diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-11-08 22:14:07 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-11-08 22:17:10 +0100 |
| commit | 76c93d23c073ef8b885503b7d28a31ffe2add6d8 (patch) | |
| tree | 1dd2d22a197bc40c5330e516969a7cb1ae9bc96f /extra | |
| parent | 559a144f6bbcbb611453f82e655dd7438c14d1a7 (diff) | |
| download | gnutls-76c93d23c073ef8b885503b7d28a31ffe2add6d8.tar.gz | |
reindented code
Diffstat (limited to 'extra')
| -rw-r--r-- | extra/gnutls_openssl.c | 983 | ||||
| -rw-r--r-- | extra/includes/gnutls/openssl.h | 310 | ||||
| -rw-r--r-- | extra/openssl_compat.c | 221 | ||||
| -rw-r--r-- | extra/openssl_compat.h | 8 |
4 files changed, 727 insertions, 795 deletions
diff --git a/extra/gnutls_openssl.c b/extra/gnutls_openssl.c index c43ae08b69..f28fad855a 100644 --- a/extra/gnutls_openssl.c +++ b/extra/gnutls_openssl.c @@ -33,7 +33,7 @@ * undefine it to avoid the conflict with openssl.h. */ #ifdef X509_NAME -# undef X509_NAME +#undef X509_NAME #endif #include <gnutls/openssl.h> @@ -51,859 +51,792 @@ static int last_error = 0; /* Library initialisation functions */ -int -SSL_library_init (void) +int SSL_library_init(void) { - gnutls_global_init (); - /* NB: we haven't got anywhere to call gnutls_global_deinit() */ - return 1; + gnutls_global_init(); + /* NB: we haven't got anywhere to call gnutls_global_deinit() */ + return 1; } -void -OpenSSL_add_all_algorithms (void) +void OpenSSL_add_all_algorithms(void) { } /* SSL_CTX structure handling */ -SSL_CTX * -SSL_CTX_new (SSL_METHOD * method) +SSL_CTX *SSL_CTX_new(SSL_METHOD * method) { - SSL_CTX *ctx; + SSL_CTX *ctx; - ctx = (SSL_CTX *) calloc (1, sizeof (SSL_CTX)); - ctx->method = method; + ctx = (SSL_CTX *) calloc(1, sizeof(SSL_CTX)); + ctx->method = method; - return ctx; + return ctx; } -void -SSL_CTX_free (SSL_CTX * ctx) +void SSL_CTX_free(SSL_CTX * ctx) { - free (ctx->method); - free (ctx); + free(ctx->method); + free(ctx); } -int -SSL_CTX_set_default_verify_paths (SSL_CTX * ctx) +int SSL_CTX_set_default_verify_paths(SSL_CTX * ctx) { - return 0; + return 0; } int -SSL_CTX_use_certificate_file (SSL_CTX * ctx, const char *certfile, int type) +SSL_CTX_use_certificate_file(SSL_CTX * ctx, const char *certfile, int type) { - ctx->certfile = (char *) calloc (1, strlen (certfile) + 1); - if (!ctx->certfile) - return -1; - memcpy (ctx->certfile, certfile, strlen (certfile)); + ctx->certfile = (char *) calloc(1, strlen(certfile) + 1); + if (!ctx->certfile) + return -1; + memcpy(ctx->certfile, certfile, strlen(certfile)); - ctx->certfile_type = type; + ctx->certfile_type = type; - return 1; + return 1; } int -SSL_CTX_use_PrivateKey_file (SSL_CTX * ctx, const char *keyfile, int type) +SSL_CTX_use_PrivateKey_file(SSL_CTX * ctx, const char *keyfile, int type) { - ctx->keyfile = (char *) calloc (1, strlen (keyfile) + 1); - if (!ctx->keyfile) - return -1; - memcpy (ctx->keyfile, keyfile, strlen (keyfile)); + ctx->keyfile = (char *) calloc(1, strlen(keyfile) + 1); + if (!ctx->keyfile) + return -1; + memcpy(ctx->keyfile, keyfile, strlen(keyfile)); - ctx->keyfile_type = type; + ctx->keyfile_type = type; - return 1; + return 1; } void -SSL_CTX_set_verify (SSL_CTX * ctx, int verify_mode, - int (*verify_callback) (int, X509_STORE_CTX *)) +SSL_CTX_set_verify(SSL_CTX * ctx, int verify_mode, + int (*verify_callback) (int, X509_STORE_CTX *)) { - ctx->verify_mode = verify_mode; - ctx->verify_callback = verify_callback; + ctx->verify_mode = verify_mode; + ctx->verify_callback = verify_callback; } -unsigned long -SSL_CTX_set_options (SSL_CTX * ctx, unsigned long options) +unsigned long SSL_CTX_set_options(SSL_CTX * ctx, unsigned long options) { - return (ctx->options |= options); + return (ctx->options |= options); } -long -SSL_CTX_set_mode (SSL_CTX * ctx, long mode) +long SSL_CTX_set_mode(SSL_CTX * ctx, long mode) { - return 0; + return 0; } -int -SSL_CTX_set_cipher_list (SSL_CTX * ctx, const char *list) +int SSL_CTX_set_cipher_list(SSL_CTX * ctx, const char *list) { - /* FIXME: ignore this for the moment */ - /* We're going to have to parse the "list" string to do this */ - /* It is a string, which in its simplest form is something like - "DES-CBC3-SHA:IDEA-CBC-MD5", but can be rather more complicated - (see OpenSSL's ciphers(1) manpage for details) */ + /* FIXME: ignore this for the moment */ + /* We're going to have to parse the "list" string to do this */ + /* It is a string, which in its simplest form is something like + "DES-CBC3-SHA:IDEA-CBC-MD5", but can be rather more complicated + (see OpenSSL's ciphers(1) manpage for details) */ - return 1; + return 1; } /* SSL_CTX statistics */ -long -SSL_CTX_sess_number (SSL_CTX * ctx) +long SSL_CTX_sess_number(SSL_CTX * ctx) { - return 0; + return 0; } -long -SSL_CTX_sess_connect (SSL_CTX * ctx) +long SSL_CTX_sess_connect(SSL_CTX * ctx) { - return 0; + return 0; } -long -SSL_CTX_sess_connect_good (SSL_CTX * ctx) +long SSL_CTX_sess_connect_good(SSL_CTX * ctx) { - return 0; + return 0; } -long -SSL_CTX_sess_connect_renegotiate (SSL_CTX * ctx) +long SSL_CTX_sess_connect_renegotiate(SSL_CTX * ctx) { - return 0; + return 0; } -long -SSL_CTX_sess_accept (SSL_CTX * ctx) +long SSL_CTX_sess_accept(SSL_CTX * ctx) { - return 0; + return 0; } -long -SSL_CTX_sess_accept_good (SSL_CTX * ctx) +long SSL_CTX_sess_accept_good(SSL_CTX * ctx) { - return 0; + return 0; } -long -SSL_CTX_sess_accept_renegotiate (SSL_CTX * ctx) +long SSL_CTX_sess_accept_renegotiate(SSL_CTX * ctx) { - return 0; + return 0; } -long -SSL_CTX_sess_hits (SSL_CTX * ctx) +long SSL_CTX_sess_hits(SSL_CTX * ctx) { - return 0; + return 0; } -long -SSL_CTX_sess_misses (SSL_CTX * ctx) +long SSL_CTX_sess_misses(SSL_CTX * ctx) { - return 0; + return 0; } -long -SSL_CTX_sess_timeouts (SSL_CTX * ctx) +long SSL_CTX_sess_timeouts(SSL_CTX * ctx) { - return 0; + return 0; } /* SSL structure handling */ -SSL * -SSL_new (SSL_CTX * ctx) +SSL *SSL_new(SSL_CTX * ctx) { - SSL *ssl; - int err; + SSL *ssl; + int err; - ssl = (SSL *) calloc (1, sizeof (SSL)); - if (!ssl) - return NULL; + ssl = (SSL *) calloc(1, sizeof(SSL)); + if (!ssl) + return NULL; - err = gnutls_certificate_allocate_credentials (&ssl->gnutls_cred); - if (err < 0) - { - last_error = err; - free (ssl); - return NULL; - } + err = gnutls_certificate_allocate_credentials(&ssl->gnutls_cred); + if (err < 0) { + last_error = err; + free(ssl); + return NULL; + } - gnutls_init (&ssl->gnutls_state, ctx->method->connend); + gnutls_init(&ssl->gnutls_state, ctx->method->connend); - gnutls_priority_set_direct (ssl->gnutls_state, - ctx->method->priority_string, NULL); + gnutls_priority_set_direct(ssl->gnutls_state, + ctx->method->priority_string, NULL); - gnutls_credentials_set (ssl->gnutls_state, GNUTLS_CRD_CERTIFICATE, - ssl->gnutls_cred); - if (ctx->certfile) - gnutls_certificate_set_x509_trust_file (ssl->gnutls_cred, - ctx->certfile, - ctx->certfile_type); - if (ctx->keyfile) - gnutls_certificate_set_x509_key_file (ssl->gnutls_cred, - ctx->certfile, ctx->keyfile, - ctx->keyfile_type); - ssl->ctx = ctx; - ssl->verify_mode = ctx->verify_mode; - ssl->verify_callback = ctx->verify_callback; + gnutls_credentials_set(ssl->gnutls_state, GNUTLS_CRD_CERTIFICATE, + ssl->gnutls_cred); + if (ctx->certfile) + gnutls_certificate_set_x509_trust_file(ssl->gnutls_cred, + ctx->certfile, + ctx->certfile_type); + if (ctx->keyfile) + gnutls_certificate_set_x509_key_file(ssl->gnutls_cred, + ctx->certfile, + ctx->keyfile, + ctx->keyfile_type); + ssl->ctx = ctx; + ssl->verify_mode = ctx->verify_mode; + ssl->verify_callback = ctx->verify_callback; - ssl->options = ctx->options; + ssl->options = ctx->options; - ssl->rfd = (gnutls_transport_ptr_t) - 1; - ssl->wfd = (gnutls_transport_ptr_t) - 1; + ssl->rfd = (gnutls_transport_ptr_t) - 1; + ssl->wfd = (gnutls_transport_ptr_t) - 1; - return ssl; + return ssl; } -void -SSL_free (SSL * ssl) +void SSL_free(SSL * ssl) { - gnutls_certificate_free_credentials (ssl->gnutls_cred); - gnutls_deinit (ssl->gnutls_state); - free (ssl); + gnutls_certificate_free_credentials(ssl->gnutls_cred); + gnutls_deinit(ssl->gnutls_state); + free(ssl); } -void -SSL_load_error_strings (void) +void SSL_load_error_strings(void) { } -int -SSL_get_error (SSL * ssl, int ret) +int SSL_get_error(SSL * ssl, int ret) { - if (ret > 0) - return SSL_ERROR_NONE; + if (ret > 0) + return SSL_ERROR_NONE; - return SSL_ERROR_ZERO_RETURN; + return SSL_ERROR_ZERO_RETURN; } -int -SSL_set_fd (SSL * ssl, int fd) +int SSL_set_fd(SSL * ssl, int fd) { - gnutls_transport_set_ptr (ssl->gnutls_state, GNUTLS_INT_TO_POINTER (fd)); - return 1; + gnutls_transport_set_ptr(ssl->gnutls_state, + GNUTLS_INT_TO_POINTER(fd)); + return 1; } -int -SSL_set_rfd (SSL * ssl, int fd) +int SSL_set_rfd(SSL * ssl, int fd) { - ssl->rfd = GNUTLS_INT_TO_POINTER (fd); + ssl->rfd = GNUTLS_INT_TO_POINTER(fd); - if (ssl->wfd != (gnutls_transport_ptr_t) - 1) - gnutls_transport_set_ptr2 (ssl->gnutls_state, ssl->rfd, ssl->wfd); + if (ssl->wfd != (gnutls_transport_ptr_t) - 1) + gnutls_transport_set_ptr2(ssl->gnutls_state, ssl->rfd, + ssl->wfd); - return 1; + return 1; } -int -SSL_set_wfd (SSL * ssl, int fd) +int SSL_set_wfd(SSL * ssl, int fd) { - ssl->wfd = GNUTLS_INT_TO_POINTER (fd); + ssl->wfd = GNUTLS_INT_TO_POINTER(fd); - if (ssl->rfd != (gnutls_transport_ptr_t) - 1) - gnutls_transport_set_ptr2 (ssl->gnutls_state, ssl->rfd, ssl->wfd); + if (ssl->rfd != (gnutls_transport_ptr_t) - 1) + gnutls_transport_set_ptr2(ssl->gnutls_state, ssl->rfd, + ssl->wfd); - return 1; + return 1; } -void -SSL_set_bio (SSL * ssl, BIO * rbio, BIO * wbio) +void SSL_set_bio(SSL * ssl, BIO * rbio, BIO * wbio) { - gnutls_transport_set_ptr2 (ssl->gnutls_state, rbio->fd, wbio->fd); - /* free(BIO); ? */ + gnutls_transport_set_ptr2(ssl->gnutls_state, rbio->fd, wbio->fd); + /* free(BIO); ? */ } -void -SSL_set_connect_state (SSL * ssl) +void SSL_set_connect_state(SSL * ssl) { } -int -SSL_pending (SSL * ssl) +int SSL_pending(SSL * ssl) { - return gnutls_record_check_pending (ssl->gnutls_state); + return gnutls_record_check_pending(ssl->gnutls_state); } void -SSL_set_verify (SSL * ssl, int verify_mode, - int (*verify_callback) (int, X509_STORE_CTX *)) +SSL_set_verify(SSL * ssl, int verify_mode, + int (*verify_callback) (int, X509_STORE_CTX *)) { - ssl->verify_mode = verify_mode; - ssl->verify_callback = verify_callback; + ssl->verify_mode = verify_mode; + ssl->verify_callback = verify_callback; } -const X509 * -SSL_get_peer_certificate (SSL * ssl) +const X509 *SSL_get_peer_certificate(SSL * ssl) { - const gnutls_datum_t *cert_list; - unsigned int cert_list_size = 0; + const gnutls_datum_t *cert_list; + unsigned int cert_list_size = 0; - cert_list = gnutls_certificate_get_peers (ssl->gnutls_state, - &cert_list_size); + cert_list = gnutls_certificate_get_peers(ssl->gnutls_state, + &cert_list_size); - return cert_list; + return cert_list; } /* SSL connection open/close/read/write functions */ -int -SSL_connect (SSL * ssl) -{ - X509_STORE_CTX *store; - unsigned int cert_list_size = 0; - int err; - char x_priority[256]; - /* take options into account before connecting */ - - memset (x_priority, 0, sizeof (x_priority)); - if (ssl->options & SSL_OP_NO_TLSv1) - { - snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0", ssl->ctx->method->priority_string); - err = gnutls_priority_set_direct(ssl->gnutls_state, x_priority, NULL); - if (err < 0) - { - last_error = err; - return 0; - } - } - - err = gnutls_handshake (ssl->gnutls_state); - ssl->last_error = err; - - if (err < 0) - { - last_error = err; - return 0; - } - - store = (X509_STORE_CTX *) calloc (1, sizeof (X509_STORE_CTX)); - store->ssl = ssl; - store->cert_list = gnutls_certificate_get_peers (ssl->gnutls_state, - &cert_list_size); - - if (ssl->verify_callback) - { - ssl->verify_callback (1 /*FIXME*/, store); - } - ssl->state = SSL_ST_OK; - - err = store->error; - free (store); - - /* FIXME: deal with error from callback */ - - return 1; +int SSL_connect(SSL * ssl) +{ + X509_STORE_CTX *store; + unsigned int cert_list_size = 0; + int err; + char x_priority[256]; + /* take options into account before connecting */ + + memset(x_priority, 0, sizeof(x_priority)); + if (ssl->options & SSL_OP_NO_TLSv1) { + snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0", + ssl->ctx->method->priority_string); + err = + gnutls_priority_set_direct(ssl->gnutls_state, + x_priority, NULL); + if (err < 0) { + last_error = err; + return 0; + } + } + + err = gnutls_handshake(ssl->gnutls_state); + ssl->last_error = err; + + if (err < 0) { + last_error = err; + return 0; + } + + store = (X509_STORE_CTX *) calloc(1, sizeof(X509_STORE_CTX)); + store->ssl = ssl; + store->cert_list = gnutls_certificate_get_peers(ssl->gnutls_state, + &cert_list_size); + + if (ssl->verify_callback) { + ssl->verify_callback(1 /*FIXME*/, store); + } + ssl->state = SSL_ST_OK; + + err = store->error; + free(store); + + /* FIXME: deal with error from callback */ + + return 1; } -int -SSL_accept (SSL * ssl) +int SSL_accept(SSL * ssl) { - X509_STORE_CTX *store; - unsigned int cert_list_size = 0; - int err; - char x_priority[256]; - /* take options into account before connecting */ + X509_STORE_CTX *store; + unsigned int cert_list_size = 0; + int err; + char x_priority[256]; + /* take options into account before connecting */ - memset (x_priority, 0, sizeof (x_priority)); - if (ssl->options & SSL_OP_NO_TLSv1) - { - snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0", ssl->ctx->method->priority_string); - err = gnutls_priority_set_direct(ssl->gnutls_state, x_priority, NULL); - if (err < 0) - { - last_error = err; - return 0; - } - } + memset(x_priority, 0, sizeof(x_priority)); + if (ssl->options & SSL_OP_NO_TLSv1) { + snprintf(x_priority, sizeof(x_priority), "%s:-VERS-TLS1.0", + ssl->ctx->method->priority_string); + err = + gnutls_priority_set_direct(ssl->gnutls_state, + x_priority, NULL); + if (err < 0) { + last_error = err; + return 0; + } + } - /* FIXME: dh params, do we want client cert? */ + /* FIXME: dh params, do we want client cert? */ - err = gnutls_handshake (ssl->gnutls_state); - ssl->last_error = err; + err = gnutls_handshake(ssl->gnutls_state); + ssl->last_error = err; - if (err < 0) - { - last_error = err; - return 0; - } + if (err < 0) { + last_error = err; + return 0; + } - store = (X509_STORE_CTX *) calloc (1, sizeof (X509_STORE_CTX)); - store->ssl = ssl; - store->cert_list = gnutls_certificate_get_peers (ssl->gnutls_state, - &cert_list_size); + store = (X509_STORE_CTX *) calloc(1, sizeof(X509_STORE_CTX)); + store->ssl = ssl; + store->cert_list = gnutls_certificate_get_peers(ssl->gnutls_state, + &cert_list_size); - if (ssl->verify_callback) - { - ssl->verify_callback (1 /*FIXME*/, store); - } - ssl->state = SSL_ST_OK; + if (ssl->verify_callback) { + ssl->verify_callback(1 /*FIXME*/, store); + } + ssl->state = SSL_ST_OK; - err = store->error; - free (store); + err = store->error; + free(store); - /* FIXME: deal with error from callback */ + /* FIXME: deal with error from callback */ - return 1; + return 1; } -int -SSL_shutdown (SSL * ssl) +int SSL_shutdown(SSL * ssl) { - if (!ssl->shutdown) - { - gnutls_bye (ssl->gnutls_state, GNUTLS_SHUT_WR); - ssl->shutdown++; - } - else - { - gnutls_bye (ssl->gnutls_state, GNUTLS_SHUT_RDWR); - ssl->shutdown++; - } + if (!ssl->shutdown) { + gnutls_bye(ssl->gnutls_state, GNUTLS_SHUT_WR); + ssl->shutdown++; + } else { + gnutls_bye(ssl->gnutls_state, GNUTLS_SHUT_RDWR); + ssl->shutdown++; + } - /* FIXME */ - return 1; + /* FIXME */ + return 1; } -int -SSL_read (SSL * ssl, void *buf, int len) +int SSL_read(SSL * ssl, void *buf, int len) { - int ret; + int ret; - ret = gnutls_record_recv (ssl->gnutls_state, buf, len); - ssl->last_error = ret; + ret = gnutls_record_recv(ssl->gnutls_state, buf, len); + ssl->last_error = ret; - if (ret < 0) - { - last_error = ret; - return 0; - } + if (ret < 0) { + last_error = ret; + return 0; + } - return ret; + return ret; } -int -SSL_write (SSL * ssl, const void *buf, int len) +int SSL_write(SSL * ssl, const void *buf, int len) { - int ret; + int ret; - ret = gnutls_record_send (ssl->gnutls_state, buf, len); - ssl->last_error = ret; + ret = gnutls_record_send(ssl->gnutls_state, buf, len); + ssl->last_error = ret; - if (ret < 0) - { - last_error = ret; - return 0; - } + if (ret < 0) { + last_error = ret; + return 0; + } - return ret; + return ret; } -int -SSL_want (SSL * ssl) +int SSL_want(SSL * ssl) { - return SSL_NOTHING; + return SSL_NOTHING; } /* SSL_METHOD functions */ -SSL_METHOD * -SSLv23_client_method (void) +SSL_METHOD *SSLv23_client_method(void) { - SSL_METHOD *m; - m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD)); - if (!m) - return NULL; + SSL_METHOD *m; + m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD)); + if (!m) + return NULL; - strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); + strcpy(m->priority_string, + "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); - m->connend = GNUTLS_CLIENT; + m->connend = GNUTLS_CLIENT; - return m; + return m; } -SSL_METHOD * -SSLv23_server_method (void) +SSL_METHOD *SSLv23_server_method(void) { - SSL_METHOD *m; - m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD)); - if (!m) - return NULL; + SSL_METHOD *m; + m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD)); + if (!m) + return NULL; - strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); - m->connend = GNUTLS_SERVER; + strcpy(m->priority_string, + "NONE:+VERS-TLS1.0:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); + m->connend = GNUTLS_SERVER; - return m; + return m; } -SSL_METHOD * -SSLv3_client_method (void) +SSL_METHOD *SSLv3_client_method(void) { - SSL_METHOD *m; - m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD)); - if (!m) - return NULL; + SSL_METHOD *m; + m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD)); + if (!m) + return NULL; - strcpy(m->priority_string, "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); - m->connend = GNUTLS_CLIENT; + strcpy(m->priority_string, + "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); + m->connend = GNUTLS_CLIENT; - return m; + return m; } -SSL_METHOD * -SSLv3_server_method (void) +SSL_METHOD *SSLv3_server_method(void) { - SSL_METHOD *m; - m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD)); - if (!m) - return NULL; + SSL_METHOD *m; + m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD)); + if (!m) + return NULL; - strcpy(m->priority_string, "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); - m->connend = GNUTLS_SERVER; + strcpy(m->priority_string, + "NONE:+VERS-SSL3.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); + m->connend = GNUTLS_SERVER; - return m; + return m; } -SSL_METHOD * -TLSv1_client_method (void) +SSL_METHOD *TLSv1_client_method(void) { - SSL_METHOD *m; - m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD)); - if (!m) - return NULL; + SSL_METHOD *m; + m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD)); + if (!m) + return NULL; - strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); - m->connend = GNUTLS_CLIENT; + strcpy(m->priority_string, + "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); + m->connend = GNUTLS_CLIENT; - return m; + return m; } -SSL_METHOD * -TLSv1_server_method (void) +SSL_METHOD *TLSv1_server_method(void) { - SSL_METHOD *m; - m = (SSL_METHOD *) calloc (1, sizeof (SSL_METHOD)); - if (!m) - return NULL; + SSL_METHOD *m; + m = (SSL_METHOD *) calloc(1, sizeof(SSL_METHOD)); + if (!m) + return NULL; - strcpy(m->priority_string, "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); - m->connend = GNUTLS_SERVER; + strcpy(m->priority_string, + "NONE:+VERS-TLS1.0:+CIPHER-ALL:+COMP-ALL:+RSA:+DHE-RSA:+DHE-DSS:+MAC-ALL"); + m->connend = GNUTLS_SERVER; - return m; + return m; } /* SSL_CIPHER functions */ -SSL_CIPHER * -SSL_get_current_cipher (SSL * ssl) +SSL_CIPHER *SSL_get_current_cipher(SSL * ssl) { - if (!ssl) - return NULL; + if (!ssl) + return NULL; - ssl->ciphersuite.version = gnutls_protocol_get_version (ssl->gnutls_state); - ssl->ciphersuite.cipher = gnutls_cipher_get (ssl->gnutls_state); - ssl->ciphersuite.kx = gnutls_kx_get (ssl->gnutls_state); - ssl->ciphersuite.mac = gnutls_mac_get (ssl->gnutls_state); - ssl->ciphersuite.compression = gnutls_compression_get (ssl->gnutls_state); - ssl->ciphersuite.cert = gnutls_certificate_type_get (ssl->gnutls_state); + ssl->ciphersuite.version = + gnutls_protocol_get_version(ssl->gnutls_state); + ssl->ciphersuite.cipher = gnutls_cipher_get(ssl->gnutls_state); + ssl->ciphersuite.kx = gnutls_kx_get(ssl->gnutls_state); + ssl->ciphersuite.mac = gnutls_mac_get(ssl->gnutls_state); + ssl->ciphersuite.compression = + gnutls_compression_get(ssl->gnutls_state); + ssl->ciphersuite.cert = + gnutls_certificate_type_get(ssl->gnutls_state); - return &(ssl->ciphersuite); + return &(ssl->ciphersuite); } -const char * -SSL_CIPHER_get_name (SSL_CIPHER * cipher) +const char *SSL_CIPHER_get_name(SSL_CIPHER * cipher) { - if (!cipher) - return ("NONE"); + if (!cipher) + return ("NONE"); - return gnutls_cipher_suite_get_name (cipher->kx, - cipher->cipher, cipher->mac); + return gnutls_cipher_suite_get_name(cipher->kx, + cipher->cipher, cipher->mac); } -int -SSL_CIPHER_get_bits (SSL_CIPHER * cipher, int *bits) +int SSL_CIPHER_get_bits(SSL_CIPHER * cipher, int *bits) { - int bit_result; + int bit_result; - if (!cipher) - return 0; + if (!cipher) + return 0; - bit_result = (8 * gnutls_cipher_get_key_size (cipher->cipher)); + bit_result = (8 * gnutls_cipher_get_key_size(cipher->cipher)); - if (bits) - *bits = bit_result; + if (bits) + *bits = bit_result; - return bit_result; + return bit_result; } -const char * -SSL_CIPHER_get_version (SSL_CIPHER * cipher) +const char *SSL_CIPHER_get_version(SSL_CIPHER * cipher) { - const char *ret; + const char *ret; - if (!cipher) - return ("(NONE)"); + if (!cipher) + return ("(NONE)"); - ret = gnutls_protocol_get_name (cipher->version); - if (ret) - return ret; + ret = gnutls_protocol_get_name(cipher->version); + if (ret) + return ret; - return ("unknown"); + return ("unknown"); } -char * -SSL_CIPHER_description (SSL_CIPHER * cipher, char *buf, int size) +char *SSL_CIPHER_description(SSL_CIPHER * cipher, char *buf, int size) { - char *tmpbuf; - int tmpsize; - int local_alloc; + char *tmpbuf; + int tmpsize; + int local_alloc; - if (buf) - { - tmpbuf = buf; - tmpsize = size; - local_alloc = 0; - } - else - { - tmpbuf = (char *) malloc (128); - tmpsize = 128; - local_alloc = 1; - } + if (buf) { + tmpbuf = buf; + tmpsize = size; + local_alloc = 0; + } else { + tmpbuf = (char *) malloc(128); + tmpsize = 128; + local_alloc = 1; + } - if (snprintf (tmpbuf, tmpsize, "%s %s %s %s", - gnutls_protocol_get_name (cipher->version), - gnutls_kx_get_name (cipher->kx), - gnutls_cipher_get_name (cipher->cipher), - gnutls_mac_get_name (cipher->mac)) == -1) - { - if (local_alloc) - free (tmpbuf); - return (char *) "Buffer too small"; - } + if (snprintf(tmpbuf, tmpsize, "%s %s %s %s", + gnutls_protocol_get_name(cipher->version), + gnutls_kx_get_name(cipher->kx), + gnutls_cipher_get_name(cipher->cipher), + gnutls_mac_get_name(cipher->mac)) == -1) { + if (local_alloc) + free(tmpbuf); + return (char *) "Buffer too small"; + } - return tmpbuf; + return tmpbuf; } /* X509 functions */ -X509_NAME * -X509_get_subject_name (const X509 * cert) +X509_NAME *X509_get_subject_name(const X509 * cert) { - gnutls_x509_dn *dn; - dn = (gnutls_x509_dn *) calloc (1, sizeof (gnutls_x509_dn)); - if (gnutls_x509_extract_certificate_dn (cert, dn) < 0) - { - free (dn); - return NULL; - } - return dn; + gnutls_x509_dn *dn; + dn = (gnutls_x509_dn *) calloc(1, sizeof(gnutls_x509_dn)); + if (gnutls_x509_extract_certificate_dn(cert, dn) < 0) { + free(dn); + return NULL; + } + return dn; } -X509_NAME * -X509_get_issuer_name (const X509 * cert) +X509_NAME *X509_get_issuer_name(const X509 * cert) { - gnutls_x509_dn *dn; - dn = (gnutls_x509_dn *) calloc (1, sizeof (gnutls_x509_dn)); - if (gnutls_x509_extract_certificate_issuer_dn (cert, dn) < 0) - { - free (dn); - return NULL; - } - return dn; + gnutls_x509_dn *dn; + dn = (gnutls_x509_dn *) calloc(1, sizeof(gnutls_x509_dn)); + if (gnutls_x509_extract_certificate_issuer_dn(cert, dn) < 0) { + free(dn); + return NULL; + } + return dn; } -char * -X509_NAME_oneline (gnutls_x509_dn * name, char *buf, int len) +char *X509_NAME_oneline(gnutls_x509_dn * name, char *buf, int len) { - /* XXX openssl allocates buffer if buf == NULL */ - if (!buf) - return NULL; - memset (buf, 0, len); + /* XXX openssl allocates buffer if buf == NULL */ + if (!buf) + return NULL; + memset(buf, 0, len); - snprintf (buf, len - 1, - "C=%s, ST=%s, L=%s, O=%s, OU=%s, CN=%s/Email=%s", - name->country, name->state_or_province_name, - name->locality_name, name->organization, - name->organizational_unit_name, name->common_name, name->email); - return buf; + snprintf(buf, len - 1, + "C=%s, ST=%s, L=%s, O=%s, OU=%s, CN=%s/Email=%s", + name->country, name->state_or_province_name, + name->locality_name, name->organization, + name->organizational_unit_name, name->common_name, + name->email); + return buf; } -void -X509_free (const X509 * cert) +void X509_free(const X509 * cert) { - /* only get certificates as const items */ + /* only get certificates as const items */ } /* BIO functions */ -void -BIO_get_fd (gnutls_session_t gnutls_state, int *fd) +void BIO_get_fd(gnutls_session_t gnutls_state, int *fd) { - gnutls_transport_ptr_t tmp = gnutls_transport_get_ptr (gnutls_state); - *fd = GNUTLS_POINTER_TO_INT (tmp); + gnutls_transport_ptr_t tmp = + gnutls_transport_get_ptr(gnutls_state); + *fd = GNUTLS_POINTER_TO_INT(tmp); } -BIO * -BIO_new_socket (int sock, int close_flag) +BIO *BIO_new_socket(int sock, int close_flag) { - BIO *bio; + BIO *bio; - bio = (BIO *) malloc (sizeof (BIO)); - if (!bio) - return NULL; + bio = (BIO *) malloc(sizeof(BIO)); + if (!bio) + return NULL; - bio->fd = GNUTLS_INT_TO_POINTER (sock); + bio->fd = GNUTLS_INT_TO_POINTER(sock); - return bio; + return bio; } /* error handling */ -unsigned long -ERR_get_error (void) +unsigned long ERR_get_error(void) { - unsigned long ret; + unsigned long ret; - ret = -1 * last_error; - last_error = 0; + ret = -1 * last_error; + last_error = 0; - return ret; + return ret; } -const char * -ERR_error_string (unsigned long e, char *buf) +const char *ERR_error_string(unsigned long e, char *buf) { - return gnutls_strerror (-1 * e); + return gnutls_strerror(-1 * e); } /* RAND functions */ -int -RAND_status (void) +int RAND_status(void) { - return 1; + return 1; } -void -RAND_seed (const void *buf, int num) +void RAND_seed(const void *buf, int num) { } -int -RAND_bytes (unsigned char *buf, int num) +int RAND_bytes(unsigned char *buf, int num) { - gnutls_rnd (GNUTLS_RND_RANDOM, buf, num); - return 1; + gnutls_rnd(GNUTLS_RND_RANDOM, buf, num); + return 1; } -int -RAND_pseudo_bytes (unsigned char *buf, int num) +int RAND_pseudo_bytes(unsigned char *buf, int num) { - gnutls_rnd (GNUTLS_RND_NONCE, buf, num); - return 1; + gnutls_rnd(GNUTLS_RND_NONCE, buf, num); + return 1; } -const char * -RAND_file_name (char *buf, size_t len) +const char *RAND_file_name(char *buf, size_t len) { - return ""; + return ""; } -int -RAND_load_file (const char *name, long maxbytes) +int RAND_load_file(const char *name, long maxbytes) { - return maxbytes; + return maxbytes; } -int -RAND_write_file (const char *name) +int RAND_write_file(const char *name) { - return 0; + return 0; } -int -RAND_egd_bytes (const char *path, int bytes) +int RAND_egd_bytes(const char *path, int bytes) { - /* fake it */ - return bytes; + /* fake it */ + return bytes; } /* message digest functions */ -void -MD5_Init (MD5_CTX * ctx) +void MD5_Init(MD5_CTX * ctx) { -int ret; - ret = gnutls_hash_init((void*)&ctx->handle, GNUTLS_DIG_MD5); - if (ret < 0) - abort (); + int ret; + ret = gnutls_hash_init((void *) &ctx->handle, GNUTLS_DIG_MD5); + if (ret < 0) + abort(); } -void -MD5_Update (MD5_CTX * ctx, const void *buf, int len) +void MD5_Update(MD5_CTX * ctx, const void *buf, int len) { - gnutls_hash (ctx->handle, buf, len); + gnutls_hash(ctx->handle, buf, len); } -void -MD5_Final (unsigned char *md, MD5_CTX * ctx) +void MD5_Final(unsigned char *md, MD5_CTX * ctx) { - gnutls_hash_deinit (ctx->handle, md); + gnutls_hash_deinit(ctx->handle, md); } -unsigned char * -MD5 (const unsigned char *buf, unsigned long len, unsigned char *md) +unsigned char *MD5(const unsigned char *buf, unsigned long len, + unsigned char *md) { - if (!md) - return NULL; + if (!md) + return NULL; - gnutls_hash_fast (GNUTLS_DIG_MD5, buf, len, md); + gnutls_hash_fast(GNUTLS_DIG_MD5, buf, len, md); - return md; + return md; } -void -RIPEMD160_Init (RIPEMD160_CTX * ctx) +void RIPEMD160_Init(RIPEMD160_CTX * ctx) { -int ret; - ret = gnutls_hash_init((void*)&ctx->handle, GNUTLS_DIG_RMD160); - if (ret < 0) - abort (); + int ret; + ret = gnutls_hash_init((void *) &ctx->handle, GNUTLS_DIG_RMD160); + if (ret < 0) + abort(); } -void -RIPEMD160_Update (RIPEMD160_CTX * ctx, const void *buf, int len) +void RIPEMD160_Update(RIPEMD160_CTX * ctx, const void *buf, int len) { - gnutls_hash (ctx->handle, buf, len); + gnutls_hash(ctx->handle, buf, len); } -void -RIPEMD160_Final (unsigned char *md, RIPEMD160_CTX * ctx) +void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX * ctx) { - gnutls_hash_deinit (ctx->handle, md); + gnutls_hash_deinit(ctx->handle, md); } -unsigned char * -RIPEMD160 (const unsigned char *buf, unsigned long len, unsigned char *md) +unsigned char *RIPEMD160(const unsigned char *buf, unsigned long len, + unsigned char *md) { - if (!md) - return NULL; + if (!md) + return NULL; - gnutls_hash_fast (GNUTLS_DIG_RMD160, buf, len, md); + gnutls_hash_fast(GNUTLS_DIG_RMD160, buf, len, md); - return md; + return md; } diff --git a/extra/includes/gnutls/openssl.h b/extra/includes/gnutls/openssl.h index fd59d335b6..ec9fd3cc61 100644 --- a/extra/includes/gnutls/openssl.h +++ b/extra/includes/gnutls/openssl.h @@ -35,8 +35,7 @@ #define GNUTLS_OPENSSL_H #ifdef __cplusplus -extern "C" -{ +extern "C" { #endif #include <gnutls/gnutls.h> @@ -51,16 +50,15 @@ extern "C" #define GNUTLS_X509_S_SIZE 256 #define GNUTLS_X509_EMAIL_SIZE 256 - typedef struct - { - char common_name[GNUTLS_X509_CN_SIZE]; - char country[GNUTLS_X509_C_SIZE]; - char organization[GNUTLS_X509_O_SIZE]; - char organizational_unit_name[GNUTLS_X509_OU_SIZE]; - char locality_name[GNUTLS_X509_L_SIZE]; - char state_or_province_name[GNUTLS_X509_S_SIZE]; - char email[GNUTLS_X509_EMAIL_SIZE]; - } gnutls_x509_dn; + typedef struct { + char common_name[GNUTLS_X509_CN_SIZE]; + char country[GNUTLS_X509_C_SIZE]; + char organization[GNUTLS_X509_O_SIZE]; + char organizational_unit_name[GNUTLS_X509_OU_SIZE]; + char locality_name[GNUTLS_X509_L_SIZE]; + char state_or_province_name[GNUTLS_X509_S_SIZE]; + char email[GNUTLS_X509_EMAIL_SIZE]; + } gnutls_x509_dn; #define OPENSSL_VERSION_NUMBER (0x0090604F) @@ -93,86 +91,79 @@ extern "C" #undef X509_NAME #undef X509 - typedef gnutls_x509_dn X509_NAME; - typedef gnutls_datum_t X509; - - typedef struct _SSL SSL; - - typedef struct - { - char priority_string[256]; - unsigned int connend; - } SSL_METHOD; - - typedef struct - { - gnutls_protocol_t version; - gnutls_cipher_algorithm_t cipher; - gnutls_kx_algorithm_t kx; - gnutls_mac_algorithm_t mac; - gnutls_compression_method_t compression; - gnutls_certificate_type_t cert; - } SSL_CIPHER; - - typedef struct _BIO - { - gnutls_transport_ptr_t fd; - } BIO; - - typedef struct - { - SSL *ssl; - int error; - const gnutls_datum_t *cert_list; + typedef gnutls_x509_dn X509_NAME; + typedef gnutls_datum_t X509; + + typedef struct _SSL SSL; + + typedef struct { + char priority_string[256]; + unsigned int connend; + } SSL_METHOD; + + typedef struct { + gnutls_protocol_t version; + gnutls_cipher_algorithm_t cipher; + gnutls_kx_algorithm_t kx; + gnutls_mac_algorithm_t mac; + gnutls_compression_method_t compression; + gnutls_certificate_type_t cert; + } SSL_CIPHER; + + typedef struct _BIO { + gnutls_transport_ptr_t fd; + } BIO; + + typedef struct { + SSL *ssl; + int error; + const gnutls_datum_t *cert_list; #define current_cert cert_list - } X509_STORE_CTX; + } X509_STORE_CTX; #define X509_STORE_CTX_get_current_cert(ctx) ((ctx)->current_cert) - typedef struct _SSL_CTX - { - SSL_METHOD *method; - char *certfile; - int certfile_type; - char *keyfile; - int keyfile_type; - unsigned long options; + typedef struct _SSL_CTX { + SSL_METHOD *method; + char *certfile; + int certfile_type; + char *keyfile; + int keyfile_type; + unsigned long options; - int (*verify_callback) (int, X509_STORE_CTX *); - int verify_mode; + int (*verify_callback) (int, X509_STORE_CTX *); + int verify_mode; - } SSL_CTX; + } SSL_CTX; - struct _SSL - { - gnutls_session_t gnutls_state; + struct _SSL { + gnutls_session_t gnutls_state; - gnutls_certificate_client_credentials gnutls_cred; + gnutls_certificate_client_credentials gnutls_cred; - SSL_CTX *ctx; - SSL_CIPHER ciphersuite; + SSL_CTX *ctx; + SSL_CIPHER ciphersuite; - int last_error; - int shutdown; - int state; - unsigned long options; + int last_error; + int shutdown; + int state; + unsigned long options; - int (*verify_callback) (int, X509_STORE_CTX *); - int verify_mode; + int (*verify_callback) (int, X509_STORE_CTX *); + int verify_mode; - gnutls_transport_ptr_t rfd; - gnutls_transport_ptr_t wfd; - }; + gnutls_transport_ptr_t rfd; + gnutls_transport_ptr_t wfd; + }; #define rbio gnutls_state - typedef struct - { - void *handle; - } MD_CTX; + typedef struct { + void *handle; + } MD_CTX; - struct rsa_st; - typedef struct rsa_st RSA; + struct rsa_st; + typedef struct rsa_st RSA; #define MD5_CTX MD_CTX #define RIPEMD160_CTX MD_CTX @@ -189,65 +180,68 @@ extern "C" /* Library initialisation functions */ - int SSL_library_init (void); - void OpenSSL_add_all_algorithms (void); + int SSL_library_init(void); + void OpenSSL_add_all_algorithms(void); /* SSL_CTX structure handling */ - SSL_CTX *SSL_CTX_new (SSL_METHOD * method); - void SSL_CTX_free (SSL_CTX * ctx); - int SSL_CTX_set_default_verify_paths (SSL_CTX * ctx); - int SSL_CTX_use_certificate_file (SSL_CTX * ctx, const char *certfile, - int type); - int SSL_CTX_use_PrivateKey_file (SSL_CTX * ctx, const char *keyfile, - int type); - void SSL_CTX_set_verify (SSL_CTX * ctx, int verify_mode, - int (*verify_callback) (int, X509_STORE_CTX *)); - unsigned long SSL_CTX_set_options (SSL_CTX * ctx, unsigned long options); - long SSL_CTX_set_mode (SSL_CTX * ctx, long mode); - int SSL_CTX_set_cipher_list (SSL_CTX * ctx, const char *list); + SSL_CTX *SSL_CTX_new(SSL_METHOD * method); + void SSL_CTX_free(SSL_CTX * ctx); + int SSL_CTX_set_default_verify_paths(SSL_CTX * ctx); + int SSL_CTX_use_certificate_file(SSL_CTX * ctx, + const char *certfile, int type); + int SSL_CTX_use_PrivateKey_file(SSL_CTX * ctx, const char *keyfile, + int type); + void SSL_CTX_set_verify(SSL_CTX * ctx, int verify_mode, + int (*verify_callback) (int, + X509_STORE_CTX *)); + unsigned long SSL_CTX_set_options(SSL_CTX * ctx, + unsigned long options); + long SSL_CTX_set_mode(SSL_CTX * ctx, long mode); + int SSL_CTX_set_cipher_list(SSL_CTX * ctx, const char *list); /* SSL_CTX statistics */ - long SSL_CTX_sess_number (SSL_CTX * ctx); - long SSL_CTX_sess_connect (SSL_CTX * ctx); - long SSL_CTX_sess_connect_good (SSL_CTX * ctx); - long SSL_CTX_sess_connect_renegotiate (SSL_CTX * ctx); - long SSL_CTX_sess_accept (SSL_CTX * ctx); - long SSL_CTX_sess_accept_good (SSL_CTX * ctx); - long SSL_CTX_sess_accept_renegotiate (SSL_CTX * ctx); - long SSL_CTX_sess_hits (SSL_CTX * ctx); - long SSL_CTX_sess_misses (SSL_CTX * ctx); - long SSL_CTX_sess_timeouts (SSL_CTX * ctx); + long SSL_CTX_sess_number(SSL_CTX * ctx); + long SSL_CTX_sess_connect(SSL_CTX * ctx); + long SSL_CTX_sess_connect_good(SSL_CTX * ctx); + long SSL_CTX_sess_connect_renegotiate(SSL_CTX * ctx); + long SSL_CTX_sess_accept(SSL_CTX * ctx); + long SSL_CTX_sess_accept_good(SSL_CTX * ctx); + long SSL_CTX_sess_accept_renegotiate(SSL_CTX * ctx); + long SSL_CTX_sess_hits(SSL_CTX * ctx); + long SSL_CTX_sess_misses(SSL_CTX * ctx); + long SSL_CTX_sess_timeouts(SSL_CTX * ctx); /* SSL structure handling */ - SSL *SSL_new (SSL_CTX * ctx); - void SSL_free (SSL * ssl); - void SSL_load_error_strings (void); - int SSL_get_error (SSL * ssl, int ret); - int SSL_set_fd (SSL * ssl, int fd); - int SSL_set_rfd (SSL * ssl, int fd); - int SSL_set_wfd (SSL * ssl, int fd); - void SSL_set_bio (SSL * ssl, BIO * rbio, BIO * wbio); - void SSL_set_connect_state (SSL * ssl); - int SSL_pending (SSL * ssl); - void SSL_set_verify (SSL * ssl, int verify_mode, - int (*verify_callback) (int, X509_STORE_CTX *)); - const X509 *SSL_get_peer_certificate (SSL * ssl); + SSL *SSL_new(SSL_CTX * ctx); + void SSL_free(SSL * ssl); + void SSL_load_error_strings(void); + int SSL_get_error(SSL * ssl, int ret); + int SSL_set_fd(SSL * ssl, int fd); + int SSL_set_rfd(SSL * ssl, int fd); + int SSL_set_wfd(SSL * ssl, int fd); + void SSL_set_bio(SSL * ssl, BIO * rbio, BIO * wbio); + void SSL_set_connect_state(SSL * ssl); + int SSL_pending(SSL * ssl); + void SSL_set_verify(SSL * ssl, int verify_mode, + int (*verify_callback) (int, + X509_STORE_CTX *)); + const X509 *SSL_get_peer_certificate(SSL * ssl); /* SSL connection open/close/read/write functions */ - int SSL_connect (SSL * ssl); - int SSL_accept (SSL * ssl); - int SSL_shutdown (SSL * ssl); - int SSL_read (SSL * ssl, void *buf, int len); - int SSL_write (SSL * ssl, const void *buf, int len); + int SSL_connect(SSL * ssl); + int SSL_accept(SSL * ssl); + int SSL_shutdown(SSL * ssl); + int SSL_read(SSL * ssl, void *buf, int len); + int SSL_write(SSL * ssl, const void *buf, int len); - int SSL_want (SSL * ssl); + int SSL_want(SSL * ssl); #define SSL_NOTHING (1) #define SSL_WRITING (2) @@ -262,70 +256,72 @@ extern "C" /* SSL_METHOD functions */ - SSL_METHOD *SSLv23_client_method (void); - SSL_METHOD *SSLv23_server_method (void); - SSL_METHOD *SSLv3_client_method (void); - SSL_METHOD *SSLv3_server_method (void); - SSL_METHOD *TLSv1_client_method (void); - SSL_METHOD *TLSv1_server_method (void); + SSL_METHOD *SSLv23_client_method(void); + SSL_METHOD *SSLv23_server_method(void); + SSL_METHOD *SSLv3_client_method(void); + SSL_METHOD *SSLv3_server_method(void); + SSL_METHOD *TLSv1_client_method(void); + SSL_METHOD *TLSv1_server_method(void); /* SSL_CIPHER functions */ - SSL_CIPHER *SSL_get_current_cipher (SSL * ssl); - const char *SSL_CIPHER_get_name (SSL_CIPHER * cipher); - int SSL_CIPHER_get_bits (SSL_CIPHER * cipher, int *bits); - const char *SSL_CIPHER_get_version (SSL_CIPHER * cipher); - char *SSL_CIPHER_description (SSL_CIPHER * cipher, char *buf, int size); + SSL_CIPHER *SSL_get_current_cipher(SSL * ssl); + const char *SSL_CIPHER_get_name(SSL_CIPHER * cipher); + int SSL_CIPHER_get_bits(SSL_CIPHER * cipher, int *bits); + const char *SSL_CIPHER_get_version(SSL_CIPHER * cipher); + char *SSL_CIPHER_description(SSL_CIPHER * cipher, char *buf, + int size); /* X509 functions */ - X509_NAME *X509_get_subject_name (const X509 * cert); - X509_NAME *X509_get_issuer_name (const X509 * cert); - char *X509_NAME_oneline (gnutls_x509_dn * name, char *buf, int len); - void X509_free (const X509 * cert); + X509_NAME *X509_get_subject_name(const X509 * cert); + X509_NAME *X509_get_issuer_name(const X509 * cert); + char *X509_NAME_oneline(gnutls_x509_dn * name, char *buf, int len); + void X509_free(const X509 * cert); /* BIO functions */ - void BIO_get_fd (gnutls_session_t gnutls_state, int *fd); - BIO *BIO_new_socket (int sock, int close_flag); + void BIO_get_fd(gnutls_session_t gnutls_state, int *fd); + BIO *BIO_new_socket(int sock, int close_flag); /* error handling */ - unsigned long ERR_get_error (void); - const char *ERR_error_string (unsigned long e, char *buf); + unsigned long ERR_get_error(void); + const char *ERR_error_string(unsigned long e, char *buf); /* RAND functions */ - int RAND_status (void); - void RAND_seed (const void *buf, int num); - int RAND_bytes (unsigned char *buf, int num); - int RAND_pseudo_bytes (unsigned char *buf, int num); - const char *RAND_file_name (char *buf, size_t len); - int RAND_load_file (const char *name, long maxbytes); - int RAND_write_file (const char *name); + int RAND_status(void); + void RAND_seed(const void *buf, int num); + int RAND_bytes(unsigned char *buf, int num); + int RAND_pseudo_bytes(unsigned char *buf, int num); + const char *RAND_file_name(char *buf, size_t len); + int RAND_load_file(const char *name, long maxbytes); + int RAND_write_file(const char *name); - int RAND_egd_bytes (const char *path, int bytes); + int RAND_egd_bytes(const char *path, int bytes); #define RAND_egd(p) RAND_egd_bytes((p), 255) /* message digest functions */ #define MD5_DIGEST_LENGTH 16 - void MD5_Init (MD5_CTX * ctx); - void MD5_Update (MD5_CTX * ctx, const void *buf, int len); - void MD5_Final (unsigned char *md, MD5_CTX * ctx); - unsigned char *MD5 (const unsigned char *buf, unsigned long len, - unsigned char *md); - - void RIPEMD160_Init (RIPEMD160_CTX * ctx); - void RIPEMD160_Update (RIPEMD160_CTX * ctx, const void *buf, int len); - void RIPEMD160_Final (unsigned char *md, RIPEMD160_CTX * ctx); - unsigned char *RIPEMD160 (const unsigned char *buf, unsigned long len, - unsigned char *md); + void MD5_Init(MD5_CTX * ctx); + void MD5_Update(MD5_CTX * ctx, const void *buf, int len); + void MD5_Final(unsigned char *md, MD5_CTX * ctx); + unsigned char *MD5(const unsigned char *buf, unsigned long len, + unsigned char *md); + + void RIPEMD160_Init(RIPEMD160_CTX * ctx); + void RIPEMD160_Update(RIPEMD160_CTX * ctx, const void *buf, + int len); + void RIPEMD160_Final(unsigned char *md, RIPEMD160_CTX * ctx); + unsigned char *RIPEMD160(const unsigned char *buf, + unsigned long len, unsigned char *md); #ifdef __cplusplus } diff --git a/extra/openssl_compat.c b/extra/openssl_compat.c index ff68cd00e9..399df90c32 100644 --- a/extra/openssl_compat.c +++ b/extra/openssl_compat.c @@ -28,7 +28,7 @@ #include <gnutls_global.h> #include <gnutls_errors.h> -#include <string.h> /* memset */ +#include <string.h> /* memset */ #include <x509/x509_int.h> #include <libtasn1.h> #include <gnutls/x509.h> @@ -45,57 +45,59 @@ * Returns a negative error code in case of an error. -*/ int -gnutls_x509_extract_certificate_dn (const gnutls_datum_t * cert, - gnutls_x509_dn * ret) +gnutls_x509_extract_certificate_dn(const gnutls_datum_t * cert, + gnutls_x509_dn * ret) { - gnutls_x509_crt_t xcert; - int result; - size_t len; - - result = gnutls_x509_crt_init (&xcert); - if (result < 0) - return result; - - result = gnutls_x509_crt_import (xcert, cert, GNUTLS_X509_FMT_DER); - if (result < 0) - { - gnutls_x509_crt_deinit (xcert); - return result; - } - - len = sizeof (ret->country); - gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_X520_COUNTRY_NAME, 0, - 0, ret->country, &len); - - len = sizeof (ret->organization); - gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_X520_ORGANIZATION_NAME, - 0, 0, ret->organization, &len); - - len = sizeof (ret->organizational_unit_name); - gnutls_x509_crt_get_dn_by_oid (xcert, - GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME, - 0, 0, ret->organizational_unit_name, &len); - - len = sizeof (ret->common_name); - gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_X520_COMMON_NAME, 0, 0, - ret->common_name, &len); - - len = sizeof (ret->locality_name); - gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_X520_LOCALITY_NAME, 0, - 0, ret->locality_name, &len); - - len = sizeof (ret->state_or_province_name); - gnutls_x509_crt_get_dn_by_oid (xcert, - GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME, - 0, 0, ret->state_or_province_name, &len); - - len = sizeof (ret->email); - gnutls_x509_crt_get_dn_by_oid (xcert, GNUTLS_OID_PKCS9_EMAIL, 0, 0, - ret->email, &len); - - gnutls_x509_crt_deinit (xcert); - - return 0; + gnutls_x509_crt_t xcert; + int result; + size_t len; + + result = gnutls_x509_crt_init(&xcert); + if (result < 0) + return result; + + result = gnutls_x509_crt_import(xcert, cert, GNUTLS_X509_FMT_DER); + if (result < 0) { + gnutls_x509_crt_deinit(xcert); + return result; + } + + len = sizeof(ret->country); + gnutls_x509_crt_get_dn_by_oid(xcert, GNUTLS_OID_X520_COUNTRY_NAME, + 0, 0, ret->country, &len); + + len = sizeof(ret->organization); + gnutls_x509_crt_get_dn_by_oid(xcert, + GNUTLS_OID_X520_ORGANIZATION_NAME, 0, + 0, ret->organization, &len); + + len = sizeof(ret->organizational_unit_name); + gnutls_x509_crt_get_dn_by_oid(xcert, + GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME, + 0, 0, ret->organizational_unit_name, + &len); + + len = sizeof(ret->common_name); + gnutls_x509_crt_get_dn_by_oid(xcert, GNUTLS_OID_X520_COMMON_NAME, + 0, 0, ret->common_name, &len); + + len = sizeof(ret->locality_name); + gnutls_x509_crt_get_dn_by_oid(xcert, GNUTLS_OID_X520_LOCALITY_NAME, + 0, 0, ret->locality_name, &len); + + len = sizeof(ret->state_or_province_name); + gnutls_x509_crt_get_dn_by_oid(xcert, + GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME, + 0, 0, ret->state_or_province_name, + &len); + + len = sizeof(ret->email); + gnutls_x509_crt_get_dn_by_oid(xcert, GNUTLS_OID_PKCS9_EMAIL, 0, 0, + ret->email, &len); + + gnutls_x509_crt_deinit(xcert); + + return 0; } /*- @@ -109,63 +111,64 @@ gnutls_x509_extract_certificate_dn (const gnutls_datum_t * cert, * Returns a negative error code in case of an error. -*/ int -gnutls_x509_extract_certificate_issuer_dn (const gnutls_datum_t * cert, - gnutls_x509_dn * ret) +gnutls_x509_extract_certificate_issuer_dn(const gnutls_datum_t * cert, + gnutls_x509_dn * ret) { - gnutls_x509_crt_t xcert; - int result; - size_t len; - - result = gnutls_x509_crt_init (&xcert); - if (result < 0) - return result; - - result = gnutls_x509_crt_import (xcert, cert, GNUTLS_X509_FMT_DER); - if (result < 0) - { - gnutls_x509_crt_deinit (xcert); - return result; - } - - len = sizeof (ret->country); - gnutls_x509_crt_get_issuer_dn_by_oid (xcert, - GNUTLS_OID_X520_COUNTRY_NAME, 0, - 0, ret->country, &len); - - len = sizeof (ret->organization); - gnutls_x509_crt_get_issuer_dn_by_oid (xcert, - GNUTLS_OID_X520_ORGANIZATION_NAME, - 0, 0, ret->organization, &len); - - len = sizeof (ret->organizational_unit_name); - gnutls_x509_crt_get_issuer_dn_by_oid (xcert, - GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME, - 0, 0, - ret->organizational_unit_name, &len); - - len = sizeof (ret->common_name); - gnutls_x509_crt_get_issuer_dn_by_oid (xcert, - GNUTLS_OID_X520_COMMON_NAME, 0, 0, - ret->common_name, &len); - - len = sizeof (ret->locality_name); - gnutls_x509_crt_get_issuer_dn_by_oid (xcert, - GNUTLS_OID_X520_LOCALITY_NAME, 0, - 0, ret->locality_name, &len); - - len = sizeof (ret->state_or_province_name); - gnutls_x509_crt_get_issuer_dn_by_oid (xcert, - GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME, - 0, 0, ret->state_or_province_name, - &len); - - len = sizeof (ret->email); - gnutls_x509_crt_get_issuer_dn_by_oid (xcert, GNUTLS_OID_PKCS9_EMAIL, 0, - 0, ret->email, &len); - - gnutls_x509_crt_deinit (xcert); - - return 0; + gnutls_x509_crt_t xcert; + int result; + size_t len; + + result = gnutls_x509_crt_init(&xcert); + if (result < 0) + return result; + + result = gnutls_x509_crt_import(xcert, cert, GNUTLS_X509_FMT_DER); + if (result < 0) { + gnutls_x509_crt_deinit(xcert); + return result; + } + + len = sizeof(ret->country); + gnutls_x509_crt_get_issuer_dn_by_oid(xcert, + GNUTLS_OID_X520_COUNTRY_NAME, + 0, 0, ret->country, &len); + + len = sizeof(ret->organization); + gnutls_x509_crt_get_issuer_dn_by_oid(xcert, + GNUTLS_OID_X520_ORGANIZATION_NAME, + 0, 0, ret->organization, + &len); + + len = sizeof(ret->organizational_unit_name); + gnutls_x509_crt_get_issuer_dn_by_oid(xcert, + GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME, + 0, 0, + ret->organizational_unit_name, + &len); + + len = sizeof(ret->common_name); + gnutls_x509_crt_get_issuer_dn_by_oid(xcert, + GNUTLS_OID_X520_COMMON_NAME, + 0, 0, ret->common_name, &len); + + len = sizeof(ret->locality_name); + gnutls_x509_crt_get_issuer_dn_by_oid(xcert, + GNUTLS_OID_X520_LOCALITY_NAME, + 0, 0, ret->locality_name, + &len); + + len = sizeof(ret->state_or_province_name); + gnutls_x509_crt_get_issuer_dn_by_oid(xcert, + GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME, + 0, 0, + ret->state_or_province_name, + &len); + + len = sizeof(ret->email); + gnutls_x509_crt_get_issuer_dn_by_oid(xcert, GNUTLS_OID_PKCS9_EMAIL, + 0, 0, ret->email, &len); + + gnutls_x509_crt_deinit(xcert); + + return 0; } - - diff --git a/extra/openssl_compat.h b/extra/openssl_compat.h index bd5e451080..7406207c1d 100644 --- a/extra/openssl_compat.h +++ b/extra/openssl_compat.h @@ -28,9 +28,9 @@ /* Extra definitions */ #include <gnutls/openssl.h> -int gnutls_x509_extract_certificate_dn (const gnutls_datum_t *, - gnutls_x509_dn *); -int gnutls_x509_extract_certificate_issuer_dn (const gnutls_datum_t *, - gnutls_x509_dn *); +int gnutls_x509_extract_certificate_dn(const gnutls_datum_t *, + gnutls_x509_dn *); +int gnutls_x509_extract_certificate_issuer_dn(const gnutls_datum_t *, + gnutls_x509_dn *); #endif |