diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2000-12-11 13:43:20 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2000-12-11 13:43:20 +0000 |
commit | 331fbb1b8c377229b10799ae7f23c59d22726413 (patch) | |
tree | e04d61fd845dd3e6922dfa2b6ea20c5c4ca44ebd | |
parent | 15f8719e1e7b8a64fbf4eb7719795097dee5979b (diff) | |
download | gnutls-331fbb1b8c377229b10799ae7f23c59d22726413.tar.gz |
added some new functions in the API. documentation updated.
-rw-r--r-- | doc/API | 14 | ||||
-rw-r--r-- | lib/gnutls.c | 9 | ||||
-rw-r--r-- | lib/gnutls.h | 19 | ||||
-rw-r--r-- | lib/gnutls_buffers.c | 4 | ||||
-rw-r--r-- | lib/gnutls_int.h | 10 | ||||
-rw-r--r-- | lib/gnutls_session.c | 15 | ||||
-rw-r--r-- | src/cli.c | 53 |
7 files changed, 109 insertions, 15 deletions
@@ -33,12 +33,21 @@ int gnutls_close(int cd, GNUTLS_STATE state); BulkCipherAlgorithm gnutls_get_current_cipher( GNUTLS_STATE state); Returns the currently used cipher. +char *_gnutls_cipher_get_name(BulkCipherAlgorithm); + Returns a malloc'ed string with the name of the algorithm; + MACAlgorithm gnutls_get_current_mac_algorithm( GNUTLS_STATE state); Returns the mac algorithm used. +char *_gnutls_mac_get_name(MACAlgorithm); + Returns a malloc'ed string with the name of the algorithm; + CompressionMethod gnutls_get_current_compression_method( GNUTLS_STATE state); Returns the compression algorithm used. +char *_gnutls_compression_get_name(CompressionMethod); + Returns a malloc'ed string with the name of the algorithm; + int gnutls_is_fatal_error( int error); If a function returns a negative value you may feed that value to this function to see if it is fatal. Returns 1 for a fatal @@ -82,6 +91,11 @@ void gnutls_set_current_version(GNUTLS_STATE state, GNUTLS_Version version); Sets the current SSL/TLS version. Accepted values are GNUTLS_SSL3 and GNUTLS_TLS1. +int gnutls_get_current_session_id( GNUTLS_STATE state, void* session, int *session_size); + Returns the session id. This can be used if you want to check if + the next session you tried to resume was actually resumed. + (resumed sessions have the same sessionID with the first session) + int gnutls_get_current_session( GNUTLS_STATE state, void* session, int *session_size); Returns all session parameters - in order to support resuming. The client should call this - and keep the returned session - if he wants to diff --git a/lib/gnutls.c b/lib/gnutls.c index 0f54986b55..cf97b21b91 100644 --- a/lib/gnutls.c +++ b/lib/gnutls.c @@ -731,3 +731,12 @@ ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data return ret; } +BulkCipherAlgorithm gnutls_get_current_cipher( GNUTLS_STATE state) { + return state->security_parameters.bulk_cipher_algorithm; +} +MACAlgorithm gnutls_get_current_mac_algorithm( GNUTLS_STATE state) { + return state->security_parameters.mac_algorithm; +} +CompressionMethod gnutls_get_current_compression_method( GNUTLS_STATE state) { + return state->security_parameters.compression_algorithm; +} diff --git a/lib/gnutls.h b/lib/gnutls.h index 6f754c7b5a..227778a24a 100644 --- a/lib/gnutls.h +++ b/lib/gnutls.h @@ -21,6 +21,7 @@ enum ContentType { GNUTLS_APPLICATION_DATA=23 }; typedef enum ContentType ContentType; #define GNUTLS_AES GNUTLS_RIJNDAEL + enum BulkCipherAlgorithm { GNUTLS_NULL, GNUTLS_ARCFOUR=1, GNUTLS_3DES = 4, GNUTLS_RIJNDAEL }; typedef enum BulkCipherAlgorithm BulkCipherAlgorithm; enum KXAlgorithm { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_DH_DSS, GNUTLS_KX_DH_RSA, GNUTLS_KX_ANON_DH }; @@ -47,12 +48,26 @@ typedef struct GNUTLS_STATE_INT* GNUTLS_STATE; int gnutls_init(GNUTLS_STATE * state, ConnectionEnd con_end); int gnutls_deinit(GNUTLS_STATE * state); ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void* data, size_t sizeofdata); -ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char* data, size_t sizeofdata); +ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, void* data, size_t sizeofdata); int gnutls_close(int cd, GNUTLS_STATE state); int gnutls_handshake(int cd, GNUTLS_STATE state); +int gnutls_check_pending(GNUTLS_STATE state); + +/* get information on the current state */ +BulkCipherAlgorithm gnutls_get_current_cipher( GNUTLS_STATE state); +MACAlgorithm gnutls_get_current_mac_algorithm( GNUTLS_STATE state); +CompressionMethod gnutls_get_current_compression_method( GNUTLS_STATE state); + +/* the name of the specified algorithms */ +char *_gnutls_cipher_get_name(BulkCipherAlgorithm); +char *_gnutls_mac_get_name(MACAlgorithm); +char *_gnutls_compression_get_name(CompressionMethod); + + int gnutls_is_fatal_error( int error); void gnutls_perror( int error); +char* gnutls_strerror(int error); #define gnutls_send( x, y, z, w) gnutls_send_int( x, y, GNUTLS_APPLICATION_DATA, z, w) #define gnutls_recv( x, y, z, w) gnutls_recv_int( x, y, GNUTLS_APPLICATION_DATA, z, w) @@ -69,6 +84,8 @@ void gnutls_set_current_version(GNUTLS_STATE state, GNUTLS_Version version); /* get/set session */ int gnutls_set_current_session( GNUTLS_STATE state, void* session, int session_size); int gnutls_get_current_session( GNUTLS_STATE state, void* session, int *session_size); +/* returns the session ID */ +int gnutls_get_current_session_id( GNUTLS_STATE state, void* session, int *session_size); /* these are deprecated must be replaced by gnutls_errors.h */ #define GNUTLS_E_MAC_FAILED -1 diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c index 4237ac8be0..24b56a4cd3 100644 --- a/lib/gnutls_buffers.c +++ b/lib/gnutls_buffers.c @@ -64,6 +64,10 @@ int gnutls_getDataBufferSize(ContentType type, GNUTLS_STATE state) return 0; } +int gnutls_check_pending(GNUTLS_STATE state) { + return gnutls_getDataBufferSize(GNUTLS_APPLICATION_DATA, state); +} + int gnutls_getDataFromBuffer(ContentType type, GNUTLS_STATE state, char *data, int length) { if (type == GNUTLS_APPLICATION_DATA) { diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index d9b06eeec8..5e15bd8a31 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -2,11 +2,13 @@ #define GNUTLS_INT_H -//#define HANDSHAKE_DEBUG -//#define HARD_DEBUG -//#define READ_DEBUG -//#define WRITE_DEBUG +/* +#define HANDSHAKE_DEBUG +#define HARD_DEBUG +#define READ_DEBUG +#define WRITE_DEBUG #define DEBUG +*/ #define MAX32 4294967295 #define MAX24 16777215 diff --git a/lib/gnutls_session.c b/lib/gnutls_session.c index 442e1d0ec0..16388fba9a 100644 --- a/lib/gnutls_session.c +++ b/lib/gnutls_session.c @@ -40,6 +40,21 @@ int gnutls_get_current_session( GNUTLS_STATE state, void* session, int *session_ return 0; } +/* Returns session id + */ +int gnutls_get_current_session_id( GNUTLS_STATE state, void* session, int *session_size) { + + ( *session_size = state->security_parameters.session_id_size); + + /* just return the session size */ + if (session==NULL) { + return 0; + } + memcpy( session, &state->security_parameters.session_id, *session_size); + + return 0; +} + /* Sets all session parameters - in order to support resuming * session must be the one returned by get_current_session(); * This function should be called before gnutls_handshake_begin @@ -45,11 +45,16 @@ int main() GNUTLS_STATE state; char buffer[MAX_BUF]; char *session; + char* session_id; int session_size; + int session_id_size; + char* tmp_session_id; + int tmp_session_id_size; fd_set rset; int maxfd; struct timeval tv; int user_term = 0; + char *tmp; // signal(SIGPIPE, SIG_IGN); @@ -74,24 +79,28 @@ int main() ret = gnutls_handshake(sd, state); if (ret < 0) { - fprintf(stderr, "Handshake has failed\n"); + fprintf(stderr, "- Handshake has failed\n"); gnutls_perror(ret); gnutls_deinit(&state); return 1; } else { - fprintf(stderr, "Handshake was completed\n"); + fprintf(stderr, "- Handshake was completed\n"); } gnutls_get_current_session( state, NULL, &session_size); session = malloc(session_size); gnutls_get_current_session( state, session, &session_size); - - fprintf(stderr, "Disconnecting\n"); + + gnutls_get_current_session_id( state, NULL, &session_id_size); + session_id = malloc(session_id_size); + gnutls_get_current_session_id( state, session_id, &session_id_size); + + fprintf(stderr, "- Disconnecting\n"); gnutls_close(sd, state); shutdown( sd, SHUT_WR); close(sd); gnutls_deinit( &state); - fprintf(stderr, "\n\nConnecting again- trying to resume previous session\n"); + fprintf(stderr, "\n\n- Connecting again- trying to resume previous session\n"); sd = socket(AF_INET, SOCK_STREAM, 0); ERR(sd, "socket"); @@ -114,13 +123,37 @@ int main() ret = gnutls_handshake(sd, state); if (ret < 0) { - fprintf(stderr, "Handshake failed\n"); + fprintf(stderr, "- Handshake failed\n"); gnutls_perror(ret); gnutls_deinit(&state); return 1; } else { - fprintf(stderr, "Handshake was completed\n"); + fprintf(stderr, "- Handshake was completed\n"); + } + + /* check if we actually resumed the previous session */ + gnutls_get_current_session_id( state, NULL, &tmp_session_id_size); + tmp_session_id = malloc(tmp_session_id_size); + gnutls_get_current_session_id( state, tmp_session_id, &tmp_session_id_size); + if (memcmp( tmp_session_id, session_id, session_id_size)==0) { + fprintf(stderr, "- Previous session was resumed\n"); + } else { + fprintf(stderr, "- Previous session was NOT resumed\n"); } + free(tmp_session_id); + free(session_id); + +/* print some information */ + tmp = _gnutls_compression_get_name(gnutls_get_current_compression_method( state)); + printf("Compression: %s\n", tmp); free(tmp); + + tmp = _gnutls_cipher_get_name(gnutls_get_current_cipher( state)); + printf("Cipher: %s\n", tmp); free(tmp); + + tmp = _gnutls_mac_get_name(gnutls_get_current_mac_algorithm( state)); + printf("MAC: %s\n", tmp); free(tmp); + + printf("\nSimple Client Mode:\n\n"); FD_ZERO(&rset); for(;;) { @@ -141,15 +174,15 @@ int main() if (gnutls_is_fatal_error(ret) == 1) { if (ret == GNUTLS_E_CLOSURE_ALERT_RECEIVED || ret == GNUTLS_E_INVALID_SESSION) { fprintf(stderr, - "Peer has closed the GNUTLS connection\n"); + "- Peer has closed the GNUTLS connection\n"); break; } else { - fprintf(stderr, "Received corrupted data(%d) - server has terminated the connection abnormally\n", + fprintf(stderr, "- Received corrupted data(%d) - server has terminated the connection abnormally\n", ret); break; } } else { - fprintf(stdout, "Received: "); + fprintf(stdout, "- Received: "); for (ii=0;ii<MAX_BUF;ii++) { fputc(buffer[ii], stdout); } |