755 peer_certificate_list, 760 peer_certificate_list,
756 peer_certificate_list_size)) < 0) 761 peer_certificate_list_size)) <
762 0)
757 { 763 {
758 MHD_gnutls_assert (); 764 MHD_gnutls_assert ();
759 goto cleanup; 765 goto cleanup;
@@ -761,7 +767,7 @@ MHD_gtls_proc_x509_server_certificate (MHD_gtls_session_t session,
761 767
762 if ((ret = 768 if ((ret =
763 MHD__gnutls_check_key_usage (&peer_certificate_list[0], 769 MHD__gnutls_check_key_usage (&peer_certificate_list[0],
764 MHD_gnutls_kx_get (session))) < 0) 770 MHD_gnutls_kx_get (session))) < 0)
765 { 771 {
766 MHD_gnutls_assert (); 772 MHD_gnutls_assert ();
767 goto cleanup; 773 goto cleanup;
diff --git a/src/daemon/https/tls/auth_cert.h b/src/daemon/https/tls/auth_cert.h
index aabfac76..395fdd29 100644
--- a/src/daemon/https/tls/auth_cert.h
+++ b/src/daemon/https/tls/auth_cert.h
@@ -117,9 +117,9 @@ typedef struct MHD_gtls_cert_auth_info_st
117 MHD_gtls_dh_info_st dh; 117 MHD_gtls_dh_info_st dh;
118 rsa_info_st rsa_export; 118 rsa_info_st rsa_export;
119 119
120 MHD_gnutls_datum_t *raw_certificate_list; /* holds the raw certificate of the 120 MHD_gnutls_datum_t *raw_certificate_list; /* holds the raw certificate of the
121 * peer. 121 * peer.
122 */ 122 */
123 unsigned int ncerts; /* holds the size of the list above */ 123 unsigned int ncerts; /* holds the size of the list above */
124} *cert_auth_info_t; 124} *cert_auth_info_t;
125 125
diff --git a/src/daemon/https/tls/auth_rsa.c b/src/daemon/https/tls/auth_rsa.c
index 97f1901d..f39a91fb 100644
--- a/src/daemon/https/tls/auth_rsa.c
+++ b/src/daemon/https/tls/auth_rsa.c
@@ -57,7 +57,7 @@ const MHD_gtls_mod_auth_st MHD_gtls_rsa_auth_struct = {
57 MHD_gtls_proc_cert_server_certificate, 57 MHD_gtls_proc_cert_server_certificate,
58 MHD__gnutls_proc_cert_client_certificate, 58 MHD__gnutls_proc_cert_client_certificate,
59 NULL, /* proc server kx */ 59 NULL, /* proc server kx */
60 MHD__gnutls_proc_rsa_client_kx, /* proc client kx */ 60 MHD__gnutls_proc_rsa_client_kx, /* proc client kx */
61 MHD_gtls_proc_cert_client_cert_vrfy, /* proc client cert vrfy */ 61 MHD_gtls_proc_cert_client_cert_vrfy, /* proc client cert vrfy */
62 MHD_gtls_proc_cert_cert_req /* proc server cert request */ 62 MHD_gtls_proc_cert_cert_req /* proc server cert request */
63}; 63};
@@ -66,8 +66,8 @@ const MHD_gtls_mod_auth_st MHD_gtls_rsa_auth_struct = {
66 */ 66 */
67int 67int
68MHD__gnutls_get_public_rsa_params (MHD_gtls_session_t session, 68MHD__gnutls_get_public_rsa_params (MHD_gtls_session_t session,
69 mpi_t params[MAX_PUBLIC_PARAMS_SIZE], 69 mpi_t params[MAX_PUBLIC_PARAMS_SIZE],
70 int *params_len) 70 int *params_len)
71{ 71{
72 int ret; 72 int ret;
73 cert_auth_info_t info; 73 cert_auth_info_t info;
@@ -148,7 +148,7 @@ MHD__gnutls_get_public_rsa_params (MHD_gtls_session_t session,
148 */ 148 */
149int 149int
150MHD__gnutls_get_private_rsa_params (MHD_gtls_session_t session, 150MHD__gnutls_get_private_rsa_params (MHD_gtls_session_t session,
151 mpi_t ** params, int *params_size) 151 mpi_t ** params, int *params_size)
152{ 152{
153 int bits; 153 int bits;
154 MHD_gtls_cert_credentials_t cred; 154 MHD_gtls_cert_credentials_t cred;
@@ -169,8 +169,8 @@ MHD__gnutls_get_private_rsa_params (MHD_gtls_session_t session,
169 } 169 }
170 170
171 bits = 171 bits =
172 MHD__gnutls_mpi_get_nbits (session->internals.selected_cert_list[0]. 172 MHD__gnutls_mpi_get_nbits (session->internals.
173 params[0]); 173 selected_cert_list[0].params[0]);
174 174
175 if (MHD_gtls_cipher_suite_get_kx_algo 175 if (MHD_gtls_cipher_suite_get_kx_algo
176 (&session->security_parameters.current_cipher_suite) 176 (&session->security_parameters.current_cipher_suite)
@@ -207,7 +207,7 @@ MHD__gnutls_get_private_rsa_params (MHD_gtls_session_t session,
207 207
208int 208int
209MHD__gnutls_proc_rsa_client_kx (MHD_gtls_session_t session, opaque * data, 209MHD__gnutls_proc_rsa_client_kx (MHD_gtls_session_t session, opaque * data,
210 size_t _data_size) 210 size_t _data_size)
211{ 211{
212 MHD_gnutls_datum_t plaintext; 212 MHD_gnutls_datum_t plaintext;
213 MHD_gnutls_datum_t ciphertext; 213 MHD_gnutls_datum_t ciphertext;
@@ -291,7 +291,8 @@ MHD__gnutls_proc_rsa_client_kx (MHD_gtls_session_t session, opaque * data,
291 291
292 /* we do not need strong random numbers here. 292 /* we do not need strong random numbers here.
293 */ 293 */
294 if (MHD_gc_nonce ((char*) session->key->key.data, session->key->key.size) != GC_OK) 294 if (MHD_gc_nonce
295 ((char *) session->key->key.data, session->key->key.size) != GC_OK)
295 { 296 {
296 MHD_gnutls_assert (); 297 MHD_gnutls_assert ();
297 return GNUTLS_E_RANDOM_FAILED; 298 return GNUTLS_E_RANDOM_FAILED;
@@ -321,7 +322,7 @@ int
321MHD__gnutls_gen_rsa_client_kx (MHD_gtls_session_t session, opaque ** data) 322MHD__gnutls_gen_rsa_client_kx (MHD_gtls_session_t session, opaque ** data)
322{ 323{
323 cert_auth_info_t auth; 324 cert_auth_info_t auth;
324 MHD_gnutls_datum_t sdata; /* data to send */ 325 MHD_gnutls_datum_t sdata; /* data to send */
325 mpi_t params[MAX_PUBLIC_PARAMS_SIZE]; 326 mpi_t params[MAX_PUBLIC_PARAMS_SIZE];
326 int params_len = MAX_PUBLIC_PARAMS_SIZE; 327 int params_len = MAX_PUBLIC_PARAMS_SIZE;
327 int ret, i; 328 int ret, i;
@@ -330,7 +331,7 @@ MHD__gnutls_gen_rsa_client_kx (MHD_gtls_session_t session, opaque ** data)
330 if (session->key == NULL) 331 if (session->key == NULL)
331 { 332 {
332 MHD_gnutls_assert (); 333 MHD_gnutls_assert ();
333 return GNUTLS_E_INSUFFICIENT_CREDENTIALS; 334 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
334 } 335 }
335 336
336 auth = session->key->auth_info; 337 auth = session->key->auth_info;
@@ -352,8 +353,8 @@ MHD__gnutls_gen_rsa_client_kx (MHD_gtls_session_t session, opaque ** data)
352 return GNUTLS_E_MEMORY_ERROR; 353 return GNUTLS_E_MEMORY_ERROR;
353 } 354 }
354 355
355 if (MHD_gc_pseudo_random ((char*) session->key->key.data, 356 if (MHD_gc_pseudo_random ((char *) session->key->key.data,
356 session->key->key.size) != GC_OK) 357 session->key->key.size) != GC_OK)
357 { 358 {
358 MHD_gnutls_assert (); 359 MHD_gnutls_assert ();
359 return GNUTLS_E_RANDOM_FAILED; 360 return GNUTLS_E_RANDOM_FAILED;
diff --git a/src/daemon/https/tls/auth_rsa_export.c b/src/daemon/https/tls/auth_rsa_export.c
index 31a5f2a6..5fdce12e 100644
--- a/src/daemon/https/tls/auth_rsa_export.c
+++ b/src/daemon/https/tls/auth_rsa_export.c
@@ -60,7 +60,7 @@ const MHD_gtls_mod_auth_st MHD_rsa_export_auth_struct = {
60 MHD_gtls_proc_cert_server_certificate, 60 MHD_gtls_proc_cert_server_certificate,
61 MHD__gnutls_proc_cert_client_certificate, 61 MHD__gnutls_proc_cert_client_certificate,
62 proc_rsa_export_server_kx, 62 proc_rsa_export_server_kx,
63 MHD__gnutls_proc_rsa_client_kx, /* proc client kx */ 63 MHD__gnutls_proc_rsa_client_kx, /* proc client kx */
64 MHD_gtls_proc_cert_client_cert_vrfy, /* proc client cert vrfy */ 64 MHD_gtls_proc_cert_client_cert_vrfy, /* proc client cert vrfy */
65 MHD_gtls_proc_cert_cert_req /* proc server cert request */ 65 MHD_gtls_proc_cert_cert_req /* proc server cert request */
66}; 66};
diff --git a/src/daemon/https/tls/debug.c b/src/daemon/https/tls/debug.c
index b7408e39..ac657504 100644
--- a/src/daemon/https/tls/debug.c
+++ b/src/daemon/https/tls/debug.c
@@ -37,13 +37,15 @@ MHD__gnutls_print_state (MHD_gtls_session_t session)
37 37
38 MHD__gnutls_debug_log ("GNUTLS State:\n"); 38 MHD__gnutls_debug_log ("GNUTLS State:\n");
39 MHD__gnutls_debug_log ("Connection End: %d\n", 39 MHD__gnutls_debug_log ("Connection End: %d\n",
40 session->security_parameters.entity); 40 session->security_parameters.entity);
41 MHD__gnutls_debug_log ("Cipher Algorithm: %d\n", 41 MHD__gnutls_debug_log ("Cipher Algorithm: %d\n",
42 session->security_parameters.read_bulk_cipher_algorithm); 42 session->security_parameters.
43 read_bulk_cipher_algorithm);
43 MHD__gnutls_debug_log ("MAC algorithm: %d\n", 44 MHD__gnutls_debug_log ("MAC algorithm: %d\n",
44 session->security_parameters.read_mac_algorithm); 45 session->security_parameters.read_mac_algorithm);
45 MHD__gnutls_debug_log ("Compression Algorithm: %d\n", 46 MHD__gnutls_debug_log ("Compression Algorithm: %d\n",
46 session->security_parameters.read_compression_algorithm); 47 session->security_parameters.
48 read_compression_algorithm);
47 MHD__gnutls_debug_log ("\n"); 49 MHD__gnutls_debug_log ("\n");
48 50
49} 51}
@@ -123,6 +125,7 @@ MHD__gnutls_dump_mpi (const char *prefix, mpi_t a)
123 size_t n = sizeof buf; 125 size_t n = sizeof buf;
124 126
125 if (gcry_mpi_print (GCRYMPI_FMT_HEX, buf, n, &n, a)) 127 if (gcry_mpi_print (GCRYMPI_FMT_HEX, buf, n, &n, a))
126 strcpy ((char*) buf, "[can't print value]"); /* Flawfinder: ignore */ 128 strcpy ((char *) buf, "[can't print value]"); /* Flawfinder: ignore */
127 MHD__gnutls_hard_log ("MPI: length: %d\n\t%s%s\n", (n - 1) / 2, prefix, buf); 129 MHD__gnutls_hard_log ("MPI: length: %d\n\t%s%s\n", (n - 1) / 2, prefix,
130 buf);
128} 131}
diff --git a/src/daemon/https/tls/debug.h b/src/daemon/https/tls/debug.h
index 637beca8..69c6a06e 100644
--- a/src/daemon/https/tls/debug.h
+++ b/src/daemon/https/tls/debug.h
@@ -26,5 +26,6 @@
26void MHD__gnutls_print_state (MHD_gtls_session_t session); 26void MHD__gnutls_print_state (MHD_gtls_session_t session);
27#endif 27#endif
28const char *MHD__gnutls_packet2str (content_type_t packet); 28const char *MHD__gnutls_packet2str (content_type_t packet);
29const char *MHD__gnutls_handshake2str (MHD_gnutls_handshake_description_t handshake); 29const char *MHD__gnutls_handshake2str (MHD_gnutls_handshake_description_t
30 handshake);
30void MHD__gnutls_dump_mpi (const char *prefix, mpi_t a); 31void MHD__gnutls_dump_mpi (const char *prefix, mpi_t a);
diff --git a/src/daemon/https/tls/ext_cert_type.c b/src/daemon/https/tls/ext_cert_type.c
index a104b00b..5fc53167 100644
--- a/src/daemon/https/tls/ext_cert_type.c
+++ b/src/daemon/https/tls/ext_cert_type.c
@@ -183,8 +183,8 @@ MHD_gtls_cert_type_send_params (MHD_gtls_session_t session, opaque * data,
183 for (i = 0; i < len; i++) 183 for (i = 0; i < len; i++)
184 { 184 {
185 data[i + 1] = 185 data[i + 1] =
186 MHD__gnutls_cert_type2num (session->internals. 186 MHD__gnutls_cert_type2num (session->internals.priorities.
187 priorities.cert_type.priority[i]); 187 cert_type.priority[i]);
188 } 188 }
189 return len + 1; 189 return len + 1;
190 } 190 }
@@ -203,7 +203,8 @@ MHD_gtls_cert_type_send_params (MHD_gtls_session_t session, opaque * data,
203 } 203 }
204 204
205 data[0] = 205 data[0] =
206 MHD__gnutls_cert_type2num (session->security_parameters.cert_type); 206 MHD__gnutls_cert_type2num (session->security_parameters.
207 cert_type);
207 return len; 208 return len;
208 } 209 }
209 210
diff --git a/src/daemon/https/tls/ext_max_record.c b/src/daemon/https/tls/ext_max_record.c
index 421a1739..5dcf2225 100644
--- a/src/daemon/https/tls/ext_max_record.c
+++ b/src/daemon/https/tls/ext_max_record.c
@@ -121,8 +121,8 @@ MHD_gtls_max_record_send_params (MHD_gtls_session_t session, opaque * data,
121 } 121 }
122 122
123 data[0] = 123 data[0] =
124 (uint8_t) MHD_gtls_mre_record2num (session->internals. 124 (uint8_t) MHD_gtls_mre_record2num (session->
125 proposed_record_size); 125 internals.proposed_record_size);
126 return len; 126 return len;
127 } 127 }
128 128
diff --git a/src/daemon/https/tls/ext_oprfi.c b/src/daemon/https/tls/ext_oprfi.c
index 913820da..8b245404 100644
--- a/src/daemon/https/tls/ext_oprfi.c
+++ b/src/daemon/https/tls/ext_oprfi.c
@@ -58,7 +58,8 @@ oprfi_recv_server (MHD_gtls_session_t session,
58 58
59 /* Store incoming data. */ 59 /* Store incoming data. */
60 session->security_parameters.extensions.oprfi_client_len = len; 60 session->security_parameters.extensions.oprfi_client_len = len;
61 session->security_parameters.extensions.oprfi_client = MHD_gnutls_malloc (len); 61 session->security_parameters.extensions.oprfi_client =
62 MHD_gnutls_malloc (len);
62 if (!session->security_parameters.extensions.oprfi_client) 63 if (!session->security_parameters.extensions.oprfi_client)
63 { 64 {
64 MHD_gnutls_assert (); 65 MHD_gnutls_assert ();
@@ -101,7 +102,8 @@ oprfi_recv_client (MHD_gtls_session_t session,
101 102
102 /* Store incoming data. */ 103 /* Store incoming data. */
103 session->security_parameters.extensions.oprfi_server_len = len; 104 session->security_parameters.extensions.oprfi_server_len = len;
104 session->security_parameters.extensions.oprfi_server = MHD_gnutls_malloc (len); 105 session->security_parameters.extensions.oprfi_server =
106 MHD_gnutls_malloc (len);
105 if (!session->security_parameters.extensions.oprfi_server) 107 if (!session->security_parameters.extensions.oprfi_server)
106 { 108 {
107 MHD_gnutls_assert (); 109 MHD_gnutls_assert ();
@@ -165,7 +167,8 @@ oprfi_send_server (MHD_gtls_session_t session, opaque * data,
165 session->security_parameters.extensions.oprfi_server_len = 167 session->security_parameters.extensions.oprfi_server_len =
166 session->security_parameters.extensions.oprfi_client_len; 168 session->security_parameters.extensions.oprfi_client_len;
167 session->security_parameters.extensions.oprfi_server = 169 session->security_parameters.extensions.oprfi_server =
168 MHD_gnutls_malloc (session->security_parameters.extensions.oprfi_server_len); 170 MHD_gnutls_malloc (session->security_parameters.extensions.
171 oprfi_server_len);
169 if (!session->security_parameters.extensions.oprfi_server) 172 if (!session->security_parameters.extensions.oprfi_server)
170 { 173 {
171 MHD_gnutls_assert (); 174 MHD_gnutls_assert ();
@@ -186,8 +189,8 @@ oprfi_send_server (MHD_gtls_session_t session, opaque * data,
186 } 189 }
187 190
188 DECR_LENGTH_RET (data_size, 2, GNUTLS_E_SHORT_MEMORY_BUFFER); 191 DECR_LENGTH_RET (data_size, 2, GNUTLS_E_SHORT_MEMORY_BUFFER);
189 MHD_gtls_write_uint16 (session->security_parameters. 192 MHD_gtls_write_uint16 (session->security_parameters.extensions.
190 extensions.oprfi_server_len, p); 193 oprfi_server_len, p);
191 p += 2; 194 p += 2;
192 195
193 DECR_LENGTH_RET (data_size, 196 DECR_LENGTH_RET (data_size,
@@ -206,10 +209,10 @@ MHD_gtls_oprfi_send_params (MHD_gtls_session_t session,
206{ 209{
207#if MHD_DEBUG_TLS 210#if MHD_DEBUG_TLS
208 if (session->security_parameters.entity == GNUTLS_CLIENT) 211 if (session->security_parameters.entity == GNUTLS_CLIENT)
209 return oprfi_send_client (session, data, data_size); 212 return oprfi_send_client (session, data, data_size);
210 else 213 else
211#endif 214#endif
212 return oprfi_send_server (session, data, data_size); 215 return oprfi_send_server (session, data, data_size);
213} 216}
214 217
215/** 218/**
@@ -255,7 +258,8 @@ MHD_gtls_oprfi_enable_client (MHD_gtls_session_t session,
255 **/ 258 **/
256void 259void
257MHD_gtls_oprfi_enable_server (MHD_gtls_session_t session, 260MHD_gtls_oprfi_enable_server (MHD_gtls_session_t session,
258 MHD_gnutls_oprfi_callback_func cb, void *userdata) 261 MHD_gnutls_oprfi_callback_func cb,
262 void *userdata)
259{ 263{
260 session->security_parameters.extensions.oprfi_cb = cb; 264 session->security_parameters.extensions.oprfi_cb = cb;
261 session->security_parameters.extensions.oprfi_userdata = userdata; 265 session->security_parameters.extensions.oprfi_userdata = userdata;
diff --git a/src/daemon/https/tls/ext_server_name.c b/src/daemon/https/tls/ext_server_name.c
index 9878fe62..1e3cab02 100644
--- a/src/daemon/https/tls/ext_server_name.c
+++ b/src/daemon/https/tls/ext_server_name.c
@@ -104,12 +104,12 @@ MHD_gtls_server_name_recv_params (MHD_gtls_session_t session,
104 case 0: /* NAME_DNS */ 104 case 0: /* NAME_DNS */
105 if (len <= MAX_SERVER_NAME_SIZE) 105 if (len <= MAX_SERVER_NAME_SIZE)
106 { 106 {
107 memcpy (session->security_parameters.extensions. 107 memcpy (session->security_parameters.
108 server_names[i].name, p, len); 108 extensions.server_names[i].name, p, len);
109 session->security_parameters.extensions. 109 session->security_parameters.extensions.server_names[i].
110 server_names[i].name_length = len; 110 name_length = len;
111 session->security_parameters.extensions. 111 session->security_parameters.extensions.server_names[i].
112 server_names[i].type = GNUTLS_NAME_DNS; 112 type = GNUTLS_NAME_DNS;
113 break; 113 break;
114 } 114 }
115 } 115 }
@@ -150,8 +150,8 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session,
150 /* count the total size 150 /* count the total size
151 */ 151 */
152 len = 152 len =
153 session->security_parameters.extensions.server_names[i]. 153 session->security_parameters.extensions.
154 name_length; 154 server_names[i].name_length;
155 155
156 /* uint8_t + uint16_t + size 156 /* uint8_t + uint16_t + size
157 */ 157 */
@@ -170,14 +170,14 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session,
170 i < session->security_parameters.extensions.server_names_size; i++) 170 i < session->security_parameters.extensions.server_names_size; i++)
171 { 171 {
172 172
173 switch (session->security_parameters.extensions. 173 switch (session->security_parameters.extensions.server_names[i].
174 server_names[i].type) 174 type)
175 { 175 {
176 case GNUTLS_NAME_DNS: 176 case GNUTLS_NAME_DNS:
177 177
178 len = 178 len =
179 session->security_parameters.extensions. 179 session->security_parameters.extensions.server_names[i].
180 server_names[i].name_length; 180 name_length;
181 if (len == 0) 181 if (len == 0)
182 break; 182 break;
183 183
@@ -195,8 +195,8 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session,
195 p += 2; 195 p += 2;
196 196
197 memcpy (p, 197 memcpy (p,
198 session->security_parameters.extensions. 198 session->security_parameters.extensions.server_names[0].
199 server_names[0].name, len); 199 name, len);
200 p += len; 200 p += len;
201 break; 201 break;
202 default: 202 default:
@@ -234,8 +234,8 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session,
234 **/ 234 **/
235int 235int
236MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data, 236MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data,
237 size_t * data_length, 237 size_t * data_length,
238 unsigned int *type, unsigned int indx) 238 unsigned int *type, unsigned int indx)
239{ 239{
240 char *_data = data; 240 char *_data = data;
241#if MHD_DEBUG_TLS 241#if MHD_DEBUG_TLS
@@ -256,8 +256,8 @@ MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data,
256 session->security_parameters.extensions.server_names[indx].name_length) 256 session->security_parameters.extensions.server_names[indx].name_length)
257 { 257 {
258 *data_length = 258 *data_length =
259 session->security_parameters.extensions.server_names[indx]. 259 session->security_parameters.extensions.
260 name_length; 260 server_names[indx].name_length;
261 memcpy (data, 261 memcpy (data,
262 session->security_parameters.extensions.server_names[indx].name, 262 session->security_parameters.extensions.server_names[indx].name,
263 *data_length); 263 *data_length);
@@ -269,8 +269,8 @@ MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data,
269 else 269 else
270 { 270 {
271 *data_length = 271 *data_length =
272 session->security_parameters.extensions.server_names[indx]. 272 session->security_parameters.extensions.
273 name_length; 273 server_names[indx].name_length;
274 return GNUTLS_E_SHORT_MEMORY_BUFFER; 274 return GNUTLS_E_SHORT_MEMORY_BUFFER;
275 } 275 }
276 276
@@ -296,8 +296,8 @@ MHD__gnutls_server_name_get (MHD_gtls_session_t session, void *data,
296 **/ 296 **/
297int 297int
298MHD__gnutls_server_name_set (MHD_gtls_session_t session, 298MHD__gnutls_server_name_set (MHD_gtls_session_t session,
299 MHD_gnutls_server_name_type_t type, 299 MHD_gnutls_server_name_type_t type,
300 const void *name, size_t name_length) 300 const void *name, size_t name_length)
301{ 301{
302 int server_names; 302 int server_names;
303 303
@@ -318,8 +318,8 @@ MHD__gnutls_server_name_set (MHD_gtls_session_t session,
318 318
319 session->security_parameters.extensions.server_names[server_names - 319 session->security_parameters.extensions.server_names[server_names -
320 1].type = type; 320 1].type = type;
321 memcpy (session->security_parameters.extensions. 321 memcpy (session->security_parameters.
322 server_names[server_names - 1].name, name, name_length); 322 extensions.server_names[server_names - 1].name, name, name_length);
323 session->security_parameters.extensions.server_names[server_names - 323 session->security_parameters.extensions.server_names[server_names -
324 1].name_length = 324 1].name_length =
325 name_length; 325 name_length;
diff --git a/src/daemon/https/tls/gnutls_alert.c b/src/daemon/https/tls/gnutls_alert.c
index b3ad303d..4925f6e7 100644
--- a/src/daemon/https/tls/gnutls_alert.c
+++ b/src/daemon/https/tls/gnutls_alert.c
@@ -110,8 +110,9 @@ MHD__gnutls_alert_get_name (MHD_gnutls_alert_description_t alert)
110 * 110 *
111 **/ 111 **/
112int 112int
113MHD__gnutls_alert_send (MHD_gtls_session_t session, MHD_gnutls_alert_level_t level, 113MHD__gnutls_alert_send (MHD_gtls_session_t session,
114 MHD_gnutls_alert_description_t desc) 114 MHD_gnutls_alert_level_t level,
115 MHD_gnutls_alert_description_t desc)
115{ 116{
116 uint8_t data[2]; 117 uint8_t data[2];
117 int ret; 118 int ret;
@@ -124,7 +125,7 @@ MHD__gnutls_alert_send (MHD_gtls_session_t session, MHD_gnutls_alert_level_t lev
124 if (name == NULL) 125 if (name == NULL)
125 name = "(unknown)"; 126 name = "(unknown)";
126 MHD__gnutls_record_log ("REC: Sending Alert[%d|%d] - %s\n", data[0], 127 MHD__gnutls_record_log ("REC: Sending Alert[%d|%d] - %s\n", data[0],
127 data[1], name); 128 data[1], name);
128 129
129 if ((ret = MHD_gtls_send_int (session, GNUTLS_ALERT, -1, data, 2)) >= 0) 130 if ((ret = MHD_gtls_send_int (session, GNUTLS_ALERT, -1, data, 2)) >= 0)
130 return 0; 131 return 0;
diff --git a/src/daemon/https/tls/gnutls_algorithms.c b/src/daemon/https/tls/gnutls_algorithms.c
index d6e12f48..18ba0457 100644
--- a/src/daemon/https/tls/gnutls_algorithms.c
+++ b/src/daemon/https/tls/gnutls_algorithms.c
@@ -352,7 +352,8 @@ const int MHD__gnutls_comp_algorithms_size = MAX_COMP_METHODS;
352 352
353/* the compression entry is defined in MHD_gnutls_algorithms.h */ 353/* the compression entry is defined in MHD_gnutls_algorithms.h */
354 354
355MHD_gnutls_compression_entry MHD__gnutls_compression_algorithms[MAX_COMP_METHODS] = 355MHD_gnutls_compression_entry
356 MHD__gnutls_compression_algorithms[MAX_COMP_METHODS] =
356 { GNUTLS_COMPRESSION_ENTRY (MHD_GNUTLS_COMP_NULL, 0x00, 0, 0, 0), 357 { GNUTLS_COMPRESSION_ENTRY (MHD_GNUTLS_COMP_NULL, 0x00, 0, 0, 0),
357#ifdef HAVE_LIBZ 358#ifdef HAVE_LIBZ
358 /* draft-ietf-tls-compression-02 */ 359 /* draft-ietf-tls-compression-02 */
@@ -1310,7 +1311,7 @@ MHD_gtls_version_lowest (MHD_gtls_session_t session)
1310 } 1311 }
1311 1312
1312 if (min == 0xff) 1313 if (min == 0xff)
1313 return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */ 1314 return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */
1314 1315
1315 return min; 1316 return min;
1316} 1317}
@@ -1333,7 +1334,7 @@ MHD_gtls_version_max (MHD_gtls_session_t session)
1333 } 1334 }
1334 1335
1335 if (max == 0x00) 1336 if (max == 0x00)
1336 return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */ 1337 return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */
1337 1338
1338 return max; 1339 return max;
1339} 1340}
@@ -1542,11 +1543,11 @@ MHD__gnutls_cipher_suite_is_ok (cipher_suite_st * suite)
1542#define MAX_ELEM_SIZE 4 1543#define MAX_ELEM_SIZE 4
1543static inline int 1544static inline int
1544MHD__gnutls_partition (MHD_gtls_session_t session, 1545MHD__gnutls_partition (MHD_gtls_session_t session,
1545 void *_base, 1546 void *_base,
1546 size_t nmemb, 1547 size_t nmemb,
1547 size_t size, 1548 size_t size,
1548 int (*compar) (MHD_gtls_session_t, 1549 int (*compar) (MHD_gtls_session_t,
1549 const void *, const void *)) 1550 const void *, const void *))
1550{ 1551{
1551 uint8_t *base = _base; 1552 uint8_t *base = _base;
1552 uint8_t tmp[MAX_ELEM_SIZE]; 1553 uint8_t tmp[MAX_ELEM_SIZE];
@@ -1590,10 +1591,11 @@ MHD__gnutls_partition (MHD_gtls_session_t session,
1590 1591
1591static void 1592static void
1592MHD__gnutls_qsort (MHD_gtls_session_t session, 1593MHD__gnutls_qsort (MHD_gtls_session_t session,
1593 void *_base, 1594 void *_base,
1594 size_t nmemb, 1595 size_t nmemb,
1595 size_t size, 1596 size_t size,
1596 int (*compar) (MHD_gtls_session_t, const void *, const void *)) 1597 int (*compar) (MHD_gtls_session_t, const void *,
1598 const void *))
1597{ 1599{
1598 unsigned int pivot; 1600 unsigned int pivot;
1599 char *base = _base; 1601 char *base = _base;
@@ -1613,9 +1615,9 @@ MHD__gnutls_qsort (MHD_gtls_session_t session,
1613 pivot = MHD__gnutls_partition (session, _base, nmemb, size, compar); 1615 pivot = MHD__gnutls_partition (session, _base, nmemb, size, compar);
1614 1616
1615 MHD__gnutls_qsort (session, base, pivot < nmemb ? pivot + 1 1617 MHD__gnutls_qsort (session, base, pivot < nmemb ? pivot + 1
1616 : pivot, size, compar); 1618 : pivot, size, compar);
1617 MHD__gnutls_qsort (session, &base[(pivot + 1) * size], nmemb - pivot - 1, size, 1619 MHD__gnutls_qsort (session, &base[(pivot + 1) * size], nmemb - pivot - 1,
1618 compar); 1620 size, compar);
1619} 1621}
1620 1622
1621/* a compare function for KX algorithms (using priorities). 1623/* a compare function for KX algorithms (using priorities).
@@ -1623,7 +1625,7 @@ MHD__gnutls_qsort (MHD_gtls_session_t session,
1623 */ 1625 */
1624static int 1626static int
1625MHD__gnutls_compare_algo (MHD_gtls_session_t session, 1627MHD__gnutls_compare_algo (MHD_gtls_session_t session,
1626 const void *i_A1, const void *i_A2) 1628 const void *i_A1, const void *i_A2)
1627{ 1629{
1628 enum MHD_GNUTLS_KeyExchangeAlgorithm kA1 = 1630 enum MHD_GNUTLS_KeyExchangeAlgorithm kA1 =
1629 MHD_gtls_cipher_suite_get_kx_algo ((const cipher_suite_st *) i_A1); 1631 MHD_gtls_cipher_suite_get_kx_algo ((const cipher_suite_st *) i_A1);
@@ -1662,8 +1664,8 @@ MHD__gnutls_compare_algo (MHD_gtls_session_t session,
1662#ifdef SORT_DEBUG 1664#ifdef SORT_DEBUG
1663static void 1665static void
1664MHD__gnutls_bsort (MHD_gtls_session_t session, void *_base, size_t nmemb, 1666MHD__gnutls_bsort (MHD_gtls_session_t session, void *_base, size_t nmemb,
1665 size_t size, int (*compar) (MHD_gtls_session_t, const void *, 1667 size_t size, int (*compar) (MHD_gtls_session_t,
1666 const void *)) 1668 const void *, const void *))
1667{ 1669{
1668 unsigned int i, j; 1670 unsigned int i, j;
1669 int full = nmemb * size; 1671 int full = nmemb * size;
@@ -1704,17 +1706,17 @@ MHD_gtls_supported_ciphersuites_sorted (MHD_gtls_session_t session,
1704 MHD__gnutls_debug_log ("Unsorted: \n"); 1706 MHD__gnutls_debug_log ("Unsorted: \n");
1705 for (i = 0; i < count; i++) 1707 for (i = 0; i < count; i++)
1706 MHD__gnutls_debug_log ("\t%d: %s\n", i, 1708 MHD__gnutls_debug_log ("\t%d: %s\n", i,
1707 MHD_gtls_cipher_suite_get_name ((*ciphers)[i])); 1709 MHD_gtls_cipher_suite_get_name ((*ciphers)[i]));
1708#endif 1710#endif
1709 1711
1710 MHD__gnutls_qsort (session, *ciphers, count, sizeof (cipher_suite_st), 1712 MHD__gnutls_qsort (session, *ciphers, count, sizeof (cipher_suite_st),
1711 MHD__gnutls_compare_algo); 1713 MHD__gnutls_compare_algo);
1712 1714
1713#ifdef SORT_DEBUG 1715#ifdef SORT_DEBUG
1714 MHD__gnutls_debug_log ("Sorted: \n"); 1716 MHD__gnutls_debug_log ("Sorted: \n");
1715 for (i = 0; i < count; i++) 1717 for (i = 0; i < count; i++)
1716 MHD__gnutls_debug_log ("\t%d: %s\n", i, 1718 MHD__gnutls_debug_log ("\t%d: %s\n", i,
1717 MHD_gtls_cipher_suite_get_name ((*ciphers)[i])); 1719 MHD_gtls_cipher_suite_get_name ((*ciphers)[i]));
1718#endif 1720#endif
1719 1721
1720 return count; 1722 return count;
@@ -1832,15 +1834,16 @@ MHD_gtls_supported_compression_methods (MHD_gtls_session_t session,
1832{ 1834{
1833 unsigned int i, j; 1835 unsigned int i, j;
1834 1836
1835 *comp = MHD_gnutls_malloc (sizeof (uint8_t) * SUPPORTED_COMPRESSION_METHODS); 1837 *comp =
1838 MHD_gnutls_malloc (sizeof (uint8_t) * SUPPORTED_COMPRESSION_METHODS);
1836 if (*comp == NULL) 1839 if (*comp == NULL)
1837 return GNUTLS_E_MEMORY_ERROR; 1840 return GNUTLS_E_MEMORY_ERROR;
1838 1841
1839 for (i = j = 0; i < SUPPORTED_COMPRESSION_METHODS; i++) 1842 for (i = j = 0; i < SUPPORTED_COMPRESSION_METHODS; i++)
1840 { 1843 {
1841 int tmp = 1844 int tmp =
1842 MHD_gtls_compression_get_num (session->internals.priorities. 1845 MHD_gtls_compression_get_num (session->internals.
1843 compression.priority[i]); 1846 priorities.compression.priority[i]);
1844 1847
1845 /* remove private compression algorithms, if requested. 1848 /* remove private compression algorithms, if requested.
1846 */ 1849 */
diff --git a/src/daemon/https/tls/gnutls_algorithms.h b/src/daemon/https/tls/gnutls_algorithms.h
index c0cb2332..ba4e83ba 100644
--- a/src/daemon/https/tls/gnutls_algorithms.h
+++ b/src/daemon/https/tls/gnutls_algorithms.h
@@ -93,7 +93,8 @@ int MHD_gtls_kx_is_ok (enum MHD_GNUTLS_KeyExchangeAlgorithm algorithm);
93int MHD_gtls_compression_is_ok (enum MHD_GNUTLS_CompressionMethod algorithm); 93int MHD_gtls_compression_is_ok (enum MHD_GNUTLS_CompressionMethod algorithm);
94int MHD_gtls_compression_get_num (enum MHD_GNUTLS_CompressionMethod 94int MHD_gtls_compression_get_num (enum MHD_GNUTLS_CompressionMethod
95 algorithm); 95 algorithm);
96enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get_id_from_int (int num); 96enum MHD_GNUTLS_CompressionMethod MHD_gtls_compression_get_id_from_int (int
97 num);
97int MHD_gtls_compression_get_mem_level (enum MHD_GNUTLS_CompressionMethod 98int MHD_gtls_compression_get_mem_level (enum MHD_GNUTLS_CompressionMethod
98 algorithm); 99 algorithm);
99int MHD_gtls_compression_get_comp_level (enum MHD_GNUTLS_CompressionMethod 100int MHD_gtls_compression_get_comp_level (enum MHD_GNUTLS_CompressionMethod
@@ -140,13 +141,14 @@ struct MHD_gtls_compression_entry
140typedef struct MHD_gtls_compression_entry MHD_gnutls_compression_entry; 141typedef struct MHD_gtls_compression_entry MHD_gnutls_compression_entry;
141 142
142/* Functions for sign algorithms. */ 143/* Functions for sign algorithms. */
143MHD_gnutls_sign_algorithm_t MHD_gtls_x509_oid2sign_algorithm (const char *oid); 144MHD_gnutls_sign_algorithm_t MHD_gtls_x509_oid2sign_algorithm (const char
145 *oid);
144MHD_gnutls_sign_algorithm_t MHD_gtls_x509_pk_to_sign (enum 146MHD_gnutls_sign_algorithm_t MHD_gtls_x509_pk_to_sign (enum
145 MHD_GNUTLS_PublicKeyAlgorithm 147 MHD_GNUTLS_PublicKeyAlgorithm
146 pk, 148 pk,
147 enum 149 enum
148 MHD_GNUTLS_HashAlgorithm 150 MHD_GNUTLS_HashAlgorithm
149 mac); 151 mac);
150const char *MHD_gtls_x509_sign_to_oid (enum MHD_GNUTLS_PublicKeyAlgorithm, 152const char *MHD_gtls_x509_sign_to_oid (enum MHD_GNUTLS_PublicKeyAlgorithm,
151 enum MHD_GNUTLS_HashAlgorithm mac); 153 enum MHD_GNUTLS_HashAlgorithm mac);
152 154
diff --git a/src/daemon/https/tls/gnutls_anon_cred.c b/src/daemon/https/tls/gnutls_anon_cred.c
index 665a0758..d73c0edd 100644
--- a/src/daemon/https/tls/gnutls_anon_cred.c
+++ b/src/daemon/https/tls/gnutls_anon_cred.c
@@ -44,7 +44,7 @@ static const int anon_dummy;
44 **/ 44 **/
45void 45void
46MHD__gnutls_anon_free_server_credentials (MHD_gtls_anon_server_credentials_t 46MHD__gnutls_anon_free_server_credentials (MHD_gtls_anon_server_credentials_t
47 sc) 47 sc)
48{ 48{
49 49
50 MHD_gnutls_free (sc); 50 MHD_gnutls_free (sc);
@@ -80,7 +80,7 @@ int
80 **/ 80 **/
81void 81void
82MHD__gnutls_anon_free_client_credentials (MHD_gtls_anon_client_credentials_t 82MHD__gnutls_anon_free_client_credentials (MHD_gtls_anon_client_credentials_t
83 sc) 83 sc)
84{ 84{
85} 85}
86 86
@@ -116,7 +116,7 @@ int
116 **/ 116 **/
117void 117void
118MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t res, 118MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t res,
119 MHD_gtls_dh_params_t dh_params) 119 MHD_gtls_dh_params_t dh_params)
120{ 120{
121 res->dh_params = dh_params; 121 res->dh_params = dh_params;
122} 122}
@@ -131,9 +131,8 @@ MHD__gnutls_anon_set_server_dh_params (MHD_gtls_anon_server_credentials_t res,
131 * callback should return zero on success. 131 * callback should return zero on success.
132 **/ 132 **/
133void 133void
134MHD__gnutls_anon_set_server_params_function (MHD_gtls_anon_server_credentials_t 134MHD__gnutls_anon_set_server_params_function
135 res, 135 (MHD_gtls_anon_server_credentials_t res, MHD_gnutls_params_function * func)
136 MHD_gnutls_params_function * func)
137{ 136{
138 res->params_func = func; 137 res->params_func = func;
139} 138}
diff --git a/src/daemon/https/tls/gnutls_auth.c b/src/daemon/https/tls/gnutls_auth.c
index b1e1abe7..6f14d9c8 100644
--- a/src/daemon/https/tls/gnutls_auth.c
+++ b/src/daemon/https/tls/gnutls_auth.c
@@ -91,7 +91,7 @@ MHD__gnutls_credentials_clear (MHD_gtls_session_t session)
91 **/ 91 **/
92int 92int
93MHD__gnutls_credentials_set (MHD_gtls_session_t session, 93MHD__gnutls_credentials_set (MHD_gtls_session_t session,
94 enum MHD_GNUTLS_CredentialsType type, void *cred) 94 enum MHD_GNUTLS_CredentialsType type, void *cred)
95{ 95{
96 auth_cred_st *ccred = NULL, *pcred = NULL; 96 auth_cred_st *ccred = NULL, *pcred = NULL;
97 int exists = 0; 97 int exists = 0;
@@ -170,8 +170,9 @@ MHD_gtls_auth_get_type (MHD_gtls_session_t session)
170 170
171 return 171 return
172 MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo 172 MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo
173 (&session->security_parameters. 173 (&session->
174 current_cipher_suite), server); 174 security_parameters.current_cipher_suite),
175 server);
175} 176}
176 177
177/** 178/**
@@ -188,8 +189,8 @@ MHD_gtls_auth_server_get_type (MHD_gtls_session_t session)
188{ 189{
189 return 190 return
190 MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo 191 MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo
191 (&session->security_parameters. 192 (&session->
192 current_cipher_suite), 1); 193 security_parameters.current_cipher_suite), 1);
193} 194}
194 195
195/** 196/**
@@ -206,8 +207,8 @@ MHD_gtls_auth_client_get_type (MHD_gtls_session_t session)
206{ 207{
207 return 208 return
208 MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo 209 MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo
209 (&session->security_parameters. 210 (&session->
210 current_cipher_suite), 0); 211 security_parameters.current_cipher_suite), 0);
211} 212}
212 213
213 214
diff --git a/src/daemon/https/tls/gnutls_buffers.c b/src/daemon/https/tls/gnutls_buffers.c
index 0a0f367b..8c6bb750 100644
--- a/src/daemon/https/tls/gnutls_buffers.c
+++ b/src/daemon/https/tls/gnutls_buffers.c
@@ -137,19 +137,19 @@ MHD_gnutls_record_buffer_put (content_type_t type,
137 case GNUTLS_APPLICATION_DATA: 137 case GNUTLS_APPLICATION_DATA:
138 buf = &session->internals.application_data_buffer; 138 buf = &session->internals.application_data_buffer;
139 MHD__gnutls_buffers_log ("BUF[REC]: Inserted %d bytes of Data(%d)\n", 139 MHD__gnutls_buffers_log ("BUF[REC]: Inserted %d bytes of Data(%d)\n",
140 length, type); 140 length, type);
141 break; 141 break;
142 142
143 case GNUTLS_HANDSHAKE: 143 case GNUTLS_HANDSHAKE:
144 buf = &session->internals.handshake_data_buffer; 144 buf = &session->internals.handshake_data_buffer;
145 MHD__gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data(%d)\n", 145 MHD__gnutls_buffers_log ("BUF[HSK]: Inserted %d bytes of Data(%d)\n",
146 length, type); 146 length, type);
147 break; 147 break;
148 148
149 case GNUTLS_INNER_APPLICATION: 149 case GNUTLS_INNER_APPLICATION:
150 buf = &session->internals.ia_data_buffer; 150 buf = &session->internals.ia_data_buffer;
151 MHD__gnutls_buffers_log ("BUF[IA]: Inserted %d bytes of Data(%d)\n", length, 151 MHD__gnutls_buffers_log ("BUF[IA]: Inserted %d bytes of Data(%d)\n",
152 type); 152 length, type);
153 break; 153 break;
154 154
155 default: 155 default:
@@ -223,7 +223,7 @@ MHD_gtls_record_buffer_get (content_type_t type, MHD_gtls_session_t session,
223 } 223 }
224 224
225 MHD__gnutls_buffers_log ("BUFFER[REC][AD]: Read %d bytes of Data(%d)\n", 225 MHD__gnutls_buffers_log ("BUFFER[REC][AD]: Read %d bytes of Data(%d)\n",
226 length, type); 226 length, type);
227 227
228 session->internals.application_data_buffer.length -= length; 228 session->internals.application_data_buffer.length -= length;
229 memcpy (data, session->internals.application_data_buffer.data, length); 229 memcpy (data, session->internals.application_data_buffer.data, length);
@@ -246,7 +246,7 @@ MHD_gtls_record_buffer_get (content_type_t type, MHD_gtls_session_t session,
246 } 246 }
247 247
248 MHD__gnutls_buffers_log ("BUF[REC][HD]: Read %d bytes of Data(%d)\n", 248 MHD__gnutls_buffers_log ("BUF[REC][HD]: Read %d bytes of Data(%d)\n",
249 length, type); 249 length, type);
250 250
251 session->internals.handshake_data_buffer.length -= length; 251 session->internals.handshake_data_buffer.length -= length;
252 memcpy (data, session->internals.handshake_data_buffer.data, length); 252 memcpy (data, session->internals.handshake_data_buffer.data, length);
@@ -263,7 +263,7 @@ MHD_gtls_record_buffer_get (content_type_t type, MHD_gtls_session_t session,
263 length = session->internals.ia_data_buffer.length; 263 length = session->internals.ia_data_buffer.length;
264 264
265 MHD__gnutls_buffers_log ("BUF[REC][IA]: Read %d bytes of Data(%d)\n", 265 MHD__gnutls_buffers_log ("BUF[REC][IA]: Read %d bytes of Data(%d)\n",
266 length, type); 266 length, type);
267 267
268 session->internals.ia_data_buffer.length -= length; 268 session->internals.ia_data_buffer.length -= length;
269 memcpy (data, session->internals.ia_data_buffer.data, length); 269 memcpy (data, session->internals.ia_data_buffer.data, length);
@@ -290,7 +290,7 @@ MHD_gtls_record_buffer_get (content_type_t type, MHD_gtls_session_t session,
290 */ 290 */
291static ssize_t 291static ssize_t
292MHD__gnutls_read (MHD_gtls_session_t session, void *iptr, 292MHD__gnutls_read (MHD_gtls_session_t session, void *iptr,
293 size_t sizeOfPtr, int flags) 293 size_t sizeOfPtr, int flags)
294{ 294{
295 size_t left; 295 size_t left;
296 ssize_t i = 0; 296 ssize_t i = 0;
@@ -333,16 +333,17 @@ MHD__gnutls_read (MHD_gtls_session_t session, void *iptr,
333 } 333 }
334 else 334 else
335 i = session->internals.MHD__gnutls_pull_func (fd, 335 i = session->internals.MHD__gnutls_pull_func (fd,
336 &ptr[sizeOfPtr - left], 336 &ptr[sizeOfPtr - left],
337 left); 337 left);
338 338
339 if (i < 0) 339 if (i < 0)
340 { 340 {
341 int err = session->internals.errnum ? session->internals.errnum 341 int err = session->internals.errnum ? session->internals.errnum
342 : errno; 342 : errno;
343 343
344 MHD__gnutls_read_log ("READ: %d returned from %d, errno=%d gerrno=%d\n", 344 MHD__gnutls_read_log
345 i, fd, errno, session->internals.errnum); 345 ("READ: %d returned from %d, errno=%d gerrno=%d\n", i, fd, errno,
346 session->internals.errnum);
346 347
347 if (err == EAGAIN || err == EINTR) 348 if (err == EAGAIN || err == EINTR)
348 { 349 {
@@ -350,7 +351,7 @@ MHD__gnutls_read (MHD_gtls_session_t session, void *iptr,
350 { 351 {
351 352
352 MHD__gnutls_read_log ("READ: returning %d bytes from %d\n", 353 MHD__gnutls_read_log ("READ: returning %d bytes from %d\n",
353 sizeOfPtr - left, fd); 354 sizeOfPtr - left, fd);
354 355
355 goto finish; 356 goto finish;
356 } 357 }
@@ -386,8 +387,8 @@ finish:
386 char line[128]; 387 char line[128];
387 char tmp[16]; 388 char tmp[16];
388 389
389 MHD__gnutls_read_log ("READ: read %d bytes from %d\n", (sizeOfPtr - left), 390 MHD__gnutls_read_log ("READ: read %d bytes from %d\n",
390 fd); 391 (sizeOfPtr - left), fd);
391 392
392 for (x = 0; x < ((sizeOfPtr - left) / 16) + 1; x++) 393 for (x = 0; x < ((sizeOfPtr - left) / 16) + 1; x++)
393 { 394 {
@@ -486,7 +487,7 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr,
486 487
487 if (sizeOfPtr > MAX_RECV_SIZE || sizeOfPtr == 0) 488 if (sizeOfPtr > MAX_RECV_SIZE || sizeOfPtr == 0)
488 { 489 {
489 MHD_gnutls_assert (); /* internal error */ 490 MHD_gnutls_assert (); /* internal error */
490 return GNUTLS_E_INVALID_REQUEST; 491 return GNUTLS_E_INVALID_REQUEST;
491 } 492 }
492 493
@@ -536,7 +537,7 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr,
536 if ((session->internals.record_recv_buffer.length + recvdata) 537 if ((session->internals.record_recv_buffer.length + recvdata)
537 > MAX_RECV_SIZE) 538 > MAX_RECV_SIZE)
538 { 539 {
539 MHD_gnutls_assert (); /* internal error */ 540 MHD_gnutls_assert (); /* internal error */
540 return GNUTLS_E_INVALID_REQUEST; 541 return GNUTLS_E_INVALID_REQUEST;
541 } 542 }
542 543
@@ -559,7 +560,8 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr,
559 /* READ DATA - but leave RCVLOWAT bytes in the kernel buffer. */ 560 /* READ DATA - but leave RCVLOWAT bytes in the kernel buffer. */
560 if (recvdata - recvlowat > 0) 561 if (recvdata - recvlowat > 0)
561 { 562 {
562 ret = MHD__gnutls_read (session, &buf[buf_pos], recvdata - recvlowat, 0); 563 ret =
564 MHD__gnutls_read (session, &buf[buf_pos], recvdata - recvlowat, 0);
563 565
564 /* return immediately if we got an interrupt or eagain 566 /* return immediately if we got an interrupt or eagain
565 * error. 567 * error.
@@ -574,8 +576,9 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr,
574 */ 576 */
575 if (ret > 0) 577 if (ret > 0)
576 { 578 {
577 MHD__gnutls_read_log ("RB: Have %d bytes into buffer. Adding %d bytes.\n", 579 MHD__gnutls_read_log
578 session->internals.record_recv_buffer.length, ret); 580 ("RB: Have %d bytes into buffer. Adding %d bytes.\n",
581 session->internals.record_recv_buffer.length, ret);
579 MHD__gnutls_read_log ("RB: Requested %d bytes\n", sizeOfPtr); 582 MHD__gnutls_read_log ("RB: Requested %d bytes\n", sizeOfPtr);
580 session->internals.record_recv_buffer.length += ret; 583 session->internals.record_recv_buffer.length += ret;
581 } 584 }
@@ -598,7 +601,8 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr,
598 601
599 if (ret2 > 0) 602 if (ret2 > 0)
600 { 603 {
601 MHD__gnutls_read_log ("RB-PEEK: Read %d bytes in PEEK MODE.\n", ret2); 604 MHD__gnutls_read_log ("RB-PEEK: Read %d bytes in PEEK MODE.\n",
605 ret2);
602 MHD__gnutls_read_log 606 MHD__gnutls_read_log
603 ("RB-PEEK: Have %d bytes into buffer. Adding %d bytes.\nRB: Requested %d bytes\n", 607 ("RB-PEEK: Have %d bytes into buffer. Adding %d bytes.\nRB: Requested %d bytes\n",
604 session->internals.record_recv_buffer.length, ret2, sizeOfPtr); 608 session->internals.record_recv_buffer.length, ret2, sizeOfPtr);
@@ -652,7 +656,7 @@ MHD_gtls_io_read_buffered (MHD_gtls_session_t session, opaque ** iptr,
652 656
653inline static int 657inline static int
654MHD__gnutls_buffer_insert (MHD_gtls_buffer * buffer, 658MHD__gnutls_buffer_insert (MHD_gtls_buffer * buffer,
655 const opaque * _data, size_t data_size) 659 const opaque * _data, size_t data_size)
656{ 660{
657 661
658 if ((MEMSUB (_data, buffer->data) >= 0) 662 if ((MEMSUB (_data, buffer->data) >= 0)
@@ -691,7 +695,7 @@ MHD__gnutls_buffer_insert (MHD_gtls_buffer * buffer,
691 695
692inline static int 696inline static int
693MHD__gnutls_buffer_get (MHD_gtls_buffer * buffer, 697MHD__gnutls_buffer_get (MHD_gtls_buffer * buffer,
694 const opaque ** ptr, size_t * ptr_size) 698 const opaque ** ptr, size_t * ptr_size)
695{ 699{
696 *ptr_size = buffer->length; 700 *ptr_size = buffer->length;
697 *ptr = buffer->data; 701 *ptr = buffer->data;
@@ -742,7 +746,8 @@ MHD_gtls_io_write_buffered (MHD_gtls_session_t session,
742 if (iptr == NULL) 746 if (iptr == NULL)
743 { 747 {
744 /* checking is handled above */ 748 /* checking is handled above */
745 ret = MHD__gnutls_buffer_get (&session->internals.record_send_buffer, &ptr, 749 ret =
750 MHD__gnutls_buffer_get (&session->internals.record_send_buffer, &ptr,
746 &n); 751 &n);
747 if (ret < 0) 752 if (ret < 0)
748 { 753 {
@@ -750,8 +755,8 @@ MHD_gtls_io_write_buffered (MHD_gtls_session_t session,
750 return ret; 755 return ret;
751 } 756 }
752 757
753 MHD__gnutls_write_log ("WRITE: Restoring old write. (%d bytes to send)\n", 758 MHD__gnutls_write_log
754 n); 759 ("WRITE: Restoring old write. (%d bytes to send)\n", n);
755 } 760 }
756 761
757 MHD__gnutls_write_log ("WRITE: Will write %d bytes to %d.\n", n, fd); 762 MHD__gnutls_write_log ("WRITE: Will write %d bytes to %d.\n", n, fd);
@@ -789,7 +794,8 @@ MHD_gtls_io_write_buffered (MHD_gtls_session_t session,
789#endif 794#endif
790 } 795 }
791 else 796 else
792 i = session->internals.MHD__gnutls_push_func (fd, &ptr[n - left], left); 797 i =
798 session->internals.MHD__gnutls_push_func (fd, &ptr[n - left], left);
793 799
794 if (i == -1) 800 if (i == -1)
795 { 801 {
@@ -801,8 +807,9 @@ MHD_gtls_io_write_buffered (MHD_gtls_session_t session,
801 session->internals.record_send_buffer_prev_size += n - left; 807 session->internals.record_send_buffer_prev_size += n - left;
802 808
803 retval = 809 retval =
804 MHD__gnutls_buffer_insert (&session->internals.record_send_buffer, 810 MHD__gnutls_buffer_insert (&session->internals.
805 &ptr[n - left], left); 811 record_send_buffer, &ptr[n - left],
812 left);
806 if (retval < 0) 813 if (retval < 0)
807 { 814 {
808 MHD_gnutls_assert (); 815 MHD_gnutls_assert ();
@@ -881,7 +888,7 @@ MHD_gtls_io_write_flush (MHD_gtls_session_t session)
881 888
882 ret = MHD_gtls_io_write_buffered (session, NULL, 0); 889 ret = MHD_gtls_io_write_buffered (session, NULL, 0);
883 MHD__gnutls_write_log ("WRITE FLUSH: %d [buffer: %d]\n", ret, 890 MHD__gnutls_write_log ("WRITE FLUSH: %d [buffer: %d]\n", ret,
884 session->internals.record_send_buffer.length); 891 session->internals.record_send_buffer.length);
885 892
886 return ret; 893 return ret;
887} 894}
@@ -935,7 +942,7 @@ MHD_gtls_handshake_io_send_int (MHD_gtls_session_t session,
935 */ 942 */
936 MHD_gnutls_assert (); 943 MHD_gnutls_assert ();
937 ret = MHD__gnutls_buffer_get (&session->internals.handshake_send_buffer, 944 ret = MHD__gnutls_buffer_get (&session->internals.handshake_send_buffer,
938 &ptr, &n); 945 &ptr, &n);
939 if (ret < 0) 946 if (ret < 0)
940 { 947 {
941 MHD_gnutls_assert (); 948 MHD_gnutls_assert ();
@@ -957,7 +964,7 @@ MHD_gtls_handshake_io_send_int (MHD_gtls_session_t session,
957 size_t sum = 0, x, j; 964 size_t sum = 0, x, j;
958 965
959 MHD__gnutls_write_log ("HWRITE: will write %d bytes to %d.\n", n, 966 MHD__gnutls_write_log ("HWRITE: will write %d bytes to %d.\n", n,
960 MHD_gnutls_transport_get_ptr (session)); 967 MHD_gnutls_transport_get_ptr (session));
961 for (x = 0; x < ((n) / 16) + 1; x++) 968 for (x = 0; x < ((n) / 16) + 1; x++)
962 { 969 {
963 if (sum > n) 970 if (sum > n)
@@ -968,7 +975,8 @@ MHD_gtls_handshake_io_send_int (MHD_gtls_session_t session,
968 { 975 {
969 if (sum < n) 976 if (sum < n)
970 { 977 {
971 MHD__gnutls_write_log ("%.2x ", ((unsigned char *) ptr)[sum++]); 978 MHD__gnutls_write_log ("%.2x ",
979 ((unsigned char *) ptr)[sum++]);
972 } 980 }
973 else 981 else
974 break; 982 break;
@@ -1009,9 +1017,9 @@ MHD_gtls_handshake_io_send_int (MHD_gtls_session_t session,
1009 MHD_gnutls_assert (); 1017 MHD_gnutls_assert ();
1010 1018
1011 retval = 1019 retval =
1012 MHD__gnutls_buffer_insert (&session->internals. 1020 MHD__gnutls_buffer_insert (&session->
1013 handshake_send_buffer, &ptr[n - left], 1021 internals.handshake_send_buffer,
1014 left); 1022 &ptr[n - left], left);
1015 if (retval < 0) 1023 if (retval < 0)
1016 { 1024 {
1017 MHD_gnutls_assert (); 1025 MHD_gnutls_assert ();
@@ -1112,8 +1120,9 @@ MHD_gtls_handshake_io_recv_int (MHD_gtls_session_t session,
1112 1120
1113 session->internals.handshake_recv_buffer.data 1121 session->internals.handshake_recv_buffer.data
1114 = 1122 =
1115 MHD_gtls_realloc_fast (session->internals. 1123 MHD_gtls_realloc_fast (session->
1116 handshake_recv_buffer.data, dsize); 1124 internals.handshake_recv_buffer.data,
1125 dsize);
1117 if (session->internals.handshake_recv_buffer.data == NULL) 1126 if (session->internals.handshake_recv_buffer.data == NULL)
1118 { 1127 {
1119 MHD_gnutls_assert (); 1128 MHD_gnutls_assert ();
@@ -1164,13 +1173,9 @@ MHD_gtls_handshake_buffer_put (MHD_gtls_session_t session, opaque * data,
1164 1173
1165 if ((session->internals.max_handshake_data_buffer_size > 0) && ((length 1174 if ((session->internals.max_handshake_data_buffer_size > 0) && ((length
1166 + 1175 +
1167 session-> 1176 session->internals.handshake_hash_buffer.length)
1168 internals. 1177 >
1169 handshake_hash_buffer. 1178 session->internals.max_handshake_data_buffer_size))
1170 length) >
1171 session->
1172 internals.
1173 max_handshake_data_buffer_size))
1174 { 1179 {
1175 MHD_gnutls_assert (); 1180 MHD_gnutls_assert ();
1176 return GNUTLS_E_MEMORY_ERROR; 1181 return GNUTLS_E_MEMORY_ERROR;
@@ -1224,7 +1229,7 @@ MHD_gtls_handshake_buffer_get_ptr (MHD_gtls_session_t session,
1224 *length = session->internals.handshake_hash_buffer.length; 1229 *length = session->internals.handshake_hash_buffer.length;
1225 1230
1226 MHD__gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n", 1231 MHD__gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n",
1227 session->internals.handshake_hash_buffer.length); 1232 session->internals.handshake_hash_buffer.length);
1228 1233
1229 if (data_ptr != NULL) 1234 if (data_ptr != NULL)
1230 *data_ptr = session->internals.handshake_hash_buffer.data; 1235 *data_ptr = session->internals.handshake_hash_buffer.data;
diff --git a/src/daemon/https/tls/gnutls_cert.c b/src/daemon/https/tls/gnutls_cert.c
index 45e001d6..d01d3918 100644
--- a/src/daemon/https/tls/gnutls_cert.c
+++ b/src/daemon/https/tls/gnutls_cert.c
@@ -210,7 +210,7 @@ MHD__gnutls_certificate_free_credentials (MHD_gtls_cert_credentials_t sc)
210 **/ 210 **/
211int 211int
212MHD__gnutls_certificate_allocate_credentials (MHD_gtls_cert_credentials_t * 212MHD__gnutls_certificate_allocate_credentials (MHD_gtls_cert_credentials_t *
213 res) 213 res)
214{ 214{
215 *res = MHD_gnutls_calloc (1, sizeof (MHD_gtls_cert_credentials_st)); 215 *res = MHD_gnutls_calloc (1, sizeof (MHD_gtls_cert_credentials_st));
216 216
@@ -271,7 +271,8 @@ MHD_gtls_selected_cert_supported_kx (MHD_gtls_session_t session,
271 return GNUTLS_E_INVALID_REQUEST; 271 return GNUTLS_E_INVALID_REQUEST;
272 } 272 }
273 273
274 *alg = MHD_gnutls_calloc (1, sizeof (enum MHD_GNUTLS_KeyExchangeAlgorithm) * i); 274 *alg =
275 MHD_gnutls_calloc (1, sizeof (enum MHD_GNUTLS_KeyExchangeAlgorithm) * i);
275 if (*alg == NULL) 276 if (*alg == NULL)
276 return GNUTLS_E_MEMORY_ERROR; 277 return GNUTLS_E_MEMORY_ERROR;
277 278
@@ -550,8 +551,9 @@ MHD_gtls_certificate_expiration_time_peers (MHD_gtls_session_t session)
550 { 551 {
551 case MHD_GNUTLS_CRT_X509: 552 case MHD_GNUTLS_CRT_X509:
552 return 553 return
553 MHD__gnutls_x509_get_raw_crt_expiration_time (&info->raw_certificate_list 554 MHD__gnutls_x509_get_raw_crt_expiration_time (&info->
554 [0]); 555 raw_certificate_list
556 [0]);
555 default: 557 default:
556 return (time_t) - 1; 558 return (time_t) - 1;
557 } 559 }
@@ -589,8 +591,9 @@ MHD_gtls_certificate_activation_time_peers (MHD_gtls_session_t session)
589 { 591 {
590 case MHD_GNUTLS_CRT_X509: 592 case MHD_GNUTLS_CRT_X509:
591 return 593 return
592 MHD__gnutls_x509_get_raw_crt_activation_time (&info->raw_certificate_list 594 MHD__gnutls_x509_get_raw_crt_activation_time (&info->
593 [0]); 595 raw_certificate_list
596 [0]);
594 default: 597 default:
595 return (time_t) - 1; 598 return (time_t) - 1;
596 } 599 }
@@ -695,7 +698,8 @@ MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert,
695 } 698 }
696 699
697 ret = 700 ret =
698 MHD_gnutls_x509_crt_export (cert, GNUTLS_X509_FMT_DER, der, &der_size); 701 MHD_gnutls_x509_crt_export (cert, GNUTLS_X509_FMT_DER, der,
702 &der_size);
699 if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER) 703 if (ret < 0 && ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
700 { 704 {
701 MHD_gnutls_assert (); 705 MHD_gnutls_assert ();
@@ -714,7 +718,7 @@ MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert,
714 718
715 ret = 719 ret =
716 MHD_gnutls_x509_crt_export (cert, GNUTLS_X509_FMT_DER, der, 720 MHD_gnutls_x509_crt_export (cert, GNUTLS_X509_FMT_DER, der,
717 &der_size); 721 &der_size);
718 if (ret < 0) 722 if (ret < 0)
719 { 723 {
720 MHD_gnutls_assert (); 724 MHD_gnutls_assert ();
@@ -736,13 +740,15 @@ MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert,
736 MHD_gnutls_x509_crt_get_key_usage (cert, &gcert->key_usage, NULL); 740 MHD_gnutls_x509_crt_get_key_usage (cert, &gcert->key_usage, NULL);
737 gcert->version = MHD_gnutls_x509_crt_get_version (cert); 741 gcert->version = MHD_gnutls_x509_crt_get_version (cert);
738 } 742 }
739 gcert->subject_pk_algorithm = MHD_gnutls_x509_crt_get_pk_algorithm (cert, NULL); 743 gcert->subject_pk_algorithm =
744 MHD_gnutls_x509_crt_get_pk_algorithm (cert, NULL);
740 745
741 if (flags & CERT_ONLY_PUBKEY || flags == 0) 746 if (flags & CERT_ONLY_PUBKEY || flags == 0)
742 { 747 {
743 gcert->params_size = MAX_PUBLIC_PARAMS_SIZE; 748 gcert->params_size = MAX_PUBLIC_PARAMS_SIZE;
744 ret = 749 ret =
745 MHD__gnutls_x509_crt_get_mpis (cert, gcert->params, &gcert->params_size); 750 MHD__gnutls_x509_crt_get_mpis (cert, gcert->params,
751 &gcert->params_size);
746 if (ret < 0) 752 if (ret < 0)
747 { 753 {
748 MHD_gnutls_assert (); 754 MHD_gnutls_assert ();
diff --git a/src/daemon/https/tls/gnutls_cert.h b/src/daemon/https/tls/gnutls_cert.h
index b759fca5..ee3b3ca8 100644
--- a/src/daemon/https/tls/gnutls_cert.h
+++ b/src/daemon/https/tls/gnutls_cert.h
@@ -110,7 +110,8 @@ typedef enum ConvFlags
110int MHD_gtls_x509_raw_cert_to_gcert (MHD_gnutls_cert * gcert, 110int MHD_gtls_x509_raw_cert_to_gcert (MHD_gnutls_cert * gcert,
111 const MHD_gnutls_datum_t * derCert, 111 const MHD_gnutls_datum_t * derCert,
112 int flags); 112 int flags);
113int MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert, MHD_gnutls_x509_crt_t cert, 113int MHD_gtls_x509_crt_to_gcert (MHD_gnutls_cert * gcert,
114 MHD_gnutls_x509_crt_t cert,
114 unsigned int flags); 115 unsigned int flags);
115 116
116void MHD_gtls_gkey_deinit (MHD_gnutls_privkey * key); 117void MHD_gtls_gkey_deinit (MHD_gnutls_privkey * key);
diff --git a/src/daemon/https/tls/gnutls_cipher.c b/src/daemon/https/tls/gnutls_cipher.c
index 9ff19759..757fd06d 100644
--- a/src/daemon/https/tls/gnutls_cipher.c
+++ b/src/daemon/https/tls/gnutls_cipher.c
@@ -244,7 +244,7 @@ calc_enc_length (MHD_gtls_session_t session, int data_size,
244 244
245 break; 245 break;
246 case CIPHER_BLOCK: 246 case CIPHER_BLOCK:
247 if (MHD_gc_nonce ((char*) &rnd, 1) != GC_OK) 247 if (MHD_gc_nonce ((char *) &rnd, 1) != GC_OK)
248 { 248 {
249 MHD_gnutls_assert (); 249 MHD_gnutls_assert ();
250 return GNUTLS_E_RANDOM_FAILED; 250 return GNUTLS_E_RANDOM_FAILED;
@@ -302,15 +302,15 @@ MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session,
302 uint8_t type = _type; 302 uint8_t type = _type;
303 uint8_t major, minor; 303 uint8_t major, minor;
304 int hash_size = 304 int hash_size =
305 MHD_gnutls_hash_get_algo_len (session->security_parameters. 305 MHD_gnutls_hash_get_algo_len (session->
306 write_mac_algorithm); 306 security_parameters.write_mac_algorithm);
307 enum MHD_GNUTLS_Protocol ver; 307 enum MHD_GNUTLS_Protocol ver;
308 int blocksize = 308 int blocksize =
309 MHD_gtls_cipher_get_block_size (session->security_parameters. 309 MHD_gtls_cipher_get_block_size (session->
310 write_bulk_cipher_algorithm); 310 security_parameters.write_bulk_cipher_algorithm);
311 cipher_type_t block_algo = 311 cipher_type_t block_algo =
312 MHD_gtls_cipher_is_block (session->security_parameters. 312 MHD_gtls_cipher_is_block (session->
313 write_bulk_cipher_algorithm); 313 security_parameters.write_bulk_cipher_algorithm);
314 opaque *data_ptr; 314 opaque *data_ptr;
315 315
316 316
@@ -337,8 +337,9 @@ MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session,
337 if (td != GNUTLS_MAC_FAILED) 337 if (td != GNUTLS_MAC_FAILED)
338 { /* actually when the algorithm in not the NULL one */ 338 { /* actually when the algorithm in not the NULL one */
339 MHD_gnutls_hash (td, 339 MHD_gnutls_hash (td,
340 UINT64DATA (session->connection_state. 340 UINT64DATA (session->
341 write_sequence_number), 8); 341 connection_state.write_sequence_number),
342 8);
342 343
343 MHD_gnutls_hash (td, &type, 1); 344 MHD_gnutls_hash (td, &type, 1);
344 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0) 345 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
@@ -377,7 +378,7 @@ MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session,
377 { 378 {
378 /* copy the random IV. 379 /* copy the random IV.
379 */ 380 */
380 if (MHD_gc_nonce ((char*) data_ptr, blocksize) != GC_OK) 381 if (MHD_gc_nonce ((char *) data_ptr, blocksize) != GC_OK)
381 { 382 {
382 MHD_gnutls_assert (); 383 MHD_gnutls_assert ();
383 return GNUTLS_E_RANDOM_FAILED; 384 return GNUTLS_E_RANDOM_FAILED;
@@ -432,16 +433,16 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session,
432 uint8_t major, minor; 433 uint8_t major, minor;
433 enum MHD_GNUTLS_Protocol ver; 434 enum MHD_GNUTLS_Protocol ver;
434 int hash_size = 435 int hash_size =
435 MHD_gnutls_hash_get_algo_len (session->security_parameters. 436 MHD_gnutls_hash_get_algo_len (session->
436 read_mac_algorithm); 437 security_parameters.read_mac_algorithm);
437 438
438 ver = MHD__gnutls_protocol_get_version (session); 439 ver = MHD__gnutls_protocol_get_version (session);
439 minor = MHD_gtls_version_get_minor (ver); 440 minor = MHD_gtls_version_get_minor (ver);
440 major = MHD_gtls_version_get_major (ver); 441 major = MHD_gtls_version_get_major (ver);
441 442
442 blocksize = 443 blocksize =
443 MHD_gtls_cipher_get_block_size (session->security_parameters. 444 MHD_gtls_cipher_get_block_size (session->
444 read_bulk_cipher_algorithm); 445 security_parameters.read_bulk_cipher_algorithm);
445 446
446 /* initialize MAC 447 /* initialize MAC
447 */ 448 */
@@ -465,9 +466,9 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session,
465 { 466 {
466 case CIPHER_STREAM: 467 case CIPHER_STREAM:
467 if ((ret = 468 if ((ret =
468 MHD_gtls_cipher_decrypt (session->connection_state. 469 MHD_gtls_cipher_decrypt (session->
469 read_cipher_state, ciphertext.data, 470 connection_state.read_cipher_state,
470 ciphertext.size)) < 0) 471 ciphertext.data, ciphertext.size)) < 0)
471 { 472 {
472 MHD_gnutls_assert (); 473 MHD_gnutls_assert ();
473 return ret; 474 return ret;
@@ -484,9 +485,9 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session,
484 } 485 }
485 486
486 if ((ret = 487 if ((ret =
487 MHD_gtls_cipher_decrypt (session->connection_state. 488 MHD_gtls_cipher_decrypt (session->
488 read_cipher_state, ciphertext.data, 489 connection_state.read_cipher_state,
489 ciphertext.size)) < 0) 490 ciphertext.data, ciphertext.size)) < 0)
490 { 491 {
491 MHD_gnutls_assert (); 492 MHD_gnutls_assert ();
492 return ret; 493 return ret;
@@ -544,8 +545,8 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session,
544 if (td != GNUTLS_MAC_FAILED) 545 if (td != GNUTLS_MAC_FAILED)
545 { 546 {
546 MHD_gnutls_hash (td, 547 MHD_gnutls_hash (td,
547 UINT64DATA (session->connection_state. 548 UINT64DATA (session->
548 read_sequence_number), 8); 549 connection_state.read_sequence_number), 8);
549 550
550 MHD_gnutls_hash (td, &type, 1); 551 MHD_gnutls_hash (td, &type, 1);
551 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0) 552 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
diff --git a/src/daemon/https/tls/gnutls_cipher.h b/src/daemon/https/tls/gnutls_cipher.h
index ab86d380..b8dc0070 100644
--- a/src/daemon/https/tls/gnutls_cipher.h
+++ b/src/daemon/https/tls/gnutls_cipher.h
@@ -37,4 +37,5 @@ int MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session,
37 content_type_t _type, int random_pad); 37 content_type_t _type, int random_pad);
38int MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session, 38int MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session,
39 opaque * compress_data, int compress_size, 39 opaque * compress_data, int compress_size,
40 MHD_gnutls_datum_t ciphertext, uint8_t type); 40 MHD_gnutls_datum_t ciphertext,
41 uint8_t type);
diff --git a/src/daemon/https/tls/gnutls_cipher_int.c b/src/daemon/https/tls/gnutls_cipher_int.c
index 21fda10c..9861fab1 100644
--- a/src/daemon/https/tls/gnutls_cipher_int.c
+++ b/src/daemon/https/tls/gnutls_cipher_int.c
@@ -29,7 +29,8 @@
29 29
30cipher_hd_t 30cipher_hd_t
31MHD_gtls_cipher_init (enum MHD_GNUTLS_CipherAlgorithm cipher, 31MHD_gtls_cipher_init (enum MHD_GNUTLS_CipherAlgorithm cipher,
32 const MHD_gnutls_datum_t * key, const MHD_gnutls_datum_t * iv) 32 const MHD_gnutls_datum_t * key,
33 const MHD_gnutls_datum_t * iv)
33{ 34{
34 cipher_hd_t ret = NULL; 35 cipher_hd_t ret = NULL;
35 int err = GC_INVALID_CIPHER; /* doesn't matter */ 36 int err = GC_INVALID_CIPHER; /* doesn't matter */
@@ -80,9 +81,9 @@ MHD_gtls_cipher_init (enum MHD_GNUTLS_CipherAlgorithm cipher,
80 81
81 if (err == 0) 82 if (err == 0)
82 { 83 {
83 MHD_gc_cipher_setkey (ret, key->size, (const char*) key->data); 84 MHD_gc_cipher_setkey (ret, key->size, (const char *) key->data);
84 if (iv->data != NULL && iv->size > 0) 85 if (iv->data != NULL && iv->size > 0)
85 MHD_gc_cipher_setiv (ret, iv->size, (const char*) iv->data); 86 MHD_gc_cipher_setiv (ret, iv->size, (const char *) iv->data);
86 } 87 }
87 else if (cipher != MHD_GNUTLS_CIPHER_NULL) 88 else if (cipher != MHD_GNUTLS_CIPHER_NULL)
88 { 89 {
@@ -114,7 +115,8 @@ MHD_gtls_cipher_decrypt (cipher_hd_t handle, void *ciphertext,
114{ 115{
115 if (handle != GNUTLS_CIPHER_FAILED) 116 if (handle != GNUTLS_CIPHER_FAILED)
116 { 117 {
117 if (MHD_gc_cipher_decrypt_inline (handle, ciphertextlen, ciphertext) != 0) 118 if (MHD_gc_cipher_decrypt_inline (handle, ciphertextlen, ciphertext) !=
119 0)
118 { 120 {
119 MHD_gnutls_assert (); 121 MHD_gnutls_assert ();
120 return GNUTLS_E_INTERNAL_ERROR; 122 return GNUTLS_E_INTERNAL_ERROR;
diff --git a/src/daemon/https/tls/gnutls_compress.c b/src/daemon/https/tls/gnutls_compress.c
index 9552a72a..3fc4f41c 100644
--- a/src/daemon/https/tls/gnutls_compress.c
+++ b/src/daemon/https/tls/gnutls_compress.c
@@ -35,8 +35,8 @@
35 */ 35 */
36int 36int
37MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session, 37MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session,
38 MHD_gnutls_datum_t * compressed, 38 MHD_gnutls_datum_t * compressed,
39 const MHD_gnutls_datum_t * plaintext) 39 const MHD_gnutls_datum_t * plaintext)
40{ 40{
41 int size; 41 int size;
42 opaque *data; 42 opaque *data;
@@ -58,8 +58,8 @@ MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session,
58 58
59int 59int
60MHD__gnutls_m_compressed2plaintext (MHD_gtls_session_t session, 60MHD__gnutls_m_compressed2plaintext (MHD_gtls_session_t session,
61 MHD_gnutls_datum_t * plain, 61 MHD_gnutls_datum_t * plain,
62 const MHD_gnutls_datum_t * compressed) 62 const MHD_gnutls_datum_t * compressed)
63{ 63{
64 int size; 64 int size;
65 opaque *data; 65 opaque *data;
diff --git a/src/daemon/https/tls/gnutls_compress.h b/src/daemon/https/tls/gnutls_compress.h
index c950e95d..c7a95c8b 100644
--- a/src/daemon/https/tls/gnutls_compress.h
+++ b/src/daemon/https/tls/gnutls_compress.h
@@ -23,8 +23,9 @@
23 */ 23 */
24 24
25int MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session, 25int MHD__gnutls_m_plaintext2compressed (MHD_gtls_session_t session,
26 MHD_gnutls_datum_t * compressed, 26 MHD_gnutls_datum_t * compressed,
27 const MHD_gnutls_datum_t * plaintext); 27 const MHD_gnutls_datum_t * plaintext);
28int MHD__gnutls_m_compressed2plaintext (MHD_gtls_session_t session, 28int MHD__gnutls_m_compressed2plaintext (MHD_gtls_session_t session,
29 MHD_gnutls_datum_t * plain, 29 MHD_gnutls_datum_t * plain,
30 const MHD_gnutls_datum_t * compressed); 30 const MHD_gnutls_datum_t *
31 compressed);
diff --git a/src/daemon/https/tls/gnutls_compress_int.c b/src/daemon/https/tls/gnutls_compress_int.c
index 07ffd5e1..2006f8e6 100644
--- a/src/daemon/https/tls/gnutls_compress_int.c
+++ b/src/daemon/https/tls/gnutls_compress_int.c
@@ -52,7 +52,7 @@ MHD_gtls_comp_init (enum MHD_GNUTLS_CompressionMethod method, int d)
52 { 52 {
53 int window_bits, mem_level; 53 int window_bits, mem_level;
54 int comp_level; 54 int comp_level;
55 int err; 55 int err;
56 z_stream *zhandle; 56 z_stream *zhandle;
57 57
58 window_bits = MHD_gtls_compression_get_wbits (method); 58 window_bits = MHD_gtls_compression_get_wbits (method);
@@ -74,10 +74,10 @@ MHD_gtls_comp_init (enum MHD_GNUTLS_CompressionMethod method, int d)
74 74
75 if (d) 75 if (d)
76 err = inflateInit2 (zhandle, window_bits); 76 err = inflateInit2 (zhandle, window_bits);
77 else 77 else
78 err = deflateInit2 (zhandle, 78 err = deflateInit2 (zhandle,
79 comp_level, Z_DEFLATED, 79 comp_level, Z_DEFLATED,
80 window_bits, mem_level, Z_DEFAULT_STRATEGY); 80 window_bits, mem_level, Z_DEFAULT_STRATEGY);
81 if (err != Z_OK) 81 if (err != Z_OK)
82 { 82 {
83 MHD_gnutls_assert (); 83 MHD_gnutls_assert ();
@@ -111,7 +111,7 @@ MHD_gtls_comp_deinit (comp_hd_t handle, int d)
111 switch (handle->algo) 111 switch (handle->algo)
112 { 112 {
113#ifdef HAVE_LIBZ 113#ifdef HAVE_LIBZ
114 int err; 114 int err;
115 case MHD_GNUTLS_COMP_DEFLATE: 115 case MHD_GNUTLS_COMP_DEFLATE:
116 if (d) 116 if (d)
117 err = inflateEnd (handle->handle); 117 err = inflateEnd (handle->handle);
@@ -154,7 +154,7 @@ MHD_gtls_compress (comp_hd_t handle, const opaque * plain,
154 { 154 {
155 uLongf size; 155 uLongf size;
156 z_stream *zhandle; 156 z_stream *zhandle;
157 int err; 157 int err;
158 158
159 size = (plain_size + plain_size) + 10; 159 size = (plain_size + plain_size) + 10;
160 *compressed = MHD_gnutls_malloc (size); 160 *compressed = MHD_gnutls_malloc (size);
@@ -192,7 +192,8 @@ MHD_gtls_compress (comp_hd_t handle, const opaque * plain,
192 192
193#ifdef COMPRESSION_DEBUG 193#ifdef COMPRESSION_DEBUG
194 MHD__gnutls_debug_log ("Compression ratio: %f\n", 194 MHD__gnutls_debug_log ("Compression ratio: %f\n",
195 (float) ((float) compressed_size / (float) plain_size)); 195 (float) ((float) compressed_size /
196 (float) plain_size));
196#endif 197#endif
197 198
198 if ((size_t) compressed_size > max_comp_size) 199 if ((size_t) compressed_size > max_comp_size)
@@ -234,10 +235,10 @@ MHD_gtls_decompress (comp_hd_t handle, opaque * compressed,
234#ifdef HAVE_LIBZ 235#ifdef HAVE_LIBZ
235 case MHD_GNUTLS_COMP_DEFLATE: 236 case MHD_GNUTLS_COMP_DEFLATE:
236 { 237 {
237 int err; 238 int err;
238 uLongf out_size; 239 uLongf out_size;
239 z_stream *zhandle; 240 z_stream *zhandle;
240 unsigned int cur_pos; 241 unsigned int cur_pos;
241 242
242 *plain = NULL; 243 *plain = NULL;
243 out_size = compressed_size + compressed_size; 244 out_size = compressed_size + compressed_size;
diff --git a/src/daemon/https/tls/gnutls_constate.c b/src/daemon/https/tls/gnutls_constate.c
index 41aff98c..11c8beca 100644
--- a/src/daemon/https/tls/gnutls_constate.c
+++ b/src/daemon/https/tls/gnutls_constate.c
@@ -57,7 +57,7 @@ static const int servwrite_length = sizeof (servwrite) - 1;
57 */ 57 */
58int 58int
59MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size, 59MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size,
60 int key_size, int export_flag) 60 int key_size, int export_flag)
61{ 61{
62 62
63/* FIXME: This function is too long 63/* FIXME: This function is too long
@@ -107,8 +107,9 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size,
107 else 107 else
108 { /* TLS 1.0 */ 108 { /* TLS 1.0 */
109 ret = 109 ret =
110 MHD_gtls_PRF (session, (const unsigned char*) session->security_parameters.master_secret, 110 MHD_gtls_PRF (session,
111 TLS_MASTER_SIZE, keyexp, keyexp_length, 111 (const unsigned char *) session->security_parameters.
112 master_secret, TLS_MASTER_SIZE, keyexp, keyexp_length,
112 rnd, 2 * TLS_RANDOM_SIZE, block_size, key_block); 113 rnd, 2 * TLS_RANDOM_SIZE, block_size, key_block);
113 } 114 }
114 115
@@ -120,8 +121,8 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size,
120 } 121 }
121 122
122 MHD__gnutls_hard_log ("INT: KEY BLOCK[%d]: %s\n", block_size, 123 MHD__gnutls_hard_log ("INT: KEY BLOCK[%d]: %s\n", block_size,
123 MHD_gtls_bin2hex (key_block, block_size, buf, 124 MHD_gtls_bin2hex (key_block, block_size, buf,
124 sizeof (buf))); 125 sizeof (buf)));
125 126
126 pos = 0; 127 pos = 0;
127 if (hash_size > 0) 128 if (hash_size > 0)
@@ -187,7 +188,8 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size,
187 188
188 /* generate the final keys */ 189 /* generate the final keys */
189 190
190 if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3) 191 if (session->security_parameters.version ==
192 MHD_GNUTLS_PROTOCOL_SSL3)
191 { /* SSL 3 */ 193 { /* SSL 3 */
192 ret = 194 ret =
193 MHD_gnutls_ssl3_hash_md5 (&key_block[pos], 195 MHD_gnutls_ssl3_hash_md5 (&key_block[pos],
@@ -219,7 +221,8 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size,
219 client_write_key_size = EXPORT_FINAL_KEY_SIZE; 221 client_write_key_size = EXPORT_FINAL_KEY_SIZE;
220 pos += key_size; 222 pos += key_size;
221 223
222 if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3) 224 if (session->security_parameters.version ==
225 MHD_GNUTLS_PROTOCOL_SSL3)
223 { /* SSL 3 */ 226 { /* SSL 3 */
224 ret = 227 ret =
225 MHD_gnutls_ssl3_hash_md5 (&key_block[pos], key_size, 228 MHD_gnutls_ssl3_hash_md5 (&key_block[pos], key_size,
@@ -259,10 +262,10 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size,
259 return GNUTLS_E_MEMORY_ERROR; 262 return GNUTLS_E_MEMORY_ERROR;
260 } 263 }
261 MHD__gnutls_hard_log ("INT: CLIENT WRITE KEY [%d]: %s\n", 264 MHD__gnutls_hard_log ("INT: CLIENT WRITE KEY [%d]: %s\n",
262 client_write_key_size, 265 client_write_key_size,
263 MHD_gtls_bin2hex (client_write_key, 266 MHD_gtls_bin2hex (client_write_key,
264 client_write_key_size, buf, 267 client_write_key_size, buf,
265 sizeof (buf))); 268 sizeof (buf)));
266 269
267 if (MHD__gnutls_sset_datum 270 if (MHD__gnutls_sset_datum
268 (&session->cipher_specs.server_write_key, 271 (&session->cipher_specs.server_write_key,
@@ -275,10 +278,10 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size,
275 } 278 }
276 279
277 MHD__gnutls_hard_log ("INT: SERVER WRITE KEY [%d]: %s\n", 280 MHD__gnutls_hard_log ("INT: SERVER WRITE KEY [%d]: %s\n",
278 server_write_key_size, 281 server_write_key_size,
279 MHD_gtls_bin2hex (server_write_key, 282 MHD_gtls_bin2hex (server_write_key,
280 server_write_key_size, buf, 283 server_write_key_size, buf,
281 sizeof (buf))); 284 sizeof (buf)));
282 285
283 if (free_keys != 0) 286 if (free_keys != 0)
284 { 287 {
@@ -342,7 +345,7 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size,
342 } 345 }
343 else 346 else
344 { /* TLS 1.0 */ 347 { /* TLS 1.0 */
345 ret = MHD_gtls_PRF (session, (const unsigned char*) "", 0, 348 ret = MHD_gtls_PRF (session, (const unsigned char *) "", 0,
346 ivblock, ivblock_length, rrnd, 349 ivblock, ivblock_length, rrnd,
347 2 * TLS_RANDOM_SIZE, IV_size * 2, iv_block); 350 2 * TLS_RANDOM_SIZE, IV_size * 2, iv_block);
348 } 351 }
@@ -400,7 +403,7 @@ MHD__gnutls_set_read_keys (MHD_gtls_session_t session)
400 export_flag = MHD_gtls_cipher_get_export_flag (algo); 403 export_flag = MHD_gtls_cipher_get_export_flag (algo);
401 404
402 return MHD__gnutls_set_keys (session, hash_size, IV_size, key_size, 405 return MHD__gnutls_set_keys (session, hash_size, IV_size, key_size,
403 export_flag); 406 export_flag);
404} 407}
405 408
406int 409int
@@ -421,7 +424,7 @@ MHD__gnutls_set_write_keys (MHD_gtls_session_t session)
421 export_flag = MHD_gtls_cipher_get_export_flag (algo); 424 export_flag = MHD_gtls_cipher_get_export_flag (algo);
422 425
423 return MHD__gnutls_set_keys (session, hash_size, IV_size, key_size, 426 return MHD__gnutls_set_keys (session, hash_size, IV_size, key_size,
424 export_flag); 427 export_flag);
425} 428}
426 429
427#define CPY_COMMON dst->entity = src->entity; \ 430#define CPY_COMMON dst->entity = src->entity; \
@@ -442,7 +445,8 @@ MHD__gnutls_set_write_keys (MHD_gtls_session_t session)
442 445
443static void 446static void
444MHD__gnutls_cpy_read_security_parameters (MHD_gtls_security_param_st * 447MHD__gnutls_cpy_read_security_parameters (MHD_gtls_security_param_st *
445 dst, MHD_gtls_security_param_st * src) 448 dst,
449 MHD_gtls_security_param_st * src)
446{ 450{
447 CPY_COMMON; 451 CPY_COMMON;
448 452
@@ -453,7 +457,8 @@ MHD__gnutls_cpy_read_security_parameters (MHD_gtls_security_param_st *
453 457
454static void 458static void
455MHD__gnutls_cpy_write_security_parameters (MHD_gtls_security_param_st * 459MHD__gnutls_cpy_write_security_parameters (MHD_gtls_security_param_st *
456 dst, MHD_gtls_security_param_st * src) 460 dst,
461 MHD_gtls_security_param_st * src)
457{ 462{
458 CPY_COMMON; 463 CPY_COMMON;
459 464
@@ -504,35 +509,35 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
504 { 509 {
505 rc = MHD_gtls_set_read_cipher (session, 510 rc = MHD_gtls_set_read_cipher (session,
506 MHD_gtls_cipher_suite_get_cipher_algo 511 MHD_gtls_cipher_suite_get_cipher_algo
507 (&session->security_parameters. 512 (&session->
508 current_cipher_suite)); 513 security_parameters.current_cipher_suite));
509 if (rc < 0) 514 if (rc < 0)
510 return rc; 515 return rc;
511 rc = MHD_gtls_set_read_mac (session, 516 rc = MHD_gtls_set_read_mac (session,
512 MHD_gtls_cipher_suite_get_mac_algo 517 MHD_gtls_cipher_suite_get_mac_algo
513 (&session->security_parameters. 518 (&session->
514 current_cipher_suite)); 519 security_parameters.current_cipher_suite));
515 if (rc < 0) 520 if (rc < 0)
516 return rc; 521 return rc;
517 522
518 rc = MHD_gtls_set_kx (session, 523 rc = MHD_gtls_set_kx (session,
519 MHD_gtls_cipher_suite_get_kx_algo 524 MHD_gtls_cipher_suite_get_kx_algo
520 (&session->security_parameters. 525 (&session->
521 current_cipher_suite)); 526 security_parameters.current_cipher_suite));
522 if (rc < 0) 527 if (rc < 0)
523 return rc; 528 return rc;
524 529
525 rc = MHD_gtls_set_read_compression (session, 530 rc = MHD_gtls_set_read_compression (session,
526 session->internals. 531 session->
527 compression_method); 532 internals.compression_method);
528 if (rc < 0) 533 if (rc < 0)
529 return rc; 534 return rc;
530 } 535 }
531 else 536 else
532 { /* RESUME_TRUE */ 537 { /* RESUME_TRUE */
533 MHD__gnutls_cpy_read_security_parameters (&session->security_parameters, 538 MHD__gnutls_cpy_read_security_parameters (&session->security_parameters,
534 &session->internals. 539 &session->
535 resumed_security_parameters); 540 internals.resumed_security_parameters);
536 } 541 }
537 542
538 543
@@ -541,10 +546,10 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
541 return rc; 546 return rc;
542 547
543 MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", 548 MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n",
544 session, 549 session,
545 MHD_gtls_cipher_suite_get_name 550 MHD_gtls_cipher_suite_get_name
546 (&session->security_parameters. 551 (&session->
547 current_cipher_suite)); 552 security_parameters.current_cipher_suite));
548 553
549 if (MHD_gtls_compression_is_ok 554 if (MHD_gtls_compression_is_ok
550 (session->security_parameters.read_compression_algorithm) != 0) 555 (session->security_parameters.read_compression_algorithm) != 0)
@@ -574,8 +579,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
574 579
575 580
576 mac_size = 581 mac_size =
577 MHD_gnutls_hash_get_algo_len (session->security_parameters. 582 MHD_gnutls_hash_get_algo_len (session->
578 read_mac_algorithm); 583 security_parameters.read_mac_algorithm);
579 584
580 MHD__gnutls_handshake_log 585 MHD__gnutls_handshake_log
581 ("HSK[%x]: Initializing internal [read] cipher sessions\n", session); 586 ("HSK[%x]: Initializing internal [read] cipher sessions\n", session);
@@ -586,8 +591,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
586 /* initialize cipher session 591 /* initialize cipher session
587 */ 592 */
588 session->connection_state.read_cipher_state = 593 session->connection_state.read_cipher_state =
589 MHD_gtls_cipher_init (session->security_parameters. 594 MHD_gtls_cipher_init (session->
590 read_bulk_cipher_algorithm, 595 security_parameters.read_bulk_cipher_algorithm,
591 &session->cipher_specs.client_write_key, 596 &session->cipher_specs.client_write_key,
592 &session->cipher_specs.client_write_IV); 597 &session->cipher_specs.client_write_IV);
593 if (session->connection_state.read_cipher_state == GNUTLS_CIPHER_FAILED 598 if (session->connection_state.read_cipher_state == GNUTLS_CIPHER_FAILED
@@ -603,11 +608,10 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
603 */ 608 */
604 if (mac_size > 0) 609 if (mac_size > 0)
605 { 610 {
606 if (MHD__gnutls_sset_datum (&session->connection_state.read_mac_secret, 611 if (MHD__gnutls_sset_datum
607 session->cipher_specs. 612 (&session->connection_state.read_mac_secret,
608 client_write_mac_secret.data, 613 session->cipher_specs.client_write_mac_secret.data,
609 session->cipher_specs. 614 session->cipher_specs.client_write_mac_secret.size) < 0)
610 client_write_mac_secret.size) < 0)
611 { 615 {
612 MHD_gnutls_assert (); 616 MHD_gnutls_assert ();
613 return GNUTLS_E_MEMORY_ERROR; 617 return GNUTLS_E_MEMORY_ERROR;
@@ -619,8 +623,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
619#if MHD_DEBUG_TLS 623#if MHD_DEBUG_TLS
620 case GNUTLS_CLIENT: 624 case GNUTLS_CLIENT:
621 session->connection_state.read_cipher_state = 625 session->connection_state.read_cipher_state =
622 MHD_gtls_cipher_init (session->security_parameters. 626 MHD_gtls_cipher_init (session->
623 read_bulk_cipher_algorithm, 627 security_parameters.read_bulk_cipher_algorithm,
624 &session->cipher_specs.server_write_key, 628 &session->cipher_specs.server_write_key,
625 &session->cipher_specs.server_write_IV); 629 &session->cipher_specs.server_write_IV);
626 630
@@ -638,11 +642,10 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
638 */ 642 */
639 if (mac_size > 0) 643 if (mac_size > 0)
640 { 644 {
641 if (MHD__gnutls_sset_datum (&session->connection_state.read_mac_secret, 645 if (MHD__gnutls_sset_datum
642 session->cipher_specs. 646 (&session->connection_state.read_mac_secret,
643 server_write_mac_secret.data, 647 session->cipher_specs.server_write_mac_secret.data,
644 session->cipher_specs. 648 session->cipher_specs.server_write_mac_secret.size) < 0)
645 server_write_mac_secret.size) < 0)
646 { 649 {
647 MHD_gnutls_assert (); 650 MHD_gnutls_assert ();
648 return GNUTLS_E_MEMORY_ERROR; 651 return GNUTLS_E_MEMORY_ERROR;
@@ -657,8 +660,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
657 } 660 }
658 661
659 session->connection_state.read_compression_state = 662 session->connection_state.read_compression_state =
660 MHD_gtls_comp_init (session->security_parameters. 663 MHD_gtls_comp_init (session->
661 read_compression_algorithm, 1); 664 security_parameters.read_compression_algorithm, 1);
662 665
663 if (session->connection_state.read_compression_state == GNUTLS_COMP_FAILED) 666 if (session->connection_state.read_compression_state == GNUTLS_COMP_FAILED)
664 { 667 {
@@ -689,35 +692,36 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
689 { 692 {
690 rc = MHD_gtls_set_write_cipher (session, 693 rc = MHD_gtls_set_write_cipher (session,
691 MHD_gtls_cipher_suite_get_cipher_algo 694 MHD_gtls_cipher_suite_get_cipher_algo
692 (&session->security_parameters. 695 (&session->
693 current_cipher_suite)); 696 security_parameters.current_cipher_suite));
694 if (rc < 0) 697 if (rc < 0)
695 return rc; 698 return rc;
696 rc = MHD_gtls_set_write_mac (session, 699 rc = MHD_gtls_set_write_mac (session,
697 MHD_gtls_cipher_suite_get_mac_algo 700 MHD_gtls_cipher_suite_get_mac_algo
698 (&session->security_parameters. 701 (&session->
699 current_cipher_suite)); 702 security_parameters.current_cipher_suite));
700 if (rc < 0) 703 if (rc < 0)
701 return rc; 704 return rc;
702 705
703 rc = MHD_gtls_set_kx (session, 706 rc = MHD_gtls_set_kx (session,
704 MHD_gtls_cipher_suite_get_kx_algo 707 MHD_gtls_cipher_suite_get_kx_algo
705 (&session->security_parameters. 708 (&session->
706 current_cipher_suite)); 709 security_parameters.current_cipher_suite));
707 if (rc < 0) 710 if (rc < 0)
708 return rc; 711 return rc;
709 712
710 rc = MHD_gtls_set_write_compression (session, 713 rc = MHD_gtls_set_write_compression (session,
711 session->internals. 714 session->
712 compression_method); 715 internals.compression_method);
713 if (rc < 0) 716 if (rc < 0)
714 return rc; 717 return rc;
715 } 718 }
716 else 719 else
717 { /* RESUME_TRUE */ 720 { /* RESUME_TRUE */
718 MHD__gnutls_cpy_write_security_parameters (&session->security_parameters, 721 MHD__gnutls_cpy_write_security_parameters (&session->
719 &session->internals. 722 security_parameters,
720 resumed_security_parameters); 723 &session->
724 internals.resumed_security_parameters);
721 } 725 }
722 726
723 rc = MHD__gnutls_set_write_keys (session); 727 rc = MHD__gnutls_set_write_keys (session);
@@ -725,9 +729,9 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
725 return rc; 729 return rc;
726 730
727 MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", session, 731 MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", session,
728 MHD_gtls_cipher_suite_get_name 732 MHD_gtls_cipher_suite_get_name
729 (&session->security_parameters. 733 (&session->
730 current_cipher_suite)); 734 security_parameters.current_cipher_suite));
731 735
732 if (MHD_gtls_compression_is_ok 736 if (MHD_gtls_compression_is_ok
733 (session->security_parameters.write_compression_algorithm) != 0) 737 (session->security_parameters.write_compression_algorithm) != 0)
@@ -758,8 +762,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
758 0); 762 0);
759 763
760 mac_size = 764 mac_size =
761 MHD_gnutls_hash_get_algo_len (session->security_parameters. 765 MHD_gnutls_hash_get_algo_len (session->
762 write_mac_algorithm); 766 security_parameters.write_mac_algorithm);
763 767
764 MHD__gnutls_handshake_log 768 MHD__gnutls_handshake_log
765 ("HSK[%x]: Initializing internal [write] cipher sessions\n", session); 769 ("HSK[%x]: Initializing internal [write] cipher sessions\n", session);
@@ -770,8 +774,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
770 /* initialize cipher session 774 /* initialize cipher session
771 */ 775 */
772 session->connection_state.write_cipher_state = 776 session->connection_state.write_cipher_state =
773 MHD_gtls_cipher_init (session->security_parameters. 777 MHD_gtls_cipher_init (session->
774 write_bulk_cipher_algorithm, 778 security_parameters.write_bulk_cipher_algorithm,
775 &session->cipher_specs.server_write_key, 779 &session->cipher_specs.server_write_key,
776 &session->cipher_specs.server_write_IV); 780 &session->cipher_specs.server_write_IV);
777 781
@@ -790,11 +794,10 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
790 */ 794 */
791 if (mac_size > 0) 795 if (mac_size > 0)
792 { 796 {
793 if (MHD__gnutls_sset_datum (&session->connection_state.write_mac_secret, 797 if (MHD__gnutls_sset_datum
794 session->cipher_specs. 798 (&session->connection_state.write_mac_secret,
795 server_write_mac_secret.data, 799 session->cipher_specs.server_write_mac_secret.data,
796 session->cipher_specs. 800 session->cipher_specs.server_write_mac_secret.size) < 0)
797 server_write_mac_secret.size) < 0)
798 { 801 {
799 MHD_gnutls_assert (); 802 MHD_gnutls_assert ();
800 return GNUTLS_E_MEMORY_ERROR; 803 return GNUTLS_E_MEMORY_ERROR;
@@ -807,8 +810,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
807#if MHD_DEBUG_TLS 810#if MHD_DEBUG_TLS
808 case GNUTLS_CLIENT: 811 case GNUTLS_CLIENT:
809 session->connection_state.write_cipher_state = 812 session->connection_state.write_cipher_state =
810 MHD_gtls_cipher_init (session->security_parameters. 813 MHD_gtls_cipher_init (session->
811 write_bulk_cipher_algorithm, 814 security_parameters.write_bulk_cipher_algorithm,
812 &session->cipher_specs.client_write_key, 815 &session->cipher_specs.client_write_key,
813 &session->cipher_specs.client_write_IV); 816 &session->cipher_specs.client_write_IV);
814 817
@@ -825,11 +828,10 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
825 */ 828 */
826 if (mac_size > 0) 829 if (mac_size > 0)
827 { 830 {
828 if (MHD__gnutls_sset_datum (&session->connection_state.write_mac_secret, 831 if (MHD__gnutls_sset_datum
829 session->cipher_specs. 832 (&session->connection_state.write_mac_secret,
830 client_write_mac_secret.data, 833 session->cipher_specs.client_write_mac_secret.data,
831 session->cipher_specs. 834 session->cipher_specs.client_write_mac_secret.size) < 0)
832 client_write_mac_secret.size) < 0)
833 { 835 {
834 MHD_gnutls_assert (); 836 MHD_gnutls_assert ();
835 return GNUTLS_E_MEMORY_ERROR; 837 return GNUTLS_E_MEMORY_ERROR;
@@ -845,8 +847,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
845 847
846 848
847 session->connection_state.write_compression_state = 849 session->connection_state.write_compression_state =
848 MHD_gtls_comp_init (session->security_parameters. 850 MHD_gtls_comp_init (session->
849 write_compression_algorithm, 0); 851 security_parameters.write_compression_algorithm, 0);
850 852
851 if (session->connection_state.write_compression_state == GNUTLS_COMP_FAILED) 853 if (session->connection_state.write_compression_state == GNUTLS_COMP_FAILED)
852 { 854 {
diff --git a/src/daemon/https/tls/gnutls_datum.c b/src/daemon/https/tls/gnutls_datum.c
index e9a660a4..a62c4204 100644
--- a/src/daemon/https/tls/gnutls_datum.c
+++ b/src/daemon/https/tls/gnutls_datum.c
@@ -104,7 +104,8 @@ MHD_gtls_datum_append_m (MHD_gnutls_datum_t * dst, const void *data,
104} 104}
105 105
106void 106void
107MHD_gtls_free_datum_m (MHD_gnutls_datum_t * dat, MHD_gnutls_free_function gfree_func) 107MHD_gtls_free_datum_m (MHD_gnutls_datum_t * dat,
108 MHD_gnutls_free_function gfree_func)
108{ 109{
109 if (dat->data != NULL) 110 if (dat->data != NULL)
110 gfree_func (dat->data); 111 gfree_func (dat->data);
diff --git a/src/daemon/https/tls/gnutls_datum.h b/src/daemon/https/tls/gnutls_datum.h
index 634d527e..3e787318 100644
--- a/src/daemon/https/tls/gnutls_datum.h
+++ b/src/daemon/https/tls/gnutls_datum.h
@@ -36,5 +36,6 @@ int MHD_gtls_datum_append_m (MHD_gnutls_datum_t * dat, const void *data,
36 size_t data_size, MHD_gnutls_realloc_function); 36 size_t data_size, MHD_gnutls_realloc_function);
37#define MHD__gnutls_datum_append(x,y,z) MHD_gtls_datum_append_m(x,y,z, MHD_gnutls_realloc) 37#define MHD__gnutls_datum_append(x,y,z) MHD_gtls_datum_append_m(x,y,z, MHD_gnutls_realloc)
38 38
39void MHD_gtls_free_datum_m (MHD_gnutls_datum_t * dat, MHD_gnutls_free_function); 39void MHD_gtls_free_datum_m (MHD_gnutls_datum_t * dat,
40 MHD_gnutls_free_function);
40#define MHD__gnutls_free_datum(x) MHD_gtls_free_datum_m(x, MHD_gnutls_free) 41#define MHD__gnutls_free_datum(x) MHD_gtls_free_datum_m(x, MHD_gnutls_free)
diff --git a/src/daemon/https/tls/gnutls_dh_primes.c b/src/daemon/https/tls/gnutls_dh_primes.c
index 83776c42..a25759b0 100644
--- a/src/daemon/https/tls/gnutls_dh_primes.c
+++ b/src/daemon/https/tls/gnutls_dh_primes.c
@@ -198,7 +198,7 @@ MHD__gnutls_dh_params_deinit (MHD_gtls_dh_params_t dh_params)
198 **/ 198 **/
199int 199int
200MHD__gnutls_dh_params_generate2 (MHD_gtls_dh_params_t params, 200MHD__gnutls_dh_params_generate2 (MHD_gtls_dh_params_t params,
201 unsigned int bits) 201 unsigned int bits)
202{ 202{
203 int ret; 203 int ret;
204 204
diff --git a/src/daemon/https/tls/gnutls_extensions.c b/src/daemon/https/tls/gnutls_extensions.c
index 1f9cf7d0..b8892324 100644
--- a/src/daemon/https/tls/gnutls_extensions.c
+++ b/src/daemon/https/tls/gnutls_extensions.c
@@ -154,9 +154,9 @@ MHD_gtls_parse_extensions (MHD_gtls_session_t session,
154 for (i = 0; i < session->internals.extensions_sent_size; i++) 154 for (i = 0; i < session->internals.extensions_sent_size; i++)
155 { 155 {
156 MHD__gnutls_debug_log ("EXT[%d]: expecting extension '%s'\n", 156 MHD__gnutls_debug_log ("EXT[%d]: expecting extension '%s'\n",
157 session, 157 session,
158 MHD_gtls_extension_get_name 158 MHD_gtls_extension_get_name
159 (session->internals.extensions_sent[i])); 159 (session->internals.extensions_sent[i]));
160 } 160 }
161#endif 161#endif
162 162
@@ -173,7 +173,7 @@ MHD_gtls_parse_extensions (MHD_gtls_session_t session,
173 pos += 2; 173 pos += 2;
174 174
175 MHD__gnutls_debug_log ("EXT[%x]: Received extension '%s/%d'\n", session, 175 MHD__gnutls_debug_log ("EXT[%x]: Received extension '%s/%d'\n", session,
176 MHD_gtls_extension_get_name (type), type); 176 MHD_gtls_extension_get_name (type), type);
177 177
178 if ((ret = MHD__gnutls_extension_list_check (session, type)) < 0) 178 if ((ret = MHD__gnutls_extension_list_check (session, type)) < 0)
179 { 179 {
@@ -217,8 +217,9 @@ MHD__gnutls_extension_list_add (MHD_gtls_session_t session, uint16_t type)
217 { 217 {
218 if (session->internals.extensions_sent_size < MAX_EXT_TYPES) 218 if (session->internals.extensions_sent_size < MAX_EXT_TYPES)
219 { 219 {
220 session->internals.extensions_sent[session->internals. 220 session->internals.extensions_sent[session->
221 extensions_sent_size] = type; 221 internals.extensions_sent_size] =
222 type;
222 session->internals.extensions_sent_size++; 223 session->internals.extensions_sent_size++;
223 } 224 }
224 else 225 else
@@ -288,7 +289,7 @@ MHD_gtls_gen_extensions (MHD_gtls_session_t session, opaque * data,
288 MHD__gnutls_extension_list_add (session, p->type); 289 MHD__gnutls_extension_list_add (session, p->type);
289 290
290 MHD__gnutls_debug_log ("EXT[%x]: Sending extension %s\n", session, 291 MHD__gnutls_debug_log ("EXT[%x]: Sending extension %s\n", session,
291 MHD_gtls_extension_get_name (p->type)); 292 MHD_gtls_extension_get_name (p->type));
292 } 293 }
293 else if (size < 0) 294 else if (size < 0)
294 { 295 {
diff --git a/src/daemon/https/tls/gnutls_global.c b/src/daemon/https/tls/gnutls_global.c
index 781d12fa..635b01eb 100644
--- a/src/daemon/https/tls/gnutls_global.c
+++ b/src/daemon/https/tls/gnutls_global.c
@@ -51,7 +51,7 @@ extern const ASN1_ARRAY_TYPE MHD_gnutlsMHD__asn1_tab[];
51extern const ASN1_ARRAY_TYPE MHD_pkix_asn1_tab[]; 51extern const ASN1_ARRAY_TYPE MHD_pkix_asn1_tab[];
52 52
53LOG_FUNC MHD__gnutls_log_func; 53LOG_FUNC MHD__gnutls_log_func;
54int MHD__gnutls_log_level = 0; /* default log level */ 54int MHD__gnutls_log_level = 0; /* default log level */
55 55
56ASN1_TYPE MHD__gnutls_pkix1_asn; 56ASN1_TYPE MHD__gnutls_pkix1_asn;
57ASN1_TYPE MHD__gnutlsMHD__gnutls_asn; 57ASN1_TYPE MHD__gnutlsMHD__gnutls_asn;
@@ -148,7 +148,7 @@ MHD_gtls_global_set_mem_functions (MHD_gnutls_alloc_function alloc_func,
148#ifdef DEBUG 148#ifdef DEBUG
149static void 149static void
150MHD__gnutls_gcry_log_handler (void *dummy, int level, 150MHD__gnutls_gcry_log_handler (void *dummy, int level,
151 const char *fmt, va_list list) 151 const char *fmt, va_list list)
152{ 152{
153 MHD_gtls_log (level, fmt, list); 153 MHD_gtls_log (level, fmt, list);
154} 154}
@@ -213,7 +213,7 @@ MHD__gnutls_global_init (void)
213 if (data.wVersion < requested) 213 if (data.wVersion < requested)
214 { 214 {
215 MHD__gnutls_debug_log ("WSAStartup version check failed (%d < %d).\n", 215 MHD__gnutls_debug_log ("WSAStartup version check failed (%d < %d).\n",
216 data.wVersion, requested); 216 data.wVersion, requested);
217 WSACleanup (); 217 WSACleanup ();
218 return GNUTLS_E_LIBRARY_VERSION_MISMATCH; 218 return GNUTLS_E_LIBRARY_VERSION_MISMATCH;
219 } 219 }
@@ -245,9 +245,10 @@ MHD__gnutls_global_init (void)
245 } 245 }
246 246
247 /* for gcrypt in order to be able to allocate memory */ 247 /* for gcrypt in order to be able to allocate memory */
248 gcry_set_allocation_handler (MHD_gnutls_malloc, MHD_gnutls_secure_malloc, 248 gcry_set_allocation_handler (MHD_gnutls_malloc,
249 MHD__gnutls_is_secure_memory, MHD_gnutls_realloc, 249 MHD_gnutls_secure_malloc,
250 MHD_gnutls_free); 250 MHD__gnutls_is_secure_memory,
251 MHD_gnutls_realloc, MHD_gnutls_free);
251 252
252 /* gcry_control (GCRYCTL_DISABLE_INTERNAL_LOCKING, NULL, 0); */ 253 /* gcry_control (GCRYCTL_DISABLE_INTERNAL_LOCKING, NULL, 0); */
253 254
@@ -276,14 +277,17 @@ MHD__gnutls_global_init (void)
276 * This should not deal with files in the final 277 * This should not deal with files in the final
277 * version. 278 * version.
278 */ 279 */
279 res = MHD__asn1_array2tree (MHD_pkix_asn1_tab, &MHD__gnutls_pkix1_asn, NULL); 280 res =
281 MHD__asn1_array2tree (MHD_pkix_asn1_tab, &MHD__gnutls_pkix1_asn, NULL);
280 if (res != ASN1_SUCCESS) 282 if (res != ASN1_SUCCESS)
281 { 283 {
282 result = MHD_gtls_asn2err (res); 284 result = MHD_gtls_asn2err (res);
283 return result; 285 return result;
284 } 286 }
285 287
286 res = MHD__asn1_array2tree (MHD_gnutlsMHD__asn1_tab, &MHD__gnutlsMHD__gnutls_asn, NULL); 288 res =
289 MHD__asn1_array2tree (MHD_gnutlsMHD__asn1_tab,
290 &MHD__gnutlsMHD__gnutls_asn, NULL);
287 if (res != ASN1_SUCCESS) 291 if (res != ASN1_SUCCESS)
288 { 292 {
289 MHD__asn1_delete_structure (&MHD__gnutls_pkix1_asn); 293 MHD__asn1_delete_structure (&MHD__gnutls_pkix1_asn);
@@ -341,7 +345,7 @@ MHD__gnutls_global_deinit (void)
341 **/ 345 **/
342void 346void
343MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session, 347MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session,
344 MHD_gtls_pull_func pull_func) 348 MHD_gtls_pull_func pull_func)
345{ 349{
346 session->internals.MHD__gnutls_pull_func = pull_func; 350 session->internals.MHD__gnutls_pull_func = pull_func;
347} 351}
@@ -362,7 +366,7 @@ MHD__gnutls_transport_set_pull_function (MHD_gtls_session_t session,
362 **/ 366 **/
363void 367void
364MHD__gnutls_transport_set_push_function (MHD_gtls_session_t session, 368MHD__gnutls_transport_set_push_function (MHD_gtls_session_t session,
365 MHD_gtls_push_func push_func) 369 MHD_gtls_push_func push_func)
366{ 370{
367 session->internals.MHD__gnutls_push_func = push_func; 371 session->internals.MHD__gnutls_push_func = push_func;
368} 372}
diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c
index 84cb96cf..291ad03e 100644
--- a/src/daemon/https/tls/gnutls_handshake.c
+++ b/src/daemon/https/tls/gnutls_handshake.c
@@ -67,12 +67,13 @@
67 67
68 68
69static int MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session, 69static int MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session,
70 cipher_suite_st ** cipherSuites, 70 cipher_suite_st **
71 int numCipherSuites, 71 cipherSuites,
72 enum 72 int numCipherSuites,
73 MHD_GNUTLS_PublicKeyAlgorithm); 73 enum
74static int MHD_gtls_server_select_suite (MHD_gtls_session_t session, opaque * data, 74 MHD_GNUTLS_PublicKeyAlgorithm);
75 int datalen); 75static int MHD_gtls_server_select_suite (MHD_gtls_session_t session,
76 opaque * data, int datalen);
76 77
77static int MHD_gtls_generate_session_id (opaque * session_id, uint8_t * len); 78static int MHD_gtls_generate_session_id (opaque * session_id, uint8_t * len);
78 79
@@ -86,7 +87,7 @@ static int MHD_gtls_handshake_client (MHD_gtls_session_t session);
86 87
87 88
88static int MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session, 89static int MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session,
89 opaque * data, int datalen); 90 opaque * data, int datalen);
90 91
91 92
92/* Clears the handshake hash buffers and handles. 93/* Clears the handshake hash buffers and handles.
@@ -119,8 +120,8 @@ resume_copy_required_values (MHD_gtls_session_t session)
119 * hello message. 120 * hello message.
120 */ 121 */
121 memcpy (session->security_parameters.current_cipher_suite.suite, 122 memcpy (session->security_parameters.current_cipher_suite.suite,
122 session->internals.resumed_security_parameters. 123 session->internals.resumed_security_parameters.current_cipher_suite.
123 current_cipher_suite.suite, 2); 124 suite, 2);
124 125
125 session->internals.compression_method = 126 session->internals.compression_method =
126 session->internals.resumed_security_parameters.read_compression_algorithm; 127 session->internals.resumed_security_parameters.read_compression_algorithm;
@@ -132,8 +133,9 @@ resume_copy_required_values (MHD_gtls_session_t session)
132 session->internals.resumed_security_parameters.entity; 133 session->internals.resumed_security_parameters.entity;
133 134
134 MHD_gtls_set_current_version (session, 135 MHD_gtls_set_current_version (session,
135 session->internals. 136 session->
136 resumed_security_parameters.version); 137 internals.resumed_security_parameters.
138 version);
137 139
138 session->security_parameters.cert_type = 140 session->security_parameters.cert_type =
139 session->internals.resumed_security_parameters.cert_type; 141 session->internals.resumed_security_parameters.cert_type;
@@ -157,7 +159,8 @@ resume_copy_required_values (MHD_gtls_session_t session)
157 * 159 *
158 **/ 160 **/
159void 161void
160MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session, size_t max) 162MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session,
163 size_t max)
161{ 164{
162 session->internals.max_handshake_data_buffer_size = max; 165 session->internals.max_handshake_data_buffer_size = max;
163} 166}
@@ -215,11 +218,13 @@ MHD__gnutls_ssl3_finished (MHD_gtls_session_t session, int type, opaque * ret)
215 MHD_gnutls_hash (td_sha, mesg, siz); 218 MHD_gnutls_hash (td_sha, mesg, siz);
216 219
217 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, ret, 220 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, ret,
218 session->security_parameters. 221 session->
219 master_secret, TLS_MASTER_SIZE); 222 security_parameters.master_secret,
223 TLS_MASTER_SIZE);
220 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &ret[16], 224 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &ret[16],
221 session->security_parameters. 225 session->
222 master_secret, TLS_MASTER_SIZE); 226 security_parameters.master_secret,
227 TLS_MASTER_SIZE);
223 228
224 return 0; 229 return 0;
225} 230}
@@ -255,7 +260,7 @@ MHD__gnutls_finished (MHD_gtls_session_t session, int type, void *ret)
255 { 260 {
256 MHD_gnutls_assert (); 261 MHD_gnutls_assert ();
257 if (td_md5 != NULL) 262 if (td_md5 != NULL)
258 MHD_gnutls_hash_deinit (td_md5, NULL); 263 MHD_gnutls_hash_deinit (td_md5, NULL);
259 return GNUTLS_E_HASH_FAILED; 264 return GNUTLS_E_HASH_FAILED;
260 } 265 }
261 266
@@ -301,7 +306,7 @@ MHD_gtls_tls_create_random (opaque * dst)
301 /* generate server random value */ 306 /* generate server random value */
302 MHD_gtls_write_uint32 (tim, dst); 307 MHD_gtls_write_uint32 (tim, dst);
303 308
304 if (MHD_gc_nonce ((char*) &dst[4], TLS_RANDOM_SIZE - 4) != GC_OK) 309 if (MHD_gc_nonce ((char *) &dst[4], TLS_RANDOM_SIZE - 4) != GC_OK)
305 { 310 {
306 MHD_gnutls_assert (); 311 MHD_gnutls_assert ();
307 return GNUTLS_E_RANDOM_FAILED; 312 return GNUTLS_E_RANDOM_FAILED;
@@ -377,7 +382,7 @@ MHD_gtls_user_hello_func (MHD_gtls_session_t session,
377 */ 382 */
378static int 383static int
379MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data, 384MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data,
380 int datalen) 385 int datalen)
381{ 386{
382 uint8_t session_id_len; 387 uint8_t session_id_len;
383 int pos = 0, ret = 0; 388 int pos = 0, ret = 0;
@@ -390,7 +395,7 @@ MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data,
390 DECR_LEN (len, 2); 395 DECR_LEN (len, 2);
391 396
392 MHD__gnutls_handshake_log ("HSK[%x]: Client's version: %d.%d\n", session, 397 MHD__gnutls_handshake_log ("HSK[%x]: Client's version: %d.%d\n", session,
393 data[pos], data[pos + 1]); 398 data[pos], data[pos + 1]);
394 399
395 adv_version = MHD_gtls_version_get (data[pos], data[pos + 1]); 400 adv_version = MHD_gtls_version_get (data[pos], data[pos + 1]);
396 set_adv_version (session, data[pos], data[pos + 1]); 401 set_adv_version (session, data[pos], data[pos + 1]);
@@ -437,8 +442,8 @@ MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data,
437 else 442 else
438 { 443 {
439 MHD_gtls_generate_session_id (session->security_parameters.session_id, 444 MHD_gtls_generate_session_id (session->security_parameters.session_id,
440 &session->security_parameters. 445 &session->
441 session_id_size); 446 security_parameters.session_id_size);
442 447
443 session->internals.resumed = RESUME_FALSE; 448 session->internals.resumed = RESUME_FALSE;
444 } 449 }
@@ -573,18 +578,20 @@ MHD__gnutls_send_finished (MHD_gtls_session_t session, int again)
573 return ret; 578 return ret;
574 } 579 }
575 580
576 if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) 581 if (MHD__gnutls_protocol_get_version (session) ==
582 MHD_GNUTLS_PROTOCOL_SSL3)
577 { 583 {
578 ret = 584 ret =
579 MHD__gnutls_ssl3_finished (session, 585 MHD__gnutls_ssl3_finished (session,
580 session->security_parameters.entity, data); 586 session->security_parameters.entity,
587 data);
581 data_size = 36; 588 data_size = 36;
582 } 589 }
583 else 590 else
584 { /* TLS 1.0 */ 591 { /* TLS 1.0 */
585 ret = 592 ret =
586 MHD__gnutls_finished (session, 593 MHD__gnutls_finished (session,
587 session->security_parameters.entity, data); 594 session->security_parameters.entity, data);
588 data_size = 12; 595 data_size = 12;
589 } 596 }
590 597
@@ -645,15 +652,15 @@ MHD__gnutls_recv_finished (MHD_gtls_session_t session)
645 { 652 {
646 ret = 653 ret =
647 MHD__gnutls_ssl3_finished (session, 654 MHD__gnutls_ssl3_finished (session,
648 (session->security_parameters.entity + 1) % 2, 655 (session->security_parameters.entity +
649 data); 656 1) % 2, data);
650 } 657 }
651 else 658 else
652 { /* TLS 1.0 */ 659 { /* TLS 1.0 */
653 ret = 660 ret =
654 MHD__gnutls_finished (session, 661 MHD__gnutls_finished (session,
655 (session->security_parameters.entity + 662 (session->security_parameters.entity +
656 1) % 2, data); 663 1) % 2, data);
657 } 664 }
658 665
659 if (ret < 0) 666 if (ret < 0)
@@ -678,7 +685,7 @@ MHD__gnutls_recv_finished (MHD_gtls_session_t session)
678 */ 685 */
679static int 686static int
680MHD__gnutls_server_find_pk_algos_in_ciphersuites (const opaque * 687MHD__gnutls_server_find_pk_algos_in_ciphersuites (const opaque *
681 data, int datalen) 688 data, int datalen)
682{ 689{
683 int j; 690 int j;
684 enum MHD_GNUTLS_PublicKeyAlgorithm algo = GNUTLS_PK_NONE, prev_algo = 0; 691 enum MHD_GNUTLS_PublicKeyAlgorithm algo = GNUTLS_PK_NONE, prev_algo = 0;
@@ -763,12 +770,13 @@ MHD_gtls_server_select_suite (MHD_gtls_session_t session, opaque * data,
763 for (j = 0; j < datalen; j += 2) 770 for (j = 0; j < datalen; j += 2)
764 { 771 {
765 memcpy (&cs.suite, &data[j], 2); 772 memcpy (&cs.suite, &data[j], 2);
766 MHD__gnutls_handshake_log ("\t%s\n", MHD_gtls_cipher_suite_get_name (&cs)); 773 MHD__gnutls_handshake_log ("\t%s\n",
774 MHD_gtls_cipher_suite_get_name (&cs));
767 } 775 }
768 MHD__gnutls_handshake_log ("HSK[%x]: Supported cipher suites: \n", session); 776 MHD__gnutls_handshake_log ("HSK[%x]: Supported cipher suites: \n", session);
769 for (j = 0; j < x; j++) 777 for (j = 0; j < x; j++)
770 MHD__gnutls_handshake_log ("\t%s\n", 778 MHD__gnutls_handshake_log ("\t%s\n",
771 MHD_gtls_cipher_suite_get_name (&ciphers[j])); 779 MHD_gtls_cipher_suite_get_name (&ciphers[j]));
772#endif 780#endif
773 memset (session->security_parameters.current_cipher_suite.suite, '\0', 2); 781 memset (session->security_parameters.current_cipher_suite.suite, '\0', 2);
774 782
@@ -806,9 +814,9 @@ finish:
806 */ 814 */
807 if (MHD_gtls_get_kx_cred 815 if (MHD_gtls_get_kx_cred
808 (session, 816 (session,
809 MHD_gtls_cipher_suite_get_kx_algo (&session->security_parameters. 817 MHD_gtls_cipher_suite_get_kx_algo (&session->
810 current_cipher_suite), &err) == NULL 818 security_parameters.current_cipher_suite),
811 && err != 0) 819 &err) == NULL && err != 0)
812 { 820 {
813 MHD_gnutls_assert (); 821 MHD_gnutls_assert ();
814 return GNUTLS_E_INSUFFICIENT_CREDENTIALS; 822 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
@@ -821,8 +829,8 @@ finish:
821 */ 829 */
822 session->internals.auth_struct = 830 session->internals.auth_struct =
823 MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo 831 MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo
824 (&session->security_parameters. 832 (&session->
825 current_cipher_suite)); 833 security_parameters.current_cipher_suite));
826 if (session->internals.auth_struct == NULL) 834 if (session->internals.auth_struct == NULL)
827 { 835 {
828 836
@@ -842,7 +850,7 @@ finish:
842 */ 850 */
843static int 851static int
844MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session, 852MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session,
845 opaque * data, int datalen) 853 opaque * data, int datalen)
846{ 854{
847 int x, i, j; 855 int x, i, j;
848 uint8_t *comps; 856 uint8_t *comps;
@@ -871,8 +879,8 @@ MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session,
871 879
872 MHD__gnutls_handshake_log 880 MHD__gnutls_handshake_log
873 ("HSK[%x]: Selected Compression Method: %s\n", session, 881 ("HSK[%x]: Selected Compression Method: %s\n", session,
874 MHD_gtls_compression_get_name (session->internals. 882 MHD_gtls_compression_get_name (session->
875 compression_method)); 883 internals.compression_method));
876 884
877 885
878 return 0; 886 return 0;
@@ -896,7 +904,8 @@ MHD__gnutls_server_select_comp_method (MHD_gtls_session_t session,
896 */ 904 */
897static int 905static int
898MHD__gnutls_send_empty_handshake (MHD_gtls_session_t session, 906MHD__gnutls_send_empty_handshake (MHD_gtls_session_t session,
899 MHD_gnutls_handshake_description_t type, int again) 907 MHD_gnutls_handshake_description_t type,
908 int again)
900{ 909{
901 opaque data = 0; 910 opaque data = 0;
902 opaque *ptr; 911 opaque *ptr;
@@ -913,8 +922,8 @@ MHD__gnutls_send_empty_handshake (MHD_gtls_session_t session,
913/* This function will hash the handshake message we sent. */ 922/* This function will hash the handshake message we sent. */
914static int 923static int
915MHD__gnutls_handshake_hash_add_sent (MHD_gtls_session_t session, 924MHD__gnutls_handshake_hash_add_sent (MHD_gtls_session_t session,
916 MHD_gnutls_handshake_description_t type, 925 MHD_gnutls_handshake_description_t type,
917 opaque * dataptr, uint32_t datalen) 926 opaque * dataptr, uint32_t datalen)
918{ 927{
919 int ret; 928 int ret;
920 929
@@ -987,7 +996,8 @@ MHD_gtls_send_handshake (MHD_gtls_session_t session, void *i_data,
987 */ 996 */
988 if (type != GNUTLS_HANDSHAKE_HELLO_REQUEST) 997 if (type != GNUTLS_HANDSHAKE_HELLO_REQUEST)
989 if ((ret = 998 if ((ret =
990 MHD__gnutls_handshake_hash_add_sent (session, type, data, datasize)) < 0) 999 MHD__gnutls_handshake_hash_add_sent (session, type, data,
1000 datasize)) < 0)
991 { 1001 {
992 MHD_gnutls_assert (); 1002 MHD_gnutls_assert ();
993 MHD_gnutls_afree (data); 1003 MHD_gnutls_afree (data);
@@ -1001,7 +1011,8 @@ MHD_gtls_send_handshake (MHD_gtls_session_t session, void *i_data,
1001 data, datasize); 1011 data, datasize);
1002 1012
1003 MHD__gnutls_handshake_log ("HSK[%x]: %s was sent [%ld bytes]\n", 1013 MHD__gnutls_handshake_log ("HSK[%x]: %s was sent [%ld bytes]\n",
1004 session, MHD__gnutls_handshake2str (type), datasize); 1014 session, MHD__gnutls_handshake2str (type),
1015 datasize);
1005 1016
1006 MHD_gnutls_afree (data); 1017 MHD_gnutls_afree (data);
1007 1018
@@ -1017,8 +1028,9 @@ MHD_gtls_send_handshake (MHD_gtls_session_t session, void *i_data,
1017#define SSL2_HEADERS 1 1028#define SSL2_HEADERS 1
1018static int 1029static int
1019MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session, 1030MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session,
1020 MHD_gnutls_handshake_description_t type, 1031 MHD_gnutls_handshake_description_t type,
1021 MHD_gnutls_handshake_description_t * recv_type) 1032 MHD_gnutls_handshake_description_t *
1033 recv_type)
1022{ 1034{
1023 int ret; 1035 int ret;
1024 uint32_t length32 = 0; 1036 uint32_t length32 = 0;
@@ -1032,8 +1044,8 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session,
1032 if (session->internals.handshake_header_buffer.header_size == 1044 if (session->internals.handshake_header_buffer.header_size ==
1033 handshake_header_size || (session->internals.v2_hello != 0 1045 handshake_header_size || (session->internals.v2_hello != 0
1034 && type == GNUTLS_HANDSHAKE_CLIENT_HELLO 1046 && type == GNUTLS_HANDSHAKE_CLIENT_HELLO
1035 && session->internals. 1047 && session->internals.handshake_header_buffer.
1036 handshake_header_buffer.packet_length > 0)) 1048 packet_length > 0))
1037 { 1049 {
1038 1050
1039 *recv_type = session->internals.handshake_header_buffer.recv_type; 1051 *recv_type = session->internals.handshake_header_buffer.recv_type;
@@ -1076,11 +1088,13 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session,
1076 MHD_gtls_handshake_io_recv_int (session, GNUTLS_HANDSHAKE, 1088 MHD_gtls_handshake_io_recv_int (session, GNUTLS_HANDSHAKE,
1077 type, 1089 type,
1078 &dataptr 1090 &dataptr
1079 [session->internals. 1091 [session->
1080 handshake_header_buffer.header_size], 1092 internals.handshake_header_buffer.
1093 header_size],
1081 HANDSHAKE_HEADER_SIZE - 1094 HANDSHAKE_HEADER_SIZE -
1082 session->internals. 1095 session->
1083 handshake_header_buffer.header_size); 1096 internals.handshake_header_buffer.
1097 header_size);
1084 if (ret <= 0) 1098 if (ret <= 0)
1085 { 1099 {
1086 MHD_gnutls_assert (); 1100 MHD_gnutls_assert ();
@@ -1102,8 +1116,9 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session,
1102 handshake_header_size = HANDSHAKE_HEADER_SIZE; 1116 handshake_header_size = HANDSHAKE_HEADER_SIZE;
1103 1117
1104 MHD__gnutls_handshake_log ("HSK[%x]: %s was received [%ld bytes]\n", 1118 MHD__gnutls_handshake_log ("HSK[%x]: %s was received [%ld bytes]\n",
1105 session, MHD__gnutls_handshake2str (dataptr[0]), 1119 session,
1106 length32 + HANDSHAKE_HEADER_SIZE); 1120 MHD__gnutls_handshake2str (dataptr[0]),
1121 length32 + HANDSHAKE_HEADER_SIZE);
1107 1122
1108 } 1123 }
1109 else 1124 else
@@ -1115,8 +1130,9 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session,
1115 *recv_type = dataptr[0]; 1130 *recv_type = dataptr[0];
1116 1131
1117 MHD__gnutls_handshake_log ("HSK[%x]: %s(v2) was received [%ld bytes]\n", 1132 MHD__gnutls_handshake_log ("HSK[%x]: %s(v2) was received [%ld bytes]\n",
1118 session, MHD__gnutls_handshake2str (*recv_type), 1133 session,
1119 length32 + handshake_header_size); 1134 MHD__gnutls_handshake2str (*recv_type),
1135 length32 + handshake_header_size);
1120 1136
1121 if (*recv_type != GNUTLS_HANDSHAKE_CLIENT_HELLO) 1137 if (*recv_type != GNUTLS_HANDSHAKE_CLIENT_HELLO)
1122 { /* it should be one or nothing */ 1138 { /* it should be one or nothing */
@@ -1147,9 +1163,10 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session,
1147 */ 1163 */
1148static int 1164static int
1149MHD__gnutls_handshake_hash_add_recvd (MHD_gtls_session_t session, 1165MHD__gnutls_handshake_hash_add_recvd (MHD_gtls_session_t session,
1150 MHD_gnutls_handshake_description_t recv_type, 1166 MHD_gnutls_handshake_description_t
1151 opaque * header, uint16_t header_size, 1167 recv_type, opaque * header,
1152 opaque * dataptr, uint32_t datalen) 1168 uint16_t header_size, opaque * dataptr,
1169 uint32_t datalen)
1153{ 1170{
1154 int ret; 1171 int ret;
1155 1172
@@ -1195,7 +1212,8 @@ MHD__gnutls_handshake_hash_add_recvd (MHD_gtls_session_t session,
1195 */ 1212 */
1196int 1213int
1197MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t ** data, 1214MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t ** data,
1198 int *datalen, MHD_gnutls_handshake_description_t type, 1215 int *datalen,
1216 MHD_gnutls_handshake_description_t type,
1199 Optional optional) 1217 Optional optional)
1200{ 1218{
1201 int ret; 1219 int ret;
@@ -1259,11 +1277,12 @@ MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t ** data,
1259 1277
1260 1278
1261 ret = MHD__gnutls_handshake_hash_add_recvd (session, recv_type, 1279 ret = MHD__gnutls_handshake_hash_add_recvd (session, recv_type,
1262 session->internals. 1280 session->
1263 handshake_header_buffer.header, 1281 internals.handshake_header_buffer.
1264 session->internals. 1282 header,
1265 handshake_header_buffer.header_size, 1283 session->
1266 dataptr, length32); 1284 internals.handshake_header_buffer.
1285 header_size, dataptr, length32);
1267 if (ret < 0) 1286 if (ret < 0)
1268 { 1287 {
1269 MHD_gnutls_assert (); 1288 MHD_gnutls_assert ();
@@ -1319,7 +1338,8 @@ MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t ** data,
1319 * to the session; 1338 * to the session;
1320 */ 1339 */
1321static int 1340static int
1322MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session, opaque suite[2]) 1341MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session,
1342 opaque suite[2])
1323{ 1343{
1324 uint8_t z; 1344 uint8_t z;
1325 cipher_suite_st *cipher_suites; 1345 cipher_suite_st *cipher_suites;
@@ -1355,9 +1375,9 @@ MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session, opaque suite[2])
1355 memcpy (session->security_parameters.current_cipher_suite.suite, suite, 2); 1375 memcpy (session->security_parameters.current_cipher_suite.suite, suite, 2);
1356 1376
1357 MHD__gnutls_handshake_log ("HSK[%x]: Selected cipher suite: %s\n", session, 1377 MHD__gnutls_handshake_log ("HSK[%x]: Selected cipher suite: %s\n", session,
1358 MHD_gtls_cipher_suite_get_name 1378 MHD_gtls_cipher_suite_get_name
1359 (&session->security_parameters. 1379 (&session->
1360 current_cipher_suite)); 1380 security_parameters.current_cipher_suite));
1361 1381
1362 1382
1363 /* check if the credentials (username, public key etc.) are ok. 1383 /* check if the credentials (username, public key etc.) are ok.
@@ -1380,8 +1400,8 @@ MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session, opaque suite[2])
1380 */ 1400 */
1381 session->internals.auth_struct = 1401 session->internals.auth_struct =
1382 MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo 1402 MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo
1383 (&session->security_parameters. 1403 (&session->
1384 current_cipher_suite)); 1404 security_parameters.current_cipher_suite));
1385 1405
1386 if (session->internals.auth_struct == NULL) 1406 if (session->internals.auth_struct == NULL)
1387 { 1407 {
@@ -1402,7 +1422,7 @@ MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session, opaque suite[2])
1402 */ 1422 */
1403static int 1423static int
1404MHD__gnutls_client_set_comp_method (MHD_gtls_session_t session, 1424MHD__gnutls_client_set_comp_method (MHD_gtls_session_t session,
1405 opaque comp_method) 1425 opaque comp_method)
1406{ 1426{
1407 int comp_methods_num; 1427 int comp_methods_num;
1408 uint8_t *compression_methods; 1428 uint8_t *compression_methods;
@@ -1446,16 +1466,15 @@ MHD__gnutls_client_set_comp_method (MHD_gtls_session_t session,
1446 */ 1466 */
1447static int 1467static int
1448MHD__gnutls_client_check_if_resuming (MHD_gtls_session_t session, 1468MHD__gnutls_client_check_if_resuming (MHD_gtls_session_t session,
1449 opaque * session_id, int session_id_len) 1469 opaque * session_id, int session_id_len)
1450{ 1470{
1451 opaque buf[2 * TLS_MAX_SESSION_ID_SIZE + 1]; 1471 opaque buf[2 * TLS_MAX_SESSION_ID_SIZE + 1];
1452 1472
1453 MHD__gnutls_handshake_log ("HSK[%x]: SessionID length: %d\n", session, 1473 MHD__gnutls_handshake_log ("HSK[%x]: SessionID length: %d\n", session,
1454 session_id_len); 1474 session_id_len);
1455 MHD__gnutls_handshake_log ("HSK[%x]: SessionID: %s\n", session, 1475 MHD__gnutls_handshake_log ("HSK[%x]: SessionID: %s\n", session,
1456 MHD_gtls_bin2hex (session_id, session_id_len, 1476 MHD_gtls_bin2hex (session_id, session_id_len,
1457 (char*) buf, 1477 (char *) buf, sizeof (buf)));
1458 sizeof (buf)));
1459 1478
1460 if (session_id_len > 0 && 1479 if (session_id_len > 0 &&
1461 session->internals.resumed_security_parameters.session_id_size == 1480 session->internals.resumed_security_parameters.session_id_size ==
@@ -1491,7 +1510,7 @@ MHD__gnutls_client_check_if_resuming (MHD_gtls_session_t session,
1491 */ 1510 */
1492static int 1511static int
1493MHD__gnutls_read_server_hello (MHD_gtls_session_t session, 1512MHD__gnutls_read_server_hello (MHD_gtls_session_t session,
1494 opaque * data, int datalen) 1513 opaque * data, int datalen)
1495{ 1514{
1496 uint8_t session_id_len = 0; 1515 uint8_t session_id_len = 0;
1497 int pos = 0; 1516 int pos = 0;
@@ -1506,7 +1525,7 @@ MHD__gnutls_read_server_hello (MHD_gtls_session_t session,
1506 } 1525 }
1507 1526
1508 MHD__gnutls_handshake_log ("HSK[%x]: Server's version: %d.%d\n", 1527 MHD__gnutls_handshake_log ("HSK[%x]: Server's version: %d.%d\n",
1509 session, data[pos], data[pos + 1]); 1528 session, data[pos], data[pos + 1]);
1510 1529
1511 DECR_LEN (len, 2); 1530 DECR_LEN (len, 2);
1512 version = MHD_gtls_version_get (data[pos], data[pos + 1]); 1531 version = MHD_gtls_version_get (data[pos], data[pos + 1]);
@@ -1594,7 +1613,7 @@ MHD__gnutls_read_server_hello (MHD_gtls_session_t session,
1594 */ 1613 */
1595static int 1614static int
1596MHD__gnutls_copy_ciphersuites (MHD_gtls_session_t session, 1615MHD__gnutls_copy_ciphersuites (MHD_gtls_session_t session,
1597 opaque * ret_data, size_t ret_data_size) 1616 opaque * ret_data, size_t ret_data_size)
1598{ 1617{
1599 int ret, i; 1618 int ret, i;
1600 cipher_suite_st *cipher_suites; 1619 cipher_suite_st *cipher_suites;
@@ -1662,7 +1681,7 @@ MHD__gnutls_copy_ciphersuites (MHD_gtls_session_t session,
1662 */ 1681 */
1663static int 1682static int
1664MHD__gnutls_copy_comp_methods (MHD_gtls_session_t session, 1683MHD__gnutls_copy_comp_methods (MHD_gtls_session_t session,
1665 opaque * ret_data, size_t ret_data_size) 1684 opaque * ret_data, size_t ret_data_size)
1666{ 1685{
1667 int ret, i; 1686 int ret, i;
1668 uint8_t *compression_methods, comp_num; 1687 uint8_t *compression_methods, comp_num;
@@ -1921,7 +1940,7 @@ MHD__gnutls_send_server_hello (MHD_gtls_session_t session, int again)
1921 */ 1940 */
1922 MHD_gnutls_assert (); 1941 MHD_gnutls_assert ();
1923 ret = MHD__gnutls_alert_send (session, GNUTLS_AL_FATAL, 1942 ret = MHD__gnutls_alert_send (session, GNUTLS_AL_FATAL,
1924 GNUTLS_A_UNKNOWN_PSK_IDENTITY); 1943 GNUTLS_A_UNKNOWN_PSK_IDENTITY);
1925 if (ret < 0) 1944 if (ret < 0)
1926 { 1945 {
1927 MHD_gnutls_assert (); 1946 MHD_gnutls_assert ();
@@ -1969,16 +1988,17 @@ MHD__gnutls_send_server_hello (MHD_gtls_session_t session, int again)
1969 pos += session_id_len; 1988 pos += session_id_len;
1970 1989
1971 MHD__gnutls_handshake_log ("HSK[%x]: SessionID: %s\n", session, 1990 MHD__gnutls_handshake_log ("HSK[%x]: SessionID: %s\n", session,
1972 MHD_gtls_bin2hex (SessionID, session_id_len, 1991 MHD_gtls_bin2hex (SessionID, session_id_len,
1973 (char*) buf, sizeof (buf))); 1992 (char *) buf,
1993 sizeof (buf)));
1974 1994
1975 memcpy (&data[pos], 1995 memcpy (&data[pos],
1976 session->security_parameters.current_cipher_suite.suite, 2); 1996 session->security_parameters.current_cipher_suite.suite, 2);
1977 pos += 2; 1997 pos += 2;
1978 1998
1979 comp = 1999 comp =
1980 (uint8_t) MHD_gtls_compression_get_num (session-> 2000 (uint8_t) MHD_gtls_compression_get_num (session->internals.
1981 internals.compression_method); 2001 compression_method);
1982 data[pos++] = comp; 2002 data[pos++] = comp;
1983 2003
1984 2004
@@ -2103,7 +2123,7 @@ MHD__gnutls_rehandshake (MHD_gtls_session_t session)
2103 2123
2104 ret = 2124 ret =
2105 MHD__gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST, 2125 MHD__gnutls_send_empty_handshake (session, GNUTLS_HANDSHAKE_HELLO_REQUEST,
2106 AGAIN (STATE50)); 2126 AGAIN (STATE50));
2107 STATE = STATE50; 2127 STATE = STATE50;
2108 2128
2109 if (ret < 0) 2129 if (ret < 0)
@@ -2260,14 +2280,14 @@ MHD__gnutls_handshake (MHD_gtls_session_t session)
2260 } 2280 }
2261#if MHD_DEBUG_TLS 2281#if MHD_DEBUG_TLS
2262 if (session->security_parameters.entity == GNUTLS_CLIENT) 2282 if (session->security_parameters.entity == GNUTLS_CLIENT)
2263 { 2283 {
2264 ret = MHD_gtls_handshake_client (session); 2284 ret = MHD_gtls_handshake_client (session);
2265 } 2285 }
2266 else 2286 else
2267#endif 2287#endif
2268 { 2288 {
2269 ret = MHD_gtls_handshake_server (session); 2289 ret = MHD_gtls_handshake_server (session);
2270 } 2290 }
2271 2291
2272 if (ret < 0) 2292 if (ret < 0)
2273 { 2293 {
@@ -2323,13 +2343,11 @@ MHD_gtls_handshake_client (MHD_gtls_session_t session)
2323 2343
2324 if (session->internals.resumed_security_parameters.session_id_size > 0) 2344 if (session->internals.resumed_security_parameters.session_id_size > 0)
2325 MHD__gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session, 2345 MHD__gnutls_handshake_log ("HSK[%x]: Ask to resume: %s\n", session,
2326 MHD_gtls_bin2hex (session->internals. 2346 MHD_gtls_bin2hex (session->
2327 resumed_security_parameters. 2347 internals.resumed_security_parameters.session_id,
2328 session_id, 2348 session->
2329 session->internals. 2349 internals.resumed_security_parameters.session_id_size,
2330 resumed_security_parameters. 2350 buf, sizeof (buf)));
2331 session_id_size, buf,
2332 sizeof (buf)));
2333#endif 2351#endif
2334 2352
2335 switch (STATE) 2353 switch (STATE)
@@ -2613,8 +2631,8 @@ MHD_gtls_handshake_server (MHD_gtls_session_t session)
2613 if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */ 2631 if (session->internals.resumed == RESUME_FALSE) /* if we are not resuming */
2614 ret = 2632 ret =
2615 MHD__gnutls_send_empty_handshake (session, 2633 MHD__gnutls_send_empty_handshake (session,
2616 GNUTLS_HANDSHAKE_SERVER_HELLO_DONE, 2634 GNUTLS_HANDSHAKE_SERVER_HELLO_DONE,
2617 AGAIN (STATE6)); 2635 AGAIN (STATE6));
2618 STATE = STATE6; 2636 STATE = STATE6;
2619 IMED_RET ("send server hello done", ret); 2637 IMED_RET ("send server hello done", ret);
2620 2638
@@ -2696,7 +2714,7 @@ MHD_gtls_generate_session_id (opaque * session_id, uint8_t * len)
2696{ 2714{
2697 *len = TLS_MAX_SESSION_ID_SIZE; 2715 *len = TLS_MAX_SESSION_ID_SIZE;
2698 2716
2699 if (MHD_gc_nonce ((char*) session_id, *len) != GC_OK) 2717 if (MHD_gc_nonce ((char *) session_id, *len) != GC_OK)
2700 { 2718 {
2701 MHD_gnutls_assert (); 2719 MHD_gnutls_assert ();
2702 return GNUTLS_E_RANDOM_FAILED; 2720 return GNUTLS_E_RANDOM_FAILED;
@@ -2804,7 +2822,8 @@ check_server_params (MHD_gtls_session_t session,
2804 { 2822 {
2805 MHD_gnutls_psk_server_credentials_t psk_cred = 2823 MHD_gnutls_psk_server_credentials_t psk_cred =
2806 (MHD_gnutls_psk_server_credentials_t) MHD_gtls_get_cred (session->key, 2824 (MHD_gnutls_psk_server_credentials_t) MHD_gtls_get_cred (session->key,
2807 cred_type, NULL); 2825 cred_type,
2826 NULL);
2808 2827
2809 if (psk_cred != NULL) 2828 if (psk_cred != NULL)
2810 { 2829 {
@@ -2889,8 +2908,9 @@ MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session,
2889 if (ret < 0) 2908 if (ret < 0)
2890 { 2909 {
2891 MHD_gnutls_assert (); 2910 MHD_gnutls_assert ();
2892 MHD__gnutls_x509_log ("Could not find an appropriate certificate: %s\n", 2911 MHD__gnutls_x509_log
2893 MHD_gtls_strerror (ret)); 2912 ("Could not find an appropriate certificate: %s\n",
2913 MHD_gtls_strerror (ret));
2894 cert_cred = NULL; 2914 cert_cred = NULL;
2895 } 2915 }
2896 } 2916 }
@@ -2954,8 +2974,8 @@ MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session,
2954 { 2974 {
2955 2975
2956 MHD__gnutls_handshake_log ("HSK[%x]: Keeping ciphersuite: %s\n", 2976 MHD__gnutls_handshake_log ("HSK[%x]: Keeping ciphersuite: %s\n",
2957 session, 2977 session,
2958 MHD_gtls_cipher_suite_get_name (&cs)); 2978 MHD_gtls_cipher_suite_get_name (&cs));
2959 2979
2960 memcpy (newSuite[newSuiteSize].suite, (*cipherSuites)[i].suite, 2); 2980 memcpy (newSuite[newSuiteSize].suite, (*cipherSuites)[i].suite, 2);
2961 newSuiteSize++; 2981 newSuiteSize++;
@@ -2963,8 +2983,8 @@ MHD_gtls_remove_unwanted_ciphersuites (MHD_gtls_session_t session,
2963 else 2983 else
2964 { 2984 {
2965 MHD__gnutls_handshake_log ("HSK[%x]: Removing ciphersuite: %s\n", 2985 MHD__gnutls_handshake_log ("HSK[%x]: Removing ciphersuite: %s\n",
2966 session, 2986 session,
2967 MHD_gtls_cipher_suite_get_name (&cs)); 2987 MHD_gtls_cipher_suite_get_name (&cs));
2968 2988
2969 } 2989 }
2970 } 2990 }
diff --git a/src/daemon/https/tls/gnutls_handshake.h b/src/daemon/https/tls/gnutls_handshake.h
index 6ef002c6..58c95a84 100644
--- a/src/daemon/https/tls/gnutls_handshake.h
+++ b/src/daemon/https/tls/gnutls_handshake.h
@@ -37,7 +37,8 @@ int MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t **, int *,
37 MHD_gnutls_handshake_description_t, 37 MHD_gnutls_handshake_description_t,
38 Optional optional); 38 Optional optional);
39void 39void
40MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session, size_t max); 40MHD__gnutls_handshake_set_max_packet_length (MHD_gtls_session_t session,
41 size_t max);
41 42
42#define STATE session->internals.handshake_state 43#define STATE session->internals.handshake_state
43/* This returns true if we have got there 44/* This returns true if we have got there
diff --git a/src/daemon/https/tls/gnutls_hash_int.c b/src/daemon/https/tls/gnutls_hash_int.c
index 97b6680d..cc61203d 100644
--- a/src/daemon/https/tls/gnutls_hash_int.c
+++ b/src/daemon/https/tls/gnutls_hash_int.c
@@ -133,7 +133,7 @@ MHD_gnutls_hash_deinit (GNUTLS_HASH_HANDLE handle, void *digest)
133 133
134 maclen = MHD_gnutls_hash_get_algo_len (handle->algorithm); 134 maclen = MHD_gnutls_hash_get_algo_len (handle->algorithm);
135 135
136 mac = (unsigned char*) MHD_gc_hash_read (handle->handle); 136 mac = (unsigned char *) MHD_gc_hash_read (handle->handle);
137 if (digest != NULL) 137 if (digest != NULL)
138 memcpy (digest, mac, maclen); 138 memcpy (digest, mac, maclen);
139 139
@@ -145,7 +145,7 @@ MHD_gnutls_hash_deinit (GNUTLS_HASH_HANDLE handle, void *digest)
145 145
146mac_hd_t 146mac_hd_t
147MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm, 147MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm,
148 const void *key, int keylen) 148 const void *key, int keylen)
149{ 149{
150 mac_hd_t ret; 150 mac_hd_t ret;
151 int result; 151 int result;
@@ -154,7 +154,8 @@ MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm,
154 if (ret == NULL) 154 if (ret == NULL)
155 return GNUTLS_MAC_FAILED; 155 return GNUTLS_MAC_FAILED;
156 156
157 result = MHD_gc_hash_open (MHD__gnutls_mac2gc (algorithm), GC_HMAC, &ret->handle); 157 result =
158 MHD_gc_hash_open (MHD__gnutls_mac2gc (algorithm), GC_HMAC, &ret->handle);
158 if (result) 159 if (result)
159 { 160 {
160 MHD_gnutls_free (ret); 161 MHD_gnutls_free (ret);
@@ -178,7 +179,7 @@ MHD_gnutls_MHD_hmac_deinit (mac_hd_t handle, void *digest)
178 179
179 maclen = MHD_gnutls_hash_get_algo_len (handle->algorithm); 180 maclen = MHD_gnutls_hash_get_algo_len (handle->algorithm);
180 181
181 mac = (unsigned char*) MHD_gc_hash_read (handle->handle); 182 mac = (unsigned char *) MHD_gc_hash_read (handle->handle);
182 183
183 if (digest != NULL) 184 if (digest != NULL)
184 memcpy (digest, mac, maclen); 185 memcpy (digest, mac, maclen);
diff --git a/src/daemon/https/tls/gnutls_hash_int.h b/src/daemon/https/tls/gnutls_hash_int.h
index 72f805ee..bd3dec29 100644
--- a/src/daemon/https/tls/gnutls_hash_int.h
+++ b/src/daemon/https/tls/gnutls_hash_int.h
@@ -43,7 +43,7 @@ typedef mac_hd_t GNUTLS_HASH_HANDLE;
43#define GNUTLS_MAC_FAILED NULL 43#define GNUTLS_MAC_FAILED NULL
44 44
45mac_hd_t MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm, 45mac_hd_t MHD_gtls_MHD_hmac_init (enum MHD_GNUTLS_HashAlgorithm algorithm,
46 const void *key, int keylen); 46 const void *key, int keylen);
47 47
48void MHD_gnutls_MHD_hmac_deinit (mac_hd_t handle, void *digest); 48void MHD_gnutls_MHD_hmac_deinit (mac_hd_t handle, void *digest);
49 49
diff --git a/src/daemon/https/tls/gnutls_kx.c b/src/daemon/https/tls/gnutls_kx.c
index 5f0966f8..58850318 100644
--- a/src/daemon/https/tls/gnutls_kx.c
+++ b/src/daemon/https/tls/gnutls_kx.c
@@ -62,14 +62,16 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster)
62 char buf[512]; 62 char buf[512];
63 63
64 MHD__gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size, 64 MHD__gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size,
65 MHD_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf, 65 MHD_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf,
66 sizeof (buf))); 66 sizeof (buf)));
67 MHD__gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, 67 MHD__gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32,
68 MHD_gtls_bin2hex (session->security_parameters. 68 MHD_gtls_bin2hex (session->
69 client_random, 32, buf, sizeof (buf))); 69 security_parameters.client_random,
70 32, buf, sizeof (buf)));
70 MHD__gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, 71 MHD__gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32,
71 MHD_gtls_bin2hex (session->security_parameters. 72 MHD_gtls_bin2hex (session->
72 server_random, 32, buf, sizeof (buf))); 73 security_parameters.server_random,
74 32, buf, sizeof (buf)));
73 75
74 if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) 76 if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
75 { 77 {
@@ -84,8 +86,8 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster)
84 MHD_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, 86 MHD_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size,
85 rnd, 2 * TLS_RANDOM_SIZE, 87 rnd, 2 * TLS_RANDOM_SIZE,
86 TLS_MASTER_SIZE, 88 TLS_MASTER_SIZE,
87 session->security_parameters. 89 session->
88 master_secret); 90 security_parameters.master_secret);
89 91
90 } 92 }
91 else if (session->security_parameters.extensions.oprfi_client_len > 0 && 93 else if (session->security_parameters.extensions.oprfi_client_len > 0 &&
@@ -105,21 +107,25 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster)
105 } 107 }
106 108
107 MHD__gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n", 109 MHD__gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n",
108 session->security_parameters. 110 session->security_parameters.extensions.
109 extensions.oprfi_server_len, 111 oprfi_server_len,
110 MHD_gtls_bin2hex (session->security_parameters. 112 MHD_gtls_bin2hex (session->
111 extensions.oprfi_client, 113 security_parameters.extensions.
112 session->security_parameters. 114 oprfi_client,
113 extensions.oprfi_client_len, buf, 115 session->
114 sizeof (buf))); 116 security_parameters.extensions.
117 oprfi_client_len, buf,
118 sizeof (buf)));
115 MHD__gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n", 119 MHD__gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n",
116 session->security_parameters. 120 session->security_parameters.extensions.
117 extensions.oprfi_server_len, 121 oprfi_server_len,
118 MHD_gtls_bin2hex (session->security_parameters. 122 MHD_gtls_bin2hex (session->
119 extensions.oprfi_server, 123 security_parameters.extensions.
120 session->security_parameters. 124 oprfi_server,
121 extensions.oprfi_server_len, buf, 125 session->
122 sizeof (buf))); 126 security_parameters.extensions.
127 oprfi_server_len, buf,
128 sizeof (buf)));
123 129
124 memcpy (rnd, session->security_parameters.client_random, 130 memcpy (rnd, session->security_parameters.client_random,
125 TLS_RANDOM_SIZE); 131 TLS_RANDOM_SIZE);
@@ -169,9 +175,10 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster)
169 return ret; 175 return ret;
170 176
171 MHD__gnutls_hard_log ("INT: MASTER SECRET: %s\n", 177 MHD__gnutls_hard_log ("INT: MASTER SECRET: %s\n",
172 MHD_gtls_bin2hex (session->security_parameters. 178 MHD_gtls_bin2hex (session->
173 master_secret, TLS_MASTER_SIZE, buf, 179 security_parameters.master_secret,
174 sizeof (buf))); 180 TLS_MASTER_SIZE, buf,
181 sizeof (buf)));
175 182
176 return ret; 183 return ret;
177} 184}
@@ -237,8 +244,8 @@ MHD_gtls_send_server_certificate_request (MHD_gtls_session_t session,
237 int data_size = 0; 244 int data_size = 0;
238 int ret = 0; 245 int ret = 0;
239 246
240 if (session->internals.auth_struct-> 247 if (session->internals.
241 MHD_gtls_gen_server_certificate_request == NULL) 248 auth_struct->MHD_gtls_gen_server_certificate_request == NULL)
242 return 0; 249 return 0;
243 250
244 if (session->internals.send_cert_req <= 0) 251 if (session->internals.send_cert_req <= 0)
@@ -250,8 +257,8 @@ MHD_gtls_send_server_certificate_request (MHD_gtls_session_t session,
250 if (again == 0) 257 if (again == 0)
251 { 258 {
252 data_size = 259 data_size =
253 session->internals.auth_struct-> 260 session->internals.
254 MHD_gtls_gen_server_certificate_request (session, &data); 261 auth_struct->MHD_gtls_gen_server_certificate_request (session, &data);
255 262
256 if (data_size < 0) 263 if (data_size < 0)
257 { 264 {
@@ -350,8 +357,8 @@ MHD_gtls_send_client_certificate_verify (MHD_gtls_session_t session,
350 if (again == 0) 357 if (again == 0)
351 { 358 {
352 data_size = 359 data_size =
353 session->internals.auth_struct-> 360 session->internals.
354 MHD_gtls_gen_client_cert_vrfy (session, &data); 361 auth_struct->MHD_gtls_gen_client_cert_vrfy (session, &data);
355 if (data_size < 0) 362 if (data_size < 0)
356 { 363 {
357 MHD_gnutls_assert (); 364 MHD_gnutls_assert ();
@@ -423,8 +430,8 @@ MHD_gtls_recv_server_certificate_request (MHD_gtls_session_t session)
423 int datasize; 430 int datasize;
424 int ret = 0; 431 int ret = 0;
425 432
426 if (session->internals.auth_struct-> 433 if (session->internals.
427 MHD_gtls_process_server_certificate_request != NULL) 434 auth_struct->MHD_gtls_process_server_certificate_request != NULL)
428 { 435 {
429 436
430 ret = 437 ret =
@@ -439,8 +446,10 @@ MHD_gtls_recv_server_certificate_request (MHD_gtls_session_t session)
439 return 0; /* ignored */ 446 return 0; /* ignored */
440 447
441 ret = 448 ret =
442 session->internals.auth_struct-> 449 session->internals.
443 MHD_gtls_process_server_certificate_request (session, data, datasize); 450 auth_struct->MHD_gtls_process_server_certificate_request (session,
451 data,
452 datasize);
444 MHD_gnutls_free (data); 453 MHD_gnutls_free (data);
445 if (ret < 0) 454 if (ret < 0)
446 return ret; 455 return ret;
@@ -504,14 +513,15 @@ MHD_gtls_send_client_certificate (MHD_gtls_session_t session, int again)
504 513
505 if (again == 0) 514 if (again == 0)
506 { 515 {
507 if (MHD__gnutls_protocol_get_version (session) != MHD_GNUTLS_PROTOCOL_SSL3 || 516 if (MHD__gnutls_protocol_get_version (session) !=
508 session->internals.selected_cert_list_length > 0) 517 MHD_GNUTLS_PROTOCOL_SSL3
518 || session->internals.selected_cert_list_length > 0)
509 { 519 {
510 /* TLS 1.0 or SSL 3.0 with a valid certificate 520 /* TLS 1.0 or SSL 3.0 with a valid certificate
511 */ 521 */
512 data_size = 522 data_size =
513 session->internals.auth_struct-> 523 session->internals.
514 MHD_gtls_gen_client_certificate (session, &data); 524 auth_struct->MHD_gtls_gen_client_certificate (session, &data);
515 525
516 if (data_size < 0) 526 if (data_size < 0)
517 { 527 {
@@ -525,12 +535,12 @@ MHD_gtls_send_client_certificate (MHD_gtls_session_t session, int again)
525 * no certificate alert instead of an 535 * no certificate alert instead of an
526 * empty certificate. 536 * empty certificate.
527 */ 537 */
528 if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && 538 if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3
529 session->internals.selected_cert_list_length == 0) 539 && session->internals.selected_cert_list_length == 0)
530 { 540 {
531 ret = 541 ret =
532 MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING, 542 MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING,
533 GNUTLS_A_SSL3_NO_CERTIFICATE); 543 GNUTLS_A_SSL3_NO_CERTIFICATE);
534 544
535 } 545 }
536 else 546 else
@@ -571,8 +581,8 @@ MHD_gtls_send_server_certificate (MHD_gtls_session_t session, int again)
571 if (again == 0) 581 if (again == 0)
572 { 582 {
573 data_size = 583 data_size =
574 session->internals.auth_struct-> 584 session->internals.
575 MHD_gtls_gen_server_certificate (session, &data); 585 auth_struct->MHD_gtls_gen_server_certificate (session, &data);
576 586
577 if (data_size < 0) 587 if (data_size < 0)
578 { 588 {
@@ -632,8 +642,10 @@ MHD_gtls_recv_client_certificate (MHD_gtls_session_t session)
632 */ 642 */
633 if (optional == OPTIONAL_PACKET && 643 if (optional == OPTIONAL_PACKET &&
634 ret == GNUTLS_E_WARNING_ALERT_RECEIVED && 644 ret == GNUTLS_E_WARNING_ALERT_RECEIVED &&
635 MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 && 645 MHD__gnutls_protocol_get_version (session) ==
636 MHD_gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE) 646 MHD_GNUTLS_PROTOCOL_SSL3
647 && MHD_gnutls_alert_get (session) ==
648 GNUTLS_A_SSL3_NO_CERTIFICATE)
637 { 649 {
638 650
639 /* SSL3 does not send an empty certificate, 651 /* SSL3 does not send an empty certificate,
@@ -666,8 +678,9 @@ MHD_gtls_recv_client_certificate (MHD_gtls_session_t session)
666 return 0; 678 return 0;
667 } 679 }
668 ret = 680 ret =
669 session->internals.auth_struct-> 681 session->internals.
670 MHD_gtls_process_client_certificate (session, data, datasize); 682 auth_struct->MHD_gtls_process_client_certificate (session, data,
683 datasize);
671 684
672 MHD_gnutls_free (data); 685 MHD_gnutls_free (data);
673 if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) 686 if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND)
@@ -711,8 +724,9 @@ MHD_gtls_recv_server_certificate (MHD_gtls_session_t session)
711 } 724 }
712 725
713 ret = 726 ret =
714 session->internals.auth_struct-> 727 session->internals.
715 MHD_gtls_process_server_certificate (session, data, datasize); 728 auth_struct->MHD_gtls_process_server_certificate (session, data,
729 datasize);
716 MHD_gnutls_free (data); 730 MHD_gnutls_free (data);
717 if (ret < 0) 731 if (ret < 0)
718 { 732 {
@@ -763,8 +777,9 @@ MHD_gtls_recv_client_certificate_verify_message (MHD_gtls_session_t session)
763 } 777 }
764 778
765 ret = 779 ret =
766 session->internals.auth_struct-> 780 session->internals.
767 MHD_gtls_process_client_cert_vrfy (session, data, datasize); 781 auth_struct->MHD_gtls_process_client_cert_vrfy (session, data,
782 datasize);
768 MHD_gnutls_free (data); 783 MHD_gnutls_free (data);
769 if (ret < 0) 784 if (ret < 0)
770 return ret; 785 return ret;
diff --git a/src/daemon/https/tls/gnutls_mem.c b/src/daemon/https/tls/gnutls_mem.c
index fda4099b..1f0a743d 100644
--- a/src/daemon/https/tls/gnutls_mem.c
+++ b/src/daemon/https/tls/gnutls_mem.c
@@ -40,7 +40,8 @@ MHD__gnutls_is_secure_mem_null (const void *ign)
40 return 0; 40 return 0;
41} 41}
42 42
43int (*MHD__gnutls_is_secure_memory) (const void *) = MHD__gnutls_is_secure_mem_null; 43int (*MHD__gnutls_is_secure_memory) (const void *) =
44 MHD__gnutls_is_secure_mem_null;
44 45
45 46
46void * 47void *
diff --git a/src/daemon/https/tls/gnutls_mpi.c b/src/daemon/https/tls/gnutls_mpi.c
index 034b189f..918e6480 100644
--- a/src/daemon/https/tls/gnutls_mpi.c
+++ b/src/daemon/https/tls/gnutls_mpi.c
@@ -241,7 +241,8 @@ MHD__gnutls_x509_read_int (ASN1_TYPE node, const char *value, mpi_t * ret_mpi)
241/* Writes the specified integer into the specified node. 241/* Writes the specified integer into the specified node.
242 */ 242 */
243int 243int
244MHD__gnutls_x509_write_int (ASN1_TYPE node, const char *value, mpi_t mpi, int lz) 244MHD__gnutls_x509_write_int (ASN1_TYPE node, const char *value, mpi_t mpi,
245 int lz)
245{ 246{
246 opaque *tmpstr; 247 opaque *tmpstr;
247 size_t s_len; 248 size_t s_len;
diff --git a/src/daemon/https/tls/gnutls_pk.c b/src/daemon/https/tls/gnutls_pk.c
index c4ec508a..7e170a32 100644
--- a/src/daemon/https/tls/gnutls_pk.c
+++ b/src/daemon/https/tls/gnutls_pk.c
@@ -41,13 +41,13 @@
41#include "mpi.h" 41#include "mpi.h"
42 42
43static int MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data, 43static int MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data,
44 mpi_t * pkey, int pkey_len); 44 mpi_t * pkey, int pkey_len);
45static int MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, 45static int MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash,
46 mpi_t * pkey, int); 46 mpi_t * pkey, int);
47static int MHD__gnutls_pk_verify (int algo, mpi_t hash, mpi_t * data, 47static int MHD__gnutls_pk_verify (int algo, mpi_t hash, mpi_t * data,
48 mpi_t * pkey, int); 48 mpi_t * pkey, int);
49static int MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data, 49static int MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data,
50 mpi_t * pkey, int); 50 mpi_t * pkey, int);
51 51
52 52
53/* Do PKCS-1 RSA encryption. 53/* Do PKCS-1 RSA encryption.
@@ -104,7 +104,7 @@ MHD_gtls_pkcs1_rsa_encrypt (MHD_gnutls_datum_t * ciphertext,
104 return GNUTLS_E_INTERNAL_ERROR; 104 return GNUTLS_E_INTERNAL_ERROR;
105 } 105 }
106 106
107 if (MHD_gc_pseudo_random ((char*)ps, psize) != GC_OK) 107 if (MHD_gc_pseudo_random ((char *) ps, psize) != GC_OK)
108 { 108 {
109 MHD_gnutls_assert (); 109 MHD_gnutls_assert ();
110 MHD_gnutls_afree (edata); 110 MHD_gnutls_afree (edata);
@@ -113,7 +113,7 @@ MHD_gtls_pkcs1_rsa_encrypt (MHD_gnutls_datum_t * ciphertext,
113 for (i = 0; i < psize; i++) 113 for (i = 0; i < psize; i++)
114 while (ps[i] == 0) 114 while (ps[i] == 0)
115 { 115 {
116 if (MHD_gc_pseudo_random ((char*) &ps[i], 1) != GC_OK) 116 if (MHD_gc_pseudo_random ((char *) &ps[i], 1) != GC_OK)
117 { 117 {
118 MHD_gnutls_assert (); 118 MHD_gnutls_assert ();
119 MHD_gnutls_afree (edata); 119 MHD_gnutls_afree (edata);
@@ -391,8 +391,8 @@ encode_ber_rs (MHD_gnutls_datum_t * sig_value, mpi_t r, mpi_t s)
391 391
392 if ((result = 392 if ((result =
393 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), 393 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
394 "GNUTLS.DSASignatureValue", 394 "GNUTLS.DSASignatureValue",
395 &sig)) != ASN1_SUCCESS) 395 &sig)) != ASN1_SUCCESS)
396 { 396 {
397 MHD_gnutls_assert (); 397 MHD_gnutls_assert ();
398 return MHD_gtls_asn2err (result); 398 return MHD_gtls_asn2err (result);
@@ -489,14 +489,15 @@ decode_ber_rs (const MHD_gnutls_datum_t * sig_value, mpi_t * r, mpi_t * s)
489 489
490 if ((result = 490 if ((result =
491 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), 491 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
492 "GNUTLS.DSASignatureValue", 492 "GNUTLS.DSASignatureValue",
493 &sig)) != ASN1_SUCCESS) 493 &sig)) != ASN1_SUCCESS)
494 { 494 {
495 MHD_gnutls_assert (); 495 MHD_gnutls_assert ();
496 return MHD_gtls_asn2err (result); 496 return MHD_gtls_asn2err (result);
497 } 497 }
498 498
499 result = MHD__asn1_der_decoding (&sig, sig_value->data, sig_value->size, NULL); 499 result =
500 MHD__asn1_der_decoding (&sig, sig_value->data, sig_value->size, NULL);
500 if (result != ASN1_SUCCESS) 501 if (result != ASN1_SUCCESS)
501 { 502 {
502 MHD_gnutls_assert (); 503 MHD_gnutls_assert ();
@@ -585,7 +586,7 @@ MHD_gtls_dsa_verify (const MHD_gnutls_datum_t * vdata,
585 */ 586 */
586static int 587static int
587MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data, 588MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data,
588 mpi_t * pkey, int pkey_len) 589 mpi_t * pkey, int pkey_len)
589{ 590{
590 gcry_sexp_t s_ciph, s_data, s_pkey; 591 gcry_sexp_t s_ciph, s_data, s_pkey;
591 int rc = -1; 592 int rc = -1;
@@ -657,7 +658,7 @@ MHD__gnutls_pk_encrypt (int algo, mpi_t * resarr, mpi_t data,
657 658
658static int 659static int
659MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data, mpi_t * pkey, 660MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data, mpi_t * pkey,
660 int pkey_len) 661 int pkey_len)
661{ 662{
662 gcry_sexp_t s_plain, s_data, s_pkey; 663 gcry_sexp_t s_plain, s_data, s_pkey;
663 int rc = -1; 664 int rc = -1;
@@ -724,7 +725,7 @@ MHD__gnutls_pk_decrypt (int algo, mpi_t * resarr, mpi_t data, mpi_t * pkey,
724 */ 725 */
725static int 726static int
726MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, mpi_t * pkey, 727MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, mpi_t * pkey,
727 int pkey_len) 728 int pkey_len)
728{ 729{
729 gcry_sexp_t s_hash, s_key, s_sig; 730 gcry_sexp_t s_hash, s_key, s_sig;
730 int rc = -1; 731 int rc = -1;
@@ -834,7 +835,7 @@ MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, mpi_t * pkey,
834 835
835static int 836static int
836MHD__gnutls_pk_verify (int algo, mpi_t hash, mpi_t * data, 837MHD__gnutls_pk_verify (int algo, mpi_t hash, mpi_t * data,
837 mpi_t * pkey, int pkey_len) 838 mpi_t * pkey, int pkey_len)
838{ 839{
839 gcry_sexp_t s_sig, s_hash, s_pkey; 840 gcry_sexp_t s_sig, s_hash, s_pkey;
840 int rc = -1; 841 int rc = -1;
diff --git a/src/daemon/https/tls/gnutls_pk.h b/src/daemon/https/tls/gnutls_pk.h
index bd153a45..9c4fa16f 100644
--- a/src/daemon/https/tls/gnutls_pk.h
+++ b/src/daemon/https/tls/gnutls_pk.h
@@ -37,8 +37,8 @@ int MHD_gtls_pkcs1_rsa_decrypt (MHD_gnutls_datum_t * plaintext,
37 mpi_t * params, unsigned params_len, 37 mpi_t * params, unsigned params_len,
38 unsigned btype); 38 unsigned btype);
39int MHD_gtls_rsa_verify (const MHD_gnutls_datum_t * vdata, 39int MHD_gtls_rsa_verify (const MHD_gnutls_datum_t * vdata,
40 const MHD_gnutls_datum_t * ciphertext, mpi_t * params, 40 const MHD_gnutls_datum_t * ciphertext,
41 int params_len, int btype); 41 mpi_t * params, int params_len, int btype);
42int MHD_gtls_dsa_verify (const MHD_gnutls_datum_t * vdata, 42int MHD_gtls_dsa_verify (const MHD_gnutls_datum_t * vdata,
43 const MHD_gnutls_datum_t * sig_value, mpi_t * params, 43 const MHD_gnutls_datum_t * sig_value, mpi_t * params,
44 int params_len); 44 int params_len);
diff --git a/src/daemon/https/tls/gnutls_priority.c b/src/daemon/https/tls/gnutls_priority.c
index 06398e83..62bf3489 100644
--- a/src/daemon/https/tls/gnutls_priority.c
+++ b/src/daemon/https/tls/gnutls_priority.c
@@ -71,11 +71,10 @@ _set_priority (MHD_gtls_priority_st * st, const int *list)
71{ 71{
72 int num = 0; 72 int num = 0;
73 73
74 while ( (list[num] != 0) && 74 while ((list[num] != 0) && (num < MAX_ALGOS))
75 (num < MAX_ALGOS) )
76 num++; 75 num++;
77 st->num_algorithms = num; 76 st->num_algorithms = num;
78 memcpy(st->priority, list, num * sizeof(int)); 77 memcpy (st->priority, list, num * sizeof (int));
79 return 0; 78 return 0;
80} 79}
81 80
@@ -142,7 +141,7 @@ MHD__gnutls_mac_set_priority (MHD_gtls_session_t session, const int *list)
142 **/ 141 **/
143int 142int
144MHD__gnutls_compression_set_priority (MHD_gtls_session_t session, 143MHD__gnutls_compression_set_priority (MHD_gtls_session_t session,
145 const int *list) 144 const int *list)
146{ 145{
147 return _set_priority (&session->internals.priorities.compression, list); 146 return _set_priority (&session->internals.priorities.compression, list);
148} 147}
@@ -160,7 +159,8 @@ MHD__gnutls_compression_set_priority (MHD_gtls_session_t session,
160 * 159 *
161 **/ 160 **/
162int 161int
163MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session, const int *list) 162MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session,
163 const int *list)
164{ 164{
165 int ret; 165 int ret;
166 166
@@ -190,7 +190,7 @@ MHD__gnutls_protocol_set_priority (MHD_gtls_session_t session, const int *list)
190 **/ 190 **/
191int 191int
192MHD__gnutls_certificate_type_set_priority (MHD_gtls_session_t session, 192MHD__gnutls_certificate_type_set_priority (MHD_gtls_session_t session,
193 const int *list) 193 const int *list)
194{ 194{
195#if ENABLE_OPENPGP 195#if ENABLE_OPENPGP
196 return _set_priority (&session->internals.priorities.cert_type, list); 196 return _set_priority (&session->internals.priorities.cert_type, list);
@@ -243,7 +243,7 @@ typedef void (rmadd_func) (MHD_gtls_priority_st * priority_list, int alg);
243 **/ 243 **/
244int 244int
245MHD__gnutls_priority_set (MHD_gtls_session_t session, 245MHD__gnutls_priority_set (MHD_gtls_session_t session,
246 MHD_gnutls_priority_t priority) 246 MHD_gnutls_priority_t priority)
247{ 247{
248 if (priority == NULL) 248 if (priority == NULL)
249 { 249 {
@@ -326,7 +326,8 @@ int
326MHD_tls_set_default_priority (MHD_gnutls_priority_t * priority_cache, 326MHD_tls_set_default_priority (MHD_gnutls_priority_t * priority_cache,
327 const char *priorities, const char **err_pos) 327 const char *priorities, const char **err_pos)
328{ 328{
329 *priority_cache = MHD_gnutls_calloc (1, sizeof (struct MHD_gtls_priority_st)); 329 *priority_cache =
330 MHD_gnutls_calloc (1, sizeof (struct MHD_gtls_priority_st));
330 if (*priority_cache == NULL) 331 if (*priority_cache == NULL)
331 { 332 {
332 MHD_gnutls_assert (); 333 MHD_gnutls_assert ();
@@ -375,7 +376,7 @@ MHD__gnutls_priority_deinit (MHD_gnutls_priority_t priority_cache)
375 **/ 376 **/
376int 377int
377MHD__gnutls_priority_set_direct (MHD_gtls_session_t session, 378MHD__gnutls_priority_set_direct (MHD_gtls_session_t session,
378 const char *priorities, const char **err_pos) 379 const char *priorities, const char **err_pos)
379{ 380{
380 MHD_gnutls_priority_t prio; 381 MHD_gnutls_priority_t prio;
381 int ret; 382 int ret;
diff --git a/src/daemon/https/tls/gnutls_record.c b/src/daemon/https/tls/gnutls_record.c
index 9ccdb1e3..80d5f70f 100644
--- a/src/daemon/https/tls/gnutls_record.c
+++ b/src/daemon/https/tls/gnutls_record.c
@@ -109,7 +109,7 @@ MHD_gtls_record_disable_padding (MHD_gtls_session_t session)
109 **/ 109 **/
110void 110void
111MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session, 111MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session,
112 MHD_gnutls_transport_ptr_t ptr) 112 MHD_gnutls_transport_ptr_t ptr)
113{ 113{
114 session->internals.transport_recv_ptr = ptr; 114 session->internals.transport_recv_ptr = ptr;
115 session->internals.transport_send_ptr = ptr; 115 session->internals.transport_send_ptr = ptr;
@@ -128,8 +128,8 @@ MHD__gnutls_transport_set_ptr (MHD_gtls_session_t session,
128 **/ 128 **/
129void 129void
130MHD__gnutls_transport_set_ptr2 (MHD_gtls_session_t session, 130MHD__gnutls_transport_set_ptr2 (MHD_gtls_session_t session,
131 MHD_gnutls_transport_ptr_t recv_ptr, 131 MHD_gnutls_transport_ptr_t recv_ptr,
132 MHD_gnutls_transport_ptr_t send_ptr) 132 MHD_gnutls_transport_ptr_t send_ptr)
133{ 133{
134 session->internals.transport_send_ptr = send_ptr; 134 session->internals.transport_send_ptr = send_ptr;
135 session->internals.transport_recv_ptr = recv_ptr; 135 session->internals.transport_recv_ptr = recv_ptr;
@@ -188,7 +188,7 @@ MHD__gnutls_bye (MHD_gtls_session_t session, MHD_gnutls_close_request_t how)
188 case STATE61: 188 case STATE61:
189 ret = 189 ret =
190 MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING, 190 MHD__gnutls_alert_send (session, GNUTLS_AL_WARNING,
191 GNUTLS_A_CLOSE_NOTIFY); 191 GNUTLS_A_CLOSE_NOTIFY);
192 STATE = STATE61; 192 STATE = STATE61;
193 if (ret < 0) 193 if (ret < 0)
194 { 194 {
@@ -258,7 +258,8 @@ session_is_valid (MHD_gtls_session_t session)
258 */ 258 */
259inline static void 259inline static void
260copy_record_version (MHD_gtls_session_t session, 260copy_record_version (MHD_gtls_session_t session,
261 MHD_gnutls_handshake_description_t htype, opaque version[2]) 261 MHD_gnutls_handshake_description_t htype,
262 opaque version[2])
262{ 263{
263 enum MHD_GNUTLS_Protocol lver; 264 enum MHD_GNUTLS_Protocol lver;
264 265
@@ -331,8 +332,8 @@ MHD_gtls_send_int (MHD_gtls_session_t session,
331 332
332 MHD__gnutls_record_log 333 MHD__gnutls_record_log
333 ("REC[%x]: Sending Packet[%d] %s(%d) with length: %d\n", session, 334 ("REC[%x]: Sending Packet[%d] %s(%d) with length: %d\n", session,
334 (int) MHD_gtls_uint64touint32 (&session->connection_state. 335 (int) MHD_gtls_uint64touint32 (&session->
335 write_sequence_number), 336 connection_state.write_sequence_number),
336 MHD__gnutls_packet2str (type), type, sizeofdata); 337 MHD__gnutls_packet2str (type), type, sizeofdata);
337 338
338 if (sizeofdata > MAX_RECORD_SEND_SIZE) 339 if (sizeofdata > MAX_RECORD_SEND_SIZE)
@@ -424,11 +425,11 @@ MHD_gtls_send_int (MHD_gtls_session_t session,
424 session->internals.record_send_buffer_user_size = 0; 425 session->internals.record_send_buffer_user_size = 0;
425 426
426 MHD__gnutls_record_log ("REC[%x]: Sent Packet[%d] %s(%d) with length: %d\n", 427 MHD__gnutls_record_log ("REC[%x]: Sent Packet[%d] %s(%d) with length: %d\n",
427 session, 428 session,
428 (int) 429 (int)
429 MHD_gtls_uint64touint32 430 MHD_gtls_uint64touint32
430 (&session->connection_state.write_sequence_number), 431 (&session->connection_state.write_sequence_number),
431 MHD__gnutls_packet2str (type), type, cipher_size); 432 MHD__gnutls_packet2str (type), type, cipher_size);
432 433
433 return retval; 434 return retval;
434} 435}
@@ -547,7 +548,7 @@ record_check_headers (MHD_gtls_session_t session,
547 session->internals.v2_hello = *length; 548 session->internals.v2_hello = *length;
548 549
549 MHD__gnutls_record_log ("REC[%x]: V2 packet received. Length: %d\n", 550 MHD__gnutls_record_log ("REC[%x]: V2 packet received. Length: %d\n",
550 session, *length); 551 session, *length);
551 552
552 } 553 }
553 else 554 else
@@ -570,7 +571,8 @@ record_check_headers (MHD_gtls_session_t session,
570 */ 571 */
571inline static int 572inline static int
572record_check_version (MHD_gtls_session_t session, 573record_check_version (MHD_gtls_session_t session,
573 MHD_gnutls_handshake_description_t htype, opaque version[2]) 574 MHD_gnutls_handshake_description_t htype,
575 opaque version[2])
574{ 576{
575 if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO) 577 if (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO)
576 { 578 {
@@ -595,7 +597,7 @@ record_check_version (MHD_gtls_session_t session,
595 */ 597 */
596 MHD_gnutls_assert (); 598 MHD_gnutls_assert ();
597 MHD__gnutls_record_log ("REC[%x]: INVALID VERSION PACKET: (%d) %d.%d\n", 599 MHD__gnutls_record_log ("REC[%x]: INVALID VERSION PACKET: (%d) %d.%d\n",
598 session, htype, version[0], version[1]); 600 session, htype, version[0], version[1]);
599 601
600 return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; 602 return GNUTLS_E_UNSUPPORTED_VERSION_PACKET;
601 } 603 }
@@ -769,7 +771,8 @@ get_temp_recv_buffer (MHD_gtls_session_t session, MHD_gnutls_datum_t * tmp)
769 */ 771 */
770 session->internals.recv_buffer.data 772 session->internals.recv_buffer.data
771 = 773 =
772 MHD_gnutls_realloc (session->internals.recv_buffer.data, max_record_size); 774 MHD_gnutls_realloc (session->internals.recv_buffer.data,
775 max_record_size);
773 776
774 if (session->internals.recv_buffer.data == NULL) 777 if (session->internals.recv_buffer.data == NULL)
775 { 778 {
@@ -895,15 +898,14 @@ begin:
895 898
896 MHD__gnutls_record_log 899 MHD__gnutls_record_log
897 ("REC[%x]: Expected Packet[%d] %s(%d) with length: %d\n", session, 900 ("REC[%x]: Expected Packet[%d] %s(%d) with length: %d\n", session,
898 (int) MHD_gtls_uint64touint32 (&session->connection_state. 901 (int) MHD_gtls_uint64touint32 (&session->
899 read_sequence_number), 902 connection_state.read_sequence_number),
900 MHD__gnutls_packet2str (type), type, sizeofdata); 903 MHD__gnutls_packet2str (type), type, sizeofdata);
901 MHD__gnutls_record_log ("REC[%x]: Received Packet[%d] %s(%d) with length: %d\n", 904 MHD__gnutls_record_log
902 session, 905 ("REC[%x]: Received Packet[%d] %s(%d) with length: %d\n", session,
903 (int) 906 (int) MHD_gtls_uint64touint32 (&session->
904 MHD_gtls_uint64touint32 (&session->connection_state. 907 connection_state.read_sequence_number),
905 read_sequence_number), 908 MHD__gnutls_packet2str (recv_type), recv_type, length);
906 MHD__gnutls_packet2str (recv_type), recv_type, length);
907 909
908 if (length > MAX_RECV_SIZE) 910 if (length > MAX_RECV_SIZE)
909 { 911 {
@@ -978,8 +980,8 @@ begin:
978 980
979 MHD__gnutls_record_log 981 MHD__gnutls_record_log
980 ("REC[%x]: Decrypted Packet[%d] %s(%d) with length: %d\n", session, 982 ("REC[%x]: Decrypted Packet[%d] %s(%d) with length: %d\n", session,
981 (int) MHD_gtls_uint64touint32 (&session->connection_state. 983 (int) MHD_gtls_uint64touint32 (&session->
982 read_sequence_number), 984 connection_state.read_sequence_number),
983 MHD__gnutls_packet2str (recv_type), recv_type, decrypted_length); 985 MHD__gnutls_packet2str (recv_type), recv_type, decrypted_length);
984 986
985 /* increase sequence number 987 /* increase sequence number
@@ -1082,7 +1084,7 @@ begin:
1082 **/ 1084 **/
1083ssize_t 1085ssize_t
1084MHD__gnutls_record_send (MHD_gtls_session_t session, 1086MHD__gnutls_record_send (MHD_gtls_session_t session,
1085 const void *data, size_t sizeofdata) 1087 const void *data, size_t sizeofdata)
1086{ 1088{
1087 return MHD_gtls_send_int (session, GNUTLS_APPLICATION_DATA, -1, data, 1089 return MHD_gtls_send_int (session, GNUTLS_APPLICATION_DATA, -1, data,
1088 sizeofdata); 1090 sizeofdata);
@@ -1120,7 +1122,7 @@ MHD__gnutls_record_send (MHD_gtls_session_t session,
1120 **/ 1122 **/
1121ssize_t 1123ssize_t
1122MHD__gnutls_record_recv (MHD_gtls_session_t session, void *data, 1124MHD__gnutls_record_recv (MHD_gtls_session_t session, void *data,
1123 size_t sizeofdata) 1125 size_t sizeofdata)
1124{ 1126{
1125 return MHD_gtls_recv_int (session, GNUTLS_APPLICATION_DATA, -1, data, 1127 return MHD_gtls_recv_int (session, GNUTLS_APPLICATION_DATA, -1, data,
1126 sizeofdata); 1128 sizeofdata);
diff --git a/src/daemon/https/tls/gnutls_rsa_export.c b/src/daemon/https/tls/gnutls_rsa_export.c
index d48ee327..65f97c76 100644
--- a/src/daemon/https/tls/gnutls_rsa_export.c
+++ b/src/daemon/https/tls/gnutls_rsa_export.c
@@ -61,4 +61,3 @@ MHD__gnutls_rsa_params_deinit (MHD_gtls_rsa_params_t rsa_params)
61{ 61{
62 MHD_gnutls_x509_privkey_deinit (rsa_params); 62 MHD_gnutls_x509_privkey_deinit (rsa_params);
63} 63}
64
diff --git a/src/daemon/https/tls/gnutls_rsa_export.h b/src/daemon/https/tls/gnutls_rsa_export.h
index a34dfe9d..a28f4297 100644
--- a/src/daemon/https/tls/gnutls_rsa_export.h
+++ b/src/daemon/https/tls/gnutls_rsa_export.h
@@ -24,4 +24,3 @@
24 24
25const mpi_t *MHD__gnutls_rsa_params_to_mpi (MHD_gtls_rsa_params_t); 25const mpi_t *MHD__gnutls_rsa_params_to_mpi (MHD_gtls_rsa_params_t);
26int MHD__gnutls_peers_cert_less_512 (MHD_gtls_session_t session); 26int MHD__gnutls_peers_cert_less_512 (MHD_gtls_session_t session);
27
diff --git a/src/daemon/https/tls/gnutls_session.c b/src/daemon/https/tls/gnutls_session.c
index 81a56d5c..b7ba3764 100644
--- a/src/daemon/https/tls/gnutls_session.c
+++ b/src/daemon/https/tls/gnutls_session.c
@@ -69,4 +69,3 @@ MHD_gtls_session_get_id (MHD_gtls_session_t session,
69 69
70 return 0; 70 return 0;
71} 71}
72
diff --git a/src/daemon/https/tls/gnutls_session_pack.c b/src/daemon/https/tls/gnutls_session_pack.c
index 258cd9c2..ab359f6c 100644
--- a/src/daemon/https/tls/gnutls_session_pack.c
+++ b/src/daemon/https/tls/gnutls_session_pack.c
@@ -50,7 +50,8 @@ static int unpack_certificate_auth_info (MHD_gtls_session_t,
50 packed_session); 50 packed_session);
51 51
52static int unpack_security_parameters (MHD_gtls_session_t session, 52static int unpack_security_parameters (MHD_gtls_session_t session,
53 const MHD_gnutls_datum_t * packed_session); 53 const MHD_gnutls_datum_t *
54 packed_session);
54static int pack_security_parameters (MHD_gtls_session_t session, 55static int pack_security_parameters (MHD_gtls_session_t session,
55 MHD_gnutls_datum_t * packed_session); 56 MHD_gnutls_datum_t * packed_session);
56 57
@@ -180,7 +181,8 @@ unpack_anon_auth_info (MHD_gtls_session_t session,
180 181
181 size = MHD_gtls_read_uint32 (&packed_session->data[pos]); 182 size = MHD_gtls_read_uint32 (&packed_session->data[pos]);
182 pos += 4; 183 pos += 4;
183 ret = MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size); 184 ret =
185 MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size);
184 if (ret < 0) 186 if (ret < 0)
185 { 187 {
186 MHD_gnutls_assert (); 188 MHD_gnutls_assert ();
@@ -191,7 +193,8 @@ unpack_anon_auth_info (MHD_gtls_session_t session,
191 size = MHD_gtls_read_uint32 (&packed_session->data[pos]); 193 size = MHD_gtls_read_uint32 (&packed_session->data[pos]);
192 pos += 4; 194 pos += 4;
193 ret = 195 ret =
194 MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos], size); 196 MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos],
197 size);
195 if (ret < 0) 198 if (ret < 0)
196 { 199 {
197 MHD_gnutls_assert (); 200 MHD_gnutls_assert ();
@@ -203,7 +206,7 @@ unpack_anon_auth_info (MHD_gtls_session_t session,
203 pos += 4; 206 pos += 4;
204 ret = 207 ret =
205 MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos], 208 MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos],
206 size); 209 size);
207 if (ret < 0) 210 if (ret < 0)
208 { 211 {
209 MHD_gnutls_assert (); 212 MHD_gnutls_assert ();
@@ -534,7 +537,8 @@ unpack_certificate_auth_info (MHD_gtls_session_t session,
534 537
535 size = MHD_gtls_read_uint32 (&packed_session->data[pos]); 538 size = MHD_gtls_read_uint32 (&packed_session->data[pos]);
536 pos += 4; 539 pos += 4;
537 ret = MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size); 540 ret =
541 MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size);
538 if (ret < 0) 542 if (ret < 0)
539 { 543 {
540 MHD_gnutls_assert (); 544 MHD_gnutls_assert ();
@@ -545,7 +549,8 @@ unpack_certificate_auth_info (MHD_gtls_session_t session,
545 size = MHD_gtls_read_uint32 (&packed_session->data[pos]); 549 size = MHD_gtls_read_uint32 (&packed_session->data[pos]);
546 pos += 4; 550 pos += 4;
547 ret = 551 ret =
548 MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos], size); 552 MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos],
553 size);
549 if (ret < 0) 554 if (ret < 0)
550 { 555 {
551 MHD_gnutls_assert (); 556 MHD_gnutls_assert ();
@@ -557,7 +562,7 @@ unpack_certificate_auth_info (MHD_gtls_session_t session,
557 pos += 4; 562 pos += 4;
558 ret = 563 ret =
559 MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos], 564 MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos],
560 size); 565 size);
561 if (ret < 0) 566 if (ret < 0)
562 { 567 {
563 MHD_gnutls_assert (); 568 MHD_gnutls_assert ();
@@ -569,7 +574,7 @@ unpack_certificate_auth_info (MHD_gtls_session_t session,
569 pos += 4; 574 pos += 4;
570 ret = 575 ret =
571 MHD__gnutls_set_datum (&info->rsa_export.modulus, 576 MHD__gnutls_set_datum (&info->rsa_export.modulus,
572 &packed_session->data[pos], size); 577 &packed_session->data[pos], size);
573 if (ret < 0) 578 if (ret < 0)
574 { 579 {
575 MHD_gnutls_assert (); 580 MHD_gnutls_assert ();
@@ -581,7 +586,7 @@ unpack_certificate_auth_info (MHD_gtls_session_t session,
581 pos += 4; 586 pos += 4;
582 ret = 587 ret =
583 MHD__gnutls_set_datum (&info->rsa_export.exponent, 588 MHD__gnutls_set_datum (&info->rsa_export.exponent,
584 &packed_session->data[pos], size); 589 &packed_session->data[pos], size);
585 if (ret < 0) 590 if (ret < 0)
586 { 591 {
587 MHD_gnutls_assert (); 592 MHD_gnutls_assert ();
@@ -611,7 +616,7 @@ unpack_certificate_auth_info (MHD_gtls_session_t session,
611 616
612 ret = 617 ret =
613 MHD__gnutls_set_datum (&info->raw_certificate_list[i], 618 MHD__gnutls_set_datum (&info->raw_certificate_list[i],
614 &packed_session->data[pos], size); 619 &packed_session->data[pos], size);
615 pos += size; 620 pos += size;
616 621
617 if (ret < 0) 622 if (ret < 0)
@@ -881,7 +886,8 @@ unpack_psk_auth_info (MHD_gtls_session_t session,
881 886
882 size = MHD_gtls_read_uint32 (&packed_session->data[pos]); 887 size = MHD_gtls_read_uint32 (&packed_session->data[pos]);
883 pos += 4; 888 pos += 4;
884 ret = MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size); 889 ret =
890 MHD__gnutls_set_datum (&info->dh.prime, &packed_session->data[pos], size);
885 if (ret < 0) 891 if (ret < 0)
886 { 892 {
887 MHD_gnutls_assert (); 893 MHD_gnutls_assert ();
@@ -892,7 +898,8 @@ unpack_psk_auth_info (MHD_gtls_session_t session,
892 size = MHD_gtls_read_uint32 (&packed_session->data[pos]); 898 size = MHD_gtls_read_uint32 (&packed_session->data[pos]);
893 pos += 4; 899 pos += 4;
894 ret = 900 ret =
895 MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos], size); 901 MHD__gnutls_set_datum (&info->dh.generator, &packed_session->data[pos],
902 size);
896 if (ret < 0) 903 if (ret < 0)
897 { 904 {
898 MHD_gnutls_assert (); 905 MHD_gnutls_assert ();
@@ -904,7 +911,7 @@ unpack_psk_auth_info (MHD_gtls_session_t session,
904 pos += 4; 911 pos += 4;
905 ret = 912 ret =
906 MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos], 913 MHD__gnutls_set_datum (&info->dh.public_key, &packed_session->data[pos],
907 size); 914 size);
908 if (ret < 0) 915 if (ret < 0)
909 { 916 {
910 MHD_gnutls_assert (); 917 MHD_gnutls_assert ();
@@ -1045,8 +1052,9 @@ pack_security_parameters (MHD_gtls_session_t session,
1045 session->security_parameters.extensions.srp_username, len); 1052 session->security_parameters.extensions.srp_username, len);
1046 pos += len; 1053 pos += len;
1047 1054
1048 MHD_gtls_write_uint16 (session->security_parameters.extensions. 1055 MHD_gtls_write_uint16 (session->security_parameters.
1049 server_names_size, &packed_session->data[pos]); 1056 extensions.server_names_size,
1057 &packed_session->data[pos]);
1050 pos += 2; 1058 pos += 2;
1051 1059
1052 for (i = 0; i < session->security_parameters.extensions.server_names_size; 1060 for (i = 0; i < session->security_parameters.extensions.server_names_size;
@@ -1054,15 +1062,15 @@ pack_security_parameters (MHD_gtls_session_t session,
1054 { 1062 {
1055 packed_session->data[pos++] = 1063 packed_session->data[pos++] =
1056 session->security_parameters.extensions.server_names[i].type; 1064 session->security_parameters.extensions.server_names[i].type;
1057 MHD_gtls_write_uint16 (session->security_parameters.extensions. 1065 MHD_gtls_write_uint16 (session->security_parameters.
1058 server_names[i].name_length, 1066 extensions.server_names[i].name_length,
1059 &packed_session->data[pos]); 1067 &packed_session->data[pos]);
1060 pos += 2; 1068 pos += 2;
1061 1069
1062 memcpy (&packed_session->data[pos], 1070 memcpy (&packed_session->data[pos],
1063 session->security_parameters.extensions.server_names[i].name, 1071 session->security_parameters.extensions.server_names[i].name,
1064 session->security_parameters.extensions.server_names[i]. 1072 session->security_parameters.extensions.
1065 name_length); 1073 server_names[i].name_length);
1066 pos += 1074 pos +=
1067 session->security_parameters.extensions.server_names[i].name_length; 1075 session->security_parameters.extensions.server_names[i].name_length;
1068 } 1076 }
@@ -1121,10 +1129,10 @@ unpack_security_parameters (MHD_gtls_session_t session,
1121 packed_session->data[pos++]; 1129 packed_session->data[pos++];
1122 session->internals.resumed_security_parameters.write_compression_algorithm = 1130 session->internals.resumed_security_parameters.write_compression_algorithm =
1123 packed_session->data[pos++]; 1131 packed_session->data[pos++];
1124 session->internals.resumed_security_parameters.current_cipher_suite. 1132 session->internals.resumed_security_parameters.
1125 suite[0] = packed_session->data[pos++]; 1133 current_cipher_suite.suite[0] = packed_session->data[pos++];
1126 session->internals.resumed_security_parameters.current_cipher_suite. 1134 session->internals.resumed_security_parameters.
1127 suite[1] = packed_session->data[pos++]; 1135 current_cipher_suite.suite[1] = packed_session->data[pos++];
1128 1136
1129 session->internals.resumed_security_parameters.cert_type = 1137 session->internals.resumed_security_parameters.cert_type =
1130 packed_session->data[pos++]; 1138 packed_session->data[pos++];
@@ -1173,34 +1181,35 @@ unpack_security_parameters (MHD_gtls_session_t session,
1173 1181
1174 /* SRP */ 1182 /* SRP */
1175 len = packed_session->data[pos++]; /* srp username length */ 1183 len = packed_session->data[pos++]; /* srp username length */
1176 memcpy (session->internals.resumed_security_parameters.extensions. 1184 memcpy (session->internals.resumed_security_parameters.
1177 srp_username, &packed_session->data[pos], len); 1185 extensions.srp_username, &packed_session->data[pos], len);
1178 session->internals.resumed_security_parameters.extensions. 1186 session->internals.resumed_security_parameters.
1179 srp_username[len] = 0; 1187 extensions.srp_username[len] = 0;
1180 pos += len; 1188 pos += len;
1181 1189
1182 session->internals.resumed_security_parameters.extensions. 1190 session->internals.resumed_security_parameters.
1183 server_names_size = MHD_gtls_read_uint16 (&packed_session->data[pos]); 1191 extensions.server_names_size =
1192 MHD_gtls_read_uint16 (&packed_session->data[pos]);
1184 pos += 2; 1193 pos += 2;
1185 for (i = 0; 1194 for (i = 0;
1186 i < 1195 i <
1187 session->internals.resumed_security_parameters.extensions. 1196 session->internals.resumed_security_parameters.
1188 server_names_size; i++) 1197 extensions.server_names_size; i++)
1189 { 1198 {
1190 session->internals.resumed_security_parameters.extensions. 1199 session->internals.resumed_security_parameters.
1191 server_names[i].type = packed_session->data[pos++]; 1200 extensions.server_names[i].type = packed_session->data[pos++];
1192 session->internals.resumed_security_parameters.extensions. 1201 session->internals.resumed_security_parameters.
1193 server_names[i].name_length = 1202 extensions.server_names[i].name_length =
1194 MHD_gtls_read_uint16 (&packed_session->data[pos]); 1203 MHD_gtls_read_uint16 (&packed_session->data[pos]);
1195 pos += 2; 1204 pos += 2;
1196 1205
1197 memcpy (session->internals.resumed_security_parameters.extensions. 1206 memcpy (session->internals.resumed_security_parameters.
1198 server_names[i].name, &packed_session->data[pos], 1207 extensions.server_names[i].name, &packed_session->data[pos],
1199 session->internals.resumed_security_parameters.extensions. 1208 session->internals.resumed_security_parameters.
1200 server_names[i].name_length); 1209 extensions.server_names[i].name_length);
1201 pos += 1210 pos +=
1202 session->internals.resumed_security_parameters.extensions. 1211 session->internals.resumed_security_parameters.
1203 server_names[i].name_length; 1212 extensions.server_names[i].name_length;
1204 } 1213 }
1205 return 0; 1214 return 0;
1206} 1215}
diff --git a/src/daemon/https/tls/gnutls_sig.c b/src/daemon/https/tls/gnutls_sig.c
index 0309e588..fcd756b5 100644
--- a/src/daemon/https/tls/gnutls_sig.c
+++ b/src/daemon/https/tls/gnutls_sig.c
@@ -38,10 +38,10 @@
38#include <gnutls_kx.h> 38#include <gnutls_kx.h>
39 39
40static int MHD__gnutls_tls_sign (MHD_gtls_session_t session, 40static int MHD__gnutls_tls_sign (MHD_gtls_session_t session,
41 MHD_gnutls_cert * cert, 41 MHD_gnutls_cert * cert,
42 MHD_gnutls_privkey * pkey, 42 MHD_gnutls_privkey * pkey,
43 const MHD_gnutls_datum_t * hash_concat, 43 const MHD_gnutls_datum_t * hash_concat,
44 MHD_gnutls_datum_t * signature); 44 MHD_gnutls_datum_t * signature);
45 45
46/* Generates a signature of all the previous sent packets in the 46/* Generates a signature of all the previous sent packets in the
47 * handshake procedure. (20040227: now it works for SSL 3.0 as well) 47 * handshake procedure. (20040227: now it works for SSL 3.0 as well)
@@ -49,7 +49,8 @@ static int MHD__gnutls_tls_sign (MHD_gtls_session_t session,
49int 49int
50MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session, 50MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session,
51 MHD_gnutls_cert * cert, 51 MHD_gnutls_cert * cert,
52 MHD_gnutls_privkey * pkey, MHD_gnutls_datum_t * signature) 52 MHD_gnutls_privkey * pkey,
53 MHD_gnutls_datum_t * signature)
53{ 54{
54 MHD_gnutls_datum_t dconcat; 55 MHD_gnutls_datum_t dconcat;
55 int ret; 56 int ret;
@@ -75,8 +76,9 @@ MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session,
75 } 76 }
76 77
77 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16], 78 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16],
78 session->security_parameters. 79 session->
79 master_secret, TLS_MASTER_SIZE); 80 security_parameters.master_secret,
81 TLS_MASTER_SIZE);
80 } 82 }
81 else 83 else
82 MHD_gnutls_hash_deinit (td_sha, &concat[16]); 84 MHD_gnutls_hash_deinit (td_sha, &concat[16]);
@@ -94,8 +96,9 @@ MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session,
94 96
95 if (ver == MHD_GNUTLS_PROTOCOL_SSL3) 97 if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
96 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat, 98 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat,
97 session->security_parameters. 99 session->
98 master_secret, TLS_MASTER_SIZE); 100 security_parameters.master_secret,
101 TLS_MASTER_SIZE);
99 else 102 else
100 MHD_gnutls_hash_deinit (td_md5, concat); 103 MHD_gnutls_hash_deinit (td_md5, concat);
101 104
@@ -122,7 +125,8 @@ int
122MHD_gtls_tls_sign_params (MHD_gtls_session_t session, 125MHD_gtls_tls_sign_params (MHD_gtls_session_t session,
123 MHD_gnutls_cert * cert, 126 MHD_gnutls_cert * cert,
124 MHD_gnutls_privkey * pkey, 127 MHD_gnutls_privkey * pkey,
125 MHD_gnutls_datum_t * params, MHD_gnutls_datum_t * signature) 128 MHD_gnutls_datum_t * params,
129 MHD_gnutls_datum_t * signature)
126{ 130{
127 MHD_gnutls_datum_t dconcat; 131 MHD_gnutls_datum_t dconcat;
128 int ret; 132 int ret;
@@ -207,7 +211,8 @@ int
207MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo, 211MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo,
208 mpi_t * params, 212 mpi_t * params,
209 int params_size, 213 int params_size,
210 const MHD_gnutls_datum_t * data, MHD_gnutls_datum_t * signature) 214 const MHD_gnutls_datum_t * data,
215 MHD_gnutls_datum_t * signature)
211{ 216{
212 int ret; 217 int ret;
213 218
@@ -239,10 +244,10 @@ MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo,
239 */ 244 */
240static int 245static int
241MHD__gnutls_tls_sign (MHD_gtls_session_t session, 246MHD__gnutls_tls_sign (MHD_gtls_session_t session,
242 MHD_gnutls_cert * cert, 247 MHD_gnutls_cert * cert,
243 MHD_gnutls_privkey * pkey, 248 MHD_gnutls_privkey * pkey,
244 const MHD_gnutls_datum_t * hash_concat, 249 const MHD_gnutls_datum_t * hash_concat,
245 MHD_gnutls_datum_t * signature) 250 MHD_gnutls_datum_t * signature)
246{ 251{
247 252
248 /* If our certificate supports signing 253 /* If our certificate supports signing
@@ -263,8 +268,8 @@ MHD__gnutls_tls_sign (MHD_gtls_session_t session,
263 return GNUTLS_E_INSUFFICIENT_CREDENTIALS; 268 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
264 269
265 return (*session->internals.sign_func) (session, 270 return (*session->internals.sign_func) (session,
266 session->internals. 271 session->
267 sign_func_userdata, 272 internals.sign_func_userdata,
268 cert->cert_type, &cert->raw, 273 cert->cert_type, &cert->raw,
269 hash_concat, signature); 274 hash_concat, signature);
270 } 275 }
@@ -275,13 +280,13 @@ MHD__gnutls_tls_sign (MHD_gtls_session_t session,
275 280
276static int 281static int
277MHD__gnutls_verify_sig (MHD_gnutls_cert * cert, 282MHD__gnutls_verify_sig (MHD_gnutls_cert * cert,
278 const MHD_gnutls_datum_t * hash_concat, 283 const MHD_gnutls_datum_t * hash_concat,
279 MHD_gnutls_datum_t * signature, size_t sha1pos) 284 MHD_gnutls_datum_t * signature, size_t sha1pos)
280{ 285{
281 int ret; 286 int ret;
282 MHD_gnutls_datum_t vdata; 287 MHD_gnutls_datum_t vdata;
283 288
284 if ( (cert == NULL) || (cert->version == 0) ) 289 if ((cert == NULL) || (cert->version == 0))
285 { /* this is the only way to check 290 { /* this is the only way to check
286 * if it is initialized 291 * if it is initialized
287 */ 292 */
@@ -328,7 +333,8 @@ MHD__gnutls_verify_sig (MHD_gnutls_cert * cert,
328 */ 333 */
329int 334int
330MHD_gtls_verify_sig_hdata (MHD_gtls_session_t session, 335MHD_gtls_verify_sig_hdata (MHD_gtls_session_t session,
331 MHD_gnutls_cert * cert, MHD_gnutls_datum_t * signature) 336 MHD_gnutls_cert * cert,
337 MHD_gnutls_datum_t * signature)
332{ 338{
333 int ret; 339 int ret;
334 opaque concat[36]; 340 opaque concat[36];
@@ -362,11 +368,13 @@ MHD_gtls_verify_sig_hdata (MHD_gtls_session_t session,
362 } 368 }
363 369
364 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat, 370 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat,
365 session->security_parameters. 371 session->
366 master_secret, TLS_MASTER_SIZE); 372 security_parameters.master_secret,
373 TLS_MASTER_SIZE);
367 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16], 374 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16],
368 session->security_parameters. 375 session->
369 master_secret, TLS_MASTER_SIZE); 376 security_parameters.master_secret,
377 TLS_MASTER_SIZE);
370 } 378 }
371 else 379 else
372 { 380 {
diff --git a/src/daemon/https/tls/gnutls_sig.h b/src/daemon/https/tls/gnutls_sig.h
index 6259191d..19793020 100644
--- a/src/daemon/https/tls/gnutls_sig.h
+++ b/src/daemon/https/tls/gnutls_sig.h
@@ -47,6 +47,7 @@ int MHD_gtls_verify_sig_params (MHD_gtls_session_t session,
47 47
48int MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo, 48int MHD_gtls_sign (enum MHD_GNUTLS_PublicKeyAlgorithm algo,
49 mpi_t * params, int params_size, 49 mpi_t * params, int params_size,
50 const MHD_gnutls_datum_t * data, MHD_gnutls_datum_t * signature); 50 const MHD_gnutls_datum_t * data,
51 MHD_gnutls_datum_t * signature);
51 52
52#endif 53#endif
diff --git a/src/daemon/https/tls/gnutls_state.c b/src/daemon/https/tls/gnutls_state.c
index 49802b2e..4f4ea122 100644
--- a/src/daemon/https/tls/gnutls_state.c
+++ b/src/daemon/https/tls/gnutls_state.c
@@ -44,7 +44,7 @@
44 44
45void 45void
46MHD__gnutls_session_cert_type_set (MHD_gtls_session_t session, 46MHD__gnutls_session_cert_type_set (MHD_gtls_session_t session,
47 enum MHD_GNUTLS_CertificateType ct) 47 enum MHD_GNUTLS_CertificateType ct)
48{ 48{
49 session->security_parameters.cert_type = ct; 49 session->security_parameters.cert_type = ct;
50} 50}
@@ -236,7 +236,7 @@ MHD_gtls_handshake_internal_state_clear (MHD_gtls_session_t session)
236/* TODO rm redundent pointer ref */ 236/* TODO rm redundent pointer ref */
237int 237int
238MHD__gnutls_init (MHD_gtls_session_t * session, 238MHD__gnutls_init (MHD_gtls_session_t * session,
239 MHD_gnutls_connection_end_t con_end) 239 MHD_gnutls_connection_end_t con_end)
240{ 240{
241 *session = MHD_gnutls_calloc (1, sizeof (struct MHD_gtls_session_int)); 241 *session = MHD_gnutls_calloc (1, sizeof (struct MHD_gtls_session_int));
242 if (*session == NULL) 242 if (*session == NULL)
@@ -286,10 +286,10 @@ MHD__gnutls_init (MHD_gtls_session_t * session,
286 286
287 MHD__gnutls_dh_set_prime_bits ((*session), MIN_DH_BITS); 287 MHD__gnutls_dh_set_prime_bits ((*session), MIN_DH_BITS);
288 288
289 MHD__gnutls_transport_set_lowat ((*session), DEFAULT_LOWAT); /* the default for tcp */ 289 MHD__gnutls_transport_set_lowat ((*session), DEFAULT_LOWAT); /* the default for tcp */
290 290
291 MHD__gnutls_handshake_set_max_packet_length ((*session), 291 MHD__gnutls_handshake_set_max_packet_length ((*session),
292 MAX_HANDSHAKE_PACKET_SIZE); 292 MAX_HANDSHAKE_PACKET_SIZE);
293 293
294 /* Allocate a minimum size for recv_data 294 /* Allocate a minimum size for recv_data
295 * This is allocated in order to avoid small messages, making 295 * This is allocated in order to avoid small messages, making
@@ -612,7 +612,7 @@ MHD_gtls_dh_set_group (MHD_gtls_session_t session, mpi_t gen, mpi_t prime)
612 **/ 612 **/
613void 613void
614MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t session, 614MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t session,
615 int status) 615 int status)
616{ 616{
617 session->internals.ignore_rdn_sequence = status; 617 session->internals.ignore_rdn_sequence = status;
618} 618}
@@ -630,7 +630,8 @@ MHD__gnutls_certificate_send_x509_rdn_sequence (MHD_gtls_session_t session,
630 -*/ 630 -*/
631void 631void
632MHD__gnutls_record_set_default_version (MHD_gtls_session_t session, 632MHD__gnutls_record_set_default_version (MHD_gtls_session_t session,
633 unsigned char major, unsigned char minor) 633 unsigned char major,
634 unsigned char minor)
634{ 635{
635 session->internals.default_record_version[0] = major; 636 session->internals.default_record_version[0] = major;
636 session->internals.default_record_version[1] = minor; 637 session->internals.default_record_version[1] = minor;
@@ -661,9 +662,9 @@ MHD_gtls_handshake_set_private_extensions (MHD_gtls_session_t session,
661 662
662inline static int 663inline static int
663MHD__gnutls_cal_PRF_A (enum MHD_GNUTLS_HashAlgorithm algorithm, 664MHD__gnutls_cal_PRF_A (enum MHD_GNUTLS_HashAlgorithm algorithm,
664 const void *secret, 665 const void *secret,
665 int secret_size, 666 int secret_size,
666 const void *seed, int seed_size, void *result) 667 const void *seed, int seed_size, void *result)
667{ 668{
668 mac_hd_t td1; 669 mac_hd_t td1;
669 670
@@ -687,10 +688,10 @@ MHD__gnutls_cal_PRF_A (enum MHD_GNUTLS_HashAlgorithm algorithm,
687 */ 688 */
688static int 689static int
689MHD__gnutls_P_hash (enum MHD_GNUTLS_HashAlgorithm algorithm, 690MHD__gnutls_P_hash (enum MHD_GNUTLS_HashAlgorithm algorithm,
690 const opaque * secret, 691 const opaque * secret,
691 int secret_size, 692 int secret_size,
692 const opaque * seed, 693 const opaque * seed,
693 int seed_size, int total_bytes, opaque * ret) 694 int seed_size, int total_bytes, opaque * ret)
694{ 695{
695 696
696 mac_hd_t td2; 697 mac_hd_t td2;
@@ -730,8 +731,9 @@ MHD__gnutls_P_hash (enum MHD_GNUTLS_HashAlgorithm algorithm,
730 } 731 }
731 732
732 /* here we calculate A(i+1) */ 733 /* here we calculate A(i+1) */
733 if ((result = MHD__gnutls_cal_PRF_A (algorithm, secret, secret_size, Atmp, 734 if ((result =
734 A_size, Atmp)) < 0) 735 MHD__gnutls_cal_PRF_A (algorithm, secret, secret_size, Atmp,
736 A_size, Atmp)) < 0)
735 { 737 {
736 MHD_gnutls_assert (); 738 MHD_gnutls_assert ();
737 MHD_gnutls_MHD_hmac_deinit (td2, final); 739 MHD_gnutls_MHD_hmac_deinit (td2, final);
@@ -816,7 +818,7 @@ MHD_gtls_PRF (MHD_gtls_session_t session,
816 { 818 {
817 result = 819 result =
818 MHD__gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, secret, secret_size, s_seed, 820 MHD__gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, secret, secret_size, s_seed,
819 s_seed_size, total_bytes, ret); 821 s_seed_size, total_bytes, ret);
820 if (result < 0) 822 if (result < 0)
821 { 823 {
822 MHD_gnutls_assert (); 824 MHD_gnutls_assert ();
@@ -837,7 +839,7 @@ MHD_gtls_PRF (MHD_gtls_session_t session,
837 839
838 result = 840 result =
839 MHD__gnutls_P_hash (MHD_GNUTLS_MAC_MD5, s1, l_s, s_seed, s_seed_size, 841 MHD__gnutls_P_hash (MHD_GNUTLS_MAC_MD5, s1, l_s, s_seed, s_seed_size,
840 total_bytes, o1); 842 total_bytes, o1);
841 if (result < 0) 843 if (result < 0)
842 { 844 {
843 MHD_gnutls_assert (); 845 MHD_gnutls_assert ();
@@ -846,7 +848,7 @@ MHD_gtls_PRF (MHD_gtls_session_t session,
846 848
847 result = 849 result =
848 MHD__gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, s2, l_s, s_seed, s_seed_size, 850 MHD__gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, s2, l_s, s_seed, s_seed_size,
849 total_bytes, o2); 851 total_bytes, o2);
850 if (result < 0) 852 if (result < 0)
851 { 853 {
852 MHD_gnutls_assert (); 854 MHD_gnutls_assert ();
@@ -893,10 +895,10 @@ MHD_gtls_PRF (MHD_gtls_session_t session,
893 **/ 895 **/
894int 896int
895MHD__gnutls_prf_raw (MHD_gtls_session_t session, 897MHD__gnutls_prf_raw (MHD_gtls_session_t session,
896 size_t label_size, 898 size_t label_size,
897 const char *label, 899 const char *label,
898 size_t seed_size, const char *seed, size_t outsize, 900 size_t seed_size, const char *seed, size_t outsize,
899 char *out) 901 char *out)
900{ 902{
901 int ret; 903 int ret;
902 904
@@ -938,11 +940,11 @@ MHD__gnutls_prf_raw (MHD_gtls_session_t session,
938 **/ 940 **/
939int 941int
940MHD__gnutls_prf (MHD_gtls_session_t session, 942MHD__gnutls_prf (MHD_gtls_session_t session,
941 size_t label_size, 943 size_t label_size,
942 const char *label, 944 const char *label,
943 int server_random_first, 945 int server_random_first,
944 size_t extra_size, const char *extra, size_t outsize, 946 size_t extra_size, const char *extra, size_t outsize,
945 char *out) 947 char *out)
946{ 948{
947 int ret; 949 int ret;
948 opaque *seed; 950 opaque *seed;
@@ -1050,8 +1052,8 @@ MHD_gtls_session_is_resumed (MHD_gtls_session_t session)
1050 && session->security_parameters.session_id_size 1052 && session->security_parameters.session_id_size
1051 == session->internals.resumed_security_parameters.session_id_size 1053 == session->internals.resumed_security_parameters.session_id_size
1052 && memcmp (session->security_parameters.session_id, 1054 && memcmp (session->security_parameters.session_id,
1053 session->internals.resumed_security_parameters. 1055 session->internals.
1054 session_id, 1056 resumed_security_parameters.session_id,
1055 session->security_parameters.session_id_size) == 0) 1057 session->security_parameters.session_id_size) == 0)
1056 return 1; 1058 return 1;
1057 } 1059 }
@@ -1078,8 +1080,8 @@ MHD_gtls_session_is_export (MHD_gtls_session_t session)
1078 enum MHD_GNUTLS_CipherAlgorithm cipher; 1080 enum MHD_GNUTLS_CipherAlgorithm cipher;
1079 1081
1080 cipher = 1082 cipher =
1081 MHD_gtls_cipher_suite_get_cipher_algo (&session->security_parameters. 1083 MHD_gtls_cipher_suite_get_cipher_algo (&session->
1082 current_cipher_suite); 1084 security_parameters.current_cipher_suite);
1083 1085
1084 if (MHD_gtls_cipher_get_export_flag (cipher) != 0) 1086 if (MHD_gtls_cipher_get_export_flag (cipher) != 0)
1085 return 1; 1087 return 1;
@@ -1151,7 +1153,7 @@ MHD__gnutls_record_get_direction (MHD_gtls_session_t session)
1151 -*/ 1153 -*/
1152void 1154void
1153MHD__gnutls_rsa_pms_set_version (MHD_gtls_session_t session, 1155MHD__gnutls_rsa_pms_set_version (MHD_gtls_session_t session,
1154 unsigned char major, unsigned char minor) 1156 unsigned char major, unsigned char minor)
1155{ 1157{
1156 session->internals.rsa_pms_version[0] = major; 1158 session->internals.rsa_pms_version[0] = major;
1157 session->internals.rsa_pms_version[1] = minor; 1159 session->internals.rsa_pms_version[1] = minor;
@@ -1181,9 +1183,9 @@ MHD__gnutls_rsa_pms_set_version (MHD_gtls_session_t session,
1181 **/ 1183 **/
1182void 1184void
1183MHD__gnutls_handshake_set_post_client_hello_function (MHD_gtls_session_t 1185MHD__gnutls_handshake_set_post_client_hello_function (MHD_gtls_session_t
1184 session, 1186 session,
1185 MHD_gnutls_handshake_post_client_hello_func 1187 MHD_gnutls_handshake_post_client_hello_func
1186 func) 1188 func)
1187{ 1189{
1188 session->internals.user_hello_func = func; 1190 session->internals.user_hello_func = func;
1189} 1191}
diff --git a/src/daemon/https/tls/gnutls_state.h b/src/daemon/https/tls/gnutls_state.h
index 34aeda93..a6ff5892 100644
--- a/src/daemon/https/tls/gnutls_state.h
+++ b/src/daemon/https/tls/gnutls_state.h
@@ -28,11 +28,11 @@
28#include <gnutls_int.h> 28#include <gnutls_int.h>
29 29
30void MHD__gnutls_session_cert_type_set (MHD_gtls_session_t session, 30void MHD__gnutls_session_cert_type_set (MHD_gtls_session_t session,
31 enum MHD_GNUTLS_CertificateType); 31 enum MHD_GNUTLS_CertificateType);
32enum MHD_GNUTLS_KeyExchangeAlgorithm MHD_gnutls_kx_get (MHD_gtls_session_t 32enum MHD_GNUTLS_KeyExchangeAlgorithm MHD_gnutls_kx_get (MHD_gtls_session_t
33 session); 33 session);
34enum MHD_GNUTLS_CipherAlgorithm MHD_gnutls_cipher_get (MHD_gtls_session_t 34enum MHD_GNUTLS_CipherAlgorithm MHD_gnutls_cipher_get (MHD_gtls_session_t
35 session); 35 session);
36enum MHD_GNUTLS_CertificateType 36enum MHD_GNUTLS_CertificateType
37MHD_gnutls_certificate_type_get (MHD_gtls_session_t); 37MHD_gnutls_certificate_type_get (MHD_gtls_session_t);
38 38
@@ -72,6 +72,6 @@ int MHD_gtls_PRF (MHD_gtls_session_t session,
72 int total_bytes, void *ret); 72 int total_bytes, void *ret);
73 73
74int MHD__gnutls_init (MHD_gtls_session_t * session, 74int MHD__gnutls_init (MHD_gtls_session_t * session,
75 MHD_gnutls_connection_end_t con_end); 75 MHD_gnutls_connection_end_t con_end);
76 76
77#define DEFAULT_CERT_TYPE MHD_GNUTLS_CRT_X509 77#define DEFAULT_CERT_TYPE MHD_GNUTLS_CRT_X509
diff --git a/src/daemon/https/tls/gnutls_str.h b/src/daemon/https/tls/gnutls_str.h
index bedee1df..befa957e 100644
--- a/src/daemon/https/tls/gnutls_str.h
+++ b/src/daemon/https/tls/gnutls_str.h
@@ -43,7 +43,8 @@ typedef struct
43} MHD_gtls_string; 43} MHD_gtls_string;
44 44
45void MHD_gtls_string_init (MHD_gtls_string *, MHD_gnutls_alloc_function, 45void MHD_gtls_string_init (MHD_gtls_string *, MHD_gnutls_alloc_function,
46 MHD_gnutls_realloc_function, MHD_gnutls_free_function); 46 MHD_gnutls_realloc_function,
47 MHD_gnutls_free_function);
47void MHD_gtls_string_clear (MHD_gtls_string *); 48void MHD_gtls_string_clear (MHD_gtls_string *);
48 49
49/* Beware, do not clear the string, after calling this 50/* Beware, do not clear the string, after calling this
diff --git a/src/daemon/https/tls/gnutls_supplemental.c b/src/daemon/https/tls/gnutls_supplemental.c
index 7b265031..0419917c 100644
--- a/src/daemon/https/tls/gnutls_supplemental.c
+++ b/src/daemon/https/tls/gnutls_supplemental.c
@@ -68,7 +68,8 @@ MHD_gnutls_supplemental_entry MHD__gnutls_supplemental[] = {
68}; 68};
69 69
70const char * 70const char *
71MHD_gtls_supplemental_get_name (MHD_gnutls_supplemental_data_format_type_t type) 71MHD_gtls_supplemental_get_name (MHD_gnutls_supplemental_data_format_type_t
72 type)
72{ 73{
73 MHD_gnutls_supplemental_entry *p; 74 MHD_gnutls_supplemental_entry *p;
74 75
@@ -92,7 +93,8 @@ get_supp_func_recv (MHD_gnutls_supplemental_data_format_type_t type)
92} 93}
93 94
94int 95int
95MHD__gnutls_gen_supplemental (MHD_gtls_session_t session, MHD_gtls_buffer * buf) 96MHD__gnutls_gen_supplemental (MHD_gtls_session_t session,
97 MHD_gtls_buffer * buf)
96{ 98{
97 MHD_gnutls_supplemental_entry *p; 99 MHD_gnutls_supplemental_entry *p;
98 int ret; 100 int ret;
@@ -143,14 +145,14 @@ MHD__gnutls_gen_supplemental (MHD_gtls_session_t session, MHD_gtls_buffer * buf)
143 buf->data[2] = (buf->length - 3) & 0xFF; 145 buf->data[2] = (buf->length - 3) & 0xFF;
144 146
145 MHD__gnutls_debug_log ("EXT[%x]: Sending %d bytes of supplemental data\n", 147 MHD__gnutls_debug_log ("EXT[%x]: Sending %d bytes of supplemental data\n",
146 session, buf->length); 148 session, buf->length);
147 149
148 return buf->length; 150 return buf->length;
149} 151}
150 152
151int 153int
152MHD__gnutls_parse_supplemental (MHD_gtls_session_t session, 154MHD__gnutls_parse_supplemental (MHD_gtls_session_t session,
153 const uint8_t * data, int datalen) 155 const uint8_t * data, int datalen)
154{ 156{
155 const opaque *p = data; 157 const opaque *p = data;
156 ssize_t dsize = datalen; 158 ssize_t dsize = datalen;
@@ -180,8 +182,9 @@ MHD__gnutls_parse_supplemental (MHD_gtls_session_t session,
180 supp_data_length = MHD_gtls_read_uint16 (p); 182 supp_data_length = MHD_gtls_read_uint16 (p);
181 p += 2; 183 p += 2;
182 184
183 MHD__gnutls_debug_log ("EXT[%x]: Got supplemental type=%02x length=%d\n", 185 MHD__gnutls_debug_log
184 session, supp_data_type, supp_data_length); 186 ("EXT[%x]: Got supplemental type=%02x length=%d\n", session,
187 supp_data_type, supp_data_length);
185 188
186 recv_func = get_supp_func_recv (supp_data_type); 189 recv_func = get_supp_func_recv (supp_data_type);
187 if (recv_func) 190 if (recv_func)
diff --git a/src/daemon/https/tls/gnutls_supplemental.h b/src/daemon/https/tls/gnutls_supplemental.h
index a215ab56..b7ad0c29 100644
--- a/src/daemon/https/tls/gnutls_supplemental.h
+++ b/src/daemon/https/tls/gnutls_supplemental.h
@@ -25,6 +25,6 @@
25#include <gnutls_int.h> 25#include <gnutls_int.h>
26 26
27int MHD__gnutls_parse_supplemental (MHD_gtls_session_t session, 27int MHD__gnutls_parse_supplemental (MHD_gtls_session_t session,
28 const uint8_t * data, int data_size); 28 const uint8_t * data, int data_size);
29int MHD__gnutls_gen_supplemental (MHD_gtls_session_t session, 29int MHD__gnutls_gen_supplemental (MHD_gtls_session_t session,
30 MHD_gtls_buffer * buf); 30 MHD_gtls_buffer * buf);
diff --git a/src/daemon/https/tls/gnutls_ui.c b/src/daemon/https/tls/gnutls_ui.c
index 7709b2b7..a2594332 100644
--- a/src/daemon/https/tls/gnutls_ui.c
+++ b/src/daemon/https/tls/gnutls_ui.c
@@ -74,7 +74,8 @@ MHD__gnutls_dh_set_prime_bits (MHD_gtls_session_t session, unsigned int bits)
74 **/ 74 **/
75int 75int
76MHD__gnutls_dh_get_group (MHD_gtls_session_t session, 76MHD__gnutls_dh_get_group (MHD_gtls_session_t session,
77 MHD_gnutls_datum_t * raw_gen, MHD_gnutls_datum_t * raw_prime) 77 MHD_gnutls_datum_t * raw_gen,
78 MHD_gnutls_datum_t * raw_prime)
78{ 79{
79 MHD_gtls_dh_info_st *dh; 80 MHD_gtls_dh_info_st *dh;
80 int ret; 81 int ret;
@@ -107,7 +108,8 @@ MHD__gnutls_dh_get_group (MHD_gtls_session_t session,
107 return ret; 108 return ret;
108 } 109 }
109 110
110 ret = MHD__gnutls_set_datum (raw_gen, dh->generator.data, dh->generator.size); 111 ret =
112 MHD__gnutls_set_datum (raw_gen, dh->generator.data, dh->generator.size);
111 if (ret < 0) 113 if (ret < 0)
112 { 114 {
113 MHD_gnutls_assert (); 115 MHD_gnutls_assert ();
@@ -132,7 +134,7 @@ MHD__gnutls_dh_get_group (MHD_gtls_session_t session,
132 **/ 134 **/
133int 135int
134MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session, 136MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session,
135 MHD_gnutls_datum_t * raw_key) 137 MHD_gnutls_datum_t * raw_key)
136{ 138{
137 MHD_gtls_dh_info_st *dh; 139 MHD_gtls_dh_info_st *dh;
138 mhd_anon_auth_info_t anon_info; 140 mhd_anon_auth_info_t anon_info;
@@ -172,7 +174,7 @@ MHD__gnutls_dh_get_pubkey (MHD_gtls_session_t session,
172 } 174 }
173 175
174 return MHD__gnutls_set_datum (raw_key, dh->public_key.data, 176 return MHD__gnutls_set_datum (raw_key, dh->public_key.data,
175 dh->public_key.size); 177 dh->public_key.size);
176} 178}
177 179
178/** 180/**
@@ -203,7 +205,7 @@ MHD_gtls_rsa_export_get_pubkey (MHD_gtls_session_t session,
203 return GNUTLS_E_INTERNAL_ERROR; 205 return GNUTLS_E_INTERNAL_ERROR;
204 206
205 ret = MHD__gnutls_set_datum (modulus, info->rsa_export.modulus.data, 207 ret = MHD__gnutls_set_datum (modulus, info->rsa_export.modulus.data,
206 info->rsa_export.modulus.size); 208 info->rsa_export.modulus.size);
207 if (ret < 0) 209 if (ret < 0)
208 { 210 {
209 MHD_gnutls_assert (); 211 MHD_gnutls_assert ();
@@ -211,7 +213,7 @@ MHD_gtls_rsa_export_get_pubkey (MHD_gtls_session_t session,
211 } 213 }
212 214
213 ret = MHD__gnutls_set_datum (exponent, info->rsa_export.exponent.data, 215 ret = MHD__gnutls_set_datum (exponent, info->rsa_export.exponent.data,
214 info->rsa_export.exponent.size); 216 info->rsa_export.exponent.size);
215 if (ret < 0) 217 if (ret < 0)
216 { 218 {
217 MHD_gnutls_assert (); 219 MHD_gnutls_assert ();
@@ -491,8 +493,8 @@ MHD_gtls_certificate_client_get_request_status (MHD_gtls_session_t session)
491 **/ 493 **/
492int 494int
493MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo, 495MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo,
494 const MHD_gnutls_datum_t * data, 496 const MHD_gnutls_datum_t * data,
495 void *result, size_t * result_size) 497 void *result, size_t * result_size)
496{ 498{
497 GNUTLS_HASH_HANDLE td; 499 GNUTLS_HASH_HANDLE td;
498 int hash_len = MHD_gnutls_hash_get_algo_len (HASH2MAC (algo)); 500 int hash_len = MHD_gnutls_hash_get_algo_len (HASH2MAC (algo));
@@ -533,7 +535,7 @@ MHD__gnutls_fingerprint (enum MHD_GNUTLS_HashAlgorithm algo,
533 **/ 535 **/
534void 536void
535MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res, 537MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res,
536 MHD_gtls_dh_params_t dh_params) 538 MHD_gtls_dh_params_t dh_params)
537{ 539{
538 res->dh_params = dh_params; 540 res->dh_params = dh_params;
539} 541}
@@ -550,7 +552,7 @@ MHD__gnutls_certificate_set_dh_params (MHD_gtls_cert_credentials_t res,
550 **/ 552 **/
551void 553void
552MHD_gnutls_certificate_set_params_function (MHD_gtls_cert_credentials_t res, 554MHD_gnutls_certificate_set_params_function (MHD_gtls_cert_credentials_t res,
553 MHD_gnutls_params_function * func) 555 MHD_gnutls_params_function * func)
554{ 556{
555 res->params_func = func; 557 res->params_func = func;
556} 558}
@@ -567,7 +569,7 @@ MHD_gnutls_certificate_set_params_function (MHD_gtls_cert_credentials_t res,
567 **/ 569 **/
568void 570void
569MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t 571MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t
570 res, unsigned int flags) 572 res, unsigned int flags)
571{ 573{
572 res->verify_flags = flags; 574 res->verify_flags = flags;
573} 575}
@@ -585,9 +587,9 @@ MHD__gnutls_certificate_set_verify_flags (MHD_gtls_cert_credentials_t
585 **/ 587 **/
586void 588void
587MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t 589MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t
588 res, 590 res,
589 unsigned int max_bits, 591 unsigned int max_bits,
590 unsigned int max_depth) 592 unsigned int max_depth)
591{ 593{
592 res->verify_depth = max_depth; 594 res->verify_depth = max_depth;
593 res->verify_bits = max_bits; 595 res->verify_bits = max_bits;
@@ -605,9 +607,9 @@ MHD__gnutls_certificate_set_verify_limits (MHD_gtls_cert_credentials_t
605 **/ 607 **/
606void 608void
607MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t 609MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t
608 res, 610 res,
609 MHD_gtls_rsa_params_t 611 MHD_gtls_rsa_params_t
610 rsa_params) 612 rsa_params)
611{ 613{
612 res->rsa_params = rsa_params; 614 res->rsa_params = rsa_params;
613} 615}
@@ -624,7 +626,7 @@ MHD__gnutls_certificate_set_rsa_export_params (MHD_gtls_cert_credentials_t
624 **/ 626 **/
625void 627void
626MHD_gnutls_anon_set_params_function (MHD_gtls_anon_server_credentials_t res, 628MHD_gnutls_anon_set_params_function (MHD_gtls_anon_server_credentials_t res,
627 MHD_gnutls_params_function * func) 629 MHD_gnutls_params_function * func)
628{ 630{
629 res->params_func = func; 631 res->params_func = func;
630} 632}
diff --git a/src/daemon/https/tls/gnutls_x509.c b/src/daemon/https/tls/gnutls_x509.c
index 503bea9b..06ee8635 100644
--- a/src/daemon/https/tls/gnutls_x509.c
+++ b/src/daemon/https/tls/gnutls_x509.c
@@ -103,7 +103,7 @@ check_bits (MHD_gnutls_x509_crt_t crt, unsigned int max_bits)
103 -*/ 103 -*/
104int 104int
105MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, 105MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session,
106 unsigned int *status) 106 unsigned int *status)
107{ 107{
108 cert_auth_info_t info; 108 cert_auth_info_t info;
109 MHD_gtls_cert_credentials_t cred; 109 MHD_gtls_cert_credentials_t cred;
@@ -142,7 +142,8 @@ MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session,
142 peer_certificate_list_size = info->ncerts; 142 peer_certificate_list_size = info->ncerts;
143 peer_certificate_list = 143 peer_certificate_list =
144 MHD_gnutls_calloc (1, 144 MHD_gnutls_calloc (1,
145 peer_certificate_list_size * sizeof (MHD_gnutls_x509_crt_t)); 145 peer_certificate_list_size *
146 sizeof (MHD_gnutls_x509_crt_t));
146 if (peer_certificate_list == NULL) 147 if (peer_certificate_list == NULL)
147 { 148 {
148 MHD_gnutls_assert (); 149 MHD_gnutls_assert ();
@@ -161,8 +162,8 @@ MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session,
161 162
162 ret = 163 ret =
163 MHD_gnutls_x509_crt_import (peer_certificate_list[i], 164 MHD_gnutls_x509_crt_import (peer_certificate_list[i],
164 &info->raw_certificate_list[i], 165 &info->raw_certificate_list[i],
165 GNUTLS_X509_FMT_DER); 166 GNUTLS_X509_FMT_DER);
166 if (ret < 0) 167 if (ret < 0)
167 { 168 {
168 MHD_gnutls_assert (); 169 MHD_gnutls_assert ();
@@ -184,10 +185,10 @@ MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session,
184 */ 185 */
185 ret = 186 ret =
186 MHD_gnutls_x509_crt_list_verify (peer_certificate_list, 187 MHD_gnutls_x509_crt_list_verify (peer_certificate_list,
187 peer_certificate_list_size, 188 peer_certificate_list_size,
188 cred->x509_ca_list, cred->x509_ncas, 189 cred->x509_ca_list, cred->x509_ncas,
189 cred->x509_crl_list, cred->x509_ncrls, 190 cred->x509_crl_list, cred->x509_ncrls,
190 cred->verify_flags, status); 191 cred->verify_flags, status);
191 192
192 CLEAR_CERTS; 193 CLEAR_CERTS;
193 194
@@ -221,13 +222,14 @@ MHD__gnutls_check_key_cert_match (MHD_gtls_cert_credentials_t res)
221 } 222 }
222 223
223 MHD__gnutls_x509_write_rsa_params (res->pkey[res->ncerts - 1].params, 224 MHD__gnutls_x509_write_rsa_params (res->pkey[res->ncerts - 1].params,
224 res->pkey[res->ncerts - 225 res->pkey[res->ncerts -
225 1].params_size, &kid); 226 1].params_size, &kid);
226 227
227 228
228 MHD__gnutls_x509_write_rsa_params (res->cert_list[res->ncerts - 1][0].params, 229 MHD__gnutls_x509_write_rsa_params (res->cert_list[res->ncerts - 1][0].
229 res->cert_list[res->ncerts - 230 params,
230 1][0].params_size, &cid); 231 res->cert_list[res->ncerts -
232 1][0].params_size, &cid);
231 233
232 if (cid.size != kid.size) 234 if (cid.size != kid.size)
233 { 235 {
@@ -265,7 +267,7 @@ parse_crt_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts,
265 267
266 *cert_list = 268 *cert_list =
267 (MHD_gnutls_cert *) MHD_gtls_realloc_fast (*cert_list, 269 (MHD_gnutls_cert *) MHD_gtls_realloc_fast (*cert_list,
268 i * sizeof (MHD_gnutls_cert)); 270 i * sizeof (MHD_gnutls_cert));
269 271
270 if (*cert_list == NULL) 272 if (*cert_list == NULL)
271 { 273 {
@@ -286,7 +288,7 @@ parse_crt_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts,
286} 288}
287 289
288/* Reads a DER encoded certificate list from memory and stores it to 290/* Reads a DER encoded certificate list from memory and stores it to
289 * a MHD_gnutls_cert structure. 291 * a MHD_gnutls_cert structure.
290 * Returns the number of certificates parsed. 292 * Returns the number of certificates parsed.
291 */ 293 */
292static int 294static int
@@ -355,7 +357,9 @@ parse_pem_cert_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts,
355 do 357 do
356 { 358 {
357 359
358 siz2 = MHD__gnutls_fbase64_decode (NULL, (const unsigned char*) ptr, size, &ptr2); 360 siz2 =
361 MHD__gnutls_fbase64_decode (NULL, (const unsigned char *) ptr, size,
362 &ptr2);
359 363
360 if (siz2 < 0) 364 if (siz2 < 0)
361 { 365 {
@@ -365,7 +369,8 @@ parse_pem_cert_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts,
365 369
366 *cert_list = 370 *cert_list =
367 (MHD_gnutls_cert *) MHD_gtls_realloc_fast (*cert_list, 371 (MHD_gnutls_cert *) MHD_gtls_realloc_fast (*cert_list,
368 i * sizeof (MHD_gnutls_cert)); 372 i *
373 sizeof (MHD_gnutls_cert));
369 374
370 if (*cert_list == NULL) 375 if (*cert_list == NULL)
371 { 376 {
@@ -382,7 +387,7 @@ parse_pem_cert_mem (MHD_gnutls_cert ** cert_list, unsigned *ncerts,
382 MHD_gnutls_assert (); 387 MHD_gnutls_assert ();
383 return ret; 388 return ret;
384 } 389 }
385 MHD__gnutls_free_datum (&tmp); /* free ptr2 */ 390 MHD__gnutls_free_datum (&tmp); /* free ptr2 */
386 391
387 /* now we move ptr after the pem header 392 /* now we move ptr after the pem header
388 */ 393 */
@@ -453,8 +458,8 @@ read_cert_mem (MHD_gtls_cert_credentials_t res, const void *cert,
453 458
454 if (type == GNUTLS_X509_FMT_DER) 459 if (type == GNUTLS_X509_FMT_DER)
455 ret = parse_der_cert_mem (&res->cert_list[res->ncerts], 460 ret = parse_der_cert_mem (&res->cert_list[res->ncerts],
456 &res->cert_list_length[res->ncerts], 461 &res->cert_list_length[res->ncerts],
457 cert, cert_size); 462 cert, cert_size);
458 else 463 else
459 ret = 464 ret =
460 parse_pem_cert_mem (&res->cert_list[res->ncerts], 465 parse_pem_cert_mem (&res->cert_list[res->ncerts],
@@ -473,7 +478,7 @@ read_cert_mem (MHD_gtls_cert_credentials_t res, const void *cert,
473 478
474int 479int
475MHD__gnutls_x509_privkey_to_gkey (MHD_gnutls_privkey * dest, 480MHD__gnutls_x509_privkey_to_gkey (MHD_gnutls_privkey * dest,
476 MHD_gnutls_x509_privkey_t src) 481 MHD_gnutls_x509_privkey_t src)
477{ 482{
478 int i, ret; 483 int i, ret;
479 484
@@ -519,8 +524,8 @@ MHD_gtls_gkey_deinit (MHD_gnutls_privkey * key)
519 524
520int 525int
521MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey, 526MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey,
522 const MHD_gnutls_datum_t * raw_key, 527 const MHD_gnutls_datum_t * raw_key,
523 MHD_gnutls_x509_crt_fmt_t type) 528 MHD_gnutls_x509_crt_fmt_t type)
524{ 529{
525 MHD_gnutls_x509_privkey_t tmpkey; 530 MHD_gnutls_x509_privkey_t tmpkey;
526 int ret; 531 int ret;
@@ -539,7 +544,7 @@ MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey,
539 if (ret < 0) 544 if (ret < 0)
540 ret = 545 ret =
541 MHD_gnutls_x509_privkey_import_pkcs8 (tmpkey, raw_key, type, NULL, 546 MHD_gnutls_x509_privkey_import_pkcs8 (tmpkey, raw_key, type, NULL,
542 GNUTLS_PKCS_PLAIN); 547 GNUTLS_PKCS_PLAIN);
543#endif 548#endif
544 549
545 if (ret < 0) 550 if (ret < 0)
@@ -591,7 +596,7 @@ read_key_mem (MHD_gtls_cert_credentials_t res,
591 596
592 ret = 597 ret =
593 MHD__gnutls_x509_raw_privkey_to_gkey (&res->pkey[res->ncerts], &tmp, 598 MHD__gnutls_x509_raw_privkey_to_gkey (&res->pkey[res->ncerts], &tmp,
594 type); 599 type);
595 if (ret < 0) 600 if (ret < 0)
596 { 601 {
597 MHD_gnutls_assert (); 602 MHD_gnutls_assert ();
@@ -636,9 +641,10 @@ read_key_mem (MHD_gtls_cert_credentials_t res,
636 **/ 641 **/
637int 642int
638MHD__gnutls_certificate_set_x509_key_mem (MHD_gtls_cert_credentials_t 643MHD__gnutls_certificate_set_x509_key_mem (MHD_gtls_cert_credentials_t
639 res, const MHD_gnutls_datum_t * cert, 644 res,
640 const MHD_gnutls_datum_t * key, 645 const MHD_gnutls_datum_t * cert,
641 MHD_gnutls_x509_crt_fmt_t type) 646 const MHD_gnutls_datum_t * key,
647 MHD_gnutls_x509_crt_fmt_t type)
642{ 648{
643 int ret; 649 int ret;
644 650
@@ -684,7 +690,8 @@ generate_rdn_seq (MHD_gtls_cert_credentials_t res)
684 size = 0; 690 size = 0;
685 for (i = 0; i < res->x509_ncas; i++) 691 for (i = 0; i < res->x509_ncas; i++)
686 { 692 {
687 if ((ret = MHD_gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0) 693 if ((ret =
694 MHD_gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0)
688 { 695 {
689 MHD_gnutls_assert (); 696 MHD_gnutls_assert ();
690 return ret; 697 return ret;
@@ -708,7 +715,8 @@ generate_rdn_seq (MHD_gtls_cert_credentials_t res)
708 715
709 for (i = 0; i < res->x509_ncas; i++) 716 for (i = 0; i < res->x509_ncas; i++)
710 { 717 {
711 if ((ret = MHD_gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0) 718 if ((ret =
719 MHD_gnutls_x509_crt_get_raw_dn (res->x509_ca_list[i], &tmp)) < 0)
712 { 720 {
713 MHD__gnutls_free_datum (&res->x509_rdn_sequence); 721 MHD__gnutls_free_datum (&res->x509_rdn_sequence);
714 MHD_gnutls_assert (); 722 MHD_gnutls_assert ();
@@ -728,7 +736,7 @@ generate_rdn_seq (MHD_gtls_cert_credentials_t res)
728 */ 736 */
729int 737int
730MHD__gnutls_check_key_usage (const MHD_gnutls_cert * cert, 738MHD__gnutls_check_key_usage (const MHD_gnutls_cert * cert,
731 enum MHD_GNUTLS_KeyExchangeAlgorithm alg) 739 enum MHD_GNUTLS_KeyExchangeAlgorithm alg)
732{ 740{
733 unsigned int key_usage = 0; 741 unsigned int key_usage = 0;
734 int encipher_type; 742 int encipher_type;
@@ -814,9 +822,9 @@ parse_pem_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts,
814 822
815 *cert_list = 823 *cert_list =
816 (MHD_gnutls_x509_crt_t *) MHD_gtls_realloc_fast (*cert_list, 824 (MHD_gnutls_x509_crt_t *) MHD_gtls_realloc_fast (*cert_list,
817 i * 825 i *
818 sizeof 826 sizeof
819 (MHD_gnutls_x509_crt_t)); 827 (MHD_gnutls_x509_crt_t));
820 828
821 if (*cert_list == NULL) 829 if (*cert_list == NULL)
822 { 830 {
@@ -836,7 +844,7 @@ parse_pem_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts,
836 844
837 ret = 845 ret =
838 MHD_gnutls_x509_crt_import (cert_list[0][i - 1], 846 MHD_gnutls_x509_crt_import (cert_list[0][i - 1],
839 &tmp, GNUTLS_X509_FMT_PEM); 847 &tmp, GNUTLS_X509_FMT_PEM);
840 if (ret < 0) 848 if (ret < 0)
841 { 849 {
842 MHD_gnutls_assert (); 850 MHD_gnutls_assert ();
@@ -892,8 +900,9 @@ parse_der_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts,
892 900
893 *cert_list = 901 *cert_list =
894 (MHD_gnutls_x509_crt_t *) MHD_gtls_realloc_fast (*cert_list, 902 (MHD_gnutls_x509_crt_t *) MHD_gtls_realloc_fast (*cert_list,
895 i * 903 i *
896 sizeof (MHD_gnutls_x509_crt_t)); 904 sizeof
905 (MHD_gnutls_x509_crt_t));
897 906
898 if (*cert_list == NULL) 907 if (*cert_list == NULL)
899 { 908 {
@@ -912,7 +921,8 @@ parse_der_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts,
912 } 921 }
913 922
914 ret = 923 ret =
915 MHD_gnutls_x509_crt_import (cert_list[0][i - 1], &tmp, GNUTLS_X509_FMT_DER); 924 MHD_gnutls_x509_crt_import (cert_list[0][i - 1], &tmp,
925 GNUTLS_X509_FMT_DER);
916 if (ret < 0) 926 if (ret < 0)
917 { 927 {
918 MHD_gnutls_assert (); 928 MHD_gnutls_assert ();
@@ -945,8 +955,9 @@ parse_der_ca_mem (MHD_gnutls_x509_crt_t ** cert_list, unsigned *ncerts,
945 **/ 955 **/
946int 956int
947MHD__gnutls_certificate_set_x509_trust_mem (MHD_gtls_cert_credentials_t 957MHD__gnutls_certificate_set_x509_trust_mem (MHD_gtls_cert_credentials_t
948 res, const MHD_gnutls_datum_t * ca, 958 res,
949 MHD_gnutls_x509_crt_fmt_t type) 959 const MHD_gnutls_datum_t * ca,
960 MHD_gnutls_x509_crt_fmt_t type)
950{ 961{
951 int ret, ret2; 962 int ret, ret2;
952 963
@@ -994,9 +1005,9 @@ parse_pem_crl_mem (MHD_gnutls_x509_crl_t ** crl_list, unsigned *ncrls,
994 1005
995 *crl_list = 1006 *crl_list =
996 (MHD_gnutls_x509_crl_t *) MHD_gtls_realloc_fast (*crl_list, 1007 (MHD_gnutls_x509_crl_t *) MHD_gtls_realloc_fast (*crl_list,
997 i * 1008 i *
998 sizeof 1009 sizeof
999 (MHD_gnutls_x509_crl_t)); 1010 (MHD_gnutls_x509_crl_t));
1000 1011
1001 if (*crl_list == NULL) 1012 if (*crl_list == NULL)
1002 { 1013 {
@@ -1010,13 +1021,13 @@ parse_pem_crl_mem (MHD_gnutls_x509_crl_t ** crl_list, unsigned *ncrls,
1010 MHD_gnutls_assert (); 1021 MHD_gnutls_assert ();
1011 return ret; 1022 return ret;
1012 } 1023 }
1013 1024
1014 tmp.data = (unsigned char *) ptr; 1025 tmp.data = (unsigned char *) ptr;
1015 tmp.size = size; 1026 tmp.size = size;
1016 1027
1017 ret = 1028 ret =
1018 MHD_gnutls_x509_crl_import (crl_list[0][i - 1], 1029 MHD_gnutls_x509_crl_import (crl_list[0][i - 1],
1019 &tmp, GNUTLS_X509_FMT_PEM); 1030 &tmp, GNUTLS_X509_FMT_PEM);
1020 if (ret < 0) 1031 if (ret < 0)
1021 { 1032 {
1022 MHD_gnutls_assert (); 1033 MHD_gnutls_assert ();
@@ -1062,8 +1073,9 @@ parse_der_crl_mem (MHD_gnutls_x509_crl_t ** crl_list, unsigned *ncrls,
1062 1073
1063 *crl_list = 1074 *crl_list =
1064 (MHD_gnutls_x509_crl_t *) MHD_gtls_realloc_fast (*crl_list, 1075 (MHD_gnutls_x509_crl_t *) MHD_gtls_realloc_fast (*crl_list,
1065 i * 1076 i *
1066 sizeof (MHD_gnutls_x509_crl_t)); 1077 sizeof
1078 (MHD_gnutls_x509_crl_t));
1067 1079
1068 if (*crl_list == NULL) 1080 if (*crl_list == NULL)
1069 { 1081 {
@@ -1082,7 +1094,8 @@ parse_der_crl_mem (MHD_gnutls_x509_crl_t ** crl_list, unsigned *ncrls,
1082 } 1094 }
1083 1095
1084 ret = 1096 ret =
1085 MHD_gnutls_x509_crl_import (crl_list[0][i - 1], &tmp, GNUTLS_X509_FMT_DER); 1097 MHD_gnutls_x509_crl_import (crl_list[0][i - 1], &tmp,
1098 GNUTLS_X509_FMT_DER);
1086 if (ret < 0) 1099 if (ret < 0)
1087 { 1100 {
1088 MHD_gnutls_assert (); 1101 MHD_gnutls_assert ();
@@ -1147,8 +1160,8 @@ read_crl_mem (MHD_gtls_cert_credentials_t res, const void *crl,
1147 **/ 1160 **/
1148int 1161int
1149MHD__gnutls_certificate_set_x509_crl_mem (MHD_gtls_cert_credentials_t 1162MHD__gnutls_certificate_set_x509_crl_mem (MHD_gtls_cert_credentials_t
1150 res, const MHD_gnutls_datum_t * CRL, 1163 res, const MHD_gnutls_datum_t * CRL,
1151 MHD_gnutls_x509_crt_fmt_t type) 1164 MHD_gnutls_x509_crt_fmt_t type)
1152{ 1165{
1153 int ret; 1166 int ret;
1154 1167
diff --git a/src/daemon/https/tls/gnutls_x509.h b/src/daemon/https/tls/gnutls_x509.h
index b2d92603..07269328 100644
--- a/src/daemon/https/tls/gnutls_x509.h
+++ b/src/daemon/https/tls/gnutls_x509.h
@@ -25,7 +25,7 @@
25#include <libtasn1.h> 25#include <libtasn1.h>
26 26
27int MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session, 27int MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session,
28 unsigned int *status); 28 unsigned int *status);
29 29
30#define PEM_CERT_SEP2 "-----BEGIN X509 CERTIFICATE" 30#define PEM_CERT_SEP2 "-----BEGIN X509 CERTIFICATE"
31#define PEM_CERT_SEP "-----BEGIN CERTIFICATE" 31#define PEM_CERT_SEP "-----BEGIN CERTIFICATE"
@@ -36,13 +36,15 @@ int MHD__gnutls_x509_cert_verify_peers (MHD_gtls_session_t session,
36#define PEM_KEY_DSA_SEP "-----BEGIN DSA" 36#define PEM_KEY_DSA_SEP "-----BEGIN DSA"
37 37
38int MHD__gnutls_check_key_usage (const MHD_gnutls_cert * cert, 38int MHD__gnutls_check_key_usage (const MHD_gnutls_cert * cert,
39 enum MHD_GNUTLS_KeyExchangeAlgorithm alg); 39 enum MHD_GNUTLS_KeyExchangeAlgorithm alg);
40 40
41int MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize, mpi_t * params); 41int MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize,
42int MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, mpi_t * params); 42 mpi_t * params);
43int MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize,
44 mpi_t * params);
43 45
44int MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey, 46int MHD__gnutls_x509_raw_privkey_to_gkey (MHD_gnutls_privkey * privkey,
45 const MHD_gnutls_datum_t * raw_key, 47 const MHD_gnutls_datum_t * raw_key,
46 MHD_gnutls_x509_crt_fmt_t type); 48 MHD_gnutls_x509_crt_fmt_t type);
47int MHD__gnutls_x509_privkey_to_gkey (MHD_gnutls_privkey * privkey, 49int MHD__gnutls_x509_privkey_to_gkey (MHD_gnutls_privkey * privkey,
48 MHD_gnutls_x509_privkey_t); 50 MHD_gnutls_x509_privkey_t);
diff --git a/src/daemon/https/tls/x509_b64.c b/src/daemon/https/tls/x509_b64.c
index abe3fb40..152f7409 100644
--- a/src/daemon/https/tls/x509_b64.c
+++ b/src/daemon/https/tls/x509_b64.c
@@ -154,7 +154,7 @@ decode (uint8_t * result, const opaque * data)
154 */ 154 */
155int 155int
156MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data, 156MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data,
157 int data_size, uint8_t ** result) 157 int data_size, uint8_t ** result)
158{ 158{
159 int i, ret, tmp, j; 159 int i, ret, tmp, j;
160 char tmpres[4]; 160 char tmpres[4];
@@ -173,16 +173,16 @@ MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data,
173 memset (bottom, 0, sizeof (bottom)); 173 memset (bottom, 0, sizeof (bottom));
174 memset (top, 0, sizeof (top)); 174 memset (top, 0, sizeof (top));
175 175
176 strcat ((char*) top, "-----BEGIN "); /* Flawfinder: ignore */ 176 strcat ((char *) top, "-----BEGIN "); /* Flawfinder: ignore */
177 strcat ((char*)top, msg); /* Flawfinder: ignore */ 177 strcat ((char *) top, msg); /* Flawfinder: ignore */
178 strcat ((char*)top, "-----"); /* Flawfinder: ignore */ 178 strcat ((char *) top, "-----"); /* Flawfinder: ignore */
179 179
180 strcat ((char*)bottom, "\n-----END "); /* Flawfinder: ignore */ 180 strcat ((char *) bottom, "\n-----END "); /* Flawfinder: ignore */
181 strcat ((char*)bottom, msg); /* Flawfinder: ignore */ 181 strcat ((char *) bottom, msg); /* Flawfinder: ignore */
182 strcat ((char*)bottom, "-----\n"); /* Flawfinder: ignore */ 182 strcat ((char *) bottom, "-----\n"); /* Flawfinder: ignore */
183 183
184 top_len = strlen ((char*)top); 184 top_len = strlen ((char *) top);
185 bottom_len = strlen ((char*)bottom); 185 bottom_len = strlen ((char *) bottom);
186 186
187 ret = B64FSIZE (msglen, data_size); 187 ret = B64FSIZE (msglen, data_size);
188 188
@@ -197,7 +197,7 @@ MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data,
197 INCR (bytes, top_len); 197 INCR (bytes, top_len);
198 pos = top_len; 198 pos = top_len;
199 199
200 strcpy ((char*)*result,(char*) top); /* Flawfinder: ignore */ 200 strcpy ((char *) *result, (char *) top); /* Flawfinder: ignore */
201 201
202 for (i = j = 0; i < data_size; i += 3, j += 4) 202 for (i = j = 0; i < data_size; i += 3, j += 4)
203 { 203 {
@@ -260,7 +260,7 @@ MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data,
260 */ 260 */
261int 261int
262MHD__gnutls_base64_decode (const uint8_t * data, size_t data_size, 262MHD__gnutls_base64_decode (const uint8_t * data, size_t data_size,
263 uint8_t ** result) 263 uint8_t ** result)
264{ 264{
265 unsigned int i, j; 265 unsigned int i, j;
266 int ret, tmp, est; 266 int ret, tmp, est;
@@ -318,7 +318,7 @@ cpydata (const uint8_t * data, int data_size, uint8_t ** result)
318#define ENDSTR2 "-----\r" 318#define ENDSTR2 "-----\r"
319int 319int
320MHD__gnutls_fbase64_decode (const char *header, const opaque * data, 320MHD__gnutls_fbase64_decode (const char *header, const opaque * data,
321 size_t data_size, uint8_t ** result) 321 size_t data_size, uint8_t ** result)
322{ 322{
323 int ret; 323 int ret;
324 static const char top[] = "-----BEGIN "; 324 static const char top[] = "-----BEGIN ";
@@ -411,4 +411,3 @@ MHD__gnutls_fbase64_decode (const char *header, const opaque * data,
411 411
412 return ret; 412 return ret;
413} 413}
414
diff --git a/src/daemon/https/tls/x509_b64.h b/src/daemon/https/tls/x509_b64.h
index 9cb27c86..ebb48639 100644
--- a/src/daemon/https/tls/x509_b64.h
+++ b/src/daemon/https/tls/x509_b64.h
@@ -23,11 +23,11 @@
23 */ 23 */
24 24
25int MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data, 25int MHD__gnutls_fbase64_encode (const char *msg, const uint8_t * data,
26 int data_size, uint8_t ** result); 26 int data_size, uint8_t ** result);
27int MHD__gnutls_base64_decode (const uint8_t * data, size_t data_size, 27int MHD__gnutls_base64_decode (const uint8_t * data, size_t data_size,
28 uint8_t ** result); 28 uint8_t ** result);
29int MHD__gnutls_fbase64_decode (const char *header, const uint8_t * data, 29int MHD__gnutls_fbase64_decode (const char *header, const uint8_t * data,
30 size_t data_size, uint8_t ** result); 30 size_t data_size, uint8_t ** result);
31 31
32#define B64SIZE( data_size) ((data_size%3==0)?((data_size*4)/3):(4+((data_size/3)*4))) 32#define B64SIZE( data_size) ((data_size%3==0)?((data_size*4)/3):(4+((data_size/3)*4)))
33 33
diff --git a/src/daemon/https/x509/common.c b/src/daemon/https/x509/common.c
index 6e7e0853..ca2e355f 100644
--- a/src/daemon/https/x509/common.c
+++ b/src/daemon/https/x509/common.c
@@ -258,8 +258,9 @@ MHD__gnutls_x509_oid2ldap_string (const char *oid)
258 */ 258 */
259int 259int
260MHD__gnutls_x509_oid_data2string (const char *oid, 260MHD__gnutls_x509_oid_data2string (const char *oid,
261 void *value, 261 void *value,
262 int value_size, char *res, size_t * res_size) 262 int value_size, char *res,
263 size_t * res_size)
263{ 264{
264 char str[MAX_STRING_LEN], tmpname[128]; 265 char str[MAX_STRING_LEN], tmpname[128];
265 const char *ANAME = NULL; 266 const char *ANAME = NULL;
@@ -292,17 +293,19 @@ MHD__gnutls_x509_oid_data2string (const char *oid,
292 MHD_gtls_str_cat (str, sizeof (str), ANAME); 293 MHD_gtls_str_cat (str, sizeof (str), ANAME);
293 294
294 if ((result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), str, 295 if ((result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), str,
295 &tmpasn)) != ASN1_SUCCESS) 296 &tmpasn)) != ASN1_SUCCESS)
296 { 297 {
297 MHD_gnutls_assert (); 298 MHD_gnutls_assert ();
298 return MHD_gtls_asn2err (result); 299 return MHD_gtls_asn2err (result);
299 } 300 }
300 301
301 if ((result = MHD__asn1_der_decoding (&tmpasn, value, value_size, MHD__asn1_err)) 302 if ((result =
302 != ASN1_SUCCESS) 303 MHD__asn1_der_decoding (&tmpasn, value, value_size,
304 MHD__asn1_err)) != ASN1_SUCCESS)
303 { 305 {
304 MHD_gnutls_assert (); 306 MHD_gnutls_assert ();
305 MHD__gnutls_x509_log ("MHD__asn1_der_decoding: %s:%s\n", str, MHD__asn1_err); 307 MHD__gnutls_x509_log ("MHD__asn1_der_decoding: %s:%s\n", str,
308 MHD__asn1_err);
306 MHD__asn1_delete_structure (&tmpasn); 309 MHD__asn1_delete_structure (&tmpasn);
307 return MHD_gtls_asn2err (result); 310 return MHD_gtls_asn2err (result);
308 } 311 }
@@ -381,7 +384,9 @@ MHD__gnutls_x509_oid_data2string (const char *oid,
381 } 384 }
382 else 385 else
383 { 386 {
384 result = MHD__gnutls_x509_data2hex ((const unsigned char*) str, len, (unsigned char*) res, res_size); 387 result =
388 MHD__gnutls_x509_data2hex ((const unsigned char *) str, len,
389 (unsigned char *) res, res_size);
385 if (result < 0) 390 if (result < 0)
386 { 391 {
387 MHD_gnutls_assert (); 392 MHD_gnutls_assert ();
@@ -400,7 +405,8 @@ MHD__gnutls_x509_oid_data2string (const char *oid,
400 */ 405 */
401int 406int
402MHD__gnutls_x509_data2hex (const opaque * data, 407MHD__gnutls_x509_data2hex (const opaque * data,
403 size_t data_size, opaque * out, size_t * sizeof_out) 408 size_t data_size, opaque * out,
409 size_t * sizeof_out)
404{ 410{
405 char *res; 411 char *res;
406 char escaped[MAX_STRING_LEN]; 412 char escaped[MAX_STRING_LEN];
@@ -425,8 +431,8 @@ MHD__gnutls_x509_data2hex (const opaque * data,
425 431
426 if (out) 432 if (out)
427 { 433 {
428 strcpy ((char*) out, "#"); 434 strcpy ((char *) out, "#");
429 strcat ((char*) out, res); 435 strcat ((char *) out, res);
430 } 436 }
431 437
432 return 0; 438 return 0;
@@ -726,10 +732,10 @@ MHD__gnutls_x509_san_find_type (char *str_type)
726 */ 732 */
727int 733int
728MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, 734MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data,
729 MHD_gnutls_x509_crt_fmt_t format, 735 MHD_gnutls_x509_crt_fmt_t format,
730 char *pem_header, 736 char *pem_header,
731 unsigned char *output_data, 737 unsigned char *output_data,
732 size_t * output_data_size) 738 size_t * output_data_size)
733{ 739{
734 int result, len; 740 int result, len;
735 741
@@ -741,8 +747,9 @@ MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data,
741 747
742 len = *output_data_size; 748 len = *output_data_size;
743 749
744 if ((result = MHD__asn1_der_coding (MHD__asn1_data, "", output_data, &len, 750 if ((result =
745 NULL)) != ASN1_SUCCESS) 751 MHD__asn1_der_coding (MHD__asn1_data, "", output_data, &len,
752 NULL)) != ASN1_SUCCESS)
746 { 753 {
747 *output_data_size = len; 754 *output_data_size = len;
748 if (result == ASN1_MEM_ERROR) 755 if (result == ASN1_MEM_ERROR)
@@ -768,7 +775,8 @@ MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data,
768 return result; 775 return result;
769 } 776 }
770 777
771 result = MHD__gnutls_fbase64_encode (pem_header, tmp.data, tmp.size, &out); 778 result =
779 MHD__gnutls_fbase64_encode (pem_header, tmp.data, tmp.size, &out);
772 780
773 MHD__gnutls_free_datum (&tmp); 781 MHD__gnutls_free_datum (&tmp);
774 782
@@ -815,9 +823,9 @@ MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data,
815 */ 823 */
816int 824int
817MHD__gnutls_x509_decode_octet_string (const char *string_type, 825MHD__gnutls_x509_decode_octet_string (const char *string_type,
818 const opaque * der, 826 const opaque * der,
819 size_t der_size, 827 size_t der_size,
820 opaque * output, size_t * output_size) 828 opaque * output, size_t * output_size)
821{ 829{
822 ASN1_TYPE c2 = ASN1_TYPE_EMPTY; 830 ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
823 int result, tmp_output_size; 831 int result, tmp_output_size;
@@ -833,7 +841,7 @@ MHD__gnutls_x509_decode_octet_string (const char *string_type,
833 841
834 if ((result = 842 if ((result =
835 MHD__asn1_create_element (MHD__gnutls_get_pkix (), strname, 843 MHD__asn1_create_element (MHD__gnutls_get_pkix (), strname,
836 &c2)) != ASN1_SUCCESS) 844 &c2)) != ASN1_SUCCESS)
837 { 845 {
838 MHD_gnutls_assert (); 846 MHD_gnutls_assert ();
839 result = MHD_gtls_asn2err (result); 847 result = MHD_gtls_asn2err (result);
@@ -875,7 +883,8 @@ cleanup:if (c2)
875 */ 883 */
876int 884int
877MHD__gnutls_x509_read_value (ASN1_TYPE c, 885MHD__gnutls_x509_read_value (ASN1_TYPE c,
878 const char *root, MHD_gnutls_datum_t * ret, int flags) 886 const char *root, MHD_gnutls_datum_t * ret,
887 int flags)
879{ 888{
880 int len = 0, result; 889 int len = 0, result;
881 size_t slen; 890 size_t slen;
@@ -917,7 +926,8 @@ MHD__gnutls_x509_read_value (ASN1_TYPE c,
917 if (flags == 1) 926 if (flags == 1)
918 { 927 {
919 slen = len; 928 slen = len;
920 result = MHD__gnutls_x509_decode_octet_string (NULL, tmp, slen, tmp, &slen); 929 result =
930 MHD__gnutls_x509_decode_octet_string (NULL, tmp, slen, tmp, &slen);
921 if (result < 0) 931 if (result < 0)
922 { 932 {
923 MHD_gnutls_assert (); 933 MHD_gnutls_assert ();
@@ -942,7 +952,8 @@ cleanup:MHD_gnutls_free (tmp);
942 */ 952 */
943int 953int
944MHD__gnutls_x509_der_encode (ASN1_TYPE src, 954MHD__gnutls_x509_der_encode (ASN1_TYPE src,
945 const char *src_name, MHD_gnutls_datum_t * res, int str) 955 const char *src_name, MHD_gnutls_datum_t * res,
956 int str)
946{ 957{
947 int size, result; 958 int size, result;
948 int asize; 959 int asize;
@@ -984,8 +995,9 @@ MHD__gnutls_x509_der_encode (ASN1_TYPE src,
984 if (str) 995 if (str)
985 { 996 {
986 if ((result = 997 if ((result =
987 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.pkcs-7-Data", 998 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
988 &c2)) != ASN1_SUCCESS) 999 "PKIX1.pkcs-7-Data",
1000 &c2)) != ASN1_SUCCESS)
989 { 1001 {
990 MHD_gnutls_assert (); 1002 MHD_gnutls_assert ();
991 result = MHD_gtls_asn2err (result); 1003 result = MHD_gtls_asn2err (result);
@@ -1030,9 +1042,9 @@ cleanup:MHD_gnutls_free (data);
1030 */ 1042 */
1031int 1043int
1032MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, 1044MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src,
1033 const char *src_name, 1045 const char *src_name,
1034 ASN1_TYPE dest, 1046 ASN1_TYPE dest,
1035 const char *dest_name, int str) 1047 const char *dest_name, int str)
1036{ 1048{
1037 int result; 1049 int result;
1038 MHD_gnutls_datum_t encoded; 1050 MHD_gnutls_datum_t encoded;
@@ -1047,7 +1059,8 @@ MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src,
1047 1059
1048 /* Write the data. 1060 /* Write the data.
1049 */ 1061 */
1050 result = MHD__asn1_write_value (dest, dest_name, encoded.data, encoded.size); 1062 result =
1063 MHD__asn1_write_value (dest, dest_name, encoded.data, encoded.size);
1051 1064
1052 MHD__gnutls_free_datum (&encoded); 1065 MHD__gnutls_free_datum (&encoded);
1053 1066
@@ -1065,8 +1078,8 @@ MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src,
1065 */ 1078 */
1066int 1079int
1067MHD__gnutls_x509_write_value (ASN1_TYPE c, 1080MHD__gnutls_x509_write_value (ASN1_TYPE c,
1068 const char *root, 1081 const char *root,
1069 const MHD_gnutls_datum_t * data, int str) 1082 const MHD_gnutls_datum_t * data, int str)
1070{ 1083{
1071 int result; 1084 int result;
1072 int asize; 1085 int asize;
@@ -1088,8 +1101,9 @@ MHD__gnutls_x509_write_value (ASN1_TYPE c,
1088 /* Convert it to OCTET STRING 1101 /* Convert it to OCTET STRING
1089 */ 1102 */
1090 if ((result = 1103 if ((result =
1091 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.pkcs-7-Data", 1104 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
1092 &c2)) != ASN1_SUCCESS) 1105 "PKIX1.pkcs-7-Data",
1106 &c2)) != ASN1_SUCCESS)
1093 { 1107 {
1094 MHD_gnutls_assert (); 1108 MHD_gnutls_assert ();
1095 result = MHD_gtls_asn2err (result); 1109 result = MHD_gtls_asn2err (result);
@@ -1144,10 +1158,11 @@ cleanup:if (val.data != data->data)
1144 */ 1158 */
1145int 1159int
1146MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst, 1160MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst,
1147 const char *dst_name, 1161 const char *dst_name,
1148 enum MHD_GNUTLS_PublicKeyAlgorithm 1162 enum
1149 pk_algorithm, 1163 MHD_GNUTLS_PublicKeyAlgorithm
1150 mpi_t * params, int params_size) 1164 pk_algorithm, mpi_t * params,
1165 int params_size)
1151{ 1166{
1152 const char *pk; 1167 const char *pk;
1153 MHD_gnutls_datum_t der = { NULL, 1168 MHD_gnutls_datum_t der = { NULL,
@@ -1219,7 +1234,7 @@ MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst,
1219 */ 1234 */
1220int 1235int
1221MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src, 1236MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src,
1222 const char *src_name, unsigned int *bits) 1237 const char *src_name, unsigned int *bits)
1223{ 1238{
1224 int result; 1239 int result;
1225 opaque *str = NULL; 1240 opaque *str = NULL;
@@ -1295,7 +1310,8 @@ MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src,
1295 { 1310 {
1296 case MHD_GNUTLS_PK_RSA: 1311 case MHD_GNUTLS_PK_RSA:
1297 { 1312 {
1298 if ((result = MHD__gnutls_x509_read_rsa_params (str, len, params)) < 0) 1313 if ((result =
1314 MHD__gnutls_x509_read_rsa_params (str, len, params)) < 0)
1299 { 1315 {
1300 MHD_gnutls_assert (); 1316 MHD_gnutls_assert ();
1301 return result; 1317 return result;
@@ -1321,8 +1337,8 @@ MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src,
1321 */ 1337 */
1322int 1338int
1323MHD__gnutls_x509_get_signed_data (ASN1_TYPE src, 1339MHD__gnutls_x509_get_signed_data (ASN1_TYPE src,
1324 const char *src_name, 1340 const char *src_name,
1325 MHD_gnutls_datum_t * signed_data) 1341 MHD_gnutls_datum_t * signed_data)
1326{ 1342{
1327 MHD_gnutls_datum_t der; 1343 MHD_gnutls_datum_t der;
1328 int start, end, result; 1344 int start, end, result;
@@ -1337,7 +1353,7 @@ MHD__gnutls_x509_get_signed_data (ASN1_TYPE src,
1337 /* Get the signed data 1353 /* Get the signed data
1338 */ 1354 */
1339 result = MHD__asn1_der_decoding_startEnd (src, der.data, der.size, src_name, 1355 result = MHD__asn1_der_decoding_startEnd (src, der.data, der.size, src_name,
1340 &start, &end); 1356 &start, &end);
1341 if (result != ASN1_SUCCESS) 1357 if (result != ASN1_SUCCESS)
1342 { 1358 {
1343 result = MHD_gtls_asn2err (result); 1359 result = MHD_gtls_asn2err (result);
@@ -1345,7 +1361,8 @@ MHD__gnutls_x509_get_signed_data (ASN1_TYPE src,
1345 goto cleanup; 1361 goto cleanup;
1346 } 1362 }
1347 1363
1348 result = MHD__gnutls_set_datum (signed_data, &der.data[start], end - start + 1); 1364 result =
1365 MHD__gnutls_set_datum (signed_data, &der.data[start], end - start + 1);
1349 1366
1350 if (result < 0) 1367 if (result < 0)
1351 { 1368 {
@@ -1365,7 +1382,8 @@ cleanup:MHD__gnutls_free_datum (&der);
1365 */ 1382 */
1366int 1383int
1367MHD__gnutls_x509_get_signature (ASN1_TYPE src, 1384MHD__gnutls_x509_get_signature (ASN1_TYPE src,
1368 const char *src_name, MHD_gnutls_datum_t * signature) 1385 const char *src_name,
1386 MHD_gnutls_datum_t * signature)
1369{ 1387{
1370 int bits, result, len; 1388 int bits, result, len;
1371 1389
diff --git a/src/daemon/https/x509/common.h b/src/daemon/https/x509/common.h
index 0102c5a7..7ddb4b08 100644
--- a/src/daemon/https/x509/common.h
+++ b/src/daemon/https/x509/common.h
@@ -59,13 +59,14 @@
59#define SIG_GOST_R3410_2001_OID "1.2.643.2.2.3" 59#define SIG_GOST_R3410_2001_OID "1.2.643.2.2.3"
60 60
61int MHD__gnutls_x509_decode_octet_string (const char *string_type, 61int MHD__gnutls_x509_decode_octet_string (const char *string_type,
62 const opaque * der, size_t der_size, 62 const opaque * der, size_t der_size,
63 opaque * output, size_t * output_size); 63 opaque * output,
64 size_t * output_size);
64int MHD__gnutls_x509_oid_data2string (const char *OID, void *value, 65int MHD__gnutls_x509_oid_data2string (const char *OID, void *value,
65 int value_size, char *res, 66 int value_size, char *res,
66 size_t * res_size); 67 size_t * res_size);
67int MHD__gnutls_x509_data2hex (const opaque * data, size_t data_size, 68int MHD__gnutls_x509_data2hex (const opaque * data, size_t data_size,
68 opaque * out, size_t * sizeof_out); 69 opaque * out, size_t * sizeof_out);
69 70
70const char *MHD__gnutls_x509_oid2ldap_string (const char *OID); 71const char *MHD__gnutls_x509_oid2ldap_string (const char *OID);
71 72
@@ -74,50 +75,51 @@ int MHD__gnutls_x509_oid_data_printable (const char *OID);
74 75
75time_t MHD__gnutls_x509_get_time (ASN1_TYPE c2, const char *when); 76time_t MHD__gnutls_x509_get_time (ASN1_TYPE c2, const char *when);
76 77
77MHD_gnutls_x509_subject_alt_name_t MHD__gnutls_x509_san_find_type (char *str_type); 78MHD_gnutls_x509_subject_alt_name_t MHD__gnutls_x509_san_find_type (char
79 *str_type);
78 80
79int MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, const char *src_name, 81int MHD__gnutls_x509_der_encode_and_copy (ASN1_TYPE src, const char *src_name,
80 ASN1_TYPE dest, const char *dest_name, 82 ASN1_TYPE dest,
81 int str); 83 const char *dest_name, int str);
82int MHD__gnutls_x509_der_encode (ASN1_TYPE src, const char *src_name, 84int MHD__gnutls_x509_der_encode (ASN1_TYPE src, const char *src_name,
83 MHD_gnutls_datum_t * res, int str); 85 MHD_gnutls_datum_t * res, int str);
84 86
85int MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data, 87int MHD__gnutls_x509_export_int (ASN1_TYPE MHD__asn1_data,
86 MHD_gnutls_x509_crt_fmt_t format, char *pem_header, 88 MHD_gnutls_x509_crt_fmt_t format,
87 unsigned char *output_data, 89 char *pem_header, unsigned char *output_data,
88 size_t * output_data_size); 90 size_t * output_data_size);
89 91
90int MHD__gnutls_x509_read_value (ASN1_TYPE c, const char *root, 92int MHD__gnutls_x509_read_value (ASN1_TYPE c, const char *root,
91 MHD_gnutls_datum_t * ret, int str); 93 MHD_gnutls_datum_t * ret, int str);
92int MHD__gnutls_x509_write_value (ASN1_TYPE c, const char *root, 94int MHD__gnutls_x509_write_value (ASN1_TYPE c, const char *root,
93 const MHD_gnutls_datum_t * data, int str); 95 const MHD_gnutls_datum_t * data, int str);
94 96
95int MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, 97int MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid,
96 ASN1_TYPE MHD__asn1_struct, 98 ASN1_TYPE MHD__asn1_struct,
97 const char *where, 99 const char *where,
98 const void *data, 100 const void *data,
99 int sizeof_data, int multi); 101 int sizeof_data, int multi);
100int MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, 102int MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct,
101 const char *where, char *oid, 103 const char *where, char *oid,
102 int oid_size, 104 int oid_size,
103 MHD_gnutls_datum_t * value, int multi, 105 MHD_gnutls_datum_t * value,
104 int octet); 106 int multi, int octet);
105 107
106int MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src, const char *src_name, 108int MHD__gnutls_x509_get_pk_algorithm (ASN1_TYPE src, const char *src_name,
107 unsigned int *bits); 109 unsigned int *bits);
108 110
109int MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst, 111int MHD__gnutls_x509_encode_and_copy_PKI_params (ASN1_TYPE dst,
110 const char *dst_name, 112 const char *dst_name,
111 enum 113 enum
112 MHD_GNUTLS_PublicKeyAlgorithm 114 MHD_GNUTLS_PublicKeyAlgorithm
113 pk_algorithm, mpi_t * params, 115 pk_algorithm, mpi_t * params,
114 int params_size); 116 int params_size);
115int MHD__gnutls_asn1_copy_node (ASN1_TYPE * dst, const char *dst_name, 117int MHD__gnutls_asn1_copy_node (ASN1_TYPE * dst, const char *dst_name,
116 ASN1_TYPE src, const char *src_name); 118 ASN1_TYPE src, const char *src_name);
117 119
118int MHD__gnutls_x509_get_signed_data (ASN1_TYPE src, const char *src_name, 120int MHD__gnutls_x509_get_signed_data (ASN1_TYPE src, const char *src_name,
119 MHD_gnutls_datum_t * signed_data); 121 MHD_gnutls_datum_t * signed_data);
120int MHD__gnutls_x509_get_signature (ASN1_TYPE src, const char *src_name, 122int MHD__gnutls_x509_get_signature (ASN1_TYPE src, const char *src_name,
121 MHD_gnutls_datum_t * signature); 123 MHD_gnutls_datum_t * signature);
122 124
123#endif 125#endif
diff --git a/src/daemon/https/x509/crl.c b/src/daemon/https/x509/crl.c
index 17703b91..e023a193 100644
--- a/src/daemon/https/x509/crl.c
+++ b/src/daemon/https/x509/crl.c
@@ -56,8 +56,8 @@ MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl)
56 if (*crl) 56 if (*crl)
57 { 57 {
58 int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), 58 int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (),
59 "PKIX1.CertificateList", 59 "PKIX1.CertificateList",
60 &(*crl)->crl); 60 &(*crl)->crl);
61 if (result != ASN1_SUCCESS) 61 if (result != ASN1_SUCCESS)
62 { 62 {
63 MHD_gnutls_assert (); 63 MHD_gnutls_assert ();
@@ -104,8 +104,8 @@ MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl)
104 **/ 104 **/
105int 105int
106MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, 106MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl,
107 const MHD_gnutls_datum_t * data, 107 const MHD_gnutls_datum_t * data,
108 MHD_gnutls_x509_crt_fmt_t format) 108 MHD_gnutls_x509_crt_fmt_t format)
109{ 109{
110 int result = 0, need_free = 0; 110 int result = 0, need_free = 0;
111 MHD_gnutls_datum_t _data; 111 MHD_gnutls_datum_t _data;
@@ -125,7 +125,8 @@ MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl,
125 { 125 {
126 opaque *out; 126 opaque *out;
127 127
128 result = MHD__gnutls_fbase64_decode (PEM_CRL, data->data, data->size, &out); 128 result =
129 MHD__gnutls_fbase64_decode (PEM_CRL, data->data, data->size, &out);
129 130
130 if (result <= 0) 131 if (result <= 0)
131 { 132 {
@@ -181,7 +182,7 @@ cleanup:
181 **/ 182 **/
182int 183int
183MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf, 184MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf,
184 size_t * sizeof_buf) 185 size_t * sizeof_buf)
185{ 186{
186 if (crl == NULL) 187 if (crl == NULL)
187 { 188 {
@@ -190,8 +191,8 @@ MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf,
190 } 191 }
191 192
192 return MHD__gnutls_x509_parse_dn (crl->crl, 193 return MHD__gnutls_x509_parse_dn (crl->crl,
193 "tbsCertList.issuer.rdnSequence", 194 "tbsCertList.issuer.rdnSequence",
194 buf, sizeof_buf); 195 buf, sizeof_buf);
195} 196}
196 197
197/** 198/**
@@ -221,9 +222,9 @@ MHD_gnutls_x509_crl_get_issuer_dn (const MHD_gnutls_x509_crl_t crl, char *buf,
221 **/ 222 **/
222int 223int
223MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, 224MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl,
224 const char *oid, int indx, 225 const char *oid, int indx,
225 unsigned int raw_flag, void *buf, 226 unsigned int raw_flag, void *buf,
226 size_t * sizeof_buf) 227 size_t * sizeof_buf)
227{ 228{
228 if (crl == NULL) 229 if (crl == NULL)
229 { 230 {
@@ -232,8 +233,8 @@ MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl,
232 } 233 }
233 234
234 return MHD__gnutls_x509_parse_dn_oid (crl->crl, 235 return MHD__gnutls_x509_parse_dn_oid (crl->crl,
235 "tbsCertList.issuer.rdnSequence", 236 "tbsCertList.issuer.rdnSequence",
236 oid, indx, raw_flag, buf, sizeof_buf); 237 oid, indx, raw_flag, buf, sizeof_buf);
237} 238}
238 239
239/** 240/**
@@ -255,7 +256,7 @@ MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl,
255 **/ 256 **/
256int 257int
257MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, 258MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl,
258 int indx, void *oid, size_t * sizeof_oid) 259 int indx, void *oid, size_t * sizeof_oid)
259{ 260{
260 if (crl == NULL) 261 if (crl == NULL)
261 { 262 {
@@ -264,8 +265,8 @@ MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl,
264 } 265 }
265 266
266 return MHD__gnutls_x509_get_dn_oid (crl->crl, 267 return MHD__gnutls_x509_get_dn_oid (crl->crl,
267 "tbsCertList.issuer.rdnSequence", indx, 268 "tbsCertList.issuer.rdnSequence", indx,
268 oid, sizeof_oid); 269 oid, sizeof_oid);
269} 270}
270 271
271 272
@@ -297,7 +298,7 @@ MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl)
297 298
298 result = 299 result =
299 MHD__gnutls_x509_read_value (crl->crl, "signatureAlgorithm.algorithm", 300 MHD__gnutls_x509_read_value (crl->crl, "signatureAlgorithm.algorithm",
300 &sa, 0); 301 &sa, 0);
301 302
302 if (result < 0) 303 if (result < 0)
303 { 304 {
@@ -324,7 +325,7 @@ MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl)
324 **/ 325 **/
325int 326int
326MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, 327MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl,
327 char *sig, size_t * sizeof_sig) 328 char *sig, size_t * sizeof_sig)
328{ 329{
329 int result; 330 int result;
330 int bits, len; 331 int bits, len;
@@ -391,7 +392,7 @@ MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl)
391 len = sizeof (version); 392 len = sizeof (version);
392 if ((result = 393 if ((result =
393 MHD__asn1_read_value (crl->crl, "tbsCertList.version", version, 394 MHD__asn1_read_value (crl->crl, "tbsCertList.version", version,
394 &len)) != ASN1_SUCCESS) 395 &len)) != ASN1_SUCCESS)
395 { 396 {
396 MHD_gnutls_assert (); 397 MHD_gnutls_assert ();
397 return MHD_gtls_asn2err (result); 398 return MHD_gtls_asn2err (result);
@@ -468,7 +469,7 @@ MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl)
468 469
469 result = 470 result =
470 MHD__asn1_number_of_elements (crl->crl, 471 MHD__asn1_number_of_elements (crl->crl,
471 "tbsCertList.revokedCertificates", &count); 472 "tbsCertList.revokedCertificates", &count);
472 473
473 if (result != ASN1_SUCCESS) 474 if (result != ASN1_SUCCESS)
474 { 475 {
@@ -495,8 +496,8 @@ MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl)
495 **/ 496 **/
496int 497int
497MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, int indx, 498MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, int indx,
498 unsigned char *serial, 499 unsigned char *serial,
499 size_t * serial_size, time_t * t) 500 size_t * serial_size, time_t * t)
500{ 501{
501 502
502 int result, _serial_size; 503 int result, _serial_size;
@@ -515,7 +516,8 @@ MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, int indx,
515 "tbsCertList.revokedCertificates.?%u.revocationDate", indx + 1); 516 "tbsCertList.revokedCertificates.?%u.revocationDate", indx + 1);
516 517
517 _serial_size = *serial_size; 518 _serial_size = *serial_size;
518 result = MHD__asn1_read_value (crl->crl, serial_name, serial, &_serial_size); 519 result =
520 MHD__asn1_read_value (crl->crl, serial_name, serial, &_serial_size);
519 521
520 *serial_size = _serial_size; 522 *serial_size = _serial_size;
521 if (result != ASN1_SUCCESS) 523 if (result != ASN1_SUCCESS)
@@ -547,7 +549,7 @@ MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, int indx,
547 -*/ 549 -*/
548int 550int
549MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, 551MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl,
550 MHD_gnutls_datum_t * dn) 552 MHD_gnutls_datum_t * dn)
551{ 553{
552 ASN1_TYPE c2 = ASN1_TYPE_EMPTY; 554 ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
553 int result, len1; 555 int result, len1;
@@ -564,14 +566,15 @@ MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl,
564 */ 566 */
565 if ((result = 567 if ((result =
566 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.TBSCertList", 568 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.TBSCertList",
567 &c2)) != ASN1_SUCCESS) 569 &c2)) != ASN1_SUCCESS)
568 { 570 {
569 MHD_gnutls_assert (); 571 MHD_gnutls_assert ();
570 return MHD_gtls_asn2err (result); 572 return MHD_gtls_asn2err (result);
571 } 573 }
572 574
573 result = 575 result =
574 MHD__gnutls_x509_get_signed_data (crl->crl, "tbsCertList", &crl_signed_data); 576 MHD__gnutls_x509_get_signed_data (crl->crl, "tbsCertList",
577 &crl_signed_data);
575 if (result < 0) 578 if (result < 0)
576 { 579 {
577 MHD_gnutls_assert (); 580 MHD_gnutls_assert ();
@@ -579,7 +582,8 @@ MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl,
579 } 582 }
580 583
581 result = 584 result =
582 MHD__asn1_der_decoding (&c2, crl_signed_data.data, crl_signed_data.size, NULL); 585 MHD__asn1_der_decoding (&c2, crl_signed_data.data, crl_signed_data.size,
586 NULL);
583 if (result != ASN1_SUCCESS) 587 if (result != ASN1_SUCCESS)
584 { 588 {
585 /* couldn't decode DER */ 589 /* couldn't decode DER */
@@ -591,8 +595,8 @@ MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl,
591 595
592 result = 596 result =
593 MHD__asn1_der_decoding_startEnd (c2, crl_signed_data.data, 597 MHD__asn1_der_decoding_startEnd (c2, crl_signed_data.data,
594 crl_signed_data.size, "issuer", 598 crl_signed_data.size, "issuer",
595 &start1, &end1); 599 &start1, &end1);
596 600
597 if (result != ASN1_SUCCESS) 601 if (result != ASN1_SUCCESS)
598 { 602 {
@@ -633,8 +637,8 @@ cleanup:
633 **/ 637 **/
634int 638int
635MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, 639MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl,
636 MHD_gnutls_x509_crt_fmt_t format, void *output_data, 640 MHD_gnutls_x509_crt_fmt_t format,
637 size_t * output_data_size) 641 void *output_data, size_t * output_data_size)
638{ 642{
639 if (crl == NULL) 643 if (crl == NULL)
640 { 644 {
@@ -643,7 +647,7 @@ MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl,
643 } 647 }
644 648
645 return MHD__gnutls_x509_export_int (crl->crl, format, PEM_CRL, 649 return MHD__gnutls_x509_export_int (crl->crl, format, PEM_CRL,
646 output_data, output_data_size); 650 output_data, output_data_size);
647} 651}
648 652
649/*- 653/*-
@@ -657,14 +661,16 @@ MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl,
657 * 661 *
658 -*/ 662 -*/
659int 663int
660MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest, MHD_gnutls_x509_crl_t src) 664MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest,
665 MHD_gnutls_x509_crl_t src)
661{ 666{
662 int ret; 667 int ret;
663 size_t der_size; 668 size_t der_size;
664 opaque *der; 669 opaque *der;
665 MHD_gnutls_datum_t tmp; 670 MHD_gnutls_datum_t tmp;
666 671
667 ret = MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, NULL, &der_size); 672 ret =
673 MHD_gnutls_x509_crl_export (src, GNUTLS_X509_FMT_DER, NULL, &der_size);
668 if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER) 674 if (ret != GNUTLS_E_SHORT_MEMORY_BUFFER)
669 { 675 {
670 MHD_gnutls_assert (); 676 MHD_gnutls_assert ();
diff --git a/src/daemon/https/x509/crq.c b/src/daemon/https/x509/crq.c
index 147be276..88ac349d 100644
--- a/src/daemon/https/x509/crq.c
+++ b/src/daemon/https/x509/crq.c
@@ -59,8 +59,8 @@ MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq)
59 if (*crq) 59 if (*crq)
60 { 60 {
61 int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), 61 int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (),
62 "PKIX1.pkcs-10-CertificationRequest", 62 "PKIX1.pkcs-10-CertificationRequest",
63 &((*crq)->crq)); 63 &((*crq)->crq));
64 if (result != ASN1_SUCCESS) 64 if (result != ASN1_SUCCESS)
65 { 65 {
66 MHD_gnutls_assert (); 66 MHD_gnutls_assert ();
@@ -110,8 +110,8 @@ MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq)
110 **/ 110 **/
111int 111int
112MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq, 112MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq,
113 const MHD_gnutls_datum_t * data, 113 const MHD_gnutls_datum_t * data,
114 MHD_gnutls_x509_crt_fmt_t format) 114 MHD_gnutls_x509_crt_fmt_t format)
115{ 115{
116 int result = 0, need_free = 0; 116 int result = 0, need_free = 0;
117 MHD_gnutls_datum_t _data; 117 MHD_gnutls_datum_t _data;
@@ -132,7 +132,8 @@ MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq,
132 opaque *out; 132 opaque *out;
133 133
134 /* Try the first header */ 134 /* Try the first header */
135 result = MHD__gnutls_fbase64_decode (PEM_CRQ, data->data, data->size, &out); 135 result =
136 MHD__gnutls_fbase64_decode (PEM_CRQ, data->data, data->size, &out);
136 137
137 if (result <= 0) /* Go for the second header */ 138 if (result <= 0) /* Go for the second header */
138 result = 139 result =
@@ -189,7 +190,8 @@ cleanup:
189 * 190 *
190 **/ 191 **/
191int 192int
192MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf, size_t * sizeof_buf) 193MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf,
194 size_t * sizeof_buf)
193{ 195{
194 if (crq == NULL) 196 if (crq == NULL)
195 { 197 {
@@ -198,8 +200,8 @@ MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf, size_t * sizeo
198 } 200 }
199 201
200 return MHD__gnutls_x509_parse_dn (crq->crq, 202 return MHD__gnutls_x509_parse_dn (crq->crq,
201 "certificationRequestInfo.subject.rdnSequence", 203 "certificationRequestInfo.subject.rdnSequence",
202 buf, sizeof_buf); 204 buf, sizeof_buf);
203} 205}
204 206
205/** 207/**
@@ -232,8 +234,8 @@ MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, char *buf, size_t * sizeo
232 **/ 234 **/
233int 235int
234MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, 236MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid,
235 int indx, unsigned int raw_flag, 237 int indx, unsigned int raw_flag,
236 void *buf, size_t * sizeof_buf) 238 void *buf, size_t * sizeof_buf)
237{ 239{
238 if (crq == NULL) 240 if (crq == NULL)
239 { 241 {
@@ -242,8 +244,8 @@ MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid,
242 } 244 }
243 245
244 return MHD__gnutls_x509_parse_dn_oid (crq->crq, 246 return MHD__gnutls_x509_parse_dn_oid (crq->crq,
245 "certificationRequestInfo.subject.rdnSequence", 247 "certificationRequestInfo.subject.rdnSequence",
246 oid, indx, raw_flag, buf, sizeof_buf); 248 oid, indx, raw_flag, buf, sizeof_buf);
247} 249}
248 250
249/** 251/**
@@ -265,7 +267,7 @@ MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid,
265 **/ 267 **/
266int 268int
267MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq, 269MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq,
268 int indx, void *oid, size_t * sizeof_oid) 270 int indx, void *oid, size_t * sizeof_oid)
269{ 271{
270 if (crq == NULL) 272 if (crq == NULL)
271 { 273 {
@@ -274,8 +276,8 @@ MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq,
274 } 276 }
275 277
276 return MHD__gnutls_x509_get_dn_oid (crq->crq, 278 return MHD__gnutls_x509_get_dn_oid (crq->crq,
277 "certificationRequestInfo.subject.rdnSequence", 279 "certificationRequestInfo.subject.rdnSequence",
278 indx, oid, sizeof_oid); 280 indx, oid, sizeof_oid);
279} 281}
280 282
281/* Parses an Attribute list in the MHD__asn1_struct, and searches for the 283/* Parses an Attribute list in the MHD__asn1_struct, and searches for the
@@ -319,7 +321,8 @@ parse_attribute (ASN1_TYPE MHD__asn1_struct,
319 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); 321 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1);
320 322
321 len = sizeof (value) - 1; 323 len = sizeof (value) - 1;
322 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); 324 result =
325 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len);
323 326
324 if (result == ASN1_ELEMENT_NOT_FOUND) 327 if (result == ASN1_ELEMENT_NOT_FOUND)
325 { 328 {
@@ -362,7 +365,8 @@ parse_attribute (ASN1_TYPE MHD__asn1_struct,
362 tmpbuffer1, indx + 1); 365 tmpbuffer1, indx + 1);
363 366
364 len = sizeof (value) - 1; 367 len = sizeof (value) - 1;
365 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value, &len); 368 result =
369 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value, &len);
366 370
367 if (result != ASN1_SUCCESS) 371 if (result != ASN1_SUCCESS)
368 { 372 {
@@ -434,7 +438,7 @@ cleanup:
434 **/ 438 **/
435int 439int
436MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq, 440MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq,
437 char *pass, size_t * sizeof_pass) 441 char *pass, size_t * sizeof_pass)
438{ 442{
439 if (crq == NULL) 443 if (crq == NULL)
440 { 444 {
@@ -461,8 +465,8 @@ MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq,
461 **/ 465 **/
462int 466int
463MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, 467MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
464 const char *oid, void *buf, 468 const char *oid, void *buf,
465 size_t sizeof_buf) 469 size_t sizeof_buf)
466{ 470{
467 int result; 471 int result;
468 472
@@ -476,7 +480,7 @@ MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
476 */ 480 */
477 result = 481 result =
478 MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes", 482 MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes",
479 "NEW", 1); 483 "NEW", 1);
480 if (result != ASN1_SUCCESS) 484 if (result != ASN1_SUCCESS)
481 { 485 {
482 MHD_gnutls_assert (); 486 MHD_gnutls_assert ();
@@ -485,9 +489,9 @@ MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
485 489
486 result = 490 result =
487 MHD__gnutls_x509_encode_and_write_attribute (oid, 491 MHD__gnutls_x509_encode_and_write_attribute (oid,
488 crq->crq, 492 crq->crq,
489 "certificationRequestInfo.attributes.?LAST", 493 "certificationRequestInfo.attributes.?LAST",
490 buf, sizeof_buf, 1); 494 buf, sizeof_buf, 1);
491 495
492 if (result < 0) 496 if (result < 0)
493 { 497 {
@@ -515,8 +519,8 @@ MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
515 **/ 519 **/
516int 520int
517MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq, 521MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
518 const char *oid, int indx, void *buf, 522 const char *oid, int indx,
519 size_t * sizeof_buf) 523 void *buf, size_t * sizeof_buf)
520{ 524{
521 if (crq == NULL) 525 if (crq == NULL)
522 { 526 {
@@ -550,8 +554,8 @@ MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
550 **/ 554 **/
551int 555int
552MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid, 556MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid,
553 unsigned int raw_flag, const void *data, 557 unsigned int raw_flag, const void *data,
554 unsigned int sizeof_data) 558 unsigned int sizeof_data)
555{ 559{
556 if (sizeof_data == 0 || data == NULL || crq == NULL) 560 if (sizeof_data == 0 || data == NULL || crq == NULL)
557 { 561 {
@@ -559,8 +563,8 @@ MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid,
559 } 563 }
560 564
561 return MHD__gnutls_x509_set_dn_oid (crq->crq, 565 return MHD__gnutls_x509_set_dn_oid (crq->crq,
562 "certificationRequestInfo.subject", oid, 566 "certificationRequestInfo.subject", oid,
563 raw_flag, data, sizeof_data); 567 raw_flag, data, sizeof_data);
564} 568}
565 569
566/** 570/**
@@ -575,7 +579,8 @@ MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, const char *oid,
575 * 579 *
576 **/ 580 **/
577int 581int
578MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, unsigned int version) 582MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq,
583 unsigned int version)
579{ 584{
580 int result; 585 int result;
581 unsigned char null = version; 586 unsigned char null = version;
@@ -590,7 +595,8 @@ MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, unsigned int version
590 null--; 595 null--;
591 596
592 result = 597 result =
593 MHD__asn1_write_value (crq->crq, "certificationRequestInfo.version", &null, 1); 598 MHD__asn1_write_value (crq->crq, "certificationRequestInfo.version",
599 &null, 1);
594 if (result != ASN1_SUCCESS) 600 if (result != ASN1_SUCCESS)
595 { 601 {
596 MHD_gnutls_assert (); 602 MHD_gnutls_assert ();
@@ -624,7 +630,7 @@ MHD_gnutls_x509_crq_get_version (MHD_gnutls_x509_crq_t crq)
624 len = sizeof (version); 630 len = sizeof (version);
625 if ((result = 631 if ((result =
626 MHD__asn1_read_value (crq->crq, "certificationRequestInfo.version", 632 MHD__asn1_read_value (crq->crq, "certificationRequestInfo.version",
627 version, &len)) != ASN1_SUCCESS) 633 version, &len)) != ASN1_SUCCESS)
628 { 634 {
629 635
630 if (result == ASN1_ELEMENT_NOT_FOUND) 636 if (result == ASN1_ELEMENT_NOT_FOUND)
@@ -648,7 +654,8 @@ MHD_gnutls_x509_crq_get_version (MHD_gnutls_x509_crq_t crq)
648 * 654 *
649 **/ 655 **/
650int 656int
651MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t key) 657MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq,
658 MHD_gnutls_x509_privkey_t key)
652{ 659{
653 int result; 660 int result;
654 661
@@ -659,10 +666,10 @@ MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_
659 } 666 }
660 667
661 result = MHD__gnutls_x509_encode_and_copy_PKI_params (crq->crq, 668 result = MHD__gnutls_x509_encode_and_copy_PKI_params (crq->crq,
662 "certificationRequestInfo.subjectPKInfo", 669 "certificationRequestInfo.subjectPKInfo",
663 key->pk_algorithm, 670 key->pk_algorithm,
664 key->params, 671 key->params,
665 key->params_size); 672 key->params_size);
666 673
667 if (result < 0) 674 if (result < 0)
668 { 675 {
@@ -685,7 +692,7 @@ MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_
685 **/ 692 **/
686int 693int
687MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, 694MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq,
688 const char *pass) 695 const char *pass)
689{ 696{
690 int result; 697 int result;
691 698
@@ -699,7 +706,7 @@ MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq,
699 */ 706 */
700 result = 707 result =
701 MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes", 708 MHD__asn1_write_value (crq->crq, "certificationRequestInfo.attributes",
702 "NEW", 1); 709 "NEW", 1);
703 if (result != ASN1_SUCCESS) 710 if (result != ASN1_SUCCESS)
704 { 711 {
705 MHD_gnutls_assert (); 712 MHD_gnutls_assert ();
@@ -708,9 +715,9 @@ MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq,
708 715
709 result = 716 result =
710 MHD__gnutls_x509_encode_and_write_attribute ("1.2.840.113549.1.9.7", 717 MHD__gnutls_x509_encode_and_write_attribute ("1.2.840.113549.1.9.7",
711 crq->crq, 718 crq->crq,
712 "certificationRequestInfo.attributes.?LAST", 719 "certificationRequestInfo.attributes.?LAST",
713 pass, strlen (pass), 1); 720 pass, strlen (pass), 1);
714 721
715 if (result < 0) 722 if (result < 0)
716 { 723 {
@@ -739,8 +746,10 @@ MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq,
739 * 746 *
740 **/ 747 **/
741int 748int
742MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t key, 749MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq,
743 enum MHD_GNUTLS_HashAlgorithm dig, unsigned int flags) 750 MHD_gnutls_x509_privkey_t key,
751 enum MHD_GNUTLS_HashAlgorithm dig,
752 unsigned int flags)
744{ 753{
745 int result; 754 int result;
746 MHD_gnutls_datum_t signature; 755 MHD_gnutls_datum_t signature;
@@ -755,7 +764,7 @@ MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t
755 */ 764 */
756 result = 765 result =
757 MHD__gnutls_x509_sign_tbs (crq->crq, "certificationRequestInfo", 766 MHD__gnutls_x509_sign_tbs (crq->crq, "certificationRequestInfo",
758 dig, key, &signature); 767 dig, key, &signature);
759 768
760 if (result < 0) 769 if (result < 0)
761 { 770 {
@@ -767,7 +776,7 @@ MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t
767 */ 776 */
768 result = 777 result =
769 MHD__asn1_write_value (crq->crq, "signature", signature.data, 778 MHD__asn1_write_value (crq->crq, "signature", signature.data,
770 signature.size * 8); 779 signature.size * 8);
771 780
772 MHD__gnutls_free_datum (&signature); 781 MHD__gnutls_free_datum (&signature);
773 782
@@ -780,8 +789,8 @@ MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t
780 /* Step 3. Write the signatureAlgorithm field. 789 /* Step 3. Write the signatureAlgorithm field.
781 */ 790 */
782 result = MHD__gnutls_x509_write_sig_params (crq->crq, "signatureAlgorithm", 791 result = MHD__gnutls_x509_write_sig_params (crq->crq, "signatureAlgorithm",
783 key->pk_algorithm, dig, key->params, 792 key->pk_algorithm, dig,
784 key->params_size); 793 key->params, key->params_size);
785 if (result < 0) 794 if (result < 0)
786 { 795 {
787 MHD_gnutls_assert (); 796 MHD_gnutls_assert ();
@@ -803,7 +812,8 @@ MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t
803 * 812 *
804 **/ 813 **/
805int 814int
806MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t key) 815MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq,
816 MHD_gnutls_x509_privkey_t key)
807{ 817{
808 return MHD_gnutls_x509_crq_sign2 (crq, key, MHD_GNUTLS_MAC_SHA1, 0); 818 return MHD_gnutls_x509_crq_sign2 (crq, key, MHD_GNUTLS_MAC_SHA1, 0);
809} 819}
@@ -831,8 +841,8 @@ MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t k
831 **/ 841 **/
832int 842int
833MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, 843MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq,
834 MHD_gnutls_x509_crt_fmt_t format, void *output_data, 844 MHD_gnutls_x509_crt_fmt_t format,
835 size_t * output_data_size) 845 void *output_data, size_t * output_data_size)
836{ 846{
837 if (crq == NULL) 847 if (crq == NULL)
838 { 848 {
@@ -841,7 +851,7 @@ MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq,
841 } 851 }
842 852
843 return MHD__gnutls_x509_export_int (crq->crq, format, PEM_CRQ, 853 return MHD__gnutls_x509_export_int (crq->crq, format, PEM_CRQ,
844 output_data, output_data_size); 854 output_data, output_data_size);
845} 855}
846 856
847/** 857/**
@@ -862,7 +872,8 @@ MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq,
862 * 872 *
863 **/ 873 **/
864int 874int
865MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, unsigned int *bits) 875MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq,
876 unsigned int *bits)
866{ 877{
867 int result; 878 int result;
868 879
@@ -874,8 +885,8 @@ MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, unsigned int *b
874 885
875 result = 886 result =
876 MHD__gnutls_x509_get_pk_algorithm (crq->crq, 887 MHD__gnutls_x509_get_pk_algorithm (crq->crq,
877 "certificationRequestInfo.subjectPKInfo", 888 "certificationRequestInfo.subjectPKInfo",
878 bits); 889 bits);
879 if (result < 0) 890 if (result < 0)
880 { 891 {
881 MHD_gnutls_assert (); 892 MHD_gnutls_assert ();
diff --git a/src/daemon/https/x509/dn.c b/src/daemon/https/x509/dn.c
index eac31f33..17b4ed76 100644
--- a/src/daemon/https/x509/dn.c
+++ b/src/daemon/https/x509/dn.c
@@ -88,8 +88,8 @@ str_escape (char *str, char *buffer, unsigned int buffer_size)
88 */ 88 */
89int 89int
90MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, 90MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct,
91 const char *MHD__asn1_rdn_name, char *buf, 91 const char *MHD__asn1_rdn_name, char *buf,
92 size_t * sizeof_buf) 92 size_t * sizeof_buf)
93{ 93{
94 MHD_gtls_string out_str; 94 MHD_gtls_string out_str;
95 int k2, k1, result; 95 int k2, k1, result;
@@ -115,7 +115,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct,
115 else 115 else
116 *sizeof_buf = 0; 116 *sizeof_buf = 0;
117 117
118 MHD_gtls_string_init (&out_str, MHD_gnutls_malloc, MHD_gnutls_realloc, MHD_gnutls_free); 118 MHD_gtls_string_init (&out_str, MHD_gnutls_malloc, MHD_gnutls_realloc,
119 MHD_gnutls_free);
119 120
120 k1 = 0; 121 k1 = 0;
121 do 122 do
@@ -125,13 +126,14 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct,
125 /* create a string like "tbsCertList.issuer.rdnSequence.?1" 126 /* create a string like "tbsCertList.issuer.rdnSequence.?1"
126 */ 127 */
127 if (MHD__asn1_rdn_name[0] != 0) 128 if (MHD__asn1_rdn_name[0] != 0)
128 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", MHD__asn1_rdn_name, 129 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u",
129 k1); 130 MHD__asn1_rdn_name, k1);
130 else 131 else
131 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); 132 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1);
132 133
133 len = sizeof (value) - 1; 134 len = sizeof (value) - 1;
134 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); 135 result =
136 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len);
135 137
136 if (result == ASN1_ELEMENT_NOT_FOUND) 138 if (result == ASN1_ELEMENT_NOT_FOUND)
137 { 139 {
@@ -162,7 +164,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct,
162 */ 164 */
163 165
164 len = sizeof (value) - 1; 166 len = sizeof (value) - 1;
165 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); 167 result =
168 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len);
166 169
167 if (result == ASN1_ELEMENT_NOT_FOUND) 170 if (result == ASN1_ELEMENT_NOT_FOUND)
168 break; 171 break;
@@ -179,7 +182,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct,
179 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); 182 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type");
180 183
181 len = sizeof (oid) - 1; 184 len = sizeof (oid) - 1;
182 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); 185 result =
186 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len);
183 187
184 if (result == ASN1_ELEMENT_NOT_FOUND) 188 if (result == ASN1_ELEMENT_NOT_FOUND)
185 break; 189 break;
@@ -196,7 +200,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct,
196 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".value"); 200 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".value");
197 201
198 len = 0; 202 len = 0;
199 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, NULL, &len); 203 result =
204 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, NULL, &len);
200 205
201 value2 = MHD_gnutls_malloc (len); 206 value2 = MHD_gnutls_malloc (len);
202 if (value2 == NULL) 207 if (value2 == NULL)
@@ -206,7 +211,8 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct,
206 goto cleanup; 211 goto cleanup;
207 } 212 }
208 213
209 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value2, &len); 214 result =
215 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, value2, &len);
210 216
211 if (result != ASN1_SUCCESS) 217 if (result != ASN1_SUCCESS)
212 { 218 {
@@ -268,12 +274,14 @@ MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct,
268 if (printable) 274 if (printable)
269 result = 275 result =
270 MHD__gnutls_x509_oid_data2string (oid, 276 MHD__gnutls_x509_oid_data2string (oid,
271 value2, len, 277 value2, len,
272 string, &sizeof_string); 278 string, &sizeof_string);
273 279
274 if (!printable || result < 0) 280 if (!printable || result < 0)
275 result = 281 result =
276 MHD__gnutls_x509_data2hex ((const unsigned char*) value2, len, (unsigned char*) string, &sizeof_string); 282 MHD__gnutls_x509_data2hex ((const unsigned char *) value2, len,
283 (unsigned char *) string,
284 &sizeof_string);
277 285
278 if (result < 0) 286 if (result < 0)
279 { 287 {
@@ -338,10 +346,10 @@ cleanup:
338 */ 346 */
339int 347int
340MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, 348MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct,
341 const char *MHD__asn1_rdn_name, 349 const char *MHD__asn1_rdn_name,
342 const char *given_oid, int indx, 350 const char *given_oid, int indx,
343 unsigned int raw_flag, 351 unsigned int raw_flag,
344 void *buf, size_t * sizeof_buf) 352 void *buf, size_t * sizeof_buf)
345{ 353{
346 int k2, k1, result; 354 int k2, k1, result;
347 char tmpbuffer1[MAX_NAME_SIZE]; 355 char tmpbuffer1[MAX_NAME_SIZE];
@@ -366,13 +374,14 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct,
366 /* create a string like "tbsCertList.issuer.rdnSequence.?1" 374 /* create a string like "tbsCertList.issuer.rdnSequence.?1"
367 */ 375 */
368 if (MHD__asn1_rdn_name[0] != 0) 376 if (MHD__asn1_rdn_name[0] != 0)
369 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", MHD__asn1_rdn_name, 377 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u",
370 k1); 378 MHD__asn1_rdn_name, k1);
371 else 379 else
372 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); 380 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1);
373 381
374 len = sizeof (value) - 1; 382 len = sizeof (value) - 1;
375 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); 383 result =
384 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len);
376 385
377 if (result == ASN1_ELEMENT_NOT_FOUND) 386 if (result == ASN1_ELEMENT_NOT_FOUND)
378 { 387 {
@@ -404,7 +413,8 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct,
404 */ 413 */
405 414
406 len = sizeof (value) - 1; 415 len = sizeof (value) - 1;
407 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); 416 result =
417 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len);
408 418
409 if (result == ASN1_ELEMENT_NOT_FOUND) 419 if (result == ASN1_ELEMENT_NOT_FOUND)
410 { 420 {
@@ -423,7 +433,8 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct,
423 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); 433 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type");
424 434
425 len = sizeof (oid) - 1; 435 len = sizeof (oid) - 1;
426 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); 436 result =
437 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len);
427 438
428 if (result == ASN1_ELEMENT_NOT_FOUND) 439 if (result == ASN1_ELEMENT_NOT_FOUND)
429 break; 440 break;
@@ -443,7 +454,9 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct,
443 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".value"); 454 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".value");
444 455
445 len = *sizeof_buf; 456 len = *sizeof_buf;
446 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, buf, &len); 457 result =
458 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, buf,
459 &len);
447 460
448 if (result != ASN1_SUCCESS) 461 if (result != ASN1_SUCCESS)
449 { 462 {
@@ -474,10 +487,12 @@ MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct,
474 if (printable == 1) 487 if (printable == 1)
475 result = 488 result =
476 MHD__gnutls_x509_oid_data2string (oid, buf, len, 489 MHD__gnutls_x509_oid_data2string (oid, buf, len,
477 cbuf, sizeof_buf); 490 cbuf, sizeof_buf);
478 else 491 else
479 result = 492 result =
480 MHD__gnutls_x509_data2hex (buf, len, (unsigned char*) cbuf, sizeof_buf); 493 MHD__gnutls_x509_data2hex (buf, len,
494 (unsigned char *) cbuf,
495 sizeof_buf);
481 496
482 if (result < 0) 497 if (result < 0)
483 { 498 {
@@ -515,8 +530,8 @@ cleanup:
515 */ 530 */
516int 531int
517MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, 532MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct,
518 const char *MHD__asn1_rdn_name, 533 const char *MHD__asn1_rdn_name,
519 int indx, void *_oid, size_t * sizeof_oid) 534 int indx, void *_oid, size_t * sizeof_oid)
520{ 535{
521 int k2, k1, result; 536 int k2, k1, result;
522 char tmpbuffer1[MAX_NAME_SIZE]; 537 char tmpbuffer1[MAX_NAME_SIZE];
@@ -535,13 +550,14 @@ MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct,
535 /* create a string like "tbsCertList.issuer.rdnSequence.?1" 550 /* create a string like "tbsCertList.issuer.rdnSequence.?1"
536 */ 551 */
537 if (MHD__asn1_rdn_name[0] != 0) 552 if (MHD__asn1_rdn_name[0] != 0)
538 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u", MHD__asn1_rdn_name, 553 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "%s.?%u",
539 k1); 554 MHD__asn1_rdn_name, k1);
540 else 555 else
541 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1); 556 snprintf (tmpbuffer1, sizeof (tmpbuffer1), "?%u", k1);
542 557
543 len = sizeof (value) - 1; 558 len = sizeof (value) - 1;
544 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len); 559 result =
560 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer1, value, &len);
545 561
546 if (result == ASN1_ELEMENT_NOT_FOUND) 562 if (result == ASN1_ELEMENT_NOT_FOUND)
547 { 563 {
@@ -573,7 +589,8 @@ MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct,
573 */ 589 */
574 590
575 len = sizeof (value) - 1; 591 len = sizeof (value) - 1;
576 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len); 592 result =
593 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer2, value, &len);
577 594
578 if (result == ASN1_ELEMENT_NOT_FOUND) 595 if (result == ASN1_ELEMENT_NOT_FOUND)
579 { 596 {
@@ -592,7 +609,8 @@ MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct,
592 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type"); 609 MHD_gtls_str_cat (tmpbuffer3, sizeof (tmpbuffer3), ".type");
593 610
594 len = sizeof (oid) - 1; 611 len = sizeof (oid) - 1;
595 result = MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len); 612 result =
613 MHD__asn1_read_value (MHD__asn1_struct, tmpbuffer3, oid, &len);
596 614
597 if (result == ASN1_ELEMENT_NOT_FOUND) 615 if (result == ASN1_ELEMENT_NOT_FOUND)
598 break; 616 break;
@@ -640,10 +658,10 @@ cleanup:
640 */ 658 */
641int 659int
642MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid, 660MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid,
643 ASN1_TYPE MHD__asn1_struct, 661 ASN1_TYPE MHD__asn1_struct,
644 const char *where, 662 const char *where,
645 const void *_data, 663 const void *_data,
646 int sizeof_data, int multi) 664 int sizeof_data, int multi)
647{ 665{
648 const char *val_name; 666 const char *val_name;
649 const opaque *data = _data; 667 const opaque *data = _data;
@@ -654,7 +672,8 @@ MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid,
654 672
655 /* Find how to encode the data. 673 /* Find how to encode the data.
656 */ 674 */
657 val_name = MHD__asn1_find_structure_from_oid (MHD__gnutls_get_pkix (), given_oid); 675 val_name =
676 MHD__asn1_find_structure_from_oid (MHD__gnutls_get_pkix (), given_oid);
658 if (val_name == NULL) 677 if (val_name == NULL)
659 { 678 {
660 MHD_gnutls_assert (); 679 MHD_gnutls_assert ();
@@ -736,7 +755,8 @@ MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid,
736 755
737 } 756 }
738 757
739 result = MHD__gnutls_x509_der_encode_and_copy (c2, "", MHD__asn1_struct, tmp, 0); 758 result =
759 MHD__gnutls_x509_der_encode_and_copy (c2, "", MHD__asn1_struct, tmp, 0);
740 if (result < 0) 760 if (result < 0)
741 { 761 {
742 MHD_gnutls_assert (); 762 MHD_gnutls_assert ();
@@ -763,8 +783,9 @@ MHD__gnutls_x509_encode_and_write_attribute (const char *given_oid,
763 */ 783 */
764static int 784static int
765MHD__gnutls_x509_write_attribute (const char *given_oid, 785MHD__gnutls_x509_write_attribute (const char *given_oid,
766 ASN1_TYPE MHD__asn1_struct, const char *where, 786 ASN1_TYPE MHD__asn1_struct,
767 const void *_data, int sizeof_data) 787 const char *where, const void *_data,
788 int sizeof_data)
768{ 789{
769 char tmp[128]; 790 char tmp[128];
770 int result; 791 int result;
@@ -808,9 +829,10 @@ MHD__gnutls_x509_write_attribute (const char *given_oid,
808 */ 829 */
809int 830int
810MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct, 831MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct,
811 const char *where, char *oid, 832 const char *where, char *oid,
812 int oid_size, MHD_gnutls_datum_t * value, 833 int oid_size,
813 int multi, int octet_string) 834 MHD_gnutls_datum_t * value,
835 int multi, int octet_string)
814{ 836{
815 char tmpbuffer[128]; 837 char tmpbuffer[128];
816 int len, result; 838 int len, result;
@@ -840,7 +862,8 @@ MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct,
840 MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), "s.?1"); /* .values.?1 */ 862 MHD_gtls_str_cat (tmpbuffer, sizeof (tmpbuffer), "s.?1"); /* .values.?1 */
841 863
842 result = 864 result =
843 MHD__gnutls_x509_read_value (MHD__asn1_struct, tmpbuffer, value, octet_string); 865 MHD__gnutls_x509_read_value (MHD__asn1_struct, tmpbuffer, value,
866 octet_string);
844 if (result < 0) 867 if (result < 0)
845 { 868 {
846 MHD_gnutls_assert (); 869 MHD_gnutls_assert ();
@@ -860,8 +883,9 @@ MHD__gnutls_x509_decode_and_read_attribute (ASN1_TYPE MHD__asn1_struct,
860 */ 883 */
861int 884int
862MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, 885MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct,
863 const char *MHD__asn1_name, const char *given_oid, 886 const char *MHD__asn1_name,
864 int raw_flag, const char *name, int sizeof_name) 887 const char *given_oid, int raw_flag,
888 const char *name, int sizeof_name)
865{ 889{
866 int result; 890 int result;
867 char tmp[MAX_NAME_SIZE], MHD__asn1_rdn_name[MAX_NAME_SIZE]; 891 char tmp[MAX_NAME_SIZE], MHD__asn1_rdn_name[MAX_NAME_SIZE];
@@ -874,19 +898,24 @@ MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct,
874 898
875 /* create the rdnSequence 899 /* create the rdnSequence
876 */ 900 */
877 result = MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_name, "rdnSequence", 1); 901 result =
902 MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_name, "rdnSequence",
903 1);
878 if (result != ASN1_SUCCESS) 904 if (result != ASN1_SUCCESS)
879 { 905 {
880 MHD_gnutls_assert (); 906 MHD_gnutls_assert ();
881 return MHD_gtls_asn2err (result); 907 return MHD_gtls_asn2err (result);
882 } 908 }
883 909
884 MHD_gtls_str_cpy (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), MHD__asn1_name); 910 MHD_gtls_str_cpy (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name),
885 MHD_gtls_str_cat (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name), ".rdnSequence"); 911 MHD__asn1_name);
912 MHD_gtls_str_cat (MHD__asn1_rdn_name, sizeof (MHD__asn1_rdn_name),
913 ".rdnSequence");
886 914
887 /* create a new element 915 /* create a new element
888 */ 916 */
889 result = MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_rdn_name, "NEW", 1); 917 result =
918 MHD__asn1_write_value (MHD__asn1_struct, MHD__asn1_rdn_name, "NEW", 1);
890 if (result != ASN1_SUCCESS) 919 if (result != ASN1_SUCCESS)
891 { 920 {
892 MHD_gnutls_assert (); 921 MHD_gnutls_assert ();
@@ -915,14 +944,15 @@ MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct,
915 { 944 {
916 result = 945 result =
917 MHD__gnutls_x509_encode_and_write_attribute (given_oid, 946 MHD__gnutls_x509_encode_and_write_attribute (given_oid,
918 MHD__asn1_struct, 947 MHD__asn1_struct,
919 tmp, name, sizeof_name, 0); 948 tmp, name, sizeof_name,
949 0);
920 } 950 }
921 else 951 else
922 { 952 {
923 result = 953 result =
924 MHD__gnutls_x509_write_attribute (given_oid, MHD__asn1_struct, 954 MHD__gnutls_x509_write_attribute (given_oid, MHD__asn1_struct,
925 tmp, name, sizeof_name); 955 tmp, name, sizeof_name);
926 } 956 }
927 957
928 if (result < 0) 958 if (result < 0)
@@ -952,7 +982,7 @@ MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct,
952 **/ 982 **/
953int 983int
954MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, 984MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn,
955 char *buf, size_t * sizeof_buf) 985 char *buf, size_t * sizeof_buf)
956{ 986{
957 int result; 987 int result;
958 ASN1_TYPE dn = ASN1_TYPE_EMPTY; 988 ASN1_TYPE dn = ASN1_TYPE_EMPTY;
@@ -969,7 +999,7 @@ MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn,
969 999
970 if ((result = 1000 if ((result =
971 MHD__asn1_create_element (MHD__gnutls_get_pkix (), 1001 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
972 "PKIX1.Name", &dn)) != ASN1_SUCCESS) 1002 "PKIX1.Name", &dn)) != ASN1_SUCCESS)
973 { 1003 {
974 MHD_gnutls_assert (); 1004 MHD_gnutls_assert ();
975 return MHD_gtls_asn2err (result); 1005 return MHD_gtls_asn2err (result);
@@ -1010,9 +1040,10 @@ MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn,
1010 * 1040 *
1011 **/ 1041 **/
1012int 1042int
1013MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, const char *oid, 1043MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn,
1014 int indx, unsigned int raw_flag, 1044 const char *oid, int indx,
1015 void *buf, size_t * sizeof_buf) 1045 unsigned int raw_flag, void *buf,
1046 size_t * sizeof_buf)
1016{ 1047{
1017 int result; 1048 int result;
1018 ASN1_TYPE dn = ASN1_TYPE_EMPTY; 1049 ASN1_TYPE dn = ASN1_TYPE_EMPTY;
@@ -1024,7 +1055,7 @@ MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, const char *oid,
1024 1055
1025 if ((result = 1056 if ((result =
1026 MHD__asn1_create_element (MHD__gnutls_get_pkix (), 1057 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
1027 "PKIX1.Name", &dn)) != ASN1_SUCCESS) 1058 "PKIX1.Name", &dn)) != ASN1_SUCCESS)
1028 { 1059 {
1029 MHD_gnutls_assert (); 1060 MHD_gnutls_assert ();
1030 return MHD_gtls_asn2err (result); 1061 return MHD_gtls_asn2err (result);
@@ -1041,7 +1072,7 @@ MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, const char *oid,
1041 1072
1042 result = 1073 result =
1043 MHD__gnutls_x509_parse_dn_oid (dn, "rdnSequence", oid, indx, 1074 MHD__gnutls_x509_parse_dn_oid (dn, "rdnSequence", oid, indx,
1044 raw_flag, buf, sizeof_buf); 1075 raw_flag, buf, sizeof_buf);
1045 1076
1046 MHD__asn1_delete_structure (&dn); 1077 MHD__asn1_delete_structure (&dn);
1047 return result; 1078 return result;
@@ -1064,7 +1095,7 @@ MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, const char *oid,
1064 **/ 1095 **/
1065int 1096int
1066MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, 1097MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn,
1067 int indx, void *buf, size_t * sizeof_buf) 1098 int indx, void *buf, size_t * sizeof_buf)
1068{ 1099{
1069 int result; 1100 int result;
1070 ASN1_TYPE dn = ASN1_TYPE_EMPTY; 1101 ASN1_TYPE dn = ASN1_TYPE_EMPTY;
@@ -1076,7 +1107,7 @@ MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn,
1076 1107
1077 if ((result = 1108 if ((result =
1078 MHD__asn1_create_element (MHD__gnutls_get_pkix (), 1109 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
1079 "PKIX1.Name", &dn)) != ASN1_SUCCESS) 1110 "PKIX1.Name", &dn)) != ASN1_SUCCESS)
1080 { 1111 {
1081 MHD_gnutls_assert (); 1112 MHD_gnutls_assert ();
1082 return MHD_gtls_asn2err (result); 1113 return MHD_gtls_asn2err (result);
@@ -1091,7 +1122,8 @@ MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn,
1091 return MHD_gtls_asn2err (result); 1122 return MHD_gtls_asn2err (result);
1092 } 1123 }
1093 1124
1094 result = MHD__gnutls_x509_get_dn_oid (dn, "rdnSequence", indx, buf, sizeof_buf); 1125 result =
1126 MHD__gnutls_x509_get_dn_oid (dn, "rdnSequence", indx, buf, sizeof_buf);
1095 1127
1096 MHD__asn1_delete_structure (&dn); 1128 MHD__asn1_delete_structure (&dn);
1097 return result; 1129 return result;
@@ -1108,7 +1140,7 @@ MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn,
1108 */ 1140 */
1109int 1141int
1110MHD__gnutls_x509_compare_raw_dn (const MHD_gnutls_datum_t * dn1, 1142MHD__gnutls_x509_compare_raw_dn (const MHD_gnutls_datum_t * dn1,
1111 const MHD_gnutls_datum_t * dn2) 1143 const MHD_gnutls_datum_t * dn2)
1112{ 1144{
1113 1145
1114 if (dn1->size != dn2->size) 1146 if (dn1->size != dn2->size)
diff --git a/src/daemon/https/x509/dn.h b/src/daemon/https/x509/dn.h
index 04352b10..a0c6ac45 100644
--- a/src/daemon/https/x509/dn.h
+++ b/src/daemon/https/x509/dn.h
@@ -38,21 +38,23 @@
38#define OID_PKCS9_EMAIL "1.2.840.113549.1.9.1" 38#define OID_PKCS9_EMAIL "1.2.840.113549.1.9.1"
39 39
40int MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct, 40int MHD__gnutls_x509_parse_dn (ASN1_TYPE MHD__asn1_struct,
41 const char *MHD__asn1_rdn_name, char *buf, 41 const char *MHD__asn1_rdn_name, char *buf,
42 size_t * sizeof_buf); 42 size_t * sizeof_buf);
43 43
44int MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct, 44int MHD__gnutls_x509_parse_dn_oid (ASN1_TYPE MHD__asn1_struct,
45 const char *MHD__asn1_rdn_name, const char *oid, 45 const char *MHD__asn1_rdn_name,
46 int indx, unsigned int raw_flag, void *buf, 46 const char *oid, int indx,
47 size_t * sizeof_buf); 47 unsigned int raw_flag, void *buf,
48 size_t * sizeof_buf);
48 49
49int MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct, 50int MHD__gnutls_x509_set_dn_oid (ASN1_TYPE MHD__asn1_struct,
50 const char *MHD__asn1_rdn_name, const char *oid, 51 const char *MHD__asn1_rdn_name,
51 int raw_flag, const char *name, int sizeof_name); 52 const char *oid, int raw_flag,
53 const char *name, int sizeof_name);
52 54
53int MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct, 55int MHD__gnutls_x509_get_dn_oid (ASN1_TYPE MHD__asn1_struct,
54 const char *MHD__asn1_rdn_name, 56 const char *MHD__asn1_rdn_name,
55 int indx, void *_oid, size_t * sizeof_oid); 57 int indx, void *_oid, size_t * sizeof_oid);
56 58
57 59
58#endif 60#endif
diff --git a/src/daemon/https/x509/dsa.h b/src/daemon/https/x509/dsa.h
index bed87a7d..bda01f83 100644
--- a/src/daemon/https/x509/dsa.h
+++ b/src/daemon/https/x509/dsa.h
@@ -22,4 +22,5 @@
22 * 22 *
23 */ 23 */
24 24
25int MHD__gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len, int bits); 25int MHD__gnutls_dsa_generate_params (mpi_t * resarr, int *resarr_len,
26 int bits);
diff --git a/src/daemon/https/x509/extensions.c b/src/daemon/https/x509/extensions.c
index 8bf36000..3b8bf494 100644
--- a/src/daemon/https/x509/extensions.c
+++ b/src/daemon/https/x509/extensions.c
@@ -46,8 +46,9 @@
46 */ 46 */
47int 47int
48MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert, 48MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert,
49 const char *extension_id, int indx, 49 const char *extension_id, int indx,
50 MHD_gnutls_datum_t * ret, unsigned int *_critical) 50 MHD_gnutls_datum_t * ret,
51 unsigned int *_critical)
51{ 52{
52 int k, result, len; 53 int k, result, len;
53 char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE]; 54 char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE];
@@ -136,7 +137,8 @@ MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert,
136 MHD_gtls_str_cpy (name2, sizeof (name2), name); 137 MHD_gtls_str_cpy (name2, sizeof (name2), name);
137 MHD_gtls_str_cat (name2, sizeof (name2), ".extnValue"); 138 MHD_gtls_str_cat (name2, sizeof (name2), ".extnValue");
138 139
139 result = MHD__gnutls_x509_read_value (cert->cert, name2, &value, 0); 140 result =
141 MHD__gnutls_x509_read_value (cert->cert, name2, &value, 0);
140 if (result < 0) 142 if (result < 0)
141 { 143 {
142 MHD_gnutls_assert (); 144 MHD_gnutls_assert ();
@@ -177,7 +179,8 @@ MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert,
177 */ 179 */
178int 180int
179MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert, 181MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert,
180 int indx, void *oid, size_t * sizeof_oid) 182 int indx, void *oid,
183 size_t * sizeof_oid)
181{ 184{
182 int k, result, len; 185 int k, result, len;
183 char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE]; 186 char name[MAX_NAME_SIZE], name2[MAX_NAME_SIZE];
@@ -264,7 +267,7 @@ MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert,
264 */ 267 */
265int 268int
266MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage, 269MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage,
267 opaque * extnValue, int extnValueLen) 270 opaque * extnValue, int extnValueLen)
268{ 271{
269 ASN1_TYPE ext = ASN1_TYPE_EMPTY; 272 ASN1_TYPE ext = ASN1_TYPE_EMPTY;
270 int len, result; 273 int len, result;
@@ -309,16 +312,17 @@ MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage,
309 */ 312 */
310int 313int
311MHD__gnutls_x509_ext_extract_basicConstraints (int *CA, 314MHD__gnutls_x509_ext_extract_basicConstraints (int *CA,
312 int *pathLenConstraint, 315 int *pathLenConstraint,
313 opaque * extnValue, 316 opaque * extnValue,
314 int extnValueLen) 317 int extnValueLen)
315{ 318{
316 ASN1_TYPE ext = ASN1_TYPE_EMPTY; 319 ASN1_TYPE ext = ASN1_TYPE_EMPTY;
317 char str[128]; 320 char str[128];
318 int len, result; 321 int len, result;
319 322
320 if ((result = MHD__asn1_create_element 323 if ((result = MHD__asn1_create_element
321 (MHD__gnutls_get_pkix (), "PKIX1.BasicConstraints", &ext)) != ASN1_SUCCESS) 324 (MHD__gnutls_get_pkix (), "PKIX1.BasicConstraints",
325 &ext)) != ASN1_SUCCESS)
322 { 326 {
323 MHD_gnutls_assert (); 327 MHD_gnutls_assert ();
324 return MHD_gtls_asn2err (result); 328 return MHD_gtls_asn2err (result);
@@ -335,7 +339,8 @@ MHD__gnutls_x509_ext_extract_basicConstraints (int *CA,
335 if (pathLenConstraint) 339 if (pathLenConstraint)
336 { 340 {
337 result = MHD__gnutls_x509_read_uint (ext, "pathLenConstraint", 341 result = MHD__gnutls_x509_read_uint (ext, "pathLenConstraint",
338 (unsigned int*) pathLenConstraint); 342 (unsigned int *)
343 pathLenConstraint);
339 if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND) 344 if (result == GNUTLS_E_ASN1_ELEMENT_NOT_FOUND)
340 *pathLenConstraint = -1; 345 *pathLenConstraint = -1;
341 else if (result != GNUTLS_E_SUCCESS) 346 else if (result != GNUTLS_E_SUCCESS)
diff --git a/src/daemon/https/x509/extensions.h b/src/daemon/https/x509/extensions.h
index a124290e..fe4372f8 100644
--- a/src/daemon/https/x509/extensions.h
+++ b/src/daemon/https/x509/extensions.h
@@ -23,16 +23,17 @@
23 */ 23 */
24 24
25int MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert, 25int MHD__gnutls_x509_crt_get_extension (MHD_gnutls_x509_crt_t cert,
26 const char *extension_id, int indx, 26 const char *extension_id, int indx,
27 MHD_gnutls_datum_t * ret, 27 MHD_gnutls_datum_t * ret,
28 unsigned int *critical); 28 unsigned int *critical);
29 29
30int MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert, 30int MHD__gnutls_x509_crt_get_extension_oid (MHD_gnutls_x509_crt_t cert,
31 int indx, void *ret, 31 int indx, void *ret,
32 size_t * ret_size); 32 size_t * ret_size);
33int MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage, 33int MHD__gnutls_x509_ext_extract_keyUsage (uint16_t * keyUsage,
34 opaque * extnValue, int extnValueLen); 34 opaque * extnValue,
35 int extnValueLen);
35int MHD__gnutls_x509_ext_extract_basicConstraints (int *CA, 36int MHD__gnutls_x509_ext_extract_basicConstraints (int *CA,
36 int *pathLenConstraint, 37 int *pathLenConstraint,
37 opaque * extnValue, 38 opaque * extnValue,
38 int extnValueLen); 39 int extnValueLen);
diff --git a/src/daemon/https/x509/mpi.c b/src/daemon/https/x509/mpi.c
index 4e3c8cd1..76995fdb 100644
--- a/src/daemon/https/x509/mpi.c
+++ b/src/daemon/https/x509/mpi.c
@@ -44,8 +44,9 @@ MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize, mpi_t * params)
44 ASN1_TYPE spk = ASN1_TYPE_EMPTY; 44 ASN1_TYPE spk = ASN1_TYPE_EMPTY;
45 45
46 if ((result = 46 if ((result =
47 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.RSAPublicKey", 47 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
48 &spk)) != ASN1_SUCCESS) 48 "GNUTLS.RSAPublicKey",
49 &spk)) != ASN1_SUCCESS)
49 { 50 {
50 MHD_gnutls_assert (); 51 MHD_gnutls_assert ();
51 return MHD_gtls_asn2err (result); 52 return MHD_gtls_asn2err (result);
@@ -94,7 +95,7 @@ MHD__gnutls_x509_read_dsa_params (opaque * der, int dersize, mpi_t * params)
94 95
95 if ((result = 96 if ((result =
96 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.Dss-Parms", 97 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.Dss-Parms",
97 &spk)) != ASN1_SUCCESS) 98 &spk)) != ASN1_SUCCESS)
98 { 99 {
99 MHD_gnutls_assert (); 100 MHD_gnutls_assert ();
100 return MHD_gtls_asn2err (result); 101 return MHD_gtls_asn2err (result);
@@ -161,8 +162,9 @@ MHD__gnutls_x509_read_der_int (opaque * der, int dersize, mpi_t * out)
161 162
162 /* == INTEGER */ 163 /* == INTEGER */
163 if ((result = 164 if ((result =
164 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.DSAPublicKey", 165 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
165 &spk)) != ASN1_SUCCESS) 166 "GNUTLS.DSAPublicKey",
167 &spk)) != ASN1_SUCCESS)
166 { 168 {
167 MHD_gnutls_assert (); 169 MHD_gnutls_assert ();
168 return MHD_gtls_asn2err (result); 170 return MHD_gtls_asn2err (result);
@@ -206,7 +208,7 @@ MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, mpi_t * params)
206 */ 208 */
207int 209int
208MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert, 210MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert,
209 mpi_t * params, int *params_size) 211 mpi_t * params, int *params_size)
210{ 212{
211 int result; 213 int result;
212 int pk_algorithm; 214 int pk_algorithm;
@@ -220,8 +222,8 @@ MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert,
220 */ 222 */
221 result 223 result
222 = MHD__gnutls_x509_read_value (cert->cert, 224 = MHD__gnutls_x509_read_value (cert->cert,
223 "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey", 225 "tbsCertificate.subjectPublicKeyInfo.subjectPublicKey",
224 &tmp, 2); 226 &tmp, 2);
225 227
226 if (result < 0) 228 if (result < 0)
227 { 229 {
@@ -276,7 +278,7 @@ error:MHD__gnutls_free_datum (&tmp);
276 */ 278 */
277int 279int
278MHD__gnutls_x509_write_rsa_params (mpi_t * params, 280MHD__gnutls_x509_write_rsa_params (mpi_t * params,
279 int params_size, MHD_gnutls_datum_t * der) 281 int params_size, MHD_gnutls_datum_t * der)
280{ 282{
281 int result; 283 int result;
282 ASN1_TYPE spk = ASN1_TYPE_EMPTY; 284 ASN1_TYPE spk = ASN1_TYPE_EMPTY;
@@ -292,8 +294,9 @@ MHD__gnutls_x509_write_rsa_params (mpi_t * params,
292 } 294 }
293 295
294 if ((result = 296 if ((result =
295 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.RSAPublicKey", 297 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
296 &spk)) != ASN1_SUCCESS) 298 "GNUTLS.RSAPublicKey",
299 &spk)) != ASN1_SUCCESS)
297 { 300 {
298 MHD_gnutls_assert (); 301 MHD_gnutls_assert ();
299 return MHD_gtls_asn2err (result); 302 return MHD_gtls_asn2err (result);
@@ -334,11 +337,11 @@ cleanup:MHD__asn1_delete_structure (&spk);
334 */ 337 */
335int 338int
336MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst, 339MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst,
337 const char *dst_name, 340 const char *dst_name,
338 enum MHD_GNUTLS_PublicKeyAlgorithm 341 enum MHD_GNUTLS_PublicKeyAlgorithm
339 pk_algorithm, 342 pk_algorithm,
340 enum MHD_GNUTLS_HashAlgorithm dig, 343 enum MHD_GNUTLS_HashAlgorithm dig,
341 mpi_t * params, int params_size) 344 mpi_t * params, int params_size)
342{ 345{
343 int result; 346 int result;
344 char name[128]; 347 char name[128];
@@ -391,7 +394,7 @@ MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst,
391 */ 394 */
392int 395int
393MHD__gnutls_x509_write_dsa_params (mpi_t * params, 396MHD__gnutls_x509_write_dsa_params (mpi_t * params,
394 int params_size, MHD_gnutls_datum_t * der) 397 int params_size, MHD_gnutls_datum_t * der)
395{ 398{
396 int result; 399 int result;
397 ASN1_TYPE spk = ASN1_TYPE_EMPTY; 400 ASN1_TYPE spk = ASN1_TYPE_EMPTY;
@@ -407,8 +410,9 @@ MHD__gnutls_x509_write_dsa_params (mpi_t * params,
407 } 410 }
408 411
409 if ((result = 412 if ((result =
410 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.DSAParameters", 413 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
411 &spk)) != ASN1_SUCCESS) 414 "GNUTLS.DSAParameters",
415 &spk)) != ASN1_SUCCESS)
412 { 416 {
413 MHD_gnutls_assert (); 417 MHD_gnutls_assert ();
414 return MHD_gtls_asn2err (result); 418 return MHD_gtls_asn2err (result);
@@ -456,7 +460,8 @@ cleanup:MHD__asn1_delete_structure (&spk);
456 */ 460 */
457int 461int
458MHD__gnutls_x509_write_dsa_public_key (mpi_t * params, 462MHD__gnutls_x509_write_dsa_public_key (mpi_t * params,
459 int params_size, MHD_gnutls_datum_t * der) 463 int params_size,
464 MHD_gnutls_datum_t * der)
460{ 465{
461 int result; 466 int result;
462 ASN1_TYPE spk = ASN1_TYPE_EMPTY; 467 ASN1_TYPE spk = ASN1_TYPE_EMPTY;
@@ -472,8 +477,9 @@ MHD__gnutls_x509_write_dsa_public_key (mpi_t * params,
472 } 477 }
473 478
474 if ((result = 479 if ((result =
475 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.DSAPublicKey", 480 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
476 &spk)) != ASN1_SUCCESS) 481 "GNUTLS.DSAPublicKey",
482 &spk)) != ASN1_SUCCESS)
477 { 483 {
478 MHD_gnutls_assert (); 484 MHD_gnutls_assert ();
479 return MHD_gtls_asn2err (result); 485 return MHD_gtls_asn2err (result);
@@ -505,7 +511,8 @@ cleanup:MHD__asn1_delete_structure (&spk);
505 * steps. 511 * steps.
506 */ 512 */
507int 513int
508MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value, unsigned int *ret) 514MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value,
515 unsigned int *ret)
509{ 516{
510 int len, result; 517 int len, result;
511 opaque *tmpstr; 518 opaque *tmpstr;
@@ -557,7 +564,8 @@ MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value, unsigned int *ret
557/* Writes the specified integer into the specified node. 564/* Writes the specified integer into the specified node.
558 */ 565 */
559int 566int
560MHD__gnutls_x509_write_uint32 (ASN1_TYPE node, const char *value, uint32_t num) 567MHD__gnutls_x509_write_uint32 (ASN1_TYPE node, const char *value,
568 uint32_t num)
561{ 569{
562 opaque tmpstr[4]; 570 opaque tmpstr[4];
563 int result; 571 int result;
diff --git a/src/daemon/https/x509/mpi.h b/src/daemon/https/x509/mpi.h
index 6c4534b4..edac2eee 100644
--- a/src/daemon/https/x509/mpi.h
+++ b/src/daemon/https/x509/mpi.h
@@ -26,32 +26,35 @@
26#include "x509.h" 26#include "x509.h"
27 27
28int MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert, 28int MHD__gnutls_x509_crt_get_mpis (MHD_gnutls_x509_crt_t cert,
29 mpi_t * params, int *params_size); 29 mpi_t * params, int *params_size);
30int MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize, mpi_t * params); 30int MHD__gnutls_x509_read_rsa_params (opaque * der, int dersize,
31int MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize, mpi_t * params); 31 mpi_t * params);
32int MHD__gnutls_x509_read_dsa_params (opaque * der, int dersize, mpi_t * params); 32int MHD__gnutls_x509_read_dsa_pubkey (opaque * der, int dersize,
33 mpi_t * params);
34int MHD__gnutls_x509_read_dsa_params (opaque * der, int dersize,
35 mpi_t * params);
33 36
34int MHD__gnutls_x509_write_rsa_params (mpi_t * params, int params_size, 37int MHD__gnutls_x509_write_rsa_params (mpi_t * params, int params_size,
35 MHD_gnutls_datum_t * der); 38 MHD_gnutls_datum_t * der);
36int MHD__gnutls_x509_write_dsa_params (mpi_t * params, int params_size, 39int MHD__gnutls_x509_write_dsa_params (mpi_t * params, int params_size,
37 MHD_gnutls_datum_t * der);
38int MHD__gnutls_x509_write_dsa_public_key (mpi_t * params, int params_size,
39 MHD_gnutls_datum_t * der); 40 MHD_gnutls_datum_t * der);
41int MHD__gnutls_x509_write_dsa_public_key (mpi_t * params, int params_size,
42 MHD_gnutls_datum_t * der);
40 43
41int MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value, 44int MHD__gnutls_x509_read_uint (ASN1_TYPE node, const char *value,
42 unsigned int *ret); 45 unsigned int *ret);
43 46
44int MHD__gnutls_x509_read_der_int (opaque * der, int dersize, mpi_t * out); 47int MHD__gnutls_x509_read_der_int (opaque * der, int dersize, mpi_t * out);
45 48
46int MHD__gnutls_x509_read_int (ASN1_TYPE node, const char *value, 49int MHD__gnutls_x509_read_int (ASN1_TYPE node, const char *value,
47 mpi_t * ret_mpi); 50 mpi_t * ret_mpi);
48int MHD__gnutls_x509_write_int (ASN1_TYPE node, const char *value, mpi_t mpi, 51int MHD__gnutls_x509_write_int (ASN1_TYPE node, const char *value, mpi_t mpi,
49 int lz); 52 int lz);
50int MHD__gnutls_x509_write_uint32 (ASN1_TYPE node, const char *value, 53int MHD__gnutls_x509_write_uint32 (ASN1_TYPE node, const char *value,
51 uint32_t num); 54 uint32_t num);
52 55
53int MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst, const char *dst_name, 56int MHD__gnutls_x509_write_sig_params (ASN1_TYPE dst, const char *dst_name,
54 enum MHD_GNUTLS_PublicKeyAlgorithm 57 enum MHD_GNUTLS_PublicKeyAlgorithm
55 pk_algorithm, 58 pk_algorithm,
56 enum MHD_GNUTLS_HashAlgorithm, 59 enum MHD_GNUTLS_HashAlgorithm,
57 mpi_t * params, int params_size); 60 mpi_t * params, int params_size);
diff --git a/src/daemon/https/x509/pkcs12.h b/src/daemon/https/x509/pkcs12.h
index a9738b94..74d4d06b 100644
--- a/src/daemon/https/x509/pkcs12.h
+++ b/src/daemon/https/x509/pkcs12.h
@@ -81,37 +81,40 @@ extern "C"
81 int MHD_gnutls_pkcs12_init (MHD_gnutls_pkcs12_t * pkcs12); 81 int MHD_gnutls_pkcs12_init (MHD_gnutls_pkcs12_t * pkcs12);
82 void MHD_gnutls_pkcs12_deinit (MHD_gnutls_pkcs12_t pkcs12); 82 void MHD_gnutls_pkcs12_deinit (MHD_gnutls_pkcs12_t pkcs12);
83 int MHD_gnutls_pkcs12_import (MHD_gnutls_pkcs12_t pkcs12, 83 int MHD_gnutls_pkcs12_import (MHD_gnutls_pkcs12_t pkcs12,
84 const MHD_gnutls_datum_t * data, 84 const MHD_gnutls_datum_t * data,
85 MHD_gnutls_x509_crt_fmt_t format, unsigned int flags); 85 MHD_gnutls_x509_crt_fmt_t format,
86 unsigned int flags);
86 int MHD_gnutls_pkcs12_export (MHD_gnutls_pkcs12_t pkcs12, 87 int MHD_gnutls_pkcs12_export (MHD_gnutls_pkcs12_t pkcs12,
87 MHD_gnutls_x509_crt_fmt_t format, 88 MHD_gnutls_x509_crt_fmt_t format,
88 void *output_data, size_t * output_data_size); 89 void *output_data, size_t * output_data_size);
89 90
90 int MHD_gnutls_pkcs12_bag_decrypt (MHD_gnutls_pkcs12_bag_t bag, const char *pass); 91 int MHD_gnutls_pkcs12_bag_decrypt (MHD_gnutls_pkcs12_bag_t bag,
92 const char *pass);
91 int MHD_gnutls_pkcs12_bag_encrypt (MHD_gnutls_pkcs12_bag_t bag, 93 int MHD_gnutls_pkcs12_bag_encrypt (MHD_gnutls_pkcs12_bag_t bag,
92 const char *pass, unsigned int flags); 94 const char *pass, unsigned int flags);
93 95
94 int MHD_gnutls_pkcs12_bag_get_data (MHD_gnutls_pkcs12_bag_t bag, 96 int MHD_gnutls_pkcs12_bag_get_data (MHD_gnutls_pkcs12_bag_t bag,
95 int indx, MHD_gnutls_datum_t * data); 97 int indx, MHD_gnutls_datum_t * data);
96 int MHD_gnutls_pkcs12_bag_set_data (MHD_gnutls_pkcs12_bag_t bag, 98 int MHD_gnutls_pkcs12_bag_set_data (MHD_gnutls_pkcs12_bag_t bag,
97 MHD_gnutls_pkcs12_bag_type_t type, 99 MHD_gnutls_pkcs12_bag_type_t type,
98 const MHD_gnutls_datum_t * data); 100 const MHD_gnutls_datum_t * data);
99 int MHD_gnutls_pkcs12_bag_set_crl (MHD_gnutls_pkcs12_bag_t bag, 101 int MHD_gnutls_pkcs12_bag_set_crl (MHD_gnutls_pkcs12_bag_t bag,
100 MHD_gnutls_x509_crl_t crl); 102 MHD_gnutls_x509_crl_t crl);
101 int MHD_gnutls_pkcs12_bag_set_crt (MHD_gnutls_pkcs12_bag_t bag, 103 int MHD_gnutls_pkcs12_bag_set_crt (MHD_gnutls_pkcs12_bag_t bag,
102 MHD_gnutls_x509_crt_t crt); 104 MHD_gnutls_x509_crt_t crt);
103 105
104 int MHD_gnutls_pkcs12_bag_get_count (MHD_gnutls_pkcs12_bag_t bag); 106 int MHD_gnutls_pkcs12_bag_get_count (MHD_gnutls_pkcs12_bag_t bag);
105 107
106 int MHD_gnutls_pkcs12_bag_get_key_id (MHD_gnutls_pkcs12_bag_t bag, 108 int MHD_gnutls_pkcs12_bag_get_key_id (MHD_gnutls_pkcs12_bag_t bag,
107 int indx, MHD_gnutls_datum_t * id); 109 int indx, MHD_gnutls_datum_t * id);
108 int MHD_gnutls_pkcs12_bag_set_key_id (MHD_gnutls_pkcs12_bag_t bag, 110 int MHD_gnutls_pkcs12_bag_set_key_id (MHD_gnutls_pkcs12_bag_t bag,
109 int indx, const MHD_gnutls_datum_t * id); 111 int indx,
112 const MHD_gnutls_datum_t * id);
110 113
111 int MHD_gnutls_pkcs12_bag_get_friendly_name (MHD_gnutls_pkcs12_bag_t bag, 114 int MHD_gnutls_pkcs12_bag_get_friendly_name (MHD_gnutls_pkcs12_bag_t bag,
112 int indx, char **name); 115 int indx, char **name);
113 int MHD_gnutls_pkcs12_bag_set_friendly_name (MHD_gnutls_pkcs12_bag_t bag, 116 int MHD_gnutls_pkcs12_bag_set_friendly_name (MHD_gnutls_pkcs12_bag_t bag,
114 int indx, const char *name); 117 int indx, const char *name);
115 118
116#ifdef __cplusplus 119#ifdef __cplusplus
117} 120}
@@ -136,10 +139,10 @@ typedef enum schema_id
136} schema_id; 139} schema_id;
137 140
138int MHD_pkcs12_string_to_key (unsigned int id, 141int MHD_pkcs12_string_to_key (unsigned int id,
139 const opaque * salt, 142 const opaque * salt,
140 unsigned int salt_size, 143 unsigned int salt_size,
141 unsigned int iter, 144 unsigned int iter,
142 const char *pw, 145 const char *pw,
143 unsigned int req_keylen, opaque * keybuf); 146 unsigned int req_keylen, opaque * keybuf);
144 147
145#endif /* GNUTLS_PKCS12_H */ 148#endif /* GNUTLS_PKCS12_H */
diff --git a/src/daemon/https/x509/pkcs12_encr.c b/src/daemon/https/x509/pkcs12_encr.c
index 0cfb59e5..e534489c 100644
--- a/src/daemon/https/x509/pkcs12_encr.c
+++ b/src/daemon/https/x509/pkcs12_encr.c
@@ -55,9 +55,9 @@ MHD_pkcs12_check_pass (const char *pass, size_t plen)
55 */ 55 */
56int 56int
57MHD_pkcs12_string_to_key (unsigned int id, const opaque * salt, 57MHD_pkcs12_string_to_key (unsigned int id, const opaque * salt,
58 unsigned int salt_size, unsigned int iter, 58 unsigned int salt_size, unsigned int iter,
59 const char *pw, unsigned int req_keylen, 59 const char *pw, unsigned int req_keylen,
60 opaque * keybuf) 60 opaque * keybuf)
61{ 61{
62 int rc; 62 int rc;
63 unsigned int i, j; 63 unsigned int i, j;
@@ -115,13 +115,13 @@ MHD_pkcs12_string_to_key (unsigned int id, const opaque * salt,
115 for (i = 0; i < 64; i++) 115 for (i = 0; i < 64; i++)
116 { 116 {
117 unsigned char lid = id & 0xFF; 117 unsigned char lid = id & 0xFF;
118 MHD_gc_hash_write (md, 1, (const char*) &lid); 118 MHD_gc_hash_write (md, 1, (const char *) &lid);
119 } 119 }
120 MHD_gc_hash_write (md, pw ? 128 : 64, (const char*) buf_i); 120 MHD_gc_hash_write (md, pw ? 128 : 64, (const char *) buf_i);
121 memcpy (hash, MHD_gc_hash_read (md), 20); 121 memcpy (hash, MHD_gc_hash_read (md), 20);
122 MHD_gc_hash_close (md); 122 MHD_gc_hash_close (md);
123 for (i = 1; i < iter; i++) 123 for (i = 1; i < iter; i++)
124 MHD_gc_hash_buffer (GC_SHA1, hash, 20, (char*) hash); 124 MHD_gc_hash_buffer (GC_SHA1, hash, 20, (char *) hash);
125 for (i = 0; i < 20 && cur_keylen < req_keylen; i++) 125 for (i = 0; i < 20 && cur_keylen < req_keylen; i++)
126 keybuf[cur_keylen++] = hash[i]; 126 keybuf[cur_keylen++] = hash[i];
127 if (cur_keylen == req_keylen) 127 if (cur_keylen == req_keylen)
diff --git a/src/daemon/https/x509/pkcs7.c b/src/daemon/https/x509/pkcs7.c
index 8b0b6b54..45f2b03c 100644
--- a/src/daemon/https/x509/pkcs7.c
+++ b/src/daemon/https/x509/pkcs7.c
@@ -69,7 +69,8 @@ _decode_pkcs7_signed_data (ASN1_TYPE pkcs7, ASN1_TYPE * sdata,
69 } 69 }
70 70
71 if ((result = MHD__asn1_create_element 71 if ((result = MHD__asn1_create_element
72 (MHD__gnutls_get_pkix (), "PKIX1.pkcs-7-SignedData", &c2)) != ASN1_SUCCESS) 72 (MHD__gnutls_get_pkix (), "PKIX1.pkcs-7-SignedData",
73 &c2)) != ASN1_SUCCESS)
73 { 74 {
74 MHD_gnutls_assert (); 75 MHD_gnutls_assert ();
75 return MHD_gtls_asn2err (result); 76 return MHD_gtls_asn2err (result);
@@ -158,8 +159,8 @@ MHD_gnutls_pkcs7_init (MHD_gnutls_pkcs7_t * pkcs7)
158 if (*pkcs7) 159 if (*pkcs7)
159 { 160 {
160 int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), 161 int result = MHD__asn1_create_element (MHD__gnutls_get_pkix (),
161 "PKIX1.pkcs-7-ContentInfo", 162 "PKIX1.pkcs-7-ContentInfo",
162 &(*pkcs7)->pkcs7); 163 &(*pkcs7)->pkcs7);
163 if (result != ASN1_SUCCESS) 164 if (result != ASN1_SUCCESS)
164 { 165 {
165 MHD_gnutls_assert (); 166 MHD_gnutls_assert ();
@@ -205,8 +206,9 @@ MHD_gnutls_pkcs7_deinit (MHD_gnutls_pkcs7_t pkcs7)
205 * 206 *
206 **/ 207 **/
207int 208int
208MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * data, 209MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7,
209 MHD_gnutls_x509_crt_fmt_t format) 210 const MHD_gnutls_datum_t * data,
211 MHD_gnutls_x509_crt_fmt_t format)
210{ 212{
211 int result = 0, need_free = 0; 213 int result = 0, need_free = 0;
212 MHD_gnutls_datum_t _data; 214 MHD_gnutls_datum_t _data;
@@ -224,7 +226,7 @@ MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * da
224 opaque *out; 226 opaque *out;
225 227
226 result = MHD__gnutls_fbase64_decode (PEM_PKCS7, data->data, data->size, 228 result = MHD__gnutls_fbase64_decode (PEM_PKCS7, data->data, data->size,
227 &out); 229 &out);
228 230
229 if (result <= 0) 231 if (result <= 0)
230 { 232 {
@@ -241,7 +243,8 @@ MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * da
241 } 243 }
242 244
243 245
244 result = MHD__asn1_der_decoding (&pkcs7->pkcs7, _data.data, _data.size, NULL); 246 result =
247 MHD__asn1_der_decoding (&pkcs7->pkcs7, _data.data, _data.size, NULL);
245 if (result != ASN1_SUCCESS) 248 if (result != ASN1_SUCCESS)
246 { 249 {
247 result = MHD_gtls_asn2err (result); 250 result = MHD_gtls_asn2err (result);
@@ -277,8 +280,8 @@ cleanup:
277 **/ 280 **/
278int 281int
279MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7, 282MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7,
280 int indx, void *certificate, 283 int indx, void *certificate,
281 size_t * certificate_size) 284 size_t * certificate_size)
282{ 285{
283 ASN1_TYPE c2 = ASN1_TYPE_EMPTY; 286 ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
284 int result, len; 287 int result, len;
@@ -327,7 +330,7 @@ MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7,
327 int start, end; 330 int start, end;
328 331
329 result = MHD__asn1_der_decoding_startEnd (c2, tmp.data, tmp.size, 332 result = MHD__asn1_der_decoding_startEnd (c2, tmp.data, tmp.size,
330 root2, &start, &end); 333 root2, &start, &end);
331 334
332 if (result != ASN1_SUCCESS) 335 if (result != ASN1_SUCCESS)
333 { 336 {
@@ -432,14 +435,14 @@ MHD_gnutls_pkcs7_get_crt_count (MHD_gnutls_pkcs7_t pkcs7)
432 **/ 435 **/
433int 436int
434MHD_gnutls_pkcs7_export (MHD_gnutls_pkcs7_t pkcs7, 437MHD_gnutls_pkcs7_export (MHD_gnutls_pkcs7_t pkcs7,
435 MHD_gnutls_x509_crt_fmt_t format, void *output_data, 438 MHD_gnutls_x509_crt_fmt_t format, void *output_data,
436 size_t * output_data_size) 439 size_t * output_data_size)
437{ 440{
438 if (pkcs7 == NULL) 441 if (pkcs7 == NULL)
439 return GNUTLS_E_INVALID_REQUEST; 442 return GNUTLS_E_INVALID_REQUEST;
440 443
441 return MHD__gnutls_x509_export_int (pkcs7->pkcs7, format, PEM_PKCS7, 444 return MHD__gnutls_x509_export_int (pkcs7->pkcs7, format, PEM_PKCS7,
442 output_data, output_data_size); 445 output_data, output_data_size);
443} 446}
444 447
445/* Creates an empty signed data structure in the pkcs7 448/* Creates an empty signed data structure in the pkcs7
@@ -478,7 +481,7 @@ create_empty_signed_data (ASN1_TYPE pkcs7, ASN1_TYPE * sdata)
478 /* id-data */ 481 /* id-data */
479 result = 482 result =
480 MHD__asn1_write_value (*sdata, "encapContentInfo.eContentType", 483 MHD__asn1_write_value (*sdata, "encapContentInfo.eContentType",
481 "1.2.840.113549.1.7.5", 1); 484 "1.2.840.113549.1.7.5", 1);
482 if (result != ASN1_SUCCESS) 485 if (result != ASN1_SUCCESS)
483 { 486 {
484 MHD_gnutls_assert (); 487 MHD_gnutls_assert ();
@@ -486,7 +489,8 @@ create_empty_signed_data (ASN1_TYPE pkcs7, ASN1_TYPE * sdata)
486 goto cleanup; 489 goto cleanup;
487 } 490 }
488 491
489 result = MHD__asn1_write_value (*sdata, "encapContentInfo.eContent", NULL, 0); 492 result =
493 MHD__asn1_write_value (*sdata, "encapContentInfo.eContent", NULL, 0);
490 if (result != ASN1_SUCCESS) 494 if (result != ASN1_SUCCESS)
491 { 495 {
492 MHD_gnutls_assert (); 496 MHD_gnutls_assert ();
@@ -531,7 +535,8 @@ cleanup:
531 * 535 *
532 **/ 536 **/
533int 537int
534MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * crt) 538MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7,
539 const MHD_gnutls_datum_t * crt)
535{ 540{
536 ASN1_TYPE c2 = ASN1_TYPE_EMPTY; 541 ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
537 int result; 542 int result;
@@ -585,7 +590,7 @@ MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t
585 590
586 result = 591 result =
587 MHD__asn1_write_value (c2, "certificates.?LAST.certificate", crt->data, 592 MHD__asn1_write_value (c2, "certificates.?LAST.certificate", crt->data,
588 crt->size); 593 crt->size);
589 if (result != ASN1_SUCCESS) 594 if (result != ASN1_SUCCESS)
590 { 595 {
591 MHD_gnutls_assert (); 596 MHD_gnutls_assert ();
@@ -735,7 +740,7 @@ cleanup:
735 **/ 740 **/
736int 741int
737MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7, 742MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7,
738 int indx, void *crl, size_t * crl_size) 743 int indx, void *crl, size_t * crl_size)
739{ 744{
740 ASN1_TYPE c2 = ASN1_TYPE_EMPTY; 745 ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
741 int result; 746 int result;
@@ -763,7 +768,7 @@ MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7,
763 /* Get the raw CRL 768 /* Get the raw CRL
764 */ 769 */
765 result = MHD__asn1_der_decoding_startEnd (c2, tmp.data, tmp.size, 770 result = MHD__asn1_der_decoding_startEnd (c2, tmp.data, tmp.size,
766 root2, &start, &end); 771 root2, &start, &end);
767 772
768 if (result != ASN1_SUCCESS) 773 if (result != ASN1_SUCCESS)
769 { 774 {
@@ -849,7 +854,8 @@ MHD_gnutls_pkcs7_get_crl_count (MHD_gnutls_pkcs7_t pkcs7)
849 * 854 *
850 **/ 855 **/
851int 856int
852MHD_gnutls_pkcs7_set_crl_raw (MHD_gnutls_pkcs7_t pkcs7, const MHD_gnutls_datum_t * crl) 857MHD_gnutls_pkcs7_set_crl_raw (MHD_gnutls_pkcs7_t pkcs7,
858 const MHD_gnutls_datum_t * crl)
853{ 859{
854 ASN1_TYPE c2 = ASN1_TYPE_EMPTY; 860 ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
855 int result; 861 int result;
diff --git a/src/daemon/https/x509/privkey.h b/src/daemon/https/x509/privkey.h
index 31fc2d72..37c68703 100644
--- a/src/daemon/https/x509/privkey.h
+++ b/src/daemon/https/x509/privkey.h
@@ -25,7 +25,8 @@
25#include "x509.h" 25#include "x509.h"
26 26
27ASN1_TYPE MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * 27ASN1_TYPE MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t *
28 raw_key, 28 raw_key,
29 MHD_gnutls_x509_privkey_t pkey); 29 MHD_gnutls_x509_privkey_t
30 pkey);
30 31
31int MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params); 32int MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params);
diff --git a/src/daemon/https/x509/privkey_pkcs8.c b/src/daemon/https/x509/privkey_pkcs8.c
index 741552e1..30f2caae 100644
--- a/src/daemon/https/x509/privkey_pkcs8.c
+++ b/src/daemon/https/x509/privkey_pkcs8.c
@@ -82,7 +82,7 @@ static int decrypt_data (schema_id, ASN1_TYPE pkcs8_asn, const char *root,
82static int decode_private_key_info (const MHD_gnutls_datum_t * der, 82static int decode_private_key_info (const MHD_gnutls_datum_t * der,
83 MHD_gnutls_x509_privkey_t pkey); 83 MHD_gnutls_x509_privkey_t pkey);
84static int readMHD_pkcs12_kdf_params (ASN1_TYPE pbes2_asn, 84static int readMHD_pkcs12_kdf_params (ASN1_TYPE pbes2_asn,
85 struct pbkdf2_params *params); 85 struct pbkdf2_params *params);
86 86
87#define PEM_PKCS8 "ENCRYPTED PRIVATE KEY" 87#define PEM_PKCS8 "ENCRYPTED PRIVATE KEY"
88#define PEM_UNENCRYPTED_PKCS8 "PRIVATE KEY" 88#define PEM_UNENCRYPTED_PKCS8 "PRIVATE KEY"
@@ -106,7 +106,8 @@ check_schema (const char *oid)
106 if (strcmp (oid, PKCS12_PBE_RC2_40_SHA1_OID) == 0) 106 if (strcmp (oid, PKCS12_PBE_RC2_40_SHA1_OID) == 0)
107 return PKCS12_RC2_40_SHA1; 107 return PKCS12_RC2_40_SHA1;
108 108
109 MHD__gnutls_x509_log ("PKCS encryption schema OID '%s' is unsupported.\n", oid); 109 MHD__gnutls_x509_log ("PKCS encryption schema OID '%s' is unsupported.\n",
110 oid);
110 111
111 return GNUTLS_E_UNKNOWN_CIPHER_TYPE; 112 return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
112} 113}
@@ -134,8 +135,8 @@ read_pkcs_schema_params (schema_id schema, const char *password,
134 */ 135 */
135 if ((result = 136 if ((result =
136 MHD__asn1_create_element (MHD__gnutls_get_pkix (), 137 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
137 "PKIX1.pkcs-5-PBES2-params", 138 "PKIX1.pkcs-5-PBES2-params",
138 &pbes2_asn)) != ASN1_SUCCESS) 139 &pbes2_asn)) != ASN1_SUCCESS)
139 { 140 {
140 MHD_gnutls_assert (); 141 MHD_gnutls_assert ();
141 result = MHD_gtls_asn2err (result); 142 result = MHD_gtls_asn2err (result);
@@ -197,8 +198,8 @@ read_pkcs_schema_params (schema_id schema, const char *password,
197 198
198 if ((result = 199 if ((result =
199 MHD__asn1_create_element (MHD__gnutls_get_pkix (), 200 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
200 "PKIX1.pkcs-12-PbeParams", 201 "PKIX1.pkcs-12-PbeParams",
201 &pbes2_asn)) != ASN1_SUCCESS) 202 &pbes2_asn)) != ASN1_SUCCESS)
202 { 203 {
203 MHD_gnutls_assert (); 204 MHD_gnutls_assert ();
204 result = MHD_gtls_asn2err (result); 205 result = MHD_gtls_asn2err (result);
@@ -226,9 +227,9 @@ read_pkcs_schema_params (schema_id schema, const char *password,
226 { 227 {
227 result = 228 result =
228 MHD_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt, 229 MHD_pkcs12_string_to_key (2 /*IV*/, kdf_params->salt,
229 kdf_params->salt_size, 230 kdf_params->salt_size,
230 kdf_params->iter_count, password, 231 kdf_params->iter_count, password,
231 enc_params->iv_size, enc_params->iv); 232 enc_params->iv_size, enc_params->iv);
232 if (result < 0) 233 if (result < 0)
233 { 234 {
234 MHD_gnutls_assert (); 235 MHD_gnutls_assert ();
@@ -270,15 +271,16 @@ decode_pkcs8_key (const MHD_gnutls_datum_t * raw_key,
270 271
271 if ((result = 272 if ((result =
272 MHD__asn1_create_element (MHD__gnutls_get_pkix (), 273 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
273 "PKIX1.pkcs-8-EncryptedPrivateKeyInfo", 274 "PKIX1.pkcs-8-EncryptedPrivateKeyInfo",
274 &pkcs8_asn)) != ASN1_SUCCESS) 275 &pkcs8_asn)) != ASN1_SUCCESS)
275 { 276 {
276 MHD_gnutls_assert (); 277 MHD_gnutls_assert ();
277 result = MHD_gtls_asn2err (result); 278 result = MHD_gtls_asn2err (result);
278 goto error; 279 goto error;
279 } 280 }
280 281
281 result = MHD__asn1_der_decoding (&pkcs8_asn, raw_key->data, raw_key->size, NULL); 282 result =
283 MHD__asn1_der_decoding (&pkcs8_asn, raw_key->data, raw_key->size, NULL);
282 if (result != ASN1_SUCCESS) 284 if (result != ASN1_SUCCESS)
283 { 285 {
284 MHD_gnutls_assert (); 286 MHD_gnutls_assert ();
@@ -291,7 +293,7 @@ decode_pkcs8_key (const MHD_gnutls_datum_t * raw_key,
291 len = sizeof (enc_oid); 293 len = sizeof (enc_oid);
292 result = 294 result =
293 MHD__asn1_read_value (pkcs8_asn, "encryptionAlgorithm.algorithm", 295 MHD__asn1_read_value (pkcs8_asn, "encryptionAlgorithm.algorithm",
294 enc_oid, &len); 296 enc_oid, &len);
295 if (result != ASN1_SUCCESS) 297 if (result != ASN1_SUCCESS)
296 { 298 {
297 MHD_gnutls_assert (); 299 MHD_gnutls_assert ();
@@ -310,9 +312,9 @@ decode_pkcs8_key (const MHD_gnutls_datum_t * raw_key,
310 */ 312 */
311 result = 313 result =
312 MHD__asn1_der_decoding_startEnd (pkcs8_asn, raw_key->data, 314 MHD__asn1_der_decoding_startEnd (pkcs8_asn, raw_key->data,
313 raw_key->size, 315 raw_key->size,
314 "encryptionAlgorithm.parameters", 316 "encryptionAlgorithm.parameters",
315 &params_start, &params_end); 317 &params_start, &params_end);
316 if (result != ASN1_SUCCESS) 318 if (result != ASN1_SUCCESS)
317 { 319 {
318 MHD_gnutls_assert (); 320 MHD_gnutls_assert ();
@@ -416,8 +418,8 @@ decode_private_key_info (const MHD_gnutls_datum_t * der,
416 418
417 if ((result = 419 if ((result =
418 MHD__asn1_create_element (MHD__gnutls_get_pkix (), 420 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
419 "PKIX1.pkcs-8-PrivateKeyInfo", 421 "PKIX1.pkcs-8-PrivateKeyInfo",
420 &pkcs8_asn)) != ASN1_SUCCESS) 422 &pkcs8_asn)) != ASN1_SUCCESS)
421 { 423 {
422 MHD_gnutls_assert (); 424 MHD_gnutls_assert ();
423 result = MHD_gtls_asn2err (result); 425 result = MHD_gtls_asn2err (result);
@@ -436,7 +438,8 @@ decode_private_key_info (const MHD_gnutls_datum_t * der,
436 */ 438 */
437 len = sizeof (oid); 439 len = sizeof (oid);
438 result = 440 result =
439 MHD__asn1_read_value (pkcs8_asn, "privateKeyAlgorithm.algorithm", oid, &len); 441 MHD__asn1_read_value (pkcs8_asn, "privateKeyAlgorithm.algorithm", oid,
442 &len);
440 if (result != ASN1_SUCCESS) 443 if (result != ASN1_SUCCESS)
441 { 444 {
442 MHD_gnutls_assert (); 445 MHD_gnutls_assert ();
@@ -446,7 +449,7 @@ decode_private_key_info (const MHD_gnutls_datum_t * der,
446 449
447 /* we only support RSA and DSA private keys. 450 /* we only support RSA and DSA private keys.
448 */ 451 */
449 if (strcmp ((const char*) oid, PK_PKIX1_RSA_OID) == 0) 452 if (strcmp ((const char *) oid, PK_PKIX1_RSA_OID) == 0)
450 pkey->pk_algorithm = MHD_GNUTLS_PK_RSA; 453 pkey->pk_algorithm = MHD_GNUTLS_PK_RSA;
451 else 454 else
452 { 455 {
@@ -502,9 +505,10 @@ error:
502 **/ 505 **/
503int 506int
504MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key, 507MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key,
505 const MHD_gnutls_datum_t * data, 508 const MHD_gnutls_datum_t * data,
506 MHD_gnutls_x509_crt_fmt_t format, 509 MHD_gnutls_x509_crt_fmt_t format,
507 const char *password, unsigned int flags) 510 const char *password,
511 unsigned int flags)
508{ 512{
509 int result = 0, need_free = 0; 513 int result = 0, need_free = 0;
510 MHD_gnutls_datum_t _data; 514 MHD_gnutls_datum_t _data;
@@ -530,13 +534,14 @@ MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key,
530 */ 534 */
531 result = 535 result =
532 MHD__gnutls_fbase64_decode (PEM_UNENCRYPTED_PKCS8, 536 MHD__gnutls_fbase64_decode (PEM_UNENCRYPTED_PKCS8,
533 data->data, data->size, &out); 537 data->data, data->size, &out);
534 538
535 if (result < 0) 539 if (result < 0)
536 { /* Try the encrypted header 540 { /* Try the encrypted header
537 */ 541 */
538 result = 542 result =
539 MHD__gnutls_fbase64_decode (PEM_PKCS8, data->data, data->size, &out); 543 MHD__gnutls_fbase64_decode (PEM_PKCS8, data->data, data->size,
544 &out);
540 545
541 if (result <= 0) 546 if (result <= 0)
542 { 547 {
@@ -589,7 +594,8 @@ cleanup:
589 */ 594 */
590static int 595static int
591read_pbkdf2_params (ASN1_TYPE pbes2_asn, 596read_pbkdf2_params (ASN1_TYPE pbes2_asn,
592 const MHD_gnutls_datum_t * der, struct pbkdf2_params *params) 597 const MHD_gnutls_datum_t * der,
598 struct pbkdf2_params *params)
593{ 599{
594 int params_start, params_end; 600 int params_start, params_end;
595 int params_len, len, result; 601 int params_len, len, result;
@@ -602,7 +608,8 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn,
602 */ 608 */
603 len = sizeof (oid); 609 len = sizeof (oid);
604 result = 610 result =
605 MHD__asn1_read_value (pbes2_asn, "keyDerivationFunc.algorithm", oid, &len); 611 MHD__asn1_read_value (pbes2_asn, "keyDerivationFunc.algorithm", oid,
612 &len);
606 if (result != ASN1_SUCCESS) 613 if (result != ASN1_SUCCESS)
607 { 614 {
608 MHD_gnutls_assert (); 615 MHD_gnutls_assert ();
@@ -620,8 +627,8 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn,
620 627
621 result = 628 result =
622 MHD__asn1_der_decoding_startEnd (pbes2_asn, der->data, der->size, 629 MHD__asn1_der_decoding_startEnd (pbes2_asn, der->data, der->size,
623 "keyDerivationFunc.parameters", 630 "keyDerivationFunc.parameters",
624 &params_start, &params_end); 631 &params_start, &params_end);
625 if (result != ASN1_SUCCESS) 632 if (result != ASN1_SUCCESS)
626 { 633 {
627 MHD_gnutls_assert (); 634 MHD_gnutls_assert ();
@@ -634,8 +641,8 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn,
634 */ 641 */
635 if ((result = 642 if ((result =
636 MHD__asn1_create_element (MHD__gnutls_get_pkix (), 643 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
637 "PKIX1.pkcs-5-PBKDF2-params", 644 "PKIX1.pkcs-5-PBKDF2-params",
638 &pbkdf2_asn)) != ASN1_SUCCESS) 645 &pbkdf2_asn)) != ASN1_SUCCESS)
639 { 646 {
640 MHD_gnutls_assert (); 647 MHD_gnutls_assert ();
641 return MHD_gtls_asn2err (result); 648 return MHD_gtls_asn2err (result);
@@ -643,7 +650,7 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn,
643 650
644 result = 651 result =
645 MHD__asn1_der_decoding (&pbkdf2_asn, &der->data[params_start], 652 MHD__asn1_der_decoding (&pbkdf2_asn, &der->data[params_start],
646 params_len, NULL); 653 params_len, NULL);
647 if (result != ASN1_SUCCESS) 654 if (result != ASN1_SUCCESS)
648 { 655 {
649 MHD_gnutls_assert (); 656 MHD_gnutls_assert ();
@@ -655,7 +662,7 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn,
655 params->salt_size = sizeof (params->salt); 662 params->salt_size = sizeof (params->salt);
656 result = 663 result =
657 MHD__asn1_read_value (pbkdf2_asn, "salt.specified", params->salt, 664 MHD__asn1_read_value (pbkdf2_asn, "salt.specified", params->salt,
658 &params->salt_size); 665 &params->salt_size);
659 if (result != ASN1_SUCCESS) 666 if (result != ASN1_SUCCESS)
660 { 667 {
661 MHD_gnutls_assert (); 668 MHD_gnutls_assert ();
@@ -668,7 +675,7 @@ read_pbkdf2_params (ASN1_TYPE pbes2_asn,
668 */ 675 */
669 result = 676 result =
670 MHD__gnutls_x509_read_uint (pbkdf2_asn, "iterationCount", 677 MHD__gnutls_x509_read_uint (pbkdf2_asn, "iterationCount",
671 &params->iter_count); 678 &params->iter_count);
672 if (result != ASN1_SUCCESS) 679 if (result != ASN1_SUCCESS)
673 { 680 {
674 MHD_gnutls_assert (); 681 MHD_gnutls_assert ();
@@ -709,7 +716,8 @@ readMHD_pkcs12_kdf_params (ASN1_TYPE pbes2_asn, struct pbkdf2_params *params)
709 /* read the salt */ 716 /* read the salt */
710 params->salt_size = sizeof (params->salt); 717 params->salt_size = sizeof (params->salt);
711 result = 718 result =
712 MHD__asn1_read_value (pbes2_asn, "salt", params->salt, &params->salt_size); 719 MHD__asn1_read_value (pbes2_asn, "salt", params->salt,
720 &params->salt_size);
713 if (result != ASN1_SUCCESS) 721 if (result != ASN1_SUCCESS)
714 { 722 {
715 MHD_gnutls_assert (); 723 MHD_gnutls_assert ();
@@ -794,8 +802,8 @@ read_pbe_enc_params (ASN1_TYPE pbes2_asn,
794 802
795 result = 803 result =
796 MHD__asn1_der_decoding_startEnd (pbes2_asn, der->data, der->size, 804 MHD__asn1_der_decoding_startEnd (pbes2_asn, der->data, der->size,
797 "encryptionScheme.parameters", 805 "encryptionScheme.parameters",
798 &params_start, &params_end); 806 &params_start, &params_end);
799 if (result != ASN1_SUCCESS) 807 if (result != ASN1_SUCCESS)
800 { 808 {
801 MHD_gnutls_assert (); 809 MHD_gnutls_assert ();
@@ -807,15 +815,16 @@ read_pbe_enc_params (ASN1_TYPE pbes2_asn,
807 */ 815 */
808 if ((result = 816 if ((result =
809 MHD__asn1_create_element (MHD__gnutls_get_pkix (), 817 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
810 "PKIX1.pkcs-5-des-EDE3-CBC-params", 818 "PKIX1.pkcs-5-des-EDE3-CBC-params",
811 &pbe_asn)) != ASN1_SUCCESS) 819 &pbe_asn)) != ASN1_SUCCESS)
812 { 820 {
813 MHD_gnutls_assert (); 821 MHD_gnutls_assert ();
814 return MHD_gtls_asn2err (result); 822 return MHD_gtls_asn2err (result);
815 } 823 }
816 824
817 result = 825 result =
818 MHD__asn1_der_decoding (&pbe_asn, &der->data[params_start], params_len, NULL); 826 MHD__asn1_der_decoding (&pbe_asn, &der->data[params_start], params_len,
827 NULL);
819 if (result != ASN1_SUCCESS) 828 if (result != ASN1_SUCCESS)
820 { 829 {
821 MHD_gnutls_assert (); 830 MHD_gnutls_assert ();
@@ -899,9 +908,10 @@ decrypt_data (schema_id schema, ASN1_TYPE pkcs8_asn,
899 if (schema == PBES2) 908 if (schema == PBES2)
900 { 909 {
901 result = MHD_gc_pbkdf2_sha1 (password, strlen (password), 910 result = MHD_gc_pbkdf2_sha1 (password, strlen (password),
902 (const char*) kdf_params->salt, kdf_params->salt_size, 911 (const char *) kdf_params->salt,
903 kdf_params->iter_count, 912 kdf_params->salt_size,
904 (char*) key, key_size); 913 kdf_params->iter_count, (char *) key,
914 key_size);
905 915
906 if (result != GC_OK) 916 if (result != GC_OK)
907 { 917 {
@@ -914,9 +924,9 @@ decrypt_data (schema_id schema, ASN1_TYPE pkcs8_asn,
914 { 924 {
915 result = 925 result =
916 MHD_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt, 926 MHD_pkcs12_string_to_key (1 /*KEY*/, kdf_params->salt,
917 kdf_params->salt_size, 927 kdf_params->salt_size,
918 kdf_params->iter_count, password, 928 kdf_params->iter_count, password,
919 key_size, key); 929 key_size, key);
920 930
921 if (result < 0) 931 if (result < 0)
922 { 932 {
diff --git a/src/daemon/https/x509/rfc2818_hostname.c b/src/daemon/https/x509/rfc2818_hostname.c
index fe03af33..be49a778 100644
--- a/src/daemon/https/x509/rfc2818_hostname.c
+++ b/src/daemon/https/x509/rfc2818_hostname.c
@@ -84,7 +84,8 @@ MHD__gnutls_hostname_compare (const char *certname, const char *hostname)
84 * Returns non zero for a successful match, and zero on failure. 84 * Returns non zero for a successful match, and zero on failure.
85 **/ 85 **/
86int 86int
87MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, const char *hostname) 87MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert,
88 const char *hostname)
88{ 89{
89 90
90 char dnsname[MAX_CN]; 91 char dnsname[MAX_CN];
@@ -112,8 +113,8 @@ MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, const char *host
112 113
113 dnsnamesize = sizeof (dnsname); 114 dnsnamesize = sizeof (dnsname);
114 ret = MHD_gnutls_x509_crt_get_subject_alt_name (cert, i, 115 ret = MHD_gnutls_x509_crt_get_subject_alt_name (cert, i,
115 dnsname, &dnsnamesize, 116 dnsname, &dnsnamesize,
116 NULL); 117 NULL);
117 118
118 if (ret == GNUTLS_SAN_DNSNAME) 119 if (ret == GNUTLS_SAN_DNSNAME)
119 { 120 {
@@ -141,7 +142,7 @@ MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, const char *host
141 */ 142 */
142 dnsnamesize = sizeof (dnsname); 143 dnsnamesize = sizeof (dnsname);
143 if (MHD_gnutls_x509_crt_get_dn_by_oid (cert, OID_X520_COMMON_NAME, 0, 144 if (MHD_gnutls_x509_crt_get_dn_by_oid (cert, OID_X520_COMMON_NAME, 0,
144 0, dnsname, &dnsnamesize) < 0) 145 0, dnsname, &dnsnamesize) < 0)
145 { 146 {
146 /* got an error, can't find a name 147 /* got an error, can't find a name
147 */ 148 */
diff --git a/src/daemon/https/x509/sign.c b/src/daemon/https/x509/sign.c
index eb3da891..1cc032be 100644
--- a/src/daemon/https/x509/sign.c
+++ b/src/daemon/https/x509/sign.c
@@ -50,7 +50,8 @@
50 */ 50 */
51static int 51static int
52encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash, 52encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash,
53 const MHD_gnutls_datum_t * digest, MHD_gnutls_datum_t * info) 53 const MHD_gnutls_datum_t * digest,
54 MHD_gnutls_datum_t * info)
54{ 55{
55 ASN1_TYPE dinfo = ASN1_TYPE_EMPTY; 56 ASN1_TYPE dinfo = ASN1_TYPE_EMPTY;
56 int result; 57 int result;
@@ -65,14 +66,15 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash,
65 } 66 }
66 67
67 if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), 68 if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
68 "GNUTLS.DigestInfo", 69 "GNUTLS.DigestInfo",
69 &dinfo)) != ASN1_SUCCESS) 70 &dinfo)) != ASN1_SUCCESS)
70 { 71 {
71 MHD_gnutls_assert (); 72 MHD_gnutls_assert ();
72 return MHD_gtls_asn2err (result); 73 return MHD_gtls_asn2err (result);
73 } 74 }
74 75
75 result = MHD__asn1_write_value (dinfo, "digestAlgorithm.algorithm", algo, 1); 76 result =
77 MHD__asn1_write_value (dinfo, "digestAlgorithm.algorithm", algo, 1);
76 if (result != ASN1_SUCCESS) 78 if (result != ASN1_SUCCESS)
77 { 79 {
78 MHD_gnutls_assert (); 80 MHD_gnutls_assert ();
@@ -86,7 +88,7 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash,
86 Regardless of what is correct, this appears to be what most 88 Regardless of what is correct, this appears to be what most
87 implementations do. */ 89 implementations do. */
88 result = MHD__asn1_write_value (dinfo, "digestAlgorithm.parameters", 90 result = MHD__asn1_write_value (dinfo, "digestAlgorithm.parameters",
89 "\x05\x00", 2); 91 "\x05\x00", 2);
90 if (result != ASN1_SUCCESS) 92 if (result != ASN1_SUCCESS)
91 { 93 {
92 MHD_gnutls_assert (); 94 MHD_gnutls_assert ();
@@ -94,7 +96,8 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash,
94 return MHD_gtls_asn2err (result); 96 return MHD_gtls_asn2err (result);
95 } 97 }
96 98
97 result = MHD__asn1_write_value (dinfo, "digest", digest->data, digest->size); 99 result =
100 MHD__asn1_write_value (dinfo, "digest", digest->data, digest->size);
98 if (result != ASN1_SUCCESS) 101 if (result != ASN1_SUCCESS)
99 { 102 {
100 MHD_gnutls_assert (); 103 MHD_gnutls_assert ();
@@ -103,7 +106,7 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash,
103 } 106 }
104 107
105 info->size = 0; 108 info->size = 0;
106 MHD__asn1_der_coding (dinfo, "", NULL, (int*) &info->size, NULL); 109 MHD__asn1_der_coding (dinfo, "", NULL, (int *) &info->size, NULL);
107 110
108 info->data = MHD_gnutls_malloc (info->size); 111 info->data = MHD_gnutls_malloc (info->size);
109 if (info->data == NULL) 112 if (info->data == NULL)
@@ -113,7 +116,8 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash,
113 return GNUTLS_E_MEMORY_ERROR; 116 return GNUTLS_E_MEMORY_ERROR;
114 } 117 }
115 118
116 result = MHD__asn1_der_coding (dinfo, "", info->data, (int*) &info->size, NULL); 119 result =
120 MHD__asn1_der_coding (dinfo, "", info->data, (int *) &info->size, NULL);
117 if (result != ASN1_SUCCESS) 121 if (result != ASN1_SUCCESS)
118 { 122 {
119 MHD_gnutls_assert (); 123 MHD_gnutls_assert ();
@@ -133,8 +137,8 @@ encode_ber_digest_info (enum MHD_GNUTLS_HashAlgorithm hash,
133 */ 137 */
134static int 138static int
135pkcs1_rsa_sign (enum MHD_GNUTLS_HashAlgorithm hash, 139pkcs1_rsa_sign (enum MHD_GNUTLS_HashAlgorithm hash,
136 const MHD_gnutls_datum_t * text, mpi_t * params, int params_len, 140 const MHD_gnutls_datum_t * text, mpi_t * params,
137 MHD_gnutls_datum_t * signature) 141 int params_len, MHD_gnutls_datum_t * signature)
138{ 142{
139 int ret; 143 int ret;
140 opaque _digest[MAX_HASH_SIZE]; 144 opaque _digest[MAX_HASH_SIZE];
@@ -187,8 +191,9 @@ pkcs1_rsa_sign (enum MHD_GNUTLS_HashAlgorithm hash,
187 */ 191 */
188static int 192static int
189MHD__gnutls_x509_sign (const MHD_gnutls_datum_t * tbs, 193MHD__gnutls_x509_sign (const MHD_gnutls_datum_t * tbs,
190 enum MHD_GNUTLS_HashAlgorithm hash, 194 enum MHD_GNUTLS_HashAlgorithm hash,
191 MHD_gnutls_x509_privkey_t signer, MHD_gnutls_datum_t * signature) 195 MHD_gnutls_x509_privkey_t signer,
196 MHD_gnutls_datum_t * signature)
192{ 197{
193 int ret; 198 int ret;
194 199
@@ -218,9 +223,9 @@ MHD__gnutls_x509_sign (const MHD_gnutls_datum_t * tbs,
218 */ 223 */
219int 224int
220MHD__gnutls_x509_sign_tbs (ASN1_TYPE cert, const char *tbs_name, 225MHD__gnutls_x509_sign_tbs (ASN1_TYPE cert, const char *tbs_name,
221 enum MHD_GNUTLS_HashAlgorithm hash, 226 enum MHD_GNUTLS_HashAlgorithm hash,
222 MHD_gnutls_x509_privkey_t signer, 227 MHD_gnutls_x509_privkey_t signer,
223 MHD_gnutls_datum_t * signature) 228 MHD_gnutls_datum_t * signature)
224{ 229{
225 int result; 230 int result;
226 opaque *buf; 231 opaque *buf;
diff --git a/src/daemon/https/x509/sign.h b/src/daemon/https/x509/sign.h
index 03993157..51e51b92 100644
--- a/src/daemon/https/x509/sign.h
+++ b/src/daemon/https/x509/sign.h
@@ -23,6 +23,6 @@
23 */ 23 */
24 24
25int MHD__gnutls_x509_sign_tbs (ASN1_TYPE cert, const char *tbs_name, 25int MHD__gnutls_x509_sign_tbs (ASN1_TYPE cert, const char *tbs_name,
26 enum MHD_GNUTLS_HashAlgorithm hash, 26 enum MHD_GNUTLS_HashAlgorithm hash,
27 MHD_gnutls_x509_privkey_t signer, 27 MHD_gnutls_x509_privkey_t signer,
28 MHD_gnutls_datum_t * signature); 28 MHD_gnutls_datum_t * signature);
diff --git a/src/daemon/https/x509/verify.h b/src/daemon/https/x509/verify.h
index 0a2e020c..bd9978e3 100644
--- a/src/daemon/https/x509/verify.h
+++ b/src/daemon/https/x509/verify.h
@@ -25,10 +25,12 @@
25#include "x509.h" 25#include "x509.h"
26 26
27int MHD_gnutls_x509_crt_is_issuer (MHD_gnutls_x509_crt_t cert, 27int MHD_gnutls_x509_crt_is_issuer (MHD_gnutls_x509_crt_t cert,
28 MHD_gnutls_x509_crt_t issuer);
29int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs,
30 const MHD_gnutls_datum_t * signature,
31 MHD_gnutls_x509_crt_t issuer); 28 MHD_gnutls_x509_crt_t issuer);
29int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs,
30 const MHD_gnutls_datum_t * signature,
31 MHD_gnutls_x509_crt_t issuer);
32int MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs, 32int MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs,
33 const MHD_gnutls_datum_t * signature, 33 const MHD_gnutls_datum_t *
34 MHD_gnutls_x509_privkey_t issuer); 34 signature,
35 MHD_gnutls_x509_privkey_t
36 issuer);
diff --git a/src/daemon/https/x509/x509.c b/src/daemon/https/x509/x509.c
index 7bb907ab..e64d34b2 100644
--- a/src/daemon/https/x509/x509.c
+++ b/src/daemon/https/x509/x509.c
@@ -51,14 +51,15 @@
51int 51int
52MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert) 52MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert)
53{ 53{
54 MHD_gnutls_x509_crt_t tmp = MHD_gnutls_calloc (1, sizeof (MHD_gnutls_x509_crt_int)); 54 MHD_gnutls_x509_crt_t tmp =
55 MHD_gnutls_calloc (1, sizeof (MHD_gnutls_x509_crt_int));
55 int result; 56 int result;
56 57
57 if (!tmp) 58 if (!tmp)
58 return GNUTLS_E_MEMORY_ERROR; 59 return GNUTLS_E_MEMORY_ERROR;
59 60
60 result = MHD__asn1_create_element (MHD__gnutls_get_pkix (), 61 result = MHD__asn1_create_element (MHD__gnutls_get_pkix (),
61 "PKIX1.Certificate", &tmp->cert); 62 "PKIX1.Certificate", &tmp->cert);
62 if (result != ASN1_SUCCESS) 63 if (result != ASN1_SUCCESS)
63 { 64 {
64 MHD_gnutls_assert (); 65 MHD_gnutls_assert ();
@@ -107,8 +108,8 @@ MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert)
107 **/ 108 **/
108int 109int
109MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, 110MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert,
110 const MHD_gnutls_datum_t * data, 111 const MHD_gnutls_datum_t * data,
111 MHD_gnutls_x509_crt_fmt_t format) 112 MHD_gnutls_x509_crt_fmt_t format)
112{ 113{
113 int result = 0, need_free = 0; 114 int result = 0, need_free = 0;
114 MHD_gnutls_datum_t _data; 115 MHD_gnutls_datum_t _data;
@@ -130,14 +131,15 @@ MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert,
130 opaque *out; 131 opaque *out;
131 132
132 /* Try the first header */ 133 /* Try the first header */
133 result = MHD__gnutls_fbase64_decode (PEM_X509_CERT2, data->data, data->size, 134 result =
134 &out); 135 MHD__gnutls_fbase64_decode (PEM_X509_CERT2, data->data, data->size,
136 &out);
135 137
136 if (result <= 0) 138 if (result <= 0)
137 { 139 {
138 /* try for the second header */ 140 /* try for the second header */
139 result = MHD__gnutls_fbase64_decode (PEM_X509_CERT, data->data, 141 result = MHD__gnutls_fbase64_decode (PEM_X509_CERT, data->data,
140 data->size, &out); 142 data->size, &out);
141 143
142 if (result <= 0) 144 if (result <= 0)
143 { 145 {
@@ -205,10 +207,10 @@ cleanup:MHD_gnutls_free (signature);
205 **/ 207 **/
206int 208int
207MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, 209MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert,
208 const char *oid, 210 const char *oid,
209 int indx, 211 int indx,
210 unsigned int raw_flag, 212 unsigned int raw_flag,
211 void *buf, size_t * sizeof_buf) 213 void *buf, size_t * sizeof_buf)
212{ 214{
213 if (cert == NULL) 215 if (cert == NULL)
214 { 216 {
@@ -217,8 +219,8 @@ MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert,
217 } 219 }
218 220
219 return MHD__gnutls_x509_parse_dn_oid (cert->cert, 221 return MHD__gnutls_x509_parse_dn_oid (cert->cert,
220 "tbsCertificate.subject.rdnSequence", oid, 222 "tbsCertificate.subject.rdnSequence",
221 indx, raw_flag, buf, sizeof_buf); 223 oid, indx, raw_flag, buf, sizeof_buf);
222} 224}
223 225
224/** 226/**
@@ -247,8 +249,8 @@ MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert)
247 * read. They will be read from the issuer's certificate if needed. 249 * read. They will be read from the issuer's certificate if needed.
248 */ 250 */
249 result = 251 result =
250 MHD__gnutls_x509_read_value (cert->cert, "signatureAlgorithm.algorithm", &sa, 252 MHD__gnutls_x509_read_value (cert->cert, "signatureAlgorithm.algorithm",
251 0); 253 &sa, 0);
252 254
253 if (result < 0) 255 if (result < 0)
254 { 256 {
@@ -256,7 +258,7 @@ MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert)
256 return result; 258 return result;
257 } 259 }
258 260
259 result = MHD_gtls_x509_oid2sign_algorithm ((const char*) sa.data); 261 result = MHD_gtls_x509_oid2sign_algorithm ((const char *) sa.data);
260 262
261 MHD__gnutls_free_datum (&sa); 263 MHD__gnutls_free_datum (&sa);
262 264
@@ -275,7 +277,7 @@ MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert)
275 **/ 277 **/
276int 278int
277MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert, 279MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert,
278 char *sig, size_t * sizeof_sig) 280 char *sig, size_t * sizeof_sig)
279{ 281{
280 int result; 282 int result;
281 int bits, len; 283 int bits, len;
@@ -342,7 +344,7 @@ MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert)
342 len = sizeof (version); 344 len = sizeof (version);
343 if ((result = 345 if ((result =
344 MHD__asn1_read_value (cert->cert, "tbsCertificate.version", version, 346 MHD__asn1_read_value (cert->cert, "tbsCertificate.version", version,
345 &len)) != ASN1_SUCCESS) 347 &len)) != ASN1_SUCCESS)
346 { 348 {
347 349
348 if (result == ASN1_ELEMENT_NOT_FOUND) 350 if (result == ASN1_ELEMENT_NOT_FOUND)
@@ -373,7 +375,7 @@ MHD_gnutls_x509_crt_get_activation_time (MHD_gnutls_x509_crt_t cert)
373 } 375 }
374 376
375 return MHD__gnutls_x509_get_time (cert->cert, 377 return MHD__gnutls_x509_get_time (cert->cert,
376 "tbsCertificate.validity.notBefore"); 378 "tbsCertificate.validity.notBefore");
377} 379}
378 380
379/** 381/**
@@ -395,7 +397,7 @@ MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert)
395 } 397 }
396 398
397 return MHD__gnutls_x509_get_time (cert->cert, 399 return MHD__gnutls_x509_get_time (cert->cert,
398 "tbsCertificate.validity.notAfter"); 400 "tbsCertificate.validity.notAfter");
399} 401}
400 402
401/** 403/**
@@ -415,7 +417,7 @@ MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert)
415 **/ 417 **/
416int 418int
417MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, 419MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert,
418 void *result, size_t * result_size) 420 void *result, size_t * result_size)
419{ 421{
420 int ret, len; 422 int ret, len;
421 423
@@ -428,7 +430,8 @@ MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert,
428 len = *result_size; 430 len = *result_size;
429 ret 431 ret
430 = 432 =
431 MHD__asn1_read_value (cert->cert, "tbsCertificate.serialNumber", result, &len); 433 MHD__asn1_read_value (cert->cert, "tbsCertificate.serialNumber", result,
434 &len);
432 *result_size = len; 435 *result_size = len;
433 436
434 if (ret != ASN1_SUCCESS) 437 if (ret != ASN1_SUCCESS)
@@ -459,7 +462,8 @@ MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert,
459 * 462 *
460 **/ 463 **/
461int 464int
462MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, unsigned int *bits) 465MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert,
466 unsigned int *bits)
463{ 467{
464 int result; 468 int result;
465 469
@@ -470,8 +474,8 @@ MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, unsigned int *
470 } 474 }
471 475
472 result = MHD__gnutls_x509_get_pk_algorithm (cert->cert, 476 result = MHD__gnutls_x509_get_pk_algorithm (cert->cert,
473 "tbsCertificate.subjectPublicKeyInfo", 477 "tbsCertificate.subjectPublicKeyInfo",
474 bits); 478 bits);
475 479
476 if (result < 0) 480 if (result < 0)
477 { 481 {
@@ -533,7 +537,7 @@ parse_general_name (ASN1_TYPE src,
533 return MHD_gtls_asn2err (result); 537 return MHD_gtls_asn2err (result);
534 } 538 }
535 539
536 type = MHD__gnutls_x509_san_find_type ((char*) choice_type); 540 type = MHD__gnutls_x509_san_find_type ((char *) choice_type);
537 if (type == (MHD_gnutls_x509_subject_alt_name_t) - 1) 541 if (type == (MHD_gnutls_x509_subject_alt_name_t) - 1)
538 { 542 {
539 MHD_gnutls_assert (); 543 MHD_gnutls_assert ();
@@ -591,8 +595,8 @@ parse_general_name (ASN1_TYPE src,
591 ASN1_TYPE c2 = ASN1_TYPE_EMPTY; 595 ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
592 596
593 result = 597 result =
594 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.XmppAddr", 598 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
595 &c2); 599 "PKIX1.XmppAddr", &c2);
596 if (result != ASN1_SUCCESS) 600 if (result != ASN1_SUCCESS)
597 { 601 {
598 MHD_gnutls_assert (); 602 MHD_gnutls_assert ();
@@ -636,7 +640,7 @@ parse_general_name (ASN1_TYPE src,
636 size_t orig_name_size = *name_size; 640 size_t orig_name_size = *name_size;
637 641
638 MHD_gtls_str_cat (nptr, sizeof (nptr), "."); 642 MHD_gtls_str_cat (nptr, sizeof (nptr), ".");
639 MHD_gtls_str_cat (nptr, sizeof (nptr), (const char*) choice_type); 643 MHD_gtls_str_cat (nptr, sizeof (nptr), (const char *) choice_type);
640 644
641 len = *name_size; 645 len = *name_size;
642 result = MHD__asn1_read_value (src, nptr, name, &len); 646 result = MHD__asn1_read_value (src, nptr, name, &len);
@@ -700,7 +704,7 @@ get_subject_alt_name (MHD_gnutls_x509_crt_t cert,
700 704
701 if ((result = 705 if ((result =
702 MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.17", 0, &dnsname, 706 MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.17", 0, &dnsname,
703 critical)) < 0) 707 critical)) < 0)
704 { 708 {
705 return result; 709 return result;
706 } 710 }
@@ -712,7 +716,8 @@ get_subject_alt_name (MHD_gnutls_x509_crt_t cert,
712 } 716 }
713 717
714 result = 718 result =
715 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.SubjectAltName", &c2); 719 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.SubjectAltName",
720 &c2);
716 if (result != ASN1_SUCCESS) 721 if (result != ASN1_SUCCESS)
717 { 722 {
718 MHD_gnutls_assert (); 723 MHD_gnutls_assert ();
@@ -781,10 +786,10 @@ get_subject_alt_name (MHD_gnutls_x509_crt_t cert,
781 **/ 786 **/
782int 787int
783MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, 788MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert,
784 unsigned int seq, 789 unsigned int seq,
785 void *ret, 790 void *ret,
786 size_t * ret_size, 791 size_t * ret_size,
787 unsigned int *critical) 792 unsigned int *critical)
788{ 793{
789 return get_subject_alt_name (cert, seq, ret, ret_size, NULL, critical, 0); 794 return get_subject_alt_name (cert, seq, ret, ret_size, NULL, critical, 0);
790} 795}
@@ -811,8 +816,8 @@ MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert,
811 **/ 816 **/
812static int 817static int
813MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert, 818MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert,
814 unsigned int *critical, 819 unsigned int *critical,
815 int *ca, int *pathlen) 820 int *ca, int *pathlen)
816{ 821{
817 int result; 822 int result;
818 MHD_gnutls_datum_t basicConstraints; 823 MHD_gnutls_datum_t basicConstraints;
@@ -825,8 +830,8 @@ MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert,
825 } 830 }
826 831
827 if ((result = MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.19", 0, 832 if ((result = MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.19", 0,
828 &basicConstraints, critical)) 833 &basicConstraints,
829 < 0) 834 critical)) < 0)
830 { 835 {
831 return result; 836 return result;
832 } 837 }
@@ -838,8 +843,10 @@ MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert,
838 } 843 }
839 844
840 result = MHD__gnutls_x509_ext_extract_basicConstraints (&tmp_ca, pathlen, 845 result = MHD__gnutls_x509_ext_extract_basicConstraints (&tmp_ca, pathlen,
841 basicConstraints.data, 846 basicConstraints.
842 basicConstraints.size); 847 data,
848 basicConstraints.
849 size);
843 if (ca) 850 if (ca)
844 *ca = tmp_ca; 851 *ca = tmp_ca;
845 MHD__gnutls_free_datum (&basicConstraints); 852 MHD__gnutls_free_datum (&basicConstraints);
@@ -872,11 +879,12 @@ MHD_gnutls_x509_crt_get_basic_constraints (MHD_gnutls_x509_crt_t cert,
872 * 879 *
873 **/ 880 **/
874int 881int
875MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, unsigned int *critical) 882MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert,
883 unsigned int *critical)
876{ 884{
877 int ca, pathlen; 885 int ca, pathlen;
878 return MHD_gnutls_x509_crt_get_basic_constraints (cert, critical, &ca, 886 return MHD_gnutls_x509_crt_get_basic_constraints (cert, critical, &ca,
879 &pathlen); 887 &pathlen);
880} 888}
881 889
882/** 890/**
@@ -900,8 +908,8 @@ MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, unsigned int *cri
900 **/ 908 **/
901int 909int
902MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, 910MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert,
903 unsigned int *key_usage, 911 unsigned int *key_usage,
904 unsigned int *critical) 912 unsigned int *critical)
905{ 913{
906 int result; 914 int result;
907 MHD_gnutls_datum_t keyUsage; 915 MHD_gnutls_datum_t keyUsage;
@@ -915,7 +923,7 @@ MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert,
915 923
916 if ((result = 924 if ((result =
917 MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.15", 0, &keyUsage, 925 MHD__gnutls_x509_crt_get_extension (cert, "2.5.29.15", 0, &keyUsage,
918 critical)) < 0) 926 critical)) < 0)
919 { 927 {
920 return result; 928 return result;
921 } 929 }
@@ -927,7 +935,7 @@ MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert,
927 } 935 }
928 936
929 result = MHD__gnutls_x509_ext_extract_keyUsage (&_usage, keyUsage.data, 937 result = MHD__gnutls_x509_ext_extract_keyUsage (&_usage, keyUsage.data,
930 keyUsage.size); 938 keyUsage.size);
931 MHD__gnutls_free_datum (&keyUsage); 939 MHD__gnutls_free_datum (&keyUsage);
932 940
933 *key_usage = _usage; 941 *key_usage = _usage;
@@ -944,7 +952,8 @@ MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert,
944 952
945static int 953static int
946MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert, 954MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert,
947 const char *whom, MHD_gnutls_datum_t * start) 955 const char *whom,
956 MHD_gnutls_datum_t * start)
948{ 957{
949 ASN1_TYPE c2 = ASN1_TYPE_EMPTY; 958 ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
950 int result, len1; 959 int result, len1;
@@ -956,22 +965,24 @@ MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert,
956 /* get the issuer of 'cert' 965 /* get the issuer of 'cert'
957 */ 966 */
958 if ((result = 967 if ((result =
959 MHD__asn1_create_element (MHD__gnutls_get_pkix (), "PKIX1.TBSCertificate", 968 MHD__asn1_create_element (MHD__gnutls_get_pkix (),
960 &c2)) != ASN1_SUCCESS) 969 "PKIX1.TBSCertificate",
970 &c2)) != ASN1_SUCCESS)
961 { 971 {
962 MHD_gnutls_assert (); 972 MHD_gnutls_assert ();
963 return MHD_gtls_asn2err (result); 973 return MHD_gtls_asn2err (result);
964 } 974 }
965 975
966 result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", 976 result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate",
967 &signed_data); 977 &signed_data);
968 if (result < 0) 978 if (result < 0)
969 { 979 {
970 MHD_gnutls_assert (); 980 MHD_gnutls_assert ();
971 goto cleanup; 981 goto cleanup;
972 } 982 }
973 983
974 result = MHD__asn1_der_decoding (&c2, signed_data.data, signed_data.size, NULL); 984 result =
985 MHD__asn1_der_decoding (&c2, signed_data.data, signed_data.size, NULL);
975 if (result != ASN1_SUCCESS) 986 if (result != ASN1_SUCCESS)
976 { 987 {
977 MHD_gnutls_assert (); 988 MHD_gnutls_assert ();
@@ -980,8 +991,9 @@ MHD__gnutls_x509_crt_get_raw_dn2 (MHD_gnutls_x509_crt_t cert,
980 goto cleanup; 991 goto cleanup;
981 } 992 }
982 993
983 result = MHD__asn1_der_decoding_startEnd (c2, signed_data.data, signed_data.size, 994 result =
984 whom, &start1, &end1); 995 MHD__asn1_der_decoding_startEnd (c2, signed_data.data, signed_data.size,
996 whom, &start1, &end1);
985 997
986 if (result != ASN1_SUCCESS) 998 if (result != ASN1_SUCCESS)
987 { 999 {
@@ -1014,7 +1026,7 @@ cleanup:MHD__asn1_delete_structure (&c2);
1014 **/ 1026 **/
1015int 1027int
1016MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, 1028MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert,
1017 MHD_gnutls_datum_t * start) 1029 MHD_gnutls_datum_t * start)
1018{ 1030{
1019 return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "issuer", start); 1031 return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "issuer", start);
1020} 1032}
@@ -1031,13 +1043,15 @@ MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert,
1031 * 1043 *
1032 **/ 1044 **/
1033int 1045int
1034MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, MHD_gnutls_datum_t * start) 1046MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert,
1047 MHD_gnutls_datum_t * start)
1035{ 1048{
1036 return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "subject", start); 1049 return MHD__gnutls_x509_crt_get_raw_dn2 (cert, "subject", start);
1037} 1050}
1038 1051
1039static int 1052static int
1040get_dn (MHD_gnutls_x509_crt_t cert, const char *whom, MHD_gnutls_x509_dn_t * dn) 1053get_dn (MHD_gnutls_x509_crt_t cert, const char *whom,
1054 MHD_gnutls_x509_dn_t * dn)
1041{ 1055{
1042 *dn = MHD__asn1_find_node (cert->cert, whom); 1056 *dn = MHD__asn1_find_node (cert->cert, whom);
1043 if (!*dn) 1057 if (!*dn)
@@ -1056,7 +1070,8 @@ get_dn (MHD_gnutls_x509_crt_t cert, const char *whom, MHD_gnutls_x509_dn_t * dn)
1056 * Returns: Returns 0 on success, or an error code. 1070 * Returns: Returns 0 on success, or an error code.
1057 **/ 1071 **/
1058int 1072int
1059MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, MHD_gnutls_x509_dn_t * dn) 1073MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert,
1074 MHD_gnutls_x509_dn_t * dn)
1060{ 1075{
1061 return get_dn (cert, "tbsCertificate.subject.rdnSequence", dn); 1076 return get_dn (cert, "tbsCertificate.subject.rdnSequence", dn);
1062} 1077}
@@ -1083,8 +1098,8 @@ MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, MHD_gnutls_x509_dn_
1083 **/ 1098 **/
1084int 1099int
1085MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, 1100MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert,
1086 MHD_gnutls_x509_crt_fmt_t format, 1101 MHD_gnutls_x509_crt_fmt_t format,
1087 void *output_data, size_t * output_data_size) 1102 void *output_data, size_t * output_data_size)
1088{ 1103{
1089 if (cert == NULL) 1104 if (cert == NULL)
1090 { 1105 {
@@ -1093,7 +1108,7 @@ MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert,
1093 } 1108 }
1094 1109
1095 return MHD__gnutls_x509_export_int (cert->cert, format, "CERTIFICATE", 1110 return MHD__gnutls_x509_export_int (cert->cert, format, "CERTIFICATE",
1096 output_data, output_data_size); 1111 output_data, output_data_size);
1097} 1112}
1098 1113
1099#ifdef ENABLE_PKI 1114#ifdef ENABLE_PKI
@@ -1112,8 +1127,8 @@ MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert,
1112 **/ 1127 **/
1113int 1128int
1114MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, 1129MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert,
1115 const MHD_gnutls_x509_crl_t * crl_list, 1130 const MHD_gnutls_x509_crl_t * crl_list,
1116 int crl_list_length) 1131 int crl_list_length)
1117{ 1132{
1118 opaque serial[64]; 1133 opaque serial[64];
1119 opaque cert_serial[64]; 1134 opaque cert_serial[64];
@@ -1160,7 +1175,8 @@ MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert,
1160 /* Step 2. Read the certificate's serial number 1175 /* Step 2. Read the certificate's serial number
1161 */ 1176 */
1162 cert_serial_size = sizeof (cert_serial); 1177 cert_serial_size = sizeof (cert_serial);
1163 ret = MHD_gnutls_x509_crt_get_serial (cert, cert_serial, &cert_serial_size); 1178 ret =
1179 MHD_gnutls_x509_crt_get_serial (cert, cert_serial, &cert_serial_size);
1164 if (ret < 0) 1180 if (ret < 0)
1165 { 1181 {
1166 MHD_gnutls_assert (); 1182 MHD_gnutls_assert ();
@@ -1182,7 +1198,7 @@ MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert,
1182 { 1198 {
1183 serial_size = sizeof (serial); 1199 serial_size = sizeof (serial);
1184 ret = MHD_gnutls_x509_crl_get_crt_serial (crl_list[j], i, serial, 1200 ret = MHD_gnutls_x509_crl_get_crt_serial (crl_list[j], i, serial,
1185 &serial_size, NULL); 1201 &serial_size, NULL);
1186 1202
1187 if (ret < 0) 1203 if (ret < 0)
1188 { 1204 {
@@ -1205,4 +1221,3 @@ MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert,
1205} 1221}
1206 1222
1207#endif 1223#endif
1208
diff --git a/src/daemon/https/x509/x509.h b/src/daemon/https/x509/x509.h
index 87a81954..3afda0da 100644
--- a/src/daemon/https/x509/x509.h
+++ b/src/daemon/https/x509/x509.h
@@ -90,17 +90,19 @@ extern "C"
90 int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert); 90 int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert);
91 void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert); 91 void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert);
92 int MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, 92 int MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert,
93 const MHD_gnutls_datum_t * data, 93 const MHD_gnutls_datum_t * data,
94 MHD_gnutls_x509_crt_fmt_t format); 94 MHD_gnutls_x509_crt_fmt_t format);
95 int MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, 95 int MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert,
96 MHD_gnutls_x509_crt_fmt_t format, 96 MHD_gnutls_x509_crt_fmt_t format,
97 void *output_data, size_t * output_data_size); 97 void *output_data,
98 size_t * output_data_size);
98 int MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert, 99 int MHD_gnutls_x509_crt_check_hostname (MHD_gnutls_x509_crt_t cert,
99 const char *hostname); 100 const char *hostname);
100 101
101 int MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert); 102 int MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t
103 cert);
102 int MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert, 104 int MHD_gnutls_x509_crt_get_signature (MHD_gnutls_x509_crt_t cert,
103 char *sig, size_t * sizeof_sig); 105 char *sig, size_t * sizeof_sig);
104 int MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert); 106 int MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert);
105 107
106#define GNUTLS_CRL_REASON_UNUSED 128 108#define GNUTLS_CRL_REASON_UNUSED 128
@@ -116,86 +118,90 @@ extern "C"
116 time_t MHD_gnutls_x509_crt_get_activation_time (MHD_gnutls_x509_crt_t cert); 118 time_t MHD_gnutls_x509_crt_get_activation_time (MHD_gnutls_x509_crt_t cert);
117 time_t MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert); 119 time_t MHD_gnutls_x509_crt_get_expiration_time (MHD_gnutls_x509_crt_t cert);
118 int MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, 120 int MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert,
119 void *result, size_t * result_size); 121 void *result, size_t * result_size);
120 122
121 int MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, 123 int MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert,
122 unsigned int *bits); 124 unsigned int *bits);
123 int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, 125 int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert,
124 unsigned int seq, 126 unsigned int seq,
125 void *ret, 127 void *ret,
126 size_t * ret_size, 128 size_t * ret_size,
127 unsigned int *critical); 129 unsigned int *critical);
128 int MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, 130 int MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert,
129 unsigned int *critical); 131 unsigned int *critical);
130/* The key_usage flags are defined in gnutls.h. They are the 132/* The key_usage flags are defined in gnutls.h. They are the
131 * GNUTLS_KEY_* definitions. 133 * GNUTLS_KEY_* definitions.
132 */ 134 */
133 int MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, 135 int MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert,
134 unsigned int *key_usage, 136 unsigned int *key_usage,
135 unsigned int *critical); 137 unsigned int *critical);
136 int MHD_gnutls_x509_crt_set_key_usage (MHD_gnutls_x509_crt_t crt, 138 int MHD_gnutls_x509_crt_set_key_usage (MHD_gnutls_x509_crt_t crt,
137 unsigned int usage); 139 unsigned int usage);
138 140
139 int MHD_gnutls_x509_dn_oid_known (const char *oid); 141 int MHD_gnutls_x509_dn_oid_known (const char *oid);
140 142
141/* Read extensions by sequence number. */ 143/* Read extensions by sequence number. */
142 int MHD_gnutls_x509_crt_set_extension_by_oid (MHD_gnutls_x509_crt_t crt, 144 int MHD_gnutls_x509_crt_set_extension_by_oid (MHD_gnutls_x509_crt_t crt,
143 const char *oid, 145 const char *oid,
144 const void *buf, 146 const void *buf,
145 size_t sizeof_buf, 147 size_t sizeof_buf,
146 unsigned int critical); 148 unsigned int critical);
147 149
148/* X.509 Certificate writing. 150/* X.509 Certificate writing.
149 */ 151 */
150 int MHD_gnutls_x509_crt_set_dn_by_oid (MHD_gnutls_x509_crt_t crt, 152 int MHD_gnutls_x509_crt_set_dn_by_oid (MHD_gnutls_x509_crt_t crt,
151 const char *oid, 153 const char *oid,
152 unsigned int raw_flag, 154 unsigned int raw_flag,
153 const void *name, 155 const void *name,
154 unsigned int sizeof_name); 156 unsigned int sizeof_name);
155 int MHD_gnutls_x509_crt_set_issuer_dn_by_oid (MHD_gnutls_x509_crt_t crt, 157 int MHD_gnutls_x509_crt_set_issuer_dn_by_oid (MHD_gnutls_x509_crt_t crt,
156 const char *oid, 158 const char *oid,
157 unsigned int raw_flag, 159 unsigned int raw_flag,
158 const void *name, 160 const void *name,
159 unsigned int sizeof_name); 161 unsigned int sizeof_name);
160 int MHD_gnutls_x509_crt_set_version (MHD_gnutls_x509_crt_t crt, 162 int MHD_gnutls_x509_crt_set_version (MHD_gnutls_x509_crt_t crt,
161 unsigned int version); 163 unsigned int version);
162 int MHD_gnutls_x509_crt_set_key (MHD_gnutls_x509_crt_t crt, 164 int MHD_gnutls_x509_crt_set_key (MHD_gnutls_x509_crt_t crt,
163 MHD_gnutls_x509_privkey_t key); 165 MHD_gnutls_x509_privkey_t key);
164 int MHD_gnutls_x509_crt_set_ca_status (MHD_gnutls_x509_crt_t crt, unsigned int ca); 166 int MHD_gnutls_x509_crt_set_ca_status (MHD_gnutls_x509_crt_t crt,
167 unsigned int ca);
165 int MHD_gnutls_x509_crt_set_basic_constraints (MHD_gnutls_x509_crt_t crt, 168 int MHD_gnutls_x509_crt_set_basic_constraints (MHD_gnutls_x509_crt_t crt,
166 unsigned int ca, 169 unsigned int ca,
167 int pathLenConstraint); 170 int pathLenConstraint);
168 int MHD_gnutls_x509_crt_set_subject_alternative_name (MHD_gnutls_x509_crt_t crt, 171 int MHD_gnutls_x509_crt_set_subject_alternative_name (MHD_gnutls_x509_crt_t
169 MHD_gnutls_x509_subject_alt_name_t 172 crt,
170 type, 173 MHD_gnutls_x509_subject_alt_name_t
171 const char *data_string); 174 type,
175 const char
176 *data_string);
172 int MHD_gnutls_x509_crt_sign (MHD_gnutls_x509_crt_t crt, 177 int MHD_gnutls_x509_crt_sign (MHD_gnutls_x509_crt_t crt,
173 MHD_gnutls_x509_crt_t issuer, 178 MHD_gnutls_x509_crt_t issuer,
174 MHD_gnutls_x509_privkey_t issuer_key); 179 MHD_gnutls_x509_privkey_t issuer_key);
175 int MHD_gnutls_x509_crt_sign2 (MHD_gnutls_x509_crt_t crt, 180 int MHD_gnutls_x509_crt_sign2 (MHD_gnutls_x509_crt_t crt,
176 MHD_gnutls_x509_crt_t issuer, 181 MHD_gnutls_x509_crt_t issuer,
177 MHD_gnutls_x509_privkey_t issuer_key, 182 MHD_gnutls_x509_privkey_t issuer_key,
178 enum MHD_GNUTLS_HashAlgorithm, 183 enum MHD_GNUTLS_HashAlgorithm,
179 unsigned int flags); 184 unsigned int flags);
180 int MHD_gnutls_x509_crt_set_activation_time (MHD_gnutls_x509_crt_t cert, 185 int MHD_gnutls_x509_crt_set_activation_time (MHD_gnutls_x509_crt_t cert,
181 time_t act_time); 186 time_t act_time);
182 int MHD_gnutls_x509_crt_set_expiration_time (MHD_gnutls_x509_crt_t cert, 187 int MHD_gnutls_x509_crt_set_expiration_time (MHD_gnutls_x509_crt_t cert,
183 time_t exp_time); 188 time_t exp_time);
184 int MHD_gnutls_x509_crt_set_serial (MHD_gnutls_x509_crt_t cert, 189 int MHD_gnutls_x509_crt_set_serial (MHD_gnutls_x509_crt_t cert,
185 const void *serial, size_t serial_size); 190 const void *serial, size_t serial_size);
186 191
187 int MHD_gnutls_x509_crt_set_subject_key_id (MHD_gnutls_x509_crt_t cert, 192 int MHD_gnutls_x509_crt_set_subject_key_id (MHD_gnutls_x509_crt_t cert,
188 const void *id, size_t id_size); 193 const void *id, size_t id_size);
189 194
190 int MHD_gnutls_x509_crt_set_proxy_dn (MHD_gnutls_x509_crt_t crt, 195 int MHD_gnutls_x509_crt_set_proxy_dn (MHD_gnutls_x509_crt_t crt,
191 MHD_gnutls_x509_crt_t eecrt, 196 MHD_gnutls_x509_crt_t eecrt,
192 unsigned int raw_flag, 197 unsigned int raw_flag,
193 const void *name, 198 const void *name,
194 unsigned int sizeof_name); 199 unsigned int sizeof_name);
195 int MHD_gnutls_x509_crt_set_proxy (MHD_gnutls_x509_crt_t crt, 200 int MHD_gnutls_x509_crt_set_proxy (MHD_gnutls_x509_crt_t crt,
196 int pathLenConstraint, 201 int pathLenConstraint,
197 const char *policyLanguage, 202 const char *policyLanguage,
198 const char *policy, size_t sizeof_policy); 203 const char *policy,
204 size_t sizeof_policy);
199 205
200 typedef enum MHD_gnutls_certificate_print_formats 206 typedef enum MHD_gnutls_certificate_print_formats
201 { 207 {
@@ -205,31 +211,31 @@ extern "C"
205 } MHD_gnutls_certificate_print_formats_t; 211 } MHD_gnutls_certificate_print_formats_t;
206 212
207 int MHD_gnutls_x509_crt_print (MHD_gnutls_x509_crt_t cert, 213 int MHD_gnutls_x509_crt_print (MHD_gnutls_x509_crt_t cert,
208 MHD_gnutls_certificate_print_formats_t format, 214 MHD_gnutls_certificate_print_formats_t
209 MHD_gnutls_datum_t * out); 215 format, MHD_gnutls_datum_t * out);
210 int MHD_gnutls_x509_crl_print (MHD_gnutls_x509_crl_t crl, 216 int MHD_gnutls_x509_crl_print (MHD_gnutls_x509_crl_t crl,
211 MHD_gnutls_certificate_print_formats_t format, 217 MHD_gnutls_certificate_print_formats_t
212 MHD_gnutls_datum_t * out); 218 format, MHD_gnutls_datum_t * out);
213 219
214/* Access to internal Certificate fields. 220/* Access to internal Certificate fields.
215 */ 221 */
216 int MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert, 222 int MHD_gnutls_x509_crt_get_raw_issuer_dn (MHD_gnutls_x509_crt_t cert,
217 MHD_gnutls_datum_t * start); 223 MHD_gnutls_datum_t * start);
218 int MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert, 224 int MHD_gnutls_x509_crt_get_raw_dn (MHD_gnutls_x509_crt_t cert,
219 MHD_gnutls_datum_t * start); 225 MHD_gnutls_datum_t * start);
220 226
221/* RDN handling. 227/* RDN handling.
222 */ 228 */
223 int MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn, 229 int MHD_gnutls_x509_rdn_get (const MHD_gnutls_datum_t * idn,
224 char *buf, size_t * sizeof_buf); 230 char *buf, size_t * sizeof_buf);
225 int MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn, 231 int MHD_gnutls_x509_rdn_get_oid (const MHD_gnutls_datum_t * idn,
226 int indx, void *buf, size_t * sizeof_buf); 232 int indx, void *buf, size_t * sizeof_buf);
227 233
228 int MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn, 234 int MHD_gnutls_x509_rdn_get_by_oid (const MHD_gnutls_datum_t * idn,
229 const char *oid, 235 const char *oid,
230 int indx, 236 int indx,
231 unsigned int raw_flag, 237 unsigned int raw_flag,
232 void *buf, size_t * sizeof_buf); 238 void *buf, size_t * sizeof_buf);
233 239
234 typedef void *MHD_gnutls_x509_dn_t; 240 typedef void *MHD_gnutls_x509_dn_t;
235 241
@@ -241,30 +247,32 @@ extern "C"
241 } MHD_gnutls_x509_ava_st; 247 } MHD_gnutls_x509_ava_st;
242 248
243 int MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert, 249 int MHD_gnutls_x509_crt_get_subject (MHD_gnutls_x509_crt_t cert,
244 MHD_gnutls_x509_dn_t * dn); 250 MHD_gnutls_x509_dn_t * dn);
245/* CRL handling functions. 251/* CRL handling functions.
246 */ 252 */
247 int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl); 253 int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl);
248 void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl); 254 void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl);
249 255
250 int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, 256 int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl,
251 const MHD_gnutls_datum_t * data, 257 const MHD_gnutls_datum_t * data,
252 MHD_gnutls_x509_crt_fmt_t format); 258 MHD_gnutls_x509_crt_fmt_t format);
253 int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, 259 int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl,
254 MHD_gnutls_x509_crt_fmt_t format, 260 MHD_gnutls_x509_crt_fmt_t format,
255 void *output_data, size_t * output_data_size); 261 void *output_data,
262 size_t * output_data_size);
256 263
257 int MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl, 264 int MHD_gnutls_x509_crl_get_issuer_dn_by_oid (MHD_gnutls_x509_crl_t crl,
258 const char *oid, 265 const char *oid,
259 int indx, 266 int indx,
260 unsigned int raw_flag, 267 unsigned int raw_flag,
261 void *buf, size_t * sizeof_buf); 268 void *buf,
262 int MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, 269 size_t * sizeof_buf);
263 int indx, void *oid, size_t * sizeof_oid); 270 int MHD_gnutls_x509_crl_get_dn_oid (MHD_gnutls_x509_crl_t crl, int indx,
271 void *oid, size_t * sizeof_oid);
264 272
265 int MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl); 273 int MHD_gnutls_x509_crl_get_signature_algorithm (MHD_gnutls_x509_crl_t crl);
266 int MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl, 274 int MHD_gnutls_x509_crl_get_signature (MHD_gnutls_x509_crl_t crl,
267 char *sig, size_t * sizeof_sig); 275 char *sig, size_t * sizeof_sig);
268 int MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl); 276 int MHD_gnutls_x509_crl_get_version (MHD_gnutls_x509_crl_t crl);
269 277
270 time_t MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl); 278 time_t MHD_gnutls_x509_crl_get_this_update (MHD_gnutls_x509_crl_t crl);
@@ -272,37 +280,38 @@ extern "C"
272 280
273 int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); 281 int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl);
274 int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, 282 int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl,
275 int indx, 283 int indx,
276 unsigned char *serial, 284 unsigned char *serial,
277 size_t * serial_size, time_t * t); 285 size_t * serial_size, time_t * t);
278#define MHD_gnutls_x509_crl_get_certificate_count MHD_gnutls_x509_crl_get_crt_count 286#define MHD_gnutls_x509_crl_get_certificate_count MHD_gnutls_x509_crl_get_crt_count
279#define MHD_gnutls_x509_crl_get_certificate MHD_gnutls_x509_crl_get_crt_serial 287#define MHD_gnutls_x509_crl_get_certificate MHD_gnutls_x509_crl_get_crt_serial
280 288
281 int MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t crl, 289 int MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t crl,
282 MHD_gnutls_x509_crt_t issuer); 290 MHD_gnutls_x509_crt_t issuer);
283 291
284/* CRL writing. 292/* CRL writing.
285 */ 293 */
286 int MHD_gnutls_x509_crl_set_version (MHD_gnutls_x509_crl_t crl, 294 int MHD_gnutls_x509_crl_set_version (MHD_gnutls_x509_crl_t crl,
287 unsigned int version); 295 unsigned int version);
288 int MHD_gnutls_x509_crl_sign (MHD_gnutls_x509_crl_t crl, 296 int MHD_gnutls_x509_crl_sign (MHD_gnutls_x509_crl_t crl,
289 MHD_gnutls_x509_crt_t issuer, 297 MHD_gnutls_x509_crt_t issuer,
290 MHD_gnutls_x509_privkey_t issuer_key); 298 MHD_gnutls_x509_privkey_t issuer_key);
291 int MHD_gnutls_x509_crl_sign2 (MHD_gnutls_x509_crl_t crl, 299 int MHD_gnutls_x509_crl_sign2 (MHD_gnutls_x509_crl_t crl,
292 MHD_gnutls_x509_crt_t issuer, 300 MHD_gnutls_x509_crt_t issuer,
293 MHD_gnutls_x509_privkey_t issuer_key, 301 MHD_gnutls_x509_privkey_t issuer_key,
294 enum MHD_GNUTLS_HashAlgorithm, 302 enum MHD_GNUTLS_HashAlgorithm,
295 unsigned int flags); 303 unsigned int flags);
296 int MHD_gnutls_x509_crl_set_this_update (MHD_gnutls_x509_crl_t crl, 304 int MHD_gnutls_x509_crl_set_this_update (MHD_gnutls_x509_crl_t crl,
297 time_t act_time); 305 time_t act_time);
298 int MHD_gnutls_x509_crl_set_next_update (MHD_gnutls_x509_crl_t crl, 306 int MHD_gnutls_x509_crl_set_next_update (MHD_gnutls_x509_crl_t crl,
299 time_t exp_time); 307 time_t exp_time);
300 int MHD_gnutls_x509_crl_set_crt_serial (MHD_gnutls_x509_crl_t crl, 308 int MHD_gnutls_x509_crl_set_crt_serial (MHD_gnutls_x509_crl_t crl,
301 const void *serial, 309 const void *serial,
302 size_t serial_size, 310 size_t serial_size,
303 time_t revocation_time); 311 time_t revocation_time);
304 int MHD_gnutls_x509_crl_set_crt (MHD_gnutls_x509_crl_t crl, 312 int MHD_gnutls_x509_crl_set_crt (MHD_gnutls_x509_crl_t crl,
305 MHD_gnutls_x509_crt_t crt, time_t revocation_time); 313 MHD_gnutls_x509_crt_t crt,
314 time_t revocation_time);
306 315
307/* PKCS7 structures handling 316/* PKCS7 structures handling
308 */ 317 */
@@ -312,29 +321,32 @@ extern "C"
312 int MHD_gnutls_pkcs7_init (MHD_gnutls_pkcs7_t * pkcs7); 321 int MHD_gnutls_pkcs7_init (MHD_gnutls_pkcs7_t * pkcs7);
313 void MHD_gnutls_pkcs7_deinit (MHD_gnutls_pkcs7_t pkcs7); 322 void MHD_gnutls_pkcs7_deinit (MHD_gnutls_pkcs7_t pkcs7);
314 int MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7, 323 int MHD_gnutls_pkcs7_import (MHD_gnutls_pkcs7_t pkcs7,
315 const MHD_gnutls_datum_t * data, 324 const MHD_gnutls_datum_t * data,
316 MHD_gnutls_x509_crt_fmt_t format); 325 MHD_gnutls_x509_crt_fmt_t format);
317 int MHD_gnutls_pkcs7_export (MHD_gnutls_pkcs7_t pkcs7, 326 int MHD_gnutls_pkcs7_export (MHD_gnutls_pkcs7_t pkcs7,
318 MHD_gnutls_x509_crt_fmt_t format, 327 MHD_gnutls_x509_crt_fmt_t format,
319 void *output_data, size_t * output_data_size); 328 void *output_data, size_t * output_data_size);
320 329
321 int MHD_gnutls_pkcs7_get_crt_count (MHD_gnutls_pkcs7_t pkcs7); 330 int MHD_gnutls_pkcs7_get_crt_count (MHD_gnutls_pkcs7_t pkcs7);
322 int MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7, 331 int MHD_gnutls_pkcs7_get_crt_raw (MHD_gnutls_pkcs7_t pkcs7,
323 int indx, 332 int indx,
324 void *certificate, size_t * certificate_size); 333 void *certificate,
334 size_t * certificate_size);
325 335
326 int MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7, 336 int MHD_gnutls_pkcs7_set_crt_raw (MHD_gnutls_pkcs7_t pkcs7,
327 const MHD_gnutls_datum_t * crt); 337 const MHD_gnutls_datum_t * crt);
328 int MHD_gnutls_pkcs7_set_crt (MHD_gnutls_pkcs7_t pkcs7, MHD_gnutls_x509_crt_t crt); 338 int MHD_gnutls_pkcs7_set_crt (MHD_gnutls_pkcs7_t pkcs7,
339 MHD_gnutls_x509_crt_t crt);
329 int MHD_gnutls_pkcs7_delete_crt (MHD_gnutls_pkcs7_t pkcs7, int indx); 340 int MHD_gnutls_pkcs7_delete_crt (MHD_gnutls_pkcs7_t pkcs7, int indx);
330 341
331 int MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7, 342 int MHD_gnutls_pkcs7_get_crl_raw (MHD_gnutls_pkcs7_t pkcs7,
332 int indx, void *crl, size_t * crl_size); 343 int indx, void *crl, size_t * crl_size);
333 int MHD_gnutls_pkcs7_get_crl_count (MHD_gnutls_pkcs7_t pkcs7); 344 int MHD_gnutls_pkcs7_get_crl_count (MHD_gnutls_pkcs7_t pkcs7);
334 345
335 int MHD_gnutls_pkcs7_set_crl_raw (MHD_gnutls_pkcs7_t pkcs7, 346 int MHD_gnutls_pkcs7_set_crl_raw (MHD_gnutls_pkcs7_t pkcs7,
336 const MHD_gnutls_datum_t * crt); 347 const MHD_gnutls_datum_t * crt);
337 int MHD_gnutls_pkcs7_set_crl (MHD_gnutls_pkcs7_t pkcs7, MHD_gnutls_x509_crl_t crl); 348 int MHD_gnutls_pkcs7_set_crl (MHD_gnutls_pkcs7_t pkcs7,
349 MHD_gnutls_x509_crl_t crl);
338 int MHD_gnutls_pkcs7_delete_crl (MHD_gnutls_pkcs7_t pkcs7, int indx); 350 int MHD_gnutls_pkcs7_delete_crl (MHD_gnutls_pkcs7_t pkcs7, int indx);
339 351
340/* X.509 Certificate verification functions. 352/* X.509 Certificate verification functions.
@@ -375,28 +387,29 @@ extern "C"
375 } MHD_gnutls_certificate_verify_flags; 387 } MHD_gnutls_certificate_verify_flags;
376 388
377 int MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert, 389 int MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert,
378 MHD_gnutls_x509_crt_t issuer); 390 MHD_gnutls_x509_crt_t issuer);
379 391
380 int MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list, 392 int MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t *
381 int cert_list_length, 393 cert_list, int cert_list_length,
382 const MHD_gnutls_x509_crt_t * CA_list, 394 const MHD_gnutls_x509_crt_t * CA_list,
383 int CA_list_length, 395 int CA_list_length,
384 const MHD_gnutls_x509_crl_t * CRL_list, 396 const MHD_gnutls_x509_crl_t * CRL_list,
385 int CRL_list_length, 397 int CRL_list_length,
386 unsigned int flags, unsigned int *verify); 398 unsigned int flags,
399 unsigned int *verify);
387 400
388 int MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert, 401 int MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert,
389 const MHD_gnutls_x509_crt_t * CA_list, 402 const MHD_gnutls_x509_crt_t * CA_list,
390 int CA_list_length, 403 int CA_list_length,
391 unsigned int flags, unsigned int *verify); 404 unsigned int flags, unsigned int *verify);
392 int MHD_gnutls_x509_crl_verify (MHD_gnutls_x509_crl_t crl, 405 int MHD_gnutls_x509_crl_verify (MHD_gnutls_x509_crl_t crl,
393 const MHD_gnutls_x509_crt_t * CA_list, 406 const MHD_gnutls_x509_crt_t * CA_list,
394 int CA_list_length, 407 int CA_list_length,
395 unsigned int flags, unsigned int *verify); 408 unsigned int flags, unsigned int *verify);
396 409
397 int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, 410 int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert,
398 const MHD_gnutls_x509_crl_t * 411 const MHD_gnutls_x509_crl_t *
399 crl_list, int crl_list_length); 412 crl_list, int crl_list_length);
400 413
401 414
402/* Flags for the MHD_gnutls_x509_privkey_export_pkcs8() function. 415/* Flags for the MHD_gnutls_x509_privkey_export_pkcs8() function.
@@ -420,62 +433,65 @@ extern "C"
420 int MHD_gnutls_x509_privkey_init (MHD_gnutls_x509_privkey_t * key); 433 int MHD_gnutls_x509_privkey_init (MHD_gnutls_x509_privkey_t * key);
421 void MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key); 434 void MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key);
422 int MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, 435 int MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst,
423 MHD_gnutls_x509_privkey_t src); 436 MHD_gnutls_x509_privkey_t src);
424 int MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, 437 int MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key,
425 const MHD_gnutls_datum_t * data, 438 const MHD_gnutls_datum_t * data,
426 MHD_gnutls_x509_crt_fmt_t format); 439 MHD_gnutls_x509_crt_fmt_t format);
427 int MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key, 440 int MHD_gnutls_x509_privkey_import_pkcs8 (MHD_gnutls_x509_privkey_t key,
428 const MHD_gnutls_datum_t * data, 441 const MHD_gnutls_datum_t * data,
429 MHD_gnutls_x509_crt_fmt_t format, 442 MHD_gnutls_x509_crt_fmt_t format,
430 const char *pass, unsigned int flags); 443 const char *pass,
444 unsigned int flags);
431 int MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, 445 int MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key,
432 const MHD_gnutls_datum_t * m, 446 const MHD_gnutls_datum_t * m,
433 const MHD_gnutls_datum_t * e, 447 const MHD_gnutls_datum_t * e,
434 const MHD_gnutls_datum_t * d, 448 const MHD_gnutls_datum_t * d,
435 const MHD_gnutls_datum_t * p, 449 const MHD_gnutls_datum_t * p,
436 const MHD_gnutls_datum_t * q, 450 const MHD_gnutls_datum_t * q,
437 const MHD_gnutls_datum_t * u); 451 const MHD_gnutls_datum_t * u);
438 int MHD_gnutls_x509_privkey_export_dsa_raw (MHD_gnutls_x509_privkey_t key, 452 int MHD_gnutls_x509_privkey_export_dsa_raw (MHD_gnutls_x509_privkey_t key,
439 MHD_gnutls_datum_t * p, 453 MHD_gnutls_datum_t * p,
440 MHD_gnutls_datum_t * q, 454 MHD_gnutls_datum_t * q,
441 MHD_gnutls_datum_t * g, 455 MHD_gnutls_datum_t * g,
442 MHD_gnutls_datum_t * y, 456 MHD_gnutls_datum_t * y,
443 MHD_gnutls_datum_t * x); 457 MHD_gnutls_datum_t * x);
444 int MHD_gnutls_x509_privkey_import_dsa_raw (MHD_gnutls_x509_privkey_t key, 458 int MHD_gnutls_x509_privkey_import_dsa_raw (MHD_gnutls_x509_privkey_t key,
445 const MHD_gnutls_datum_t * p, 459 const MHD_gnutls_datum_t * p,
446 const MHD_gnutls_datum_t * q, 460 const MHD_gnutls_datum_t * q,
447 const MHD_gnutls_datum_t * g, 461 const MHD_gnutls_datum_t * g,
448 const MHD_gnutls_datum_t * y, 462 const MHD_gnutls_datum_t * y,
449 const MHD_gnutls_datum_t * x); 463 const MHD_gnutls_datum_t * x);
450 464
451 int MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t key); 465 int MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t
466 key);
452 int MHD_gnutls_x509_privkey_get_key_id (MHD_gnutls_x509_privkey_t key, 467 int MHD_gnutls_x509_privkey_get_key_id (MHD_gnutls_x509_privkey_t key,
453 unsigned int flags, 468 unsigned int flags,
454 unsigned char *output_data, 469 unsigned char *output_data,
455 size_t * output_data_size); 470 size_t * output_data_size);
456 471
457 int MHD_gnutls_x509_privkey_export (MHD_gnutls_x509_privkey_t key, 472 int MHD_gnutls_x509_privkey_export (MHD_gnutls_x509_privkey_t key,
458 MHD_gnutls_x509_crt_fmt_t format, 473 MHD_gnutls_x509_crt_fmt_t format,
459 void *output_data, 474 void *output_data,
460 size_t * output_data_size); 475 size_t * output_data_size);
461 int MHD_gnutls_x509_privkey_export_pkcs8 (MHD_gnutls_x509_privkey_t key, 476 int MHD_gnutls_x509_privkey_export_pkcs8 (MHD_gnutls_x509_privkey_t key,
462 MHD_gnutls_x509_crt_fmt_t format, 477 MHD_gnutls_x509_crt_fmt_t format,
463 const char *password, 478 const char *password,
464 unsigned int flags, 479 unsigned int flags,
465 void *output_data, 480 void *output_data,
466 size_t * output_data_size); 481 size_t * output_data_size);
467 int MHD_gnutls_x509_privkey_export_rsa_raw (MHD_gnutls_x509_privkey_t key, 482 int MHD_gnutls_x509_privkey_export_rsa_raw (MHD_gnutls_x509_privkey_t key,
468 MHD_gnutls_datum_t * m, 483 MHD_gnutls_datum_t * m,
469 MHD_gnutls_datum_t * e, 484 MHD_gnutls_datum_t * e,
470 MHD_gnutls_datum_t * d, 485 MHD_gnutls_datum_t * d,
471 MHD_gnutls_datum_t * p, 486 MHD_gnutls_datum_t * p,
472 MHD_gnutls_datum_t * q, 487 MHD_gnutls_datum_t * q,
473 MHD_gnutls_datum_t * u); 488 MHD_gnutls_datum_t * u);
474 489
475 int MHD_gnutls_x509_privkey_verify_data (MHD_gnutls_x509_privkey_t key, 490 int MHD_gnutls_x509_privkey_verify_data (MHD_gnutls_x509_privkey_t key,
476 unsigned int flags, 491 unsigned int flags,
477 const MHD_gnutls_datum_t * data, 492 const MHD_gnutls_datum_t * data,
478 const MHD_gnutls_datum_t * signature); 493 const MHD_gnutls_datum_t *
494 signature);
479 495
480/* Certificate request stuff. 496/* Certificate request stuff.
481 */ 497 */
@@ -485,53 +501,57 @@ extern "C"
485 int MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq); 501 int MHD_gnutls_x509_crq_init (MHD_gnutls_x509_crq_t * crq);
486 void MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq); 502 void MHD_gnutls_x509_crq_deinit (MHD_gnutls_x509_crq_t crq);
487 int MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq, 503 int MHD_gnutls_x509_crq_import (MHD_gnutls_x509_crq_t crq,
488 const MHD_gnutls_datum_t * data, 504 const MHD_gnutls_datum_t * data,
489 MHD_gnutls_x509_crt_fmt_t format); 505 MHD_gnutls_x509_crt_fmt_t format);
490 int MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq, 506 int MHD_gnutls_x509_crq_get_pk_algorithm (MHD_gnutls_x509_crq_t crq,
491 unsigned int *bits); 507 unsigned int *bits);
492 int MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq, 508 int MHD_gnutls_x509_crq_get_dn (MHD_gnutls_x509_crq_t crq,
493 char *buf, size_t * sizeof_buf); 509 char *buf, size_t * sizeof_buf);
494 int MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq, 510 int MHD_gnutls_x509_crq_get_dn_oid (MHD_gnutls_x509_crq_t crq,
495 int indx, void *oid, size_t * sizeof_oid); 511 int indx, void *oid,
512 size_t * sizeof_oid);
496 int MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq, 513 int MHD_gnutls_x509_crq_get_dn_by_oid (MHD_gnutls_x509_crq_t crq,
497 const char *oid, 514 const char *oid, int indx,
498 int indx, 515 unsigned int raw_flag, void *buf,
499 unsigned int raw_flag, 516 size_t * sizeof_buf);
500 void *buf, size_t * sizeof_buf);
501 int MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq, 517 int MHD_gnutls_x509_crq_set_dn_by_oid (MHD_gnutls_x509_crq_t crq,
502 const char *oid, 518 const char *oid,
503 unsigned int raw_flag, 519 unsigned int raw_flag,
504 const void *name, 520 const void *name,
505 unsigned int sizeof_name); 521 unsigned int sizeof_name);
506 int MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq, 522 int MHD_gnutls_x509_crq_set_version (MHD_gnutls_x509_crq_t crq,
507 unsigned int version); 523 unsigned int version);
508 int MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq, 524 int MHD_gnutls_x509_crq_set_key (MHD_gnutls_x509_crq_t crq,
509 MHD_gnutls_x509_privkey_t key); 525 MHD_gnutls_x509_privkey_t key);
510 int MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq, 526 int MHD_gnutls_x509_crq_sign2 (MHD_gnutls_x509_crq_t crq,
511 MHD_gnutls_x509_privkey_t key, 527 MHD_gnutls_x509_privkey_t key,
512 enum MHD_GNUTLS_HashAlgorithm, 528 enum MHD_GNUTLS_HashAlgorithm,
513 unsigned int flags); 529 unsigned int flags);
514 int MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq, MHD_gnutls_x509_privkey_t key); 530 int MHD_gnutls_x509_crq_sign (MHD_gnutls_x509_crq_t crq,
531 MHD_gnutls_x509_privkey_t key);
515 532
516 int MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq, 533 int MHD_gnutls_x509_crq_set_challenge_password (MHD_gnutls_x509_crq_t crq,
517 const char *pass); 534 const char *pass);
518 int MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq, 535 int MHD_gnutls_x509_crq_get_challenge_password (MHD_gnutls_x509_crq_t crq,
519 char *pass, 536 char *pass,
520 size_t * sizeof_pass); 537 size_t * sizeof_pass);
521 538
522 int MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq, 539 int MHD_gnutls_x509_crq_set_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
523 const char *oid, 540 const char *oid,
524 void *buf, size_t sizeof_buf); 541 void *buf, size_t sizeof_buf);
525 int MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq, 542 int MHD_gnutls_x509_crq_get_attribute_by_oid (MHD_gnutls_x509_crq_t crq,
526 const char *oid, 543 const char *oid,
527 int indx, 544 int indx,
528 void *buf, size_t * sizeof_buf); 545 void *buf,
546 size_t * sizeof_buf);
529 547
530 int MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq, 548 int MHD_gnutls_x509_crq_export (MHD_gnutls_x509_crq_t crq,
531 MHD_gnutls_x509_crt_fmt_t format, 549 MHD_gnutls_x509_crt_fmt_t format,
532 void *output_data, size_t * output_data_size); 550 void *output_data,
551 size_t * output_data_size);
533 552
534 int MHD_gnutls_x509_crt_set_crq (MHD_gnutls_x509_crt_t crt, MHD_gnutls_x509_crq_t crq); 553 int MHD_gnutls_x509_crt_set_crq (MHD_gnutls_x509_crt_t crt,
554 MHD_gnutls_x509_crq_t crq);
535 555
536#ifdef __cplusplus 556#ifdef __cplusplus
537} 557}
@@ -605,65 +625,66 @@ typedef struct MHD_gtls_x509_privkey_int
605} MHD_gnutls_x509_privkey_int; 625} MHD_gnutls_x509_privkey_int;
606 626
607int MHD_gnutls_x509_crt_get_issuer_dn_by_oid (MHD_gnutls_x509_crt_t cert, 627int MHD_gnutls_x509_crt_get_issuer_dn_by_oid (MHD_gnutls_x509_crt_t cert,
608 const char *oid, 628 const char *oid,
609 int indx, 629 int indx,
610 unsigned int raw_flag, 630 unsigned int raw_flag,
611 void *buf, size_t * sizeof_buf); 631 void *buf, size_t * sizeof_buf);
612int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert, 632int MHD_gnutls_x509_crt_get_subject_alt_name (MHD_gnutls_x509_crt_t cert,
613 unsigned int seq, 633 unsigned int seq,
614 void *ret, 634 void *ret,
615 size_t * ret_size, 635 size_t * ret_size,
616 unsigned int *critical); 636 unsigned int *critical);
617int MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert, 637int MHD_gnutls_x509_crt_get_dn_by_oid (MHD_gnutls_x509_crt_t cert,
618 const char *oid, 638 const char *oid,
619 int indx, 639 int indx,
620 unsigned int raw_flag, 640 unsigned int raw_flag,
621 void *buf, size_t * sizeof_buf); 641 void *buf, size_t * sizeof_buf);
622int MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert, 642int MHD_gnutls_x509_crt_get_ca_status (MHD_gnutls_x509_crt_t cert,
623 unsigned int *critical); 643 unsigned int *critical);
624int MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert, 644int MHD_gnutls_x509_crt_get_pk_algorithm (MHD_gnutls_x509_crt_t cert,
625 unsigned int *bits); 645 unsigned int *bits);
626 646
627int MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert, 647int MHD_gnutls_x509_crt_get_serial (MHD_gnutls_x509_crt_t cert,
628 void *result, size_t * result_size); 648 void *result, size_t * result_size);
629 649
630int MHD__gnutls_x509_compare_raw_dn (const MHD_gnutls_datum_t * dn1, 650int MHD__gnutls_x509_compare_raw_dn (const MHD_gnutls_datum_t * dn1,
631 const MHD_gnutls_datum_t * dn2); 651 const MHD_gnutls_datum_t * dn2);
632 652
633int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert, 653int MHD_gnutls_x509_crt_check_revocation (MHD_gnutls_x509_crt_t cert,
634 const MHD_gnutls_x509_crl_t * crl_list, 654 const MHD_gnutls_x509_crl_t *
635 int crl_list_length); 655 crl_list, int crl_list_length);
636 656
637int MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest, MHD_gnutls_x509_crl_t src); 657int MHD__gnutls_x509_crl_cpy (MHD_gnutls_x509_crl_t dest,
658 MHD_gnutls_x509_crl_t src);
638int MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl, 659int MHD__gnutls_x509_crl_get_raw_issuer_dn (MHD_gnutls_x509_crl_t crl,
639 MHD_gnutls_datum_t * dn); 660 MHD_gnutls_datum_t * dn);
640int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl); 661int MHD_gnutls_x509_crl_get_crt_count (MHD_gnutls_x509_crl_t crl);
641int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl, 662int MHD_gnutls_x509_crl_get_crt_serial (MHD_gnutls_x509_crl_t crl,
642 int indx, 663 int indx,
643 unsigned char *serial, 664 unsigned char *serial,
644 size_t * serial_size, time_t * t); 665 size_t * serial_size, time_t * t);
645 666
646void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl); 667void MHD_gnutls_x509_crl_deinit (MHD_gnutls_x509_crl_t crl);
647int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl); 668int MHD_gnutls_x509_crl_init (MHD_gnutls_x509_crl_t * crl);
648int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl, 669int MHD_gnutls_x509_crl_import (MHD_gnutls_x509_crl_t crl,
649 const MHD_gnutls_datum_t * data, 670 const MHD_gnutls_datum_t * data,
650 MHD_gnutls_x509_crt_fmt_t format); 671 MHD_gnutls_x509_crt_fmt_t format);
651int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl, 672int MHD_gnutls_x509_crl_export (MHD_gnutls_x509_crl_t crl,
652 MHD_gnutls_x509_crt_fmt_t format, 673 MHD_gnutls_x509_crt_fmt_t format,
653 void *output_data, size_t * output_data_size); 674 void *output_data, size_t * output_data_size);
654 675
655int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert); 676int MHD_gnutls_x509_crt_init (MHD_gnutls_x509_crt_t * cert);
656void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert); 677void MHD_gnutls_x509_crt_deinit (MHD_gnutls_x509_crt_t cert);
657int MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert, 678int MHD_gnutls_x509_crt_import (MHD_gnutls_x509_crt_t cert,
658 const MHD_gnutls_datum_t * data, 679 const MHD_gnutls_datum_t * data,
659 MHD_gnutls_x509_crt_fmt_t format); 680 MHD_gnutls_x509_crt_fmt_t format);
660int MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert, 681int MHD_gnutls_x509_crt_export (MHD_gnutls_x509_crt_t cert,
661 MHD_gnutls_x509_crt_fmt_t format, 682 MHD_gnutls_x509_crt_fmt_t format,
662 void *output_data, size_t * output_data_size); 683 void *output_data, size_t * output_data_size);
663 684
664int MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert, 685int MHD_gnutls_x509_crt_get_key_usage (MHD_gnutls_x509_crt_t cert,
665 unsigned int *key_usage, 686 unsigned int *key_usage,
666 unsigned int *critical); 687 unsigned int *critical);
667int MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert); 688int MHD_gnutls_x509_crt_get_signature_algorithm (MHD_gnutls_x509_crt_t cert);
668int MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert); 689int MHD_gnutls_x509_crt_get_version (MHD_gnutls_x509_crt_t cert);
669 690
@@ -671,30 +692,31 @@ int MHD_gnutls_x509_privkey_init (MHD_gnutls_x509_privkey_t * key);
671void MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key); 692void MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key);
672 693
673int MHD_gnutls_x509_privkey_generate (MHD_gnutls_x509_privkey_t key, 694int MHD_gnutls_x509_privkey_generate (MHD_gnutls_x509_privkey_t key,
674 enum MHD_GNUTLS_PublicKeyAlgorithm algo, 695 enum MHD_GNUTLS_PublicKeyAlgorithm algo,
675 unsigned int bits, unsigned int flags); 696 unsigned int bits, unsigned int flags);
676 697
677int MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, 698int MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key,
678 const MHD_gnutls_datum_t * data, 699 const MHD_gnutls_datum_t * data,
679 MHD_gnutls_x509_crt_fmt_t format); 700 MHD_gnutls_x509_crt_fmt_t format);
680int MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t key); 701int MHD_gnutls_x509_privkey_get_pk_algorithm (MHD_gnutls_x509_privkey_t key);
681int MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, 702int MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key,
682 const MHD_gnutls_datum_t * m, 703 const MHD_gnutls_datum_t * m,
683 const MHD_gnutls_datum_t * e, 704 const MHD_gnutls_datum_t * e,
684 const MHD_gnutls_datum_t * d, 705 const MHD_gnutls_datum_t * d,
685 const MHD_gnutls_datum_t * p, 706 const MHD_gnutls_datum_t * p,
686 const MHD_gnutls_datum_t * q, 707 const MHD_gnutls_datum_t * q,
687 const MHD_gnutls_datum_t * u); 708 const MHD_gnutls_datum_t * u);
688int MHD_gnutls_x509_privkey_export_rsa_raw (MHD_gnutls_x509_privkey_t key, 709int MHD_gnutls_x509_privkey_export_rsa_raw (MHD_gnutls_x509_privkey_t key,
689 MHD_gnutls_datum_t * m, 710 MHD_gnutls_datum_t * m,
690 MHD_gnutls_datum_t * e, 711 MHD_gnutls_datum_t * e,
691 MHD_gnutls_datum_t * d, 712 MHD_gnutls_datum_t * d,
692 MHD_gnutls_datum_t * p, 713 MHD_gnutls_datum_t * p,
693 MHD_gnutls_datum_t * q, 714 MHD_gnutls_datum_t * q,
694 MHD_gnutls_datum_t * u); 715 MHD_gnutls_datum_t * u);
695int MHD_gnutls_x509_privkey_export (MHD_gnutls_x509_privkey_t key, 716int MHD_gnutls_x509_privkey_export (MHD_gnutls_x509_privkey_t key,
696 MHD_gnutls_x509_crt_fmt_t format, 717 MHD_gnutls_x509_crt_fmt_t format,
697 void *output_data, size_t * output_data_size); 718 void *output_data,
719 size_t * output_data_size);
698 720
699#define GNUTLS_CRL_REASON_UNUSED 128 721#define GNUTLS_CRL_REASON_UNUSED 128
700#define GNUTLS_CRL_REASON_KEY_COMPROMISE 64 722#define GNUTLS_CRL_REASON_KEY_COMPROMISE 64
diff --git a/src/daemon/https/x509/x509_privkey.c b/src/daemon/https/x509/x509_privkey.c
index 579ce664..d94a6a5d 100644
--- a/src/daemon/https/x509/x509_privkey.c
+++ b/src/daemon/https/x509/x509_privkey.c
@@ -104,7 +104,8 @@ MHD_gnutls_x509_privkey_deinit (MHD_gnutls_x509_privkey_t key)
104 * 104 *
105 **/ 105 **/
106int 106int
107MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, MHD_gnutls_x509_privkey_t src) 107MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst,
108 MHD_gnutls_x509_privkey_t src)
108{ 109{
109 int i, ret; 110 int i, ret;
110 111
@@ -148,14 +149,14 @@ MHD_gnutls_x509_privkey_cpy (MHD_gnutls_x509_privkey_t dst, MHD_gnutls_x509_priv
148 */ 149 */
149ASN1_TYPE 150ASN1_TYPE
150MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * raw_key, 151MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * raw_key,
151 MHD_gnutls_x509_privkey_t pkey) 152 MHD_gnutls_x509_privkey_t pkey)
152{ 153{
153 int result; 154 int result;
154 ASN1_TYPE pkey_asn; 155 ASN1_TYPE pkey_asn;
155 156
156 if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), 157 if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
157 "GNUTLS.RSAPrivateKey", 158 "GNUTLS.RSAPrivateKey",
158 &pkey_asn)) != ASN1_SUCCESS) 159 &pkey_asn)) != ASN1_SUCCESS)
159 { 160 {
160 MHD_gnutls_assert (); 161 MHD_gnutls_assert ();
161 return NULL; 162 return NULL;
@@ -168,43 +169,44 @@ MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * raw_key,
168 return NULL; 169 return NULL;
169 } 170 }
170 171
171 result = MHD__asn1_der_decoding (&pkey_asn, raw_key->data, raw_key->size, NULL); 172 result =
173 MHD__asn1_der_decoding (&pkey_asn, raw_key->data, raw_key->size, NULL);
172 if (result != ASN1_SUCCESS) 174 if (result != ASN1_SUCCESS)
173 { 175 {
174 MHD_gnutls_assert (); 176 MHD_gnutls_assert ();
175 goto error; 177 goto error;
176 } 178 }
177 179
178 if ((result = MHD__gnutls_x509_read_int (pkey_asn, "modulus", &pkey->params[0])) 180 if ((result =
179 < 0) 181 MHD__gnutls_x509_read_int (pkey_asn, "modulus", &pkey->params[0])) < 0)
180 { 182 {
181 MHD_gnutls_assert (); 183 MHD_gnutls_assert ();
182 goto error; 184 goto error;
183 } 185 }
184 186
185 if ((result = MHD__gnutls_x509_read_int (pkey_asn, "publicExponent", 187 if ((result = MHD__gnutls_x509_read_int (pkey_asn, "publicExponent",
186 &pkey->params[1])) < 0) 188 &pkey->params[1])) < 0)
187 { 189 {
188 MHD_gnutls_assert (); 190 MHD_gnutls_assert ();
189 goto error; 191 goto error;
190 } 192 }
191 193
192 if ((result = MHD__gnutls_x509_read_int (pkey_asn, "privateExponent", 194 if ((result = MHD__gnutls_x509_read_int (pkey_asn, "privateExponent",
193 &pkey->params[2])) < 0) 195 &pkey->params[2])) < 0)
194 { 196 {
195 MHD_gnutls_assert (); 197 MHD_gnutls_assert ();
196 goto error; 198 goto error;
197 } 199 }
198 200
199 if ((result = MHD__gnutls_x509_read_int (pkey_asn, "prime1", &pkey->params[3])) 201 if ((result =
200 < 0) 202 MHD__gnutls_x509_read_int (pkey_asn, "prime1", &pkey->params[3])) < 0)
201 { 203 {
202 MHD_gnutls_assert (); 204 MHD_gnutls_assert ();
203 goto error; 205 goto error;
204 } 206 }
205 207
206 if ((result = MHD__gnutls_x509_read_int (pkey_asn, "prime2", &pkey->params[4])) 208 if ((result =
207 < 0) 209 MHD__gnutls_x509_read_int (pkey_asn, "prime2", &pkey->params[4])) < 0)
208 { 210 {
209 MHD_gnutls_assert (); 211 MHD_gnutls_assert ();
210 goto error; 212 goto error;
@@ -227,7 +229,7 @@ MHD__gnutls_privkey_decode_pkcs1_rsa_key (const MHD_gnutls_datum_t * raw_key,
227 /* p, q */ 229 /* p, q */
228#else 230#else
229 if ((result = MHD__gnutls_x509_read_int (pkey_asn, "coefficient", 231 if ((result = MHD__gnutls_x509_read_int (pkey_asn, "coefficient",
230 &pkey->params[5])) < 0) 232 &pkey->params[5])) < 0)
231 { 233 {
232 MHD_gnutls_assert (); 234 MHD_gnutls_assert ();
233 goto error; 235 goto error;
@@ -267,8 +269,8 @@ error:MHD__asn1_delete_structure (&pkey_asn);
267 **/ 269 **/
268int 270int
269MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key, 271MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key,
270 const MHD_gnutls_datum_t * data, 272 const MHD_gnutls_datum_t * data,
271 MHD_gnutls_x509_crt_fmt_t format) 273 MHD_gnutls_x509_crt_fmt_t format)
272{ 274{
273 int result = 0, need_free = 0; 275 int result = 0, need_free = 0;
274 MHD_gnutls_datum_t _data; 276 MHD_gnutls_datum_t _data;
@@ -291,7 +293,9 @@ MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key,
291 293
292 /* Try the first header */ 294 /* Try the first header */
293 result 295 result
294 = MHD__gnutls_fbase64_decode (PEM_KEY_RSA, data->data, data->size, &out); 296 =
297 MHD__gnutls_fbase64_decode (PEM_KEY_RSA, data->data, data->size,
298 &out);
295 key->pk_algorithm = MHD_GNUTLS_PK_RSA; 299 key->pk_algorithm = MHD_GNUTLS_PK_RSA;
296 300
297 _data.data = out; 301 _data.data = out;
@@ -360,12 +364,12 @@ MHD_gnutls_x509_privkey_import (MHD_gnutls_x509_privkey_t key,
360 **/ 364 **/
361int 365int
362MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key, 366MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key,
363 const MHD_gnutls_datum_t * m, 367 const MHD_gnutls_datum_t * m,
364 const MHD_gnutls_datum_t * e, 368 const MHD_gnutls_datum_t * e,
365 const MHD_gnutls_datum_t * d, 369 const MHD_gnutls_datum_t * d,
366 const MHD_gnutls_datum_t * p, 370 const MHD_gnutls_datum_t * p,
367 const MHD_gnutls_datum_t * q, 371 const MHD_gnutls_datum_t * q,
368 const MHD_gnutls_datum_t * u) 372 const MHD_gnutls_datum_t * u)
369{ 373{
370 int i = 0, ret; 374 int i = 0, ret;
371 size_t siz = 0; 375 size_t siz = 0;
@@ -417,7 +421,8 @@ MHD_gnutls_x509_privkey_import_rsa_raw (MHD_gnutls_x509_privkey_t key,
417 } 421 }
418 422
419#ifdef CALC_COEFF 423#ifdef CALC_COEFF
420 key->params[5] = MHD__gnutls_mpi_snew (MHD__gnutls_mpi_get_nbits (key->params[0])); 424 key->params[5] =
425 MHD__gnutls_mpi_snew (MHD__gnutls_mpi_get_nbits (key->params[0]));
421 426
422 if (key->params[5] == NULL) 427 if (key->params[5] == NULL)
423 { 428 {
@@ -501,7 +506,7 @@ MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params)
501 506
502 /* Now generate exp1 and exp2 507 /* Now generate exp1 and exp2
503 */ 508 */
504 exp1 = MHD__gnutls_mpi_salloc_like (params[0]); /* like modulus */ 509 exp1 = MHD__gnutls_mpi_salloc_like (params[0]); /* like modulus */
505 if (exp1 == NULL) 510 if (exp1 == NULL)
506 { 511 {
507 MHD_gnutls_assert (); 512 MHD_gnutls_assert ();
@@ -600,8 +605,8 @@ MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params)
600 */ 605 */
601 606
602 if ((result = 607 if ((result =
603 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.RSAPrivateKey", 608 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
604 c2)) != ASN1_SUCCESS) 609 "GNUTLS.RSAPrivateKey", c2)) != ASN1_SUCCESS)
605 { 610 {
606 MHD_gnutls_assert (); 611 MHD_gnutls_assert ();
607 result = MHD_gtls_asn2err (result); 612 result = MHD_gtls_asn2err (result);
@@ -618,16 +623,18 @@ MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params)
618 goto cleanup; 623 goto cleanup;
619 } 624 }
620 625
621 if ((result = MHD__asn1_write_value (*c2, "publicExponent", pube_data, size[1])) 626 if ((result =
622 != ASN1_SUCCESS) 627 MHD__asn1_write_value (*c2, "publicExponent", pube_data,
628 size[1])) != ASN1_SUCCESS)
623 { 629 {
624 MHD_gnutls_assert (); 630 MHD_gnutls_assert ();
625 result = MHD_gtls_asn2err (result); 631 result = MHD_gtls_asn2err (result);
626 goto cleanup; 632 goto cleanup;
627 } 633 }
628 634
629 if ((result = MHD__asn1_write_value (*c2, "privateExponent", prie_data, size[2])) 635 if ((result =
630 != ASN1_SUCCESS) 636 MHD__asn1_write_value (*c2, "privateExponent", prie_data,
637 size[2])) != ASN1_SUCCESS)
631 { 638 {
632 MHD_gnutls_assert (); 639 MHD_gnutls_assert ();
633 result = MHD_gtls_asn2err (result); 640 result = MHD_gtls_asn2err (result);
@@ -682,14 +689,15 @@ MHD__gnutls_asn1_encode_rsa (ASN1_TYPE * c2, mpi_t * params)
682 MHD_gnutls_free (all_data); 689 MHD_gnutls_free (all_data);
683 690
684 if ((result = MHD__asn1_write_value (*c2, "otherPrimeInfos", 691 if ((result = MHD__asn1_write_value (*c2, "otherPrimeInfos",
685 NULL, 0)) != ASN1_SUCCESS) 692 NULL, 0)) != ASN1_SUCCESS)
686 { 693 {
687 MHD_gnutls_assert (); 694 MHD_gnutls_assert ();
688 result = MHD_gtls_asn2err (result); 695 result = MHD_gtls_asn2err (result);
689 goto cleanup; 696 goto cleanup;
690 } 697 }
691 698
692 if ((result = MHD__asn1_write_value (*c2, "version", &null, 1)) != ASN1_SUCCESS) 699 if ((result =
700 MHD__asn1_write_value (*c2, "version", &null, 1)) != ASN1_SUCCESS)
693 { 701 {
694 MHD_gnutls_assert (); 702 MHD_gnutls_assert ();
695 result = MHD_gtls_asn2err (result); 703 result = MHD_gtls_asn2err (result);
@@ -760,8 +768,8 @@ MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params)
760 */ 768 */
761 769
762 if ((result = 770 if ((result =
763 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), "GNUTLS.DSAPrivateKey", 771 MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
764 c2)) != ASN1_SUCCESS) 772 "GNUTLS.DSAPrivateKey", c2)) != ASN1_SUCCESS)
765 { 773 {
766 MHD_gnutls_assert (); 774 MHD_gnutls_assert ();
767 result = MHD_gtls_asn2err (result); 775 result = MHD_gtls_asn2err (result);
@@ -770,28 +778,32 @@ MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params)
770 778
771 /* Write PRIME 779 /* Write PRIME
772 */ 780 */
773 if ((result = MHD__asn1_write_value (*c2, "p", p_data, size[0])) != ASN1_SUCCESS) 781 if ((result =
782 MHD__asn1_write_value (*c2, "p", p_data, size[0])) != ASN1_SUCCESS)
774 { 783 {
775 MHD_gnutls_assert (); 784 MHD_gnutls_assert ();
776 result = MHD_gtls_asn2err (result); 785 result = MHD_gtls_asn2err (result);
777 goto cleanup; 786 goto cleanup;
778 } 787 }
779 788
780 if ((result = MHD__asn1_write_value (*c2, "q", q_data, size[1])) != ASN1_SUCCESS) 789 if ((result =
790 MHD__asn1_write_value (*c2, "q", q_data, size[1])) != ASN1_SUCCESS)
781 { 791 {
782 MHD_gnutls_assert (); 792 MHD_gnutls_assert ();
783 result = MHD_gtls_asn2err (result); 793 result = MHD_gtls_asn2err (result);
784 goto cleanup; 794 goto cleanup;
785 } 795 }
786 796
787 if ((result = MHD__asn1_write_value (*c2, "g", g_data, size[2])) != ASN1_SUCCESS) 797 if ((result =
798 MHD__asn1_write_value (*c2, "g", g_data, size[2])) != ASN1_SUCCESS)
788 { 799 {
789 MHD_gnutls_assert (); 800 MHD_gnutls_assert ();
790 result = MHD_gtls_asn2err (result); 801 result = MHD_gtls_asn2err (result);
791 goto cleanup; 802 goto cleanup;
792 } 803 }
793 804
794 if ((result = MHD__asn1_write_value (*c2, "Y", y_data, size[3])) != ASN1_SUCCESS) 805 if ((result =
806 MHD__asn1_write_value (*c2, "Y", y_data, size[3])) != ASN1_SUCCESS)
795 { 807 {
796 MHD_gnutls_assert (); 808 MHD_gnutls_assert ();
797 result = MHD_gtls_asn2err (result); 809 result = MHD_gtls_asn2err (result);
@@ -808,7 +820,8 @@ MHD__gnutls_asn1_encode_dsa (ASN1_TYPE * c2, mpi_t * params)
808 820
809 MHD_gnutls_free (all_data); 821 MHD_gnutls_free (all_data);
810 822
811 if ((result = MHD__asn1_write_value (*c2, "version", &null, 1)) != ASN1_SUCCESS) 823 if ((result =
824 MHD__asn1_write_value (*c2, "version", &null, 1)) != ASN1_SUCCESS)
812 { 825 {
813 MHD_gnutls_assert (); 826 MHD_gnutls_assert ();
814 result = MHD_gtls_asn2err (result); 827 result = MHD_gtls_asn2err (result);
@@ -822,4 +835,3 @@ cleanup:MHD__asn1_delete_structure (c2);
822 835
823 return result; 836 return result;
824} 837}
825
diff --git a/src/daemon/https/x509/x509_verify.c b/src/daemon/https/x509/x509_verify.c
index c85aa52e..35513810 100644
--- a/src/daemon/https/x509/x509_verify.c
+++ b/src/daemon/https/x509/x509_verify.c
@@ -42,20 +42,21 @@
42#include <verify.h> 42#include <verify.h>
43 43
44static int MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert, 44static int MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert,
45 const MHD_gnutls_x509_crt_t * trusted_cas, 45 const MHD_gnutls_x509_crt_t *
46 int tcas_size, 46 trusted_cas, int tcas_size,
47 unsigned int flags, 47 unsigned int flags,
48 unsigned int *output); 48 unsigned int *output);
49int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * signed_data, 49int MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * signed_data,
50 const MHD_gnutls_datum_t * signature, 50 const MHD_gnutls_datum_t * signature,
51 MHD_gnutls_x509_crt_t issuer); 51 MHD_gnutls_x509_crt_t issuer);
52 52
53static 53static
54 int is_crl_issuer (MHD_gnutls_x509_crl_t crl, MHD_gnutls_x509_crt_t issuer_cert); 54 int is_crl_issuer (MHD_gnutls_x509_crl_t crl,
55 MHD_gnutls_x509_crt_t issuer_cert);
55static int MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl, 56static int MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl,
56 const MHD_gnutls_x509_crt_t * trusted_cas, 57 const MHD_gnutls_x509_crt_t * trusted_cas,
57 int tcas_size, 58 int tcas_size, unsigned int flags,
58 unsigned int flags, unsigned int *output); 59 unsigned int *output);
59 60
60/* Checks if the issuer of a certificate is a 61/* Checks if the issuer of a certificate is a
61 * Certificate Authority, or if the certificate is the same 62 * Certificate Authority, or if the certificate is the same
@@ -88,7 +89,7 @@ check_if_ca (MHD_gnutls_x509_crt_t cert,
88 */ 89 */
89 90
90 result = MHD__gnutls_x509_get_signed_data (issuer->cert, "tbsCertificate", 91 result = MHD__gnutls_x509_get_signed_data (issuer->cert, "tbsCertificate",
91 &issuer_signed_data); 92 &issuer_signed_data);
92 if (result < 0) 93 if (result < 0)
93 { 94 {
94 MHD_gnutls_assert (); 95 MHD_gnutls_assert ();
@@ -96,7 +97,7 @@ check_if_ca (MHD_gnutls_x509_crt_t cert,
96 } 97 }
97 98
98 result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", 99 result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate",
99 &cert_signed_data); 100 &cert_signed_data);
100 if (result < 0) 101 if (result < 0)
101 { 102 {
102 MHD_gnutls_assert (); 103 MHD_gnutls_assert ();
@@ -104,7 +105,7 @@ check_if_ca (MHD_gnutls_x509_crt_t cert,
104 } 105 }
105 106
106 result = MHD__gnutls_x509_get_signature (issuer->cert, "signature", 107 result = MHD__gnutls_x509_get_signature (issuer->cert, "signature",
107 &issuer_signature); 108 &issuer_signature);
108 if (result < 0) 109 if (result < 0)
109 { 110 {
110 MHD_gnutls_assert (); 111 MHD_gnutls_assert ();
@@ -228,9 +229,9 @@ find_issuer (MHD_gnutls_x509_crt_t cert,
228 */ 229 */
229static int 230static int
230MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert, 231MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert,
231 const MHD_gnutls_x509_crt_t * trusted_cas, 232 const MHD_gnutls_x509_crt_t * trusted_cas,
232 int tcas_size, 233 int tcas_size,
233 unsigned int flags, unsigned int *output) 234 unsigned int flags, unsigned int *output)
234{ 235{
235 MHD_gnutls_datum_t cert_signed_data = { NULL, 236 MHD_gnutls_datum_t cert_signed_data = { NULL,
236 0 237 0
@@ -287,7 +288,7 @@ MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert,
287 } 288 }
288 289
289 result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate", 290 result = MHD__gnutls_x509_get_signed_data (cert->cert, "tbsCertificate",
290 &cert_signed_data); 291 &cert_signed_data);
291 if (result < 0) 292 if (result < 0)
292 { 293 {
293 MHD_gnutls_assert (); 294 MHD_gnutls_assert ();
@@ -303,7 +304,7 @@ MHD__gnutls_verify_certificate2 (MHD_gnutls_x509_crt_t cert,
303 } 304 }
304 305
305 ret = MHD__gnutls_x509_verify_signature (&cert_signed_data, &cert_signature, 306 ret = MHD__gnutls_x509_verify_signature (&cert_signed_data, &cert_signature,
306 issuer); 307 issuer);
307 if (ret < 0) 308 if (ret < 0)
308 { 309 {
309 MHD_gnutls_assert (); 310 MHD_gnutls_assert ();
@@ -360,7 +361,7 @@ cleanup:MHD__gnutls_free_datum (&cert_signed_data);
360 **/ 361 **/
361int 362int
362MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert, 363MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert,
363 MHD_gnutls_x509_crt_t issuer) 364 MHD_gnutls_x509_crt_t issuer)
364{ 365{
365 return is_issuer (cert, issuer); 366 return is_issuer (cert, issuer);
366} 367}
@@ -377,12 +378,12 @@ MHD_gnutls_x509_crt_check_issuer (MHD_gnutls_x509_crt_t cert,
377 * lead to a trusted CA in order to be trusted. 378 * lead to a trusted CA in order to be trusted.
378 */ 379 */
379static unsigned int 380static unsigned int
380MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_list, 381MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t *
381 int clist_size, 382 certificate_list, int clist_size,
382 const MHD_gnutls_x509_crt_t * trusted_cas, 383 const MHD_gnutls_x509_crt_t *
383 int tcas_size, 384 trusted_cas, int tcas_size,
384 const MHD_gnutls_x509_crl_t * CRLs, 385 const MHD_gnutls_x509_crl_t * CRLs,
385 int crls_size, unsigned int flags) 386 int crls_size, unsigned int flags)
386{ 387{
387 int i = 0, ret; 388 int i = 0, ret;
388 unsigned int status = 0, output; 389 unsigned int status = 0, output;
@@ -394,7 +395,8 @@ MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_l
394 * in self signed etc certificates. 395 * in self signed etc certificates.
395 */ 396 */
396 ret = MHD__gnutls_verify_certificate2 (certificate_list[clist_size - 1], 397 ret = MHD__gnutls_verify_certificate2 (certificate_list[clist_size - 1],
397 trusted_cas, tcas_size, flags, &output); 398 trusted_cas, tcas_size, flags,
399 &output);
398 400
399 if (ret == 0) 401 if (ret == 0)
400 { 402 {
@@ -414,7 +416,7 @@ MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_l
414 for (i = 0; i < clist_size; i++) 416 for (i = 0; i < clist_size; i++)
415 { 417 {
416 ret = MHD_gnutls_x509_crt_check_revocation (certificate_list[i], 418 ret = MHD_gnutls_x509_crt_check_revocation (certificate_list[i],
417 CRLs, crls_size); 419 CRLs, crls_size);
418 if (ret == 1) 420 if (ret == 1)
419 { /* revoked */ 421 { /* revoked */
420 status |= GNUTLS_CERT_REVOKED; 422 status |= GNUTLS_CERT_REVOKED;
@@ -429,7 +431,7 @@ MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_l
429 * leads to a trusted party by us, not the server's). 431 * leads to a trusted party by us, not the server's).
430 */ 432 */
431 if (MHD_gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1], 433 if (MHD_gnutls_x509_crt_check_issuer (certificate_list[clist_size - 1],
432 certificate_list[clist_size - 1]) > 0 434 certificate_list[clist_size - 1]) > 0
433 && clist_size > 0) 435 && clist_size > 0)
434 { 436 {
435 clist_size--; 437 clist_size--;
@@ -448,8 +450,8 @@ MHD__gnutls_x509_verify_certificate (const MHD_gnutls_x509_crt_t * certificate_l
448 if (!(flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT)) 450 if (!(flags & GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT))
449 flags ^= GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT; 451 flags ^= GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT;
450 if ((ret = MHD__gnutls_verify_certificate2 (certificate_list[i - 1], 452 if ((ret = MHD__gnutls_verify_certificate2 (certificate_list[i - 1],
451 &certificate_list[i], 1, flags, 453 &certificate_list[i], 1,
452 NULL)) == 0) 454 flags, NULL)) == 0)
453 { 455 {
454 status |= GNUTLS_CERT_INVALID; 456 status |= GNUTLS_CERT_INVALID;
455 return status; 457 return status;
@@ -474,8 +476,8 @@ decode_ber_digest_info (const MHD_gnutls_datum_t * info,
474 int len; 476 int len;
475 477
476 if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (), 478 if ((result = MHD__asn1_create_element (MHD__gnutls_getMHD__gnutls_asn (),
477 "GNUTLS.DigestInfo", 479 "GNUTLS.DigestInfo",
478 &dinfo)) != ASN1_SUCCESS) 480 &dinfo)) != ASN1_SUCCESS)
479 { 481 {
480 MHD_gnutls_assert (); 482 MHD_gnutls_assert ();
481 return MHD_gtls_asn2err (result); 483 return MHD_gtls_asn2err (result);
@@ -490,7 +492,8 @@ decode_ber_digest_info (const MHD_gnutls_datum_t * info,
490 } 492 }
491 493
492 len = sizeof (str) - 1; 494 len = sizeof (str) - 1;
493 result = MHD__asn1_read_value (dinfo, "digestAlgorithm.algorithm", str, &len); 495 result =
496 MHD__asn1_read_value (dinfo, "digestAlgorithm.algorithm", str, &len);
494 if (result != ASN1_SUCCESS) 497 if (result != ASN1_SUCCESS)
495 { 498 {
496 MHD_gnutls_assert (); 499 MHD_gnutls_assert ();
@@ -511,7 +514,8 @@ decode_ber_digest_info (const MHD_gnutls_datum_t * info,
511 } 514 }
512 515
513 len = sizeof (str) - 1; 516 len = sizeof (str) - 1;
514 result = MHD__asn1_read_value (dinfo, "digestAlgorithm.parameters", str, &len); 517 result =
518 MHD__asn1_read_value (dinfo, "digestAlgorithm.parameters", str, &len);
515 /* To avoid permitting garbage in the parameters field, either the 519 /* To avoid permitting garbage in the parameters field, either the
516 parameters field is not present, or it contains 0x05 0x00. */ 520 parameters field is not present, or it contains 0x05 0x00. */
517 if (! 521 if (!
@@ -640,8 +644,8 @@ verify_sig (const MHD_gnutls_datum_t * tbs,
640 */ 644 */
641int 645int
642MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs, 646MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs,
643 const MHD_gnutls_datum_t * signature, 647 const MHD_gnutls_datum_t * signature,
644 MHD_gnutls_x509_crt_t issuer) 648 MHD_gnutls_x509_crt_t issuer)
645{ 649{
646 mpi_t issuer_params[MAX_PUBLIC_PARAMS_SIZE]; 650 mpi_t issuer_params[MAX_PUBLIC_PARAMS_SIZE];
647 int ret, issuer_params_size, i; 651 int ret, issuer_params_size, i;
@@ -650,16 +654,18 @@ MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs,
650 */ 654 */
651 issuer_params_size = MAX_PUBLIC_PARAMS_SIZE; 655 issuer_params_size = MAX_PUBLIC_PARAMS_SIZE;
652 ret = 656 ret =
653 MHD__gnutls_x509_crt_get_mpis (issuer, issuer_params, &issuer_params_size); 657 MHD__gnutls_x509_crt_get_mpis (issuer, issuer_params,
658 &issuer_params_size);
654 if (ret < 0) 659 if (ret < 0)
655 { 660 {
656 MHD_gnutls_assert (); 661 MHD_gnutls_assert ();
657 return ret; 662 return ret;
658 } 663 }
659 664
660 ret = verify_sig (tbs, signature, MHD_gnutls_x509_crt_get_pk_algorithm (issuer, 665 ret =
661 NULL), 666 verify_sig (tbs, signature,
662 issuer_params, issuer_params_size); 667 MHD_gnutls_x509_crt_get_pk_algorithm (issuer, NULL),
668 issuer_params, issuer_params_size);
663 if (ret < 0) 669 if (ret < 0)
664 { 670 {
665 MHD_gnutls_assert (); 671 MHD_gnutls_assert ();
@@ -683,8 +689,9 @@ MHD__gnutls_x509_verify_signature (const MHD_gnutls_datum_t * tbs,
683 */ 689 */
684int 690int
685MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs, 691MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs,
686 const MHD_gnutls_datum_t * signature, 692 const MHD_gnutls_datum_t *
687 MHD_gnutls_x509_privkey_t issuer) 693 signature,
694 MHD_gnutls_x509_privkey_t issuer)
688{ 695{
689 int ret; 696 int ret;
690 697
@@ -734,12 +741,12 @@ MHD__gnutls_x509_privkey_verify_signature (const MHD_gnutls_datum_t * tbs,
734 **/ 741 **/
735int 742int
736MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list, 743MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list,
737 int cert_list_length, 744 int cert_list_length,
738 const MHD_gnutls_x509_crt_t * CA_list, 745 const MHD_gnutls_x509_crt_t * CA_list,
739 int CA_list_length, 746 int CA_list_length,
740 const MHD_gnutls_x509_crl_t * CRL_list, 747 const MHD_gnutls_x509_crl_t * CRL_list,
741 int CRL_list_length, 748 int CRL_list_length,
742 unsigned int flags, unsigned int *verify) 749 unsigned int flags, unsigned int *verify)
743{ 750{
744 if (cert_list == NULL || cert_list_length == 0) 751 if (cert_list == NULL || cert_list_length == 0)
745 return GNUTLS_E_NO_CERTIFICATE_FOUND; 752 return GNUTLS_E_NO_CERTIFICATE_FOUND;
@@ -747,9 +754,9 @@ MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list,
747 /* Verify certificate 754 /* Verify certificate
748 */ 755 */
749 *verify = MHD__gnutls_x509_verify_certificate (cert_list, cert_list_length, 756 *verify = MHD__gnutls_x509_verify_certificate (cert_list, cert_list_length,
750 CA_list, CA_list_length, 757 CA_list, CA_list_length,
751 CRL_list, CRL_list_length, 758 CRL_list, CRL_list_length,
752 flags); 759 flags);
753 760
754 return 0; 761 return 0;
755} 762}
@@ -770,15 +777,15 @@ MHD_gnutls_x509_crt_list_verify (const MHD_gnutls_x509_crt_t * cert_list,
770 **/ 777 **/
771int 778int
772MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert, 779MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert,
773 const MHD_gnutls_x509_crt_t * CA_list, 780 const MHD_gnutls_x509_crt_t * CA_list,
774 int CA_list_length, 781 int CA_list_length,
775 unsigned int flags, unsigned int *verify) 782 unsigned int flags, unsigned int *verify)
776{ 783{
777 int ret; 784 int ret;
778 /* Verify certificate 785 /* Verify certificate
779 */ 786 */
780 ret = MHD__gnutls_verify_certificate2 (cert, CA_list, CA_list_length, flags, 787 ret = MHD__gnutls_verify_certificate2 (cert, CA_list, CA_list_length, flags,
781 verify); 788 verify);
782 if (ret < 0) 789 if (ret < 0)
783 { 790 {
784 MHD_gnutls_assert (); 791 MHD_gnutls_assert ();
@@ -804,7 +811,7 @@ MHD_gnutls_x509_crt_verify (MHD_gnutls_x509_crt_t cert,
804 **/ 811 **/
805int 812int
806MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t cert, 813MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t cert,
807 MHD_gnutls_x509_crt_t issuer) 814 MHD_gnutls_x509_crt_t issuer)
808{ 815{
809 return is_crl_issuer (cert, issuer); 816 return is_crl_issuer (cert, issuer);
810} 817}
@@ -826,9 +833,9 @@ MHD_gnutls_x509_crl_check_issuer (MHD_gnutls_x509_crl_t cert,
826 **/ 833 **/
827int 834int
828MHD_gnutls_x509_crl_verify (MHD_gnutls_x509_crl_t crl, 835MHD_gnutls_x509_crl_verify (MHD_gnutls_x509_crl_t crl,
829 const MHD_gnutls_x509_crt_t * CA_list, 836 const MHD_gnutls_x509_crt_t * CA_list,
830 int CA_list_length, unsigned int flags, 837 int CA_list_length, unsigned int flags,
831 unsigned int *verify) 838 unsigned int *verify)
832{ 839{
833 int ret; 840 int ret;
834 /* Verify crl 841 /* Verify crl
@@ -906,8 +913,9 @@ find_crl_issuer (MHD_gnutls_x509_crl_t crl,
906 */ 913 */
907static int 914static int
908MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl, 915MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl,
909 const MHD_gnutls_x509_crt_t * trusted_cas, 916 const MHD_gnutls_x509_crt_t * trusted_cas,
910 int tcas_size, unsigned int flags, unsigned int *output) 917 int tcas_size, unsigned int flags,
918 unsigned int *output)
911{ 919{
912 /* CRL is ignored for now */ 920 /* CRL is ignored for now */
913 MHD_gnutls_datum_t crl_signed_data = { NULL, 0 }; 921 MHD_gnutls_datum_t crl_signed_data = { NULL, 0 };
@@ -951,14 +959,16 @@ MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl,
951 } 959 }
952 960
953 result = 961 result =
954 MHD__gnutls_x509_get_signed_data (crl->crl, "tbsCertList", &crl_signed_data); 962 MHD__gnutls_x509_get_signed_data (crl->crl, "tbsCertList",
963 &crl_signed_data);
955 if (result < 0) 964 if (result < 0)
956 { 965 {
957 MHD_gnutls_assert (); 966 MHD_gnutls_assert ();
958 goto cleanup; 967 goto cleanup;
959 } 968 }
960 969
961 result = MHD__gnutls_x509_get_signature (crl->crl, "signature", &crl_signature); 970 result =
971 MHD__gnutls_x509_get_signature (crl->crl, "signature", &crl_signature);
962 if (result < 0) 972 if (result < 0)
963 { 973 {
964 MHD_gnutls_assert (); 974 MHD_gnutls_assert ();
@@ -966,7 +976,8 @@ MHD__gnutls_verify_crl2 (MHD_gnutls_x509_crl_t crl,
966 } 976 }
967 977
968 ret = 978 ret =
969 MHD__gnutls_x509_verify_signature (&crl_signed_data, &crl_signature, issuer); 979 MHD__gnutls_x509_verify_signature (&crl_signed_data, &crl_signature,
980 issuer);
970 if (ret < 0) 981 if (ret < 0)
971 { 982 {
972 MHD_gnutls_assert (); 983 MHD_gnutls_assert ();
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-29 03:29:50 +0000