[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r7701 - in libmicrohttpd: doc src/daemon src/daemon/https/t
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r7701 - in libmicrohttpd: doc src/daemon src/daemon/https/tls src/examples src/include src/testcurl/https |
|
Date: |
Fri, 12 Sep 2008 14:47:06 -0600 (MDT) |
Author: grothoff
Date: 2008-09-12 14:47:06 -0600 (Fri, 12 Sep 2008)
New Revision: 7701
Modified:
libmicrohttpd/doc/microhttpd.texi
libmicrohttpd/src/daemon/connection_https.c
libmicrohttpd/src/daemon/daemon.c
libmicrohttpd/src/daemon/https/tls/auth_cert.c
libmicrohttpd/src/daemon/https/tls/auth_rsa.c
libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c
libmicrohttpd/src/daemon/https/tls/gnutls_cipher.c
libmicrohttpd/src/daemon/https/tls/gnutls_constate.c
libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c
libmicrohttpd/src/daemon/https/tls/gnutls_kx.c
libmicrohttpd/src/daemon/https/tls/gnutls_priority.c
libmicrohttpd/src/daemon/https/tls/gnutls_sig.c
libmicrohttpd/src/daemon/https/tls/gnutls_state.c
libmicrohttpd/src/daemon/https/tls/gnutls_x509.c
libmicrohttpd/src/daemon/internal.h
libmicrohttpd/src/examples/https_fileserver_example.c
libmicrohttpd/src/include/microhttpd.h
libmicrohttpd/src/testcurl/https/mhds_session_info_test.c
libmicrohttpd/src/testcurl/https/tls_daemon_options_test.c
Log:
documenting all enums, functions and structs, removing support for key/cert
files
Modified: libmicrohttpd/doc/microhttpd.texi
===================================================================
--- libmicrohttpd/doc/microhttpd.texi 2008-09-12 20:13:03 UTC (rev 7700)
+++ libmicrohttpd/doc/microhttpd.texi 2008-09-12 20:47:06 UTC (rev 7701)
@@ -123,6 +123,7 @@
* microhttpd-requests:: Handling requests.
* microhttpd-responses:: Building responses to requests.
* microhttpd-post:: Adding a @code{POST} processor.
+* microhttpd-info:: Obtaining status information.
Appendices
@@ -291,20 +292,6 @@
otherwise to a @code{struct sockaddr_in}. If this option is not specified,
the daemon will listen to incomming connections from anywhere.
address@hidden MHD_OPTION_HTTPS_KEY_PATH
-Filename for the private key (key.pem) to be used by the
-HTTPS daemon. This option should be followed by an
-"const char*" argument. The memory of the filename must
-not be released until the application terminates.
-This should be used in conjunction with 'MHD_OPTION_HTTPS_CERT_PATH'.
-
address@hidden MHD_OPTION_HTTPS_CERT_PATH
-Filename for the certificate (cert.pem) to be used by the
-HTTPS daemon. This option should be followed by an
-"const char*" argument. The memory of the filename must
-not be released until the application terminates.
-This should be used in conjunction with 'MHD_OPTION_HTTPS_KEY_PATH'.
-
@item MHD_OPTION_HTTPS_MEM_KEY
Memory pointer to the private key to be used by the
HTTPS daemon. This option should be followed by an
@@ -416,6 +403,31 @@
List of symmetric ciphers.
Note that not all listed algorithms are necessarily supported by
all builds of MHD.
+
address@hidden @code
address@hidden MHD_GNUTLS_CIPHER_UNKNOWN
+
address@hidden MHD_GNUTLS_CIPHER_NULL
+
address@hidden MHD_GNUTLS_CIPHER_ARCFOUR_128
+
address@hidden MHD_GNUTLS_CIPHER_3DES_CBC
+
address@hidden MHD_GNUTLS_CIPHER_AES_128_CBC
+
address@hidden MHD_GNUTLS_CIPHER_AES_256_CBC
+
address@hidden MHD_GNUTLS_CIPHER_ARCFOUR_40
+
address@hidden MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC
+
address@hidden MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC
+
address@hidden MHD_GNUTLS_CIPHER_RC2_40_CBC
+
address@hidden MHD_GNUTLS_CIPHER_DES_CBC
+
address@hidden table
@end deftp
@@ -423,9 +435,173 @@
List of key exchange algorithms.
Note that not all listed algorithms are necessarily supported by
all builds of MHD.
+
address@hidden @code
+
address@hidden MHD_GNUTLS_KX_UNKNOWN
+
address@hidden MHD_GNUTLS_KX_RSA
+
address@hidden MHD_GNUTLS_KX_DHE_DSS
+
address@hidden MHD_GNUTLS_KX_DHE_RSA
+
address@hidden MHD_GNUTLS_KX_ANON_DH
+
address@hidden MHD_GNUTLS_KX_SRP
+
address@hidden MHD_GNUTLS_KX_RSA_EXPORT
+
address@hidden MHD_GNUTLS_KX_SRP_RSA
+
address@hidden MHD_GNUTLS_KX_SRP_DSS
address@hidden table
@end deftp
address@hidden {Enumeration} MHD_GNUTLS_CredentialsType
+Server credentials type (note that not all types
+maybe supported by all MHD builds).
+
address@hidden @code
address@hidden MHD_GNUTLS_CRD_CERTIFICATE
+We have a x.509 certificate.
+
address@hidden MHD_GNUTLS_CRD_ANON
+We have no certificate (anonymous).
+
address@hidden MHD_GNUTLS_CRD_SRP
+We are using password-based authentication.
+
address@hidden MHD_GNUTLS_CRD_PSK
+We are using pre-shared keys (PSK).
+
address@hidden table
address@hidden deftp
+
+
address@hidden {Enumeration} MHD_GNUTLS_HashAlgorithm
+Enumeration of possible cryptographic hash functions (for MAC and
+Digest operations). Note that not all listed algorithms are
+necessarily supported by all builds of MHD.
+
address@hidden @code
address@hidden MHD_GNUTLS_MAC_UNKNOWN
+
address@hidden MHD_GNUTLS_MAC_NULL
+
address@hidden MHD_GNUTLS_MAC_MD5
+
address@hidden MHD_GNUTLS_MAC_SHA1
+
address@hidden MHD_GNUTLS_MAC_SHA256
+
address@hidden table
address@hidden deftp
+
+
address@hidden {Enumeration} MHD_GNUTLS_CompressionMethod
+List of compression methods. Note that not all listed algorithms are
+necessarily supported by all builds of MHD.
+
address@hidden @code
address@hidden MHD_GNUTLS_COMP_UNKNOWN
+
address@hidden MHD_GNUTLS_COMP_NULL
+No compression.
+
address@hidden MHD_GNUTLS_COMP_DEFLATE
+gzip compression.
+
address@hidden table
address@hidden deftp
+
+
+
address@hidden {Enumeration} MHD_GNUTLS_Protocol
+SSL/TLS Protocol types. Note that not all listed algorithms are
+necessarily supported by all builds of MHD.
+
address@hidden @code
address@hidden MHD_GNUTLS_PROTOCOL_END
address@hidden MHD_GNUTLS_PROTOCOL_SSL3
address@hidden MHD_GNUTLS_PROTOCOL_TLS1_0
address@hidden MHD_GNUTLS_PROTOCOL_TLS1_1
address@hidden MHD_GNUTLS_PROTOCOL_TLS1_2
address@hidden MHD_GNUTLS_PROTOCOL_UNKNOWN
+
address@hidden table
address@hidden deftp
+
+
+
address@hidden {Enumeration} MHD_GNUTLS_PublicKeyAlgorithm
+List of public key algorithms. Note that not all listed algorithms
+are necessarily supported by all builds of MHD.
+
address@hidden @code
address@hidden MHD_GNUTLS_PK_UNKNOWN
+
address@hidden MHD_GNUTLS_PK_RSA
+
address@hidden table
address@hidden deftp
+
+
address@hidden {Enumeration} MHD_ConnectionInfoType
+Values of this enum are used to specify what information about a
+connection is desired.
+
address@hidden @code
+
address@hidden MHD_CONNECTION_INFO_CIPHER_ALGO
+What cipher algorithm is being used.
+Takes no extra arguments.
+
address@hidden MHD_CONNECTION_INFO_KX_ALGO
+What key exchange algorithm is being used.
+Takes no extra arguments.
+
address@hidden MHD_CONNECTION_INFO_CREDENTIALS_TYPE
+Takes no extra arguments.
+
address@hidden MHD_CONNECTION_INFO_MAC_ALGO
+Takes no extra arguments.
+
address@hidden MHD_CONNECTION_INFO_COMPRESSION_METHOD,
+What compression method is being used.
+Takes no extra arguments.
+
address@hidden MHD_CONNECTION_INFO_PROTOCOL,
+Takes no extra arguments.
+
address@hidden MHD_CONNECTION_INFO_CERT_TYPE
+Takes no extra arguments.
+
address@hidden table
address@hidden deftp
+
+
+
+
address@hidden {Enumeration} MHD_DaemonInfoType
+Values of this enum are used to specify what
+information about a deamon is desired.
address@hidden @code
address@hidden MHD_DAEMON_INFO_KEY_SIZE
+Request information about the key size for a particular cipher
+algorithm. The cipher algorithm should be passed as an extra argument
+(of type 'enum MHD_GNUTLS_CipherAlgorithm').
+
address@hidden MHD_DAEMON_INFO_MAC_KEY_SIZE
+Request information about the key size for a particular cipher
+algorithm. The cipher algorithm should be passed as an extra argument
+(of type 'enum MHD_GNUTLS_HashAlgorithm').
+
address@hidden table
address@hidden deftp
+
+
@c ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
@c ------------------------------------------------------------
@@ -455,6 +631,16 @@
@end deftp
address@hidden {C Union} MHD_ConnectionInfo
+Information about a connection.
address@hidden deftp
+
+
address@hidden {C Union} MHD_DaemonInfo
+Information about an MHD daemon.
address@hidden deftp
+
+
@c ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
@c ------------------------------------------------------------
@@ -1223,9 +1409,75 @@
@end deftypefun
+
@c ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
address@hidden ------------------------------------------------------------
address@hidden microhttpd-info
address@hidden Obtaining status information.
+
address@hidden
+* microhttpd-info daemon:: State information about an MHD daemon
+* microhttpd-info conn:: State information about a connection
address@hidden menu
+
+
address@hidden ------------------------------------------------------------
address@hidden microhttpd-info daemon
address@hidden Obtaining state information about an MHD daemon
+
address@hidden {const union MHD_DaemonInfo *} MHD_get_daemon_info (struct
MHD_Daemon *daemon, enum MHD_DaemonInfoType infoType, ...)
+Obtain information about the given daemon. This function
+is currently not fully implemented.
+
address@hidden @var
address@hidden daemon
+the daemon about which information is desired;
+
address@hidden infoType
+type of information that is desired
+
address@hidden ...
+additional arguments about the desired information (depending on
+infoType)
address@hidden table
+
+Returns a union with the respective member (depending on
+infoType) set to the desired information), or NULL
+in case the desired information is not available or
+applicable.
address@hidden deftypefun
+
address@hidden ------------------------------------------------------------
address@hidden microhttpd-info conn
address@hidden Obtaining state information about a connection
+
+
address@hidden {const union MHD_ConnectionInfo *} MHD_get_connection_info
(struct MHD_Connection *daemon, enum MHD_ConnectionInfoType infoType, ...)
+Obtain information about the given connection.
+
address@hidden @var
address@hidden connection
+the connection about which information is desired;
+
address@hidden infoType
+type of information that is desired
+
address@hidden ...
+additional arguments about the desired information (depending on
+infoType)
address@hidden table
+
+Returns a union with the respective member (depending on
+infoType) set to the desired information), or NULL
+in case the desired information is not available or
+applicable.
address@hidden deftypefun
+
address@hidden ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+
+
@c **********************************************************
@c ******************* Appendices *************************
@c **********************************************************
Modified: libmicrohttpd/src/daemon/connection_https.c
===================================================================
--- libmicrohttpd/src/daemon/connection_https.c 2008-09-12 20:13:03 UTC (rev
7700)
+++ libmicrohttpd/src/daemon/connection_https.c 2008-09-12 20:47:06 UTC (rev
7701)
@@ -152,7 +152,7 @@
return MHD_NO;
case MHD_TLS_HANDSHAKE_FAILED:
MHD_tls_connection_close (connection,
- MHD_TLS_REQUEST_TERMINATED_WITH_ERROR);
+ MHD_REQUEST_TERMINATED_WITH_ERROR);
return MHD_NO;
/* some HTTP state */
default:
@@ -237,14 +237,14 @@
"Error: received handshake message out of context\n");
#endif
MHD_tls_connection_close (connection,
- MHD_TLS_REQUEST_TERMINATED_WITH_ERROR);
+ MHD_REQUEST_TERMINATED_WITH_ERROR);
return MHD_NO;
}
/* ignore any out of bound change chiper spec messages */
case GNUTLS_CHANGE_CIPHER_SPEC:
MHD_tls_connection_close (connection,
- MHD_TLS_REQUEST_TERMINATED_WITH_ERROR);
+ MHD_REQUEST_TERMINATED_WITH_ERROR);
return MHD_NO;
case GNUTLS_ALERT:
@@ -279,7 +279,7 @@
GNUTLS_AL_FATAL)
{
MHD_tls_connection_close (connection,
-
MHD_TLS_REQUEST_TERMINATED_WITH_FATAL_ALERT);
+ MHD_REQUEST_TERMINATED_WITH_ERROR);
return MHD_NO;
}
/* this should never execute */
@@ -308,7 +308,7 @@
#endif
/* close connection upon reception of unrecognized message type */
MHD_tls_connection_close (connection,
- MHD_TLS_REQUEST_TERMINATED_WITH_ERROR);
+ MHD_REQUEST_TERMINATED_WITH_ERROR);
return MHD_NO;
}
Modified: libmicrohttpd/src/daemon/daemon.c
===================================================================
--- libmicrohttpd/src/daemon/daemon.c 2008-09-12 20:13:03 UTC (rev 7700)
+++ libmicrohttpd/src/daemon/daemon.c 2008-09-12 20:47:06 UTC (rev 7701)
@@ -1,6 +1,6 @@
/*
This file is part of libmicrohttpd
- (C) 2007 Daniel Pittman and Christian Grothoff
+ (C) 2007, 2008 Daniel Pittman and Christian Grothoff
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -125,55 +125,9 @@
gnutls_datum_t key;
gnutls_datum_t cert;
- /* certificate & key loaded from file */
- if (daemon->https_cert_path && daemon->https_key_path)
- {
- if (daemon->https_mem_cert || daemon->https_mem_key)
- {
-#if HAVE_MESSAGES
- MHD_DLOG (daemon, "You specified certificates both in memory and on
disk!",
- daemon->https_cert_path,
- strerror(errno));
-#endif
- return -1;
- }
- /* test for private key & certificate file exsitance */
- if (access (daemon->https_cert_path, R_OK))
- {
-#if HAVE_MESSAGES
- MHD_DLOG (daemon, "Missing X.509 certificate file `%s': %s\n",
- daemon->https_cert_path,
- strerror(errno));
-#endif
- return -1;
- }
-
- if (access (daemon->https_key_path, R_OK))
- {
-#if HAVE_MESSAGES
- MHD_DLOG (daemon, "Missing X.509 key file `%s': %s\n",
- daemon->https_key_path,
- strerror(errno));
-#endif
- return -1;
- }
- return MHD_gnutls_certificate_set_x509_key_file (daemon->x509_cred,
- daemon->https_cert_path,
- daemon->https_key_path,
- GNUTLS_X509_FMT_PEM);
- }
/* certificate & key loaded from memory */
if (daemon->https_mem_cert && daemon->https_mem_key)
{
- if (daemon->https_cert_path || daemon->https_key_path)
- {
-#if HAVE_MESSAGES
- MHD_DLOG (daemon, "You specified certificates both in memory and on
disk!",
- daemon->https_cert_path,
- strerror(errno));
-#endif
- return -1;
- }
key.data = (unsigned char *) daemon->https_mem_key;
key.size = strlen (daemon->https_mem_key);
cert.data = (unsigned char *) daemon->https_mem_cert;
@@ -928,12 +882,6 @@
_set_priority (&retVal->priority_cache->protocol,
va_arg (ap, const int *));
break;
- case MHD_OPTION_HTTPS_KEY_PATH:
- retVal->https_key_path = va_arg (ap, const char *);
- break;
- case MHD_OPTION_HTTPS_CERT_PATH:
- retVal->https_cert_path = va_arg (ap, const char *);
- break;
case MHD_OPTION_HTTPS_MEM_KEY:
retVal->https_mem_key = va_arg (ap, const char *);
break;
Modified: libmicrohttpd/src/daemon/https/tls/auth_cert.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/auth_cert.c 2008-09-12 20:13:03 UTC
(rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/auth_cert.c 2008-09-12 20:47:06 UTC
(rev 7701)
@@ -870,7 +870,7 @@
return GNUTLS_E_UNKNOWN_PK_ALGORITHM;
}
- if (ver == MHD_GNUTLS_TLS1_2)
+ if (ver == MHD_GNUTLS_PROTOCOL_TLS1_2)
{
/* read supported hashes */
int hash_num;
@@ -1039,7 +1039,7 @@
session->internals.ignore_rdn_sequence == 0)
size += cred->x509_rdn_sequence.size;
- if (ver == MHD_GNUTLS_TLS1_2)
+ if (ver == MHD_GNUTLS_PROTOCOL_TLS1_2)
/* Need at least one byte to announce the number of supported hash
functions (see below). */
size += 1;
@@ -1059,7 +1059,7 @@
pdata[2] = DSA_SIGN; /* only these for now */
pdata += CERTTYPE_SIZE;
- if (ver == MHD_GNUTLS_TLS1_2)
+ if (ver == MHD_GNUTLS_PROTOCOL_TLS1_2)
{
/* Supported hashes (nothing for now -- FIXME). */
*pdata = 0;
Modified: libmicrohttpd/src/daemon/https/tls/auth_rsa.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/auth_rsa.c 2008-09-12 20:13:03 UTC
(rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/auth_rsa.c 2008-09-12 20:47:06 UTC
(rev 7701)
@@ -217,7 +217,7 @@
int randomize_key = 0;
ssize_t data_size = _data_size;
- if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3)
+ if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
{
/* SSL 3.0
*/
@@ -385,7 +385,7 @@
for (i = 0; i < params_len; i++)
mhd_gtls_mpi_release (¶ms[i]);
- if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3)
+ if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
{
/* SSL 3.0 */
*data = sdata.data;
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c 2008-09-12
20:13:03 UTC (rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_algorithms.c 2008-09-12
20:47:06 UTC (rev 7701)
@@ -138,22 +138,22 @@
static const gnutls_version_entry mhd_gtls_sup_versions[] = {
{"SSL3.0",
- MHD_GNUTLS_SSL3,
+ MHD_GNUTLS_PROTOCOL_SSL3,
3,
0,
1},
{"TLS1.0",
- MHD_GNUTLS_TLS1_0,
+ MHD_GNUTLS_PROTOCOL_TLS1_0,
3,
1,
1},
{"TLS1.1",
- MHD_GNUTLS_TLS1_1,
+ MHD_GNUTLS_PROTOCOL_TLS1_1,
3,
2,
1},
{"TLS1.2",
- MHD_GNUTLS_TLS1_2,
+ MHD_GNUTLS_PROTOCOL_TLS1_2,
3,
3,
1},
@@ -166,10 +166,10 @@
/* Keep the contents of this struct the same as the previous one. */
static const enum MHD_GNUTLS_Protocol mhd_gtls_supported_protocols[] =
-{ MHD_GNUTLS_SSL3,
- MHD_GNUTLS_TLS1_0,
- MHD_GNUTLS_TLS1_1,
- MHD_GNUTLS_TLS1_2,
+{ MHD_GNUTLS_PROTOCOL_SSL3,
+ MHD_GNUTLS_PROTOCOL_TLS1_0,
+ MHD_GNUTLS_PROTOCOL_TLS1_1,
+ MHD_GNUTLS_PROTOCOL_TLS1_2,
0
};
@@ -593,159 +593,159 @@
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_ARCFOUR_MD5,
MHD_GNUTLS_CIPHER_ARCFOUR_128,
MHD_GNUTLS_KX_ANON_DH, MHD_GNUTLS_MAC_MD5,
- MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_3DES_EDE_CBC_SHA1,
MHD_GNUTLS_CIPHER_3DES_CBC,
MHD_GNUTLS_KX_ANON_DH,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_128_CBC,
MHD_GNUTLS_KX_ANON_DH,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_AES_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_256_CBC,
MHD_GNUTLS_KX_ANON_DH,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
#ifdef ENABLE_CAMELLIA
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
MHD_GNUTLS_KX_ANON_DH,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_ANON_DH_CAMELLIA_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
MHD_GNUTLS_KX_ANON_DH,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
#endif
/* SRP */
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1,
MHD_GNUTLS_CIPHER_3DES_CBC, MHD_GNUTLS_KX_SRP,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_128_CBC, MHD_GNUTLS_KX_SRP,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_AES_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_256_CBC, MHD_GNUTLS_KX_SRP,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_3DES_EDE_CBC_SHA1,
MHD_GNUTLS_CIPHER_3DES_CBC,
MHD_GNUTLS_KX_SRP_DSS,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_3DES_EDE_CBC_SHA1,
MHD_GNUTLS_CIPHER_3DES_CBC,
MHD_GNUTLS_KX_SRP_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_128_CBC,
MHD_GNUTLS_KX_SRP_DSS,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_128_CBC,
MHD_GNUTLS_KX_SRP_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_256_CBC,
MHD_GNUTLS_KX_SRP_DSS,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_256_CBC,
MHD_GNUTLS_KX_SRP_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
/* DHE_DSS */
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_ARCFOUR_SHA1,
MHD_GNUTLS_CIPHER_ARCFOUR_128,
MHD_GNUTLS_KX_DHE_DSS,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA1,
MHD_GNUTLS_CIPHER_3DES_CBC,
MHD_GNUTLS_KX_DHE_DSS,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_128_CBC,
MHD_GNUTLS_KX_DHE_DSS,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_AES_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_256_CBC,
MHD_GNUTLS_KX_DHE_DSS,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
#ifdef ENABLE_CAMELLIA
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
MHD_GNUTLS_KX_DHE_DSS,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_DSS_CAMELLIA_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
MHD_GNUTLS_KX_DHE_DSS,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
#endif
/* DHE_RSA */
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA1,
MHD_GNUTLS_CIPHER_3DES_CBC,
MHD_GNUTLS_KX_DHE_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_128_CBC,
MHD_GNUTLS_KX_DHE_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_AES_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_256_CBC,
MHD_GNUTLS_KX_DHE_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
#ifdef ENABLE_CAMELLIA
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
MHD_GNUTLS_KX_DHE_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
MHD_GNUTLS_KX_DHE_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
#endif
/* RSA */
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_NULL_MD5,
MHD_GNUTLS_CIPHER_NULL,
MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_MD5,
- MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5,
MHD_GNUTLS_CIPHER_ARCFOUR_40,
MHD_GNUTLS_KX_RSA_EXPORT, MHD_GNUTLS_MAC_MD5,
- MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_SHA1,
MHD_GNUTLS_CIPHER_ARCFOUR_128,
MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_SHA1,
- MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_ARCFOUR_MD5,
MHD_GNUTLS_CIPHER_ARCFOUR_128,
MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_MD5,
- MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_3DES_EDE_CBC_SHA1,
MHD_GNUTLS_CIPHER_3DES_CBC,
MHD_GNUTLS_KX_RSA, MHD_GNUTLS_MAC_SHA1,
- MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_128_CBC, MHD_GNUTLS_KX_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_AES_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_AES_256_CBC, MHD_GNUTLS_KX_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_SSL3),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_SSL3),
#ifdef ENABLE_CAMELLIA
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_128_CBC_SHA1,
MHD_GNUTLS_CIPHER_CAMELLIA_128_CBC,
MHD_GNUTLS_KX_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RSA_CAMELLIA_256_CBC_SHA1,
MHD_GNUTLS_CIPHER_CAMELLIA_256_CBC,
MHD_GNUTLS_KX_RSA,
- MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_TLS1_0),
+ MHD_GNUTLS_MAC_SHA1, MHD_GNUTLS_PROTOCOL_TLS1_0),
#endif
{0,
{
@@ -1299,7 +1299,7 @@
if (session->internals.priorities.protocol.priority == NULL)
{
- return MHD_GNUTLS_VERSION_UNKNOWN;
+ return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN;
}
else
for (i = 0; i < session->internals.priorities.protocol.num_algorithms;
@@ -1310,7 +1310,7 @@
}
if (min == 0xff)
- return MHD_GNUTLS_VERSION_UNKNOWN; /* unknown version */
+ return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */
return min;
}
@@ -1322,7 +1322,7 @@
if (session->internals.priorities.protocol.priority == NULL)
{
- return MHD_GNUTLS_VERSION_UNKNOWN;
+ return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN;
}
else
for (i = 0; i < session->internals.priorities.protocol.num_algorithms;
@@ -1333,7 +1333,7 @@
}
if (max == 0x00)
- return MHD_GNUTLS_VERSION_UNKNOWN; /* unknown version */
+ return MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN; /* unknown version */
return max;
}
@@ -1367,7 +1367,7 @@
enum MHD_GNUTLS_Protocol
MHD_gtls_protocol_get_id (const char *name)
{
- enum MHD_GNUTLS_Protocol ret = MHD_GNUTLS_VERSION_UNKNOWN;
+ enum MHD_GNUTLS_Protocol ret = MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN;
GNUTLS_VERSION_LOOP (if (strcasecmp (p->name, name) == 0) ret = p->id)
;
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_cipher.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_cipher.c 2008-09-12 20:13:03 UTC
(rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_cipher.c 2008-09-12 20:47:06 UTC
(rev 7701)
@@ -202,7 +202,7 @@
if (mac == MHD_GNUTLS_MAC_NULL)
return GNUTLS_MAC_FAILED;
- if (ver == MHD_GNUTLS_SSL3)
+ if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
{ /* SSL 3.0 */
td = mhd_gnutls_mac_init_ssl3 (mac, secret, secret_size);
}
@@ -217,7 +217,7 @@
inline static void
mac_deinit (mac_hd_t td, opaque * res, int ver)
{
- if (ver == MHD_GNUTLS_SSL3)
+ if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
{ /* SSL 3.0 */
mhd_gnutls_mac_deinit_ssl3 (td, res);
}
@@ -251,7 +251,7 @@
}
/* make rnd a multiple of blocksize */
- if (session->security_parameters.version == MHD_GNUTLS_SSL3 ||
+ if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3 ||
random_pad == 0)
{
rnd = 0;
@@ -271,7 +271,7 @@
*pad = (uint8_t) (blocksize - (length % blocksize)) + rnd;
length += *pad;
- if (session->security_parameters.version >= MHD_GNUTLS_TLS1_1)
+ if (session->security_parameters.version >= MHD_GNUTLS_PROTOCOL_TLS1_1)
length += blocksize; /* for the IV */
break;
@@ -341,7 +341,7 @@
write_sequence_number), 8);
mhd_gnutls_hash (td, &type, 1);
- if (ver >= MHD_GNUTLS_TLS1_0)
+ if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
{ /* TLS 1.0 or higher */
mhd_gnutls_hash (td, &major, 1);
mhd_gnutls_hash (td, &minor, 1);
@@ -373,7 +373,7 @@
data_ptr = cipher_data;
if (block_algo == CIPHER_BLOCK &&
- session->security_parameters.version >= MHD_GNUTLS_TLS1_1)
+ session->security_parameters.version >= MHD_GNUTLS_PROTOCOL_TLS1_1)
{
/* copy the random IV.
*/
@@ -494,7 +494,7 @@
/* ignore the IV in TLS 1.1.
*/
- if (session->security_parameters.version >= MHD_GNUTLS_TLS1_1)
+ if (session->security_parameters.version >= MHD_GNUTLS_PROTOCOL_TLS1_1)
{
ciphertext.size -= blocksize;
ciphertext.data += blocksize;
@@ -521,7 +521,7 @@
/* Check the pading bytes (TLS 1.x)
*/
- if (ver >= MHD_GNUTLS_TLS1_0 && pad_failed == 0)
+ if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0 && pad_failed == 0)
for (i = 2; i < pad; i++)
{
if (ciphertext.data[ciphertext.size - i] !=
@@ -548,7 +548,7 @@
read_sequence_number), 8);
mhd_gnutls_hash (td, &type, 1);
- if (ver >= MHD_GNUTLS_TLS1_0)
+ if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
{ /* TLS 1.x */
mhd_gnutls_hash (td, &major, 1);
mhd_gnutls_hash (td, &minor, 1);
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_constate.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_constate.c 2008-09-12
20:13:03 UTC (rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_constate.c 2008-09-12
20:47:06 UTC (rev 7701)
@@ -97,7 +97,7 @@
memcpy (&rrnd[TLS_RANDOM_SIZE],
session->security_parameters.server_random, TLS_RANDOM_SIZE);
- if (session->security_parameters.version == MHD_GNUTLS_SSL3)
+ if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3)
{ /* SSL 3 */
ret =
mhd_gnutls_ssl3_generate_random
@@ -187,7 +187,7 @@
/* generate the final keys */
- if (session->security_parameters.version == MHD_GNUTLS_SSL3)
+ if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3)
{ /* SSL 3 */
ret =
mhd_gnutls_ssl3_hash_md5 (&key_block[pos],
@@ -219,7 +219,7 @@
client_write_key_size = EXPORT_FINAL_KEY_SIZE;
pos += key_size;
- if (session->security_parameters.version == MHD_GNUTLS_SSL3)
+ if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3)
{ /* SSL 3 */
ret =
mhd_gnutls_ssl3_hash_md5 (&key_block[pos], key_size,
@@ -321,7 +321,7 @@
return GNUTLS_E_MEMORY_ERROR;
}
- if (session->security_parameters.version == MHD_GNUTLS_SSL3)
+ if (session->security_parameters.version == MHD_GNUTLS_PROTOCOL_SSL3)
{ /* SSL 3 */
ret = mhd_gnutls_ssl3_hash_md5 ("", 0,
rrnd, TLS_RANDOM_SIZE * 2,
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c 2008-09-12
20:13:03 UTC (rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_handshake.c 2008-09-12
20:47:06 UTC (rev 7701)
@@ -195,7 +195,7 @@
mac_hd_t td_sha;
enum MHD_GNUTLS_Protocol ver = MHD_gnutls_protocol_get_version (session);
- if (ver < MHD_GNUTLS_TLS1_2)
+ if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
{
td_md5 =
mhd_gnutls_hash_copy (session->internals.handshake_mac_handle_md5);
@@ -215,7 +215,7 @@
return GNUTLS_E_HASH_FAILED;
}
- if (ver < MHD_GNUTLS_TLS1_2)
+ if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
{
mhd_gnutls_hash_deinit (td_md5, concat);
mhd_gnutls_hash_deinit (td_sha, &concat[16]);
@@ -281,7 +281,7 @@
* then we send him the highest we support.
*/
ret = mhd_gtls_version_max (session);
- if (ret == MHD_GNUTLS_VERSION_UNKNOWN)
+ if (ret == MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN)
{
/* this check is not really needed.
*/
@@ -420,7 +420,7 @@
/* Parse the extensions (if any)
*/
- if (neg_version >= MHD_GNUTLS_TLS1_0)
+ if (neg_version >= MHD_GNUTLS_PROTOCOL_TLS1_0)
{
ret = mhd_gtls_parse_extensions (session, EXTENSION_APPLICATION,
&data[pos], len); /* len is the rest of the parsed length */
if (ret < 0)
@@ -437,7 +437,7 @@
return ret;
}
- if (neg_version >= MHD_GNUTLS_TLS1_0)
+ if (neg_version >= MHD_GNUTLS_PROTOCOL_TLS1_0)
{
ret = mhd_gtls_parse_extensions (session, EXTENSION_TLS, &data[pos],
len); /* len is the rest of the parsed length */
if (ret < 0)
@@ -529,7 +529,7 @@
return ret;
}
- if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3)
+ if (MHD_gnutls_protocol_get_version (session) ==
MHD_GNUTLS_PROTOCOL_SSL3)
{
ret =
_gnutls_ssl3_finished (session,
@@ -581,7 +581,7 @@
}
- if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3)
+ if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
{
data_size = 36;
}
@@ -597,7 +597,7 @@
return GNUTLS_E_ERROR_IN_FINISHED_PACKET;
}
- if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3)
+ if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
{
ret =
_gnutls_ssl3_finished (session,
@@ -1530,7 +1530,7 @@
/* Parse extensions.
*/
- if (version >= MHD_GNUTLS_TLS1_0)
+ if (version >= MHD_GNUTLS_PROTOCOL_TLS1_0)
{
ret = mhd_gtls_parse_extensions (session, EXTENSION_ANY, &data[pos],
len); /* len is the rest of the parsed length */
if (ret < 0)
@@ -1706,7 +1706,7 @@
hver = session->internals.resumed_security_parameters.version;
}
- if (hver == MHD_GNUTLS_VERSION_UNKNOWN || hver == 0)
+ if (hver == MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN || hver == 0)
{
gnutls_assert ();
gnutls_free (data);
@@ -1810,7 +1810,7 @@
/* Generate and copy TLS extensions.
*/
- if (hver >= MHD_GNUTLS_TLS1_0)
+ if (hver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
{
extdatalen =
mhd_gtls_gen_extensions (session, extdata, sizeof (extdata));
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_kx.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_kx.c 2008-09-12 20:13:03 UTC
(rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_kx.c 2008-09-12 20:47:06 UTC
(rev 7701)
@@ -71,7 +71,7 @@
mhd_gtls_bin2hex (session->security_parameters.
server_random, 32, buf, sizeof (buf)));
- if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3)
+ if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
{
opaque rnd[2 * TLS_RANDOM_SIZE + 1];
@@ -504,7 +504,7 @@
if (again == 0)
{
- if (MHD_gnutls_protocol_get_version (session) != MHD_GNUTLS_SSL3 ||
+ if (MHD_gnutls_protocol_get_version (session) !=
MHD_GNUTLS_PROTOCOL_SSL3 ||
session->internals.selected_cert_list_length > 0)
{
/* TLS 1.0 or SSL 3.0 with a valid certificate
@@ -525,7 +525,7 @@
* no certificate alert instead of an
* empty certificate.
*/
- if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3 &&
+ if (MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3 &&
session->internals.selected_cert_list_length == 0)
{
ret =
@@ -632,7 +632,7 @@
*/
if (optional == OPTIONAL_PACKET &&
ret == GNUTLS_E_WARNING_ALERT_RECEIVED &&
- MHD_gnutls_protocol_get_version (session) == MHD_GNUTLS_SSL3 &&
+ MHD_gnutls_protocol_get_version (session) ==
MHD_GNUTLS_PROTOCOL_SSL3 &&
gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE)
{
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_priority.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_priority.c 2008-09-12
20:13:03 UTC (rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_priority.c 2008-09-12
20:47:06 UTC (rev 7701)
@@ -201,9 +201,9 @@
#endif
}
-static const int mhd_gtls_protocol_priority[] = { MHD_GNUTLS_TLS1_1,
- MHD_GNUTLS_TLS1_0,
- MHD_GNUTLS_SSL3,
+static const int mhd_gtls_protocol_priority[] = { MHD_GNUTLS_PROTOCOL_TLS1_1,
+ MHD_GNUTLS_PROTOCOL_TLS1_0,
+ MHD_GNUTLS_PROTOCOL_SSL3,
0
};
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_sig.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_sig.c 2008-09-12 20:13:03 UTC
(rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_sig.c 2008-09-12 20:47:06 UTC
(rev 7701)
@@ -65,7 +65,7 @@
return GNUTLS_E_HASH_FAILED;
}
- if (ver == MHD_GNUTLS_SSL3)
+ if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
{
ret = mhd_gtls_generate_master (session, 1);
if (ret < 0)
@@ -92,7 +92,7 @@
return GNUTLS_E_HASH_FAILED;
}
- if (ver == MHD_GNUTLS_SSL3)
+ if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
mhd_gnutls_mac_deinit_ssl3_handshake (td_md5, concat,
session->security_parameters.
master_secret, TLS_MASTER_SIZE);
@@ -146,7 +146,7 @@
switch (cert->subject_pk_algorithm)
{
case MHD_GNUTLS_PK_RSA:
- if (ver < MHD_GNUTLS_TLS1_2)
+ if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
{
mac_hd_t td_md5 = mhd_gtls_hash_init (MHD_GNUTLS_MAC_MD5);
if (td_md5 == NULL)
@@ -352,7 +352,7 @@
return GNUTLS_E_HASH_FAILED;
}
- if (ver == MHD_GNUTLS_SSL3)
+ if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
{
ret = mhd_gtls_generate_master (session, 1);
if (ret < 0)
@@ -404,7 +404,7 @@
opaque concat[36];
enum MHD_GNUTLS_Protocol ver = MHD_gnutls_protocol_get_version (session);
- if (ver < MHD_GNUTLS_TLS1_2)
+ if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
{
td_md5 = mhd_gtls_hash_init (MHD_GNUTLS_MAC_MD5);
if (td_md5 == NULL)
@@ -435,7 +435,7 @@
TLS_RANDOM_SIZE);
mhd_gnutls_hash (td_sha, params->data, params->size);
- if (ver < MHD_GNUTLS_TLS1_2)
+ if (ver < MHD_GNUTLS_PROTOCOL_TLS1_2)
{
mhd_gnutls_hash_deinit (td_md5, concat);
mhd_gnutls_hash_deinit (td_sha, &concat[16]);
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_state.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_state.c 2008-09-12 20:13:03 UTC
(rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_state.c 2008-09-12 20:47:06 UTC
(rev 7701)
@@ -812,7 +812,7 @@
memcpy (s_seed, label, label_size);
memcpy (&s_seed[label_size], seed, seed_size);
- if (ver >= MHD_GNUTLS_TLS1_2)
+ if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_2)
{
result =
_gnutls_P_hash (MHD_GNUTLS_MAC_SHA1, secret, secret_size, s_seed,
Modified: libmicrohttpd/src/daemon/https/tls/gnutls_x509.c
===================================================================
--- libmicrohttpd/src/daemon/https/tls/gnutls_x509.c 2008-09-12 20:13:03 UTC
(rev 7700)
+++ libmicrohttpd/src/daemon/https/tls/gnutls_x509.c 2008-09-12 20:47:06 UTC
(rev 7701)
@@ -202,7 +202,7 @@
}
/*
- * Read certificates and private keys, from files, memory etc.
+ * Read certificates and private keys, from memory etc.
*/
/* returns error if the certificate has different algorithm than
@@ -605,82 +605,6 @@
return 0;
}
-static char *
-read_file (const char *filename, size_t * length)
-{
- struct stat st;
- char *out;
- int fd;
-
- fd = open (filename, O_RDONLY);
- if (-1 == fd)
- return NULL;
- if (0 != fstat(fd, &st))
- goto ERR;
- out = malloc(st.st_size);
- if (out == NULL)
- goto ERR;
- if (st.st_size != read(fd, out, st.st_size))
- {
- free(out);
- goto ERR;
- }
- *length = st.st_size;
- close(fd);
- return out;
- ERR:
- close(fd);
- return NULL;
-}
-
-/* Reads a certificate file
- */
-static int
-read_cert_file (mhd_gtls_cert_credentials_t res,
- const char *certfile, gnutls_x509_crt_fmt_t type)
-{
- int ret;
- size_t size;
- char *data = read_file (certfile, &size);
-
- if (data == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_FILE_ERROR;
- }
-
- ret = read_cert_mem (res, data, size, type);
- free (data);
-
- return ret;
-
-}
-
-
-
-/* Reads PKCS-1 RSA private key file or a DSA file (in the format openssl
- * stores it).
- */
-static int
-read_key_file (mhd_gtls_cert_credentials_t res,
- const char *keyfile, gnutls_x509_crt_fmt_t type)
-{
- int ret;
- size_t size;
- char *data = read_file (keyfile, &size);
-
- if (data == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_FILE_ERROR;
- }
-
- ret = read_key_mem (res, data, size, type);
- free (data);
-
- return ret;
-}
-
/**
* MHD_gnutls_certificate_set_x509_key_mem - Used to set keys in a
mhd_gtls_cert_credentials_t structure
* @res: is an #mhd_gtls_cert_credentials_t structure.
@@ -739,51 +663,6 @@
return 0;
}
-/**
- * MHD_gnutls_certificate_set_x509_key_file - Used to set keys in a
mhd_gtls_cert_credentials_t structure
- * @res: is an #mhd_gtls_cert_credentials_t structure.
- * @CERTFILE: is a file that containing the certificate list (path) for
- * the specified private key, in PKCS7 format, or a list of certificates
- * @KEYFILE: is a file that contains the private key
- * @type: is PEM or DER
- *
- * This function sets a certificate/private key pair in the
- * mhd_gtls_cert_credentials_t structure. This function may be
- * called more than once (in case multiple keys/certificates exist
- * for the server).
- *
- * Currently only PKCS-1 encoded RSA and DSA private keys are accepted by
- * this function.
- *
- * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
- **/
-int
-MHD_gnutls_certificate_set_x509_key_file (mhd_gtls_cert_credentials_t
- res, const char *CERTFILE,
- const char *KEYFILE,
- gnutls_x509_crt_fmt_t type)
-{
- int ret;
-
- /* this should be first
- */
- if ((ret = read_key_file (res, KEYFILE, type)) < 0)
- return ret;
-
- if ((ret = read_cert_file (res, CERTFILE, type)) < 0)
- return ret;
-
- res->ncerts++;
-
- if ((ret = _gnutls_check_key_cert_match (res)) < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- return 0;
-}
-
static int
generate_rdn_seq (mhd_gtls_cert_credentials_t res)
{
@@ -1085,59 +964,6 @@
return ret;
}
-/**
- * MHD_gnutls_certificate_set_x509_trust_file - Used to add trusted CAs in a
mhd_gtls_cert_credentials_t structure
- * @res: is an #mhd_gtls_cert_credentials_t structure.
- * @cafile: is a file containing the list of trusted CAs (DER or PEM list)
- * @type: is PEM or DER
- *
- * This function adds the trusted CAs in order to verify client or
- * server certificates. In case of a client this is not required to
- * be called if the certificates are not verified using
- * MHD_gtls_certificate_verify_peers2(). This function may be called
- * multiple times.
- *
- * In case of a server the names of the CAs set here will be sent to
- * the client if a certificate request is sent. This can be disabled
- * using MHD_gnutls_certificate_send_x509_rdn_sequence().
- *
- * Returns: number of certificates processed, or a negative value on
- * error.
- **/
-int
-MHD_gnutls_certificate_set_x509_trust_file (mhd_gtls_cert_credentials_t
- res, const char *cafile,
- gnutls_x509_crt_fmt_t type)
-{
- int ret, ret2;
- size_t size;
- unsigned char *data = (unsigned char*) read_file (cafile, &size);
-
- if (data == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_FILE_ERROR;
- }
-
- if (type == GNUTLS_X509_FMT_DER)
- ret = parse_der_ca_mem (&res->x509_ca_list, &res->x509_ncas, data, size);
- else
- ret = parse_pem_ca_mem (&res->x509_ca_list, &res->x509_ncas, data, size);
-
- free (data);
-
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- if ((ret2 = generate_rdn_seq (res)) < 0)
- return ret2;
-
- return ret;
-}
-
#ifdef ENABLE_PKI
static int
@@ -1333,53 +1159,6 @@
return ret;
}
-/**
- * MHD_gnutls_certificate_set_x509_crl_file - Used to add CRLs in a
mhd_gtls_cert_credentials_t structure
- * @res: is an #mhd_gtls_cert_credentials_t structure.
- * @crlfile: is a file containing the list of verified CRLs (DER or PEM list)
- * @type: is PEM or DER
- *
- * This function adds the trusted CRLs in order to verify client or server
- * certificates. In case of a client this is not required
- * to be called if the certificates are not verified using
- * MHD_gtls_certificate_verify_peers2().
- * This function may be called multiple times.
- *
- * Returns: number of CRLs processed or a negative value on error.
- **/
-int
-MHD_gnutls_certificate_set_x509_crl_file (mhd_gtls_cert_credentials_t
- res, const char *crlfile,
- gnutls_x509_crt_fmt_t type)
-{
- int ret;
- size_t size;
- unsigned char *data = (unsigned char*) read_file (crlfile, &size);
-
- if (data == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_FILE_ERROR;
- }
-
- if (type == GNUTLS_X509_FMT_DER)
- ret = parse_der_crl_mem (&res->x509_crl_list, &res->x509_ncrls,
- data, size);
- else
- ret = parse_pem_crl_mem (&res->x509_crl_list, &res->x509_ncrls,
- data, size);
-
- free (data);
-
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- return ret;
-}
-
#include <pkcs12.h>
/**
Modified: libmicrohttpd/src/daemon/internal.h
===================================================================
--- libmicrohttpd/src/daemon/internal.h 2008-09-12 20:13:03 UTC (rev 7700)
+++ libmicrohttpd/src/daemon/internal.h 2008-09-12 20:47:06 UTC (rev 7701)
@@ -663,10 +663,6 @@
/* Diffie-Hellman parameters */
mhd_gtls_dh_params_t dh_params;
- const char *https_key_path;
-
- const char *https_cert_path;
-
const char *https_mem_key;
const char *https_mem_cert;
Modified: libmicrohttpd/src/examples/https_fileserver_example.c
===================================================================
--- libmicrohttpd/src/examples/https_fileserver_example.c 2008-09-12
20:13:03 UTC (rev 7700)
+++ libmicrohttpd/src/examples/https_fileserver_example.c 2008-09-12
20:47:06 UTC (rev 7701)
@@ -170,19 +170,9 @@
MHD_OPTION_END);
}
- else if (argc == 5){
- TLS_daemon = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION |
MHD_USE_DEBUG
- | MHD_USE_SSL, atoi (argv[1]),
- NULL,
- NULL, &http_ahc,
- NULL, MHD_OPTION_CONNECTION_TIMEOUT, 256,
- MHD_OPTION_HTTPS_CERT_PATH, argv[3],
- MHD_OPTION_HTTPS_KEY_PATH, argv[4],
- MHD_OPTION_END);
- }
else {
printf
- ("Usage : %s HTTP-PORT SECONDS-TO-RUN [CERTIFICATE PATH, KEY
PATH]\n", argv[0]);
+ ("Usage : %s HTTP-PORT SECONDS-TO-RUN\n", argv[0]);
return 1;
}
Modified: libmicrohttpd/src/include/microhttpd.h
===================================================================
--- libmicrohttpd/src/include/microhttpd.h 2008-09-12 20:13:03 UTC (rev
7700)
+++ libmicrohttpd/src/include/microhttpd.h 2008-09-12 20:47:06 UTC (rev
7701)
@@ -349,24 +349,6 @@
MHD_OPTION_SOCK_ADDR = 6,
/**
- * Filename for the private key (key.pem) to be used by the
- * HTTPS daemon. This option should be followed by an
- * "const char*" argument. The memory of the filename must
- * not be released until the application terminates.
- * This should be used in conjunction with 'MHD_OPTION_HTTPS_CERT_PATH'.
- */
- MHD_OPTION_HTTPS_KEY_PATH = 7,
-
- /**
- * Filename for the certificate (cert.pem) to be used by the
- * HTTPS daemon. This option should be followed by an
- * "const char*" argument. The memory of the filename must
- * not be released until the application terminates.
- * This should be used in conjunction with 'MHD_OPTION_HTTPS_KEY_PATH'.
- */
- MHD_OPTION_HTTPS_CERT_PATH = 8,
-
- /**
* Memory pointer for the private key (key.pem) to be used by the
* HTTPS daemon. This option should be followed by an
* "const char*" argument.
@@ -515,15 +497,6 @@
*/
MHD_REQUEST_TERMINATED_DAEMON_SHUTDOWN = 3,
- /* FIXME: add TLS-specific error codes,
- but only those that are useful! */
- /**
- * Processing of this secure connection encountered
- * an error.
- */
- MHD_TLS_REQUEST_TERMINATED_WITH_ERROR,
-
- MHD_TLS_REQUEST_TERMINATED_WITH_FATAL_ALERT
};
/**
@@ -640,11 +613,11 @@
enum MHD_GNUTLS_Protocol
{
MHD_GNUTLS_PROTOCOL_END = 0,
- MHD_GNUTLS_SSL3 = 1,
- MHD_GNUTLS_TLS1_0,
- MHD_GNUTLS_TLS1_1,
- MHD_GNUTLS_TLS1_2,
- MHD_GNUTLS_VERSION_UNKNOWN = 0xff
+ MHD_GNUTLS_PROTOCOL_SSL3 = 1,
+ MHD_GNUTLS_PROTOCOL_TLS1_0,
+ MHD_GNUTLS_PROTOCOL_TLS1_1,
+ MHD_GNUTLS_PROTOCOL_TLS1_2,
+ MHD_GNUTLS_PROTOCOL_VERSION_UNKNOWN = 0xff
};
/**
Modified: libmicrohttpd/src/testcurl/https/mhds_session_info_test.c
===================================================================
--- libmicrohttpd/src/testcurl/https/mhds_session_info_test.c 2008-09-12
20:13:03 UTC (rev 7700)
+++ libmicrohttpd/src/testcurl/https/mhds_session_info_test.c 2008-09-12
20:47:06 UTC (rev 7701)
@@ -105,7 +105,7 @@
}
if (MHD_get_connection_info (connection,
MHD_CONNECTION_INFO_PROTOCOL)->protocol !=
- MHD_GNUTLS_SSL3)
+ MHD_GNUTLS_PROTOCOL_SSL3)
{
fprintf (stderr, "Error: requested compression mismatch. %s\n",
strerror (errno));
Modified: libmicrohttpd/src/testcurl/https/tls_daemon_options_test.c
===================================================================
--- libmicrohttpd/src/testcurl/https/tls_daemon_options_test.c 2008-09-12
20:13:03 UTC (rev 7700)
+++ libmicrohttpd/src/testcurl/https/tls_daemon_options_test.c 2008-09-12
20:47:06 UTC (rev 7701)
@@ -356,8 +356,6 @@
{
FILE *test_fd;
unsigned int errorCount = 0;
- char * cur_dir;
- char cert_path[255], key_path[255];
MHD_gtls_global_set_log_level (DEBUG_GNUTLS_LOG_LEVEL);
@@ -379,7 +377,7 @@
}
int mac[] = { MHD_GNUTLS_MAC_SHA1, 0 };
- int p[] = { MHD_GNUTLS_SSL3, 0 };
+ int p[] = { MHD_GNUTLS_PROTOCOL_SSL3, 0 };
int cipher[] = { MHD_GNUTLS_CIPHER_3DES_CBC, 0 };
int kx[] = { MHD_GNUTLS_KX_ANON_DH, 0 };
@@ -390,17 +388,7 @@
MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
MHD_OPTION_END);
- cur_dir = get_current_dir_name ();
- sprintf (cert_path, "%s/%s", cur_dir, "cert.pem");
- sprintf (key_path, "%s/%s", cur_dir, "key.pem");
-
errorCount +=
- test_wrap ("file certificates", &test_https_transfer, test_fd,
- "AES256-SHA", CURL_SSLVERSION_TLSv1,
MHD_OPTION_HTTPS_CERT_PATH, cert_path,
- MHD_OPTION_HTTPS_KEY_PATH, key_path, MHD_OPTION_END);
- free (cur_dir);
-
- errorCount +=
test_wrap ("protocol_version", &test_protocol_version, test_fd,
"AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r7701 - in libmicrohttpd: doc src/daemon src/daemon/https/tls src/examples src/include src/testcurl/https,
gnunet <=