Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
V
vlc-gpu
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Redmine
Redmine
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Metrics
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
videolan
vlc-gpu
Commits
979e839a
Commit
979e839a
authored
Feb 13, 2006
by
Rémi Denis-Courmont
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
- Clean up
- Unicode file names fixes
parent
8b81fec8
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
36 additions
and
34 deletions
+36
-34
modules/misc/gnutls.c
modules/misc/gnutls.c
+36
-34
No files found.
modules/misc/gnutls.c
View file @
979e839a
/*****************************************************************************
/*****************************************************************************
* tls.c
* tls.c
*****************************************************************************
*****************************************************************************
* Copyright (C) 2004-200
5
Rémi Denis-Courmont
* Copyright (C) 2004-200
6
Rémi Denis-Courmont
* $Id$
* $Id$
*
*
* Authors: Rémi Denis-Courmont <rem # videolan.org>
* Authors: Rémi Denis-Courmont <rem # videolan.org>
...
@@ -48,6 +48,7 @@
...
@@ -48,6 +48,7 @@
#include "vlc_tls.h"
#include "vlc_tls.h"
#include "charset.h"
#include <gcrypt.h>
#include <gcrypt.h>
#include <gnutls/gnutls.h>
#include <gnutls/gnutls.h>
...
@@ -336,7 +337,7 @@ gnutls_HandshakeAndValidate( tls_session_t *p_session )
...
@@ -336,7 +337,7 @@ gnutls_HandshakeAndValidate( tls_session_t *p_session )
}
}
gnutls_x509_crt_deinit
(
cert
);
gnutls_x509_crt_deinit
(
cert
);
msg_Dbg
(
p_session
,
"x509 hostname verified"
);
msg_Dbg
(
p_session
,
"x509 hostname verified"
);
return
0
;
return
0
;
}
}
...
@@ -416,7 +417,7 @@ is_regular( const char *psz_filename )
...
@@ -416,7 +417,7 @@ is_regular( const char *psz_filename )
#ifdef HAVE_SYS_STAT_H
#ifdef HAVE_SYS_STAT_H
struct
stat
st
;
struct
stat
st
;
return
(
stat
(
psz_filename
,
&
st
)
==
0
)
return
(
utf8_
stat
(
psz_filename
,
&
st
)
==
0
)
&&
S_ISREG
(
st
.
st_mode
);
&&
S_ISREG
(
st
.
st_mode
);
#else
#else
return
1
;
return
1
;
...
@@ -430,13 +431,12 @@ gnutls_Addx509Directory( vlc_object_t *p_this,
...
@@ -430,13 +431,12 @@ gnutls_Addx509Directory( vlc_object_t *p_this,
vlc_bool_t
private
)
vlc_bool_t
private
)
{
{
DIR
*
dir
;
DIR
*
dir
;
struct
dirent
*
p_ent
;
const
char
*
psz_dirent
;
int
i_len
;
if
(
*
psz_dirname
==
'\0'
)
if
(
*
psz_dirname
==
'\0'
)
psz_dirname
=
"."
;
psz_dirname
=
"."
;
dir
=
opendir
(
psz_dirname
);
dir
=
utf8_
opendir
(
psz_dirname
);
if
(
dir
==
NULL
)
if
(
dir
==
NULL
)
{
{
msg_Warn
(
p_this
,
"Cannot open directory (%s) : %s"
,
psz_dirname
,
msg_Warn
(
p_this
,
"Cannot open directory (%s) : %s"
,
psz_dirname
,
...
@@ -444,32 +444,32 @@ gnutls_Addx509Directory( vlc_object_t *p_this,
...
@@ -444,32 +444,32 @@ gnutls_Addx509Directory( vlc_object_t *p_this,
return
VLC_EGENERIC
;
return
VLC_EGENERIC
;
}
}
i_len
=
strlen
(
psz_dirname
)
+
2
;
while
(
(
psz_dirent
=
utf8_readdir
(
dir
)
)
!=
NULL
)
while
(
(
p_ent
=
readdir
(
dir
)
)
!=
NULL
)
{
{
char
*
psz_filename
;
char
*
psz_filename
;
int
check
=
asprintf
(
&
psz_filename
,
"%s/%s"
,
psz_dirname
,
psz_filename
=
(
char
*
)
malloc
(
i_len
+
strlen
(
p_ent
->
d_name
)
);
psz_dirent
);
if
(
psz_filename
==
NULL
)
LocaleFree
(
psz_dirent
);
if
(
check
==
-
1
)
{
{
closedir
(
dir
);
closedir
(
dir
);
return
VLC_ENOMEM
;
return
VLC_ENOMEM
;
}
}
sprintf
(
psz_filename
,
"%s/%s"
,
psz_dirname
,
p_ent
->
d_name
);
/* we neglect the race condition here - not security sensitive */
/* we neglect the race condition here - not security sensitive */
if
(
is_regular
(
psz_filename
)
)
if
(
is_regular
(
psz_filename
)
)
{
{
int
i
;
int
i
;
char
*
psz_localname
=
ToLocale
(
psz_filename
);
i
=
(
private
)
i
=
(
private
)
?
gnutls_certificate_set_x509_key_file
(
cred
,
psz_
file
name
,
?
gnutls_certificate_set_x509_key_file
(
cred
,
psz_
local
name
,
psz_filename
,
psz_filename
,
GNUTLS_X509_FMT_PEM
)
GNUTLS_X509_FMT_PEM
)
:
gnutls_certificate_set_x509_trust_file
(
cred
,
psz_
file
name
,
:
gnutls_certificate_set_x509_trust_file
(
cred
,
psz_
local
name
,
GNUTLS_X509_FMT_PEM
GNUTLS_X509_FMT_PEM
);
);
LocaleFree
(
psz_localname
);
if
(
i
<
0
)
if
(
i
<
0
)
{
{
msg_Warn
(
p_this
,
"Cannot add x509 certificate (%s) : %s"
,
msg_Warn
(
p_this
,
"Cannot add x509 certificate (%s) : %s"
,
...
@@ -503,7 +503,7 @@ gnutls_ClientCreate( tls_t *p_tls )
...
@@ -503,7 +503,7 @@ gnutls_ClientCreate( tls_t *p_tls )
p_sys
=
(
tls_client_sys_t
*
)
malloc
(
sizeof
(
struct
tls_client_sys_t
)
);
p_sys
=
(
tls_client_sys_t
*
)
malloc
(
sizeof
(
struct
tls_client_sys_t
)
);
if
(
p_sys
==
NULL
)
if
(
p_sys
==
NULL
)
return
NULL
;
return
NULL
;
p_session
=
(
struct
tls_session_t
*
)
vlc_object_create
(
p_tls
,
sizeof
(
struct
tls_session_t
)
);
p_session
=
(
struct
tls_session_t
*
)
vlc_object_create
(
p_tls
,
sizeof
(
struct
tls_session_t
)
);
if
(
p_session
==
NULL
)
if
(
p_session
==
NULL
)
{
{
...
@@ -535,18 +535,14 @@ gnutls_ClientCreate( tls_t *p_tls )
...
@@ -535,18 +535,14 @@ gnutls_ClientCreate( tls_t *p_tls )
{
{
/* FIXME: support for changing path/using multiple paths */
/* FIXME: support for changing path/using multiple paths */
char
*
psz_path
;
char
*
psz_path
;
const
char
*
psz_homedir
;
psz_homedir
=
p_tls
->
p_vlc
->
psz_homedir
;
if
(
asprintf
(
&
psz_path
,
"%s/"
CONFIG_DIR
"/ssl/certs"
,
psz_path
=
(
char
*
)
malloc
(
strlen
(
psz_homedir
)
p_tls
->
p_vlc
->
psz_homedir
)
==
-
1
)
+
sizeof
(
CONFIG_DIR
)
+
12
);
if
(
psz_path
==
NULL
)
{
{
gnutls_certificate_free_credentials
(
p_sys
->
x509_cred
);
gnutls_certificate_free_credentials
(
p_sys
->
x509_cred
);
goto
error
;
goto
error
;
}
}
sprintf
(
psz_path
,
"%s/"
CONFIG_DIR
"/ssl/certs"
,
psz_homedir
);
gnutls_Addx509Directory
(
(
vlc_object_t
*
)
p_session
,
p_sys
->
x509_cred
,
gnutls_Addx509Directory
(
(
vlc_object_t
*
)
p_session
,
p_sys
->
x509_cred
,
psz_path
,
VLC_FALSE
);
psz_path
,
VLC_FALSE
);
...
@@ -559,18 +555,14 @@ gnutls_ClientCreate( tls_t *p_tls )
...
@@ -559,18 +555,14 @@ gnutls_ClientCreate( tls_t *p_tls )
{
{
/* FIXME: support for changing path/using multiple paths */
/* FIXME: support for changing path/using multiple paths */
char
*
psz_path
;
char
*
psz_path
;
const
char
*
psz_homedir
;
psz_homedir
=
p_tls
->
p_vlc
->
psz_homedir
;
if
(
asprintf
(
&
psz_path
,
"%s/"
CONFIG_DIR
"/ssl/private"
,
psz_path
=
(
char
*
)
malloc
(
strlen
(
psz_homedir
)
p_tls
->
p_vlc
->
psz_homedir
)
==
-
1
)
+
sizeof
(
CONFIG_DIR
)
+
14
);
if
(
psz_path
==
NULL
)
{
{
gnutls_certificate_free_credentials
(
p_sys
->
x509_cred
);
gnutls_certificate_free_credentials
(
p_sys
->
x509_cred
);
goto
error
;
goto
error
;
}
}
sprintf
(
psz_path
,
"%s/"
CONFIG_DIR
"/ssl/private"
,
psz_homedir
);
gnutls_Addx509Directory
(
(
vlc_object_t
*
)
p_session
,
p_sys
->
x509_cred
,
gnutls_Addx509Directory
(
(
vlc_object_t
*
)
p_session
,
p_sys
->
x509_cred
,
psz_path
,
VLC_TRUE
);
psz_path
,
VLC_TRUE
);
...
@@ -744,7 +736,7 @@ gnutls_ServerSessionPrepare( tls_server_t *p_server )
...
@@ -744,7 +736,7 @@ gnutls_ServerSessionPrepare( tls_server_t *p_server )
p_session
=
vlc_object_create
(
p_server
,
sizeof
(
struct
tls_session_t
)
);
p_session
=
vlc_object_create
(
p_server
,
sizeof
(
struct
tls_session_t
)
);
if
(
p_session
==
NULL
)
if
(
p_session
==
NULL
)
return
NULL
;
return
NULL
;
p_session
->
p_sys
=
malloc
(
sizeof
(
struct
tls_session_sys_t
)
);
p_session
->
p_sys
=
malloc
(
sizeof
(
struct
tls_session_sys_t
)
);
if
(
p_session
->
p_sys
==
NULL
)
if
(
p_session
->
p_sys
==
NULL
)
{
{
...
@@ -850,14 +842,17 @@ gnutls_ServerDelete( tls_server_t *p_server )
...
@@ -850,14 +842,17 @@ gnutls_ServerDelete( tls_server_t *p_server )
static
int
static
int
gnutls_ServerAddCA
(
tls_server_t
*
p_server
,
const
char
*
psz_ca_path
)
gnutls_ServerAddCA
(
tls_server_t
*
p_server
,
const
char
*
psz_ca_path
)
{
{
int
val
;
tls_server_sys_t
*
p_sys
;
tls_server_sys_t
*
p_sys
;
char
*
psz_local_path
;
int
val
;
p_sys
=
(
tls_server_sys_t
*
)(
p_server
->
p_sys
);
p_sys
=
(
tls_server_sys_t
*
)(
p_server
->
p_sys
);
psz_local_path
=
ToLocale
(
psz_ca_path
);
val
=
gnutls_certificate_set_x509_trust_file
(
p_sys
->
x509_cred
,
val
=
gnutls_certificate_set_x509_trust_file
(
p_sys
->
x509_cred
,
psz_
ca
_path
,
psz_
local
_path
,
GNUTLS_X509_FMT_PEM
);
GNUTLS_X509_FMT_PEM
);
LocaleFree
(
psz_local_path
);
if
(
val
<
0
)
if
(
val
<
0
)
{
{
msg_Err
(
p_server
,
"Cannot add trusted CA (%s) : %s"
,
psz_ca_path
,
msg_Err
(
p_server
,
"Cannot add trusted CA (%s) : %s"
,
psz_ca_path
,
...
@@ -883,11 +878,13 @@ static int
...
@@ -883,11 +878,13 @@ static int
gnutls_ServerAddCRL
(
tls_server_t
*
p_server
,
const
char
*
psz_crl_path
)
gnutls_ServerAddCRL
(
tls_server_t
*
p_server
,
const
char
*
psz_crl_path
)
{
{
int
val
;
int
val
;
char
*
psz_local_path
=
ToLocale
(
psz_crl_path
);
val
=
gnutls_certificate_set_x509_crl_file
(
((
tls_server_sys_t
*
)
val
=
gnutls_certificate_set_x509_crl_file
(
((
tls_server_sys_t
*
)
(
p_server
->
p_sys
))
->
x509_cred
,
(
p_server
->
p_sys
))
->
x509_cred
,
psz_
cr
l_path
,
psz_
loca
l_path
,
GNUTLS_X509_FMT_PEM
);
GNUTLS_X509_FMT_PEM
);
LocaleFree
(
psz_crl_path
);
if
(
val
<
0
)
if
(
val
<
0
)
{
{
msg_Err
(
p_server
,
"Cannot add CRL (%s) : %s"
,
psz_crl_path
,
msg_Err
(
p_server
,
"Cannot add CRL (%s) : %s"
,
psz_crl_path
,
...
@@ -897,7 +894,7 @@ gnutls_ServerAddCRL( tls_server_t *p_server, const char *psz_crl_path )
...
@@ -897,7 +894,7 @@ gnutls_ServerAddCRL( tls_server_t *p_server, const char *psz_crl_path )
msg_Dbg
(
p_server
,
"%d CRL added (%s)"
,
val
,
psz_crl_path
);
msg_Dbg
(
p_server
,
"%d CRL added (%s)"
,
val
,
psz_crl_path
);
return
VLC_SUCCESS
;
return
VLC_SUCCESS
;
}
}
/*****************************************************************************
/*****************************************************************************
* tls_ServerCreate:
* tls_ServerCreate:
...
@@ -911,6 +908,7 @@ gnutls_ServerCreate( tls_t *p_tls, const char *psz_cert_path,
...
@@ -911,6 +908,7 @@ gnutls_ServerCreate( tls_t *p_tls, const char *psz_cert_path,
{
{
tls_server_t
*
p_server
;
tls_server_t
*
p_server
;
tls_server_sys_t
*
p_sys
;
tls_server_sys_t
*
p_sys
;
char
*
psz_local_key
,
*
psz_local_cert
;
int
val
;
int
val
;
msg_Dbg
(
p_tls
,
"Creating TLS server"
);
msg_Dbg
(
p_tls
,
"Creating TLS server"
);
...
@@ -960,9 +958,13 @@ gnutls_ServerCreate( tls_t *p_tls, const char *psz_cert_path,
...
@@ -960,9 +958,13 @@ gnutls_ServerCreate( tls_t *p_tls, const char *psz_cert_path,
goto
error
;
goto
error
;
}
}
psz_local_cert
=
ToLocale
(
psz_cert_path
);
psz_local_key
=
ToLocale
(
psz_key_path
);
val
=
gnutls_certificate_set_x509_key_file
(
p_sys
->
x509_cred
,
val
=
gnutls_certificate_set_x509_key_file
(
p_sys
->
x509_cred
,
psz_
cert_path
,
psz_key_path
,
psz_
local_cert
,
psz_local_key
,
GNUTLS_X509_FMT_PEM
);
GNUTLS_X509_FMT_PEM
);
LocaleFree
(
psz_cert_path
);
LocaleFree
(
psz_key_path
);
if
(
val
<
0
)
if
(
val
<
0
)
{
{
msg_Err
(
p_server
,
"Cannot set certificate chain or private key : %s"
,
msg_Err
(
p_server
,
"Cannot set certificate chain or private key : %s"
,
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment