|
From: | shishi-commit |
Subject: | GNUTLS cleanups. |
Date: | Thu, 18 Dec 2003 05:07:17 +0100 |
Commit from jas | 2003-12-18 05:07 CET |
GNUTLS cleanups.
Module | File name | Revision | |||
---|---|---|---|---|---|
shishi | src/shishid.c | 1.70 | >>> | 1.71 |
shishi/src/shishid.c 1.70 >>> 1.71 |
---|
Line 160 |
#define DH_BITS 1024 #ifdef USE_STARTTLS static gnutls_dh_params dh_params; |
+ static gnutls_anon_server_credentials anoncred; |
#endif static char *fatal_krberror; |
Line 175 |
int sockfd; char buf[BUFSIZ]; /* XXX */ size_t bufpos; |
+ #ifdef USE_STARTTLS + gnutls_session session; + #endif |
}; Shishi * handle; |
Line 868 |
ls->bufpos == 4 && memcmp (ls->buf, "\x70\x00\x00\x01", 4) == 0) { |
- int err, i; - int ret; - struct sockaddr_in sa_serv; - struct sockaddr_in sa_cli; - int client_len; - char topbuf[512]; - gnutls_session session; - char buffer[BUFSIZ + 1]; - int optval = 1; |
const int kx_prio[] = { GNUTLS_KX_ANON_DH, 0 }; |
- gnutls_anon_server_credentials anoncred; |
if (!arg.quiet_flag) printf ("Trying to upgrade to TLS...\n"); |
Line 886 |
sent_bytes = sendto (ls->sockfd, "\x70\x00\x00\x02", 4, 0, &addr, length); |
- gnutls_anon_allocate_server_credentials (&anoncred); - gnutls_anon_set_server_dh_params (anoncred, dh_params); - gnutls_init (&session, GNUTLS_SERVER); - gnutls_set_default_priority (session); - gnutls_kx_set_priority (session, kx_prio); - gnutls_credentials_set (session, GNUTLS_CRD_ANON, - anoncred); - gnutls_certificate_server_set_request (session, - GNUTLS_CERT_REQUEST); - gnutls_dh_set_prime_bits (session, DH_BITS); - gnutls_transport_set_ptr (session, - (gnutls_transport_ptr) ls-> - sockfd); - - ret = gnutls_handshake (session); - if (ret < 0) |
+ rc = gnutls_init (&ls->session, GNUTLS_SERVER); + if (rc != GNUTLS_E_SUCCESS) + error (EXIT_FAILURE, 0, "gnutls_init %d", rc); + rc = gnutls_set_default_priority (ls->session); + if (rc != GNUTLS_E_SUCCESS) + error (EXIT_FAILURE, 0, "gnutls_sdp %d", rc); + rc = gnutls_kx_set_priority (ls->session, kx_prio); + if (rc != GNUTLS_E_SUCCESS) + error (EXIT_FAILURE, 0, "gnutls_ksp %d", rc); + rc = gnutls_credentials_set (ls->session, GNUTLS_CRD_ANON, + anoncred); + if (rc != GNUTLS_E_SUCCESS) + error (EXIT_FAILURE, 0, "gnutls_cs %d", rc); + gnutls_dh_set_prime_bits (ls->session, DH_BITS); + gnutls_transport_set_ptr (ls->session, + (gnutls_transport_ptr) + ls->sockfd); + + rc = gnutls_handshake (ls->session); + if (rc < 0) + printf ("Handshake has failed %d: %s\n", + rc, gnutls_strerror (rc)); + else |
{ |
- gnutls_deinit (session); |
if (!arg.quiet_flag) |
- printf ("Handshake has failed %d: %s\n", - ret, gnutls_strerror (ret)); - } - - if (!arg.quiet_flag) - printf ("TLS successful\n"); |
+ printf ("TLS successful\n"); |
|
- bzero (buffer, BUFSIZ + 1); - ret = gnutls_record_recv (session, buffer, BUFSIZ); |
+ bzero (ls->buf, BUFSIZ); + rc = gnutls_record_recv (ls->session, ls->buf, + sizeof (ls->buf) - 1); |
|
- if (ret == 0) - { - printf ("- Peer has closed the GNUTLS connection\n"); - } - else if (ret < 0) - { - printf ("*** Corrupted data(%d). Closing.\n\n", ret); - } - else if (ret > 0) - { - char *p; - size_t plen; |
+ if (rc == 0) + { + printf ("- Peer has closed the GNUTLS connection\n"); + } + else if (rc < 0) + { + printf ("*** Corrupted data(%d). Closing.\n\n", rc); + } + else if (rc > 0) + { + char *p; + size_t plen; |
|
- process (buffer, ret, &p, &plen); |
+ process (ls->buf, rc, &p, &plen); |
|
- printf ("TLS process %d sending %d\n", ret, plen); |
+ printf ("TLS process %d sending %d\n", rc, plen); |
|
- gnutls_record_send (session, p, plen); |
+ gnutls_record_send (ls->session, p, plen); |
|
- if (p != fatal_krberror) - free (p); |
+ if (p != fatal_krberror) + free (p); + } + ls->bufpos = 0; |
} |
- ls->bufpos = 0; - gnutls_bye (session, GNUTLS_SHUT_WR); - gnutls_deinit (session); - gnutls_global_deinit (); |
+ gnutls_bye (ls->session, GNUTLS_SHUT_WR); + gnutls_deinit (ls->session); |
} else #endif |
Line 1262 |
if (err) error (EXIT_FAILURE, 0, "Cannot generate GNUTLS DH parameters: %s (%d)", gnutls_strerror (err), err); |
+ err = gnutls_anon_allocate_server_credentials (&anoncred); + if (err) + error (EXIT_FAILURE, 0, "Cannot allocate GNUTLS credential: %s (%d)", + gnutls_strerror (err), err); + gnutls_anon_set_server_dh_params (anoncred, dh_params); |
if (!arg.quiet_flag) printf ("Initializing GNUTLS...done\n"); #endif |
[Prev in Thread] | Current Thread | [Next in Thread] |