Included gnutls_1_0_0_patches.

11 files changed, 47 insertions, 35 deletions

diff --git a/NEWS b/NEWS
index a847dbc03c..d84c49c0d7 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,8 @@
+Version 1.0.1
+- Some minor fixes in the makefiles. They now include CFLAGS
+  from libgcrypt or opencdk if installed in a non standard directory.
+- Fixed the SRP detection test in gnutls-cli-debug.
+
 Version 1.0.0 (04/12/2003)
 - Exported the static SRP group parameters.
 - Some fixes in the certificate authenticated SRP ciphersuites.
diff --git a/THANKS b/THANKS
index ea3609ba82..6503ecd403 100644
--- a/THANKS
+++ b/THANKS
@@ -12,7 +12,7 @@ Mike Siers                <mikes@poliac.com>
 Marc Huber                <Marc.Huber@web.de>
 Guillaume Morin           <guillaume@morinfr.org>
 Jeff Johnson              <jbj@redhat.com>
-David Taylor              <dtaylo11@bigpond.net.au>
+David Taylor              <dtaylor@swiftdsl.com.au>
 Ivo Timmermans            <ivo@o2w.nl>
 Ian Peters                <itp@ximian.com>
 Arne Thomassen            <arne@arne-thomassen.de>
diff --git a/lib/Makefile.am b/lib/Makefile.am
index 7924cfcdea..c5ff61952f 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -1,4 +1,4 @@
-INCLUDES = -I../libextra -Iminitasn1/ -I../includes
+INCLUDES = -I../libextra -Iminitasn1/ -I../includes $(LIBGCRYPT_CFLAGS)
 bin_SCRIPTS = libgnutls-config
 
 m4datadir = $(datadir)/aclocal
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index f37150d751..2ff75b491a 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -1867,8 +1867,8 @@ static int _gnutls_handshake_hash_init( gnutls_session session) {
   *
   * The non-fatal errors such as GNUTLS_E_AGAIN and GNUTLS_E_INTERRUPTED
   * interrupt the handshake procedure, which should be later be resumed.
-  * (call this function again, until it returns 0); cf.
-  * gnutls_record_get_direction().
+  * Call this function again, until it returns 0; cf.
+  * gnutls_record_get_direction() and gnutls_error_is_fatal().
   *
   * If this function is called by a server after a rehandshake request then
   * GNUTLS_E_GOT_APPLICATION_DATA or GNUTLS_E_WARNING_ALERT_RECEIVED 
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 39dd791eb1..9cedd37f47 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -896,22 +896,22 @@ ssize_t _gnutls_recv_int( gnutls_session session, ContentType type, HandshakeTyp
   * @data: contains the data to send
   * @sizeofdata: is the length of the data
   *
-  * This function has the similar semantics to write(). The only
+  * This function has the similar semantics with recv(). The only
   * difference is that is accepts a GNUTLS session, and uses different
   * error codes.
   *
-  * If the EINTR is returned by the internal push function (write())
+  * If the EINTR is returned by the internal push function (the default is recv())
   * then GNUTLS_E_INTERRUPTED will be returned. If GNUTLS_E_INTERRUPTED or
   * GNUTLS_E_AGAIN is returned, you must call this function again, with the
-  * same parameters; cf. gnutls_record_get_direction(). Otherwise the write
-  * operation will be corrupted and the connection will be terminated.
-  *
-  * This function may accept a NULL pointer for data, and 0 for size, if
-  * and only if the previous send was interrupted for some reason.
+  * same parameters; cf. gnutls_record_get_direction(). Alternatively
+  * you could provide a NULL pointer for data, and 0 for size. 
+  * Otherwise the write operation will be corrupted and the connection 
+  * will be terminated.
   *
   * Returns the number of bytes sent, or a negative error code. The number
   * of bytes sent might be less than @sizeofdata. The maximum number of bytes
-  * this function can send in a single call depends on the maximum record size.
+  * this function can send in a single call depends on the negotiated
+  * maximum record size.
   *
   **/
 ssize_t gnutls_record_send( gnutls_session session, const void *data, size_t sizeofdata) 
@@ -925,14 +925,16 @@ ssize_t gnutls_record_send( gnutls_session session, const void *data, size_t siz
   * @data: contains the data to send
   * @sizeofdata: is the length of the data
   *
-  * This function has the similar semantics to read(). The only
+  * This function has the similar semantics to send(). The only
   * difference is that is accepts a GNUTLS session.
-  * Also returns the number of bytes received, zero on EOF, but
-  * a negative error code in case of an error.
   *
-  * If this function returns GNUTLS_E_REHANDSHAKE, then you may
-  * ignore this message, send an alert containing NO_RENEGOTIATION, 
-  * or perform a handshake again. (only a client may receive this message)
+  * If the server requests a renegotiation the client may receive
+  * and error code of GNUTLS_E_REHANDSHAKE. This message may be
+  * simply ignored, replied with an alert containing NO_RENEGOTIATION, 
+  * or replied with a new handshake. 
+  *
+  * Returns the number of bytes received and zero on EOF.
+  * A negative error code is returned in case of an error.
   *
   **/
 ssize_t gnutls_record_recv( gnutls_session session, void *data, size_t sizeofdata) 
diff --git a/libextra/Makefile.am b/libextra/Makefile.am
index 65e8971d5a..0a28bb78b2 100644
--- a/libextra/Makefile.am
+++ b/libextra/Makefile.am
@@ -1,4 +1,4 @@
-INCLUDES = -I../lib -I../includes -I../lib/minitasn1/
+INCLUDES = -I../lib -I../includes -I../lib/minitasn1/ $(LIBOPENCDK_CFLAGS) $(LIBGCRYPT_CFLAGS)
 bin_SCRIPTS = libgnutls-extra-config
 SUBDIRS = openpgp
 
diff --git a/libextra/openpgp/Makefile.am b/libextra/openpgp/Makefile.am
index a2b883b0ec..174cd01262 100644
--- a/libextra/openpgp/Makefile.am
+++ b/libextra/openpgp/Makefile.am
@@ -1,4 +1,4 @@
-INCLUDES = -I../ -I../../includes/ -I../../lib -I../../lib/minitasn1
+INCLUDES = -I../ -I../../includes/ -I../../lib -I../../lib/minitasn1 $(LIBOPENCDK_CFLAGS) $(LIBGCRYPT_CFLAGS)
 EXTRA_DIST = openpgp.h gnutls_openpgp.h
 
 noinst_LTLIBRARIES = libpgp.la
diff --git a/src/cli.c b/src/cli.c
index d3042166b6..539251efe9 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -422,7 +422,7 @@ int main(int argc, char **argv)
 		}
 
 		if (FD_ISSET(sd, &rset)) {
-			bzero(buffer, MAX_BUF + 1);
+			memset(buffer, 0, MAX_BUF + 1);
 			ret = socket_recv(hd, buffer, MAX_BUF);
 
 			if (ret == 0) {
diff --git a/src/tests.c b/src/tests.c
index 982db31730..8c80e4f322 100644
--- a/src/tests.c
+++ b/src/tests.c
@@ -41,7 +41,6 @@ extern gnutls_anon_client_credentials anon_cred;
 extern gnutls_certificate_credentials xcred;
 
 extern int more_info;
-static int srp = 0;
 static int dh_bits;
 
 extern int tls1_ok;
@@ -76,16 +75,6 @@ int ret, alert;
 			GERR(ret);
 		}
 
-		if (srp) {
-			if ((ret == GNUTLS_E_WARNING_ALERT_RECEIVED || ret ==
-				GNUTLS_E_FATAL_ALERT_RECEIVED) &&
-				gnutls_alert_get(session) == GNUTLS_A_MISSING_SRP_USERNAME)
-				return SUCCEED;
-
-			if (ret == GNUTLS_E_DECRYPTION_FAILED)
-				return SUCCEED; /* SRP was detected */
-		}
-
 		if (ret < 0) return GFAILED;
 
 		gnutls_session_get_data(session, NULL, &session_data_size);
@@ -182,6 +171,18 @@ static void ADD_PROTOCOL(gnutls_session session, int protocol) {
 }
 
 #ifdef ENABLE_SRP
+static int srp_detected;
+
+int _test_srp_username_callback( gnutls_session session, unsigned int times,
+	char** username, char** password)
+{
+	if (times == 1) {
+		srp_detected = 1;
+	}
+
+	return -1;
+}
+
 int test_srp( gnutls_session session) {
 int ret;
 
@@ -192,14 +193,14 @@ int ret;
 		ADD_ALL_MACS(session);
 
 		ADD_KX(session, GNUTLS_KX_SRP);
-		srp = 1;
+		srp_detected = 0;
 
 		gnutls_credentials_set(session, GNUTLS_CRD_SRP, srp_cred);
 
 		ret = do_handshake( session);
-		srp = 0;
 		
-		return ret;
+		if (srp_detected != 0) return SUCCEED;
+		else return GFAILED;
 }
 #endif
 
diff --git a/src/tests.h b/src/tests.h
index 40820aa58a..3c97d891b9 100644
--- a/src/tests.h
+++ b/src/tests.h
@@ -28,6 +28,8 @@ int test_session_resume2( gnutls_session state);
 int test_rsa_pms_version_check( gnutls_session session);
 int test_version_oob( gnutls_session session);
 int test_zlib( gnutls_session session);
+int _test_srp_username_callback( gnutls_session session, unsigned int times,
+	char** username, char** password);
 
 #define GERR(ret) fprintf(stderr, "*** Error: %s\n", gnutls_strerror(ret))
 
diff --git a/src/tls_test.c b/src/tls_test.c
index 2e7ec07971..66fb8417b0 100644
--- a/src/tls_test.c
+++ b/src/tls_test.c
@@ -190,6 +190,8 @@ int main(int argc, char **argv)
 		fprintf(stderr, "memory error\n");
 		exit(1);
 	}
+	gnutls_srp_set_client_credentials_function(srp_cred,
+		_test_srp_username_callback);
 #endif
 
 #ifdef ENABLE_ANON