void benchmark_cipher(int debug_level) { int size = 16; gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(debug_level); gnutls_rnd(GNUTLS_RND_NONCE, data, sizeof(data)); printf("Checking cipher-MAC combinations, payload size: %u\n", size * 1024); cipher_mac_bench(GNUTLS_CIPHER_SALSA20_256, GNUTLS_MAC_SHA1, size); cipher_mac_bench(GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA1, size); cipher_mac_bench(GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA256, size); cipher_bench(GNUTLS_CIPHER_AES_128_GCM, size, 1); printf("\nChecking MAC algorithms, payload size: %u\n", size * 1024); mac_bench(GNUTLS_MAC_SHA1, size); mac_bench(GNUTLS_MAC_SHA256, size); mac_bench(GNUTLS_MAC_SHA512, size); printf("\nChecking ciphers, payload size: %u\n", size * 1024); cipher_bench(GNUTLS_CIPHER_3DES_CBC, size, 0); cipher_bench(GNUTLS_CIPHER_AES_128_CBC, size, 0); cipher_bench(GNUTLS_CIPHER_ARCFOUR, size, 0); cipher_bench(GNUTLS_CIPHER_SALSA20_256, size, 0); gnutls_global_deinit(); }
int main() { Ecore_Con_Server *svr; eina_init(); ecore_init(); ecore_con_init(); /* comment if not using gnutls */ gnutls_global_set_log_level(9); gnutls_global_set_log_function(tls_log_func); /* to use a PEM certificate with TLS and SSL3, uncomment the lines below */ if (!(svr = ecore_con_server_add(ECORE_CON_REMOTE_TCP | ECORE_CON_USE_TLS | ECORE_CON_USE_SSL3 | ECORE_CON_LOAD_CERT, "127.0.0.1", 8080, NULL))) /* to use simple tcp with ssl/tls, use this line */ // if (!ecore_con_server_add(ECORE_CON_REMOTE_TCP | ECORE_CON_USE_SSL3, "127.0.0.1", 8080, NULL)) exit(1); ecore_con_ssl_server_cert_add(svr, "server.pem"); ecore_con_ssl_server_privkey_add(svr, "server.pem"); /* set event handler for client connect */ ecore_event_handler_add(ECORE_CON_EVENT_CLIENT_ADD, (Ecore_Event_Handler_Cb)_add, NULL); /* set event handler for client disconnect */ ecore_event_handler_add(ECORE_CON_EVENT_CLIENT_DEL, (Ecore_Event_Handler_Cb)_del, NULL); /* set event handler for receiving client data */ ecore_event_handler_add(ECORE_CON_EVENT_CLIENT_DATA, (Ecore_Event_Handler_Cb)_data, NULL); /* start server */ ecore_main_loop_begin(); }
int qcrypto_init(Error **errp) { #ifdef CONFIG_GNUTLS int ret; ret = gnutls_global_init(); if (ret < 0) { error_setg(errp, "Unable to initialize GNUTLS library: %s", gnutls_strerror(ret)); return -1; } #ifdef DEBUG_GNUTLS gnutls_global_set_log_level(10); gnutls_global_set_log_function(qcrypto_gnutls_log); #endif #endif #ifdef CONFIG_GCRYPT if (!gcry_check_version(GCRYPT_VERSION)) { error_setg(errp, "Unable to initialize gcrypt"); return -1; } #ifdef QCRYPTO_INIT_GCRYPT_THREADS gcry_control(GCRYCTL_SET_THREAD_CBS, &qcrypto_gcrypt_thread_impl); #endif /* QCRYPTO_INIT_GCRYPT_THREADS */ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); #endif return 0; }
void doit(void) { int exit_code = EXIT_SUCCESS; /* Server stuff. */ gnutls_certificate_credentials_t serverx509cred; gnutls_session_t server; int sret = GNUTLS_E_AGAIN; /* Client stuff. */ gnutls_certificate_credentials_t clientx509cred; gnutls_session_t client; int cret = GNUTLS_E_AGAIN; /* General init. */ global_init (); gnutls_global_set_log_function (tls_log_func); if (debug) gnutls_global_set_log_level (2); /* Init server */ gnutls_certificate_allocate_credentials (&serverx509cred); gnutls_certificate_set_x509_key_mem (serverx509cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); gnutls_init (&server, GNUTLS_SERVER); gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); gnutls_priority_set_direct (server, "NORMAL:-CIPHER-ALL:+ARCFOUR-128", NULL); gnutls_transport_set_push_function (server, server_push); gnutls_transport_set_pull_function (server, server_pull); gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t)server); /* Init client */ gnutls_certificate_allocate_credentials (&clientx509cred); gnutls_init (&client, GNUTLS_CLIENT); gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); gnutls_priority_set_direct (client, "NORMAL", NULL); gnutls_transport_set_push_function (client, client_push); gnutls_transport_set_pull_function (client, client_pull); gnutls_transport_set_ptr (client, (gnutls_transport_ptr_t)client); HANDSHAKE(client, server); gnutls_bye (client, GNUTLS_SHUT_RDWR); gnutls_bye (server, GNUTLS_SHUT_RDWR); gnutls_deinit (client); gnutls_deinit (server); gnutls_certificate_free_credentials (serverx509cred); gnutls_certificate_free_credentials (clientx509cred); gnutls_global_deinit (); if (debug > 0) { if (exit_code == 0) puts ("Self-test successful"); else puts ("Self-test failed"); } }
struct rfbssl_ctx *rfbssl_init_global(char *key, char *cert) { int ret = GNUTLS_E_SUCCESS; struct rfbssl_ctx *ctx = NULL; if (NULL == (ctx = malloc(sizeof(struct rfbssl_ctx)))) { ret = GNUTLS_E_MEMORY_ERROR; } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_global_init())) { /* */ } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_certificate_allocate_credentials(&ctx->x509_cred))) { /* */ } else if ((ret = gnutls_certificate_set_x509_trust_file(ctx->x509_cred, cert, GNUTLS_X509_FMT_PEM)) < 0) { /* */ } else if (!GNUTLS_E_SUCCESS == (ret = gnutls_certificate_set_x509_key_file(ctx->x509_cred, cert, key, GNUTLS_X509_FMT_PEM))) { /* */ } else if (!GNUTLS_E_SUCCESS == (ret = generate_dh_params(ctx))) { /* */ #ifdef I_LIKE_RSA_PARAMS_THAT_MUCH } else if (!GNUTLS_E_SUCCESS == (ret = generate_rsa_params(ctx))) { /* */ #endif } else { gnutls_global_set_log_function(rfbssl_log_func); gnutls_global_set_log_level(1); gnutls_certificate_set_dh_params(ctx->x509_cred, ctx->dh_params); /* newly allocated memory should be initialized, at least where it is important */ ctx->peekstart = ctx->peeklen = 0; return ctx; } free(ctx); return NULL; }
static void server(int fd, int packet) { int ret; /* this must be called once in the program */ global_init(); if (debug) { gnutls_global_set_log_function(server_log_func); gnutls_global_set_log_level(4711); } gnutls_anon_allocate_server_credentials(&anoncred); session = initialize_tls_session(); counter = 0; packet_to_lose = packet; gnutls_transport_set_int(session, fd); gnutls_transport_set_push_function(session, push); do { ret = gnutls_handshake(session); } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); gnutls_deinit(session); gnutls_global_deinit(); if (ret < 0) { return; } }
bool CTlsSocket::Init() { // This function initializes GnuTLS m_initialized = true; int res = gnutls_global_init(); if (res) { LogError(res, _T("gnutls_global_init")); Uninit(); return false; } #if TLSDEBUG if (!pLoggingControlSocket) { pLoggingControlSocket = m_pOwner; gnutls_global_set_log_function(log_func); gnutls_global_set_log_level(99); } #endif res = gnutls_certificate_allocate_credentials(&m_certCredentials); if (res < 0) { LogError(res, _T("gnutls_certificate_allocate_credentials")); Uninit(); return false; } if (!InitSession()) return false; m_shutdown_requested = false; // At this point, we can start shaking hands. return true; }
static void server (int fd, int wait) { int ret; gnutls_session_t session; gnutls_anon_server_credentials_t anoncred; /* this must be called once in the program */ global_init (); if (debug) { gnutls_global_set_log_function (server_log_func); gnutls_global_set_log_level (4711); } gnutls_anon_allocate_server_credentials (&anoncred); initialize_tls_session (&session); gnutls_credentials_set (session, GNUTLS_CRD_ANON, anoncred); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd); if (wait) sleep(25); else do { ret = gnutls_handshake (session); } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); gnutls_deinit (session); gnutls_anon_free_server_credentials(anoncred); gnutls_global_deinit(); }
static void run(const char *env, const char *filename) { gnutls_certificate_credentials_t x509_cred; gnutls_certificate_credentials_t clicred; int ret; remove(filename); #ifdef _WIN32 { char buf[512]; snprintf(buf, sizeof(buf), "%s=%s", env, filename); _putenv(buf); } #else setenv(env, filename, 1); #endif global_init(); if (debug) { gnutls_global_set_log_level(6); gnutls_global_set_log_function(tls_log_func); } /* test gnutls_certificate_flags() */ assert(gnutls_certificate_allocate_credentials(&x509_cred)>=0); assert(gnutls_certificate_allocate_credentials(&clicred) >= 0); ret = gnutls_certificate_set_x509_key_mem(x509_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); } ret = gnutls_certificate_set_x509_trust_mem(clicred, &ca3_cert, GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); test_cli_serv(x509_cred, clicred, "NORMAL", "localhost", NULL, NULL, NULL); if (access(filename, R_OK) != 0) { fail("keylog file was not created\n"); exit(1); } search_for_str(filename); gnutls_certificate_free_credentials(x509_cred); gnutls_certificate_free_credentials(clicred); gnutls_global_deinit(); remove(filename); if (debug) success("success"); }
void benchmark_cipher(int debug_level) { int size = 16; gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(debug_level); #ifdef _SC_PAGESIZE page_size = sysconf(_SC_PAGESIZE); #endif printf("Checking cipher-MAC combinations, payload size: %u\n", size * 1024); cipher_bench(GNUTLS_CIPHER_AES_128_GCM, size, 1); cipher_bench(GNUTLS_CIPHER_AES_128_CCM, size, 1); cipher_bench(GNUTLS_CIPHER_CHACHA20_POLY1305, size, 1); cipher_bench(GNUTLS_CIPHER_NULL, size, 1); cipher_mac_bench(GNUTLS_CIPHER_SALSA20_256, GNUTLS_MAC_SHA1, size); cipher_mac_bench(GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA1, size); cipher_mac_bench(GNUTLS_CIPHER_AES_128_CBC, GNUTLS_MAC_SHA256, size); printf("\nChecking MAC algorithms, payload size: %u\n", size * 1024); mac_bench(GNUTLS_MAC_SHA1, size); mac_bench(GNUTLS_MAC_SHA256, size); mac_bench(GNUTLS_MAC_SHA512, size); printf("\nChecking ciphers, payload size: %u\n", size * 1024); cipher_bench(GNUTLS_CIPHER_3DES_CBC, size, 0); cipher_bench(GNUTLS_CIPHER_AES_128_CBC, size, 0); cipher_bench(GNUTLS_CIPHER_ARCFOUR, size, 0); cipher_bench(GNUTLS_CIPHER_SALSA20_256, size, 0); gnutls_global_deinit(); }
void * tls_init(const struct tls_config *conf) { struct tls_global *global; if (tls_gnutls_ref_count == 0) { wpa_printf(MSG_DEBUG, "GnuTLS: Library version %s (runtime) - %s (build)", gnutls_check_version(NULL), GNUTLS_VERSION); } global = os_zalloc(sizeof(*global)); if (global == NULL) return NULL; if (tls_gnutls_ref_count == 0 && gnutls_global_init() < 0) { os_free(global); return NULL; } tls_gnutls_ref_count++; gnutls_global_set_log_function(tls_log_func); if (wpa_debug_show_keys) gnutls_global_set_log_level(11); if (conf) { global->event_cb = conf->event_cb; global->cb_ctx = conf->cb_ctx; global->cert_in_cb = conf->cert_in_cb; } return global; }
int main(int argc, char **argv) { gnutls_global_set_log_function(tls_log_func); if (argc > 1) gnutls_global_set_log_level(4711); global_init(); signal(SIGILL, handle_sigill); /* ciphers */ if (gnutls_cipher_self_test(1, 0) < 0) return 1; /* message digests */ if (gnutls_digest_self_test(1, 0) < 0) return 1; /* MAC */ if (gnutls_mac_self_test(1, 0) < 0) return 1; /* PK */ if (gnutls_pk_self_test(1, 0) < 0) return 1; gnutls_global_deinit(); return 0; }
void doit(void) { unsigned rsa_size1, rsa_size2; global_init(); gnutls_global_set_log_function(tls_log_func); if (debug) gnutls_global_set_log_level(6); if (gnutls_fips140_mode_enabled()) { rsa_size1 = 2048; /* minimum allowed */ rsa_size2 = 2048; /* minimum allowed */ } else { rsa_size1 = 512; rsa_size2 = 1024; } test_sig(GNUTLS_PK_RSA, GNUTLS_DIG_SHA1, rsa_size1); test_sig(GNUTLS_PK_RSA, GNUTLS_DIG_SHA256, rsa_size2); test_sig(GNUTLS_PK_EC, GNUTLS_DIG_SHA1, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1)); test_sig(GNUTLS_PK_EC, GNUTLS_DIG_SHA256, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP256R1)); test_sig(GNUTLS_PK_EC, GNUTLS_DIG_SHA256, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP384R1)); test_sig(GNUTLS_PK_EC, GNUTLS_DIG_SHA256, GNUTLS_CURVE_TO_BITS(GNUTLS_ECC_CURVE_SECP521R1)); gnutls_global_deinit(); }
static int vnc_tls_initialize(void) { static int tlsinitialized = 0; if (tlsinitialized) return 1; if (gnutls_global_init () < 0) return 0; /* XXX ought to re-generate diffie-hellman params periodically */ if (gnutls_dh_params_init (&dh_params) < 0) return 0; if (gnutls_dh_params_generate2 (dh_params, DH_BITS) < 0) return 0; #if defined(_VNC_DEBUG) && _VNC_DEBUG >= 2 gnutls_global_set_log_level(10); gnutls_global_set_log_function(vnc_debug_gnutls_log); #endif tlsinitialized = 1; return 1; }
void * tls_init(const struct tls_config *conf) { /* Because of the horrible hack to get master_secret and client/server * random, we need to make sure that the gnutls version is something * that is expected to have same structure definition for the session * data.. */ const char *ver; const char *ok_ver[] = { "1.2.3", "1.2.4", "1.2.5", "1.2.6", NULL }; int i; if (tls_gnutls_ref_count == 0 && gnutls_global_init() < 0) return NULL; tls_gnutls_ref_count++; ver = gnutls_check_version(NULL); if (ver == NULL) return NULL; wpa_printf(MSG_DEBUG, "%s - gnutls version %s", __func__, ver); for (i = 0; ok_ver[i]; i++) { if (strcmp(ok_ver[i], ver) == 0) break; } if (ok_ver[i] == NULL) { wpa_printf(MSG_INFO, "Untested gnutls version %s - this needs " "to be tested and enabled in tls_gnutls.c", ver); return NULL; } gnutls_global_set_log_function(tls_log_func); if (wpa_debug_show_keys) gnutls_global_set_log_level(11); return (void *) 1; }
void ekg_tls_init(void) { #ifdef HAVE_LIBGNUTLS g_assert(!gnutls_global_init()); /* XXX: error handling */ gnutls_global_set_log_function(ekg_gnutls_log); gnutls_global_set_log_level(3); #endif }
void setLogLevel(int value) { value = std::max(-10, std::min(10, value)); TRACE("setLogLevel: %d", value); gnutls_global_set_log_level(value); gnutls_global_set_log_function(&ssl_plugin::gnutls_logger); }
//////////////////////////////////////////////////////////////////////////////// // Calling this method results in all subsequent socket traffic being sent to // std::cout, labelled with 's: ...'. void TLSServer::debug (int level) { if (level) _debug = true; gnutls_global_set_log_function (gnutls_log_function); gnutls_global_set_log_level (level); }
static void server(int sd) { gnutls_certificate_credentials_t x509_cred; gnutls_session_t session; int ret; unsigned loops; /* this must be called once in the program */ global_init(); gnutls_global_set_log_function(tls_log_func); if (debug) gnutls_global_set_log_level(6); gnutls_certificate_allocate_credentials(&x509_cred); gnutls_certificate_set_x509_trust_mem(x509_cred, &ca3_cert, GNUTLS_X509_FMT_PEM); gnutls_certificate_set_x509_key_mem(x509_cred, &server_ca3_localhost_cert, &server_ca3_key, GNUTLS_X509_FMT_PEM); if (debug) success("Launched, generating DH parameters...\n"); gnutls_init(&session, GNUTLS_SERVER); /* avoid calling all the priority functions, since the defaults * are adequate. */ gnutls_priority_set_direct(session, "NORMAL", NULL); gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); gnutls_transport_set_int(session, sd); loops = 0; do { ret = gnutls_handshake(session); loops++; if (loops > 64) fail("Too many loops in the handshake!\n"); } while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_WARNING_ALERT_RECEIVED); if (ret >= 0) { fail("server: Handshake succeeded unexpectedly\n"); } close(sd); gnutls_deinit(session); gnutls_certificate_free_credentials(x509_cred); gnutls_global_deinit(); if (debug) success("server: finished\n"); }
static void client(int fd, int packet) { int ret; gnutls_anon_client_credentials_t anoncred; /* Need to enable anonymous KX specifically. */ global_init(); if (debug) { gnutls_global_set_log_function(client_log_func); gnutls_global_set_log_level(4711); } gnutls_anon_allocate_client_credentials(&anoncred); /* Initialize TLS session */ gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_DATAGRAM); gnutls_dtls_set_mtu(session, 1500); /* Use default priorities */ gnutls_priority_set_direct(session, "NONE:+VERS-DTLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", NULL); /* put the anonymous credentials to the current session */ gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); counter = 0; packet_to_lose = packet; gnutls_transport_set_int(session, fd); gnutls_transport_set_push_function(session, push); /* Perform the TLS handshake */ do { ret = gnutls_handshake(session); } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); gnutls_deinit(session); gnutls_global_deinit(); if (ret < 0) { if (ret == GNUTLS_E_TIMEDOUT) return; fail("client: Handshake failed\n"); gnutls_perror(ret); exit(1); } else { if (debug) success("client: Handshake was completed\n"); } exit(1); }
static void server (int fd, const char* prio) { int ret; char buffer[MAX_BUF + 1]; gnutls_session_t session; /* this must be called once in the program */ gnutls_global_init (); memset(buffer, 0, sizeof(buffer)); if (debug) { gnutls_global_set_log_function (server_log_func); gnutls_global_set_log_level (4711); } gnutls_certificate_allocate_credentials (&x509_cred); gnutls_certificate_set_x509_key_mem (x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); gnutls_anon_allocate_server_credentials (&anoncred); session = initialize_tls_session (prio); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd); do { ret = gnutls_handshake (session); } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { close (fd); gnutls_deinit (session); fail ("server: Handshake has failed (%s)\n\n", gnutls_strerror (ret)); terminate(); } if (debug) success ("server: Handshake was completed\n"); if (debug) success ("server: TLS version is: %s\n", gnutls_protocol_get_name (gnutls_protocol_get_version (session))); close(fd); gnutls_deinit (session); gnutls_anon_free_server_credentials (anoncred); gnutls_certificate_free_credentials (x509_cred); gnutls_global_deinit (); if (debug) success ("server: finished\n"); }
void server_start (void) { /* this must be called once in the program */ gnutls_global_init (); gnutls_global_set_log_function (tls_log_func); gnutls_global_set_log_level (4711); gnutls_certificate_allocate_credentials (&x509_cred); gnutls_certificate_set_x509_trust_mem (x509_cred, &ca, GNUTLS_X509_FMT_PEM); gnutls_certificate_set_x509_key_mem (x509_cred, &server_cert, &server_key, GNUTLS_X509_FMT_PEM); success ("Launched, generating DH parameters...\n"); generate_dh_params (); gnutls_certificate_set_dh_params (x509_cred, dh_params); /* Socket operations */ listen_sd = socket (AF_INET, SOCK_STREAM, 0); if (err == -1) { perror ("socket"); fail ("server: socket failed\n"); return; } memset (&sa_serv, '\0', sizeof (sa_serv)); sa_serv.sin_family = AF_INET; sa_serv.sin_addr.s_addr = INADDR_ANY; sa_serv.sin_port = htons (PORT); /* Server Port number */ setsockopt (listen_sd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof (int)); err = bind (listen_sd, (SA *) & sa_serv, sizeof (sa_serv)); if (err == -1) { perror ("bind"); fail ("server: bind failed\n"); return; } err = listen (listen_sd, 1024); if (err == -1) { perror ("listen"); fail ("server: listen failed\n"); return; } success ("server: ready. Listening to port '%d'.\n", PORT); }
/* Global GnuTLS init, called from Curl_ssl_init() */ int Curl_gtls_init(void) { gnutls_global_init(); #ifdef GTLSDEBUG gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(2); #endif return 1; }
static void client(int fd) { int ret; gnutls_anon_client_credentials_t anoncred; gnutls_session_t session; /* Need to enable anonymous KX specifically. */ global_init(); if (debug) { gnutls_global_set_log_function(client_log_func); gnutls_global_set_log_level(4711); } gnutls_anon_allocate_client_credentials(&anoncred); /* Initialize TLS session */ gnutls_init(&session, GNUTLS_CLIENT | GNUTLS_DATAGRAM); gnutls_dtls_set_mtu(session, 1500); gnutls_handshake_set_timeout(session, 20 * 1000); /* Use default priorities */ gnutls_priority_set_direct(session, "NONE:+VERS-DTLS-ALL:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+ANON-ECDH:+CURVE-ALL", NULL); /* put the anonymous credentials to the current session */ gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); gnutls_transport_set_int(session, fd); gnutls_transport_set_push_function(session, push); /* Perform the TLS handshake */ do { ret = gnutls_handshake(session); } while (ret < 0 && gnutls_error_is_fatal(ret) == 0); if (ret < 0) { success("client: Handshake failed as expected\n"); gnutls_perror(ret); goto exit; } else { fail("client: Handshake completed unexpectedly\n"); goto exit; } exit: gnutls_deinit(session); gnutls_anon_free_client_credentials(anoncred); gnutls_global_deinit(); }
void log_reset_gnutls_level(void) { int i; for (i = ELEMENTSOF(gnutls_log_map) - 1; i >= 0; i--) if (gnutls_log_map[i].enabled) { log_debug("Setting gnutls log level to %d", i); gnutls_global_set_log_level(i); break; } }
void doit(void) { gnutls_certificate_credentials_t serv_cred; gnutls_certificate_credentials_t cli_cred; int ret; /* this must be called once in the program */ global_init(); gnutls_global_set_log_function(tls_log_func); if (debug) gnutls_global_set_log_level(6); assert(gnutls_certificate_allocate_credentials(&cli_cred) >= 0); ret = gnutls_certificate_set_x509_trust_mem(cli_cred, &ca3_cert, GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); ret = gnutls_certificate_set_x509_key_mem(cli_cred, &clidsa_ca3_cert, &clidsa_ca3_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code: %s\n", gnutls_strerror(ret)); exit(1); } /* test gnutls_certificate_flags() */ gnutls_certificate_allocate_credentials(&serv_cred); gnutls_certificate_set_flags(serv_cred, GNUTLS_CERTIFICATE_SKIP_KEY_CERT_MATCH); ret = gnutls_certificate_set_x509_trust_mem(serv_cred, &ca3_cert, GNUTLS_X509_FMT_PEM); if (ret < 0) fail("set_x509_trust_file failed: %s\n", gnutls_strerror(ret)); ret = gnutls_certificate_set_x509_key_mem(serv_cred, &server_ca3_localhost_cert_chain, &server_ca3_key, GNUTLS_X509_FMT_PEM); if (ret < 0) { fail("error in error code\n"); exit(1); } test_cli_serv_cert(serv_cred, cli_cred, "NORMAL:+DHE-DSS:+SIGN-DSA-SHA1", "NORMAL:-DHE-DSS:-SIGN-DSA-SHA1", "localhost"); gnutls_certificate_free_credentials(serv_cred); gnutls_certificate_free_credentials(cli_cred); gnutls_global_deinit(); if (debug) success("success"); }
void _mail_imap_check_mail (void *data) { Ecore_Con_Type type; Eina_List *l; printf("check mail!!!!\n"); for (l = iservers; l; l = l->next) { ImapServer *is; printf("1\n"); is = l->data; is->data = data; if (!is->server) { printf("2\n"); if (!is->add_handler) is->add_handler = ecore_event_handler_add (ECORE_CON_EVENT_SERVER_ADD, _mail_imap_server_add, NULL); if (!is->del_handler) is->del_handler = ecore_event_handler_add (ECORE_CON_EVENT_SERVER_DEL, _mail_imap_server_del, NULL); if (!is->data_handler) is->data_handler = ecore_event_handler_add (ECORE_CON_EVENT_SERVER_DATA, _mail_imap_server_data, NULL); if (is->local) type = ECORE_CON_LOCAL_SYSTEM; else type = ECORE_CON_REMOTE_SYSTEM; if (ecore_con_ssl_available_get () && (is->ssl)) { type |= ECORE_CON_USE_SSL; #ifdef PRINT_LOTS_OF_DEBUG if (ecore_con_ssl_available_get() == 1) { gnutls_global_set_log_level(9); gnutls_global_set_log_function(tls_log_func); } } #endif } is->state = IMAP_STATE_DISCONNECTED; is->server = ecore_con_server_connect (type, is->host, is->port, NULL); is->cmd = 0; is->current = is->clients; } }
/* freeDiameter starting point */ int main(int argc, char * argv[]) { int ret; sigset_t sig_all; /* Block all signals from the current thread and all its future children -- we will catch everything in catch_signals */ sigfillset(&sig_all); ret = pthread_sigmask(SIG_BLOCK, &sig_all, NULL); ASSERT(ret == 0); /* Parse the command-line */ ret = main_cmdline(argc, argv); if (ret != 0) { return ret; } /* Initialize the core library */ ret = fd_core_initialize(); if (ret != 0) { fprintf(stderr, "An error occurred during freeDiameter core library initialization.\n"); return ret; } /* Set gnutls debug level ? */ if (gnutls_debug) { gnutls_global_set_log_function((gnutls_log_func)fd_gnutls_debug); gnutls_global_set_log_level (gnutls_debug); TRACE_DEBUG(INFO, "Enabled GNUTLS debug at level %d", gnutls_debug); } /* Parse the configuration file */ CHECK_FCT_DO( fd_core_parseconf(conffile), goto error ); /* Start the servers */ CHECK_FCT_DO( fd_core_start(), goto error ); /* Allow SIGINT and SIGTERM from this point to terminate the application */ CHECK_POSIX_DO( pthread_create(&signals_thr, NULL, catch_signals, NULL), goto error ); TRACE_DEBUG(INFO, FD_PROJECT_BINARY " daemon initialized."); /* Now, just wait for termination */ CHECK_FCT( fd_core_wait_shutdown_complete() ); /* Just in case it was not the result of a signal, we cancel signals_thr */ fd_thr_term(&signals_thr); return 0; error: CHECK_FCT_DO( fd_core_shutdown(), ); CHECK_FCT( fd_core_wait_shutdown_complete() ); fd_thr_term(&signals_thr); return -1; }
void doit(void) { gnutls_certificate_credentials_t x509cred; const char *path; unsigned int i; char file[512]; int ret; if (gnutls_fips140_mode_enabled()) { exit(77); } ret = global_init(); if (ret < 0) fail("global_init failed %d\n", ret); gnutls_global_set_log_function(tls_log_func); if (debug) gnutls_global_set_log_level(4711); for (i = 0; files[i].file != NULL; i++) { ret = gnutls_certificate_allocate_credentials(&x509cred); if (ret < 0) fail("gnutls_certificate_allocate_credentials failed %d\n", ret); path = getenv("PKCS12PATH"); if (!path) path = "cert-tests/data/"; snprintf(file, sizeof(file), "%s/%s", path, files[i].file); if (debug) success ("Reading PKCS#12 blob from `%s' using password `%s'.\n", file, files[i].pass); ret = gnutls_certificate_set_x509_simple_pkcs12_file(x509cred, file, GNUTLS_X509_FMT_DER, files[i]. pass); if (ret < 0) fail("x509_pkcs12 failed %d: %s\n", ret, gnutls_strerror(ret)); if (debug) success("Read file OK\n"); gnutls_certificate_free_credentials(x509cred); } gnutls_global_deinit(); }
int main(int argc, char **argv) { int ret; if ((ret = gnutls_global_init()) < 0) { fprintf(stderr, "global_init: %s\n", gnutls_strerror(ret)); exit(1); } optionProcess(&ocsptoolOptions, argc, argv); gnutls_global_set_log_function(tls_log_func); gnutls_global_set_log_level(OPT_VALUE_DEBUG); if (HAVE_OPT(OUTFILE)) { outfile = fopen(OPT_ARG(OUTFILE), "wb"); if (outfile == NULL) { fprintf(stderr, "%s\n", OPT_ARG(OUTFILE)); exit(1); } } else outfile = stdout; if (HAVE_OPT(INFILE)) { infile = fopen(OPT_ARG(INFILE), "rb"); if (infile == NULL) { fprintf(stderr, "%s\n", OPT_ARG(INFILE)); exit(1); } } else infile = stdin; if (ENABLED_OPT(INDER)) encoding = GNUTLS_X509_FMT_DER; else encoding = GNUTLS_X509_FMT_PEM; if (HAVE_OPT(REQUEST_INFO)) request_info(); else if (HAVE_OPT(RESPONSE_INFO)) response_info(); else if (HAVE_OPT(GENERATE_REQUEST)) generate_request(NULL); else if (HAVE_OPT(VERIFY_RESPONSE)) verify_response(NULL); else if (HAVE_OPT(ASK)) ask_server(OPT_ARG(ASK)); else { USAGE(1); } return 0; }