gnutls-commit
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_3_0_9-7-g3f5986a


From: Nikos Mavrogiannopoulos
Subject: [SCM] GNU gnutls branch, master, updated. gnutls_3_0_9-7-g3f5986a
Date: Sun, 18 Dec 2011 18:35:01 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=3f5986af3abc524198e18687e865131a6cde57e9

The branch, master has been updated
       via  3f5986af3abc524198e18687e865131a6cde57e9 (commit)
       via  8c8d6ba2e49031944005ed7ca166be160b8e60dd (commit)
       via  2bf710631b1a53d9b224823e85da8079511850b0 (commit)
       via  969ab94a8baca977a6cb8a49dbfe339a11fce52c (commit)
       via  6719f6f962142344623216f8e7a52452b542ad7d (commit)
      from  7daf2300d81dbeeee870299ba3bf7d1ebe3a0d12 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 3f5986af3abc524198e18687e865131a6cde57e9
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sun Dec 18 19:36:03 2011 +0100

    Only use configured interfaces. Patch by Pino Toscano.

commit 8c8d6ba2e49031944005ed7ca166be160b8e60dd
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sat Dec 17 12:39:53 2011 +0100

    better comments.

commit 2bf710631b1a53d9b224823e85da8079511850b0
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sat Dec 17 12:32:51 2011 +0100

    gnutls_protocol_get_version() and _gnutls_set_current_version() are now 
inline functions

commit 969ab94a8baca977a6cb8a49dbfe339a11fce52c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sat Dec 17 12:26:15 2011 +0100

    documented _gnutls_supported_ciphersuites()

commit 6719f6f962142344623216f8e7a52452b542ad7d
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sat Dec 17 12:21:42 2011 +0100

    renamed the _SHA ciphersuites to _SHA1.

-----------------------------------------------------------------------

Summary of changes:
 lib/algorithms/ciphersuites.c |   72 ++++++++++++++++++++++++-----------------
 lib/algorithms/protocols.c    |   14 ++++++--
 lib/gnutls_int.h              |   17 ++++++++-
 lib/gnutls_record.c           |   22 ------------
 lib/gnutls_state.c            |   15 ++++++++
 src/serv.c                    |    2 +-
 6 files changed, 83 insertions(+), 59 deletions(-)

diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c
index 88ce7ad..7b90a37 100644
--- a/lib/algorithms/ciphersuites.c
+++ b/lib/algorithms/ciphersuites.c
@@ -176,22 +176,22 @@ typedef struct
 #define GNUTLS_DHE_PSK_NULL_SHA256 { 0x00, 0xB4 }
 
 /* ECC */
-#define GNUTLS_ECDH_ANON_NULL_SHA { 0xC0, 0x15 }
-#define GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA { 0xC0, 0x17 }
-#define GNUTLS_ECDH_ANON_AES_128_CBC_SHA { 0xC0, 0x18 }
-#define GNUTLS_ECDH_ANON_AES_256_CBC_SHA { 0xC0, 0x19 }
+#define GNUTLS_ECDH_ANON_NULL_SHA1 { 0xC0, 0x15 }
+#define GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1 { 0xC0, 0x17 }
+#define GNUTLS_ECDH_ANON_AES_128_CBC_SHA1 { 0xC0, 0x18 }
+#define GNUTLS_ECDH_ANON_AES_256_CBC_SHA1 { 0xC0, 0x19 }
 
 /* ECC-RSA */
-#define GNUTLS_ECDHE_RSA_NULL_SHA { 0xC0, 0x10 }
-#define GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA { 0xC0, 0x12 }
-#define GNUTLS_ECDHE_RSA_AES_128_CBC_SHA { 0xC0, 0x13 }
-#define GNUTLS_ECDHE_RSA_AES_256_CBC_SHA { 0xC0, 0x14 }
+#define GNUTLS_ECDHE_RSA_NULL_SHA1 { 0xC0, 0x10 }
+#define GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1 { 0xC0, 0x12 }
+#define GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1 { 0xC0, 0x13 }
+#define GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1 { 0xC0, 0x14 }
 
 /* ECC-ECDSA */
-#define GNUTLS_ECDHE_ECDSA_NULL_SHA           { 0xC0, 0x06 }
-#define GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA   { 0xC0, 0x08 }
-#define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA    { 0xC0, 0x09 }
-#define GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA    { 0xC0, 0x0A }
+#define GNUTLS_ECDHE_ECDSA_NULL_SHA1           { 0xC0, 0x06 }
+#define GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1   { 0xC0, 0x08 }
+#define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1    { 0xC0, 0x09 }
+#define GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1    { 0xC0, 0x0A }
 
 /* ECC with SHA2 */
 #define GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA256     {0xC0,0x23}
@@ -208,9 +208,9 @@ typedef struct
 
 
 /* ECC with PSK */
-#define GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA { 0xC0, 0x34 }
-#define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA { 0xC0, 0x35 }
-#define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA { 0xC0, 0x36 }
+#define GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA1 { 0xC0, 0x34 }
+#define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA1 { 0xC0, 0x35 }
+#define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1 { 0xC0, 0x36 }
 #define GNUTLS_ECDHE_PSK_AES_128_CBC_SHA256 { 0xC0, 0x37 }
 #define GNUTLS_ECDHE_PSK_AES_256_CBC_SHA384 { 0xC0, 0x38 }
 #define GNUTLS_ECDHE_PSK_NULL_SHA256 { 0xC0, 0x3A }
@@ -500,53 +500,53 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
                              GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
                              GNUTLS_VERSION_MAX, 1),
 /* ECC-ANON */
-  ENTRY (GNUTLS_ECDH_ANON_NULL_SHA,
+  ENTRY (GNUTLS_ECDH_ANON_NULL_SHA1,
                              GNUTLS_CIPHER_NULL, GNUTLS_KX_ANON_ECDH,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA,
+  ENTRY (GNUTLS_ECDH_ANON_3DES_EDE_CBC_SHA1,
                              GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ANON_ECDH,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDH_ANON_AES_128_CBC_SHA,
+  ENTRY (GNUTLS_ECDH_ANON_AES_128_CBC_SHA1,
                              GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ANON_ECDH,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDH_ANON_AES_256_CBC_SHA,
+  ENTRY (GNUTLS_ECDH_ANON_AES_256_CBC_SHA1,
                              GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ANON_ECDH,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
 /* ECC-RSA */
-  ENTRY (GNUTLS_ECDHE_RSA_NULL_SHA,
+  ENTRY (GNUTLS_ECDHE_RSA_NULL_SHA1,
                              GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_RSA,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA,
+  ENTRY (GNUTLS_ECDHE_RSA_3DES_EDE_CBC_SHA1,
                              GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_RSA,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA,
+  ENTRY (GNUTLS_ECDHE_RSA_AES_128_CBC_SHA1,
                              GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_RSA,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA,
+  ENTRY (GNUTLS_ECDHE_RSA_AES_256_CBC_SHA1,
                              GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_RSA,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
   /* ECDHE-ECDSA */
-  ENTRY (GNUTLS_ECDHE_ECDSA_NULL_SHA,
+  ENTRY (GNUTLS_ECDHE_ECDSA_NULL_SHA1,
                              GNUTLS_CIPHER_NULL, GNUTLS_KX_ECDHE_ECDSA,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA,
+  ENTRY (GNUTLS_ECDHE_ECDSA_3DES_EDE_CBC_SHA1,
                              GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_ECDSA,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA,
+  ENTRY (GNUTLS_ECDHE_ECDSA_AES_128_CBC_SHA1,
                              GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_ECDSA,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA,
+  ENTRY (GNUTLS_ECDHE_ECDSA_AES_256_CBC_SHA1,
                              GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_ECDSA,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
@@ -569,15 +569,15 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = {
                              GNUTLS_MAC_AEAD, GNUTLS_TLS1_2,
                              GNUTLS_VERSION_MAX, 1),
   /* ECC - PSK */
-  ENTRY (GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA,
+  ENTRY (GNUTLS_ECDHE_PSK_3DES_EDE_CBC_SHA1,
                              GNUTLS_CIPHER_3DES_CBC, GNUTLS_KX_ECDHE_PSK,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA,
+  ENTRY (GNUTLS_ECDHE_PSK_AES_128_CBC_SHA1,
                              GNUTLS_CIPHER_AES_128_CBC, GNUTLS_KX_ECDHE_PSK,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
-  ENTRY (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA,
+  ENTRY (GNUTLS_ECDHE_PSK_AES_256_CBC_SHA1,
                              GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_ECDHE_PSK,
                              GNUTLS_MAC_SHA1, GNUTLS_TLS1_0,
                              GNUTLS_VERSION_MAX, 1),
@@ -776,6 +776,18 @@ _gnutls_cipher_suite_is_ok (const uint8_t suite[2])
 
 }
 
+/*-
+ * _gnutls_supported_ciphersuites: 
+ * @session: a TLS session
+ * @cipher_suites: Where the ciphersuites will be stored (2bytes each)
+ * @max_cipher_suite_size: the maximum size of the @cipher_suites buffer.
+ *
+ * Returns the supported ciphersuites by this session (based on priorities)
+ * sorted by order of preference.
+ *
+ * Returns the size of the @cipher_suites buffer, or a negative value on error.
+ *
+ -*/
 int
 _gnutls_supported_ciphersuites (gnutls_session_t session,
                                 uint8_t *cipher_suites, int 
max_cipher_suite_size)
diff --git a/lib/algorithms/protocols.c b/lib/algorithms/protocols.c
index 22c99e8..6d6b04c 100644
--- a/lib/algorithms/protocols.c
+++ b/lib/algorithms/protocols.c
@@ -54,10 +54,10 @@ static const gnutls_version_entry sup_versions[] = {
 #define GNUTLS_VERSION_ALG_LOOP(a) \
        GNUTLS_VERSION_LOOP( if(p->id == version) { a; break; })
 
-/* Version */
+/* Return the priority of the provided version number */
 int
 _gnutls_version_priority (gnutls_session_t session, gnutls_protocol_t version)
-{                               /* actually returns the priority */
+{
   unsigned int i;
 
   for (i = 0; i < session->internals.priorities.protocol.algorithms; i++)
@@ -68,9 +68,11 @@ _gnutls_version_priority (gnutls_session_t session, 
gnutls_protocol_t version)
   return -1;
 }
 
+/* Returns the lowest TLS version number in the priorities.
+ */
 gnutls_protocol_t
 _gnutls_version_lowest (gnutls_session_t session)
-{                               /* returns the lowest version supported */
+{
   unsigned int i, min = 0xff;
   gnutls_protocol_t cur_prot;
 
@@ -88,9 +90,11 @@ _gnutls_version_lowest (gnutls_session_t session)
   return min;
 }
 
+/* Returns the maximum version in the priorities 
+ */
 gnutls_protocol_t
 _gnutls_version_max (gnutls_session_t session)
-{                               /* returns the maximum version supported */
+{
   unsigned int i, max = 0x00;
   gnutls_protocol_t cur_prot;
 
@@ -189,6 +193,8 @@ _gnutls_version_get_minor (gnutls_protocol_t version)
   return ret;
 }
 
+/* Returns a version number given the major and minor numbers.
+ */
 gnutls_protocol_t
 _gnutls_version_get (int major, int minor)
 {
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 3767f10..0895491 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -878,8 +878,6 @@ struct gnutls_session_int
 
 /* functions 
  */
-void _gnutls_set_current_version (gnutls_session_t session,
-                                  gnutls_protocol_t version);
 void _gnutls_free_auth_info (gnutls_session_t session);
 
 /* These two macros return the advertized TLS version of
@@ -900,4 +898,19 @@ gnutls_protocol_t _gnutls_get_adv_version 
(gnutls_session_t);
 
 int _gnutls_is_secure_mem_null (const void *);
 
+inline static gnutls_protocol_t
+_gnutls_protocol_get_version (gnutls_session_t session)
+{
+  return session->security_parameters.version;
+}
+
+#define gnutls_protocol_get_version _gnutls_protocol_get_version
+
+inline static void
+_gnutls_set_current_version (gnutls_session_t session,
+                             gnutls_protocol_t version)
+{
+  session->security_parameters.version = version;
+}
+
 #endif /* GNUTLS_INT_H */
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 6c2ac56..db9ef2a 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -58,28 +58,6 @@ struct tls_record_st {
   /* the data */
 };
 
-
-/**
- * gnutls_protocol_get_version:
- * @session: is a #gnutls_session_t structure.
- *
- * Get TLS version, a #gnutls_protocol_t value.
- *
- * Returns: The version of the currently used protocol.
- **/
-gnutls_protocol_t
-gnutls_protocol_get_version (gnutls_session_t session)
-{
-  return session->security_parameters.version;
-}
-
-void
-_gnutls_set_current_version (gnutls_session_t session,
-                             gnutls_protocol_t version)
-{
-  session->security_parameters.version = version;
-}
-
 /**
  * gnutls_record_disable_padding:
  * @session: is a #gnutls_session_t structure.
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index 3e1e3ae..d1b9561 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -1396,3 +1396,18 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t 
session)
 {
   return _gnutls_session_ecc_curve_get(session);
 }
+
+#undef gnutls_protocol_get_version
+/**
+ * gnutls_protocol_get_version:
+ * @session: is a #gnutls_session_t structure.
+ *
+ * Get TLS version, a #gnutls_protocol_t value.
+ *
+ * Returns: The version of the currently used protocol.
+ **/
+gnutls_protocol_t
+gnutls_protocol_get_version (gnutls_session_t session)
+{
+  return _gnutls_protocol_get_version(session);
+}
diff --git a/src/serv.c b/src/serv.c
index 9a5c486..8959d7f 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -692,7 +692,7 @@ listen_socket (const char *name, int listen_port, int 
socktype)
   snprintf (portname, sizeof (portname), "%d", listen_port);
   memset (&hints, 0, sizeof (hints));
   hints.ai_socktype = socktype;
-  hints.ai_flags = AI_PASSIVE;
+  hints.ai_flags = AI_PASSIVE | AI_ADDRCONFIG;
 
   if ((s = getaddrinfo (NULL, portname, &hints, &res)) != 0)
     {


hooks/post-receive
-- 
GNU gnutls



reply via email to

[Prev in Thread] Current Thread [Next in Thread]