|
Packit Service |
4684c1 |
/*
|
|
Packit Service |
4684c1 |
* Copyright (C) 2004-2012 Free Software Foundation, Inc.
|
|
Packit Service |
4684c1 |
* Copyright (c) 2002 Andrew McDonald <andrew@mcdonald.org.uk>
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* This file is part of GnuTLS-EXTRA.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* GnuTLS-extra is free software: you can redistribute it and/or modify
|
|
Packit Service |
4684c1 |
* it under the terms of the GNU General Public License as published by
|
|
Packit Service |
4684c1 |
* the Free Software Foundation, either version 3 of the License, or
|
|
Packit Service |
4684c1 |
* (at your option) any later version.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* GnuTLS-extra is distributed in the hope that it will be useful,
|
|
Packit Service |
4684c1 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
4684c1 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
Packit Service |
4684c1 |
* GNU General Public License for more details.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* You should have received a copy of the GNU General Public License
|
|
Packit Service |
4684c1 |
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include <config.h>
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include <gnutls/gnutls.h>
|
|
Packit Service |
4684c1 |
#include <openssl_compat.h>
|
|
Packit Service |
4684c1 |
#include <stdio.h>
|
|
Packit Service |
4684c1 |
#include <stdlib.h>
|
|
Packit Service |
4684c1 |
#include <string.h>
|
|
Packit Service |
4684c1 |
#include "../lib/gnutls_int.h"
|
|
Packit Service |
4684c1 |
#include "../lib/random.h"
|
|
Packit Service |
4684c1 |
#include "../lib/hash_int.h"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* In win32 X509_NAME is defined in wincrypt.h.
|
|
Packit Service |
4684c1 |
* undefine it to avoid the conflict with openssl.h.
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
#ifdef X509_NAME
|
|
Packit Service |
4684c1 |
#undef X509_NAME
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
#include <gnutls/openssl.h>
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* Gnulib re-defines shutdown on mingw. We only use it as a variable
|
|
Packit Service |
4684c1 |
name, so restore the original name. */
|
|
Packit Service |
4684c1 |
#undef shutdown
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* XXX: See lib/gnutls_int.h. */
|
|
Packit Service |
4684c1 |
#define GNUTLS_POINTER_TO_INT(_) ((int) GNUTLS_POINTER_TO_INT_CAST (_))
|
|
Packit Service |
4684c1 |
#define GNUTLS_INT_TO_POINTER(_) ((void*) GNUTLS_POINTER_TO_INT_CAST (_))
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* WARNING: Error functions aren't currently thread-safe */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static int last_error = 0;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* Library initialisation functions */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_library_init(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_global_init();
|
|
Packit Service |
4684c1 |
/* NB: we haven't got anywhere to call gnutls_global_deinit() */
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void OpenSSL_add_all_algorithms(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* SSL_CTX structure handling */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SSL_CTX *SSL_CTX_new(SSL_METHOD * method)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
SSL_CTX *ctx;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ctx = (SSL_CTX *) calloc(1, sizeof(SSL_CTX));
|
|
Packit Service |
4684c1 |
ctx->method = method;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return ctx;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void SSL_CTX_free(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
free(ctx->method);
|
|
Packit Service |
4684c1 |
free(ctx);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_CTX_set_default_verify_paths(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int
|
|
Packit Service |
4684c1 |
SSL_CTX_use_certificate_file(SSL_CTX * ctx, const char *certfile, int type)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
ctx->certfile = (char *) calloc(1, strlen(certfile) + 1);
|
|
Packit Service |
4684c1 |
if (!ctx->certfile)
|
|
Packit Service |
4684c1 |
return -1;
|
|
Packit Service |
4684c1 |
memcpy(ctx->certfile, certfile, strlen(certfile));
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ctx->certfile_type = type;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int
|
|
Packit Service |
4684c1 |
SSL_CTX_use_PrivateKey_file(SSL_CTX * ctx, const char *keyfile, int type)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
ctx->keyfile = (char *) calloc(1, strlen(keyfile) + 1);
|
|
Packit Service |
4684c1 |
if (!ctx->keyfile)
|
|
Packit Service |
4684c1 |
return -1;
|
|
Packit Service |
4684c1 |
memcpy(ctx->keyfile, keyfile, strlen(keyfile));
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ctx->keyfile_type = type;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void
|
|
Packit Service |
4684c1 |
SSL_CTX_set_verify(SSL_CTX * ctx, int verify_mode,
|
|
Packit Service |
4684c1 |
int (*verify_callback) (int, X509_STORE_CTX *))
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
ctx->verify_mode = verify_mode;
|
|
Packit Service |
4684c1 |
ctx->verify_callback = verify_callback;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
unsigned long SSL_CTX_set_options(SSL_CTX * ctx, unsigned long options)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return (ctx->options |= options);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_set_mode(SSL_CTX * ctx, long mode)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_CTX_set_cipher_list(SSL_CTX * ctx, const char *list)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
/* FIXME: ignore this for the moment */
|
|
Packit Service |
4684c1 |
/* We're going to have to parse the "list" string to do this */
|
|
Packit Service |
4684c1 |
/* It is a string, which in its simplest form is something like
|
|
Packit Service |
4684c1 |
"DES-CBC3-SHA:IDEA-CBC-MD5", but can be rather more complicated
|
|
Packit Service |
4684c1 |
(see OpenSSL's ciphers(1) manpage for details) */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* SSL_CTX statistics */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_number(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_connect(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_connect_good(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_connect_renegotiate(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_accept(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_accept_good(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_accept_renegotiate(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_hits(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_misses(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
long SSL_CTX_sess_timeouts(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* SSL structure handling */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SSL *SSL_new(SSL_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
SSL *ssl;
|
|
Packit Service |
4684c1 |
int err;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ssl = (SSL *) calloc(1, sizeof(SSL));
|
|
Packit Service |
4684c1 |
if (!ssl)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
err = gnutls_certificate_allocate_credentials(&ssl->gnutls_cred);
|
|
Packit Service |
4684c1 |
if (err < 0) {
|
|
Packit Service |
4684c1 |
last_error = err;
|
|
Packit Service |
4684c1 |
free(ssl);
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_init(&ssl->gnutls_state, ctx->method->connend);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_priority_set_direct(ssl->gnutls_state,
|
|
Packit Service |
4684c1 |
ctx->method->priority_string, NULL);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_credentials_set(ssl->gnutls_state, GNUTLS_CRD_CERTIFICATE,
|
|
Packit Service |
4684c1 |
ssl->gnutls_cred);
|
|
Packit Service |
4684c1 |
if (ctx->certfile)
|
|
Packit Service |
4684c1 |
gnutls_certificate_set_x509_trust_file(ssl->gnutls_cred,
|
|
Packit Service |
4684c1 |
ctx->certfile,
|
|
Packit Service |
4684c1 |
ctx->certfile_type);
|
|
Packit Service |
4684c1 |
if (ctx->keyfile)
|
|
Packit Service |
4684c1 |
gnutls_certificate_set_x509_key_file(ssl->gnutls_cred,
|
|
Packit Service |
4684c1 |
ctx->certfile,
|
|
Packit Service |
4684c1 |
ctx->keyfile,
|
|
Packit Service |
4684c1 |
ctx->keyfile_type);
|
|
Packit Service |
4684c1 |
ssl->ctx = ctx;
|
|
Packit Service |
4684c1 |
ssl->verify_mode = ctx->verify_mode;
|
|
Packit Service |
4684c1 |
ssl->verify_callback = ctx->verify_callback;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ssl->options = ctx->options;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ssl->rfd = (gnutls_transport_ptr_t) - 1;
|
|
Packit Service |
4684c1 |
ssl->wfd = (gnutls_transport_ptr_t) - 1;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return ssl;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void SSL_free(SSL * ssl)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_certificate_free_credentials(ssl->gnutls_cred);
|
|
Packit Service |
4684c1 |
gnutls_deinit(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
free(ssl);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void SSL_load_error_strings(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_get_error(SSL * ssl, int ret)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
if (ret > 0)
|
|
Packit Service |
4684c1 |
return SSL_ERROR_NONE;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return SSL_ERROR_ZERO_RETURN;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_set_fd(SSL * ssl, int fd)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_transport_set_ptr(ssl->gnutls_state,
|
|
Packit Service |
4684c1 |
GNUTLS_INT_TO_POINTER(fd));
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_set_rfd(SSL * ssl, int fd)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
ssl->rfd = GNUTLS_INT_TO_POINTER(fd);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (ssl->wfd != (gnutls_transport_ptr_t) - 1)
|
|
Packit Service |
4684c1 |
gnutls_transport_set_ptr2(ssl->gnutls_state, ssl->rfd,
|
|
Packit Service |
4684c1 |
ssl->wfd);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_set_wfd(SSL * ssl, int fd)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
ssl->wfd = GNUTLS_INT_TO_POINTER(fd);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (ssl->rfd != (gnutls_transport_ptr_t) - 1)
|
|
Packit Service |
4684c1 |
gnutls_transport_set_ptr2(ssl->gnutls_state, ssl->rfd,
|
|
Packit Service |
4684c1 |
ssl->wfd);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void SSL_set_bio(SSL * ssl, BIO * rbio, BIO * wbio)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_transport_set_ptr2(ssl->gnutls_state, rbio->fd, wbio->fd);
|
|
Packit Service |
4684c1 |
/* free(BIO); ? */
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void SSL_set_connect_state(SSL * ssl)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_pending(SSL * ssl)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return gnutls_record_check_pending(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void
|
|
Packit Service |
4684c1 |
SSL_set_verify(SSL * ssl, int verify_mode,
|
|
Packit Service |
4684c1 |
int (*verify_callback) (int, X509_STORE_CTX *))
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
ssl->verify_mode = verify_mode;
|
|
Packit Service |
4684c1 |
ssl->verify_callback = verify_callback;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
const X509 *SSL_get_peer_certificate(SSL * ssl)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
const gnutls_datum_t *cert_list;
|
|
Packit Service |
4684c1 |
unsigned int cert_list_size = 0;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
cert_list = gnutls_certificate_get_peers(ssl->gnutls_state,
|
|
Packit Service |
4684c1 |
&cert_list_size);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return cert_list;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* SSL connection open/close/read/write functions */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_connect(SSL * ssl)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
X509_STORE_CTX *store;
|
|
Packit Service |
4684c1 |
unsigned int cert_list_size = 0;
|
|
Packit Service |
4684c1 |
int err;
|
|
Packit Service |
4684c1 |
char x_priority[256];
|
|
Packit Service |
4684c1 |
/* take options into account before connecting */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
memset(x_priority, 0, sizeof(x_priority));
|
|
Packit Service |
4684c1 |
if (ssl->options & SSL_OP_NO_TLSv1) {
|
|
Packit Service |
4684c1 |
snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0",
|
|
Packit Service |
4684c1 |
ssl->ctx->method->priority_string);
|
|
Packit Service |
4684c1 |
err =
|
|
Packit Service |
4684c1 |
gnutls_priority_set_direct(ssl->gnutls_state,
|
|
Packit Service |
4684c1 |
x_priority, NULL);
|
|
Packit Service |
4684c1 |
if (err < 0) {
|
|
Packit Service |
4684c1 |
last_error = err;
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
err = gnutls_handshake(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
ssl->last_error = err;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (err < 0) {
|
|
Packit Service |
4684c1 |
last_error = err;
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
store = (X509_STORE_CTX *) calloc(1, sizeof(X509_STORE_CTX));
|
|
Packit Service |
4684c1 |
store->ssl = ssl;
|
|
Packit Service |
4684c1 |
store->cert_list = gnutls_certificate_get_peers(ssl->gnutls_state,
|
|
Packit Service |
4684c1 |
&cert_list_size);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (ssl->verify_callback) {
|
|
Packit Service |
4684c1 |
ssl->verify_callback(1 /*FIXME*/, store);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
ssl->state = SSL_ST_OK;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
err = store->error;
|
|
Packit Service |
4684c1 |
free(store);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* FIXME: deal with error from callback */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_accept(SSL * ssl)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
X509_STORE_CTX *store;
|
|
Packit Service |
4684c1 |
unsigned int cert_list_size = 0;
|
|
Packit Service |
4684c1 |
int err;
|
|
Packit Service |
4684c1 |
char x_priority[256];
|
|
Packit Service |
4684c1 |
/* take options into account before connecting */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
memset(x_priority, 0, sizeof(x_priority));
|
|
Packit Service |
4684c1 |
if (ssl->options & SSL_OP_NO_TLSv1) {
|
|
Packit Service |
4684c1 |
snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0",
|
|
Packit Service |
4684c1 |
ssl->ctx->method->priority_string);
|
|
Packit Service |
4684c1 |
err =
|
|
Packit Service |
4684c1 |
gnutls_priority_set_direct(ssl->gnutls_state,
|
|
Packit Service |
4684c1 |
x_priority, NULL);
|
|
Packit Service |
4684c1 |
if (err < 0) {
|
|
Packit Service |
4684c1 |
last_error = err;
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* FIXME: dh params, do we want client cert? */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
err = gnutls_handshake(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
ssl->last_error = err;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (err < 0) {
|
|
Packit Service |
4684c1 |
last_error = err;
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
store = (X509_STORE_CTX *) calloc(1, sizeof(X509_STORE_CTX));
|
|
Packit Service |
4684c1 |
store->ssl = ssl;
|
|
Packit Service |
4684c1 |
store->cert_list = gnutls_certificate_get_peers(ssl->gnutls_state,
|
|
Packit Service |
4684c1 |
&cert_list_size);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (ssl->verify_callback) {
|
|
Packit Service |
4684c1 |
ssl->verify_callback(1 /*FIXME*/, store);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
ssl->state = SSL_ST_OK;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
err = store->error;
|
|
Packit Service |
4684c1 |
free(store);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* FIXME: deal with error from callback */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_shutdown(SSL * ssl)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
if (!ssl->shutdown) {
|
|
Packit Service |
4684c1 |
gnutls_bye(ssl->gnutls_state, GNUTLS_SHUT_WR);
|
|
Packit Service |
4684c1 |
ssl->shutdown++;
|
|
Packit Service |
4684c1 |
} else {
|
|
Packit Service |
4684c1 |
gnutls_bye(ssl->gnutls_state, GNUTLS_SHUT_RDWR);
|
|
Packit Service |
4684c1 |
ssl->shutdown++;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* FIXME */
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_read(SSL * ssl, void *buf, int len)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_record_recv(ssl->gnutls_state, buf, len);
|
|
Packit Service |
4684c1 |
ssl->last_error = ret;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (ret < 0) {
|
|
Packit Service |
4684c1 |
last_error = ret;
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return ret;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_write(SSL * ssl, const void *buf, int len)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_record_send(ssl->gnutls_state, buf, len);
|
|
Packit Service |
4684c1 |
ssl->last_error = ret;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (ret < 0) {
|
|
Packit Service |
4684c1 |
last_error = ret;
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return ret;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_want(SSL * ssl)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return SSL_NOTHING;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* SSL_METHOD functions */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SSL_METHOD *SSLv23_client_method(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
SSL_METHOD *m;
|
|
Packit Service |
4684c1 |
m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));
|
|
Packit Service |
4684c1 |
if (!m)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
strcpy(m->priority_string,
|
|
Packit Service |
4684c1 |
"NORMAL");
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
m->connend = GNUTLS_CLIENT;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return m;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SSL_METHOD *SSLv23_server_method(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
SSL_METHOD *m;
|
|
Packit Service |
4684c1 |
m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));
|
|
Packit Service |
4684c1 |
if (!m)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
strcpy(m->priority_string,
|
|
Packit Service |
4684c1 |
"NORMAL");
|
|
Packit Service |
4684c1 |
m->connend = GNUTLS_SERVER;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return m;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SSL_METHOD *SSLv3_client_method(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
SSL_METHOD *m;
|
|
Packit Service |
4684c1 |
m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));
|
|
Packit Service |
4684c1 |
if (!m)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
strcpy(m->priority_string,
|
|
Packit Service |
4684c1 |
"NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
|
|
Packit Service |
4684c1 |
m->connend = GNUTLS_CLIENT;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return m;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SSL_METHOD *SSLv3_server_method(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
SSL_METHOD *m;
|
|
Packit Service |
4684c1 |
m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));
|
|
Packit Service |
4684c1 |
if (!m)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
strcpy(m->priority_string,
|
|
Packit Service |
4684c1 |
"NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
|
|
Packit Service |
4684c1 |
m->connend = GNUTLS_SERVER;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return m;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SSL_METHOD *TLSv1_client_method(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
SSL_METHOD *m;
|
|
Packit Service |
4684c1 |
m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));
|
|
Packit Service |
4684c1 |
if (!m)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
strcpy(m->priority_string,
|
|
Packit Service |
4684c1 |
"NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
|
|
Packit Service |
4684c1 |
m->connend = GNUTLS_CLIENT;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return m;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SSL_METHOD *TLSv1_server_method(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
SSL_METHOD *m;
|
|
Packit Service |
4684c1 |
m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD));
|
|
Packit Service |
4684c1 |
if (!m)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
strcpy(m->priority_string,
|
|
Packit Service |
4684c1 |
"NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL");
|
|
Packit Service |
4684c1 |
m->connend = GNUTLS_SERVER;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return m;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* SSL_CIPHER functions */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
SSL_CIPHER *SSL_get_current_cipher(SSL * ssl)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
if (!ssl)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ssl->ciphersuite.version =
|
|
Packit Service |
4684c1 |
gnutls_protocol_get_version(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
ssl->ciphersuite.cipher = gnutls_cipher_get(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
ssl->ciphersuite.kx = gnutls_kx_get(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
ssl->ciphersuite.mac = gnutls_mac_get(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
ssl->ciphersuite.compression =
|
|
Packit Service |
4684c1 |
gnutls_compression_get(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
ssl->ciphersuite.cert =
|
|
Packit Service |
4684c1 |
gnutls_certificate_type_get(ssl->gnutls_state);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return &(ssl->ciphersuite);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
const char *SSL_CIPHER_get_name(SSL_CIPHER * cipher)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
if (!cipher)
|
|
Packit Service |
4684c1 |
return ("NONE");
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return gnutls_cipher_suite_get_name(cipher->kx,
|
|
Packit Service |
4684c1 |
cipher->cipher, cipher->mac);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int SSL_CIPHER_get_bits(SSL_CIPHER * cipher, int *bits)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int bit_result;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (!cipher)
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
bit_result = (8 * gnutls_cipher_get_key_size(cipher->cipher));
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (bits)
|
|
Packit Service |
4684c1 |
*bits = bit_result;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return bit_result;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
const char *SSL_CIPHER_get_version(SSL_CIPHER * cipher)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
const char *ret;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (!cipher)
|
|
Packit Service |
4684c1 |
return ("(NONE)");
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_protocol_get_name(cipher->version);
|
|
Packit Service |
4684c1 |
if (ret)
|
|
Packit Service |
4684c1 |
return ret;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return ("unknown");
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
char *SSL_CIPHER_description(SSL_CIPHER * cipher, char *buf, int size)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
char *tmpbuf;
|
|
Packit Service |
4684c1 |
int tmpsize;
|
|
Packit Service |
4684c1 |
int local_alloc;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (buf) {
|
|
Packit Service |
4684c1 |
tmpbuf = buf;
|
|
Packit Service |
4684c1 |
tmpsize = size;
|
|
Packit Service |
4684c1 |
local_alloc = 0;
|
|
Packit Service |
4684c1 |
} else {
|
|
Packit Service |
4684c1 |
tmpbuf = (char *) malloc(128);
|
|
Packit Service |
4684c1 |
tmpsize = 128;
|
|
Packit Service |
4684c1 |
local_alloc = 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (snprintf(tmpbuf, tmpsize, "%s %s %s %s",
|
|
Packit Service |
4684c1 |
gnutls_protocol_get_name(cipher->version),
|
|
Packit Service |
4684c1 |
gnutls_kx_get_name(cipher->kx),
|
|
Packit Service |
4684c1 |
gnutls_cipher_get_name(cipher->cipher),
|
|
Packit Service |
4684c1 |
gnutls_mac_get_name(cipher->mac)) == -1) {
|
|
Packit Service |
4684c1 |
if (local_alloc)
|
|
Packit Service |
4684c1 |
free(tmpbuf);
|
|
Packit Service |
4684c1 |
return (char *) "Buffer too small";
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return tmpbuf;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* X509 functions */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
X509_NAME *X509_get_subject_name(const X509 * cert)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_x509_dn *dn;
|
|
Packit Service |
4684c1 |
dn = (gnutls_x509_dn *) calloc(1, sizeof(gnutls_x509_dn));
|
|
Packit Service |
4684c1 |
if (gnutls_x509_extract_certificate_dn(cert, dn) < 0) {
|
|
Packit Service |
4684c1 |
free(dn);
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
return dn;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
X509_NAME *X509_get_issuer_name(const X509 * cert)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_x509_dn *dn;
|
|
Packit Service |
4684c1 |
dn = (gnutls_x509_dn *) calloc(1, sizeof(gnutls_x509_dn));
|
|
Packit Service |
4684c1 |
if (gnutls_x509_extract_certificate_issuer_dn(cert, dn) < 0) {
|
|
Packit Service |
4684c1 |
free(dn);
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
return dn;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
char *X509_NAME_oneline(gnutls_x509_dn * name, char *buf, int len)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
/* XXX openssl allocates buffer if buf == NULL */
|
|
Packit Service |
4684c1 |
if (!buf)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
memset(buf, 0, len);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
snprintf(buf, len - 1,
|
|
Packit Service |
4684c1 |
"C=%s, ST=%s, L=%s, O=%s, OU=%s, CN=%s/Email=%s",
|
|
Packit Service |
4684c1 |
name->country, name->state_or_province_name,
|
|
Packit Service |
4684c1 |
name->locality_name, name->organization,
|
|
Packit Service |
4684c1 |
name->organizational_unit_name, name->common_name,
|
|
Packit Service |
4684c1 |
name->email);
|
|
Packit Service |
4684c1 |
return buf;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void X509_free(const X509 * cert)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
/* only get certificates as const items */
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* BIO functions */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void BIO_get_fd(gnutls_session_t gnutls_state, int *fd)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_transport_ptr_t tmp =
|
|
Packit Service |
4684c1 |
gnutls_transport_get_ptr(gnutls_state);
|
|
Packit Service |
4684c1 |
*fd = GNUTLS_POINTER_TO_INT(tmp);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
BIO *BIO_new_socket(int sock, int close_flag)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
BIO *bio;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
bio = (BIO *) malloc(sizeof(BIO));
|
|
Packit Service |
4684c1 |
if (!bio)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
bio->fd = GNUTLS_INT_TO_POINTER(sock);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return bio;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* error handling */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
unsigned long ERR_get_error(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
unsigned long ret;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = -1 * last_error;
|
|
Packit Service |
4684c1 |
last_error = 0;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return ret;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
const char *ERR_error_string(unsigned long e, char *buf)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return gnutls_strerror(-1 * e);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* RAND functions */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int RAND_status(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void RAND_seed(const void *buf, int num)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int RAND_bytes(unsigned char *buf, int num)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_rnd(GNUTLS_RND_RANDOM, buf, num);
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int RAND_pseudo_bytes(unsigned char *buf, int num)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_rnd(GNUTLS_RND_NONCE, buf, num);
|
|
Packit Service |
4684c1 |
return 1;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
const char *RAND_file_name(char *buf, size_t len)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return "";
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int RAND_load_file(const char *name, long maxbytes)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return maxbytes;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int RAND_write_file(const char *name)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
return 0;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int RAND_egd_bytes(const char *path, int bytes)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
/* fake it */
|
|
Packit Service |
4684c1 |
return bytes;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* message digest functions */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void MD5_Init(MD5_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
ret = gnutls_hash_init((void *) &ctx->handle, GNUTLS_DIG_MD5);
|
|
Packit Service |
4684c1 |
if (ret < 0)
|
|
Packit Service |
4684c1 |
abort();
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void MD5_Update(MD5_CTX * ctx, const void *buf, int len)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_hash(ctx->handle, buf, len);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void MD5_Final(unsigned char *md, MD5_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_hash_deinit(ctx->handle, md);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
unsigned char *MD5(const unsigned char *buf, unsigned long len,
|
|
Packit Service |
4684c1 |
unsigned char *md)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
if (!md)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_hash_fast(GNUTLS_DIG_MD5, buf, len, md);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return md;
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void RIPEMD160_Init(RIPEMD160_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
ret = gnutls_hash_init((void *) &ctx->handle, GNUTLS_DIG_RMD160);
|
|
Packit Service |
4684c1 |
if (ret < 0)
|
|
Packit Service |
4684c1 |
abort();
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void RIPEMD160_Update(RIPEMD160_CTX * ctx, const void *buf, int len)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_hash(ctx->handle, buf, len);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX * ctx)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
gnutls_hash_deinit(ctx->handle, md);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
unsigned char *RIPEMD160(const unsigned char *buf, unsigned long len,
|
|
Packit Service |
4684c1 |
unsigned char *md)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
if (!md)
|
|
Packit Service |
4684c1 |
return NULL;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_hash_fast(GNUTLS_DIG_RMD160, buf, len, md);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
return md;
|
|
Packit Service |
4684c1 |
}
|