added internal memory handlers

14 files changed, 57 insertions, 46 deletions

diff --git a/NEWS b/NEWS
index 8bdc7b7590..1f0667c048 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,8 @@
+Version 0.2.0
+- Partial support for X509v3 Certificate extensions.
+- Added Internal memory handlers
+- Removed gnutls_x509_set_cn()
+
 Version 0.1.9 (30/07/2001)
 - Corrected bug(s) in ChangeCipherSpec packet (fixes renegotiate)
 - SRP is updated to conform to the newest draft.
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 09f77c84ab..a5ab36780a 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -16,7 +16,7 @@ EXTRA_DIST = debug.h gnutls_compress.h defines.h pkcs1.asn pkix.asn \
 	cert_asn1.h cert_der.h gnutls_datum.h auth_x509.h gnutls_gcry.h \
 	ext_dnsname.h gnutls_pk.h gnutls_record.h gnutls_cert.h \
 	gnutls_privkey.h gnutls_constate.h gnutls_global.h cert_verify.h \
-	gnutls_sig.h
+	gnutls_sig.h gnutls_mem.h
 lib_LTLIBRARIES = libgnutls.la
 libgnutls_la_SOURCES = gnutls_record.c gnutls_compress.c debug.c \
 	gnutls_cipher.c gnutls_buffers.c gnutls_handshake.c gnutls_num.c \
@@ -29,7 +29,7 @@ libgnutls_la_SOURCES = gnutls_record.c gnutls_compress.c debug.c \
 	cert_ASN.y cert_asn1.c cert_der.c gnutls_datum.c auth_rsa.c \
 	gnutls_gcry.c ext_dnsname.c gnutls_pk.c gnutls_cert.c cert_verify.c\
 	gnutls_global.c gnutls_privkey.c gnutls_constate.c gnutls_anon_cred.c \
-	gnutls_sig_check.c pkix_asn1_tab.c pkcs1_asn1_tab.c
+	gnutls_sig_check.c pkix_asn1_tab.c pkcs1_asn1_tab.c gnutls_mem.c
 
 libgnutls_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE)
 
diff --git a/lib/auth_rsa.c b/lib/auth_rsa.c
index 8fe746f037..d89debb23a 100644
--- a/lib/auth_rsa.c
+++ b/lib/auth_rsa.c
@@ -294,7 +294,7 @@ int gen_rsa_certificate(GNUTLS_KEY key, opaque ** data)
 
 int proc_rsa_client_kx(GNUTLS_KEY key, opaque * data, int data_size)
 {
-	gnutls_datum plaintext;
+	gnutls_sdatum plaintext;
 	gnutls_datum ciphertext;
 	int ret, dsize;
 
diff --git a/lib/cert_b64.c b/lib/cert_b64.c
index e2dce38f4d..0854eee795 100644
--- a/lib/cert_b64.c
+++ b/lib/cert_b64.c
@@ -356,10 +356,8 @@ int _gnutls_fbase64_decode( uint8 * data, int data_size,
 
 	if ((ret = _gnutls_base64_decode( kdata, kdata_size, result)) < 0) {
 		gnutls_assert();
-		gnutls_free(kdata);
 		return GNUTLS_E_PARSING_ERROR;
 	} 
-	gnutls_free(kdata);
 	return ret;
 }
 
diff --git a/lib/crypt_bcrypt.c b/lib/crypt_bcrypt.c
index c435851a15..eb017f8466 100644
--- a/lib/crypt_bcrypt.c
+++ b/lib/crypt_bcrypt.c
@@ -575,7 +575,7 @@ static short _blf_ExpandKey(blf_ctx * c, const uint8 * key, short keybytes,
 static blf_ctx *_blf_init(uint8 * salt, const char *key, int key_len,
 			  int cost)
 {
-	blf_ctx *state = malloc(sizeof(blf_ctx));
+	blf_ctx *state = gnutls_malloc(sizeof(blf_ctx));
 	uint32 i, rcost;
 
 	rcost = (uint32) 1 << cost;	/* 2^cost */
@@ -592,7 +592,7 @@ static blf_ctx *_blf_init(uint8 * salt, const char *key, int key_len,
 
 static void _blf_deinit(blf_ctx * ctx)
 {
-	free(ctx);
+	gnutls_free(ctx);
 }
 static const char magic[] = "$2$";
 
@@ -620,7 +620,7 @@ char *crypt_bcrypt(const char* username, const char *passwd, const char *salt, M
 	if (passwd_len > 56)
 		passwd_len = 56;
 
-	local_salt = malloc(salt_size + 1);
+	local_salt = gnutls_malloc(salt_size + 1);
 	strcpy((char *) local_salt, salt);
 
 	sp = index( local_salt, ':'); /* move to salt - after verifier */
diff --git a/lib/crypt_srpsha1.c b/lib/crypt_srpsha1.c
index e94eeb0d7d..ddb4052fbe 100644
--- a/lib/crypt_srpsha1.c
+++ b/lib/crypt_srpsha1.c
@@ -51,7 +51,7 @@ char *crypt_srpsha1(const char *username, const char *passwd,
 	gnutls_hash_deinit(h1, r1);
 
 	
-	local_salt = malloc(salt_size + 1);
+	local_salt = gnutls_malloc(salt_size + 1);
 	strcpy((char *) local_salt, salt);
 
 	sp = index( local_salt, ':'); /* move to salt - after verifier */
diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c
index 9dac868e05..66331682e5 100644
--- a/lib/gnutls_algorithms.c
+++ b/lib/gnutls_algorithms.c
@@ -1051,7 +1051,13 @@ _gnutls_supported_ciphersuites_sorted(GNUTLS_STATE state,
 	}
 
 	tmp_ciphers = gnutls_malloc(count * sizeof(GNUTLS_CipherSuite));
+	if (tmp_ciphers==NULL) return GNUTLS_E_MEMORY_ERROR;
+	
 	*ciphers = gnutls_malloc(count * sizeof(GNUTLS_CipherSuite));
+	if (*ciphers==NULL) {
+		gnutls_free(tmp_ciphers);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
 
 
 	for (i = 0; i < count; i++) {
@@ -1122,22 +1128,31 @@ _gnutls_supported_ciphersuites_sorted(GNUTLS_STATE state,
 
 int
 _gnutls_supported_ciphersuites(GNUTLS_STATE state,
-			       GNUTLS_CipherSuite ** ciphers)
+			       GNUTLS_CipherSuite ** _ciphers)
 {
 
 	int i, ret_count, j;
 	int count = _gnutls_cipher_suite_count();
 	GNUTLS_CipherSuite *tmp_ciphers;
+	GNUTLS_CipherSuite* ciphers;
+
+	*_ciphers = NULL;
 
 	if (count == 0) {
-		*ciphers = NULL;
 		return 0;
 	}
 
 	tmp_ciphers = gnutls_malloc(count * sizeof(GNUTLS_CipherSuite));
-	*ciphers = gnutls_malloc(count * sizeof(GNUTLS_CipherSuite));
+	if ( tmp_ciphers==NULL)
+		return GNUTLS_E_MEMORY_ERROR;
 
+	ciphers = gnutls_malloc(count * sizeof(GNUTLS_CipherSuite));
 
+	if ( ciphers==NULL) {
+		gnutls_free( tmp_ciphers);
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	
 	for (i = 0; i < count; i++) {
 		tmp_ciphers[i].CipherSuite[0] =
 		    cs_algorithms[i].id.CipherSuite[0];
@@ -1161,26 +1176,25 @@ _gnutls_supported_ciphersuites(GNUTLS_STATE state,
 		    < 0)
 			continue;
 
-		(*ciphers)[j].CipherSuite[0] =
-		    tmp_ciphers[i].CipherSuite[0];
-		(*ciphers)[j].CipherSuite[1] =
-		    tmp_ciphers[i].CipherSuite[1];
+		ciphers[j].CipherSuite[0] = tmp_ciphers[i].CipherSuite[0];
+		ciphers[j].CipherSuite[1] = tmp_ciphers[i].CipherSuite[1];
 		j++;
 	}
 
 	ret_count = j;
 
 	if (ret_count > 0 && ret_count != count) {
-		*ciphers =
-		    gnutls_realloc(*ciphers,
+		ciphers =
+		    gnutls_realloc(ciphers,
 				   ret_count * sizeof(GNUTLS_CipherSuite));
 	} else {
 		if (ret_count != count) {
-			gnutls_free(*ciphers);
-			*ciphers = NULL;
+			gnutls_free(ciphers);
+			ciphers = NULL;
 		}
 	}
 
+	*_ciphers = ciphers;
 	gnutls_free(tmp_ciphers);
 	return ret_count;
 }
diff --git a/lib/gnutls_datum.h b/lib/gnutls_datum.h
index 9d04cfea4b..4280b191e5 100644
--- a/lib/gnutls_datum.h
+++ b/lib/gnutls_datum.h
@@ -3,8 +3,10 @@ void WRITEdatum24( opaque* dest, gnutls_datum dat);
 void WRITEdatum32( opaque* dest, gnutls_datum dat);
 void WRITEdatum8( opaque* dest, gnutls_datum dat);
 
+typedef gnutls_datum gnutls_sdatum;
+
 int gnutls_set_datum( gnutls_datum* dat, const void* data, int data_size);
 /* uses secure_malloc */
-int gnutls_sset_datum( gnutls_datum* dat, const void* data, int data_size);
+int gnutls_sset_datum( gnutls_sdatum* dat, const void* data, int data_size);
 void gnutls_free_datum( gnutls_datum* dat);
-void gnutls_sfree_datum( gnutls_datum* dat);
+void gnutls_sfree_datum( gnutls_sdatum* dat);
diff --git a/lib/gnutls_global.c b/lib/gnutls_global.c
index 4b0e70851b..4bd10e3237 100644
--- a/lib/gnutls_global.c
+++ b/lib/gnutls_global.c
@@ -61,6 +61,8 @@ node_asn* _gnutls_get_pkcs() {
   * a front end to this function. This function should be
   * called once and after gnutls_global_init().
   *
+  * RECV_FUNC is of the form:
+  * ssize_t (*RECV_FUNC)(SOCKET, void*, size_t,int);
   **/
 void gnutls_global_set_recv_func( RECV_FUNC recv_func) {
 	_gnutls_recv_func = recv_func;
@@ -76,6 +78,9 @@ void gnutls_global_set_recv_func( RECV_FUNC recv_func) {
   * some external library (like gnu pthreads), which provide
   * a front end to this function. This function should be
   * called once and after gnutls_global_init().
+  *
+  * SEND_FUNC is of the form:
+  * ssize_t (*SEND_FUNC)(SOCKET, const void*, size_t,int);
   **/
 void gnutls_global_set_send_func( SEND_FUNC send_func) {
 	_gnutls_send_func = send_func;
@@ -89,14 +94,14 @@ void gnutls_global_set_send_func( SEND_FUNC send_func) {
   * is going to use. This function only accepts a character array.
   * Normaly you may not use this function since
   * it is only used for debugging reasons.
+  *
+  * LOG_FUNC is of the form:
+  * void (*LOG_FUNC)( const char*);
   **/
 void gnutls_global_set_log_func( LOG_FUNC log_func) {
 	_gnutls_log_func = log_func;
 }
 
-int gnutls_is_secure_memory(const void* mem) {
-	return 0;
-}
 
 /* default logging function */
 static void dlog( const char* str) {
@@ -119,7 +124,7 @@ int gnutls_global_init()
 	int result;
 
 	/* for gcrypt in order to be able to allocate memory */
-	gcry_set_allocation_handler(gnutls_malloc, secure_malloc, gnutls_is_secure_memory, gnutls_realloc, free);
+	gcry_set_allocation_handler(gnutls_malloc, secure_malloc, _gnutls_is_secure_memory, gnutls_realloc, gnutls_free);
 
 	/* we need this */
 #ifdef HAVE_SIGNAL
@@ -130,7 +135,7 @@ int gnutls_global_init()
 	 */
 	_gnutls_recv_func = recv;
 	_gnutls_send_func = send;
-	_gnutls_log_func = dlog;
+	gnutls_global_set_log_func( dlog);
 
 	/* initialize parser 
 	 * This should not deal with files in the final
diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c
index c8ba0eb513..dacfdc2d00 100644
--- a/lib/gnutls_hash_int.c
+++ b/lib/gnutls_hash_int.c
@@ -404,7 +404,7 @@ static void ssl3_md5(int i, char *secret, int secret_len, char *random,
 
 }
 
-void *gnutls_ssl3_generate_random(void *secret, int secret_len, void *random,
+svoid *gnutls_ssl3_generate_random(void *secret, int secret_len, void *random,
 			   int random_len, int bytes)
 {
 	int size = 0, i = 0;
diff --git a/lib/gnutls_hash_int.h b/lib/gnutls_hash_int.h
index be368331db..be1066c4d4 100644
--- a/lib/gnutls_hash_int.h
+++ b/lib/gnutls_hash_int.h
@@ -60,7 +60,7 @@ int gnutls_hash_get_algo_len(MACAlgorithm algorithm);
 int gnutls_hash(GNUTLS_HASH_HANDLE handle, const void* text, int textlen);
 void gnutls_hash_deinit(GNUTLS_HASH_HANDLE handle, void* digest);
 
-void *gnutls_ssl3_generate_random(void *secret, int secret_len, void *random, int random_len, int bytes);
+svoid *gnutls_ssl3_generate_random(void *secret, int secret_len, void *random, int random_len, int bytes);
 
 GNUTLS_MAC_HANDLE gnutls_mac_init_ssl3_handshake(MACAlgorithm algorithm, void *key, int keylen);
 void gnutls_mac_deinit_ssl3_handshake(GNUTLS_MAC_HANDLE handle, void* digest);
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 3f13411865..6f70e261c1 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -29,10 +29,10 @@
 #define WRITE_DEBUG
 #define HARD_DEBUG
 #define BUFFERS_DEBUG
-#define RECORD_DEBUG*/
 #define HANDSHAKE_DEBUG
+#define RECORD_DEBUG
 #define DEBUG
-
+*/
 
 #define SOCKET int
 #define LIST ...
@@ -78,18 +78,7 @@
 # include <gnutls_gcry.h>
 #endif
 
-/* these are to be implemented
- */
-#define svoid void /* for functions that allocate using secure_free */
-#define secure_free gnutls_free
-#define secure_malloc malloc
-#define secure_realloc realloc
-#define secure_calloc calloc
-#define gnutls_malloc malloc
-#define gnutls_realloc realloc
-#define gnutls_calloc calloc
-#define gnutls_free free
-#define gnutls_strdup strdup
+#include <gnutls_mem.h>
 
 #define DECR_LEN(len, x) len-=x; if (len<0) {gnutls_assert(); return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;}
 
diff --git a/lib/gnutls_pk.c b/lib/gnutls_pk.c
index 53d93ac08d..4c957a63cb 100644
--- a/lib/gnutls_pk.c
+++ b/lib/gnutls_pk.c
@@ -109,7 +109,7 @@ int _gnutls_pkcs1_rsa_encrypt(gnutls_datum * ciphertext, gnutls_datum plaintext,
  * pkey is the private key and n the modulus.
  */
 
-int _gnutls_pkcs1_rsa_decrypt(gnutls_datum * plaintext, gnutls_datum ciphertext,
+int _gnutls_pkcs1_rsa_decrypt(gnutls_sdatum * plaintext, gnutls_datum ciphertext,
 		      MPI pkey, MPI n, int btype)
 {
 	int k, esize, i, ret;
diff --git a/src/serv.c b/src/serv.c
index 524fbb0529..11d1cafdd9 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -94,8 +94,6 @@ GNUTLS_STATE initialize_state()
 	 */
 	gnutls_set_cipher_priority(state, GNUTLS_NULL_CIPHER, 
 				   GNUTLS_RIJNDAEL_CBC, GNUTLS_3DES_CBC, GNUTLS_ARCFOUR, 0);
-	gnutls_set_cipher_priority(state, GNUTLS_NULL_CIPHER, 
-				   GNUTLS_RIJNDAEL_CBC, GNUTLS_3DES_CBC, 0);
 	gnutls_set_compression_priority(state, GNUTLS_ZLIB, GNUTLS_NULL_COMPRESSION, 0);
 	gnutls_set_kx_priority(state, GNUTLS_KX_DHE_RSA, GNUTLS_KX_RSA, GNUTLS_KX_SRP,
 			       GNUTLS_KX_DH_ANON, 0);