/* initializes a gnutls_session with some defaults. */ static gnutls_session init_tls_session (const char *hostname) { gnutls_session session; gnutls_init (&session, GNUTLS_CLIENT); /* allow the use of private ciphersuites. */ if (disable_extensions == 0) { gnutls_handshake_set_private_extensions (session, 1); gnutls_server_name_set (session, GNUTLS_NAME_DNS, hostname, strlen (hostname)); gnutls_certificate_type_set_priority (session, cert_type_priority); } gnutls_cipher_set_priority (session, cipher_priority); gnutls_compression_set_priority (session, comp_priority); gnutls_kx_set_priority (session, kx_priority); gnutls_protocol_set_priority (session, protocol_priority); gnutls_mac_set_priority (session, mac_priority); gnutls_dh_set_prime_bits (session, 512); gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred); gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred); gnutls_credentials_set (session, GNUTLS_CRD_PSK, psk_cred); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); gnutls_certificate_client_set_retrieve_function (xcred, cert_callback); /* send the fingerprint */ if (fingerprint != 0) gnutls_openpgp_send_key (session, GNUTLS_OPENPGP_KEY_FINGERPRINT); /* use the max record size extension */ if (record_max_size > 0 && disable_extensions == 0) { if (gnutls_record_set_max_size (session, record_max_size) < 0) { fprintf (stderr, "Cannot set the maximum record size to %d.\n", record_max_size); fprintf (stderr, "Possible values: 512, 1024, 2048, 4096.\n"); exit (1); } } return session; }
test_code_t test_lzo (gnutls_session session) { int ret; gnutls_handshake_set_private_extensions (session, 1); ADD_ALL_CIPHERS (session); ADD_COMP (session, GNUTLS_COMP_LZO); ADD_ALL_CERTTYPES (session); ADD_ALL_PROTOCOLS (session); ADD_ALL_MACS (session); ADD_ALL_KX (session); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); ret = do_handshake (session); return ret; }
/* initializes a gnutls_session_t with some defaults. */ static gnutls_session_t init_tls_session (const char *hostname) { const char *err; gnutls_session_t session; gnutls_init (&session, GNUTLS_CLIENT); if (gnutls_priority_set_direct (session, info.priorities, &err) < 0) { fprintf (stderr, "Syntax error at: %s\n", err); exit (1); } /* allow the use of private ciphersuites. */ if (disable_extensions == 0) { gnutls_handshake_set_private_extensions (session, 1); gnutls_server_name_set (session, GNUTLS_NAME_DNS, hostname, strlen (hostname)); if (cert_type_priority[0]) gnutls_certificate_type_set_priority (session, cert_type_priority); } if (cipher_priority[0]) gnutls_cipher_set_priority (session, cipher_priority); if (comp_priority[0]) gnutls_compression_set_priority (session, comp_priority); if (kx_priority[0]) gnutls_kx_set_priority (session, kx_priority); if (protocol_priority[0]) gnutls_protocol_set_priority (session, protocol_priority); if (mac_priority[0]) gnutls_mac_set_priority (session, mac_priority); gnutls_dh_set_prime_bits (session, 512); gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred); if (srp_cred) gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred); if (psk_cred) gnutls_credentials_set (session, GNUTLS_CRD_PSK, psk_cred); gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); gnutls_certificate_client_set_retrieve_function (xcred, cert_callback); gnutls_certificate_set_verify_function (xcred, cert_verify_callback); gnutls_certificate_set_verify_flags (xcred, 0); /* send the fingerprint */ #ifdef ENABLE_OPENPGP if (fingerprint != 0) gnutls_openpgp_send_cert (session, GNUTLS_OPENPGP_CERT_FINGERPRINT); #endif /* use the max record size extension */ if (record_max_size > 0 && disable_extensions == 0) { if (gnutls_record_set_max_size (session, record_max_size) < 0) { fprintf (stderr, "Cannot set the maximum record size to %d.\n", record_max_size); fprintf (stderr, "Possible values: 512, 1024, 2048, 4096.\n"); exit (1); } } #ifdef ENABLE_OPRFI if (info.opaque_prf_input) gnutls_oprfi_enable_client (session, strlen (info.opaque_prf_input), info.opaque_prf_input); #endif #ifdef ENABLE_SESSION_TICKET if (!info.noticket) gnutls_session_ticket_enable_client (session); #endif return session; }
void session::set_private_extensions (bool allow) { gnutls_handshake_set_private_extensions (s, (int) allow); }