/**
* gnutls_server_name_set:
* @session: is a #gnutls_session_t type.
* @type: specifies the indicator type
* @name: is a string that contains the server name.
* @name_length: holds the length of name
*
* This function is to be used by clients that want to inform (via a
* TLS extension mechanism) the server of the name they connected to.
* This should be used by clients that connect to servers that do
* virtual hosting.
*
* The value of @name depends on the @type type. In case of
* %GNUTLS_NAME_DNS, a UTF-8 null-terminated domain name string,
* without the trailing dot, is expected.
*
* IPv4 or IPv6 addresses are not permitted to be set by this function.
* If the function is called with a name of @name_length zero it will clear
* all server names set.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
* otherwise a negative error code is returned.
**/
int
gnutls_server_name_set(gnutls_session_t session,
gnutls_server_name_type_t type,
const void *name, size_t name_length)
{
int ret;
gnutls_datum_t idn_name = {NULL,0};
if (session->security_parameters.entity == GNUTLS_SERVER) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
if (name_length == 0) { /* unset extension */
_gnutls_ext_unset_session_data(session, GNUTLS_EXTENSION_SERVER_NAME);
return 0;
}
ret = gnutls_idna_map(name, name_length, &idn_name, 0);
if (ret < 0) {
_gnutls_debug_log("unable to convert name %s to IDNA2003 format\n", (char*)name);
return ret;
}
name = idn_name.data;
name_length = idn_name.size;
ret = _gnutls_server_name_set_raw(session, type, name, name_length);
gnutls_free(idn_name.data);
return ret;
}
/* Deinitializes all data that are associated with TLS extensions.
*/
void _gnutls_ext_free_session_data(gnutls_session_t session)
{
unsigned int i;
for (i = 0; i < extfunc_size; i++) {
_gnutls_ext_unset_session_data(session, extfunc[i].type);
}
for (i = 0; i < extfunc_size; i++) {
_gnutls_ext_unset_resumed_session_data(session,
extfunc[i].type);
}
}
void _gnutls_ext_restore_resumed_session(gnutls_session_t session)
{
int i;
/* clear everything except MANDATORY extensions */
for (i = 0; i < MAX_EXT_TYPES; i++) {
if (session->internals.extension_int_data[i].set != 0 &&
_gnutls_ext_parse_type(session->
internals.extension_int_data[i].
type) != GNUTLS_EXT_MANDATORY) {
_gnutls_ext_unset_session_data(session,
session->internals.
extension_int_data
[i].type);
}
}
/* copy resumed to main */
for (i = 0; i < MAX_EXT_TYPES; i++) {
if (session->internals.resumed_extension_int_data[i].set !=
0
&& _gnutls_ext_parse_type(session->internals.
resumed_extension_int_data
[i].type) !=
GNUTLS_EXT_MANDATORY) {
_gnutls_ext_set_session_data(session,
session->internals.
resumed_extension_int_data
[i].type,
session->internals.
resumed_extension_int_data
[i].priv);
session->internals.resumed_extension_int_data[i].
set = 0;
}
}
}
/**
* gnutls_priority_set:
* @session: is a #gnutls_session_t structure.
* @priority: is a #gnutls_priority_t structure.
*
* Sets the priorities to use on the ciphers, key exchange methods,
* macs and compression methods.
*
* Returns: %GNUTLS_E_SUCCESS on success, or an error code.
**/
int
gnutls_priority_set(gnutls_session_t session, gnutls_priority_t priority)
{
if (priority == NULL) {
gnutls_assert();
return GNUTLS_E_NO_CIPHER_SUITES;
}
memcpy(&session->internals.priorities, priority,
sizeof(struct gnutls_priority_st));
/* set the current version to the first in the chain.
* This will be overridden later.
*/
if (session->internals.priorities.protocol.algorithms > 0) {
if (_gnutls_set_current_version(session,
session->internals.priorities.
protocol.priority[0]) < 0) {
return gnutls_assert_val(GNUTLS_E_UNSUPPORTED_VERSION_PACKET);
}
}
if (priority->no_tickets != 0) {
/* when PFS is explicitly requested, disable session tickets */
_gnutls_ext_unset_session_data(session, GNUTLS_EXTENSION_SESSION_TICKET);
}
if (session->internals.priorities.protocol.algorithms == 0 ||
session->internals.priorities.cipher.algorithms == 0 ||
session->internals.priorities.mac.algorithms == 0 ||
session->internals.priorities.kx.algorithms == 0 ||
session->internals.priorities.compression.algorithms == 0)
return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
return 0;
}
/**
* gnutls_server_name_set:
* @session: is a #gnutls_session_t type.
* @type: specifies the indicator type
* @name: is a string that contains the server name.
* @name_length: holds the length of name
*
* This function is to be used by clients that want to inform (via a
* TLS extension mechanism) the server of the name they connected to.
* This should be used by clients that connect to servers that do
* virtual hosting.
*
* The value of @name depends on the @type type. In case of
* %GNUTLS_NAME_DNS, a UTF-8 null-terminated domain name string,
* without the trailing dot, is expected.
*
* IPv4 or IPv6 addresses are not permitted.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned,
* otherwise a negative error code is returned.
**/
int
gnutls_server_name_set(gnutls_session_t session,
gnutls_server_name_type_t type,
const void *name, size_t name_length)
{
int server_names, ret;
server_name_ext_st *priv;
extension_priv_data_t epriv;
char *idn_name = NULL;
int set = 0, rc;
if (session->security_parameters.entity == GNUTLS_SERVER) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
if (name_length == 0) { /* unset extension */
_gnutls_ext_unset_session_data(session, GNUTLS_EXTENSION_SERVER_NAME);
return 0;
}
#ifdef HAVE_LIBIDN
rc = idna_to_ascii_8z (name, &idn_name, IDNA_ALLOW_UNASSIGNED);
if (rc != IDNA_SUCCESS) {
_gnutls_debug_log("unable to convert name %s to IDNA format: %s\n", (char*)name, idna_strerror(rc));
return GNUTLS_E_IDNA_ERROR;
}
name = idn_name;
name_length = strlen(idn_name);
#endif
if (name_length > MAX_SERVER_NAME_SIZE) {
ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
goto cleanup;
}
ret =
_gnutls_ext_get_session_data(session,
GNUTLS_EXTENSION_SERVER_NAME,
&epriv);
if (ret < 0) {
set = 1;
}
if (set != 0) {
priv = gnutls_calloc(1, sizeof(*priv));
if (priv == NULL) {
gnutls_assert();
return GNUTLS_E_MEMORY_ERROR;
}
epriv = priv;
} else
priv = epriv;
server_names = priv->server_names_size + 1;
if (server_names > MAX_SERVER_NAME_EXTENSIONS)
server_names = MAX_SERVER_NAME_EXTENSIONS;
priv->server_names[server_names - 1].type = type;
memcpy(priv->server_names[server_names - 1].name, name,
name_length);
priv->server_names[server_names - 1].name_length = name_length;
priv->server_names_size = server_names;
if (set != 0)
_gnutls_ext_set_session_data(session,
GNUTLS_EXTENSION_SERVER_NAME,
epriv);
ret = 0;
cleanup:
#ifdef HAVE_LIBIDN
idn_free(idn_name);
#endif
return ret;
}
