projects
/
umurmur.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
changed cipher suite spec
[umurmur.git]
/
src
/
ssli_gnutls.c
diff --git
a/src/ssli_gnutls.c
b/src/ssli_gnutls.c
index eb15b7a84153219ea75ade443d499bf2ac9580ca..dfe2f2eeb47628fde849950c9d1608ce54b2a0c0 100644
(file)
--- a/
src/ssli_gnutls.c
+++ b/
src/ssli_gnutls.c
@@
-2,10
+2,12
@@
#include "conf.h"
#include "log.h"
#include "conf.h"
#include "log.h"
+#include <stdlib.h>
+
static gnutls_dh_params_t dhParameters;
static gnutls_certificate_credentials_t certificate;
static gnutls_dh_params_t dhParameters;
static gnutls_certificate_credentials_t certificate;
-static const char * ciphers = "
SECURE128:-VERS-DTLS-ALL:-VERS-SSL3.0:-VERS-TLS1.0:+COMP_AL
L";
+static const char * ciphers = "
NORMA
L";
static gnutls_priority_t cipherCache;
void initializeCertificate()
static gnutls_priority_t cipherCache;
void initializeCertificate()
@@
-60,7
+62,7
@@
void SSLi_deinit()
SSL_handle_t * SSLi_newconnection( int * fileDescriptor, bool_t * isSSLReady )
{
SSL_handle_t * SSLi_newconnection( int * fileDescriptor, bool_t * isSSLReady )
{
- gnutls_session_t * session
; // Maybe we need to calloc here
+ gnutls_session_t * session
= calloc(1, sizeof(gnutls_session_t));
gnutls_init(session, GNUTLS_SERVER);
gnutls_priority_set(*session, cipherCache);
gnutls_init(session, GNUTLS_SERVER);
gnutls_priority_set(*session, cipherCache);
@@
-70,7
+72,8
@@
SSL_handle_t * SSLi_newconnection( int * fileDescriptor, bool_t * isSSLReady )
gnutls_transport_set_int(*session, *fileDescriptor);
gnutls_transport_set_int(*session, *fileDescriptor);
- *isSSLReady = true;
+ if(isSSLReady && SSLi_nonblockaccept(session, isSSLReady))
+ *isSSLReady = true;
return session;
}
return session;
}
@@
-85,13
+88,16
@@
int SSLi_nonblockaccept( SSL_handle_t *session, bool_t * isSSLReady )
{
int error;
do {
{
int error;
do {
- gnutls_handshake(*session);
+
error =
gnutls_handshake(*session);
} while(error < GNUTLS_E_SUCCESS && !gnutls_error_is_fatal(error));
if ( error < GNUTLS_E_SUCCESS ) {
} while(error < GNUTLS_E_SUCCESS && !gnutls_error_is_fatal(error));
if ( error < GNUTLS_E_SUCCESS ) {
- Log_
fatal
("TLS handshake failed with error %i (%s).", error, gnutls_strerror(error));
+ Log_
warn
("TLS handshake failed with error %i (%s).", error, gnutls_strerror(error));
}
}
+ if(isSSLReady)
+ *isSSLReady = true;
+
return error;
}
return error;
}
@@
-105,8
+111,22
@@
int SSLi_write(SSL_handle_t *session, uint8_t *buffer, int length)
return gnutls_record_send(*session, buffer, length);
}
return gnutls_record_send(*session, buffer, length);
}
-void SSLi_shutdown(SSL_handle_t *ssl)
+int SSLi_get_error(SSL_handle_t *session, int code)
+ {
+ return code;
+ }
+
+bool_t SSLi_data_pending(SSL_handle_t *session)
{
{
+ return gnutls_record_check_pending(*session);
}
}
-void SSLi_free(SSL_handle_t *ssl) {}
+void SSLi_shutdown(SSL_handle_t *session)
+ {
+ gnutls_bye(*session, GNUTLS_SHUT_WR);
+ }
+
+void SSLi_free(SSL_handle_t *session)
+ {
+ gnutls_deinit(*session);
+ }