diff options
| author | Andreas Schwab | 2011-08-14 11:08:01 +0200 |
|---|---|---|
| committer | Andreas Schwab | 2011-08-14 11:08:01 +0200 |
| commit | b5f0301637acf044455c3ab39d214631f59e0d7b (patch) | |
| tree | 86a3da944c1aa16f976ac20f43127519da2e789e /src/gnutls.c | |
| parent | a29eb766a697b646103c4cc8ab56795acce7beab (diff) | |
| download | emacs-b5f0301637acf044455c3ab39d214631f59e0d7b.tar.gz emacs-b5f0301637acf044455c3ab39d214631f59e0d7b.zip | |
Whitespace cleanup
Diffstat (limited to 'src/gnutls.c')
| -rw-r--r-- | src/gnutls.c | 350 |
1 files changed, 175 insertions, 175 deletions
diff --git a/src/gnutls.c b/src/gnutls.c index fc651d2c7e4..62382abc437 100644 --- a/src/gnutls.c +++ b/src/gnutls.c | |||
| @@ -72,41 +72,41 @@ static void gnutls_log_function2 (int, const char*, const char*); | |||
| 72 | } | 72 | } |
| 73 | 73 | ||
| 74 | DEF_GNUTLS_FN (gnutls_alert_description_t, gnutls_alert_get, | 74 | DEF_GNUTLS_FN (gnutls_alert_description_t, gnutls_alert_get, |
| 75 | (gnutls_session_t)); | 75 | (gnutls_session_t)); |
| 76 | DEF_GNUTLS_FN (const char *, gnutls_alert_get_name, | 76 | DEF_GNUTLS_FN (const char *, gnutls_alert_get_name, |
| 77 | (gnutls_alert_description_t)); | 77 | (gnutls_alert_description_t)); |
| 78 | DEF_GNUTLS_FN (int, gnutls_alert_send_appropriate, (gnutls_session_t, int)); | 78 | DEF_GNUTLS_FN (int, gnutls_alert_send_appropriate, (gnutls_session_t, int)); |
| 79 | DEF_GNUTLS_FN (int, gnutls_anon_allocate_client_credentials, | 79 | DEF_GNUTLS_FN (int, gnutls_anon_allocate_client_credentials, |
| 80 | (gnutls_anon_client_credentials_t *)); | 80 | (gnutls_anon_client_credentials_t *)); |
| 81 | DEF_GNUTLS_FN (void, gnutls_anon_free_client_credentials, | 81 | DEF_GNUTLS_FN (void, gnutls_anon_free_client_credentials, |
| 82 | (gnutls_anon_client_credentials_t)); | 82 | (gnutls_anon_client_credentials_t)); |
| 83 | DEF_GNUTLS_FN (int, gnutls_bye, (gnutls_session_t, gnutls_close_request_t)); | 83 | DEF_GNUTLS_FN (int, gnutls_bye, (gnutls_session_t, gnutls_close_request_t)); |
| 84 | DEF_GNUTLS_FN (int, gnutls_certificate_allocate_credentials, | 84 | DEF_GNUTLS_FN (int, gnutls_certificate_allocate_credentials, |
| 85 | (gnutls_certificate_credentials_t *)); | 85 | (gnutls_certificate_credentials_t *)); |
| 86 | DEF_GNUTLS_FN (void, gnutls_certificate_free_credentials, | 86 | DEF_GNUTLS_FN (void, gnutls_certificate_free_credentials, |
| 87 | (gnutls_certificate_credentials_t)); | 87 | (gnutls_certificate_credentials_t)); |
| 88 | DEF_GNUTLS_FN (const gnutls_datum_t *, gnutls_certificate_get_peers, | 88 | DEF_GNUTLS_FN (const gnutls_datum_t *, gnutls_certificate_get_peers, |
| 89 | (gnutls_session_t, unsigned int *)); | 89 | (gnutls_session_t, unsigned int *)); |
| 90 | DEF_GNUTLS_FN (void, gnutls_certificate_set_verify_flags, | 90 | DEF_GNUTLS_FN (void, gnutls_certificate_set_verify_flags, |
| 91 | (gnutls_certificate_credentials_t, unsigned int)); | 91 | (gnutls_certificate_credentials_t, unsigned int)); |
| 92 | DEF_GNUTLS_FN (int, gnutls_certificate_set_x509_crl_file, | 92 | DEF_GNUTLS_FN (int, gnutls_certificate_set_x509_crl_file, |
| 93 | (gnutls_certificate_credentials_t, const char *, | 93 | (gnutls_certificate_credentials_t, const char *, |
| 94 | gnutls_x509_crt_fmt_t)); | 94 | gnutls_x509_crt_fmt_t)); |
| 95 | DEF_GNUTLS_FN (int, gnutls_certificate_set_x509_key_file, | 95 | DEF_GNUTLS_FN (int, gnutls_certificate_set_x509_key_file, |
| 96 | (gnutls_certificate_credentials_t, const char *, const char *, | 96 | (gnutls_certificate_credentials_t, const char *, const char *, |
| 97 | gnutls_x509_crt_fmt_t)); | 97 | gnutls_x509_crt_fmt_t)); |
| 98 | DEF_GNUTLS_FN (int, gnutls_certificate_set_x509_trust_file, | 98 | DEF_GNUTLS_FN (int, gnutls_certificate_set_x509_trust_file, |
| 99 | (gnutls_certificate_credentials_t, const char *, | 99 | (gnutls_certificate_credentials_t, const char *, |
| 100 | gnutls_x509_crt_fmt_t)); | 100 | gnutls_x509_crt_fmt_t)); |
| 101 | DEF_GNUTLS_FN (gnutls_certificate_type_t, gnutls_certificate_type_get, | 101 | DEF_GNUTLS_FN (gnutls_certificate_type_t, gnutls_certificate_type_get, |
| 102 | (gnutls_session_t)); | 102 | (gnutls_session_t)); |
| 103 | DEF_GNUTLS_FN (int, gnutls_certificate_verify_peers2, | 103 | DEF_GNUTLS_FN (int, gnutls_certificate_verify_peers2, |
| 104 | (gnutls_session_t, unsigned int *)); | 104 | (gnutls_session_t, unsigned int *)); |
| 105 | DEF_GNUTLS_FN (int, gnutls_credentials_set, | 105 | DEF_GNUTLS_FN (int, gnutls_credentials_set, |
| 106 | (gnutls_session_t, gnutls_credentials_type_t, void *)); | 106 | (gnutls_session_t, gnutls_credentials_type_t, void *)); |
| 107 | DEF_GNUTLS_FN (void, gnutls_deinit, (gnutls_session_t)); | 107 | DEF_GNUTLS_FN (void, gnutls_deinit, (gnutls_session_t)); |
| 108 | DEF_GNUTLS_FN (void, gnutls_dh_set_prime_bits, | 108 | DEF_GNUTLS_FN (void, gnutls_dh_set_prime_bits, |
| 109 | (gnutls_session_t, unsigned int)); | 109 | (gnutls_session_t, unsigned int)); |
| 110 | DEF_GNUTLS_FN (int, gnutls_error_is_fatal, (int)); | 110 | DEF_GNUTLS_FN (int, gnutls_error_is_fatal, (int)); |
| 111 | DEF_GNUTLS_FN (int, gnutls_global_init, (void)); | 111 | DEF_GNUTLS_FN (int, gnutls_global_init, (void)); |
| 112 | DEF_GNUTLS_FN (void, gnutls_global_set_log_function, (gnutls_log_func)); | 112 | DEF_GNUTLS_FN (void, gnutls_global_set_log_function, (gnutls_log_func)); |
| @@ -118,27 +118,27 @@ DEF_GNUTLS_FN (void, gnutls_global_set_mem_functions, | |||
| 118 | DEF_GNUTLS_FN (int, gnutls_handshake, (gnutls_session_t)); | 118 | DEF_GNUTLS_FN (int, gnutls_handshake, (gnutls_session_t)); |
| 119 | DEF_GNUTLS_FN (int, gnutls_init, (gnutls_session_t *, gnutls_connection_end_t)); | 119 | DEF_GNUTLS_FN (int, gnutls_init, (gnutls_session_t *, gnutls_connection_end_t)); |
| 120 | DEF_GNUTLS_FN (int, gnutls_priority_set_direct, | 120 | DEF_GNUTLS_FN (int, gnutls_priority_set_direct, |
| 121 | (gnutls_session_t, const char *, const char **)); | 121 | (gnutls_session_t, const char *, const char **)); |
| 122 | DEF_GNUTLS_FN (size_t, gnutls_record_check_pending, (gnutls_session_t)); | 122 | DEF_GNUTLS_FN (size_t, gnutls_record_check_pending, (gnutls_session_t)); |
| 123 | DEF_GNUTLS_FN (ssize_t, gnutls_record_recv, (gnutls_session_t, void *, size_t)); | 123 | DEF_GNUTLS_FN (ssize_t, gnutls_record_recv, (gnutls_session_t, void *, size_t)); |
| 124 | DEF_GNUTLS_FN (ssize_t, gnutls_record_send, | 124 | DEF_GNUTLS_FN (ssize_t, gnutls_record_send, |
| 125 | (gnutls_session_t, const void *, size_t)); | 125 | (gnutls_session_t, const void *, size_t)); |
| 126 | DEF_GNUTLS_FN (const char *, gnutls_strerror, (int)); | 126 | DEF_GNUTLS_FN (const char *, gnutls_strerror, (int)); |
| 127 | DEF_GNUTLS_FN (void, gnutls_transport_set_errno, (gnutls_session_t, int)); | 127 | DEF_GNUTLS_FN (void, gnutls_transport_set_errno, (gnutls_session_t, int)); |
| 128 | DEF_GNUTLS_FN (void, gnutls_transport_set_lowat, (gnutls_session_t, int)); | 128 | DEF_GNUTLS_FN (void, gnutls_transport_set_lowat, (gnutls_session_t, int)); |
| 129 | DEF_GNUTLS_FN (void, gnutls_transport_set_ptr2, | 129 | DEF_GNUTLS_FN (void, gnutls_transport_set_ptr2, |
| 130 | (gnutls_session_t, gnutls_transport_ptr_t, | 130 | (gnutls_session_t, gnutls_transport_ptr_t, |
| 131 | gnutls_transport_ptr_t)); | 131 | gnutls_transport_ptr_t)); |
| 132 | DEF_GNUTLS_FN (void, gnutls_transport_set_pull_function, | 132 | DEF_GNUTLS_FN (void, gnutls_transport_set_pull_function, |
| 133 | (gnutls_session_t, gnutls_pull_func)); | 133 | (gnutls_session_t, gnutls_pull_func)); |
| 134 | DEF_GNUTLS_FN (void, gnutls_transport_set_push_function, | 134 | DEF_GNUTLS_FN (void, gnutls_transport_set_push_function, |
| 135 | (gnutls_session_t, gnutls_push_func)); | 135 | (gnutls_session_t, gnutls_push_func)); |
| 136 | DEF_GNUTLS_FN (int, gnutls_x509_crt_check_hostname, | 136 | DEF_GNUTLS_FN (int, gnutls_x509_crt_check_hostname, |
| 137 | (gnutls_x509_crt_t, const char *)); | 137 | (gnutls_x509_crt_t, const char *)); |
| 138 | DEF_GNUTLS_FN (void, gnutls_x509_crt_deinit, (gnutls_x509_crt_t)); | 138 | DEF_GNUTLS_FN (void, gnutls_x509_crt_deinit, (gnutls_x509_crt_t)); |
| 139 | DEF_GNUTLS_FN (int, gnutls_x509_crt_import, | 139 | DEF_GNUTLS_FN (int, gnutls_x509_crt_import, |
| 140 | (gnutls_x509_crt_t, const gnutls_datum_t *, | 140 | (gnutls_x509_crt_t, const gnutls_datum_t *, |
| 141 | gnutls_x509_crt_fmt_t)); | 141 | gnutls_x509_crt_fmt_t)); |
| 142 | DEF_GNUTLS_FN (int, gnutls_x509_crt_init, (gnutls_x509_crt_t *)); | 142 | DEF_GNUTLS_FN (int, gnutls_x509_crt_init, (gnutls_x509_crt_t *)); |
| 143 | 143 | ||
| 144 | static int | 144 | static int |
| @@ -196,7 +196,7 @@ init_gnutls_functions (Lisp_Object libraries) | |||
| 196 | max_log_level = global_gnutls_log_level; | 196 | max_log_level = global_gnutls_log_level; |
| 197 | 197 | ||
| 198 | GNUTLS_LOG2 (1, max_log_level, "GnuTLS library loaded:", | 198 | GNUTLS_LOG2 (1, max_log_level, "GnuTLS library loaded:", |
| 199 | SDATA (Fget (Qgnutls_dll, QCloaded_from))); | 199 | SDATA (Fget (Qgnutls_dll, QCloaded_from))); |
| 200 | return 1; | 200 | return 1; |
| 201 | } | 201 | } |
| 202 | 202 | ||
| @@ -267,29 +267,29 @@ emacs_gnutls_handshake (struct Lisp_Process *proc) | |||
| 267 | { | 267 | { |
| 268 | #ifdef WINDOWSNT | 268 | #ifdef WINDOWSNT |
| 269 | /* On W32 we cannot transfer socket handles between different runtime | 269 | /* On W32 we cannot transfer socket handles between different runtime |
| 270 | libraries, so we tell GnuTLS to use our special push/pull | 270 | libraries, so we tell GnuTLS to use our special push/pull |
| 271 | functions. */ | 271 | functions. */ |
| 272 | fn_gnutls_transport_set_ptr2 (state, | 272 | fn_gnutls_transport_set_ptr2 (state, |
| 273 | (gnutls_transport_ptr_t) proc, | 273 | (gnutls_transport_ptr_t) proc, |
| 274 | (gnutls_transport_ptr_t) proc); | 274 | (gnutls_transport_ptr_t) proc); |
| 275 | fn_gnutls_transport_set_push_function (state, &emacs_gnutls_push); | 275 | fn_gnutls_transport_set_push_function (state, &emacs_gnutls_push); |
| 276 | fn_gnutls_transport_set_pull_function (state, &emacs_gnutls_pull); | 276 | fn_gnutls_transport_set_pull_function (state, &emacs_gnutls_pull); |
| 277 | 277 | ||
| 278 | /* For non blocking sockets or other custom made pull/push | 278 | /* For non blocking sockets or other custom made pull/push |
| 279 | functions the gnutls_transport_set_lowat must be called, with | 279 | functions the gnutls_transport_set_lowat must be called, with |
| 280 | a zero low water mark value. (GnuTLS 2.10.4 documentation) | 280 | a zero low water mark value. (GnuTLS 2.10.4 documentation) |
| 281 | 281 | ||
| 282 | (Note: this is probably not strictly necessary as the lowat | 282 | (Note: this is probably not strictly necessary as the lowat |
| 283 | value is only used when no custom pull/push functions are | 283 | value is only used when no custom pull/push functions are |
| 284 | set.) */ | 284 | set.) */ |
| 285 | fn_gnutls_transport_set_lowat (state, 0); | 285 | fn_gnutls_transport_set_lowat (state, 0); |
| 286 | #else | 286 | #else |
| 287 | /* This is how GnuTLS takes sockets: as file descriptors passed | 287 | /* This is how GnuTLS takes sockets: as file descriptors passed |
| 288 | in. For an Emacs process socket, infd and outfd are the | 288 | in. For an Emacs process socket, infd and outfd are the |
| 289 | same but we use this two-argument version for clarity. */ | 289 | same but we use this two-argument version for clarity. */ |
| 290 | fn_gnutls_transport_set_ptr2 (state, | 290 | fn_gnutls_transport_set_ptr2 (state, |
| 291 | (gnutls_transport_ptr_t) (long) proc->infd, | 291 | (gnutls_transport_ptr_t) (long) proc->infd, |
| 292 | (gnutls_transport_ptr_t) (long) proc->outfd); | 292 | (gnutls_transport_ptr_t) (long) proc->outfd); |
| 293 | #endif | 293 | #endif |
| 294 | 294 | ||
| 295 | proc->gnutls_initstage = GNUTLS_STAGE_TRANSPORT_POINTERS_SET; | 295 | proc->gnutls_initstage = GNUTLS_STAGE_TRANSPORT_POINTERS_SET; |
| @@ -352,12 +352,12 @@ emacs_gnutls_write (struct Lisp_Process *proc, const char *buf, EMACS_INT nbyte) | |||
| 352 | rtnval = fn_gnutls_record_send (state, buf, nbyte); | 352 | rtnval = fn_gnutls_record_send (state, buf, nbyte); |
| 353 | 353 | ||
| 354 | if (rtnval < 0) | 354 | if (rtnval < 0) |
| 355 | { | 355 | { |
| 356 | if (rtnval == GNUTLS_E_AGAIN || rtnval == GNUTLS_E_INTERRUPTED) | 356 | if (rtnval == GNUTLS_E_AGAIN || rtnval == GNUTLS_E_INTERRUPTED) |
| 357 | continue; | 357 | continue; |
| 358 | else | 358 | else |
| 359 | break; | 359 | break; |
| 360 | } | 360 | } |
| 361 | 361 | ||
| 362 | buf += rtnval; | 362 | buf += rtnval; |
| 363 | nbyte -= rtnval; | 363 | nbyte -= rtnval; |
| @@ -756,26 +756,26 @@ one trustfile (usually a CA bundle). */) | |||
| 756 | 756 | ||
| 757 | if (EQ (type, Qgnutls_x509pki)) | 757 | if (EQ (type, Qgnutls_x509pki)) |
| 758 | { | 758 | { |
| 759 | GNUTLS_LOG (2, max_log_level, "deallocating x509 credentials"); | 759 | GNUTLS_LOG (2, max_log_level, "deallocating x509 credentials"); |
| 760 | x509_cred = XPROCESS (proc)->gnutls_x509_cred; | 760 | x509_cred = XPROCESS (proc)->gnutls_x509_cred; |
| 761 | fn_gnutls_certificate_free_credentials (x509_cred); | 761 | fn_gnutls_certificate_free_credentials (x509_cred); |
| 762 | } | 762 | } |
| 763 | else if (EQ (type, Qgnutls_anon)) | 763 | else if (EQ (type, Qgnutls_anon)) |
| 764 | { | 764 | { |
| 765 | GNUTLS_LOG (2, max_log_level, "deallocating anon credentials"); | 765 | GNUTLS_LOG (2, max_log_level, "deallocating anon credentials"); |
| 766 | anon_cred = XPROCESS (proc)->gnutls_anon_cred; | 766 | anon_cred = XPROCESS (proc)->gnutls_anon_cred; |
| 767 | fn_gnutls_anon_free_client_credentials (anon_cred); | 767 | fn_gnutls_anon_free_client_credentials (anon_cred); |
| 768 | } | 768 | } |
| 769 | else | 769 | else |
| 770 | { | 770 | { |
| 771 | error ("unknown credential type"); | 771 | error ("unknown credential type"); |
| 772 | ret = GNUTLS_EMACS_ERROR_INVALID_TYPE; | 772 | ret = GNUTLS_EMACS_ERROR_INVALID_TYPE; |
| 773 | } | 773 | } |
| 774 | 774 | ||
| 775 | if (GNUTLS_INITSTAGE (proc) >= GNUTLS_STAGE_INIT) | 775 | if (GNUTLS_INITSTAGE (proc) >= GNUTLS_STAGE_INIT) |
| 776 | { | 776 | { |
| 777 | GNUTLS_LOG (1, max_log_level, "deallocating x509 credentials"); | 777 | GNUTLS_LOG (1, max_log_level, "deallocating x509 credentials"); |
| 778 | Fgnutls_deinit (proc); | 778 | Fgnutls_deinit (proc); |
| 779 | } | 779 | } |
| 780 | } | 780 | } |
| 781 | 781 | ||
| @@ -790,20 +790,20 @@ one trustfile (usually a CA bundle). */) | |||
| 790 | fn_gnutls_certificate_allocate_credentials (&x509_cred); | 790 | fn_gnutls_certificate_allocate_credentials (&x509_cred); |
| 791 | 791 | ||
| 792 | if (NUMBERP (verify_flags)) | 792 | if (NUMBERP (verify_flags)) |
| 793 | { | 793 | { |
| 794 | gnutls_verify_flags = XINT (verify_flags); | 794 | gnutls_verify_flags = XINT (verify_flags); |
| 795 | GNUTLS_LOG (2, max_log_level, "setting verification flags"); | 795 | GNUTLS_LOG (2, max_log_level, "setting verification flags"); |
| 796 | } | 796 | } |
| 797 | else if (NILP (verify_flags)) | 797 | else if (NILP (verify_flags)) |
| 798 | { | 798 | { |
| 799 | /* The default is already GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT. */ | 799 | /* The default is already GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT. */ |
| 800 | GNUTLS_LOG (2, max_log_level, "using default verification flags"); | 800 | GNUTLS_LOG (2, max_log_level, "using default verification flags"); |
| 801 | } | 801 | } |
| 802 | else | 802 | else |
| 803 | { | 803 | { |
| 804 | /* The default is already GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT. */ | 804 | /* The default is already GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT. */ |
| 805 | GNUTLS_LOG (2, max_log_level, "ignoring invalid verify-flags"); | 805 | GNUTLS_LOG (2, max_log_level, "ignoring invalid verify-flags"); |
| 806 | } | 806 | } |
| 807 | fn_gnutls_certificate_set_verify_flags (x509_cred, gnutls_verify_flags); | 807 | fn_gnutls_certificate_set_verify_flags (x509_cred, gnutls_verify_flags); |
| 808 | } | 808 | } |
| 809 | else if (EQ (type, Qgnutls_anon)) | 809 | else if (EQ (type, Qgnutls_anon)) |
| @@ -828,76 +828,76 @@ one trustfile (usually a CA bundle). */) | |||
| 828 | for (tail = trustfiles; !NILP (tail); tail = Fcdr (tail)) | 828 | for (tail = trustfiles; !NILP (tail); tail = Fcdr (tail)) |
| 829 | { | 829 | { |
| 830 | Lisp_Object trustfile = Fcar (tail); | 830 | Lisp_Object trustfile = Fcar (tail); |
| 831 | if (STRINGP (trustfile)) | 831 | if (STRINGP (trustfile)) |
| 832 | { | 832 | { |
| 833 | GNUTLS_LOG2 (1, max_log_level, "setting the trustfile: ", | 833 | GNUTLS_LOG2 (1, max_log_level, "setting the trustfile: ", |
| 834 | SSDATA (trustfile)); | 834 | SSDATA (trustfile)); |
| 835 | ret = fn_gnutls_certificate_set_x509_trust_file | 835 | ret = fn_gnutls_certificate_set_x509_trust_file |
| 836 | (x509_cred, | 836 | (x509_cred, |
| 837 | SSDATA (trustfile), | 837 | SSDATA (trustfile), |
| 838 | file_format); | 838 | file_format); |
| 839 | 839 | ||
| 840 | if (ret < GNUTLS_E_SUCCESS) | 840 | if (ret < GNUTLS_E_SUCCESS) |
| 841 | return gnutls_make_error (ret); | 841 | return gnutls_make_error (ret); |
| 842 | } | 842 | } |
| 843 | else | 843 | else |
| 844 | { | 844 | { |
| 845 | error ("Sorry, GnuTLS can't use non-string trustfile %s", | 845 | error ("Sorry, GnuTLS can't use non-string trustfile %s", |
| 846 | SDATA (trustfile)); | 846 | SDATA (trustfile)); |
| 847 | } | 847 | } |
| 848 | } | 848 | } |
| 849 | 849 | ||
| 850 | for (tail = crlfiles; !NILP (tail); tail = Fcdr (tail)) | 850 | for (tail = crlfiles; !NILP (tail); tail = Fcdr (tail)) |
| 851 | { | 851 | { |
| 852 | Lisp_Object crlfile = Fcar (tail); | 852 | Lisp_Object crlfile = Fcar (tail); |
| 853 | if (STRINGP (crlfile)) | 853 | if (STRINGP (crlfile)) |
| 854 | { | 854 | { |
| 855 | GNUTLS_LOG2 (1, max_log_level, "setting the CRL file: ", | 855 | GNUTLS_LOG2 (1, max_log_level, "setting the CRL file: ", |
| 856 | SSDATA (crlfile)); | 856 | SSDATA (crlfile)); |
| 857 | ret = fn_gnutls_certificate_set_x509_crl_file | 857 | ret = fn_gnutls_certificate_set_x509_crl_file |
| 858 | (x509_cred, | 858 | (x509_cred, |
| 859 | SSDATA (crlfile), | 859 | SSDATA (crlfile), |
| 860 | file_format); | 860 | file_format); |
| 861 | 861 | ||
| 862 | if (ret < GNUTLS_E_SUCCESS) | 862 | if (ret < GNUTLS_E_SUCCESS) |
| 863 | return gnutls_make_error (ret); | 863 | return gnutls_make_error (ret); |
| 864 | } | 864 | } |
| 865 | else | 865 | else |
| 866 | { | 866 | { |
| 867 | error ("Sorry, GnuTLS can't use non-string CRL file %s", | 867 | error ("Sorry, GnuTLS can't use non-string CRL file %s", |
| 868 | SDATA (crlfile)); | 868 | SDATA (crlfile)); |
| 869 | } | 869 | } |
| 870 | } | 870 | } |
| 871 | 871 | ||
| 872 | for (tail = keylist; !NILP (tail); tail = Fcdr (tail)) | 872 | for (tail = keylist; !NILP (tail); tail = Fcdr (tail)) |
| 873 | { | 873 | { |
| 874 | Lisp_Object keyfile = Fcar (Fcar (tail)); | 874 | Lisp_Object keyfile = Fcar (Fcar (tail)); |
| 875 | Lisp_Object certfile = Fcar (Fcdr (tail)); | 875 | Lisp_Object certfile = Fcar (Fcdr (tail)); |
| 876 | if (STRINGP (keyfile) && STRINGP (certfile)) | 876 | if (STRINGP (keyfile) && STRINGP (certfile)) |
| 877 | { | 877 | { |
| 878 | GNUTLS_LOG2 (1, max_log_level, "setting the client key file: ", | 878 | GNUTLS_LOG2 (1, max_log_level, "setting the client key file: ", |
| 879 | SSDATA (keyfile)); | 879 | SSDATA (keyfile)); |
| 880 | GNUTLS_LOG2 (1, max_log_level, "setting the client cert file: ", | 880 | GNUTLS_LOG2 (1, max_log_level, "setting the client cert file: ", |
| 881 | SSDATA (certfile)); | 881 | SSDATA (certfile)); |
| 882 | ret = fn_gnutls_certificate_set_x509_key_file | 882 | ret = fn_gnutls_certificate_set_x509_key_file |
| 883 | (x509_cred, | 883 | (x509_cred, |
| 884 | SSDATA (certfile), | 884 | SSDATA (certfile), |
| 885 | SSDATA (keyfile), | 885 | SSDATA (keyfile), |
| 886 | file_format); | 886 | file_format); |
| 887 | 887 | ||
| 888 | if (ret < GNUTLS_E_SUCCESS) | 888 | if (ret < GNUTLS_E_SUCCESS) |
| 889 | return gnutls_make_error (ret); | 889 | return gnutls_make_error (ret); |
| 890 | } | 890 | } |
| 891 | else | 891 | else |
| 892 | { | 892 | { |
| 893 | if (STRINGP (keyfile)) | 893 | if (STRINGP (keyfile)) |
| 894 | error ("Sorry, GnuTLS can't use non-string client cert file %s", | 894 | error ("Sorry, GnuTLS can't use non-string client cert file %s", |
| 895 | SDATA (certfile)); | 895 | SDATA (certfile)); |
| 896 | else | 896 | else |
| 897 | error ("Sorry, GnuTLS can't use non-string client key file %s", | 897 | error ("Sorry, GnuTLS can't use non-string client key file %s", |
| 898 | SDATA (keyfile)); | 898 | SDATA (keyfile)); |
| 899 | } | 899 | } |
| 900 | } | 900 | } |
| 901 | } | 901 | } |
| 902 | 902 | ||
| 903 | GNUTLS_INITSTAGE (proc) = GNUTLS_STAGE_FILES; | 903 | GNUTLS_INITSTAGE (proc) = GNUTLS_STAGE_FILES; |
| @@ -925,19 +925,19 @@ one trustfile (usually a CA bundle). */) | |||
| 925 | { | 925 | { |
| 926 | priority_string_ptr = SSDATA (priority_string); | 926 | priority_string_ptr = SSDATA (priority_string); |
| 927 | GNUTLS_LOG2 (1, max_log_level, "got non-default priority string:", | 927 | GNUTLS_LOG2 (1, max_log_level, "got non-default priority string:", |
| 928 | priority_string_ptr); | 928 | priority_string_ptr); |
| 929 | } | 929 | } |
| 930 | else | 930 | else |
| 931 | { | 931 | { |
| 932 | GNUTLS_LOG2 (1, max_log_level, "using default priority string:", | 932 | GNUTLS_LOG2 (1, max_log_level, "using default priority string:", |
| 933 | priority_string_ptr); | 933 | priority_string_ptr); |
| 934 | } | 934 | } |
| 935 | 935 | ||
| 936 | GNUTLS_LOG (1, max_log_level, "setting the priority string"); | 936 | GNUTLS_LOG (1, max_log_level, "setting the priority string"); |
| 937 | 937 | ||
| 938 | ret = fn_gnutls_priority_set_direct (state, | 938 | ret = fn_gnutls_priority_set_direct (state, |
| 939 | priority_string_ptr, | 939 | priority_string_ptr, |
| 940 | NULL); | 940 | NULL); |
| 941 | 941 | ||
| 942 | if (ret < GNUTLS_E_SUCCESS) | 942 | if (ret < GNUTLS_E_SUCCESS) |
| 943 | return gnutls_make_error (ret); | 943 | return gnutls_make_error (ret); |
| @@ -990,44 +990,44 @@ one trustfile (usually a CA bundle). */) | |||
| 990 | 990 | ||
| 991 | if (XINT (loglevel) > 0 && peer_verification & GNUTLS_CERT_INVALID) | 991 | if (XINT (loglevel) > 0 && peer_verification & GNUTLS_CERT_INVALID) |
| 992 | message ("%s certificate could not be verified.", | 992 | message ("%s certificate could not be verified.", |
| 993 | c_hostname); | 993 | c_hostname); |
| 994 | 994 | ||
| 995 | if (peer_verification & GNUTLS_CERT_REVOKED) | 995 | if (peer_verification & GNUTLS_CERT_REVOKED) |
| 996 | GNUTLS_LOG2 (1, max_log_level, "certificate was revoked (CRL):", | 996 | GNUTLS_LOG2 (1, max_log_level, "certificate was revoked (CRL):", |
| 997 | c_hostname); | 997 | c_hostname); |
| 998 | 998 | ||
| 999 | if (peer_verification & GNUTLS_CERT_SIGNER_NOT_FOUND) | 999 | if (peer_verification & GNUTLS_CERT_SIGNER_NOT_FOUND) |
| 1000 | GNUTLS_LOG2 (1, max_log_level, "certificate signer was not found:", | 1000 | GNUTLS_LOG2 (1, max_log_level, "certificate signer was not found:", |
| 1001 | c_hostname); | 1001 | c_hostname); |
| 1002 | 1002 | ||
| 1003 | if (peer_verification & GNUTLS_CERT_SIGNER_NOT_CA) | 1003 | if (peer_verification & GNUTLS_CERT_SIGNER_NOT_CA) |
| 1004 | GNUTLS_LOG2 (1, max_log_level, "certificate signer is not a CA:", | 1004 | GNUTLS_LOG2 (1, max_log_level, "certificate signer is not a CA:", |
| 1005 | c_hostname); | 1005 | c_hostname); |
| 1006 | 1006 | ||
| 1007 | if (peer_verification & GNUTLS_CERT_INSECURE_ALGORITHM) | 1007 | if (peer_verification & GNUTLS_CERT_INSECURE_ALGORITHM) |
| 1008 | GNUTLS_LOG2 (1, max_log_level, | 1008 | GNUTLS_LOG2 (1, max_log_level, |
| 1009 | "certificate was signed with an insecure algorithm:", | 1009 | "certificate was signed with an insecure algorithm:", |
| 1010 | c_hostname); | 1010 | c_hostname); |
| 1011 | 1011 | ||
| 1012 | if (peer_verification & GNUTLS_CERT_NOT_ACTIVATED) | 1012 | if (peer_verification & GNUTLS_CERT_NOT_ACTIVATED) |
| 1013 | GNUTLS_LOG2 (1, max_log_level, "certificate is not yet activated:", | 1013 | GNUTLS_LOG2 (1, max_log_level, "certificate is not yet activated:", |
| 1014 | c_hostname); | 1014 | c_hostname); |
| 1015 | 1015 | ||
| 1016 | if (peer_verification & GNUTLS_CERT_EXPIRED) | 1016 | if (peer_verification & GNUTLS_CERT_EXPIRED) |
| 1017 | GNUTLS_LOG2 (1, max_log_level, "certificate has expired:", | 1017 | GNUTLS_LOG2 (1, max_log_level, "certificate has expired:", |
| 1018 | c_hostname); | 1018 | c_hostname); |
| 1019 | 1019 | ||
| 1020 | if (peer_verification != 0) | 1020 | if (peer_verification != 0) |
| 1021 | { | 1021 | { |
| 1022 | if (NILP (verify_hostname_error)) | 1022 | if (NILP (verify_hostname_error)) |
| 1023 | { | 1023 | { |
| 1024 | GNUTLS_LOG2 (1, max_log_level, "certificate validation failed:", | 1024 | GNUTLS_LOG2 (1, max_log_level, "certificate validation failed:", |
| 1025 | c_hostname); | 1025 | c_hostname); |
| 1026 | } | 1026 | } |
| 1027 | else | 1027 | else |
| 1028 | { | 1028 | { |
| 1029 | error ("Certificate validation failed %s, verification code %d", | 1029 | error ("Certificate validation failed %s, verification code %d", |
| 1030 | c_hostname, peer_verification); | 1030 | c_hostname, peer_verification); |
| 1031 | } | 1031 | } |
| 1032 | } | 1032 | } |
| 1033 | 1033 | ||
| @@ -1039,41 +1039,41 @@ one trustfile (usually a CA bundle). */) | |||
| 1039 | ret = fn_gnutls_x509_crt_init (&gnutls_verify_cert); | 1039 | ret = fn_gnutls_x509_crt_init (&gnutls_verify_cert); |
| 1040 | 1040 | ||
| 1041 | if (ret < GNUTLS_E_SUCCESS) | 1041 | if (ret < GNUTLS_E_SUCCESS) |
| 1042 | return gnutls_make_error (ret); | 1042 | return gnutls_make_error (ret); |
| 1043 | 1043 | ||
| 1044 | gnutls_verify_cert_list = | 1044 | gnutls_verify_cert_list = |
| 1045 | fn_gnutls_certificate_get_peers (state, &gnutls_verify_cert_list_size); | 1045 | fn_gnutls_certificate_get_peers (state, &gnutls_verify_cert_list_size); |
| 1046 | 1046 | ||
| 1047 | if (NULL == gnutls_verify_cert_list) | 1047 | if (NULL == gnutls_verify_cert_list) |
| 1048 | { | 1048 | { |
| 1049 | error ("No x509 certificate was found!\n"); | 1049 | error ("No x509 certificate was found!\n"); |
| 1050 | } | 1050 | } |
| 1051 | 1051 | ||
| 1052 | /* We only check the first certificate in the given chain. */ | 1052 | /* We only check the first certificate in the given chain. */ |
| 1053 | ret = fn_gnutls_x509_crt_import (gnutls_verify_cert, | 1053 | ret = fn_gnutls_x509_crt_import (gnutls_verify_cert, |
| 1054 | &gnutls_verify_cert_list[0], | 1054 | &gnutls_verify_cert_list[0], |
| 1055 | GNUTLS_X509_FMT_DER); | 1055 | GNUTLS_X509_FMT_DER); |
| 1056 | 1056 | ||
| 1057 | if (ret < GNUTLS_E_SUCCESS) | 1057 | if (ret < GNUTLS_E_SUCCESS) |
| 1058 | { | 1058 | { |
| 1059 | fn_gnutls_x509_crt_deinit (gnutls_verify_cert); | 1059 | fn_gnutls_x509_crt_deinit (gnutls_verify_cert); |
| 1060 | return gnutls_make_error (ret); | 1060 | return gnutls_make_error (ret); |
| 1061 | } | 1061 | } |
| 1062 | 1062 | ||
| 1063 | if (!fn_gnutls_x509_crt_check_hostname (gnutls_verify_cert, c_hostname)) | 1063 | if (!fn_gnutls_x509_crt_check_hostname (gnutls_verify_cert, c_hostname)) |
| 1064 | { | 1064 | { |
| 1065 | if (NILP (verify_hostname_error)) | 1065 | if (NILP (verify_hostname_error)) |
| 1066 | { | 1066 | { |
| 1067 | GNUTLS_LOG2 (1, max_log_level, "x509 certificate does not match:", | 1067 | GNUTLS_LOG2 (1, max_log_level, "x509 certificate does not match:", |
| 1068 | c_hostname); | 1068 | c_hostname); |
| 1069 | } | 1069 | } |
| 1070 | else | 1070 | else |
| 1071 | { | 1071 | { |
| 1072 | fn_gnutls_x509_crt_deinit (gnutls_verify_cert); | 1072 | fn_gnutls_x509_crt_deinit (gnutls_verify_cert); |
| 1073 | error ("The x509 certificate does not match \"%s\"", | 1073 | error ("The x509 certificate does not match \"%s\"", |
| 1074 | c_hostname); | 1074 | c_hostname); |
| 1075 | } | 1075 | } |
| 1076 | } | 1076 | } |
| 1077 | 1077 | ||
| 1078 | fn_gnutls_x509_crt_deinit (gnutls_verify_cert); | 1078 | fn_gnutls_x509_crt_deinit (gnutls_verify_cert); |
| 1079 | } | 1079 | } |
| @@ -1105,7 +1105,7 @@ This function may also return `gnutls-e-again', or | |||
| 1105 | state = XPROCESS (proc)->gnutls_state; | 1105 | state = XPROCESS (proc)->gnutls_state; |
| 1106 | 1106 | ||
| 1107 | ret = fn_gnutls_bye (state, | 1107 | ret = fn_gnutls_bye (state, |
| 1108 | NILP (cont) ? GNUTLS_SHUT_RDWR : GNUTLS_SHUT_WR); | 1108 | NILP (cont) ? GNUTLS_SHUT_RDWR : GNUTLS_SHUT_WR); |
| 1109 | 1109 | ||
| 1110 | return gnutls_make_error (ret); | 1110 | return gnutls_make_error (ret); |
| 1111 | } | 1111 | } |
| @@ -1133,19 +1133,19 @@ syms_of_gnutls (void) | |||
| 1133 | 1133 | ||
| 1134 | DEFSYM (Qgnutls_e_interrupted, "gnutls-e-interrupted"); | 1134 | DEFSYM (Qgnutls_e_interrupted, "gnutls-e-interrupted"); |
| 1135 | Fput (Qgnutls_e_interrupted, Qgnutls_code, | 1135 | Fput (Qgnutls_e_interrupted, Qgnutls_code, |
| 1136 | make_number (GNUTLS_E_INTERRUPTED)); | 1136 | make_number (GNUTLS_E_INTERRUPTED)); |
| 1137 | 1137 | ||
| 1138 | DEFSYM (Qgnutls_e_again, "gnutls-e-again"); | 1138 | DEFSYM (Qgnutls_e_again, "gnutls-e-again"); |
| 1139 | Fput (Qgnutls_e_again, Qgnutls_code, | 1139 | Fput (Qgnutls_e_again, Qgnutls_code, |
| 1140 | make_number (GNUTLS_E_AGAIN)); | 1140 | make_number (GNUTLS_E_AGAIN)); |
| 1141 | 1141 | ||
| 1142 | DEFSYM (Qgnutls_e_invalid_session, "gnutls-e-invalid-session"); | 1142 | DEFSYM (Qgnutls_e_invalid_session, "gnutls-e-invalid-session"); |
| 1143 | Fput (Qgnutls_e_invalid_session, Qgnutls_code, | 1143 | Fput (Qgnutls_e_invalid_session, Qgnutls_code, |
| 1144 | make_number (GNUTLS_E_INVALID_SESSION)); | 1144 | make_number (GNUTLS_E_INVALID_SESSION)); |
| 1145 | 1145 | ||
| 1146 | DEFSYM (Qgnutls_e_not_ready_for_handshake, "gnutls-e-not-ready-for-handshake"); | 1146 | DEFSYM (Qgnutls_e_not_ready_for_handshake, "gnutls-e-not-ready-for-handshake"); |
| 1147 | Fput (Qgnutls_e_not_ready_for_handshake, Qgnutls_code, | 1147 | Fput (Qgnutls_e_not_ready_for_handshake, Qgnutls_code, |
| 1148 | make_number (GNUTLS_E_APPLICATION_ERROR_MIN)); | 1148 | make_number (GNUTLS_E_APPLICATION_ERROR_MIN)); |
| 1149 | 1149 | ||
| 1150 | defsubr (&Sgnutls_get_initstage); | 1150 | defsubr (&Sgnutls_get_initstage); |
| 1151 | defsubr (&Sgnutls_errorp); | 1151 | defsubr (&Sgnutls_errorp); |