#include "gnutls_int.h"
#include "gnutls_errors.h"
#include "debug.h"
#include "gnutls_cipher.h"
#include "gnutls_buffers.h"
#include "gnutls_handshake.h"
#include "gnutls_hash_int.h"
#include "gnutls_cipher_int.h"
#include "gnutls_algorithms.h"
#include "gnutls_auth_int.h"
#include "gnutls_num.h"
#include "gnutls_record.h"
#include "gnutls_datum.h"
#include "ext_max_record.h"
#include <gnutls_state.h>
#include <gnutls_dh.h>
Go to the source code of this file.
#define MAX_EMPTY_PACKETS_SEQUENCE 4 |
Definition at line 750 of file gnutls_record.c.
Referenced by MHD_gtls_recv_int().
static int check_buffers | ( | MHD_gtls_session_t | session, | |
content_type_t | type, | |||
opaque * | data, | |||
int | sizeofdata | |||
) | [static] |
Definition at line 441 of file gnutls_record.c.
References GNUTLS_APPLICATION_DATA, GNUTLS_HANDSHAKE, GNUTLS_INNER_APPLICATION, MHD_gnutls_assert, MHD_gnutls_record_buffer_get_size(), MHD_gtls_io_clear_peeked_data(), and MHD_gtls_record_buffer_get().
Referenced by MHD_gtls_recv_int().
static int check_recv_type | ( | content_type_t | recv_type | ) | [inline, static] |
Definition at line 420 of file gnutls_record.c.
References GNUTLS_A_UNEXPECTED_MESSAGE, GNUTLS_ALERT, GNUTLS_APPLICATION_DATA, GNUTLS_CHANGE_CIPHER_SPEC, GNUTLS_HANDSHAKE, GNUTLS_INNER_APPLICATION, and MHD_gnutls_assert.
Referenced by MHD_gtls_recv_int().
static void copy_record_version | ( | MHD_gtls_session_t | session, | |
MHD_gnutls_handshake_description_t | htype, | |||
opaque | version[2] | |||
) | [inline, static] |
Definition at line 221 of file gnutls_record.c.
References MHD_gtls_internals_st::default_record_version, GNUTLS_HANDSHAKE_CLIENT_HELLO, MHD_gtls_session_int::internals, MHD__gnutls_protocol_get_version(), MHD_gtls_version_get_major(), and MHD_gtls_version_get_minor().
Referenced by MHD_gtls_send_int().
static int get_temp_recv_buffer | ( | MHD_gtls_session_t | session, | |
MHD_gnutls_datum_t * | tmp | |||
) | [inline, static] |
Definition at line 713 of file gnutls_record.c.
References MHD_gnutls_datum_t::data, GNUTLS_E_MEMORY_ERROR, MHD_gtls_session_int::internals, MAX_RECORD_RECV_SIZE, MHD_gnutls_assert, MHD_gnutls_realloc, MHD_gtls_internals_st::recv_buffer, and MHD_gnutls_datum_t::size.
Referenced by MHD_gtls_recv_int().
int MHD__gnutls_bye | ( | MHD_gtls_session_t | session, | |
MHD_gnutls_close_request_t | how | |||
) |
MHD__gnutls_bye - This function terminates the current TLS/SSL connection. : is a MHD_gtls_session_t structure. : is an integer
Terminates the current TLS/SSL connection. The connection should have been initiated using MHD__gnutls_handshake(). should be one of GNUTLS_SHUT_RDWR, GNUTLS_SHUT_WR.
In case of GNUTLS_SHUT_RDWR then the TLS connection gets terminated and further receives and sends will be disallowed. If the return value is zero you may continue using the connection. GNUTLS_SHUT_RDWR actually sends an alert containing a close request and waits for the peer to reply with the same message.
In case of GNUTLS_SHUT_WR then the TLS connection gets terminated and further sends will be disallowed. In order to reuse the connection you should wait for an EOF from the peer. GNUTLS_SHUT_WR sends an alert containing a close request.
Note that not all implementations will properly terminate a TLS connection. Some of them, usually for performance reasons, will terminate only the underlying transport layer, thus causing a transmission error to the peer. This error cannot be distinguished from a malicious party prematurely terminating the session, thus this behavior is not recommended.
This function may also return GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED; cf. MHD__gnutls_record_get_direction().
Returns: GNUTLS_E_SUCCESS on success, or an error code, see function documentation for entire semantics.
Definition at line 133 of file gnutls_record.c.
References GNUTLS_A_CLOSE_NOTIFY, GNUTLS_AL_WARNING, GNUTLS_ALERT, GNUTLS_E_GOT_APPLICATION_DATA, GNUTLS_E_INTERNAL_ERROR, GNUTLS_SHUT_RDWR, MHD_gtls_session_int::internals, MHD_gtls_internals_st::may_not_read, MHD_gtls_internals_st::may_not_write, MHD__gnutls_alert_send(), MHD_gnutls_assert, MHD_gtls_io_clear_peeked_data(), MHD_gtls_io_write_flush(), MHD_gtls_recv_int(), STATE, STATE0, STATE60, STATE61, and STATE62.
Referenced by MHD_tls_connection_close().
enum MHD_GNUTLS_Protocol MHD__gnutls_protocol_get_version | ( | MHD_gtls_session_t | session | ) |
MHD__gnutls_protocol_get_version - Returns the version of the currently used protocol : is a MHD_gtls_session_t structure.
Returns: the version of the currently used protocol.
Definition at line 52 of file gnutls_record.c.
References MHD_gtls_session_int::security_parameters, and MHD_gtls_security_param_st::version.
Referenced by copy_record_version(), generate_normal_master(), MHD__gnutls_finished(), MHD__gnutls_gen_rsa_client_kx(), MHD__gnutls_proc_rsa_client_kx(), MHD__gnutls_recv_finished(), MHD__gnutls_send_finished(), MHD_gtls_ciphertext2compressed(), MHD_gtls_compressed2ciphertext(), MHD_gtls_gen_cert_server_cert_req(), MHD_gtls_PRF(), MHD_gtls_proc_cert_cert_req(), MHD_gtls_recv_client_certificate(), MHD_gtls_send_client_certificate(), MHD_gtls_supported_ciphersuites(), MHD_gtls_tls_sign_hdata(), MHD_gtls_tls_sign_params(), MHD_gtls_verify_sig_hdata(), MHD_gtls_verify_sig_params(), and record_check_version().
ssize_t MHD__gnutls_record_recv | ( | MHD_gtls_session_t | session, | |
void * | data, | |||
size_t | sizeofdata | |||
) |
MHD__gnutls_record_recv - reads data from the TLS record protocol : is a MHD_gtls_session_t structure. : the buffer that the data will be read into : the number of requested bytes
This function has the similar semantics with recv(). The only difference is that is accepts a GNUTLS session, and uses different error codes.
In the special case that a server requests a renegotiation, the client may receive an error code of GNUTLS_E_REHANDSHAKE. This message may be simply ignored, replied with an alert containing NO_RENEGOTIATION, or replied with a new handshake, depending on the client's will.
If EINTR is returned by the internal push function (the default is recv()) then GNUTLS_E_INTERRUPTED will be returned. If GNUTLS_E_INTERRUPTED or GNUTLS_E_AGAIN is returned, you must call this function again to get the data. See also MHD__gnutls_record_get_direction().
A server may also receive GNUTLS_E_REHANDSHAKE when a client has initiated a handshake. In that case the server can only initiate a handshake or terminate the connection.
Returns: the number of bytes received and zero on EOF. A negative error code is returned in case of an error. The number of bytes received might be less than .
Definition at line 1082 of file gnutls_record.c.
References GNUTLS_APPLICATION_DATA, and MHD_gtls_recv_int().
Referenced by recv_tls_adapter().
ssize_t MHD__gnutls_record_send | ( | MHD_gtls_session_t | session, | |
const void * | data, | |||
size_t | sizeofdata | |||
) |
MHD__gnutls_record_send - sends to the peer the specified data : is a MHD_gtls_session_t structure. : contains the data to send : is the length of the data
This function has the similar semantics with send(). The only difference is that is accepts a GNUTLS session, and uses different error codes.
Note that if the send buffer is full, send() will block this function. See the send() documentation for full information. You can replace the default push function by using MHD__gnutls_transport_set_ptr2() with a call to send() with a MSG_DONTWAIT flag if blocking is a problem.
If the EINTR is returned by the internal push function (the default is send()} then GNUTLS_E_INTERRUPTED will be returned. If GNUTLS_E_INTERRUPTED or GNUTLS_E_AGAIN is returned, you must call this function again, with the same parameters; alternatively you could provide a NULL pointer for data, and 0 for size. cf. MHD__gnutls_record_get_direction().
Returns: the number of bytes sent, or a negative error code. The number of bytes sent might be less than . The maximum number of bytes this function can send in a single call depends on the negotiated maximum record size.
Definition at line 1044 of file gnutls_record.c.
References GNUTLS_APPLICATION_DATA, and MHD_gtls_send_int().
Referenced by MHD_connection_handle_write(), and send_tls_adapter().
void MHD__gnutls_transport_set_lowat | ( | MHD_gtls_session_t | session, | |
int | num | |||
) |
MHD__gnutls_transport_set_lowat - Used to set the lowat value in order for select to check for pending data. : is a MHD_gtls_session_t structure. : is the low water value.
Used to set the lowat value in order for select to check if there are pending data to socket buffer. Used only if you have changed the default low water value (default is 1). Normally you will not need that function. This function is only useful if using berkeley style sockets. Otherwise it must be called and set lowat to zero.
Definition at line 77 of file gnutls_record.c.
References MHD_gtls_session_int::internals, and MHD_gtls_internals_st::lowat.
Referenced by MHD__gnutls_init().
void MHD__gnutls_transport_set_ptr | ( | MHD_gtls_session_t | session, | |
MHD_gnutls_transport_ptr_t | ptr | |||
) |
MHD__gnutls_transport_set_ptr - Used to set first argument of the transport functions : is a MHD_gtls_session_t structure. : is the value.
Used to set the first argument of the transport function (like PUSH and PULL). In berkeley style sockets this function will set the connection handle.
Definition at line 92 of file gnutls_record.c.
References MHD_gtls_session_int::internals, MHD_gtls_internals_st::transport_recv_ptr, and MHD_gtls_internals_st::transport_send_ptr.
Referenced by MHD_accept_connection().
ssize_t MHD_gtls_recv_int | ( | MHD_gtls_session_t | session, | |
content_type_t | type, | |||
MHD_gnutls_handshake_description_t | htype, | |||
opaque * | data, | |||
size_t | sizeofdata | |||
) |
Definition at line 760 of file gnutls_record.c.
References check_buffers(), check_recv_type(), MHD_gtls_session_int::connection_state, MHD_gnutls_datum_t::data, get_temp_recv_buffer(), GNUTLS_ALERT, GNUTLS_APPLICATION_DATA, GNUTLS_CHANGE_CIPHER_SPEC, GNUTLS_E_INT_RET_0, GNUTLS_E_INVALID_REQUEST, GNUTLS_E_INVALID_SESSION, GNUTLS_E_RECORD_LIMIT_REACHED, GNUTLS_E_TOO_MANY_EMPTY_PACKETS, GNUTLS_E_UNEXPECTED_PACKET, GNUTLS_E_UNEXPECTED_PACKET_LENGTH, GNUTLS_HANDSHAKE, GNUTLS_INNER_APPLICATION, MHD_gtls_session_int::internals, MAX_EMPTY_PACKETS_SEQUENCE, MAX_RECV_SIZE, MHD_gtls_internals_st::may_not_read, MHD__gnutls_packet2str(), MHD__gnutls_record_log, MHD_gnutls_assert, MHD_gnutls_record_buffer_get_size(), MHD_gtls_decrypt(), MHD_gtls_error_is_fatal(), MHD_gtls_io_clear_peeked_data(), MHD_gtls_io_clear_read_buffer(), MHD_gtls_io_read_buffered(), MHD_gtls_record_buffer_get(), MHD_gtls_uint64pp(), MHD_gtls_uint64touint32(), MHD_gtls_internals_st::read_eof, MHD_gtls_conn_stat_st::read_sequence_number, record_check_headers(), record_check_type(), record_check_version(), RECORD_HEADER_SIZE, session_invalidate(), session_is_valid(), session_unresumable(), and MHD_gnutls_datum_t::size.
Referenced by MHD__gnutls_bye(), MHD__gnutls_record_recv(), MHD__gnutls_recv_handshake_final(), MHD_gtls_handshake_io_recv_int(), and MHD_tls_connection_handle_read().
ssize_t MHD_gtls_send_change_cipher_spec | ( | MHD_gtls_session_t | session, | |
int | again | |||
) |
Definition at line 402 of file gnutls_record.c.
References GNUTLS_CHANGE_CIPHER_SPEC, GNUTLS_TYPE_CHANGE_CIPHER_SPEC, MHD__gnutls_handshake_log, MHD_gtls_io_write_flush(), and MHD_gtls_send_int().
Referenced by MHD__gnutls_send_handshake_final().
ssize_t MHD_gtls_send_int | ( | MHD_gtls_session_t | session, | |
content_type_t | type, | |||
MHD_gnutls_handshake_description_t | htype, | |||
const void * | _data, | |||
size_t | sizeofdata | |||
) |
Definition at line 257 of file gnutls_record.c.
References MHD_gtls_session_int::connection_state, copy_record_version(), GNUTLS_ALERT, GNUTLS_E_ENCRYPTION_FAILED, GNUTLS_E_INTERNAL_ERROR, GNUTLS_E_INVALID_REQUEST, GNUTLS_E_INVALID_SESSION, GNUTLS_E_MEMORY_ERROR, GNUTLS_E_RECORD_LIMIT_REACHED, MHD_gtls_session_int::internals, MHD_gtls_string::length, MAX_RECORD_OVERHEAD, MAX_RECORD_SEND_SIZE, MHD_gtls_internals_st::may_not_write, MHD__gnutls_packet2str(), MHD__gnutls_record_log, MHD_gnutls_assert, MHD_gnutls_free, MHD_gnutls_malloc, MHD_gtls_encrypt(), MHD_gtls_error_is_fatal(), MHD_gtls_io_write_buffered(), MHD_gtls_io_write_flush(), MHD_gtls_uint64pp(), MHD_gtls_uint64touint32(), MHD_gtls_priority_st::no_padding, MHD_gtls_internals_st::priorities, RECORD_HEADER_SIZE, MHD_gtls_internals_st::record_send_buffer, MHD_gtls_internals_st::record_send_buffer_user_size, session_invalidate(), session_is_valid(), session_unresumable(), and MHD_gtls_conn_stat_st::write_sequence_number.
Referenced by MHD__gnutls_alert_send(), MHD__gnutls_record_send(), MHD_gtls_handshake_io_send_int(), and MHD_gtls_send_change_cipher_spec().
void MHD_gtls_set_current_version | ( | MHD_gtls_session_t | session, | |
enum MHD_GNUTLS_Protocol | version | |||
) |
Definition at line 58 of file gnutls_record.c.
References MHD_gtls_session_int::security_parameters, and MHD_gtls_security_param_st::version.
Referenced by MHD_gtls_negotiate_version().
static int record_check_headers | ( | MHD_gtls_session_t | session, | |
uint8_t | headers[RECORD_HEADER_SIZE], | |||
content_type_t | type, | |||
MHD_gnutls_handshake_description_t | htype, | |||
content_type_t * | recv_type, | |||
opaque | version[2], | |||
uint16_t * | length, | |||
uint16_t * | header_size | |||
) | [static] |
Definition at line 476 of file gnutls_record.c.
References GNUTLS_HANDSHAKE, GNUTLS_HANDSHAKE_CLIENT_HELLO, MHD_gtls_session_int::internals, MHD__gnutls_record_log, MHD_gtls_read_uint16(), and MHD_gtls_internals_st::v2_hello.
Referenced by MHD_gtls_recv_int().
static int record_check_type | ( | MHD_gtls_session_t | session, | |
content_type_t | recv_type, | |||
content_type_t | type, | |||
MHD_gnutls_handshake_description_t | htype, | |||
opaque * | data, | |||
int | data_size | |||
) | [static] |
Definition at line 573 of file gnutls_record.c.
References MHD_gtls_security_param_st::entity, GNUTLS_A_CLOSE_NOTIFY, GNUTLS_AL_FATAL, GNUTLS_ALERT, GNUTLS_APPLICATION_DATA, GNUTLS_CHANGE_CIPHER_SPEC, GNUTLS_E_FATAL_ALERT_RECEIVED, GNUTLS_E_GOT_APPLICATION_DATA, GNUTLS_E_INT_RET_0, GNUTLS_E_INTERNAL_ERROR, GNUTLS_E_REHANDSHAKE, GNUTLS_E_UNEXPECTED_PACKET, GNUTLS_E_WARNING_ALERT_RECEIVED, GNUTLS_HANDSHAKE, GNUTLS_HANDSHAKE_CLIENT_HELLO, GNUTLS_INNER_APPLICATION, GNUTLS_SERVER, MHD_gtls_session_int::internals, MHD_gtls_internals_st::last_alert, MHD_gtls_internals_st::last_alert_level, MHD__gnutls_alert_get_name(), MHD__gnutls_record_log, MHD_gnutls_assert, MHD_gnutls_record_buffer_put(), MHD_gtls_recv_hello_request(), MHD_gtls_internals_st::read_eof, MHD_gtls_session_int::security_parameters, session_invalidate(), and session_unresumable().
Referenced by MHD_gtls_recv_int().
static int record_check_version | ( | MHD_gtls_session_t | session, | |
MHD_gnutls_handshake_description_t | htype, | |||
opaque | version[2] | |||
) | [inline, static] |
Definition at line 534 of file gnutls_record.c.
References GNUTLS_E_UNSUPPORTED_VERSION_PACKET, GNUTLS_HANDSHAKE_CLIENT_HELLO, GNUTLS_HANDSHAKE_SERVER_HELLO, MHD__gnutls_protocol_get_version(), MHD__gnutls_record_log, MHD_gnutls_assert, and MHD_gtls_version_get().
Referenced by MHD_gtls_recv_int().
static void session_invalidate | ( | MHD_gtls_session_t | session | ) | [inline, static] |
Definition at line 195 of file gnutls_record.c.
References MHD_gtls_session_int::internals, MHD_gtls_internals_st::valid_connection, and VALID_FALSE.
Referenced by MHD_gtls_recv_int(), MHD_gtls_send_int(), and record_check_type().
static int session_is_valid | ( | MHD_gtls_session_t | session | ) | [inline, static] |
Definition at line 209 of file gnutls_record.c.
References GNUTLS_E_INVALID_SESSION, MHD_gtls_session_int::internals, MHD_gtls_internals_st::valid_connection, and VALID_FALSE.
Referenced by MHD_gtls_recv_int(), and MHD_gtls_send_int().
static void session_unresumable | ( | MHD_gtls_session_t | session | ) | [inline, static] |
Definition at line 201 of file gnutls_record.c.
References MHD_gtls_session_int::internals, MHD_gtls_internals_st::resumable, and RESUME_FALSE.
Referenced by MHD_gtls_recv_int(), MHD_gtls_send_int(), and record_check_type().