summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--configure.in2
-rw-r--r--doc/tex/ex-x509-info.tex35
-rw-r--r--lib/gnutls.h.in.in3
-rw-r--r--lib/gnutls_hash_int.c41
-rw-r--r--lib/gnutls_hash_int.h4
-rw-r--r--lib/x509/dsa.c125
-rw-r--r--lib/x509/dsa.h1
-rw-r--r--src/common.c117
8 files changed, 236 insertions, 92 deletions
diff --git a/configure.in b/configure.in
index bbe8347829..27fae7012f 100644
--- a/configure.in
+++ b/configure.in
@@ -58,7 +58,7 @@ case "${target}" in
esac
dnl In order to use the reentrant libc functions
-CFLAGS="${CFLAGS} -D_REENTRANT"
+CFLAGS="${CFLAGS} -D_REENTRANT -D_THREAD_SAFE"
opt_dmalloc_mode=no
AC_MSG_CHECKING([whether in dmalloc mode])
diff --git a/doc/tex/ex-x509-info.tex b/doc/tex/ex-x509-info.tex
index d7712861a7..9f21c6719a 100644
--- a/doc/tex/ex-x509-info.tex
+++ b/doc/tex/ex-x509-info.tex
@@ -7,10 +7,12 @@
static const char* bin2hex( const void* bin, size_t bin_size)
{
-static char printable[120];
-unsigned char *_bin;
+static char printable[110];
+unsigned char *_bin = bin;
char* print;
+ if (bin_size > 50) bin_size = 50;
+
print = printable;
for (i = 0; i < bin_size; i++) {
sprintf(print, "%.2x ", _bin[i]);
@@ -35,32 +37,39 @@ static void print_x509_certificate_info(gnutls_session session)
int cert_list_size = 0;
gnutls_x509_crt cert;
+ /* This function only works for X.509 certificates.
+ */
+ if (gnutls_certificate_type_get(session) != GNUTLS_CRT_X509)
+ return;
+
cert_list = gnutls_certificate_get_peers(session, &cert_list_size);
- if (cert_list_size > 0
- && gnutls_certificate_type_get(session) == GNUTLS_CRT_X509) {
+ printf("Peer provided %d certificates.\n", cert_list_size);
+
+ if (cert_list_size > 0) {
- /* no error checking
+ /* we only print information about the first certificate.
*/
gnutls_x509_crt_init( &cert);
gnutls_x509_crt_import( cert, &cert_list[0]);
- printf(" - Certificate info:\n");
+ printf("Certificate info:\n");
expiration_time = gnutls_x509_crt_get_expiration_time( cert);
activation_time = gnutls_x509_crt_get_activation_time( cert);
- printf(" - Certificate is valid since: %s", ctime(&activation_time));
- printf(" - Certificate expires: %s", ctime(&expiration_time));
+ printf("\tCertificate is valid since: %s", ctime(&activation_time));
+ printf("\tCertificate expires: %s", ctime(&expiration_time));
/* Print the serial number of the certificate.
*/
size = sizeof(serial);
gnutls_x509_crt_get_serial(cert, serial, &size);
- printf(" - Certificate serial number: %s\n",
- bin2hex( serial, serial_size));
+ size = sizeof( serial);
+ printf("\tCertificate serial number: %s\n",
+ bin2hex( serial, size));
/* Extract some of the public key algorithm's parameters
*/
@@ -82,16 +91,16 @@ static void print_x509_certificate_info(gnutls_session session)
/* Print the version of the X.509
* certificate.
*/
- printf(" - Certificate version: #%d\n",
+ printf("\tCertificate version: #%d\n",
gnutls_x509_crt_get_version( cert));
size = sizeof(dn);
gnutls_x509_crt_get_dn( cert, dn, &size);
- printf(" - DN: %s\n", dn);
+ printf("\tDN: %s\n", dn);
size = sizeof(dn);
gnutls_x509_crt_get_issuer_dn( cert, dn, &size);
- printf(" - Certificate Issuer's DN: %s\n", dn);
+ printf("\tIssuer's DN: %s\n", dn);
gnutls_x509_crt_deinit( cert);
diff --git a/lib/gnutls.h.in.in b/lib/gnutls.h.in.in
index cd790c9640..6a1fc387d0 100644
--- a/lib/gnutls.h.in.in
+++ b/lib/gnutls.h.in.in
@@ -146,7 +146,8 @@ typedef enum gnutls_openpgp_key_status { GNUTLS_OPENPGP_KEY,
typedef enum gnutls_close_request { GNUTLS_SHUT_RDWR=0, GNUTLS_SHUT_WR=1 } gnutls_close_request;
-typedef enum gnutls_protocol_version { GNUTLS_SSL3=1, GNUTLS_TLS1 } gnutls_protocol_version;
+#define GNUTLS_TLS1 GNUTLS_TLS1_0
+typedef enum gnutls_protocol_version { GNUTLS_SSL3=1, GNUTLS_TLS1_0 } gnutls_protocol_version;
typedef enum gnutls_certificate_type { GNUTLS_CRT_X509=1, GNUTLS_CRT_OPENPGP
} gnutls_certificate_type;
diff --git a/lib/gnutls_hash_int.c b/lib/gnutls_hash_int.c
index cea75de4d0..9877fc46d7 100644
--- a/lib/gnutls_hash_int.c
+++ b/lib/gnutls_hash_int.c
@@ -1,5 +1,6 @@
/*
* Copyright (C) 2000,2001 Nikos Mavroyanopoulos
+ * Copyright (C) 2004 Free Software Foundation
*
* This file is part of GNUTLS.
*
@@ -30,8 +31,8 @@
GNUTLS_HASH_HANDLE _gnutls_hash_init(gnutls_mac_algorithm algorithm)
{
- GNUTLS_MAC_HANDLE ret = NULL;
- gcry_error_t result = 0;
+ GNUTLS_MAC_HANDLE ret;
+ gcry_error_t result;
ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT));
if (ret == NULL) {
@@ -53,8 +54,7 @@ GNUTLS_HASH_HANDLE _gnutls_hash_init(gnutls_mac_algorithm algorithm)
break;
default:
gnutls_assert();
- gnutls_free( ret);
- ret = GNUTLS_HASH_FAILED;
+ result = -1;
}
if (result) {
@@ -124,12 +124,12 @@ void _gnutls_hash_deinit(GNUTLS_HASH_HANDLE handle, void *digest)
opaque *mac;
int maclen;
- maclen = gcry_md_get_algo_dlen(gcry_md_get_algo(handle->handle));
+ maclen = _gnutls_hash_get_algo_len( handle->algorithm);
+
gcry_md_final(handle->handle);
mac = gcry_md_read(handle->handle, 0);
if (digest != NULL)
- memcpy(digest, mac,
- _gnutls_hash_get_algo_len(handle->algorithm));
+ memcpy(digest, mac, maclen);
gcry_md_close(handle->handle);
@@ -141,7 +141,7 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(gnutls_mac_algorithm algorithm,
const void *key, int keylen)
{
GNUTLS_MAC_HANDLE ret;
- gcry_error_t result = 0;
+ gcry_error_t result;
ret = gnutls_malloc(sizeof(GNUTLS_MAC_HANDLE_INT));
if (ret == NULL)
@@ -158,12 +158,15 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(gnutls_mac_algorithm algorithm,
result = gcry_md_open(&ret->handle, GCRY_MD_RMD160, GCRY_MD_FLAG_HMAC);
break;
default:
- gnutls_free(ret);
- ret = GNUTLS_MAC_FAILED;
+ gnutls_assert();
+ result = -1;
}
- if (result)
+ if (result) {
+ gnutls_assert();
+ gnutls_free(ret);
ret = GNUTLS_MAC_FAILED;
+ }
if (ret != GNUTLS_MAC_FAILED) {
gcry_md_setkey(ret->handle, key, keylen);
@@ -176,26 +179,12 @@ GNUTLS_MAC_HANDLE _gnutls_hmac_init(gnutls_mac_algorithm algorithm,
return ret;
}
-
-int _gnutls_hmac_get_algo_len(gnutls_mac_algorithm algorithm)
-{
- return _gnutls_hash_get_algo_len( algorithm);
-}
-
-int _gnutls_hmac(GNUTLS_MAC_HANDLE handle, const void *text, size_t textlen)
-{
-
- gcry_md_write(handle->handle, text, textlen);
- return 0;
-
-}
-
void _gnutls_hmac_deinit(GNUTLS_MAC_HANDLE handle, void *digest)
{
opaque *mac;
int maclen;
- maclen = gcry_md_get_algo_dlen(gcry_md_get_algo(handle->handle));
+ maclen = _gnutls_hash_get_algo_len( handle->algorithm);
gcry_md_final(handle->handle);
mac = gcry_md_read(handle->handle, 0);
diff --git a/lib/gnutls_hash_int.h b/lib/gnutls_hash_int.h
index 9a106b0989..eee1db96f3 100644
--- a/lib/gnutls_hash_int.h
+++ b/lib/gnutls_hash_int.h
@@ -38,8 +38,8 @@ typedef GNUTLS_MAC_HANDLE GNUTLS_HASH_HANDLE;
#define GNUTLS_MAC_FAILED NULL
GNUTLS_MAC_HANDLE _gnutls_hmac_init( gnutls_mac_algorithm algorithm, const void* key, int keylen);
-int _gnutls_hmac_get_algo_len(gnutls_mac_algorithm algorithm);
-int _gnutls_hmac(GNUTLS_MAC_HANDLE handle, const void* text, size_t textlen);
+#define _gnutls_hmac_get_algo_len _gnutls_hash_get_algo_len
+#define _gnutls_hmac _gnutls_hash
void _gnutls_hmac_deinit( GNUTLS_MAC_HANDLE handle, void* digest);
GNUTLS_MAC_HANDLE _gnutls_mac_init_ssl3( gnutls_mac_algorithm algorithm, void* key, int keylen);
diff --git a/lib/x509/dsa.c b/lib/x509/dsa.c
new file mode 100644
index 0000000000..6d2f25b72f
--- /dev/null
+++ b/lib/x509/dsa.c
@@ -0,0 +1,125 @@
+/*
+ * Copyright (C) 2003 Nikos Mavroyanopoulos
+ * Copyright (C) 2004 Free Software Foundation
+ *
+ * This file is part of GNUTLS.
+ *
+ * The GNUTLS library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
+
+/* This file contains code for DSA keys.
+ */
+
+#include <gnutls_int.h>
+#include <gnutls_errors.h>
+#include <gnutls_datum.h>
+#include <debug.h>
+
+/* resarr will contain: p(0), q(1), g(2), y(3), x(4).
+ */
+int _gnutls_dsa_generate_params(GNUTLS_MPI* resarr, int* resarr_len, int bits)
+{
+
+ int ret;
+ gcry_sexp_t parms, key, list;
+
+ if (bits > 1024) {
+ gnutls_assert();
+ return GNUTLS_E_INVALID_REQUEST;
+ }
+
+ ret = gcry_sexp_build( &parms, NULL, "(genkey(dsa(nbits %d)))", bits);
+ if (ret != 0) {
+ gnutls_assert();
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+
+ /* generate the DSA key
+ */
+ ret = gcry_pk_genkey( &key, parms);
+ gcry_sexp_release( parms);
+
+ if (ret != 0) {
+ gnutls_assert();
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+
+ list = gcry_sexp_find_token( key, "p", 0);
+ if (list == NULL) {
+ gnutls_assert();
+ gcry_sexp_release( key);
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+
+ resarr[0] = gcry_sexp_nth_mpi(list, 1, 0);
+ gcry_sexp_release(list);
+
+ list = gcry_sexp_find_token( key, "q", 0);
+ if (list == NULL) {
+ gnutls_assert();
+ gcry_sexp_release( key);
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+
+ resarr[1] = gcry_sexp_nth_mpi(list, 1, 0);
+ gcry_sexp_release(list);
+
+ list = gcry_sexp_find_token( key, "g", 0);
+ if (list == NULL) {
+ gnutls_assert();
+ gcry_sexp_release( key);
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+
+ resarr[2] = gcry_sexp_nth_mpi(list, 1, 0);
+ gcry_sexp_release(list);
+
+ list = gcry_sexp_find_token( key, "y", 0);
+ if (list == NULL) {
+ gnutls_assert();
+ gcry_sexp_release( key);
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+
+ resarr[3] = gcry_sexp_nth_mpi(list, 1, 0);
+ gcry_sexp_release(list);
+
+
+ list = gcry_sexp_find_token( key, "x", 0);
+ if (list == NULL) {
+ gnutls_assert();
+ gcry_sexp_release( key);
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+
+ resarr[4] = gcry_sexp_nth_mpi(list, 1, 0);
+ gcry_sexp_release(list);
+
+
+ gcry_sexp_release(key);
+
+ _gnutls_dump_mpi( "p: ", resarr[0]);
+ _gnutls_dump_mpi( "q: ", resarr[1]);
+ _gnutls_dump_mpi( "g: ", resarr[2]);
+ _gnutls_dump_mpi( "y: ", resarr[3]);
+ _gnutls_dump_mpi( "x: ", resarr[4]);
+
+ *resarr_len = 5;
+
+ return 0;
+
+}
+
diff --git a/lib/x509/dsa.h b/lib/x509/dsa.h
new file mode 100644
index 0000000000..4f9d7562b9
--- /dev/null
+++ b/lib/x509/dsa.h
@@ -0,0 +1 @@
+int _gnutls_dsa_generate_params(GNUTLS_MPI* resarr, int* resarr_len, int bits);
diff --git a/src/common.c b/src/common.c
index 4305cbb21d..1bc7d45aed 100644
--- a/src/common.c
+++ b/src/common.c
@@ -1,3 +1,24 @@
+/*
+ * Copyright (C) 2000,2001,2002,2003 Nikos Mavroyanopoulos
+ * Copyright (C) 2004 Free Software Foundation
+ *
+ * This file is part of GNUTLS.
+ *
+ * GNUTLS is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * GNUTLS is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
#include <config.h>
#include <stdio.h>
#include <stdlib.h>
@@ -69,9 +90,7 @@ void print_x509_info(gnutls_session session, const char* hostname)
gnutls_x509_crt_import(crt, &cert_list[j],
GNUTLS_X509_FMT_DER);
if (ret < 0) {
- const char* str = gnutls_strerror(ret);
- if (str == NULL) str = str_unknown;
- fprintf(stderr, "Decoding error: %s\n", str);
+ fprintf(stderr, "Decoding error: %s\n", gnutls_strerror(ret));
return;
}
@@ -110,10 +129,8 @@ void print_x509_info(gnutls_session session, const char* hostname)
ret = gnutls_x509_crt_to_xml( crt, &xml_data, 0);
if (ret < 0) {
- const char* str = gnutls_strerror(ret);
- if (str == NULL) str = str_unknown;
fprintf(stderr, "XML encoding error: %s\n",
- str);
+ gnutls_strerror(ret));
return;
}
@@ -147,9 +164,7 @@ void print_x509_info(gnutls_session session, const char* hostname)
digest_size = sizeof(digest);
if ((ret=gnutls_x509_crt_get_fingerprint(crt, GNUTLS_DIG_MD5, digest, &digest_size))
< 0) {
- const char* str = gnutls_strerror(ret);
- if (str == NULL) str = str_unknown;
- fprintf(stderr, "Error in fingerprint calculation: %s\n", str);
+ fprintf(stderr, "Error in fingerprint calculation: %s\n", gnutls_strerror(ret));
} else {
print = printable;
for (i = 0; i < digest_size; i++) {
@@ -225,9 +240,7 @@ void print_openpgp_info(gnutls_session session, const char* hostname)
ret =
gnutls_openpgp_key_import(crt, &cert_list[0], GNUTLS_OPENPGP_FMT_RAW);
if (ret < 0) {
- const char* str = gnutls_strerror(ret);
- if (str == NULL) str = str_unknown;
- fprintf(stderr, "Decoding error: %s\n", str);
+ fprintf(stderr, "Decoding error: %s\n", gnutls_strerror(ret));
return;
}
@@ -262,10 +275,8 @@ void print_openpgp_info(gnutls_session session, const char* hostname)
ret = gnutls_openpgp_key_to_xml( crt, &xml_data, 0);
if (ret < 0) {
- const char* str = gnutls_strerror(ret);
- if (str == NULL) str = str_unknown;
fprintf(stderr, "XML encoding error: %s\n",
- str);
+ gnutls_strerror(ret));
return;
}
@@ -503,26 +514,26 @@ void print_list(void)
printf(", ANON-DH\n");
printf("Compression methods:");
- printf(" ZLIB");
+ printf(" DEFLATE");
printf(", LZO");
printf(", NULL\n");
}
void print_license(void)
{
- fprintf(stdout,
- "\nCopyright (C) 2001-2003 Nikos Mavroyanopoulos\n"
- "This program is free software; you can redistribute it and/or modify \n"
- "it under the terms of the GNU General Public License as published by \n"
- "the Free Software Foundation; either version 2 of the License, or \n"
- "(at your option) any later version. \n" "\n"
- "This program is distributed in the hope that it will be useful, \n"
- "but WITHOUT ANY WARRANTY; without even the implied warranty of \n"
- "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \n"
- "GNU General Public License for more details. \n" "\n"
- "You should have received a copy of the GNU General Public License \n"
- "along with this program; if not, write to the Free Software \n"
- "Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n");
+fputs( "\nCopyright (C) 2004 Free Software Foundation\n"
+ "This program is free software; you can redistribute it and/or modify \n"
+ "it under the terms of the GNU General Public License as published by \n"
+ "the Free Software Foundation; either version 2 of the License, or \n"
+ "(at your option) any later version. \n" "\n"
+ "This program is distributed in the hope that it will be useful, \n"
+ "but WITHOUT ANY WARRANTY; without even the implied warranty of \n"
+ "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \n"
+ "GNU General Public License for more details. \n" "\n"
+ "You should have received a copy of the GNU General Public License \n"
+ "along with this program; if not, write to the Free Software \n"
+ "Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.\n\n",
+ stdout);
}
void parse_protocols(char **protocols, int protocols_size,
@@ -534,8 +545,9 @@ void parse_protocols(char **protocols, int protocols_size,
for (j = i = 0; i < protocols_size; i++) {
if (strncasecmp(protocols[i], "SSL", 3) == 0)
protocol_priority[j++] = GNUTLS_SSL3;
- if (strncasecmp(protocols[i], "TLS", 3) == 0)
+ else if (strncasecmp(protocols[i], "TLS", 3) == 0)
protocol_priority[j++] = GNUTLS_TLS1;
+ else fprintf(stderr, "Unknown protocol: '%s'\n", protocols[i]);
}
protocol_priority[j] = 0;
}
@@ -550,17 +562,18 @@ void parse_ciphers(char **ciphers, int nciphers, int *cipher_priority)
if (strncasecmp(ciphers[i], "AES", 3) == 0)
cipher_priority[j++] =
GNUTLS_CIPHER_AES_128_CBC;
- if (strncasecmp(ciphers[i], "3DE", 3) == 0)
+ else if (strncasecmp(ciphers[i], "3DE", 3) == 0)
cipher_priority[j++] =
GNUTLS_CIPHER_3DES_CBC;
- if (strcasecmp(ciphers[i], "ARCFOUR-40") == 0)
+ else if (strcasecmp(ciphers[i], "ARCFOUR-40") == 0)
cipher_priority[j++] =
GNUTLS_CIPHER_ARCFOUR_40;
- if (strcasecmp(ciphers[i], "ARCFOUR") == 0)
+ else if (strcasecmp(ciphers[i], "ARCFOUR") == 0)
cipher_priority[j++] =
GNUTLS_CIPHER_ARCFOUR_128;
- if (strncasecmp(ciphers[i], "NUL", 3) == 0)
+ else if (strncasecmp(ciphers[i], "NUL", 3) == 0)
cipher_priority[j++] = GNUTLS_CIPHER_NULL;
+ else fprintf(stderr, "Unknown cipher: '%s'\n", ciphers[i]);
}
cipher_priority[j] = 0;
}
@@ -573,10 +586,11 @@ void parse_macs(char **macs, int nmacs, int *mac_priority)
for (j = i = 0; i < nmacs; i++) {
if (strncasecmp(macs[i], "MD5", 3) == 0)
mac_priority[j++] = GNUTLS_MAC_MD5;
- if (strncasecmp(macs[i], "RMD", 3) == 0)
+ else if (strncasecmp(macs[i], "RMD", 3) == 0)
mac_priority[j++] = GNUTLS_MAC_RMD160;
- if (strncasecmp(macs[i], "SHA", 3) == 0)
+ else if (strncasecmp(macs[i], "SHA", 3) == 0)
mac_priority[j++] = GNUTLS_MAC_SHA;
+ else fprintf(stderr, "Unknown MAC: '%s'\n", macs[i]);
}
mac_priority[j] = 0;
}
@@ -590,8 +604,9 @@ void parse_ctypes(char **ctype, int nctype, int *cert_type_priority)
if (strncasecmp(ctype[i], "OPE", 3) == 0)
cert_type_priority[j++] =
GNUTLS_CRT_OPENPGP;
- if (strncasecmp(ctype[i], "X", 1) == 0)
+ else if (strncasecmp(ctype[i], "X", 1) == 0)
cert_type_priority[j++] = GNUTLS_CRT_X509;
+ else fprintf(stderr, "Unknown certificate type: '%s'\n", ctype[i]);
}
cert_type_priority[j] = 0;
}
@@ -604,20 +619,21 @@ void parse_kx(char **kx, int nkx, int *kx_priority)
for (j = i = 0; i < nkx; i++) {
if (strcasecmp(kx[i], "SRP") == 0)
kx_priority[j++] = GNUTLS_KX_SRP;
- if (strcasecmp(kx[i], "SRP-RSA") == 0)
+ else if (strcasecmp(kx[i], "SRP-RSA") == 0)
kx_priority[j++] = GNUTLS_KX_SRP_RSA;
- if (strcasecmp(kx[i], "SRP-DSS") == 0)
+ else if (strcasecmp(kx[i], "SRP-DSS") == 0)
kx_priority[j++] = GNUTLS_KX_SRP_DSS;
- if (strcasecmp(kx[i], "RSA") == 0)
+ else if (strcasecmp(kx[i], "RSA") == 0)
kx_priority[j++] = GNUTLS_KX_RSA;
- if (strcasecmp(kx[i], "RSA-EXPORT") == 0)
+ else if (strcasecmp(kx[i], "RSA-EXPORT") == 0)
kx_priority[j++] = GNUTLS_KX_RSA_EXPORT;
- if (strncasecmp(kx[i], "DHE-RSA", 7) == 0)
+ else if (strncasecmp(kx[i], "DHE-RSA", 7) == 0)
kx_priority[j++] = GNUTLS_KX_DHE_RSA;
- if (strncasecmp(kx[i], "DHE-DSS", 7) == 0)
+ else if (strncasecmp(kx[i], "DHE-DSS", 7) == 0)
kx_priority[j++] = GNUTLS_KX_DHE_DSS;
- if (strncasecmp(kx[i], "ANON", 4) == 0)
+ else if (strncasecmp(kx[i], "ANON", 4) == 0)
kx_priority[j++] = GNUTLS_KX_ANON_DH;
+ else fprintf(stderr, "Unknown key exchange: '%s'\n", kx[i]);
}
kx_priority[j] = 0;
}
@@ -630,10 +646,13 @@ void parse_comp(char **comp, int ncomp, int *comp_priority)
for (j = i = 0; i < ncomp; i++) {
if (strncasecmp(comp[i], "NUL", 3) == 0)
comp_priority[j++] = GNUTLS_COMP_NULL;
- if (strncasecmp(comp[i], "ZLI", 3) == 0)
- comp_priority[j++] = GNUTLS_COMP_ZLIB;
- if (strncasecmp(comp[i], "LZO", 3) == 0)
+ else if (strncasecmp(comp[i], "ZLI", 3) == 0)
+ comp_priority[j++] = GNUTLS_COMP_DEFLATE;
+ else if (strncasecmp(comp[i], "DEF", 3) == 0)
+ comp_priority[j++] = GNUTLS_COMP_DEFLATE;
+ else if (strncasecmp(comp[i], "LZO", 3) == 0)
comp_priority[j++] = GNUTLS_COMP_LZO;
+ else fprintf(stderr, "Unknown compression: '%s'\n", comp[i]);
}
comp_priority[j] = 0;
}
@@ -657,11 +676,11 @@ char* ret;
ret = inet_ntoa( *((struct in_addr*)src));
- if (strlen(ret) > cnt) {
+ if (ret == NULL || strlen(ret) > cnt) {
return NULL;
}
strcpy( dst, ret);
-
+
return dst;
}
#endif