コード例 #1
0
ファイル: gnutls_state.c プロジェクト: frankmorgner/gnutls
/**
 * gnutls_deinit:
 * @session: is a #gnutls_session_t structure.
 *
 * This function clears all buffers associated with the @session.
 * This function will also remove session data from the session
 * database if the session was terminated abnormally.
 **/
void
gnutls_deinit (gnutls_session_t session)
{
  unsigned int i;

  if (session == NULL)
    return;

  _gnutls_rnd_refresh();

  /* remove auth info firstly */
  _gnutls_free_auth_info (session);

  _gnutls_handshake_internal_state_clear (session);
  _gnutls_handshake_io_buffer_clear (session);
  _gnutls_ext_free_session_data (session);

  for (i = 0; i < MAX_EPOCH_INDEX; i++)
    if (session->record_parameters[i] != NULL)
      {
        _gnutls_epoch_free (session, session->record_parameters[i]);
        session->record_parameters[i] = NULL;
      }

  _gnutls_buffer_clear (&session->internals.handshake_hash_buffer);
  _gnutls_buffer_clear (&session->internals.hb_remote_data);
  _gnutls_buffer_clear (&session->internals.hb_local_data);
  _gnutls_buffer_clear (&session->internals.record_presend_buffer);

  _mbuffer_head_clear (&session->internals.record_buffer);
  _mbuffer_head_clear (&session->internals.record_recv_buffer);
  _mbuffer_head_clear (&session->internals.record_send_buffer);

  gnutls_credentials_clear (session);
  _gnutls_selected_certs_deinit (session);

  gnutls_pk_params_release(&session->key.ecdh_params);
  _gnutls_mpi_release (&session->key.ecdh_x);
  _gnutls_mpi_release (&session->key.ecdh_y);

  _gnutls_mpi_release (&session->key.KEY);
  _gnutls_mpi_release (&session->key.client_Y);
  _gnutls_mpi_release (&session->key.client_p);
  _gnutls_mpi_release (&session->key.client_g);

  _gnutls_mpi_release (&session->key.u);
  _gnutls_mpi_release (&session->key.a);
  _gnutls_mpi_release (&session->key.x);
  _gnutls_mpi_release (&session->key.A);
  _gnutls_mpi_release (&session->key.B);
  _gnutls_mpi_release (&session->key.b);

  /* RSA */
  _gnutls_mpi_release (&session->key.rsa[0]);
  _gnutls_mpi_release (&session->key.rsa[1]);

  _gnutls_mpi_release (&session->key.dh_secret);
  
  gnutls_free (session);
}
コード例 #2
0
/**
 * gnutls_deinit:
 * @session: is a #gnutls_session_t structure.
 *
 * This function clears all buffers associated with the @session.
 * This function will also remove session data from the session
 * database if the session was terminated abnormally.
 **/
void
gnutls_deinit (gnutls_session_t session)
{
  unsigned int i;

  if (session == NULL)
    return;

  /* remove auth info firstly */
  _gnutls_free_auth_info (session);

  _gnutls_handshake_internal_state_clear (session);
  _gnutls_handshake_io_buffer_clear (session);
  _gnutls_ext_free_session_data (session);

  for (i = 0; i < MAX_EPOCH_INDEX; i++)
    if (session->record_parameters[i] != NULL)
      {
        _gnutls_epoch_free (session, session->record_parameters[i]);
        session->record_parameters[i] = NULL;
      }

  _gnutls_buffer_clear (&session->internals.handshake_hash_buffer);
  _mbuffer_head_clear (&session->internals.record_buffer);
  _mbuffer_head_clear (&session->internals.record_recv_buffer);
  _mbuffer_head_clear (&session->internals.record_send_buffer);

  gnutls_credentials_clear (session);
  _gnutls_selected_certs_deinit (session);

  if (session->key != NULL)
    {
      _gnutls_mpi_release (&session->key->KEY);
      _gnutls_mpi_release (&session->key->client_Y);
      _gnutls_mpi_release (&session->key->client_p);
      _gnutls_mpi_release (&session->key->client_g);

      _gnutls_mpi_release (&session->key->u);
      _gnutls_mpi_release (&session->key->a);
      _gnutls_mpi_release (&session->key->x);
      _gnutls_mpi_release (&session->key->A);
      _gnutls_mpi_release (&session->key->B);
      _gnutls_mpi_release (&session->key->b);

      /* RSA */
      _gnutls_mpi_release (&session->key->rsa[0]);
      _gnutls_mpi_release (&session->key->rsa[1]);

      _gnutls_mpi_release (&session->key->dh_secret);
      gnutls_free (session->key);

      session->key = NULL;
    }

  memset (session, 0, sizeof (struct gnutls_session_int));
  gnutls_free (session);
}
コード例 #3
0
ファイル: state.c プロジェクト: GostCrypt/GnuTLS
/**
 * gnutls_deinit:
 * @session: is a #gnutls_session_t type.
 *
 * This function clears all buffers associated with the @session.
 * This function will also remove session data from the session
 * database if the session was terminated abnormally.
 **/
void gnutls_deinit(gnutls_session_t session)
{
	unsigned int i;

	if (session == NULL)
		return;

	/* remove auth info firstly */
	_gnutls_free_auth_info(session);

	_gnutls_handshake_internal_state_clear(session);
	_gnutls_handshake_io_buffer_clear(session);
	_gnutls_ext_free_session_data(session);

	for (i = 0; i < MAX_EPOCH_INDEX; i++)
		if (session->record_parameters[i] != NULL) {
			_gnutls_epoch_free(session,
					   session->record_parameters[i]);
			session->record_parameters[i] = NULL;
		}

	_gnutls_buffer_clear(&session->internals.handshake_hash_buffer);
	_gnutls_buffer_clear(&session->internals.hb_remote_data);
	_gnutls_buffer_clear(&session->internals.hb_local_data);
	_gnutls_buffer_clear(&session->internals.record_presend_buffer);

	_mbuffer_head_clear(&session->internals.record_buffer);
	_mbuffer_head_clear(&session->internals.record_recv_buffer);
	_mbuffer_head_clear(&session->internals.record_send_buffer);

	_gnutls_free_datum(&session->internals.resumption_data);

	gnutls_free(session->internals.rexts);

	gnutls_free(session->internals.rsup);

	gnutls_credentials_clear(session);
	_gnutls_selected_certs_deinit(session);

	gnutls_free(session);
}
コード例 #4
0
ファイル: gnutls_state.c プロジェクト: ystk/debian-gnutls26
/**
  * gnutls_deinit - clear all buffers associated with a session
  * @session: is a #gnutls_session_t structure.
  *
  * This function clears all buffers associated with the @session.
  * This function will also remove session data from the session
  * database if the session was terminated abnormally.
  **/
void
gnutls_deinit (gnutls_session_t session)
{

  if (session == NULL)
    return;

  /* remove auth info firstly */
  _gnutls_free_auth_info (session);

  _gnutls_handshake_internal_state_clear (session);
  _gnutls_handshake_io_buffer_clear (session);

  _gnutls_free_datum (&session->connection_state.read_mac_secret);
  _gnutls_free_datum (&session->connection_state.write_mac_secret);

  _gnutls_buffer_clear (&session->internals.ia_data_buffer);
  _gnutls_buffer_clear (&session->internals.handshake_hash_buffer);
  _gnutls_buffer_clear (&session->internals.handshake_data_buffer);
  _gnutls_buffer_clear (&session->internals.application_data_buffer);
  _gnutls_buffer_clear (&session->internals.record_recv_buffer);
  _gnutls_buffer_clear (&session->internals.record_send_buffer);

  gnutls_credentials_clear (session);
  _gnutls_selected_certs_deinit (session);

  _gnutls_cipher_deinit (&session->connection_state.read_cipher_state);
  _gnutls_cipher_deinit (&session->connection_state.write_cipher_state);

  if (session->connection_state.read_compression_state != NULL)
    _gnutls_comp_deinit (session->connection_state.read_compression_state, 1);
  if (session->connection_state.write_compression_state != NULL)
    _gnutls_comp_deinit (session->connection_state.write_compression_state,
			 0);

  _gnutls_free_datum (&session->cipher_specs.server_write_mac_secret);
  _gnutls_free_datum (&session->cipher_specs.client_write_mac_secret);
  _gnutls_free_datum (&session->cipher_specs.server_write_IV);
  _gnutls_free_datum (&session->cipher_specs.client_write_IV);
  _gnutls_free_datum (&session->cipher_specs.server_write_key);
  _gnutls_free_datum (&session->cipher_specs.client_write_key);

  if (session->key != NULL)
    {
      _gnutls_mpi_release (&session->key->KEY);
      _gnutls_mpi_release (&session->key->client_Y);
      _gnutls_mpi_release (&session->key->client_p);
      _gnutls_mpi_release (&session->key->client_g);

      _gnutls_mpi_release (&session->key->u);
      _gnutls_mpi_release (&session->key->a);
      _gnutls_mpi_release (&session->key->x);
      _gnutls_mpi_release (&session->key->A);
      _gnutls_mpi_release (&session->key->B);
      _gnutls_mpi_release (&session->key->b);

      /* RSA */
      _gnutls_mpi_release (&session->key->rsa[0]);
      _gnutls_mpi_release (&session->key->rsa[1]);

      _gnutls_mpi_release (&session->key->dh_secret);
      gnutls_free (session->key);

      session->key = NULL;
    }

  gnutls_free (session->internals.srp_username);

  if (session->internals.srp_password)
    {
      memset (session->internals.srp_password, 0,
	      strlen (session->internals.srp_password));
      gnutls_free (session->internals.srp_password);
    }

  memset (session, 0, sizeof (struct gnutls_session_int));
  gnutls_free (session);
}
コード例 #5
0
ファイル: gnutls_state.c プロジェクト: ystk/debian-gnutls26
/**
  * gnutls_init - initialize the session to null (null encryption etc...).
  * @con_end: indicate if this session is to be used for server or client.
  * @session: is a pointer to a #gnutls_session_t structure.
  *
  * This function initializes the current session to null. Every
  * session must be initialized before use, so internal structures can
  * be allocated.  This function allocates structures which can only
  * be free'd by calling gnutls_deinit().  Returns zero on success.
  *
  * @con_end can be one of %GNUTLS_CLIENT and %GNUTLS_SERVER.
  *
  * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
  **/
int
gnutls_init (gnutls_session_t * session, gnutls_connection_end_t con_end)
{
  *session = gnutls_calloc (1, sizeof (struct gnutls_session_int));
  if (*session == NULL)
    return GNUTLS_E_MEMORY_ERROR;

  (*session)->security_parameters.entity = con_end;

  /* the default certificate type for TLS */
  (*session)->security_parameters.cert_type = DEFAULT_CERT_TYPE;

/* Set the defaults for initial handshake */
  (*session)->security_parameters.read_bulk_cipher_algorithm =
    (*session)->security_parameters.write_bulk_cipher_algorithm =
    GNUTLS_CIPHER_NULL;

  (*session)->security_parameters.read_mac_algorithm =
    (*session)->security_parameters.write_mac_algorithm = GNUTLS_MAC_NULL;

  (*session)->security_parameters.read_compression_algorithm =
    GNUTLS_COMP_NULL;
  (*session)->security_parameters.write_compression_algorithm =
    GNUTLS_COMP_NULL;

  (*session)->internals.enable_private = 0;

  /* Initialize buffers */
  _gnutls_buffer_init (&(*session)->internals.application_data_buffer);
  _gnutls_buffer_init (&(*session)->internals.handshake_data_buffer);
  _gnutls_buffer_init (&(*session)->internals.handshake_hash_buffer);
  _gnutls_buffer_init (&(*session)->internals.ia_data_buffer);

  _gnutls_buffer_init (&(*session)->internals.record_send_buffer);
  _gnutls_buffer_init (&(*session)->internals.record_recv_buffer);

  _gnutls_buffer_init (&(*session)->internals.handshake_send_buffer);
  _gnutls_buffer_init (&(*session)->internals.handshake_recv_buffer);

  (*session)->key = gnutls_calloc (1, sizeof (struct gnutls_key_st));
  if ((*session)->key == NULL)
    {
    cleanup_session:
      gnutls_free (*session);
      *session = NULL;
      return GNUTLS_E_MEMORY_ERROR;
    }

  (*session)->internals.expire_time = DEFAULT_EXPIRE_TIME;	/* one hour default */

  gnutls_dh_set_prime_bits ((*session), MIN_DH_BITS);

  gnutls_transport_set_lowat ((*session), DEFAULT_LOWAT);	/* the default for tcp */

  gnutls_handshake_set_max_packet_length ((*session),
					  MAX_HANDSHAKE_PACKET_SIZE);

  /* Allocate a minimum size for recv_data
   * This is allocated in order to avoid small messages, making
   * the receive procedure slow.
   */
  if (_gnutls_buffer_resize (&(*session)->internals.record_recv_buffer,
			     INITIAL_RECV_BUFFER_SIZE))
    {
      gnutls_free ((*session)->key);
      goto cleanup_session;
    }

  /* set the socket pointers to -1;
   */
  (*session)->internals.transport_recv_ptr = (gnutls_transport_ptr_t) - 1;
  (*session)->internals.transport_send_ptr = (gnutls_transport_ptr_t) - 1;

  /* set the default maximum record size for TLS
   */
  (*session)->security_parameters.max_record_recv_size =
    DEFAULT_MAX_RECORD_SIZE;
  (*session)->security_parameters.max_record_send_size =
    DEFAULT_MAX_RECORD_SIZE;

  /* everything else not initialized here is initialized
   * as NULL or 0. This is why calloc is used.
   */

  _gnutls_handshake_internal_state_clear (*session);

  return 0;
}