several cleanups.

8 files changed, 141 insertions, 136 deletions

diff --git a/lib/gnutls.h.in.in b/lib/gnutls.h.in.in
index 348ee1cdd7..329f7e22f1 100644
--- a/lib/gnutls.h.in.in
+++ b/lib/gnutls.h.in.in
@@ -94,7 +94,8 @@ typedef enum gnutls_alert_description { GNUTLS_A_CLOSE_NOTIFY,
 	GNUTLS_A_DECRYPT_ERROR, GNUTLS_A_EXPORT_RESTRICTION=60, GNUTLS_A_PROTOCOL_VERSION=70,
 	GNUTLS_A_INSUFFICIENT_SECURITY, GNUTLS_A_INTERNAL_ERROR=80, GNUTLS_A_USER_CANCELED=90,
 	GNUTLS_A_NO_RENEGOTIATION=100, GNUTLS_A_UNSUPPORTED_EXTENSION=110,
-	GNUTLS_A_CERTIFICATE_UNOBTAINABLE=111, GNUTLS_A_UNRECOGNIZED_NAME=112
+	GNUTLS_A_CERTIFICATE_UNOBTAINABLE=111, GNUTLS_A_UNRECOGNIZED_NAME=112,
+	GNUTLS_A_UNKNOWN_SRP_USERNAME=120, GNUTLS_A_MISSING_SRP_USERNAME=121
 } gnutls_alert_description;
 
 typedef enum gnutls_handshake_description { GNUTLS_HANDSHAKE_HELLO_REQUEST, 
diff --git a/lib/gnutls_alert.c b/lib/gnutls_alert.c
index 68ec163551..a4731efa3f 100644
--- a/lib/gnutls_alert.c
+++ b/lib/gnutls_alert.c
@@ -57,6 +57,8 @@ static const gnutls_alert_entry sup_alerts[] = {
 	{ GNUTLS_A_CERTIFICATE_UNOBTAINABLE, "Could not retrieve the specified certificate" },
 	{ GNUTLS_A_UNSUPPORTED_EXTENSION, "An unsupported extension was sent" },
 	{ GNUTLS_A_UNRECOGNIZED_NAME, "The server name sent was not recognized" },
+	{ GNUTLS_A_UNKNOWN_SRP_USERNAME, "The SRP username is not known" },
+	{ GNUTLS_A_MISSING_SRP_USERNAME, "The SRP username was not sent" },
 	{0, NULL}
 };
 
@@ -150,9 +152,7 @@ int _level = -1;
 			_level = GNUTLS_AL_FATAL;
 			break;
 		case GNUTLS_E_EMPTY_SRP_USERNAME:
-			/* FIXME: needs to be changed
-			 */
-			ret = GNUTLS_A_ACCESS_DENIED;
+			ret = GNUTLS_A_MISSING_SRP_USERNAME;
 			_level = GNUTLS_AL_FATAL;
 			break;
 		case GNUTLS_E_DECOMPRESSION_FAILED:
@@ -181,13 +181,16 @@ int _level = -1;
                         break;
 		case GNUTLS_E_UNKNOWN_CIPHER_SUITE:
 		case GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM:
-                case GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION:
                 case GNUTLS_E_INSUFICIENT_CREDENTIALS:
 		case GNUTLS_E_NO_CIPHER_SUITES:
 		case GNUTLS_E_NO_COMPRESSION_ALGORITHMS:
                         ret = GNUTLS_A_HANDSHAKE_FAILURE;
 			_level = GNUTLS_AL_FATAL;
                         break;
+                case GNUTLS_E_RECEIVED_ILLEGAL_EXTENSION:
+                	ret = GNUTLS_A_UNSUPPORTED_EXTENSION;
+                	_level = GNUTLS_AL_FATAL;
+                	break;
 		case GNUTLS_E_UNEXPECTED_PACKET:
                         ret = GNUTLS_A_UNEXPECTED_MESSAGE;
 			_level = GNUTLS_AL_FATAL;
diff --git a/lib/gnutls_alert.h b/lib/gnutls_alert.h
index ba815c889a..e877c9ab57 100644
--- a/lib/gnutls_alert.h
+++ b/lib/gnutls_alert.h
@@ -14,7 +14,8 @@ typedef enum AlertDescription {
 	GNUTLS_A_PROTOCOL_VERSION=70, GNUTLS_A_INSUFFICIENT_SECURITY, 
 	GNUTLS_A_INTERNAL_ERROR=80, GNUTLS_A_USER_CANCELED=90,
 	GNUTLS_A_NO_RENEGOTIATION=100, GNUTLS_A_UNSUPPORTED_EXTENSION=110,
-	GNUTLS_A_CERTIFICATE_UNOBTAINABLE=111, GNUTLS_A_UNRECOGNIZED_NAME=112
+	GNUTLS_A_CERTIFICATE_UNOBTAINABLE=111, GNUTLS_A_UNRECOGNIZED_NAME=112,
+	GNUTLS_A_UNKNOWN_SRP_USERNAME=120, GNUTLS_A_MISSING_SRP_USERNAME=121
 } gnutls_alert_description;
 
 gnutls_alert_description gnutls_alert_get( gnutls_session session);
diff --git a/lib/x509/common.c b/lib/x509/common.c
index a7273f04e5..a2ce341cfb 100644
--- a/lib/x509/common.c
+++ b/lib/x509/common.c
@@ -27,6 +27,7 @@
 #include <gnutls_str.h>
 #include <gnutls_x509.h>
 #include <gnutls_num.h>
+#include <x509_b64.h>
 #include <common.h>
 
 typedef struct _oid2string {
@@ -487,3 +488,126 @@ gnutls_x509_subject_alt_name _gnutls_x509_san_find_type( char* str_type) {
 	if (strcmp( str_type, "iPAddress")==0) return GNUTLS_SAN_IPADDRESS;
 	return -1;
 }
+
+/* A generic export function. Will export the given ASN.1 encoded data
+ * to PEM or DER raw data.
+ */
+int _gnutls_x509_export_int( ASN1_TYPE asn1_data,
+	gnutls_x509_crt_fmt format, char* pem_header,
+	int tmp_buf_size, unsigned char* output_data, int* output_data_size)
+{
+	int result;
+	if (tmp_buf_size == 0) tmp_buf_size = 16*1024;
+	
+	if (format == GNUTLS_X509_FMT_DER) {
+		if (output_data == NULL) *output_data_size = 0;
+	
+		if ((result=asn1_der_coding( asn1_data, "", output_data, output_data_size, NULL)) != ASN1_SUCCESS) {
+			if (result == ASN1_MEM_ERROR)
+				return GNUTLS_E_SHORT_MEMORY_BUFFER;
+
+			gnutls_assert();
+			return _gnutls_asn2err(result);
+		}
+
+	} else { /* PEM */
+		opaque *tmp;
+		opaque *out;
+		int len = tmp_buf_size;
+		
+		tmp = gnutls_alloca( len);
+		if (tmp == NULL) {
+			gnutls_assert();
+			return GNUTLS_E_MEMORY_ERROR;
+		}
+
+		if ((result=asn1_der_coding( asn1_data, "", tmp, &len, NULL)) != ASN1_SUCCESS) {
+			gnutls_assert();
+			if (result == ASN1_MEM_ERROR) {
+				_gnutls_x509_log("Length required for der coding: %d\n", len);
+				*output_data_size = B64FSIZE(strlen(pem_header),len);
+			}
+			gnutls_afree(tmp);
+			return _gnutls_asn2err(result);
+		}
+
+		result = _gnutls_fbase64_encode( pem_header,
+						tmp, len, &out);
+
+		gnutls_afree(tmp);
+
+		if (result < 0) {
+			gnutls_assert();
+			return result;
+		}
+
+		if (result == 0) {	/* oooops */
+			gnutls_assert();
+			return GNUTLS_E_INTERNAL_ERROR;
+		}
+
+		if (result + 1 > *output_data_size) {
+			gnutls_assert();
+			gnutls_free(out);
+			*output_data_size = result;
+			return GNUTLS_E_SHORT_MEMORY_BUFFER;
+		}
+
+		*output_data_size = result;
+		
+		if (output_data) {
+			memcpy( output_data, out, result);
+			output_data[result] = 0;
+		}
+		gnutls_free( out);
+		
+	}
+
+	return 0;
+}
+
+/* DER Encodes the src ASN1_TYPE and stores it to
+ * dest in dest_name. Usefull to encode something and store it
+ * as OCTET.
+ */
+int _gnutls_x509_der_encode_and_copy( ASN1_TYPE src, const char* src_name,
+	ASN1_TYPE dest, const char* dest_name)
+{
+int size, result;
+opaque *data = NULL;
+
+	size = 0;
+	result = asn1_der_coding( src, src_name, NULL, &size, NULL);
+	if (result != ASN1_MEM_ERROR) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	/* allocate data for the der
+	 */
+	data = gnutls_alloca( size);
+	if (data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
+	result = asn1_der_coding( src, src_name, data, &size, NULL);
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		gnutls_afree(data);
+		return _gnutls_asn2err(result);
+	}
+	
+	/* Write the key derivation algorithm
+	 */
+	result = asn1_write_value( dest, dest_name, data, size);
+
+	gnutls_afree(data);
+
+	if (result != ASN1_SUCCESS) {
+		gnutls_assert();
+		return _gnutls_asn2err(result);
+	}
+
+	return 0;
+}
diff --git a/lib/x509/common.h b/lib/x509/common.h
index 0661c4d153..2d90b941a0 100644
--- a/lib/x509/common.h
+++ b/lib/x509/common.h
@@ -35,3 +35,9 @@ const char* _gnutls_x509_mac2oid( gnutls_mac_algorithm mac);
 time_t _gnutls_x509_get_time(ASN1_TYPE c2, const char *when);
 
 gnutls_x509_subject_alt_name _gnutls_x509_san_find_type( char* str_type);
+
+int _gnutls_x509_der_encode_and_copy( ASN1_TYPE src, const char* src_name,
+	ASN1_TYPE dest, const char* dest_name);
+int _gnutls_x509_export_int( ASN1_TYPE asn1_data,
+	gnutls_x509_crt_fmt format, char* pem_header,
+	int tmp_buf_size, unsigned char* output_data, int* output_data_size);
diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c
index 108f91ab57..b0b0c1a2e9 100644
--- a/lib/x509/privkey_pkcs8.c
+++ b/lib/x509/privkey_pkcs8.c
@@ -894,54 +894,6 @@ int key_size;
 }
 
 
-
-/* DER Encodes the src ASN1_TYPE and stores it to
- * dest in dest_name. Usefull to encode something and store it
- * as OCTET.
- */
-int _gnutls_x509_der_encode_and_copy( ASN1_TYPE src, const char* src_name,
-	ASN1_TYPE dest, const char* dest_name)
-{
-int size, result;
-opaque *data = NULL;
-
-	size = 0;
-	result = asn1_der_coding( src, src_name, NULL, &size, NULL);
-	if (result != ASN1_MEM_ERROR) {
-		gnutls_assert();
-		return _gnutls_asn2err(result);
-	}
-
-	/* allocate data for the der
-	 */
-	data = gnutls_alloca( size);
-	if (data == NULL) {
-		gnutls_assert();
-		return GNUTLS_E_MEMORY_ERROR;
-	}
-
-	result = asn1_der_coding( src, src_name, data, &size, NULL);
-	if (result != ASN1_SUCCESS) {
-		gnutls_assert();
-		gnutls_afree(data);
-		return _gnutls_asn2err(result);
-	}
-	
-	/* Write the key derivation algorithm
-	 */
-	result = asn1_write_value( dest, dest_name, data, size);
-
-	gnutls_afree(data);
-
-	if (result != ASN1_SUCCESS) {
-		gnutls_assert();
-		return _gnutls_asn2err(result);
-	}
-
-	return 0;
-}
-
-
 /* Writes the PBKDF2 parameters.
  */
 static int write_pbkdf2_params( ASN1_TYPE pbes2_asn, const struct pbkdf2_params *kdf_params)
diff --git a/lib/x509/x509.c b/lib/x509/x509.c
index ad72a05d1c..75f0bdd86d 100644
--- a/lib/x509/x509.c
+++ b/lib/x509/x509.c
@@ -1091,79 +1091,3 @@ int gnutls_x509_crt_export( gnutls_x509_crt cert,
 }
 
 
-/* A generic export function. Will export the given ASN.1 encoded data
- * to PEM or DER raw data.
- */
-int _gnutls_x509_export_int( ASN1_TYPE asn1_data,
-	gnutls_x509_crt_fmt format, char* pem_header,
-	int tmp_buf_size, unsigned char* output_data, int* output_data_size)
-{
-	int result;
-	if (tmp_buf_size == 0) tmp_buf_size = 16*1024;
-	
-	if (format == GNUTLS_X509_FMT_DER) {
-		if (output_data == NULL) *output_data_size = 0;
-	
-		if ((result=asn1_der_coding( asn1_data, "", output_data, output_data_size, NULL)) != ASN1_SUCCESS) {
-			if (result == ASN1_MEM_ERROR)
-				return GNUTLS_E_SHORT_MEMORY_BUFFER;
-
-			gnutls_assert();
-			return _gnutls_asn2err(result);
-		}
-
-	} else { /* PEM */
-		opaque *tmp;
-		opaque *out;
-		int len = tmp_buf_size;
-		
-		tmp = gnutls_alloca( len);
-		if (tmp == NULL) {
-			gnutls_assert();
-			return GNUTLS_E_MEMORY_ERROR;
-		}
-
-		if ((result=asn1_der_coding( asn1_data, "", tmp, &len, NULL)) != ASN1_SUCCESS) {
-			gnutls_assert();
-			if (result == ASN1_MEM_ERROR) {
-				_gnutls_x509_log("Length required for der coding: %d\n", len);
-				*output_data_size = B64FSIZE(strlen(pem_header),len);
-			}
-			gnutls_afree(tmp);
-			return _gnutls_asn2err(result);
-		}
-
-		result = _gnutls_fbase64_encode( pem_header,
-						tmp, len, &out);
-
-		gnutls_afree(tmp);
-
-		if (result < 0) {
-			gnutls_assert();
-			return result;
-		}
-
-		if (result == 0) {	/* oooops */
-			gnutls_assert();
-			return GNUTLS_E_INTERNAL_ERROR;
-		}
-
-		if (result + 1 > *output_data_size) {
-			gnutls_assert();
-			gnutls_free(out);
-			*output_data_size = result;
-			return GNUTLS_E_SHORT_MEMORY_BUFFER;
-		}
-
-		*output_data_size = result;
-		
-		if (output_data) {
-			memcpy( output_data, out, result);
-			output_data[result] = 0;
-		}
-		gnutls_free( out);
-		
-	}
-
-	return 0;
-}
diff --git a/lib/x509/x509.h b/lib/x509/x509.h
index 149767f885..6f061c5577 100644
--- a/lib/x509/x509.h
+++ b/lib/x509/x509.h
@@ -64,9 +64,6 @@ typedef struct gnutls_x509_privkey_int {
 	ASN1_TYPE key;
 } gnutls_x509_privkey_int;
 
-int _gnutls_x509_der_encode_and_copy( ASN1_TYPE src, const char* src_name,
-	ASN1_TYPE dest, const char* dest_name);
-
 typedef struct gnutls_x509_crt_int *gnutls_x509_crt;
 typedef struct gnutls_x509_crl_int *gnutls_x509_crl;
 typedef struct gnutls_x509_privkey_int *gnutls_x509_privkey;
@@ -140,8 +137,5 @@ int gnutls_x509_privkey_export_rsa_raw(gnutls_x509_privkey key,
 int gnutls_x509_privkey_export( gnutls_x509_privkey key,
 	gnutls_x509_crt_fmt format, unsigned char* output_data, int* output_data_size);
 
-int _gnutls_x509_export_int( ASN1_TYPE asn1_data,
-	gnutls_x509_crt_fmt format, char* pem_header,
-	int tmp_buf_size, unsigned char* output_data, int* output_data_size);
 
 #endif