diff options
| author | Simon Josefsson <simon@josefsson.org> | 2007-09-20 15:47:23 +0200 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2007-09-20 15:47:23 +0200 |
| commit | df373bf9deed993aaa9e39f74afb4801e7e06526 (patch) | |
| tree | 01bba93f7fabf6e4e129e525f81eb9b8bede396a /src | |
| parent | 03dab0d0af7c700a87ecc56828917a4b1004c625 (diff) | |
| download | gnutls-df373bf9deed993aaa9e39f74afb4801e7e06526.tar.gz | |
Support Opaque PRF Input in gnutls-cli and gnutls-serv.
Diffstat (limited to 'src')
| -rw-r--r-- | src/cli-gaa.c | 109 | ||||
| -rw-r--r-- | src/cli-gaa.h | 8 | ||||
| -rw-r--r-- | src/cli.c | 5 | ||||
| -rw-r--r-- | src/cli.gaa | 3 | ||||
| -rw-r--r-- | src/serv-gaa.c | 125 | ||||
| -rw-r--r-- | src/serv-gaa.h | 26 | ||||
| -rw-r--r-- | src/serv.c | 30 | ||||
| -rw-r--r-- | src/serv.gaa | 3 |
8 files changed, 200 insertions, 109 deletions
diff --git a/src/cli-gaa.c b/src/cli-gaa.c index 3460050b94..96062ae65e 100644 --- a/src/cli-gaa.c +++ b/src/cli-gaa.c @@ -158,6 +158,7 @@ void gaa_help(void) __gaa_helpsingle(0, "pskkey", "KEY ", "PSK key (in hex) to use."); __gaa_helpsingle(0, "authz-x509-attr-cert", "FILE ", "Use X.509 Attribute Certificate in FILE as authorization data."); __gaa_helpsingle(0, "authz-saml-assertion", "FILE ", "Use SAML Assertion in FILE as authorization data."); + __gaa_helpsingle(0, "opaque-prf-input", "DATA ", "Use Opaque PRF Input DATA."); __gaa_helpsingle('p', "port", "PORT ", "The port to connect to."); __gaa_helpsingle(0, "insecure", "", "Don't abort program if server certificate can't be validated."); __gaa_helpsingle('l', "list", "", "Print a list of the supported algorithms and modes."); @@ -178,12 +179,14 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 125 "cli.gaa" +#line 128 "cli.gaa" char *rest_args; -#line 116 "cli.gaa" +#line 119 "cli.gaa" int insecure; -#line 113 "cli.gaa" +#line 116 "cli.gaa" char *port; +#line 113 "cli.gaa" + char *opaque_prf_input; #line 110 "cli.gaa" char *authz_saml_assertion; #line 107 "cli.gaa" @@ -312,44 +315,45 @@ static int gaa_error = 0; #define GAA_MULTIPLE_OPTION 3 #define GAA_REST 0 -#define GAA_NB_OPTION 37 +#define GAA_NB_OPTION 38 #define GAAOPTID_copyright 1 #define GAAOPTID_version 2 #define GAAOPTID_help 3 #define GAAOPTID_list 4 #define GAAOPTID_insecure 5 #define GAAOPTID_port 6 -#define GAAOPTID_authz_saml_assertion 7 -#define GAAOPTID_authz_x509_attr_cert 8 -#define GAAOPTID_pskkey 9 -#define GAAOPTID_pskusername 10 -#define GAAOPTID_srppasswd 11 -#define GAAOPTID_srpusername 12 -#define GAAOPTID_x509certfile 13 -#define GAAOPTID_x509keyfile 14 -#define GAAOPTID_pgpcertfile 15 -#define GAAOPTID_pgptrustdb 16 -#define GAAOPTID_pgpkeyring 17 -#define GAAOPTID_pgpkeyfile 18 -#define GAAOPTID_x509crlfile 19 -#define GAAOPTID_x509cafile 20 -#define GAAOPTID_ctypes 21 -#define GAAOPTID_kx 22 -#define GAAOPTID_macs 23 -#define GAAOPTID_comp 24 -#define GAAOPTID_protocols 25 -#define GAAOPTID_ciphers 26 -#define GAAOPTID_verbose 27 -#define GAAOPTID_recordsize 28 -#define GAAOPTID_print_cert 29 -#define GAAOPTID_xml 30 -#define GAAOPTID_disable_extensions 31 -#define GAAOPTID_fingerprint 32 -#define GAAOPTID_x509fmtder 33 -#define GAAOPTID_crlf 34 -#define GAAOPTID_starttls 35 -#define GAAOPTID_resume 36 -#define GAAOPTID_debug 37 +#define GAAOPTID_opaque_prf_input 7 +#define GAAOPTID_authz_saml_assertion 8 +#define GAAOPTID_authz_x509_attr_cert 9 +#define GAAOPTID_pskkey 10 +#define GAAOPTID_pskusername 11 +#define GAAOPTID_srppasswd 12 +#define GAAOPTID_srpusername 13 +#define GAAOPTID_x509certfile 14 +#define GAAOPTID_x509keyfile 15 +#define GAAOPTID_pgpcertfile 16 +#define GAAOPTID_pgptrustdb 17 +#define GAAOPTID_pgpkeyring 18 +#define GAAOPTID_pgpkeyfile 19 +#define GAAOPTID_x509crlfile 20 +#define GAAOPTID_x509cafile 21 +#define GAAOPTID_ctypes 22 +#define GAAOPTID_kx 23 +#define GAAOPTID_macs 24 +#define GAAOPTID_comp 25 +#define GAAOPTID_protocols 26 +#define GAAOPTID_ciphers 27 +#define GAAOPTID_verbose 28 +#define GAAOPTID_recordsize 29 +#define GAAOPTID_print_cert 30 +#define GAAOPTID_xml 31 +#define GAAOPTID_disable_extensions 32 +#define GAAOPTID_fingerprint 33 +#define GAAOPTID_x509fmtder 34 +#define GAAOPTID_crlf 35 +#define GAAOPTID_starttls 36 +#define GAAOPTID_resume 37 +#define GAAOPTID_debug 38 #line 168 "gaa.skel" @@ -542,6 +546,12 @@ struct GAAOPTION_port int size1; }; +struct GAAOPTION_opaque_prf_input +{ + char* arg1; + int size1; +}; + struct GAAOPTION_authz_saml_assertion { char* arg1; @@ -711,6 +721,7 @@ static int gaa_get_option_num(char *str, int status) { case GAA_LETTER_OPTION: GAA_CHECK1STR("p", GAAOPTID_port); + GAA_CHECK1STR("", GAAOPTID_opaque_prf_input); GAA_CHECK1STR("", GAAOPTID_authz_saml_assertion); GAA_CHECK1STR("", GAAOPTID_authz_x509_attr_cert); GAA_CHECK1STR("", GAAOPTID_pskkey); @@ -759,6 +770,7 @@ static int gaa_get_option_num(char *str, int status) GAA_CHECKSTR("list", GAAOPTID_list); GAA_CHECKSTR("insecure", GAAOPTID_insecure); GAA_CHECKSTR("port", GAAOPTID_port); + GAA_CHECKSTR("opaque-prf-input", GAAOPTID_opaque_prf_input); GAA_CHECKSTR("authz-saml-assertion", GAAOPTID_authz_saml_assertion); GAA_CHECKSTR("authz-x509-attr-cert", GAAOPTID_authz_x509_attr_cert); GAA_CHECKSTR("pskkey", GAAOPTID_pskkey); @@ -803,6 +815,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) int OK = 0; int gaa_last_non_option; struct GAAOPTION_port GAATMP_port; + struct GAAOPTION_opaque_prf_input GAATMP_opaque_prf_input; struct GAAOPTION_authz_saml_assertion GAATMP_authz_saml_assertion; struct GAAOPTION_authz_x509_attr_cert GAATMP_authz_x509_attr_cert; struct GAAOPTION_pskkey GAATMP_pskkey; @@ -847,35 +860,35 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) { case GAAOPTID_copyright: OK = 0; -#line 123 "cli.gaa" +#line 126 "cli.gaa" { print_license(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_version: OK = 0; -#line 122 "cli.gaa" +#line 125 "cli.gaa" { cli_version(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_help: OK = 0; -#line 120 "cli.gaa" +#line 123 "cli.gaa" { gaa_help(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_list: OK = 0; -#line 119 "cli.gaa" +#line 122 "cli.gaa" { print_list(gaaval->verbose); exit(0); ;}; return GAA_OK; break; case GAAOPTID_insecure: OK = 0; -#line 117 "cli.gaa" +#line 120 "cli.gaa" { gaaval->insecure = 1 ;}; return GAA_OK; @@ -885,11 +898,21 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAATMP_port.arg1, gaa_getstr, GAATMP_port.size1); gaa_index++; -#line 114 "cli.gaa" +#line 117 "cli.gaa" { gaaval->port = GAATMP_port.arg1 ;}; return GAA_OK; break; + case GAAOPTID_opaque_prf_input: + OK = 0; + GAA_TESTMOREARGS; + GAA_FILL(GAATMP_opaque_prf_input.arg1, gaa_getstr, GAATMP_opaque_prf_input.size1); + gaa_index++; +#line 114 "cli.gaa" +{ gaaval->opaque_prf_input = GAATMP_opaque_prf_input.arg1 ;}; + + return GAA_OK; + break; case GAAOPTID_authz_saml_assertion: OK = 0; GAA_TESTMOREARGS; @@ -1165,7 +1188,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) GAA_TESTMOREARGS; GAA_FILL(GAAREST_tmp.arg1, gaa_getstr, GAAREST_tmp.size1); gaa_index++; -#line 126 "cli.gaa" +#line 129 "cli.gaa" { gaaval->rest_args = GAAREST_tmp.arg1; ;}; return GAA_OK; @@ -1194,7 +1217,7 @@ int gaa(int argc, char **argv, gaainfo *gaaval) if(inited == 0) { -#line 128 "cli.gaa" +#line 131 "cli.gaa" { gaaval->resume=0; gaaval->port="443"; gaaval->rest_args=NULL; gaaval->ciphers=NULL; gaaval->kx=NULL; gaaval->comp=NULL; gaaval->macs=NULL; gaaval->ctype=NULL; gaaval->nciphers=0; gaaval->nkx=0; gaaval->ncomp=0; gaaval->nmacs=0; gaaval->nctype = 0; gaaval->record_size=0; diff --git a/src/cli-gaa.h b/src/cli-gaa.h index b86664e612..1548cc0ece 100644 --- a/src/cli-gaa.h +++ b/src/cli-gaa.h @@ -8,12 +8,14 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 125 "cli.gaa" +#line 128 "cli.gaa" char *rest_args; -#line 116 "cli.gaa" +#line 119 "cli.gaa" int insecure; -#line 113 "cli.gaa" +#line 116 "cli.gaa" char *port; +#line 113 "cli.gaa" + char *opaque_prf_input; #line 110 "cli.gaa" char *authz_saml_assertion; #line 107 "cli.gaa" @@ -536,6 +536,11 @@ init_tls_session (const char *hostname) authz_recv_callback, authz_send_callback); #endif +#ifdef ENABLE_OPRFI + gnutls_oprfi_enable_client (session, strlen (info.opaque_prf_input), + info.opaque_prf_input); +#endif + return session; } diff --git a/src/cli.gaa b/src/cli.gaa index 64b5394fef..53da8cf757 100644 --- a/src/cli.gaa +++ b/src/cli.gaa @@ -110,6 +110,9 @@ option (authz-x509-attr-cert) STR "FILE" { $authz_x509_attr_cert = $1 } "Use X.5 #char *authz_saml_assertion; option (authz-saml-assertion) STR "FILE" { $authz_saml_assertion = $1 } "Use SAML Assertion in FILE as authorization data." +#char *opaque_prf_input; +option (opaque-prf-input) STR "DATA" { $opaque_prf_input = $1 } "Use Opaque PRF Input DATA." + #char *port; option (p, port) STR "PORT" { $port = $1 } "The port to connect to." diff --git a/src/serv-gaa.c b/src/serv-gaa.c index 5351f58fdb..c5b1e35f6a 100644 --- a/src/serv-gaa.c +++ b/src/serv-gaa.c @@ -151,6 +151,7 @@ void gaa_help(void) __gaa_helpsingle(0, "srppasswdconf", "FILE ", "SRP password conf file to use."); __gaa_helpsingle(0, "authz-x509-attr-cert", "FILE ", "Use X.509 Attribute Certificate in FILE as authorization data."); __gaa_helpsingle(0, "authz-saml-assertion", "FILE ", "Use SAML Assertion in FILE as authorization data."); + __gaa_helpsingle(0, "opaque_prf_input", "DATA ", "Use Opaque PRF Input DATA."); __gaa_helpsingle(0, "ciphers", "cipher1 cipher2... ", "Ciphers to enable."); __gaa_helpsingle(0, "protocols", "protocol1 protocol2... ", "Protocols to enable."); __gaa_helpsingle(0, "comp", "comp1 comp2... ", "Compression methods to enable."); @@ -175,30 +176,32 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 109 "serv.gaa" +#line 112 "serv.gaa" char **ctype; -#line 108 "serv.gaa" +#line 111 "serv.gaa" int nctype; -#line 105 "serv.gaa" +#line 108 "serv.gaa" char **kx; -#line 104 "serv.gaa" +#line 107 "serv.gaa" int nkx; -#line 101 "serv.gaa" +#line 104 "serv.gaa" char **macs; -#line 100 "serv.gaa" +#line 103 "serv.gaa" int nmacs; -#line 97 "serv.gaa" +#line 100 "serv.gaa" char **comp; -#line 96 "serv.gaa" +#line 99 "serv.gaa" int ncomp; -#line 93 "serv.gaa" +#line 96 "serv.gaa" char **proto; -#line 92 "serv.gaa" +#line 95 "serv.gaa" int nproto; -#line 89 "serv.gaa" +#line 92 "serv.gaa" char **ciphers; -#line 88 "serv.gaa" +#line 91 "serv.gaa" int nciphers; +#line 88 "serv.gaa" + char *opaque_prf_input; #line 85 "serv.gaa" char *authz_saml_assertion; #line 82 "serv.gaa" @@ -303,7 +306,7 @@ static int gaa_error = 0; #define GAA_MULTIPLE_OPTION 3 #define GAA_REST 0 -#define GAA_NB_OPTION 36 +#define GAA_NB_OPTION 37 #define GAAOPTID_copyright 1 #define GAAOPTID_version 2 #define GAAOPTID_help 3 @@ -314,32 +317,33 @@ static int gaa_error = 0; #define GAAOPTID_comp 8 #define GAAOPTID_protocols 9 #define GAAOPTID_ciphers 10 -#define GAAOPTID_authz_saml_assertion 11 -#define GAAOPTID_authz_x509_attr_cert 12 -#define GAAOPTID_srppasswdconf 13 -#define GAAOPTID_srppasswd 14 -#define GAAOPTID_pskpasswd 15 -#define GAAOPTID_disable_client_cert 16 -#define GAAOPTID_require_cert 17 -#define GAAOPTID_x509dsacertfile 18 -#define GAAOPTID_x509dsakeyfile 19 -#define GAAOPTID_x509certfile 20 -#define GAAOPTID_x509keyfile 21 -#define GAAOPTID_pgpcertfile 22 -#define GAAOPTID_pgpkeyfile 23 -#define GAAOPTID_pgptrustdb 24 -#define GAAOPTID_pgpkeyring 25 -#define GAAOPTID_x509crlfile 26 -#define GAAOPTID_x509cafile 27 -#define GAAOPTID_x509fmtder 28 -#define GAAOPTID_dhparams 29 -#define GAAOPTID_echo 30 -#define GAAOPTID_http 31 -#define GAAOPTID_nodb 32 -#define GAAOPTID_quiet 33 -#define GAAOPTID_port 34 -#define GAAOPTID_generate 35 -#define GAAOPTID_debug 36 +#define GAAOPTID_opaque_prf_input 11 +#define GAAOPTID_authz_saml_assertion 12 +#define GAAOPTID_authz_x509_attr_cert 13 +#define GAAOPTID_srppasswdconf 14 +#define GAAOPTID_srppasswd 15 +#define GAAOPTID_pskpasswd 16 +#define GAAOPTID_disable_client_cert 17 +#define GAAOPTID_require_cert 18 +#define GAAOPTID_x509dsacertfile 19 +#define GAAOPTID_x509dsakeyfile 20 +#define GAAOPTID_x509certfile 21 +#define GAAOPTID_x509keyfile 22 +#define GAAOPTID_pgpcertfile 23 +#define GAAOPTID_pgpkeyfile 24 +#define GAAOPTID_pgptrustdb 25 +#define GAAOPTID_pgpkeyring 26 +#define GAAOPTID_x509crlfile 27 +#define GAAOPTID_x509cafile 28 +#define GAAOPTID_x509fmtder 29 +#define GAAOPTID_dhparams 30 +#define GAAOPTID_echo 31 +#define GAAOPTID_http 32 +#define GAAOPTID_nodb 33 +#define GAAOPTID_quiet 34 +#define GAAOPTID_port 35 +#define GAAOPTID_generate 36 +#define GAAOPTID_debug 37 #line 168 "gaa.skel" @@ -562,6 +566,12 @@ struct GAAOPTION_ciphers int size1; }; +struct GAAOPTION_opaque_prf_input +{ + char* arg1; + int size1; +}; + struct GAAOPTION_authz_saml_assertion { char* arg1; @@ -705,6 +715,7 @@ static int gaa_get_option_num(char *str, int status) GAA_CHECK1STR("", GAAOPTID_comp); GAA_CHECK1STR("", GAAOPTID_protocols); GAA_CHECK1STR("", GAAOPTID_ciphers); + GAA_CHECK1STR("", GAAOPTID_opaque_prf_input); GAA_CHECK1STR("", GAAOPTID_authz_saml_assertion); GAA_CHECK1STR("", GAAOPTID_authz_x509_attr_cert); GAA_CHECK1STR("", GAAOPTID_srppasswdconf); @@ -751,6 +762,7 @@ static int gaa_get_option_num(char *str, int status) GAA_CHECKSTR("comp", GAAOPTID_comp); GAA_CHECKSTR("protocols", GAAOPTID_protocols); GAA_CHECKSTR("ciphers", GAAOPTID_ciphers); + GAA_CHECKSTR("opaque_prf_input", GAAOPTID_opaque_prf_input); GAA_CHECKSTR("authz-saml-assertion", GAAOPTID_authz_saml_assertion); GAA_CHECKSTR("authz-x509-attr-cert", GAAOPTID_authz_x509_attr_cert); GAA_CHECKSTR("srppasswdconf", GAAOPTID_srppasswdconf); @@ -795,6 +807,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) struct GAAOPTION_comp GAATMP_comp; struct GAAOPTION_protocols GAATMP_protocols; struct GAAOPTION_ciphers GAATMP_ciphers; + struct GAAOPTION_opaque_prf_input GAATMP_opaque_prf_input; struct GAAOPTION_authz_saml_assertion GAATMP_authz_saml_assertion; struct GAAOPTION_authz_x509_attr_cert GAATMP_authz_x509_attr_cert; struct GAAOPTION_srppasswdconf GAATMP_srppasswdconf; @@ -835,28 +848,28 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) { case GAAOPTID_copyright: OK = 0; -#line 116 "serv.gaa" +#line 119 "serv.gaa" { print_serv_license(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_version: OK = 0; -#line 115 "serv.gaa" +#line 118 "serv.gaa" { serv_version(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_help: OK = 0; -#line 113 "serv.gaa" +#line 116 "serv.gaa" { gaa_help(); exit(0); ;}; return GAA_OK; break; case GAAOPTID_list: OK = 0; -#line 112 "serv.gaa" +#line 115 "serv.gaa" { print_list(0); exit(0); ;}; return GAA_OK; @@ -864,7 +877,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_ctypes: OK = 0; GAA_LIST_FILL(GAATMP_ctypes.arg1, gaa_getstr, char*, GAATMP_ctypes.size1); -#line 110 "serv.gaa" +#line 113 "serv.gaa" { gaaval->ctype = GAATMP_ctypes.arg1; gaaval->nctype = GAATMP_ctypes.size1 ;}; return GAA_OK; @@ -872,7 +885,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_kx: OK = 0; GAA_LIST_FILL(GAATMP_kx.arg1, gaa_getstr, char*, GAATMP_kx.size1); -#line 106 "serv.gaa" +#line 109 "serv.gaa" { gaaval->kx = GAATMP_kx.arg1; gaaval->nkx = GAATMP_kx.size1 ;}; return GAA_OK; @@ -880,7 +893,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_macs: OK = 0; GAA_LIST_FILL(GAATMP_macs.arg1, gaa_getstr, char*, GAATMP_macs.size1); -#line 102 "serv.gaa" +#line 105 "serv.gaa" { gaaval->macs = GAATMP_macs.arg1; gaaval->nmacs = GAATMP_macs.size1 ;}; return GAA_OK; @@ -888,7 +901,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_comp: OK = 0; GAA_LIST_FILL(GAATMP_comp.arg1, gaa_getstr, char*, GAATMP_comp.size1); -#line 98 "serv.gaa" +#line 101 "serv.gaa" { gaaval->comp = GAATMP_comp.arg1; gaaval->ncomp = GAATMP_comp.size1 ;}; return GAA_OK; @@ -896,7 +909,7 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_protocols: OK = 0; GAA_LIST_FILL(GAATMP_protocols.arg1, gaa_getstr, char*, GAATMP_protocols.size1); -#line 94 "serv.gaa" +#line 97 "serv.gaa" { gaaval->proto = GAATMP_protocols.arg1; gaaval->nproto = GAATMP_protocols.size1 ;}; return GAA_OK; @@ -904,11 +917,21 @@ static int gaa_try(int gaa_num, int gaa_index, gaainfo *gaaval, char *opt_list) case GAAOPTID_ciphers: OK = 0; GAA_LIST_FILL(GAATMP_ciphers.arg1, gaa_getstr, char*, GAATMP_ciphers.size1); -#line 90 "serv.gaa" +#line 93 "serv.gaa" { gaaval->ciphers = GAATMP_ciphers.arg1; gaaval->nciphers = GAATMP_ciphers.size1 ;}; return GAA_OK; break; + case GAAOPTID_opaque_prf_input: + OK = 0; + GAA_TESTMOREARGS; + GAA_FILL(GAATMP_opaque_prf_input.arg1, gaa_getstr, GAATMP_opaque_prf_input.size1); + gaa_index++; +#line 89 "serv.gaa" +{ gaaval->opaque_prf_input = GAATMP_opaque_prf_input.arg1 ;}; + + return GAA_OK; + break; case GAAOPTID_authz_saml_assertion: OK = 0; GAA_TESTMOREARGS; @@ -1169,7 +1192,7 @@ int gaa(int argc, char **argv, gaainfo *gaaval) if(inited == 0) { -#line 120 "serv.gaa" +#line 123 "serv.gaa" { gaaval->generate=0; gaaval->port=5556; gaaval->http=0; gaaval->ciphers=NULL; gaaval->kx=NULL; gaaval->comp=NULL; gaaval->macs=NULL; gaaval->ctype=NULL; gaaval->nciphers=0; gaaval->nkx=0; gaaval->ncomp=0; gaaval->nmacs=0; gaaval->nctype = 0; gaaval->nodb = 0; @@ -1327,7 +1350,7 @@ static int gaa_internal_get_next_str(FILE *file, gaa_str_node *tmp_str, int argc len++; a = fgetc( file); - if(a==EOF) return 0; //a = ' '; + if(a==EOF) return 0; /* a = ' '; */ } len += 1; diff --git a/src/serv-gaa.h b/src/serv-gaa.h index 0ad61d96d8..d4952e2e26 100644 --- a/src/serv-gaa.h +++ b/src/serv-gaa.h @@ -8,30 +8,32 @@ typedef struct _gaainfo gaainfo; struct _gaainfo { -#line 109 "serv.gaa" +#line 112 "serv.gaa" char **ctype; -#line 108 "serv.gaa" +#line 111 "serv.gaa" int nctype; -#line 105 "serv.gaa" +#line 108 "serv.gaa" char **kx; -#line 104 "serv.gaa" +#line 107 "serv.gaa" int nkx; -#line 101 "serv.gaa" +#line 104 "serv.gaa" char **macs; -#line 100 "serv.gaa" +#line 103 "serv.gaa" int nmacs; -#line 97 "serv.gaa" +#line 100 "serv.gaa" char **comp; -#line 96 "serv.gaa" +#line 99 "serv.gaa" int ncomp; -#line 93 "serv.gaa" +#line 96 "serv.gaa" char **proto; -#line 92 "serv.gaa" +#line 95 "serv.gaa" int nproto; -#line 89 "serv.gaa" +#line 92 "serv.gaa" char **ciphers; -#line 88 "serv.gaa" +#line 91 "serv.gaa" int nciphers; +#line 88 "serv.gaa" + char *opaque_prf_input; #line 85 "serv.gaa" char *authz_saml_assertion; #line 82 "serv.gaa" diff --git a/src/serv.c b/src/serv.c index 96bce50df9..2e22bec7e5 100644 --- a/src/serv.c +++ b/src/serv.c @@ -434,6 +434,32 @@ authz_recv_callback (gnutls_session_t session, } #endif +#if ENABLE_OPRFI +int +oprfi_callback (gnutls_session_t session, + void *userdata, + size_t oprfi_len, + const unsigned char *in_oprfi, + unsigned char *out_oprfi) +{ + size_t ourlen = strlen (info.opaque_prf_input); + size_t i; + + printf ("- Received Opaque PRF data of %d bytes\n", oprfi_len); + printf (" data: "); + for (i = 0; oprfi_len; i++) + { + printf ("%02x", in_oprfi[i]); + } + printf ("\n"); + + memset(out_oprfi, 0, oprfi_len); + strncpy (out_oprfi, info.opaque_prf_input, oprfi_len); + + return 0; +} +#endif + gnutls_session_t initialize_session (void) { @@ -493,6 +519,10 @@ initialize_session (void) authz_recv_callback, authz_send_callback); #endif +#ifdef ENABLE_OPRFI + gnutls_oprfi_enable_server (session, oprfi_callback, NULL); +#endif + return session; } diff --git a/src/serv.gaa b/src/serv.gaa index 6d7dd5610a..ece8c614f5 100644 --- a/src/serv.gaa +++ b/src/serv.gaa @@ -85,6 +85,9 @@ option (authz-x509-attr-cert) STR "FILE" { $authz_x509_attr_cert = $1 } "Use X.5 #char *authz_saml_assertion; option (authz-saml-assertion) STR "FILE" { $authz_saml_assertion = $1 } "Use SAML Assertion in FILE as authorization data." +#char *opaque_prf_input; +option (opaque_prf_input) STR "DATA" { $opaque_prf_input = $1 } "Use Opaque PRF Input DATA." + #int nciphers; #char **ciphers; option (ciphers) *STR "cipher1 cipher2..." { $ciphers = $1; $nciphers = @1 } "Ciphers to enable." |