Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
V
vlc-1.1
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Redmine
Redmine
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Metrics
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
videolan
vlc-1.1
Commits
5c6d8629
Commit
5c6d8629
authored
Apr 09, 2005
by
Rémi Denis-Courmont
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Client should now be able to authenticate
parent
984febc0
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
40 additions
and
11 deletions
+40
-11
modules/misc/gnutls.c
modules/misc/gnutls.c
+40
-11
No files found.
modules/misc/gnutls.c
View file @
5c6d8629
...
@@ -354,7 +354,6 @@ gnutls_BeginHandshake( tls_session_t *p_session, int fd,
...
@@ -354,7 +354,6 @@ gnutls_BeginHandshake( tls_session_t *p_session, int fd,
gnutls_transport_set_ptr
(
p_sys
->
session
,
(
gnutls_transport_ptr
)
fd
);
gnutls_transport_set_ptr
(
p_sys
->
session
,
(
gnutls_transport_ptr
)
fd
);
p_sys
->
psz_hostname
=
NULL
;
if
(
psz_hostname
!=
NULL
)
if
(
psz_hostname
!=
NULL
)
{
{
gnutls_server_name_set
(
p_sys
->
session
,
GNUTLS_NAME_DNS
,
psz_hostname
,
gnutls_server_name_set
(
p_sys
->
session
,
GNUTLS_NAME_DNS
,
psz_hostname
,
...
@@ -411,7 +410,6 @@ gnutls_ClientDelete( tls_session_t *p_session )
...
@@ -411,7 +410,6 @@ gnutls_ClientDelete( tls_session_t *p_session )
gnutls_certificate_free_credentials
(
x509_cred
);
gnutls_certificate_free_credentials
(
x509_cred
);
}
}
inline
int
inline
int
is_regular
(
const
char
*
psz_filename
)
is_regular
(
const
char
*
psz_filename
)
{
{
...
@@ -425,11 +423,11 @@ is_regular( const char *psz_filename )
...
@@ -425,11 +423,11 @@ is_regular( const char *psz_filename )
#endif
#endif
}
}
static
int
static
int
gnutls_Add
CA
Directory
(
vlc_object_t
*
p_this
,
gnutls_Add
x509
Directory
(
vlc_object_t
*
p_this
,
gnutls_certificate_credentials
cred
,
gnutls_certificate_credentials
cred
,
const
char
*
psz_dirname
)
const
char
*
psz_dirname
,
vlc_bool_t
private
)
{
{
DIR
*
dir
;
DIR
*
dir
;
struct
dirent
*
p_ent
;
struct
dirent
*
p_ent
;
...
@@ -454,7 +452,10 @@ gnutls_AddCADirectory( vlc_object_t *p_this,
...
@@ -454,7 +452,10 @@ gnutls_AddCADirectory( vlc_object_t *p_this,
psz_filename
=
(
char
*
)
malloc
(
i_len
+
strlen
(
p_ent
->
d_name
)
);
psz_filename
=
(
char
*
)
malloc
(
i_len
+
strlen
(
p_ent
->
d_name
)
);
if
(
psz_filename
==
NULL
)
if
(
psz_filename
==
NULL
)
{
closedir
(
dir
);
return
VLC_ENOMEM
;
return
VLC_ENOMEM
;
}
sprintf
(
psz_filename
,
"%s/%s"
,
psz_dirname
,
p_ent
->
d_name
);
sprintf
(
psz_filename
,
"%s/%s"
,
psz_dirname
,
p_ent
->
d_name
);
/* we neglect the race condition here - not security sensitive */
/* we neglect the race condition here - not security sensitive */
...
@@ -462,11 +463,16 @@ gnutls_AddCADirectory( vlc_object_t *p_this,
...
@@ -462,11 +463,16 @@ gnutls_AddCADirectory( vlc_object_t *p_this,
{
{
int
i
;
int
i
;
i
=
gnutls_certificate_set_x509_trust_file
(
cred
,
psz_filename
,
i
=
(
private
)
GNUTLS_X509_FMT_PEM
);
?
gnutls_certificate_set_x509_key_file
(
cred
,
psz_filename
,
psz_filename
,
GNUTLS_X509_FMT_PEM
)
:
gnutls_certificate_set_x509_trust_file
(
cred
,
psz_filename
,
GNUTLS_X509_FMT_PEM
);
if
(
i
<
0
)
if
(
i
<
0
)
{
{
msg_Warn
(
p_this
,
"Cannot add
trusted CA
(%s) : %s"
,
msg_Warn
(
p_this
,
"Cannot add
x509 certificate
(%s) : %s"
,
psz_filename
,
gnutls_strerror
(
i
)
);
psz_filename
,
gnutls_strerror
(
i
)
);
}
}
}
}
...
@@ -513,6 +519,7 @@ gnutls_ClientCreate( tls_t *p_tls )
...
@@ -513,6 +519,7 @@ gnutls_ClientCreate( tls_t *p_tls )
p_session
->
pf_close
=
gnutls_ClientDelete
;
p_session
->
pf_close
=
gnutls_ClientDelete
;
p_sys
->
session
.
b_handshaked
=
VLC_FALSE
;
p_sys
->
session
.
b_handshaked
=
VLC_FALSE
;
p_sys
->
session
.
psz_hostname
=
NULL
;
vlc_object_attach
(
p_session
,
p_tls
);
vlc_object_attach
(
p_session
,
p_tls
);
...
@@ -540,8 +547,8 @@ gnutls_ClientCreate( tls_t *p_tls )
...
@@ -540,8 +547,8 @@ gnutls_ClientCreate( tls_t *p_tls )
}
}
sprintf
(
psz_path
,
"%s/"
CONFIG_DIR
"/ssl/certs"
,
psz_homedir
);
sprintf
(
psz_path
,
"%s/"
CONFIG_DIR
"/ssl/certs"
,
psz_homedir
);
gnutls_Add
CA
Directory
(
(
vlc_object_t
*
)
p_session
,
p_sys
->
x509_cred
,
gnutls_Add
x509
Directory
(
(
vlc_object_t
*
)
p_session
,
p_sys
->
x509_cred
,
psz_path
);
psz_path
,
VLC_FALSE
);
free
(
psz_path
);
free
(
psz_path
);
p_session
->
pf_handshake2
=
gnutls_HandshakeAndValidate
;
p_session
->
pf_handshake2
=
gnutls_HandshakeAndValidate
;
...
@@ -549,6 +556,27 @@ gnutls_ClientCreate( tls_t *p_tls )
...
@@ -549,6 +556,27 @@ gnutls_ClientCreate( tls_t *p_tls )
else
else
p_session
->
pf_handshake2
=
gnutls_ContinueHandshake
;
p_session
->
pf_handshake2
=
gnutls_ContinueHandshake
;
{
/* FIXME: support for changing path/using multiple paths */
char
*
psz_path
;
const
char
*
psz_homedir
;
psz_homedir
=
p_tls
->
p_vlc
->
psz_homedir
;
psz_path
=
(
char
*
)
malloc
(
strlen
(
psz_homedir
)
+
sizeof
(
CONFIG_DIR
)
+
14
);
if
(
psz_path
==
NULL
)
{
gnutls_certificate_free_credentials
(
p_sys
->
x509_cred
);
goto
error
;
}
sprintf
(
psz_path
,
"%s/"
CONFIG_DIR
"/ssl/private"
,
psz_homedir
);
gnutls_Addx509Directory
(
(
vlc_object_t
*
)
p_session
,
p_sys
->
x509_cred
,
psz_path
,
VLC_TRUE
);
free
(
psz_path
);
}
i_val
=
gnutls_init
(
&
p_sys
->
session
.
session
,
GNUTLS_CLIENT
);
i_val
=
gnutls_init
(
&
p_sys
->
session
.
session
,
GNUTLS_CLIENT
);
if
(
i_val
!=
0
)
if
(
i_val
!=
0
)
{
{
...
@@ -735,6 +763,7 @@ gnutls_ServerSessionPrepare( tls_server_t *p_server )
...
@@ -735,6 +763,7 @@ gnutls_ServerSessionPrepare( tls_server_t *p_server )
p_session
->
pf_close
=
gnutls_SessionClose
;
p_session
->
pf_close
=
gnutls_SessionClose
;
((
tls_session_sys_t
*
)
p_session
->
p_sys
)
->
b_handshaked
=
VLC_FALSE
;
((
tls_session_sys_t
*
)
p_session
->
p_sys
)
->
b_handshaked
=
VLC_FALSE
;
((
tls_session_sys_t
*
)
p_session
->
p_sys
)
->
psz_hostname
=
NULL
;
i_val
=
gnutls_init
(
&
session
,
GNUTLS_SERVER
);
i_val
=
gnutls_init
(
&
session
,
GNUTLS_SERVER
);
if
(
i_val
!=
0
)
if
(
i_val
!=
0
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment