From 945667eb0158a7078bcb6ba5d347e9d35021a5d2 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 11 Sep 2003 18:30:15 +0000 Subject: cleanups. --- configure.in | 2 +- doc/.cvsignore | 2 -- doc/tex/library.tex | 12 ++++++++---- lib/debug.c | 10 ++++++---- lib/debug.h | 6 +++--- lib/gnutls_errors.c | 4 ++-- src/cli.c | 12 ++++++------ 7 files changed, 26 insertions(+), 22 deletions(-) diff --git a/configure.in b/configure.in index 8bf245eb3c..0e09644cc9 100644 --- a/configure.in +++ b/configure.in @@ -260,7 +260,7 @@ else fi AC_MSG_CHECKING([whether to disable extra PKI stuff]) -AC_ARG_ENABLE( extra-pki, [ --disable-extra-pki only enable the required PKI stuff], +AC_ARG_ENABLE( extra-pki, [ --disable-extra-pki only enable the basic PKI stuff], ac_enable_pki=no ) if test x$ac_enable_pki != xno; then diff --git a/doc/.cvsignore b/doc/.cvsignore index 3694aac9ef..0cf0c5381c 100644 --- a/doc/.cvsignore +++ b/doc/.cvsignore @@ -1,5 +1,3 @@ Makefile.in Makefile .cvsignore -gnutls-api* -gnutls.3 diff --git a/doc/tex/library.tex b/doc/tex/library.tex index b57c04561e..e045e5bdc7 100644 --- a/doc/tex/library.tex +++ b/doc/tex/library.tex @@ -19,13 +19,13 @@ Important features of the \gnutls{} library include: \item Thread safety \item Support for both \tlsI{} and \sslIII{} protocols. \item Support for both {\bf X.509} and {\bf OpenPGP} certificates. -\item Support for basic parsing and verification of certificates +\item Support for handling and verification of certificates \item Support for {\bf SRP} for \tls{} authentication. \item Support for \tls{} {\bf Extension mechanism}. \item Support for \tls{} {\bf Compression Methods}. \end{itemize} -Additionaly \gnutls{} provides an emulation API for the widely used +Additionaly \gnutls{} provides a limited emulation API for the widely used OpenSSL\footnote{\htmladdnormallink{http://www.openssl.org/}{http://www.openssl.org/}} library, to ease integration with existing applications. @@ -44,7 +44,11 @@ Opencdk\footnote{\htmladdnormallink{ftp://ftp.gnupg.org/gcrypt/alpha/gnutls/open is used for the OpenPGP key support in \gnutls{}. The `Crypto backend' is provided by the libgcrypt\footnote{\htmladdnormallink{ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/}{ftp://ftp.gnupg.org/gcrypt/alpha/libgcrypt/}} -library. +library. +\par +In order to ease integration in embedded systems, parts of the \gnutls{} library +can be disabled at compile time. That way a small library, with the required features, +can be generated. \par See \htmladdnormallink{http://www.gnutls.org/}{http://www.gnutls.org/} @@ -77,7 +81,7 @@ The credentials structure is used by some authentication methods, such as certificate authentication\footnote{see section \ref{certificate} on page \pageref{certificate}}. A credentials structure may contain certificates, private keys, temporary parameters for diffie hellman or RSA key exchange, and other stuff that may be shared -by several TLS sessions. +between several TLS sessions. This structure should be initialized using the appropriate initialization functions. For example an application which uses certificate authentication diff --git a/lib/debug.c b/lib/debug.c index cc84628fcb..7b560a6268 100644 --- a/lib/debug.c +++ b/lib/debug.c @@ -45,7 +45,8 @@ void _gnutls_print_state(gnutls_session session) #endif -const char* _gnutls_packet2str( int packet) { +const char* _gnutls_packet2str( ContentType packet) +{ switch(packet) { case GNUTLS_CHANGE_CIPHER_SPEC: return "Change Cipher Spec"; @@ -61,7 +62,8 @@ const char* _gnutls_packet2str( int packet) { } } -const char* _gnutls_handshake2str( int handshake) { +const char* _gnutls_handshake2str( HandshakeType handshake) +{ switch(handshake) { case GNUTLS_HELLO_REQUEST: @@ -100,12 +102,12 @@ const char* _gnutls_handshake2str( int handshake) { } } -void _gnutls_dump_mpi(char* prefix, GNUTLS_MPI a) +void _gnutls_dump_mpi(const char* prefix, GNUTLS_MPI a) { char buf[1024]; size_t n = sizeof buf; if (gcry_mpi_print(GCRYMPI_FMT_HEX, buf, n, &n, a)) strcpy(buf, "[can't print value]"); /* Flawfinder: ignore */ - _gnutls_hard_log( "GNUTLS_MPI: length: %d\n\t%s%s\n", (n-1)/2, prefix, buf); + _gnutls_hard_log( "MPI: length: %d\n\t%s%s\n", (n-1)/2, prefix, buf); } diff --git a/lib/debug.h b/lib/debug.h index c7db8bf09c..dca55b578f 100644 --- a/lib/debug.h +++ b/lib/debug.h @@ -21,6 +21,6 @@ #ifdef DEBUG void _gnutls_print_state(gnutls_session session); #endif -const char* _gnutls_packet2str( int packet); -const char* _gnutls_handshake2str( int handshake); -void _gnutls_dump_mpi(char* prefix, GNUTLS_MPI a); +const char* _gnutls_packet2str( ContentType packet); +const char* _gnutls_handshake2str( HandshakeType handshake); +void _gnutls_dump_mpi(const char* prefix, GNUTLS_MPI a); diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c index e13931ed34..6553010edb 100644 --- a/lib/gnutls_errors.c +++ b/lib/gnutls_errors.c @@ -68,8 +68,8 @@ static gnutls_error_entry error_algorithms[] = { ERROR_ENTRY("An unexpected TLS handshake packet was received.", GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET, 1 ), ERROR_ENTRY("The scanning of a large integer has failed.", GNUTLS_E_MPI_SCAN_FAILED, 1 ), ERROR_ENTRY("Could not export a large integer.", GNUTLS_E_MPI_PRINT_FAILED, 1 ), - ERROR_ENTRY("Decryption of the TLS record packet has failed.", GNUTLS_E_DECRYPTION_FAILED, 1 ), - ERROR_ENTRY("Encryption of the TLS record packet has failed.", GNUTLS_E_ENCRYPTION_FAILED, 1 ), + ERROR_ENTRY("Decryption has failed.", GNUTLS_E_DECRYPTION_FAILED, 1 ), + ERROR_ENTRY("Encryption has failed.", GNUTLS_E_ENCRYPTION_FAILED, 1 ), ERROR_ENTRY("Public key decryption has failed.", GNUTLS_E_PK_DECRYPTION_FAILED, 1 ), ERROR_ENTRY("Public key encryption has failed.", GNUTLS_E_PK_ENCRYPTION_FAILED, 1 ), ERROR_ENTRY("Public key signing has failed.", GNUTLS_E_PK_SIGN_FAILED, 1 ), diff --git a/src/cli.c b/src/cli.c index c970505533..686d29bbd7 100644 --- a/src/cli.c +++ b/src/cli.c @@ -198,7 +198,7 @@ static void gaa_parser(int argc, char **argv); /* Returns zero if the error code was successfully handled. */ -static int handle_error( socket_st * hd, int err) +static int handle_error( socket_st hd, int err) { int alert, ret; const char* err_type; @@ -216,7 +216,7 @@ const char* err_type; if (err == GNUTLS_E_WARNING_ALERT_RECEIVED || err == GNUTLS_E_FATAL_ALERT_RECEIVED) { - alert = gnutls_alert_get(hd->session); + alert = gnutls_alert_get(hd.session); printf("*** Received alert [%d]: %s\n", alert, gnutls_alert_get_name(alert)); } @@ -291,7 +291,7 @@ int main(int argc, char **argv) ret = do_handshake(&hd); - if (ret < 0 && handle_error(&hd, ret) < 0) { + if (ret < 0 && handle_error(hd, ret) < 0) { fprintf(stderr, "*** Handshake has failed\n"); gnutls_perror(ret); gnutls_deinit(hd.session); @@ -359,7 +359,7 @@ int main(int argc, char **argv) if (ret == 0) { printf("- Peer has closed the GNUTLS connection\n"); break; - } else if (ret < 0 && user_term == 0 && handle_error(&hd, ret) < 0) { + } else if (ret < 0 && user_term == 0 && handle_error(hd, ret) < 0) { fprintf(stderr, "*** Server has terminated the connection abnormally.\n"); break; @@ -381,7 +381,7 @@ int main(int argc, char **argv) if (hd.secure == 0) { fprintf(stderr, "*** Starting TLS handshake\n"); ret = do_handshake(&hd); - if (ret < 0 && handle_error(&hd, ret) < 0) { + if (ret < 0 && handle_error(hd, ret) < 0) { fprintf(stderr, "*** Handshake has failed\n"); socket_bye(&hd); user_term = 1; @@ -405,7 +405,7 @@ int main(int argc, char **argv) if (quiet != 0) printf("- Sent: %d bytes\n", ret); } else - handle_error(&hd, ret); + handle_error(hd, ret); } } -- cgit v1.2.1