diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2000-12-17 19:31:17 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2000-12-17 19:31:17 +0000 |
commit | ac73922c86560cc1fda0fcf2d300ba1743c99182 (patch) | |
tree | 825b3ae170fd589662645d9ec8b503b06641899a | |
parent | 7b239638e8122799581ab736438e09c19026052a (diff) | |
download | gnutls-ac73922c86560cc1fda0fcf2d300ba1743c99182.tar.gz |
added some support for non blocking IO and socket flags. Some function
names have been changed.
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | configure.in | 4 | ||||
-rw-r--r-- | doc/API | 16 | ||||
-rw-r--r-- | doc/TODO | 7 | ||||
-rw-r--r-- | lib/gnutls.c | 103 | ||||
-rw-r--r-- | lib/gnutls.h | 39 | ||||
-rw-r--r-- | lib/gnutls_algorithms.c | 4 | ||||
-rw-r--r-- | lib/gnutls_buffers.c | 4 | ||||
-rw-r--r-- | lib/gnutls_errors.c | 1 | ||||
-rw-r--r-- | lib/gnutls_errors.h | 1 | ||||
-rw-r--r-- | lib/gnutls_handshake.c | 12 | ||||
-rw-r--r-- | lib/gnutls_int.h | 4 | ||||
-rw-r--r-- | src/cli.c | 8 | ||||
-rw-r--r-- | src/port.h | 2 | ||||
-rw-r--r-- | src/serv.c | 8 |
15 files changed, 138 insertions, 78 deletions
@@ -1,7 +1,8 @@ -Version 0.x.y +Version 0.0.6 - Added client side session resuming - Better documentation (check doc/API) - Better socket handling (gnutls can be used with select()) +- Some primitive support for non blocking IO and socket options has been added. Version 0.0.5 (7/12/2000) - Added Compression (using ZLIB) diff --git a/configure.in b/configure.in index 2d85e28a84..46e456f6db 100644 --- a/configure.in +++ b/configure.in @@ -11,7 +11,7 @@ AC_DEFINE_UNQUOTED(T_OS, "$target_os") GNUTLS_MAJOR_VERSION=0 GNUTLS_MINOR_VERSION=0 -GNUTLS_MICRO_VERSION=5 +GNUTLS_MICRO_VERSION=6 GNUTLS_VERSION=$GNUTLS_MAJOR_VERSION.$GNUTLS_MINOR_VERSION.$GNUTLS_MICRO_VERSION @@ -112,7 +112,7 @@ fi AC_HEADER_STDC AC_CHECK_HEADERS(unistd.h pwd.h locale.h strings.h stdarg.h) AC_CHECK_HEADERS(sys/stat.h sys/types.h fcntl.h sys/wait.h sys/socket.h) -AC_CHECK_HEADERS(utime.h signal.h zlib.h) +AC_CHECK_HEADERS(utime.h signal.h zlib.h errno.h) AC_CHECK_HEADERS(termios.h termio.h sgtty.h) AC_CHECK_FUNCS(bzero signal sigaction memset fcntl fsync siglongjmp,,) AC_CHECK_FUNCS(lstat stat umask utime memmove bcopy getpwuid waitpid,,) @@ -59,14 +59,26 @@ char* gnutls_strerror(int error); gnutls_strerror() returns a malloc'ed value thus it must be freed. -ssize_t gnutls_send(int cd, GNUTLS_STATE state, void* data, int sizeofdata); +ssize_t gnutls_write(int cd, GNUTLS_STATE state, void* data, int sizeofdata); This function has the same semantics as write() has. The only difference is that is accepts a GNUTLS state. -ssize_t gnutls_recv(int cd, GNUTLS_STATE state, void* data, int sizeofdata); +ssize_t gnutls_read(int cd, GNUTLS_STATE state, void* data, int sizeofdata); This function has the same semantics as read() has. The only difference is that is accepts a GNUTLS state. +ssize_t gnutls_recv(int cd, GNUTLS_STATE state, void* data, int sizeofdata, int flags); + This function has the same semantics as recv() has. The only + difference is that is accepts a GNUTLS state. However the + only acceptable flag is currently MSG_DONTWAIT. In that case, or + if the socket is set to non blocking IO it will return GNUTLS_E_AGAIN, + if there no data in the socket. + +ssize_t gnutls_send(int cd, GNUTLS_STATE state, void* data, int sizeofdata, int flags); + This function has the same semantics as send() has. The only + difference is that is accepts a GNUTLS state. Currently flags cannot + be anything except 0. + int gnutls_check_pending(GNUTLS_STATE state); This function checks if there are any data to receive in the gnutls buffers. Returns the size of that data or 0. @@ -1,6 +1,5 @@ -* x509 Certificate API -* OpenPGP certificate support (through libgcrypt) +* x509 Certificate API * Make server work (we need certificate API for that!) -* Add support for v2.0 init packet (why do that anyway ???) * Resume old sessions (server side) -* Non-blocking IO support (send mail to gnutls-dev@gnupg.org if you are interested/want to help) +* Add support for v2.0 init packet (why do that anyway ???) +* OpenPGP certificate support (through libgcrypt) diff --git a/lib/gnutls.c b/lib/gnutls.c index 01a5e7948c..e90816e657 100644 --- a/lib/gnutls.c +++ b/lib/gnutls.c @@ -31,6 +31,13 @@ #include "gnutls_cipher_int.h" #include "gnutls_priority.h" #include "gnutls_algorithms.h" +#ifdef HAVE_ERRNO_H +#include <errno.h> +#endif + +#ifndef EAGAIN +# define EAGAIN EWOULDBLOCK +#endif GNUTLS_Version gnutls_get_current_version(GNUTLS_STATE state) { GNUTLS_Version ver; @@ -342,7 +349,7 @@ int _gnutls_send_alert(int cd, GNUTLS_STATE state, AlertLevel level, AlertDescri memmove(&data[0], &level, 1); memmove(&data[1], &desc, 1); - return gnutls_send_int(cd, state, GNUTLS_ALERT, data, 2); + return gnutls_send_int(cd, state, GNUTLS_ALERT, data, 2, 0); } @@ -353,7 +360,7 @@ int gnutls_close(int cd, GNUTLS_STATE state) ret = _gnutls_send_alert(cd, state, GNUTLS_WARNING, GNUTLS_CLOSE_NOTIFY); /* receive the closure alert */ - gnutls_recv_int(cd, state, GNUTLS_ALERT, NULL, 0); + gnutls_recv_int(cd, state, GNUTLS_ALERT, NULL, 0, 0); state->gnutls_internals.valid_connection = VALID_FALSE; @@ -377,7 +384,7 @@ int gnutls_close_nowait(int cd, GNUTLS_STATE state) * It is intended to transfer data, under the current state. */ #define MAX_ENC_LEN 16384 -ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void *_data, size_t sizeofdata) +ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void *_data, size_t sizeofdata, int flags) { uint8 *cipher; int i, cipher_size; @@ -510,11 +517,13 @@ ssize_t _gnutls_send_change_cipher_spec(int cd, GNUTLS_STATE state) return ret; } +#define RCVLOWAT 1 /* this is the default for TCP - just don't change that! */ + static int _gnutls_clear_peeked_data( int cd, GNUTLS_STATE state) { char peekdata; /* this was already read by using MSG_PEEK - so it shouldn't fail */ - _gnutls_Read( cd, &peekdata, 1, 0); + _gnutls_Read( cd, &peekdata, RCVLOWAT, 0); return 0; } @@ -523,13 +532,17 @@ char peekdata; * that it accepts, the gnutls_state and the ContentType of data to * send (if called by the user the Content is Userdata only) * It is intended to receive data, under the current state. + * flags is the sockets flags to use. Currently only MSG_DONTWAIT is + * supported. */ +#define HEADER_SIZE 5 #define MAX_RECV_SIZE 18432 /* 2^14+2048 */ -ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data, size_t sizeofdata) +ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data, size_t sizeofdata, int flags) { uint8 *tmpdata; int tmplen; GNUTLS_Version version; + uint8 headers[HEADER_SIZE]; uint8 recv_type; uint16 length; uint8 *ciphertext; @@ -554,28 +567,27 @@ ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data return GNUTLS_E_INVALID_SESSION; } - if ( _gnutls_Read(cd, &recv_type, 1, 0) != 1) { + /* in order for GNUTLS_E_AGAIN to be returned the socket + * must be set to non blocking mode + */ + if ( _gnutls_Read(cd, headers, HEADER_SIZE, MSG_PEEK|flags) != HEADER_SIZE) { + if (errno==EAGAIN) return GNUTLS_E_AGAIN; state->gnutls_internals.valid_connection = VALID_FALSE; if (type==GNUTLS_ALERT) return 0; /* we were expecting close notify */ state->gnutls_internals.resumable = RESUME_FALSE; gnutls_assert(); return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; } + + memcpy( &recv_type, &headers[0], 1); + memcpy( &version.major, &headers[1], 1); + memcpy( &version.minor, &headers[2], 1); version.local = 0; /* TLS/SSL 3.0 */ - - if (_gnutls_Read(cd, &version.major, 1, 0) != 1) { - state->gnutls_internals.valid_connection = VALID_FALSE; - state->gnutls_internals.resumable = RESUME_FALSE; - gnutls_assert(); - return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; - } - if (_gnutls_Read(cd, &version.minor, 1, 0) != 1) { - state->gnutls_internals.valid_connection = VALID_FALSE; - state->gnutls_internals.resumable = RESUME_FALSE; - gnutls_assert(); - return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; - } + memcpy( &length, &headers[3], 2); +#ifndef WORDS_BIGENDIAN + length = byteswap16(length); +#endif if (_gnutls_version_is_supported(state, version) == 0) { #ifdef DEBUG @@ -589,15 +601,6 @@ ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data gnutls_set_current_version(state, version); } - if (_gnutls_Read(cd, &length, 2, 0) != 2) { - state->gnutls_internals.valid_connection = VALID_FALSE; - state->gnutls_internals.resumable = RESUME_FALSE; - gnutls_assert(); - return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; - } -#ifndef WORDS_BIGENDIAN - length = byteswap16(length); -#endif #ifdef HARD_DEBUG fprintf(stderr, "Expected Packet[%d] %s(%d) with length: %d\n", @@ -617,19 +620,39 @@ ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; } - ciphertext = gnutls_malloc(length); + ciphertext = gnutls_malloc(length+HEADER_SIZE); - /* read ciphertext */ +/* check if we have that data into buffer. This seems to be + * expensive - but this is the only way to handle Non Blocking IO. + */ + if ( _gnutls_Read(cd, ciphertext, HEADER_SIZE+length, MSG_PEEK|flags) != length+HEADER_SIZE) { + gnutls_free(ciphertext); + + if (errno==EAGAIN) return GNUTLS_E_AGAIN; + state->gnutls_internals.valid_connection = VALID_FALSE; + state->gnutls_internals.resumable = RESUME_FALSE; + gnutls_assert(); + return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; + } +/* ok now we are sure that we can read all the data - so + * move on ! + */ + _gnutls_Read(cd, headers, HEADER_SIZE, 0); /* read and clear the headers - again! */ +/* Read the whole packet - again? */ if ( type==GNUTLS_APPLICATION_DATA) { /* get the data - but do not free the buffer in the kernel */ - ret = _gnutls_Read(cd, ciphertext, length-1, 0); + ret = _gnutls_Read(cd, ciphertext, length-RCVLOWAT, 0); if (ret>=0) - ret += _gnutls_Read(cd, &ciphertext[length-1], 1, MSG_PEEK); - } else { + ret += _gnutls_Read(cd, &ciphertext[length-RCVLOWAT], RCVLOWAT, MSG_PEEK); + + } else { /* our - internal data */ ret = _gnutls_Read(cd, ciphertext, length, 0); } + /* Oooops... very rare case since we know that the system HAD + * received that data. + */ if (ret != length) { #ifdef DEBUG fprintf(stderr, "Received packet with length: %d\nExpected %d\n", ret, length); @@ -709,8 +732,14 @@ ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data /* this packet is now handled above */ gnutls_assert(); return GNUTLS_E_UNEXPECTED_PACKET; - + case GNUTLS_APPLICATION_DATA: + /* even if data is unexpected put it into the buffer */ + gnutls_insertDataBuffer(recv_type, state, (void *) tmpdata, tmplen); + break; default: +#ifdef DEBUG + fprintf(stderr, "Received Unknown packet %d expecting %d\n", recv_type, type); +#endif gnutls_assert(); return GNUTLS_E_UNKNOWN_ERROR; } @@ -734,12 +763,12 @@ ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data } gnutls_free(tmpdata); } else { - if (recv_type != type) { + if (recv_type != GNUTLS_APPLICATION_DATA) { gnutls_assert(); return GNUTLS_E_RECEIVED_BAD_MESSAGE; + } else { + ret = 0; /* ok */ } - gnutls_assert(); /* this shouldn't have happened */ - ret = GNUTLS_E_RECEIVED_BAD_MESSAGE; } return ret; diff --git a/lib/gnutls.h b/lib/gnutls.h index 8e7fa20294..7b70414abb 100644 --- a/lib/gnutls.h +++ b/lib/gnutls.h @@ -45,10 +45,12 @@ extern GNUTLS_Version GNUTLS_SSL3; struct GNUTLS_STATE_INT; typedef struct GNUTLS_STATE_INT* GNUTLS_STATE; +/* internal functions */ +ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void* data, size_t sizeofdata, int flags); +ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, void* data, size_t sizeofdata, int flags); + int gnutls_init(GNUTLS_STATE * state, ConnectionEnd con_end); int gnutls_deinit(GNUTLS_STATE * state); -ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void* data, size_t sizeofdata); -ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, void* data, size_t sizeofdata); int gnutls_close(int cd, GNUTLS_STATE state); int gnutls_handshake(int cd, GNUTLS_STATE state); int gnutls_check_pending(GNUTLS_STATE state); @@ -69,8 +71,11 @@ int gnutls_is_fatal_error( int error); void gnutls_perror( int error); char* gnutls_strerror(int error); -#define gnutls_send( x, y, z, w) gnutls_send_int( x, y, GNUTLS_APPLICATION_DATA, z, w) -#define gnutls_recv( x, y, z, w) gnutls_recv_int( x, y, GNUTLS_APPLICATION_DATA, z, w) +#define gnutls_send( x, y, z, w, e) gnutls_send_int( x, y, GNUTLS_APPLICATION_DATA, z, w, e) +#define gnutls_recv( x, y, z, w, e) gnutls_recv_int( x, y, GNUTLS_APPLICATION_DATA, z, w, e) + +#define gnutls_write( x, y, z, w) gnutls_send( x, y, z, w, 0) +#define gnutls_read( x, y, z, w) gnutls_recv( x, y, z, w, 0) /* functions to set priority of cipher suites */ void gnutls_set_cipher_priority( GNUTLS_STATE state, int num, ...); @@ -88,13 +93,13 @@ int gnutls_get_current_session( GNUTLS_STATE state, void* session, int *session_ int gnutls_get_current_session_id( GNUTLS_STATE state, void* session, int *session_size); /* these are deprecated must be replaced by gnutls_errors.h */ -#define GNUTLS_E_MAC_FAILED -1 -#define GNUTLS_E_UNKNOWN_CIPHER -2 -#define GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3 -#define GNUTLS_E_UNKNOWN_MAC_ALGORITHM -4 -#define GNUTLS_E_UNKNOWN_ERROR -5 -#define GNUTLS_E_UNKNOWN_CIPHER_TYPE -6 -#define GNUTLS_E_LARGE_PACKET -7 +#define GNUTLS_E_MAC_FAILED -1 +#define GNUTLS_E_UNKNOWN_CIPHER -2 +#define GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM -3 +#define GNUTLS_E_UNKNOWN_MAC_ALGORITHM -4 +#define GNUTLS_E_UNKNOWN_ERROR -5 +#define GNUTLS_E_UNKNOWN_CIPHER_TYPE -6 +#define GNUTLS_E_LARGE_PACKET -7 #define GNUTLS_E_UNSUPPORTED_VERSION_PACKET -8 #define GNUTLS_E_UNEXPECTED_PACKET_LENGTH -9 #define GNUTLS_E_INVALID_SESSION -10 @@ -105,3 +110,15 @@ int gnutls_get_current_session_id( GNUTLS_STATE state, void* session, int *sessi #define GNUTLS_E_UNEXPECTED_PACKET -15 #define GNUTLS_E_WARNING_ALERT_RECEIVED -16 #define GNUTLS_E_CLOSURE_ALERT_RECEIVED -17 +#define GNUTLS_E_ERROR_IN_FINISHED_PACKET -18 +#define GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET -19 +#define GNUTLS_E_UNKNOWN_KX_ALGORITHM -20 +#define GNUTLS_E_UNKNOWN_CIPHER_SUITE -21 +#define GNUTLS_E_UNWANTED_ALGORITHM -22 +#define GNUTLS_E_MPI_SCAN_FAILED -23 +#define GNUTLS_E_DECRYPTION_FAILED -24 +#define GNUTLS_E_MEMORY_ERROR -25 +#define GNUTLS_E_DECOMPRESSION_FAILED -26 +#define GNUTLS_E_COMPRESSION_FAILED -27 +#define GNUTLS_E_AGAIN -28 +#define GNUTLS_E_UNIMPLEMENTED_FEATURE -50 diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index ef4eacb44f..d9142778d0 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -884,7 +884,7 @@ _gnutls_supported_ciphersuites_sorted(GNUTLS_STATE state, sizeof(GNUTLS_CipherSuite), _gnutls_compare_algo); for (i = 0; i < count; i++) { -/* if (_gnutls_kx_priority + if (_gnutls_kx_priority (state, _gnutls_cipher_suite_get_kx_algo(tmp_ciphers[i])) < 0) continue; @@ -897,7 +897,7 @@ _gnutls_supported_ciphersuites_sorted(GNUTLS_STATE state, _gnutls_cipher_suite_get_cipher_algo(tmp_ciphers[i])) < 0) continue; -*/ + (*ciphers)[j].CipherSuite[0] = tmp_ciphers[i].CipherSuite[0]; (*ciphers)[j].CipherSuite[1] = tmp_ciphers[i].CipherSuite[1]; j++; diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c index 24b56a4cd3..f3608de60d 100644 --- a/lib/gnutls_buffers.c +++ b/lib/gnutls_buffers.c @@ -197,7 +197,7 @@ ssize_t _gnutls_Send_int(int fd, GNUTLS_STATE state, ContentType type, void *ipt left = n; while (left > 0) { - i = gnutls_send_int(fd, state, type, &ptr[i], left); + i = gnutls_send_int(fd, state, type, &ptr[i], left, 0); if (i <= 0) { return i; } @@ -216,7 +216,7 @@ ssize_t _gnutls_Recv_int(int fd, GNUTLS_STATE state, ContentType type, void *ipt left = sizeOfPtr; while (left > 0) { - i = gnutls_recv_int(fd, state, type, &ptr[i], left); + i = gnutls_recv_int(fd, state, type, &ptr[i], left, 0); if (i < 0) { return i; } else { diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c index bf5ff3c656..50434de450 100644 --- a/lib/gnutls_errors.c +++ b/lib/gnutls_errors.c @@ -62,6 +62,7 @@ static gnutls_error_entry error_algorithms[] = { GNUTLS_ERROR_ENTRY( GNUTLS_E_COMPRESSION_FAILED, 1), GNUTLS_ERROR_ENTRY( GNUTLS_E_MEMORY_ERROR, 1), GNUTLS_ERROR_ENTRY( GNUTLS_E_UNIMPLEMENTED_FEATURE, 1), + GNUTLS_ERROR_ENTRY( GNUTLS_E_AGAIN, 0), {0} }; diff --git a/lib/gnutls_errors.h b/lib/gnutls_errors.h index b974e6a7e2..6520958749 100644 --- a/lib/gnutls_errors.h +++ b/lib/gnutls_errors.h @@ -27,6 +27,7 @@ #define GNUTLS_E_MEMORY_ERROR -25 #define GNUTLS_E_DECOMPRESSION_FAILED -26 #define GNUTLS_E_COMPRESSION_FAILED -27 +#define GNUTLS_E_AGAIN -28 #define GNUTLS_E_UNIMPLEMENTED_FEATURE -50 diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 65b5080784..1b6f387178 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -684,15 +684,15 @@ int _gnutls_recv_hello(int cd, GNUTLS_STATE state, char *data, int datalen) z = 1; x = _gnutls_supported_ciphersuites(state, &cipher_suites); for (i = 0; i < x; i++) { - if (memcmp - (&cipher_suites[i], cipher_suite.CipherSuite, - 2) == 0) { + if (memcmp (&cipher_suites[i], cipher_suite.CipherSuite, 2) == 0) { z = 0; - } } - if (z != 0) + if (z != 0) { + gnutls_assert(); return GNUTLS_E_UNKNOWN_CIPHER_TYPE; + } + memmove(state->gnutls_internals. current_cipher_suite.CipherSuite, cipher_suite.CipherSuite, 2); @@ -960,7 +960,7 @@ int ret=0; ret = gnutls_recv_int(cd, state, GNUTLS_CHANGE_CIPHER_SPEC, - NULL, 0); + NULL, 0, 0); if (ret < 0) { ERR("recv ChangeCipherSpec", ret); gnutls_clearHashDataBuffer( state); diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index ae37fb5c3e..8a2a226b7f 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -302,8 +302,8 @@ svoid *gnutls_PRF( opaque * secret, int secret_size, uint8 * label, void gnutls_set_current_version(GNUTLS_STATE state, GNUTLS_Version version); GNUTLS_Version gnutls_get_current_version(GNUTLS_STATE state); int _gnutls_set_keys(GNUTLS_STATE state); -ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void* data, size_t sizeofdata); -ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char* data, size_t sizeofdata); +ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void* data, size_t sizeofdata, int flags); +ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char* data, size_t sizeofdata, int flags); int _gnutls_send_change_cipher_spec(int cd, GNUTLS_STATE state); int _gnutls_version_cmp(GNUTLS_Version ver1, GNUTLS_Version ver2); #define _gnutls_version_ssl3(x) _gnutls_version_cmp(x, GNUTLS_SSL3) @@ -76,7 +76,7 @@ int main() gnutls_init(&state, GNUTLS_CLIENT); gnutls_set_current_version( state, GNUTLS_TLS1); - gnutls_set_cipher_priority( state, 2, GNUTLS_ARCFOUR, GNUTLS_3DES); + gnutls_set_cipher_priority( state, 3, GNUTLS_3DES, GNUTLS_ARCFOUR, GNUTLS_RIJNDAEL); gnutls_set_compression_priority( state, 1, GNUTLS_NULL_COMPRESSION); gnutls_set_kx_priority( state, 3, GNUTLS_KX_ANON_DH, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA); gnutls_set_mac_priority( state, 2, GNUTLS_MAC_SHA, GNUTLS_MAC_MD5); @@ -118,7 +118,7 @@ int main() gnutls_set_current_version( state, GNUTLS_TLS1); - gnutls_set_cipher_priority( state, 2, GNUTLS_ARCFOUR, GNUTLS_3DES); + gnutls_set_cipher_priority( state, 3, GNUTLS_RIJNDAEL, GNUTLS_3DES, GNUTLS_ARCFOUR); gnutls_set_compression_priority( state, 2, GNUTLS_ZLIB, GNUTLS_NULL_COMPRESSION); gnutls_set_kx_priority( state, 3, GNUTLS_KX_ANON_DH, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA); gnutls_set_mac_priority( state, 2, GNUTLS_MAC_SHA, GNUTLS_MAC_MD5); @@ -174,7 +174,7 @@ int main() if (FD_ISSET(sd, &rset)) { bzero(buffer, MAX_BUF); - ret = gnutls_recv(sd, state, buffer, MAX_BUF); + ret = gnutls_read(sd, state, buffer, MAX_BUF); /* remove new line */ if (buffer[strlen(buffer)-1]=='\n') buffer[strlen(buffer)-1]='\0'; if (gnutls_is_fatal_error(ret) == 1) { @@ -203,7 +203,7 @@ int main() user_term = 1; continue; } - gnutls_send( sd, state, buffer, strlen(buffer)); + gnutls_write( sd, state, buffer, strlen(buffer)); } } if (user_term!=0) gnutls_close(sd, state); diff --git a/src/port.h b/src/port.h index 696b48cb7d..003fa6f42e 100644 --- a/src/port.h +++ b/src/port.h @@ -1,2 +1,2 @@ -#define PORT 5556 +#define PORT 5555 #define SERVER "127.0.0.1" diff --git a/src/serv.c b/src/serv.c index ad6bbd2b3b..671f681ff8 100644 --- a/src/serv.c +++ b/src/serv.c @@ -61,7 +61,7 @@ int main() client_len = sizeof(sa_cli); for (;;) { gnutls_init(&state, GNUTLS_SERVER); - gnutls_set_cipher_priority( state, 2, GNUTLS_RIJNDAEL, GNUTLS_3DES); + gnutls_set_cipher_priority( state, 3, GNUTLS_RIJNDAEL, GNUTLS_3DES, GNUTLS_ARCFOUR); gnutls_set_compression_priority( state, 2, GNUTLS_ZLIB, GNUTLS_NULL_COMPRESSION); gnutls_set_kx_priority( state, 1, GNUTLS_KX_ANON_DH); gnutls_set_mac_priority( state, 2, GNUTLS_MAC_SHA, GNUTLS_MAC_MD5); @@ -85,7 +85,7 @@ int main() fprintf(stderr, "Handshake was completed\n"); fprintf(stderr, "Acting as echo server...\n"); /* ret = - gnutls_send(sd, state, "hello client", + gnutls_write(sd, state, "hello client", sizeof("hello client")); if (ret < 0) { close(sd); @@ -96,7 +96,7 @@ int main() */ for (;;) { bzero( buffer, MAX_BUF); - ret = gnutls_recv(sd, state, buffer, MAX_BUF); + ret = gnutls_read(sd, state, buffer, MAX_BUF); if (gnutls_is_fatal_error(ret) == 1) { if (ret == GNUTLS_E_CLOSURE_ALERT_RECEIVED) { fprintf(stderr, @@ -108,7 +108,7 @@ int main() } } - gnutls_send(sd, state, buffer, strlen(buffer)); + gnutls_write(sd, state, buffer, strlen(buffer)); } fprintf(stderr, "\n"); gnutls_close(sd, state); |