1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
Some things are mentioned here to help any potential gnutls coder.
The rules here are not always used, although we try to stick to them.
*** File names:
All file names are usually prefixed with "gnutls_", "auth_", or
"x509_", or something else that indicates the part of gnutls
where this file refers to. The suffix should be more
specific. Ie. "gnutls_record.c" refers to the TLS library
and more specific, to the TLS record protocol. "auth_rsa",
is the implementation of the RSA certificate authentication
method.
An other way to distinguish files, might be using different
subdirectories. Use the lib/x509/ directory, which contains
all the X.509 certificate and crl stuff.
*** Function names:
All the function names use underscore "_", to separate words,
functions like gnutlsDoThat, are not used. The function names
usually start with "gnutls_" prefix, and the words that follow
specify the exact part of gnutls that this function refers to.
Ie "gnutls_x509_crt_get_dn", refers to the X.509
certificate parsing part of gnutls. Currently used prefixes are:
"gnutls_x509_crt_" for the X.509 certificate part
"gnutls_openpgp_key_" for the openpgp key part
"gnutls_session_" for the TLS session part (but this may be omited)
"gnutls_handshake_" for the TLS handshake part
"gnutls_record_" for the TLS record part
"gnutls_alert_" for the TLS alert protocol part
"gnutls_credentials_" for the credentials structures
"gnutls_global_" for the global structures handling
and probably more.
Internal functions -- that are not exported in the API -- should
be prefixed with an underscore. Ie. _gnutls_handshake_begin()
All exported functions must be listed in gnutls.sym and gnutls-extra.sym,
in order to be exported.
*** Constructed types:
The constructed types in gnutls always have the "gnutls_" prefix.
Definitions, value defaults and enumerated values should be in
capitals. Ie GNUTLS_CIPHER_3DES_CBC
*** Function parameters:
The gnutls functions accept parameters in the order:
1. Input parameters.
2. Output parameters
When data and size is expected, a gnutls_datum structure should be
used (or more precisely a pointer to the structure).
*** Callback function parameters:
Callback functions should be avoided, if this is possible.
Callbacks that refer to a TLS session should include the
current session as a parameter, in order for the called, to
be able to retrieve the data associated with the session.
This is not always done though -- see the push/pull callbacks.
*** Return values:
Functions in gnutls return an int type, when possible. In that
case 0 should be returned in case of success, or maybe a positive
value, if some other indication is needed.
A negative value, always indicates failure. All the available
error codes are defined in gnutls_errors_int.h and a description
is available in gnutls_errors.c
|