diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-01-09 21:52:41 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2003-01-09 21:52:41 +0000 |
commit | 96dbf9713554a3ee9b712d3ff7701f602361312c (patch) | |
tree | ab2c68fda2b517a2aad22b54d37ae57afffee3c5 | |
parent | 1fe97a36ba1d398433c2a7f3f0eb2648295da3f6 (diff) | |
download | gnutls-96dbf9713554a3ee9b712d3ff7701f602361312c.tar.gz |
Only the documented symbols are now exported.
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | acinclude.m4 | 1 | ||||
-rw-r--r-- | configure.in | 37 | ||||
-rw-r--r-- | doc/README.CODING_STYLE | 2 | ||||
-rw-r--r-- | lib/Makefile.am | 6 | ||||
-rw-r--r-- | lib/defines.h | 4 | ||||
-rw-r--r-- | lib/gnutls.h.in.in | 4 | ||||
-rw-r--r-- | lib/gnutls.sym | 164 | ||||
-rw-r--r-- | lib/gnutls_auth.c | 12 | ||||
-rw-r--r-- | lib/gnutls_cipher_int.c | 39 | ||||
-rw-r--r-- | lib/gnutls_cipher_int.h | 10 | ||||
-rw-r--r-- | lib/gnutls_hash_int.c | 77 | ||||
-rw-r--r-- | lib/gnutls_hash_int.h | 8 | ||||
-rw-r--r-- | lib/gnutls_state.c | 2 | ||||
-rw-r--r-- | libextra/Makefile.am | 4 | ||||
-rw-r--r-- | libextra/gnutls-extra.sym | 43 |
16 files changed, 245 insertions, 170 deletions
@@ -1,4 +1,4 @@ -Version 0.7.0 +Version 0.8.0 - Added gnutls_x509_extract_dn_string() which returns a distinguished name in a single string. - Added gnutls_openpgp_extract_key_name_string() which returns diff --git a/acinclude.m4 b/acinclude.m4 index 92b2e55b39..d17eb1d71c 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -1,7 +1,6 @@ include(opencdk.m4) include(libgcrypt.m4) -include(libmcrypt.m4) dnl *-*wedit:notab*-* Please keep this as the last line. diff --git a/configure.in b/configure.in index 6d8a059c25..769294d936 100644 --- a/configure.in +++ b/configure.in @@ -11,7 +11,7 @@ AC_DEFINE_UNQUOTED(T_OS, "$target_os", [OS name]) dnl Gnutls Version GNUTLS_MAJOR_VERSION=0 -GNUTLS_MINOR_VERSION=7 +GNUTLS_MINOR_VERSION=8 GNUTLS_MICRO_VERSION=0 GNUTLS_VERSION=$GNUTLS_MAJOR_VERSION.$GNUTLS_MINOR_VERSION.$GNUTLS_MICRO_VERSION @@ -78,8 +78,6 @@ AC_MSG_RESULT([*** AC_PROG_CC -AC_PROG_YACC - AC_PROG_LN_S @@ -229,22 +227,6 @@ AM_PATH_LIBGCRYPT(1.1.8,, dnl Can't disable - gnutls depends on gcrypt AC_DEFINE(USE_GCRYPT, 1, [use gcrypt]) -dnl MCRYPT - -AC_ARG_WITH( mcrypt, [ --with-mcrypt enable libmcrypt support], - [AM_PATH_LIBMCRYPT( 2.4.0,, - AC_MSG_ERROR([[*** libmcrypt was not found]]) - AC_MSG_ERROR([[*** You need libmcrypt 2.4.x to compile this program. http://mcrypt.hellug.gr]]) - ) - ] -) - -LIBS="${LIBS} ${LIBMCRYPT_LIBS}" - -AC_ARG_WITH( mhash, [ --with-mhash enable libmhash support], - [AC_CHECK_LIB(mhash, mhash_init, AC_DEFINE(USE_MHASH, 1, [Whether to use mhash]) -LIBS="${LIBS} -lmhash")]) - AC_MSG_CHECKING([whether to disable SRP authentication support]) @@ -287,23 +269,22 @@ fi AC_ARG_WITH(included-libtasn1, [ --with-included-libtasn1 Use the included libtasn1], -libtasn1_enabled=yes, -libtasn1_enabled=no +minitasn1_enabled=$withval, +minitasn1_enabled=no AC_CHECK_LIB( tasn1, asn1_array2tree,:, - libtasn1_enabled=yes - AC_MSG_WARN( + minitasn1_enabled=yes *** *** LibtASN1 was not found. Will use the included one.)) -) if test x$opt_developer_mode = xyes; then - libtasn1_enabled=yes -else - libtasn1_enabled=no + minitasn1_enabled=yes fi +AC_MSG_CHECKING([whether to use the included minitasn1]) +AC_MSG_RESULT($minitasn1_enabled) + dnl CHECK FOR ZLIB SUPPORT dnl @@ -363,7 +344,7 @@ AC_SUBST(LZO_LINK) dnl CHECK FOR THE LIBTASN1 LIBRARY or use the included one dnl -if test x"$libtasn1_enabled" = xyes; then +if test x"$minitasn1_enabled" = xyes; then MINITASN1_OBJECTS="minitasn1/coding.lo minitasn1/decoding.lo minitasn1/element.lo \ minitasn1/errors.lo minitasn1/gstr.lo minitasn1/parser_aux.lo minitasn1/structure.lo" MINITASN1_DIR=minitasn1 diff --git a/doc/README.CODING_STYLE b/doc/README.CODING_STYLE index a3d2fa92d6..a9a1c55db0 100644 --- a/doc/README.CODING_STYLE +++ b/doc/README.CODING_STYLE @@ -32,6 +32,8 @@ The rules here are not always used, although we try to stick to them. Internal functions -- that are not exported in the API -- should be prefixed with an underscore. Ie. _gnutls_handshake_begin() + All exported functions must be listed in gnutls.sym and gnutls-extra.sym, + in order to be exported. *** Constructed types: The constructed types in gnutls always have the "gnutls_" prefix. diff --git a/lib/Makefile.am b/lib/Makefile.am index cfd94d709c..00f6b81b52 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -20,7 +20,8 @@ EXTRA_DIST = minitasn1 debug.h gnutls_compress.h defines.h gnutls.asn pkix.asn \ gnutls_sig.h gnutls_mem.h x509_extensions.h gnutls_ui.h \ gnutls-api.tex io_debug.h ext_max_record.h gnutls_session_pack.h \ gnutls_alert.h gnutls_str.h gnutls_state.h gnutls_x509.h \ - ext_cert_type.h gnutls_rsa_export.h ext_server_name.h auth_dh_common.h + ext_cert_type.h gnutls_rsa_export.h ext_server_name.h auth_dh_common.h \ + gnutls.sym lib_LTLIBRARIES = libgnutls.la @@ -47,7 +48,8 @@ libgnutls_la_SOURCES = $(COBJECTS) libgnutls_la_LIBADD = $(MINITASN1_OBJECTS) libgnutls_la_LDFLAGS = $(LIBASN1_LINK) $(LIBGCRYPT_LIBS) \ - -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) + -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) \ + -export-symbols gnutls.sym pkix_asn1_tab.c: pkix.asn -../libtasn1/src/asn1c pkix.asn pkix_asn1_tab.c diff --git a/lib/defines.h b/lib/defines.h index 9caccf5720..17b3add903 100644 --- a/lib/defines.h +++ b/lib/defines.h @@ -89,10 +89,6 @@ typedef long ptrdiff_t; # include <sys/socket.h> #endif -#ifdef LIBMCRYPT24 -# define USE_MCRYPT -#endif - #ifndef HAVE_UINT typedef unsigned int uint; typedef signed int sint; diff --git a/lib/gnutls.h.in.in b/lib/gnutls.h.in.in index df96c6008b..e50d6225eb 100644 --- a/lib/gnutls.h.in.in +++ b/lib/gnutls.h.in.in @@ -1,7 +1,7 @@ /* * Copyright (C) 2000,2001,2002 Nikos Mavroyanopoulos * - * This file is part of GNUTLS. + * This file is part of GNUTLS. * * The GNUTLS library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public @@ -270,7 +270,7 @@ const char* gnutls_check_version( const char*); /* Functions for setting/clearing credentials */ -int gnutls_clear_creds( gnutls_session session); +int gnutls_credentials_clear( gnutls_session session); /* cred is a structure defined by the kx algorithm */ diff --git a/lib/gnutls.sym b/lib/gnutls.sym new file mode 100644 index 0000000000..1931d431a6 --- /dev/null +++ b/lib/gnutls.sym @@ -0,0 +1,164 @@ +gnutls_alert_get +gnutls_alert_get_name +gnutls_alert_send +gnutls_alert_send_appropriate +gnutls_anon_allocate_client_cred +gnutls_anon_allocate_client_credentials +gnutls_anon_allocate_server_cred +gnutls_anon_allocate_server_credentials +gnutls_anon_free_client_cred +gnutls_anon_free_client_credentials +gnutls_anon_free_server_cred +gnutls_anon_free_server_credentials +gnutls_anon_set_server_dh_params +gnutls_auth_get_type +gnutls_b64_decode_fmt +gnutls_b64_decode_fmt2 +gnutls_b64_encode_fmt +gnutls_b64_encode_fmt2 +gnutls_bye +gnutls_calc_dh_key +gnutls_calc_dh_secret +gnutls_calloc +gnutls_certificate_activation_time_peers +gnutls_certificate_allocate_cred +gnutls_certificate_allocate_credentials +gnutls_certificate_client_get_request_status +gnutls_certificate_client_set_select_function +gnutls_certificate_expiration_time_peers +gnutls_certificate_free_cred +gnutls_certificate_free_credentials +gnutls_certificate_get_ours +gnutls_certificate_get_peers +gnutls_certificate_server_set_request +gnutls_certificate_server_set_select_function +gnutls_certificate_set_dh_params +gnutls_certificate_set_openpgp_keyserver +gnutls_certificate_set_rsa_params +gnutls_certificate_set_x509_key_file +gnutls_certificate_set_x509_key_mem +gnutls_certificate_set_x509_trust_file +gnutls_certificate_set_x509_trust_mem +gnutls_certificate_type_get +gnutls_certificate_type_get_name +gnutls_certificate_type_set_priority +gnutls_certificate_verify_peers +gnutls_cert_type_get +gnutls_cert_type_get_name +gnutls_cert_type_set_priority +gnutls_check_version +gnutls_cipher_get +gnutls_cipher_get_key_size +gnutls_cipher_get_name +gnutls_cipher_set_priority +gnutls_cipher_suite_get_name +gnutls_credentials_clear +gnutls_compression_get +gnutls_compression_get_name +gnutls_compression_set_priority +gnutls_credentials_set +gnutls_cred_set +gnutls_db_check_entry +gnutls_db_get_ptr +gnutls_db_remove_session +gnutls_db_set_cache_expiration +gnutls_db_set_ptr +gnutls_db_set_remove_function +gnutls_db_set_retrieve_function +gnutls_db_set_store_function +_gnutls_deinit +gnutls_deinit +gnutls_dh_get_peers_public_bits +gnutls_dh_get_prime_bits +gnutls_dh_get_secret_bits +gnutls_dh_params_deinit +gnutls_dh_params_generate +gnutls_dh_params_init +gnutls_dh_params_set +gnutls_dh_set_prime_bits +gnutls_error_is_fatal +gnutls_error_to_alert +gnutls_free +gnutls_get_dh_params +gnutls_get_server_name +gnutls_global_deinit +gnutls_global_init +gnutls_global_set_log_function +gnutls_global_set_mem_functions +gnutls_handshake +gnutls_handshake_get_direction +gnutls_handshake_set_exportable_detection +gnutls_handshake_set_max_packet_length +gnutls_handshake_set_private_extensions +gnutls_handshake_set_rsa_pms_check +gnutls_init +gnutls_kx_get +gnutls_kx_get_name +gnutls_kx_set_priority +gnutls_mac_get +gnutls_mac_get_name +gnutls_mac_set_priority +gnutls_malloc +gnutls_openpgp_send_key +gnutls_pem_base64_decode +gnutls_pem_base64_decode_alloc +gnutls_pem_base64_encode +gnutls_pem_base64_encode_alloc +gnutls_perror +gnutls_protocol_get_name +gnutls_protocol_get_version +gnutls_protocol_set_priority +gnutls_record_check_pending +gnutls_record_get_direction +gnutls_record_get_max_size +gnutls_record_recv +gnutls_record_send +gnutls_record_set_cbc_protection +gnutls_record_set_max_size +gnutls_rehandshake +gnutls_rsa_export_get_modulus_bits +gnutls_rsa_params_deinit +gnutls_rsa_params_generate +gnutls_rsa_params_init +gnutls_rsa_params_set +gnutls_server_name_get +gnutls_server_name_set +gnutls_session_get_data +gnutls_session_get_id +gnutls_session_get_ptr +gnutls_session_is_resumed +gnutls_session_set_data +gnutls_session_set_ptr +gnutls_set_default_export_priority +gnutls_set_default_priority +gnutls_set_server_name +gnutls_state_get_ptr +gnutls_state_set_ptr +_gnutls_strerror +gnutls_strerror +gnutls_transport_get_ptr +gnutls_transport_get_ptr2 +gnutls_transport_set_lowat +gnutls_transport_set_ptr +gnutls_transport_set_ptr2 +gnutls_transport_set_pull_function +gnutls_transport_set_push_function +gnutls_x509_certificate_to_xml +gnutls_x509_check_certificates_hostname +gnutls_x509_extract_certificate_activation_time +gnutls_x509_extract_certificate_ca_status +gnutls_x509_extract_certificate_dn +gnutls_x509_extract_certificate_dn_string +gnutls_x509_extract_certificate_expiration_time +gnutls_x509_extract_certificate_issuer_dn +gnutls_x509_extract_certificate_pk_algorithm +gnutls_x509_extract_certificate_serial +gnutls_x509_extract_certificate_subject_alt_name +gnutls_x509_extract_certificate_version +gnutls_x509_extract_dn +gnutls_x509_extract_dn_string +gnutls_x509_extract_key_pk_algorithm +gnutls_x509_fingerprint +gnutls_x509_pkcs7_extract_certificate +gnutls_x509_pkcs7_extract_certificate_count +gnutls_x509_verify_certificate diff --git a/lib/gnutls_auth.c b/lib/gnutls_auth.c index 1d81d56823..b669c6c1b4 100644 --- a/lib/gnutls_auth.c +++ b/lib/gnutls_auth.c @@ -33,8 +33,14 @@ * key etc. */ -/* This clears the whole linked list */ -int gnutls_clear_creds( gnutls_session session) { +/** + * gnutls_credentials_clear - Clears all the credentials previously set + * @session: is a &gnutls_session structure. + * + * Clears all the credentials previously set in this session. + * + **/ +void gnutls_credentials_clear( gnutls_session session) { AUTH_CRED * ccred, *ncred; if (session->key && session->key->cred) { /* begining of the list */ @@ -47,7 +53,7 @@ int gnutls_clear_creds( gnutls_session session) { session->key->cred = NULL; } - return 0; + return; } /* diff --git a/lib/gnutls_cipher_int.c b/lib/gnutls_cipher_int.c index 0620cabce2..49dc86cfb0 100644 --- a/lib/gnutls_cipher_int.c +++ b/lib/gnutls_cipher_int.c @@ -33,54 +33,27 @@ GNUTLS_CIPHER_HANDLE ret; ret = GNUTLS_CIPHER_FAILED; break; case GNUTLS_CIPHER_RIJNDAEL_128_CBC: -#ifdef USE_MCRYPT - ret = mcrypt_module_open( "rijndael-128", NULL, "cbc", NULL); -#else ret = gcry_cipher_open(GCRY_CIPHER_RIJNDAEL, GCRY_CIPHER_MODE_CBC, 0); -#endif break; case GNUTLS_CIPHER_RIJNDAEL_256_CBC: -#ifdef USE_MCRYPT - ret = mcrypt_module_open( "rijndael-128", NULL, "cbc", NULL); -#else ret = gcry_cipher_open(GCRY_CIPHER_RIJNDAEL256, GCRY_CIPHER_MODE_CBC, 0); -#endif break; case GNUTLS_CIPHER_TWOFISH_128_CBC: -#ifdef USE_MCRYPT - ret = mcrypt_module_open( "twofish", NULL, "cbc", NULL); -#else ret = gcry_cipher_open(GCRY_CIPHER_TWOFISH, GCRY_CIPHER_MODE_CBC, 0); -#endif break; case GNUTLS_CIPHER_3DES_CBC: -#ifdef USE_MCRYPT - ret = mcrypt_module_open( "tripledes", NULL, "cbc", NULL); -#else ret = gcry_cipher_open(GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_CBC, 0); -#endif break; case GNUTLS_CIPHER_ARCFOUR_128: case GNUTLS_CIPHER_ARCFOUR_40: -#ifdef USE_MCRYPT - ret = mcrypt_module_open( "arcfour", NULL, "stream", NULL); -#else ret = gcry_cipher_open(GCRY_CIPHER_ARCFOUR, GCRY_CIPHER_MODE_STREAM, 0); -#endif break; default: ret = GNUTLS_CIPHER_FAILED; } if (ret!=GNUTLS_CIPHER_FAILED) { -#ifdef USE_MCRYPT - /* ivsize is assumed to be blocksize */ - if ( mcrypt_generic_init( ret, key.data, key.size, iv.data) < 0) { - return GNUTLS_CIPHER_FAILED; - }; -#else gcry_cipher_setkey(ret, key.data, key.size); if (iv.data!=NULL && iv.size>0) gcry_cipher_setiv(ret, iv.data, iv.size); -#endif } return ret; @@ -88,38 +61,26 @@ return ret; int _gnutls_cipher_encrypt(GNUTLS_CIPHER_HANDLE handle, void* text, int textlen) { if (handle!=GNUTLS_CIPHER_FAILED) { -#ifdef USE_MCRYPT - mcrypt_generic( handle, text, textlen); -#else if (gcry_cipher_encrypt( handle, text, textlen, NULL, textlen)!=0) { gnutls_assert(); return GNUTLS_E_INTERNAL_ERROR; } -#endif } return 0; } int _gnutls_cipher_decrypt(GNUTLS_CIPHER_HANDLE handle, void* ciphertext, int ciphertextlen) { if (handle!=GNUTLS_CIPHER_FAILED) { -#ifdef USE_MCRYPT - mdecrypt_generic( handle, ciphertext, ciphertextlen); -#else if (gcry_cipher_decrypt( handle, ciphertext, ciphertextlen, NULL, ciphertextlen)!=0) { gnutls_assert(); return GNUTLS_E_INTERNAL_ERROR; } -#endif } return 0; } void _gnutls_cipher_deinit(GNUTLS_CIPHER_HANDLE handle) { if (handle!=GNUTLS_CIPHER_FAILED) { -#ifdef USE_MCRYPT - mcrypt_generic_end( handle); -#else gcry_cipher_close(handle); -#endif } } diff --git a/lib/gnutls_cipher_int.h b/lib/gnutls_cipher_int.h index b5712819c8..0f2e55439b 100644 --- a/lib/gnutls_cipher_int.h +++ b/lib/gnutls_cipher_int.h @@ -21,14 +21,8 @@ #ifndef GNUTLS_CIPHER_INT # define GNUTLS_CIPHER_INT -#ifdef USE_MCRYPT -# include <mcrypt.h> -# define GNUTLS_CIPHER_HANDLE MCRYPT -# define GNUTLS_CIPHER_FAILED MCRYPT_FAILED -#else -# define GNUTLS_CIPHER_HANDLE GCRY_CIPHER_HD -# define GNUTLS_CIPHER_FAILED NULL -#endif +#define GNUTLS_CIPHER_HANDLE GCRY_CIPHER_HD +#define GNUTLS_CIPHER_FAILED NULL GNUTLS_CIPHER_HANDLE _gnutls_cipher_init( gnutls_cipher_algorithm cipher, gnutls_datum key, gnutls_datum iv); int _gnutls_cipher_encrypt(GNUTLS_CIPHER_HANDLE handle, void* text, int textlen); diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c index 446ef71669..adb6094190 100644 --- a/lib/gnutls_hash_int.c +++ b/lib/gnutls_hash_int.c @@ -37,11 +37,7 @@ GNUTLS_HASH_HANDLE _gnutls_hash_init(gnutls_mac_algorithm algorithm) ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); if (ret == NULL) return GNUTLS_HASH_FAILED; -#ifdef USE_MHASH - ret->handle = mhash_init(MHASH_SHA1); -#else ret->handle = gcry_md_open(GCRY_MD_SHA1, 0); -#endif if (!ret->handle) { gnutls_free(ret); ret = GNUTLS_HASH_FAILED; @@ -52,11 +48,7 @@ GNUTLS_HASH_HANDLE _gnutls_hash_init(gnutls_mac_algorithm algorithm) ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); if (ret == NULL) return GNUTLS_HASH_FAILED; -#ifdef USE_MHASH - ret->handle = mhash_init(MHASH_MD5); -#else ret->handle = gcry_md_open(GCRY_MD_MD5, 0); -#endif if (!ret->handle) { gnutls_free(ret); ret = GNUTLS_HASH_FAILED; @@ -79,18 +71,10 @@ int _gnutls_hash_get_algo_len(gnutls_mac_algorithm algorithm) switch (algorithm) { case GNUTLS_MAC_SHA: -#ifdef USE_MHASH - ret = mhash_get_block_size(MHASH_SHA1); -#else ret = gcry_md_get_algo_dlen(GCRY_MD_SHA1); -#endif break; case GNUTLS_MAC_MD5: -#ifdef USE_MHASH - ret = mhash_get_block_size(MHASH_MD5); -#else ret = gcry_md_get_algo_dlen(GCRY_MD_MD5); -#endif break; default: ret = 0; @@ -103,11 +87,7 @@ int _gnutls_hash_get_algo_len(gnutls_mac_algorithm algorithm) int _gnutls_hash(GNUTLS_HASH_HANDLE handle, const void *text, size_t textlen) { if (textlen > 0) -#ifdef USE_MHASH - mhash(handle->handle, text, textlen); -#else gcry_md_write(handle->handle, text, textlen); -#endif return 0; } @@ -124,11 +104,7 @@ GNUTLS_HASH_HANDLE _gnutls_hash_copy(GNUTLS_HASH_HANDLE handle) ret->key = NULL; /* it's a hash anyway */ ret->keysize = 0; -#ifdef USE_MHASH - ret->handle = mhash_cp(handle->handle); -#else ret->handle = gcry_md_copy(handle->handle); -#endif if (ret->handle == NULL) { gnutls_free(ret); @@ -143,17 +119,6 @@ void _gnutls_hash_deinit(GNUTLS_HASH_HANDLE handle, void *digest) char *mac; int maclen; -#ifdef USE_MHASH - opaque *ret; - - if (digest != NULL) - mhash_deinit(handle->handle, digest); - else { - opaque *ret; - ret = mhash_end(handle->handle); - free(ret); - } -#else maclen = gcry_md_get_algo_dlen(gcry_md_get_algo(handle->handle)); gcry_md_final(handle->handle); mac = gcry_md_read(handle->handle, 0); @@ -162,7 +127,7 @@ void _gnutls_hash_deinit(GNUTLS_HASH_HANDLE handle, void *digest) _gnutls_hash_get_algo_len(handle->algorithm)); gcry_md_close(handle->handle); -#endif + gnutls_free(handle); return; } @@ -181,12 +146,10 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(gnutls_mac_algorithm algorithm, ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); if (ret == NULL) return GNUTLS_MAC_FAILED; -#ifdef USE_MHASH - ret->handle = mhash_hmac_init(MHASH_SHA1, key, keylen, 0); -#else + ret->handle = gcry_md_open(GCRY_MD_SHA1, GCRY_MD_FLAG_HMAC); -#endif + if (!ret->handle) ret = GNUTLS_MAC_FAILED; break; @@ -194,11 +157,9 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(gnutls_mac_algorithm algorithm, ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT)); if (ret == NULL) return GNUTLS_MAC_FAILED; -#ifdef USE_MHASH - ret->handle = mhash_hmac_init(MHASH_MD5, key, keylen, 0); -#else + ret->handle = gcry_md_open(GCRY_MD_MD5, GCRY_MD_FLAG_HMAC); -#endif + if (!ret->handle) ret = GNUTLS_MAC_FAILED; break; @@ -207,9 +168,6 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(gnutls_mac_algorithm algorithm, } if (ret != GNUTLS_MAC_FAILED) { -#ifndef USE_MHASH - gcry_md_setkey(ret->handle, key, keylen); -#endif ret->algorithm = algorithm; ret->key = key; ret->keysize = keylen; @@ -230,18 +188,10 @@ int _gnutls_hmac_get_algo_len(gnutls_mac_algorithm algorithm) ret = 0; break; case GNUTLS_MAC_SHA: -#ifdef USE_MHASH - ret = mhash_get_block_size(MHASH_SHA1); -#else ret = gcry_md_get_algo_dlen(GCRY_MD_SHA1); -#endif break; case GNUTLS_MAC_MD5: -#ifdef USE_MHASH - ret = mhash_get_block_size(MHASH_MD5); -#else ret = gcry_md_get_algo_dlen(GCRY_MD_MD5); -#endif break; default: ret = 0; @@ -254,11 +204,7 @@ int _gnutls_hmac_get_algo_len(gnutls_mac_algorithm algorithm) int _gnutls_hmac(GNUTLS_MAC_HANDLE handle, const void *text, size_t textlen) { -#ifdef USE_MHASH - mhash(handle->handle, text, textlen); -#else gcry_md_write(handle->handle, text, textlen); -#endif return 0; } @@ -268,17 +214,6 @@ void _gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle, void *digest) char *mac; int maclen; -#ifdef USE_MHASH - char *ret; - - if (digest != NULL) - mhash_hmac_deinit(handle->handle, digest); - else { - opaque *ret; - ret = mhash_hmac_end(handle->handle); - free(ret); - } -#else maclen = gcry_md_get_algo_dlen(gcry_md_get_algo(handle->handle)); gcry_md_final(handle->handle); @@ -288,7 +223,7 @@ void _gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle, void *digest) memcpy(digest, mac, maclen); gcry_md_close(handle->handle); -#endif + gnutls_free(handle); return; } diff --git a/lib/gnutls_hash_int.h b/lib/gnutls_hash_int.h index fa59828ee5..c5612d8240 100644 --- a/lib/gnutls_hash_int.h +++ b/lib/gnutls_hash_int.h @@ -23,18 +23,10 @@ #include <gnutls_int.h> -#ifdef USE_MHASH -# include <mhash.h> -#endif - /* for message digests */ typedef struct { -#ifdef USE_MHASH - MHASH handle; -#else GCRY_MD_HD handle; -#endif gnutls_mac_algorithm algorithm; const void* key; int keysize; diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 6404e1e745..950916b823 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -260,7 +260,7 @@ void _gnutls_deinit(gnutls_session session) _gnutls_buffer_clear( &session->internals.record_recv_buffer); _gnutls_buffer_clear( &session->internals.record_send_buffer); - gnutls_clear_creds( session); + gnutls_credentials_clear( session); if (session->connection_state.read_cipher_state != NULL) _gnutls_cipher_deinit(session->connection_state.read_cipher_state); diff --git a/libextra/Makefile.am b/libextra/Makefile.am index 8d9bb2adc3..52ad8af166 100644 --- a/libextra/Makefile.am +++ b/libextra/Makefile.am @@ -7,7 +7,7 @@ m4data_DATA = libgnutls-extra.m4 EXTRA_DIST = ext_srp.h gnutls_srp.h \ auth_srp.h auth_srp_passwd.h gnutls_openpgp.h \ gnutls-extra-api.tex gnutls_extra.h libgnutls-extra-config.in \ - libgnutls-extra.m4 lzoconf.h minilzo.h + libgnutls-extra.m4 lzoconf.h minilzo.h gnutls-extra.sym lib_LTLIBRARIES = libgnutls-extra.la @@ -18,7 +18,7 @@ COBJECTS_EXTRA = ext_srp.c \ auth_srp_rsa.c libgnutls_extra_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE) \ - $(LIBOPENCDK_LIBS) $(LZO_LINK) + $(LIBOPENCDK_LIBS) $(LZO_LINK) -export-symbols gnutls-extra.sym libgnutls_extra_la_LIBADD = $(LZO_OBJECTS) ../lib/libgnutls.la libgnutls_extra_la_DEPENDENCIES = $(LZO_OBJECTS) diff --git a/libextra/gnutls-extra.sym b/libextra/gnutls-extra.sym new file mode 100644 index 0000000000..14c3ffdf6d --- /dev/null +++ b/libextra/gnutls-extra.sym @@ -0,0 +1,43 @@ +gnutls_certificate_set_openpgp_key_file +gnutls_certificate_set_openpgp_key_mem +gnutls_certificate_set_openpgp_keyring_file +gnutls_certificate_set_openpgp_keyring_mem +gnutls_certificate_set_openpgp_keyserver +gnutls_certificate_set_openpgp_trustdb +gnutls_extra_check_version +gnutls_global_init_extra +gnutls_openpgp_add_keyring_file +gnutls_openpgp_add_keyring_mem +gnutls_openpgp_count_key_names +gnutls_openpgp_extract_key_creation_time +gnutls_openpgp_extract_key_expiration_time +gnutls_openpgp_extract_key_id +gnutls_openpgp_extract_key_name +gnutls_openpgp_extract_key_name_string +gnutls_openpgp_extract_key_pk_algorithm +gnutls_openpgp_extract_key_version +gnutls_openpgp_fingerprint +gnutls_openpgp_get_key +gnutls_openpgp_key_to_xml +gnutls_openpgp_set_recv_key_function +gnutls_openpgp_verify_key +gnutls_srp_allocate_client_cred +gnutls_srp_allocate_client_credentials +gnutls_srp_allocate_server_cred +gnutls_srp_allocate_server_credentials +gnutls_srp_base64_decode +gnutls_srp_base64_decode_alloc +gnutls_srp_base64_encode +gnutls_srp_base64_encode_alloc +gnutls_srp_free_client_cred +gnutls_srp_free_client_credentials +gnutls_srp_free_server_cred +gnutls_srp_free_server_credentials +gnutls_srp_server_get_username +gnutls_srp_server_set_select_function +gnutls_srp_set_client_cred +gnutls_srp_set_client_credentials +gnutls_srp_set_server_credentials_file +gnutls_srp_set_server_credentials_function +gnutls_srp_set_server_cred_file +gnutls_srp_verifier |