projects / umurmur.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
closed memory leak
[umurmur.git] / src / ssli_gnutls.c
diff --git a/src/ssli_gnutls.c b/src/ssli_gnutls.c
index 5120390685daa66ac68a3f960f1179d594bffce1..c961525e2c7e51bada3c0fa752efca1ce7c4066c 100644 (file)
--- a/src/ssli_gnutls.c
+++ b/src/ssli_gnutls.c
@@ -2,10 +2,12 @@
 #include "conf.h"
 #include "log.h"
 
+#include <stdlib.h>
+
 static gnutls_dh_params_t dhParameters;
 static gnutls_certificate_credentials_t certificate;
 
-static const char * ciphers = "NONE:+CTYPE-X.509:+DHE-RSA:+RSA:+AES-256-CBC:+AES-128-CBC:+SHA256:+SHA1:+VERS-TLS-ALL:+COMP-ALL:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1";
+static const char * ciphers = "NORMAL";
 static gnutls_priority_t cipherCache;
 
 void initializeCertificate()
@@ -76,10 +78,13 @@ SSL_handle_t * SSLi_newconnection( int * fileDescriptor, bool_t * isSSLReady )
   return session;
   }
 
-bool_t SSLi_getSHA1Hash(SSL_handle_t *ssl, uint8_t *hash)
+bool_t SSLi_getSHA1Hash(SSL_handle_t *session, uint8_t *hash)
   {
-  *hash = 0;
-  return true;
+       gnutls_datum_t const * certificateData = gnutls_certificate_get_peers(*session, NULL);
+
+       size_t resultSize = 0;
+       int error = gnutls_fingerprint( GNUTLS_DIG_SHA1, certificateData, hash, &resultSize);
+       return error == GNUTLS_E_SUCCESS && resultSize == 20;
   }
 
 int SSLi_nonblockaccept( SSL_handle_t *session, bool_t * isSSLReady )
@@ -127,4 +132,5 @@ void SSLi_shutdown(SSL_handle_t *session)
 void SSLi_free(SSL_handle_t *session)
   {
   gnutls_deinit(*session);
+  free(session);
   }
Unnamed repository; edit this file 'description' to name the repository.