diff options
author | Daiki Ueno <ueno@gnu.org> | 2022-12-15 00:45:04 +0900 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2022-12-16 06:38:31 +0900 |
commit | dab063fca2eecb9ff1db73234108315c5b713756 (patch) | |
tree | c174de31626640b360cd9114d6175e3919247b4e | |
parent | 2b6b6f69c24b49131201925d86845f78c490aac5 (diff) | |
download | gnutls-dab063fca2eecb9ff1db73234108315c5b713756.tar.gz |
srp: provide stubs of public functions even if SRP is disabled
This adds stub definitions of public SRP functions even if SRP is
disabled with --disable-srp-authentication, to preserve the ABI.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
-rw-r--r-- | lib/algorithms/ciphersuites.c | 2 | ||||
-rw-r--r-- | lib/auth/srp_kx.c | 4 | ||||
-rw-r--r-- | lib/auth/srp_sb64.c | 33 | ||||
-rw-r--r-- | lib/gnutlsxx.cpp | 8 | ||||
-rw-r--r-- | lib/session_pack.c | 2 | ||||
-rw-r--r-- | lib/srp.c | 83 | ||||
-rw-r--r-- | src/cli.c | 2 | ||||
-rw-r--r-- | src/common.c | 4 |
8 files changed, 128 insertions, 10 deletions
diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index c7ce245056..3676c09de5 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -146,6 +146,7 @@ #define GNUTLS_RSA_PSK_AES_128_CBC_SHA1 { 0x00, 0x94 } #define GNUTLS_RSA_PSK_AES_256_CBC_SHA1 { 0x00, 0x95 } +#ifdef ENABLE_SRP /* SRP (rfc5054) */ #define GNUTLS_SRP_SHA_3DES_EDE_CBC_SHA1 { 0xC0, 0x1A } @@ -159,6 +160,7 @@ #define GNUTLS_SRP_SHA_AES_256_CBC_SHA1 { 0xC0, 0x20 } #define GNUTLS_SRP_SHA_RSA_AES_256_CBC_SHA1 { 0xC0, 0x21 } #define GNUTLS_SRP_SHA_DSS_AES_256_CBC_SHA1 { 0xC0, 0x22 } +#endif /* RSA */ diff --git a/lib/auth/srp_kx.c b/lib/auth/srp_kx.c index ece1853c30..739b12ea37 100644 --- a/lib/auth/srp_kx.c +++ b/lib/auth/srp_kx.c @@ -412,7 +412,7 @@ _gnutls_proc_srp_client_kx(gnutls_session_t session, uint8_t * data, return 0; } - +#endif /* ENABLE_SRP */ /* Static parameters according to draft-ietf-tls-srp-07 * Note that if more parameters are added check_g_n() @@ -811,6 +811,8 @@ const gnutls_datum_t gnutls_srp_8192_group_generator = { (void *) &srp8192_generator, sizeof(srp8192_generator) }; +#ifdef ENABLE_SRP + /* Check if G and N are parameters from the SRP draft. */ static int diff --git a/lib/auth/srp_sb64.c b/lib/auth/srp_sb64.c index 16945e9a0a..3ba01eba9e 100644 --- a/lib/auth/srp_sb64.c +++ b/lib/auth/srp_sb64.c @@ -24,6 +24,7 @@ #include "errors.h" #include <datum.h> #include <auth/srp_passwd.h> +#include "attribute.h" #ifdef ENABLE_SRP @@ -450,4 +451,36 @@ gnutls_srp_base64_decode2(const gnutls_datum_t * b64_data, return 0; } +#else + +int +gnutls_srp_base64_encode(const gnutls_datum_t *data MAYBE_UNUSED, + char *result MAYBE_UNUSED, + size_t *result_size MAYBE_UNUSED) +{ + return GNUTLS_E_UNIMPLEMENTED_FEATURE; +} + +int +gnutls_srp_base64_encode2(const gnutls_datum_t *data MAYBE_UNUSED, + gnutls_datum_t *result MAYBE_UNUSED) +{ + return GNUTLS_E_UNIMPLEMENTED_FEATURE; +} + +int +gnutls_srp_base64_decode(const gnutls_datum_t *b64_data MAYBE_UNUSED, + char *result MAYBE_UNUSED, + size_t *result_size MAYBE_UNUSED) +{ + return GNUTLS_E_UNIMPLEMENTED_FEATURE; +} + +int +gnutls_srp_base64_decode2(const gnutls_datum_t *b64_data MAYBE_UNUSED, + gnutls_datum_t *result MAYBE_UNUSED) +{ + return GNUTLS_E_UNIMPLEMENTED_FEATURE; +} + #endif /* ENABLE_SRP */ diff --git a/lib/gnutlsxx.cpp b/lib/gnutlsxx.cpp index f87490d371..cf6e4daa82 100644 --- a/lib/gnutlsxx.cpp +++ b/lib/gnutlsxx.cpp @@ -423,11 +423,7 @@ namespace gnutls const char *server_session::get_srp_username () const { -#ifdef ENABLE_SRP return gnutls_srp_server_get_username (s); -#else - return NULL; -#endif } const char *server_session::get_psk_username () const @@ -740,8 +736,6 @@ namespace gnutls // SRP -#ifdef ENABLE_SRP - srp_server_credentials::srp_server_credentials ():credentials (GNUTLS_CRD_SRP) { @@ -792,8 +786,6 @@ namespace gnutls gnutls_srp_set_client_credentials_function (cred, func); } -#endif /* ENABLE_SRP */ - // PSK psk_server_credentials::psk_server_credentials ():credentials diff --git a/lib/session_pack.c b/lib/session_pack.c index fa9a0fcc62..14d3677f9e 100644 --- a/lib/session_pack.c +++ b/lib/session_pack.c @@ -51,10 +51,12 @@ static int pack_certificate_auth_info(gnutls_session_t, static int unpack_certificate_auth_info(gnutls_session_t, gnutls_buffer_st * packed_session); +#ifdef ENABLE_SRP static int unpack_srp_auth_info(gnutls_session_t session, gnutls_buffer_st * packed_session); static int pack_srp_auth_info(gnutls_session_t session, gnutls_buffer_st * packed_session); +#endif static int unpack_psk_auth_info(gnutls_session_t session, gnutls_buffer_st * packed_session); @@ -37,7 +37,7 @@ #include <random.h> #include "debug.h" - +#include "attribute.h" /* Here functions for SRP (like g^x mod n) are defined */ @@ -849,4 +849,85 @@ gnutls_srp_set_server_fake_salt_seed(gnutls_srp_server_credentials_t cred, cred->fake_salt_length = (salt_length < mac_len ? salt_length : mac_len); } +#else + +void gnutls_srp_free_client_credentials(gnutls_srp_client_credentials_t sc MAYBE_UNUSED) +{ +} + +int +gnutls_srp_allocate_client_credentials(gnutls_srp_client_credentials_t *sc MAYBE_UNUSED) +{ + return GNUTLS_E_UNIMPLEMENTED_FEATURE; +} + +int +gnutls_srp_set_client_credentials(gnutls_srp_client_credentials_t res MAYBE_UNUSED, + const char *username MAYBE_UNUSED, + const char *password MAYBE_UNUSED) +{ + return GNUTLS_E_UNIMPLEMENTED_FEATURE; +} + +void +gnutls_srp_free_server_credentials(gnutls_srp_server_credentials_t sc MAYBE_UNUSED) +{ +} + +int +gnutls_srp_allocate_server_credentials(gnutls_srp_server_credentials_t *sc MAYBE_UNUSED) +{ + return GNUTLS_E_UNIMPLEMENTED_FEATURE; +} + +int +gnutls_srp_set_server_credentials_file(gnutls_srp_server_credentials_t res MAYBE_UNUSED, + const char *password_file MAYBE_UNUSED, + const char *password_conf_file MAYBE_UNUSED) +{ + return GNUTLS_E_UNIMPLEMENTED_FEATURE; +} + +void +gnutls_srp_set_server_credentials_function(gnutls_srp_server_credentials_t cred MAYBE_UNUSED, + gnutls_srp_server_credentials_function *func MAYBE_UNUSED) +{ +} + +void +gnutls_srp_set_client_credentials_function(gnutls_srp_client_credentials_t cred MAYBE_UNUSED, + gnutls_srp_client_credentials_function *func MAYBE_UNUSED) +{ +} + +const char * +gnutls_srp_server_get_username(gnutls_session_t session MAYBE_UNUSED) +{ + return NULL; +} + +int +gnutls_srp_verifier(const char *username MAYBE_UNUSED, + const char *password MAYBE_UNUSED, + const gnutls_datum_t *salt MAYBE_UNUSED, + const gnutls_datum_t *generator MAYBE_UNUSED, + const gnutls_datum_t *prime MAYBE_UNUSED, + gnutls_datum_t *res MAYBE_UNUSED) +{ + return GNUTLS_E_UNIMPLEMENTED_FEATURE; +} + +void +gnutls_srp_set_prime_bits(gnutls_session_t session MAYBE_UNUSED, + unsigned int bits MAYBE_UNUSED) +{ +} + +void +gnutls_srp_set_server_fake_salt_seed(gnutls_srp_server_credentials_t cred MAYBE_UNUSED, + const gnutls_datum_t *seed MAYBE_UNUSED, + unsigned int salt_length MAYBE_UNUSED) +{ +} + #endif /* ENABLE_SRP */ @@ -1876,6 +1876,7 @@ int do_handshake(socket_st * socket) return ret; } +#ifdef ENABLE_SRP static int srp_username_callback(gnutls_session_t session, char **username, char **password) @@ -1889,6 +1890,7 @@ srp_username_callback(gnutls_session_t session, return 0; } +#endif static int psk_callback(gnutls_session_t session, char **username, diff --git a/src/common.c b/src/common.c index 588a1851b1..b0952a5faf 100644 --- a/src/common.c +++ b/src/common.c @@ -584,6 +584,10 @@ int print_info(gnutls_session_t session, int verbose, int flags) else if (kx == GNUTLS_KX_ECDHE_RSA || kx == GNUTLS_KX_ECDHE_ECDSA) print_ecdh_info(session, "Ephemeral ", verbose); + break; + default: + log_msg(stdout, "- Unknown credential type %d\n", cred); + break; } |