|
Packit Service |
4684c1 |
/* This example code is placed in the public domain. */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#ifdef HAVE_CONFIG_H
|
|
Packit Service |
4684c1 |
#include <config.h>
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include <stdio.h>
|
|
Packit Service |
4684c1 |
#include <stdlib.h>
|
|
Packit Service |
4684c1 |
#include <gnutls/gnutls.h>
|
|
Packit Service |
4684c1 |
#include <gnutls/x509.h>
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include "examples.h"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* This function will print some details of the
|
|
Packit Service |
4684c1 |
* given session.
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
int print_info(gnutls_session_t session)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_credentials_type_t cred;
|
|
Packit Service |
4684c1 |
gnutls_kx_algorithm_t kx;
|
|
Packit Service |
4684c1 |
int dhe, ecdh, group;
|
|
Packit Service |
4684c1 |
char *desc;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* get a description of the session connection, protocol,
|
|
Packit Service |
4684c1 |
* cipher/key exchange */
|
|
Packit Service |
4684c1 |
desc = gnutls_session_get_desc(session);
|
|
Packit Service |
4684c1 |
if (desc != NULL) {
|
|
Packit Service |
4684c1 |
printf("- Session: %s\n", desc);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
dhe = ecdh = 0;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
kx = gnutls_kx_get(session);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* Check the authentication type used and switch
|
|
Packit Service |
4684c1 |
* to the appropriate.
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
cred = gnutls_auth_get_type(session);
|
|
Packit Service |
4684c1 |
switch (cred) {
|
|
Packit Service |
4684c1 |
#ifdef ENABLE_SRP
|
|
Packit Service |
4684c1 |
case GNUTLS_CRD_SRP:
|
|
Packit Service |
4684c1 |
printf("- SRP session with username %s\n",
|
|
Packit Service |
4684c1 |
gnutls_srp_server_get_username(session));
|
|
Packit Service |
4684c1 |
break;
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
case GNUTLS_CRD_PSK:
|
|
Packit Service |
4684c1 |
/* This returns NULL in server side.
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
if (gnutls_psk_client_get_hint(session) != NULL)
|
|
Packit Service |
4684c1 |
printf("- PSK authentication. PSK hint '%s'\n",
|
|
Packit Service |
4684c1 |
gnutls_psk_client_get_hint(session));
|
|
Packit Service |
4684c1 |
/* This returns NULL in client side.
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
if (gnutls_psk_server_get_username(session) != NULL)
|
|
Packit Service |
4684c1 |
printf("- PSK authentication. Connected as '%s'\n",
|
|
Packit Service |
4684c1 |
gnutls_psk_server_get_username(session));
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (kx == GNUTLS_KX_ECDHE_PSK)
|
|
Packit Service |
4684c1 |
ecdh = 1;
|
|
Packit Service |
4684c1 |
else if (kx == GNUTLS_KX_DHE_PSK)
|
|
Packit Service |
4684c1 |
dhe = 1;
|
|
Packit Service |
4684c1 |
break;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
case GNUTLS_CRD_ANON: /* anonymous authentication */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
printf("- Anonymous authentication.\n");
|
|
Packit Service |
4684c1 |
if (kx == GNUTLS_KX_ANON_ECDH)
|
|
Packit Service |
4684c1 |
ecdh = 1;
|
|
Packit Service |
4684c1 |
else if (kx == GNUTLS_KX_ANON_DH)
|
|
Packit Service |
4684c1 |
dhe = 1;
|
|
Packit Service |
4684c1 |
break;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
case GNUTLS_CRD_CERTIFICATE: /* certificate authentication */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* Check if we have been using ephemeral Diffie-Hellman.
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS)
|
|
Packit Service |
4684c1 |
dhe = 1;
|
|
Packit Service |
4684c1 |
else if (kx == GNUTLS_KX_ECDHE_RSA
|
|
Packit Service |
4684c1 |
|| kx == GNUTLS_KX_ECDHE_ECDSA)
|
|
Packit Service |
4684c1 |
ecdh = 1;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* if the certificate list is available, then
|
|
Packit Service |
4684c1 |
* print some information about it.
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
print_x509_certificate_info(session);
|
|
Packit Service |
4684c1 |
break;
|
|
Packit Service |
4684c1 |
default:
|
|
Packit Service |
4684c1 |
break;
|
|
Packit Service |
4684c1 |
} /* switch */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* read the negotiated group - if any */
|
|
Packit Service |
4684c1 |
group = gnutls_group_get(session);
|
|
Packit Service |
4684c1 |
if (group != 0) {
|
|
Packit Service |
4684c1 |
printf("- Negotiated group %s\n",
|
|
Packit Service |
4684c1 |
gnutls_group_get_name(group));
|
|
Packit Service |
4684c1 |
} else {
|
|
Packit Service |
4684c1 |
if (ecdh != 0)
|
|
Packit Service |
4684c1 |
printf("- Ephemeral ECDH using curve %s\n",
|
|
Packit Service |
4684c1 |
gnutls_ecc_curve_get_name(gnutls_ecc_curve_get
|
|
Packit Service |
4684c1 |
(session)));
|
|
Packit Service |
4684c1 |
else if (dhe != 0)
|
|
Packit Service |
4684c1 |
printf("- Ephemeral DH using prime of %d bits\n",
|
|
Packit Service |
4684c1 |
gnutls_dh_get_prime_bits(session));
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|