Commit faad8867 authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont

Generic client SSL/TLS support

parent caf4b943
...@@ -305,6 +305,7 @@ gnutls_ClientCreate( tls_t *p_tls, const char *psz_ca_path ) ...@@ -305,6 +305,7 @@ gnutls_ClientCreate( tls_t *p_tls, const char *psz_ca_path )
p_session->sock.pf_send = gnutls_Send; p_session->sock.pf_send = gnutls_Send;
p_session->sock.pf_recv = gnutls_Recv; p_session->sock.pf_recv = gnutls_Recv;
p_session->pf_handshake = gnutls_SessionHandshake; p_session->pf_handshake = gnutls_SessionHandshake;
p_session->pf_handshake2 = gnutls_SessionContinueHandshake;
p_session->pf_close = gnutls_SessionClose; p_session->pf_close = gnutls_SessionClose;
return p_session; return p_session;
......
...@@ -29,7 +29,6 @@ ...@@ -29,7 +29,6 @@
/* /*
* TODO: * TODO:
* - client side stuff,
* - server-side client cert validation, * - server-side client cert validation,
* - client-side server cert validation (?). * - client-side server cert validation (?).
*/ */
...@@ -97,7 +96,7 @@ tls_ServerDelete( tls_server_t *p_server ) ...@@ -97,7 +96,7 @@ tls_ServerDelete( tls_server_t *p_server )
* tls_ClientCreate: * tls_ClientCreate:
***************************************************************************** *****************************************************************************
* Allocates a client's TLS credentials and shakes hands through the network. * Allocates a client's TLS credentials and shakes hands through the network.
* Returns NULL on error. * Returns NULL on error. This is a blocking network operation.
*****************************************************************************/ *****************************************************************************/
tls_session_t * tls_session_t *
tls_ClientCreate( vlc_object_t *p_this, const char *psz_ca, int fd ) tls_ClientCreate( vlc_object_t *p_this, const char *psz_ca, int fd )
...@@ -114,13 +113,17 @@ tls_ClientCreate( vlc_object_t *p_this, const char *psz_ca, int fd ) ...@@ -114,13 +113,17 @@ tls_ClientCreate( vlc_object_t *p_this, const char *psz_ca, int fd )
p_session = __tls_ClientCreate( p_tls, psz_ca ); p_session = __tls_ClientCreate( p_tls, psz_ca );
if( p_session != NULL ) if( p_session != NULL )
{ {
if( tls_SessionHandshake( p_session, fd ) ) int i_val;
for( i_val = tls_SessionHandshake( p_session, fd ); i_val > 0;
i_val = tls_SessionContinueHandshake( p_session ) );
if( i_val == 0 )
{ {
msg_Dbg( p_this, "TLS/SSL provider initialized" ); msg_Dbg( p_this, "TLS/SSL provider initialized" );
return p_session; return p_session;
} }
else msg_Err( p_this, "TLS/SSL session handshake error" );
msg_Err( p_this, "TLS/SSL session handshake error" );
} }
else else
msg_Err( p_this, "TLS/SSL provider error" ); msg_Err( p_this, "TLS/SSL provider error" );
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment