/** * gnutls_deinit: * @session: is a #gnutls_session_t structure. * * This function clears all buffers associated with the @session. * This function will also remove session data from the session * database if the session was terminated abnormally. **/ void gnutls_deinit (gnutls_session_t session) { unsigned int i; if (session == NULL) return; _gnutls_rnd_refresh(); /* remove auth info firstly */ _gnutls_free_auth_info (session); _gnutls_handshake_internal_state_clear (session); _gnutls_handshake_io_buffer_clear (session); _gnutls_ext_free_session_data (session); for (i = 0; i < MAX_EPOCH_INDEX; i++) if (session->record_parameters[i] != NULL) { _gnutls_epoch_free (session, session->record_parameters[i]); session->record_parameters[i] = NULL; } _gnutls_buffer_clear (&session->internals.handshake_hash_buffer); _gnutls_buffer_clear (&session->internals.hb_remote_data); _gnutls_buffer_clear (&session->internals.hb_local_data); _gnutls_buffer_clear (&session->internals.record_presend_buffer); _mbuffer_head_clear (&session->internals.record_buffer); _mbuffer_head_clear (&session->internals.record_recv_buffer); _mbuffer_head_clear (&session->internals.record_send_buffer); gnutls_credentials_clear (session); _gnutls_selected_certs_deinit (session); gnutls_pk_params_release(&session->key.ecdh_params); _gnutls_mpi_release (&session->key.ecdh_x); _gnutls_mpi_release (&session->key.ecdh_y); _gnutls_mpi_release (&session->key.KEY); _gnutls_mpi_release (&session->key.client_Y); _gnutls_mpi_release (&session->key.client_p); _gnutls_mpi_release (&session->key.client_g); _gnutls_mpi_release (&session->key.u); _gnutls_mpi_release (&session->key.a); _gnutls_mpi_release (&session->key.x); _gnutls_mpi_release (&session->key.A); _gnutls_mpi_release (&session->key.B); _gnutls_mpi_release (&session->key.b); /* RSA */ _gnutls_mpi_release (&session->key.rsa[0]); _gnutls_mpi_release (&session->key.rsa[1]); _gnutls_mpi_release (&session->key.dh_secret); gnutls_free (session); }
/** * gnutls_deinit: * @session: is a #gnutls_session_t structure. * * This function clears all buffers associated with the @session. * This function will also remove session data from the session * database if the session was terminated abnormally. **/ void gnutls_deinit (gnutls_session_t session) { unsigned int i; if (session == NULL) return; /* remove auth info firstly */ _gnutls_free_auth_info (session); _gnutls_handshake_internal_state_clear (session); _gnutls_handshake_io_buffer_clear (session); _gnutls_ext_free_session_data (session); for (i = 0; i < MAX_EPOCH_INDEX; i++) if (session->record_parameters[i] != NULL) { _gnutls_epoch_free (session, session->record_parameters[i]); session->record_parameters[i] = NULL; } _gnutls_buffer_clear (&session->internals.handshake_hash_buffer); _mbuffer_head_clear (&session->internals.record_buffer); _mbuffer_head_clear (&session->internals.record_recv_buffer); _mbuffer_head_clear (&session->internals.record_send_buffer); gnutls_credentials_clear (session); _gnutls_selected_certs_deinit (session); if (session->key != NULL) { _gnutls_mpi_release (&session->key->KEY); _gnutls_mpi_release (&session->key->client_Y); _gnutls_mpi_release (&session->key->client_p); _gnutls_mpi_release (&session->key->client_g); _gnutls_mpi_release (&session->key->u); _gnutls_mpi_release (&session->key->a); _gnutls_mpi_release (&session->key->x); _gnutls_mpi_release (&session->key->A); _gnutls_mpi_release (&session->key->B); _gnutls_mpi_release (&session->key->b); /* RSA */ _gnutls_mpi_release (&session->key->rsa[0]); _gnutls_mpi_release (&session->key->rsa[1]); _gnutls_mpi_release (&session->key->dh_secret); gnutls_free (session->key); session->key = NULL; } memset (session, 0, sizeof (struct gnutls_session_int)); gnutls_free (session); }
/** * gnutls_deinit: * @session: is a #gnutls_session_t type. * * This function clears all buffers associated with the @session. * This function will also remove session data from the session * database if the session was terminated abnormally. **/ void gnutls_deinit(gnutls_session_t session) { unsigned int i; if (session == NULL) return; /* remove auth info firstly */ _gnutls_free_auth_info(session); _gnutls_handshake_internal_state_clear(session); _gnutls_handshake_io_buffer_clear(session); _gnutls_ext_free_session_data(session); for (i = 0; i < MAX_EPOCH_INDEX; i++) if (session->record_parameters[i] != NULL) { _gnutls_epoch_free(session, session->record_parameters[i]); session->record_parameters[i] = NULL; } _gnutls_buffer_clear(&session->internals.handshake_hash_buffer); _gnutls_buffer_clear(&session->internals.hb_remote_data); _gnutls_buffer_clear(&session->internals.hb_local_data); _gnutls_buffer_clear(&session->internals.record_presend_buffer); _mbuffer_head_clear(&session->internals.record_buffer); _mbuffer_head_clear(&session->internals.record_recv_buffer); _mbuffer_head_clear(&session->internals.record_send_buffer); _gnutls_free_datum(&session->internals.resumption_data); gnutls_free(session->internals.rexts); gnutls_free(session->internals.rsup); gnutls_credentials_clear(session); _gnutls_selected_certs_deinit(session); gnutls_free(session); }
/** * gnutls_deinit - clear all buffers associated with a session * @session: is a #gnutls_session_t structure. * * This function clears all buffers associated with the @session. * This function will also remove session data from the session * database if the session was terminated abnormally. **/ void gnutls_deinit (gnutls_session_t session) { if (session == NULL) return; /* remove auth info firstly */ _gnutls_free_auth_info (session); _gnutls_handshake_internal_state_clear (session); _gnutls_handshake_io_buffer_clear (session); _gnutls_free_datum (&session->connection_state.read_mac_secret); _gnutls_free_datum (&session->connection_state.write_mac_secret); _gnutls_buffer_clear (&session->internals.ia_data_buffer); _gnutls_buffer_clear (&session->internals.handshake_hash_buffer); _gnutls_buffer_clear (&session->internals.handshake_data_buffer); _gnutls_buffer_clear (&session->internals.application_data_buffer); _gnutls_buffer_clear (&session->internals.record_recv_buffer); _gnutls_buffer_clear (&session->internals.record_send_buffer); gnutls_credentials_clear (session); _gnutls_selected_certs_deinit (session); _gnutls_cipher_deinit (&session->connection_state.read_cipher_state); _gnutls_cipher_deinit (&session->connection_state.write_cipher_state); if (session->connection_state.read_compression_state != NULL) _gnutls_comp_deinit (session->connection_state.read_compression_state, 1); if (session->connection_state.write_compression_state != NULL) _gnutls_comp_deinit (session->connection_state.write_compression_state, 0); _gnutls_free_datum (&session->cipher_specs.server_write_mac_secret); _gnutls_free_datum (&session->cipher_specs.client_write_mac_secret); _gnutls_free_datum (&session->cipher_specs.server_write_IV); _gnutls_free_datum (&session->cipher_specs.client_write_IV); _gnutls_free_datum (&session->cipher_specs.server_write_key); _gnutls_free_datum (&session->cipher_specs.client_write_key); if (session->key != NULL) { _gnutls_mpi_release (&session->key->KEY); _gnutls_mpi_release (&session->key->client_Y); _gnutls_mpi_release (&session->key->client_p); _gnutls_mpi_release (&session->key->client_g); _gnutls_mpi_release (&session->key->u); _gnutls_mpi_release (&session->key->a); _gnutls_mpi_release (&session->key->x); _gnutls_mpi_release (&session->key->A); _gnutls_mpi_release (&session->key->B); _gnutls_mpi_release (&session->key->b); /* RSA */ _gnutls_mpi_release (&session->key->rsa[0]); _gnutls_mpi_release (&session->key->rsa[1]); _gnutls_mpi_release (&session->key->dh_secret); gnutls_free (session->key); session->key = NULL; } gnutls_free (session->internals.srp_username); if (session->internals.srp_password) { memset (session->internals.srp_password, 0, strlen (session->internals.srp_password)); gnutls_free (session->internals.srp_password); } memset (session, 0, sizeof (struct gnutls_session_int)); gnutls_free (session); }
/** * gnutls_init - initialize the session to null (null encryption etc...). * @con_end: indicate if this session is to be used for server or client. * @session: is a pointer to a #gnutls_session_t structure. * * This function initializes the current session to null. Every * session must be initialized before use, so internal structures can * be allocated. This function allocates structures which can only * be free'd by calling gnutls_deinit(). Returns zero on success. * * @con_end can be one of %GNUTLS_CLIENT and %GNUTLS_SERVER. * * Returns: %GNUTLS_E_SUCCESS on success, or an error code. **/ int gnutls_init (gnutls_session_t * session, gnutls_connection_end_t con_end) { *session = gnutls_calloc (1, sizeof (struct gnutls_session_int)); if (*session == NULL) return GNUTLS_E_MEMORY_ERROR; (*session)->security_parameters.entity = con_end; /* the default certificate type for TLS */ (*session)->security_parameters.cert_type = DEFAULT_CERT_TYPE; /* Set the defaults for initial handshake */ (*session)->security_parameters.read_bulk_cipher_algorithm = (*session)->security_parameters.write_bulk_cipher_algorithm = GNUTLS_CIPHER_NULL; (*session)->security_parameters.read_mac_algorithm = (*session)->security_parameters.write_mac_algorithm = GNUTLS_MAC_NULL; (*session)->security_parameters.read_compression_algorithm = GNUTLS_COMP_NULL; (*session)->security_parameters.write_compression_algorithm = GNUTLS_COMP_NULL; (*session)->internals.enable_private = 0; /* Initialize buffers */ _gnutls_buffer_init (&(*session)->internals.application_data_buffer); _gnutls_buffer_init (&(*session)->internals.handshake_data_buffer); _gnutls_buffer_init (&(*session)->internals.handshake_hash_buffer); _gnutls_buffer_init (&(*session)->internals.ia_data_buffer); _gnutls_buffer_init (&(*session)->internals.record_send_buffer); _gnutls_buffer_init (&(*session)->internals.record_recv_buffer); _gnutls_buffer_init (&(*session)->internals.handshake_send_buffer); _gnutls_buffer_init (&(*session)->internals.handshake_recv_buffer); (*session)->key = gnutls_calloc (1, sizeof (struct gnutls_key_st)); if ((*session)->key == NULL) { cleanup_session: gnutls_free (*session); *session = NULL; return GNUTLS_E_MEMORY_ERROR; } (*session)->internals.expire_time = DEFAULT_EXPIRE_TIME; /* one hour default */ gnutls_dh_set_prime_bits ((*session), MIN_DH_BITS); gnutls_transport_set_lowat ((*session), DEFAULT_LOWAT); /* the default for tcp */ gnutls_handshake_set_max_packet_length ((*session), MAX_HANDSHAKE_PACKET_SIZE); /* Allocate a minimum size for recv_data * This is allocated in order to avoid small messages, making * the receive procedure slow. */ if (_gnutls_buffer_resize (&(*session)->internals.record_recv_buffer, INITIAL_RECV_BUFFER_SIZE)) { gnutls_free ((*session)->key); goto cleanup_session; } /* set the socket pointers to -1; */ (*session)->internals.transport_recv_ptr = (gnutls_transport_ptr_t) - 1; (*session)->internals.transport_send_ptr = (gnutls_transport_ptr_t) - 1; /* set the default maximum record size for TLS */ (*session)->security_parameters.max_record_recv_size = DEFAULT_MAX_RECORD_SIZE; (*session)->security_parameters.max_record_send_size = DEFAULT_MAX_RECORD_SIZE; /* everything else not initialized here is initialized * as NULL or 0. This is why calloc is used. */ _gnutls_handshake_internal_state_clear (*session); return 0; }