diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-12-21 16:47:25 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-12-21 16:47:25 +0200 |
| commit | bec3b3932c30a5bd220af737b889e7844ae9f4bd (patch) | |
| tree | 3cb22f62f4f34d894410656ca8426134c012309c | |
| parent | d3ea2626100050612dc72f8263341cffd59ec0df (diff) | |
| download | gnutls-bec3b3932c30a5bd220af737b889e7844ae9f4bd.tar.gz | |
drop unecessary function in examples
| -rw-r--r-- | doc/examples/ex-serv-anon.c | 29 | ||||
| -rw-r--r-- | doc/examples/ex-serv-dtls.c | 23 | ||||
| -rw-r--r-- | doc/examples/ex-serv-pgp.c | 32 | ||||
| -rw-r--r-- | doc/examples/ex-serv-psk.c | 35 | ||||
| -rw-r--r-- | doc/examples/ex-serv-srp.c | 39 | ||||
| -rw-r--r-- | doc/examples/ex-serv-x509.c | 35 |
6 files changed, 58 insertions, 135 deletions
diff --git a/doc/examples/ex-serv-anon.c b/doc/examples/ex-serv-anon.c index 75a0bf2bc3..c0ae557019 100644 --- a/doc/examples/ex-serv-anon.c +++ b/doc/examples/ex-serv-anon.c @@ -22,40 +22,22 @@ #define SOCKET_ERR(err,s) if(err==-1) {perror(s);return(1);} #define MAX_BUF 1024 #define PORT 5556 /* listen to 5556 port */ -#define DH_BITS 1024 /* These are global */ -gnutls_anon_server_credentials_t anoncred; - -static gnutls_session_t -initialize_tls_session (void) -{ - gnutls_session_t session; - - gnutls_init (&session, GNUTLS_SERVER); - - gnutls_priority_set_direct (session, "NORMAL:+ANON-ECDH:+ANON-DH", NULL); - - gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred); - - gnutls_dh_set_prime_bits (session, DH_BITS); - - return session; -} - static gnutls_dh_params_t dh_params; static int generate_dh_params (void) { - + unsigned int bits = + gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LEGACY); /* Generate Diffie-Hellman parameters - for use with DHE * kx algorithms. These should be discarded and regenerated * once a day, once a week or once a month. Depending on the * security requirements. */ gnutls_dh_params_init (&dh_params); - gnutls_dh_params_generate2 (dh_params, DH_BITS); + gnutls_dh_params_generate2 (dh_params, bits); return 0; } @@ -70,6 +52,7 @@ main (void) socklen_t client_len; char topbuf[512]; gnutls_session_t session; + gnutls_anon_server_credentials_t anoncred; char buffer[MAX_BUF + 1]; int optval = 1; @@ -106,7 +89,9 @@ main (void) client_len = sizeof (sa_cli); for (;;) { - session = initialize_tls_session (); + gnutls_init (&session, GNUTLS_SERVER); + gnutls_priority_set_direct (session, "NORMAL:+ANON-ECDH:+ANON-DH", NULL); + gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred); sd = accept (listen_sd, (struct sockaddr *) & sa_cli, &client_len); diff --git a/doc/examples/ex-serv-dtls.c b/doc/examples/ex-serv-dtls.c index 04cc26b91b..d2c4eda397 100644 --- a/doc/examples/ex-serv-dtls.c +++ b/doc/examples/ex-serv-dtls.c @@ -45,7 +45,6 @@ static ssize_t pull_func (gnutls_transport_ptr_t p, void *data, size_t size); static const char *human_addr (const struct sockaddr *sa, socklen_t salen, char *buf, size_t buflen); static int wait_for_connection (int fd); -static gnutls_session_t initialize_tls_session (void); static int generate_dh_params (void); /* Use global credentials and parameters to simplify @@ -173,7 +172,10 @@ main (void) else continue; - session = initialize_tls_session (); + gnutls_init (&session, GNUTLS_SERVER | GNUTLS_DATAGRAM); + gnutls_priority_set (session, priority_cache); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred); + gnutls_dtls_prestate_set (session, &prestate); gnutls_dtls_set_mtu (session, mtu); @@ -409,24 +411,11 @@ human_addr (const struct sockaddr *sa, socklen_t salen, return save_buf; } -static gnutls_session_t -initialize_tls_session (void) -{ - gnutls_session_t session; - - gnutls_init (&session, GNUTLS_SERVER | GNUTLS_DATAGRAM); - - gnutls_priority_set (session, priority_cache); - - gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred); - - return session; -} - static int generate_dh_params (void) { - int bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LOW); + int bits = + gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LEGACY); /* Generate Diffie-Hellman parameters - for use with DHE * kx algorithms. When short bit length is used, it might diff --git a/doc/examples/ex-serv-pgp.c b/doc/examples/ex-serv-pgp.c index 6946d2947c..0eacb0db73 100644 --- a/doc/examples/ex-serv-pgp.c +++ b/doc/examples/ex-serv-pgp.c @@ -27,15 +27,15 @@ #define SOCKET_ERR(err,s) if(err==-1) {perror(s);return(1);} #define MAX_BUF 1024 #define PORT 5556 /* listen to 5556 port */ -#define DH_BITS 1024 /* These are global */ -gnutls_certificate_credentials_t cred; gnutls_dh_params_t dh_params; static int generate_dh_params (void) { + unsigned int bits = + gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LEGACY); /* Generate Diffie-Hellman parameters - for use with DHE * kx algorithms. These should be discarded and regenerated @@ -43,29 +43,11 @@ generate_dh_params (void) * security requirements. */ gnutls_dh_params_init (&dh_params); - gnutls_dh_params_generate2 (dh_params, DH_BITS); + gnutls_dh_params_generate2 (dh_params, bits); return 0; } -static gnutls_session_t -initialize_tls_session (void) -{ - gnutls_session_t session; - - gnutls_init (&session, GNUTLS_SERVER); - - gnutls_priority_set_direct (session, "NORMAL:+CTYPE-OPENPGP", NULL); - - /* request client certificate if any. - */ - gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); - - gnutls_dh_set_prime_bits (session, DH_BITS); - - return session; -} - int main (void) { @@ -76,6 +58,7 @@ main (void) socklen_t client_len; char topbuf[512]; gnutls_session_t session; + gnutls_certificate_credentials_t cred; char buffer[MAX_BUF + 1]; int optval = 1; char name[256]; @@ -120,7 +103,12 @@ main (void) client_len = sizeof (sa_cli); for (;;) { - session = initialize_tls_session (); + gnutls_init (&session, GNUTLS_SERVER); + gnutls_priority_set_direct (session, "NORMAL:+CTYPE-OPENPGP", NULL); + + /* request client certificate if any. + */ + gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); sd = accept (listen_sd, (struct sockaddr *) & sa_cli, &client_len); diff --git a/doc/examples/ex-serv-psk.c b/doc/examples/ex-serv-psk.c index 1f2af6c472..0c100cfe7b 100644 --- a/doc/examples/ex-serv-psk.c +++ b/doc/examples/ex-serv-psk.c @@ -30,29 +30,6 @@ #define DH_BITS 1024 /* These are global */ -gnutls_certificate_credentials_t x509_cred; -gnutls_psk_server_credentials_t psk_cred; -gnutls_priority_t priority_cache; - -static gnutls_session_t -initialize_tls_session (void) -{ - gnutls_session_t session; - - gnutls_init (&session, GNUTLS_SERVER); - - gnutls_priority_set (session, priority_cache); - - gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred); - gnutls_credentials_set (session, GNUTLS_CRD_PSK, psk_cred); - - /* request client certificate if any. - */ - gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); - - return session; -} - static gnutls_dh_params_t dh_params; static int @@ -95,6 +72,9 @@ main (void) socklen_t client_len; char topbuf[512]; gnutls_session_t session; + gnutls_certificate_credentials_t x509_cred; + gnutls_psk_server_credentials_t psk_cred; + gnutls_priority_t priority_cache; char buffer[MAX_BUF + 1]; int optval = 1; int kx; @@ -145,7 +125,14 @@ main (void) client_len = sizeof (sa_cli); for (;;) { - session = initialize_tls_session (); + gnutls_init (&session, GNUTLS_SERVER); + gnutls_priority_set (session, priority_cache); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred); + gnutls_credentials_set (session, GNUTLS_CRD_PSK, psk_cred); + + /* request client certificate if any. + */ + gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUEST); sd = accept (listen_sd, (struct sockaddr *) & sa_cli, &client_len); diff --git a/doc/examples/ex-serv-srp.c b/doc/examples/ex-serv-srp.c index 880f70ce24..bf92a56966 100644 --- a/doc/examples/ex-serv-srp.c +++ b/doc/examples/ex-serv-srp.c @@ -29,31 +29,6 @@ #define MAX_BUF 1024 #define PORT 5556 /* listen to 5556 port */ -/* These are global */ -gnutls_srp_server_credentials_t srp_cred; -gnutls_certificate_credentials_t cert_cred; - -static gnutls_session_t -initialize_tls_session (void) -{ - gnutls_session_t session; - - gnutls_init (&session, GNUTLS_SERVER); - - gnutls_priority_set_direct (session, "NORMAL:-KX-ALL:+SRP:+SRP-DSS:+SRP-RSA", NULL); - - gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred); - /* for the certificate authenticated ciphersuites. - */ - gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cert_cred); - - /* request client certificate if any. - */ - gnutls_certificate_server_set_request (session, GNUTLS_CERT_IGNORE); - - return session; -} - int main (void) { @@ -64,6 +39,8 @@ main (void) socklen_t client_len; char topbuf[512]; gnutls_session_t session; + gnutls_srp_server_credentials_t srp_cred; + gnutls_certificate_credentials_t cert_cred; char buffer[MAX_BUF + 1]; int optval = 1; char name[256]; @@ -107,7 +84,17 @@ main (void) client_len = sizeof (sa_cli); for (;;) { - session = initialize_tls_session (); + gnutls_init (&session, GNUTLS_SERVER); + gnutls_priority_set_direct (session, + "NORMAL:-KX-ALL:+SRP:+SRP-DSS:+SRP-RSA", NULL); + gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred); + /* for the certificate authenticated ciphersuites. + */ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cert_cred); + + /* request client certificate if any. + */ + gnutls_certificate_server_set_request (session, GNUTLS_CERT_IGNORE); sd = accept (listen_sd, (struct sockaddr *) & sa_cli, &client_len); diff --git a/doc/examples/ex-serv-x509.c b/doc/examples/ex-serv-x509.c index a8dc20e3a5..8765d4368c 100644 --- a/doc/examples/ex-serv-x509.c +++ b/doc/examples/ex-serv-x509.c @@ -27,34 +27,13 @@ #define PORT 5556 /* listen to 5556 port */ /* These are global */ -gnutls_certificate_credentials_t x509_cred; -gnutls_priority_t priority_cache; - -static gnutls_session_t -initialize_tls_session (void) -{ - gnutls_session_t session; - - gnutls_init (&session, GNUTLS_SERVER); - - gnutls_priority_set (session, priority_cache); - - gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred); - - /* We don't request any certificate from the client. - * If we did we would need to verify it. - */ - gnutls_certificate_server_set_request (session, GNUTLS_CERT_IGNORE); - - return session; -} - static gnutls_dh_params_t dh_params; static int generate_dh_params (void) { - int bits = gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LOW); + unsigned int bits = + gnutls_sec_param_to_pk_bits (GNUTLS_PK_DH, GNUTLS_SEC_PARAM_LEGACY); /* Generate Diffie-Hellman parameters - for use with DHE * kx algorithms. When short bit length is used, it might @@ -71,6 +50,8 @@ main (void) { int listen_sd; int sd, ret; + gnutls_certificate_credentials_t x509_cred; + gnutls_priority_t priority_cache; struct sockaddr_in sa_serv; struct sockaddr_in sa_cli; socklen_t client_len; @@ -127,7 +108,13 @@ main (void) client_len = sizeof (sa_cli); for (;;) { - session = initialize_tls_session (); + gnutls_init (&session, GNUTLS_SERVER); + gnutls_priority_set (session, priority_cache); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, x509_cred); + /* We don't request any certificate from the client. + * If we did we would need to verify it. + */ + gnutls_certificate_server_set_request (session, GNUTLS_CERT_IGNORE); sd = accept (listen_sd, (struct sockaddr *) & sa_cli, &client_len); |