From aa30b611753cee8834af624821848ce27ab28453 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Sun, 25 Aug 2002 19:06:43 +0000 Subject: improvements in server html output --- src/serv.c | 40 ++++++++++++++++++++++++---------------- src/tests.c | 18 ++++++++++++++++-- src/tests.h | 1 + src/tls_test.c | 1 + 4 files changed, 42 insertions(+), 18 deletions(-) diff --git a/src/serv.c b/src/serv.c index 60c19d7740..f00699d4ad 100644 --- a/src/serv.c +++ b/src/serv.c @@ -94,7 +94,7 @@ char *x509_crlfile = NULL; "\n" \ "\n" \ "

This is " \ - "GNUTLS

\n\n" + "GNUTLS
\n\n" #define RENEGOTIATE @@ -292,7 +292,7 @@ static char DEFAULT_DATA[] = "This is the default message reported " /* Creates html with the current state information. */ #define tmp2 &http_buffer[strlen(http_buffer)] -char* peer_print_info(GNUTLS_STATE state, int *ret_length) +char* peer_print_info(GNUTLS_STATE state, int *ret_length, const char* header) { const char *tmp; unsigned char sesid[32]; @@ -336,35 +336,43 @@ char* peer_print_info(GNUTLS_STATE state, int *ret_length) gnutls_dh_get_prime_bits(state)); } + if (gnutls_kx_get(state) == GNUTLS_KX_DHE_RSA + || gnutls_kx_get(state) == GNUTLS_KX_DHE_DSS) { + sprintf(tmp2, + "Ephemeral DH using prime of %d bits.
\n", + gnutls_dh_get_prime_bits(state)); + } + /* print state information */ strcat(http_buffer, "

\n"); tmp = gnutls_protocol_get_name(gnutls_protocol_get_version(state)); - sprintf(tmp2, "Protocol version: %s
\n", tmp); + sprintf(tmp2, "\n", tmp); if (gnutls_auth_get_type(state) == GNUTLS_CRD_CERTIFICATE) { tmp = gnutls_cert_type_get_name(gnutls_cert_type_get(state)); - sprintf(tmp2, "Certificate Type: %s
\n", tmp); + sprintf(tmp2, "\n", tmp); } tmp = gnutls_kx_get_name(gnutls_kx_get(state)); - sprintf(tmp2, "Key Exchange: %s
\n", tmp); - - if (gnutls_kx_get(state) == GNUTLS_KX_DHE_RSA - || gnutls_kx_get(state) == GNUTLS_KX_DHE_DSS) { - sprintf(tmp2, - "Ephemeral DH using prime of %d bits.
\n", - gnutls_dh_get_prime_bits(state)); - } + sprintf(tmp2, "\n", tmp); tmp = gnutls_compression_get_name(gnutls_compression_get(state)); - sprintf(tmp2, "Compression: %s
\n", tmp); + sprintf(tmp2, "\n", tmp); tmp = gnutls_cipher_get_name(gnutls_cipher_get(state)); - sprintf(tmp2, "Cipher: %s
\n", tmp); + sprintf(tmp2, "\n", tmp); tmp = gnutls_mac_get_name(gnutls_mac_get(state)); - sprintf(tmp2, "MAC: %s
\n", tmp); + sprintf(tmp2, "\n", tmp); + + tmp = gnutls_cipher_suite_get_name( gnutls_kx_get(state), + gnutls_cipher_get(state), gnutls_mac_get(state)); + sprintf(tmp2, "

Protocol version:%s
Certificate Type:%s
Key Exchange:%s
Compression%s
Cipher%s
MAC%s
Ciphersuite%s
\n", tmp); + + strcat( http_buffer, "

Your header was:

");
+   strcat( http_buffer, header);
+   strcat( http_buffer, "

"); strcat(http_buffer, "

\n"HTTP_END); @@ -426,7 +434,7 @@ static void get_response(GNUTLS_STATE state, char *request, char **response, int // *response = peer_print_info(state, request+4, h, response_length); if (http!=0) { - *response = peer_print_info(state, response_length); + *response = peer_print_info(state, response_length, h); } else { *response = strdup( request); *response_length = strlen( *response); diff --git a/src/tests.c b/src/tests.c index afb18c20a1..e35ea7b031 100644 --- a/src/tests.c +++ b/src/tests.c @@ -82,9 +82,10 @@ int ret, alert; static int protocol_priority[16] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; const static int kx_priority[16] = - { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_ANON_DH, 0 }; + { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_ANON_DH, + GNUTLS_KX_RSA_EXPORT, 0 }; const static int cipher_priority[16] = - { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0 }; + { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, GNUTLS_CIPHER_ARCFOUR_EXPORT, 0 }; const static int comp_priority[16] = { GNUTLS_COMP_NULL, 0 }; const static int mac_priority[16] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 }; const static int cert_type_priority[16] = { GNUTLS_CRT_X509, 0 }; @@ -162,6 +163,19 @@ int test_srp( GNUTLS_STATE state) { return do_handshake( state); } +int test_export( GNUTLS_STATE state) { + ADD_ALL_CIPHERS(state); + ADD_ALL_COMP(state); + ADD_ALL_CERTTYPES(state); + ADD_ALL_PROTOCOLS(state); + ADD_ALL_MACS(state); + + ADD_KX(state, GNUTLS_KX_RSA_EXPORT); + gnutls_cred_set(state, GNUTLS_CRD_CERTIFICATE, xcred); + + return do_handshake( state); +} + int test_dhe( GNUTLS_STATE state) { ADD_ALL_CIPHERS(state); ADD_ALL_COMP(state); diff --git a/src/tests.h b/src/tests.h index 1399a41ee6..d4f7bf4a78 100644 --- a/src/tests.h +++ b/src/tests.h @@ -5,6 +5,7 @@ #define UNSURE -1 int test_srp( GNUTLS_STATE state); +int test_export( GNUTLS_STATE state); int test_hello_extension( GNUTLS_STATE state); int test_dhe( GNUTLS_STATE state); int test_ssl3( GNUTLS_STATE state); diff --git a/src/tls_test.c b/src/tls_test.c index b0b0e85c90..197a1e8836 100644 --- a/src/tls_test.c +++ b/src/tls_test.c @@ -88,6 +88,7 @@ static const TLS_TEST tls_tests[] = { { "whether the server can accept cipher suites not in SSL 3.0 spec", test_unknown_ciphersuites, "yes", "no", "dunno"}, { "whether the server understands TLS closure alerts", test_bye, "yes", "no", "partially"}, { "whether the server supports session resumption", test_session_resume2, "yes", "no", "dunno"}, + { "for export-grade ciphersuite support", test_export, "yes", "no", "dunno" }, { "for anonymous authentication support", test_anonymous, "yes", "no", "dunno"}, { "for ephemeral Diffie Hellman support", test_dhe, "yes", "no", "dunno" }, { "for AES cipher support", test_aes, "yes", "no", "dunno"}, -- cgit v1.2.1