00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015 #include "tlsgnutlsclientanon.h"
00016
00017 #ifdef HAVE_GNUTLS
00018
00019 #include <errno.h>
00020
00021 namespace gloox
00022 {
00023
00024 GnuTLSClientAnon::GnuTLSClientAnon( TLSHandler *th )
00025 : GnuTLSBase( th )
00026 {
00027 init();
00028 }
00029
00030 GnuTLSClientAnon::~GnuTLSClientAnon()
00031 {
00032 gnutls_anon_free_client_credentials( m_anoncred );
00033 }
00034
00035 void GnuTLSClientAnon::cleanup()
00036 {
00037 GnuTLSBase::cleanup();
00038 init();
00039 }
00040
00041 void GnuTLSClientAnon::init()
00042 {
00043 const int protocolPriority[] = { GNUTLS_TLS1, 0 };
00044 const int kxPriority[] = { GNUTLS_KX_ANON_DH, 0 };
00045 const int cipherPriority[] = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC,
00046 GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0 };
00047 const int compPriority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
00048 const int macPriority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
00049
00050 if( gnutls_global_init() != 0 )
00051 return;
00052
00053 if( gnutls_anon_allocate_client_credentials( &m_anoncred ) < 0 )
00054 return;
00055
00056 if( gnutls_init( m_session, GNUTLS_CLIENT ) != 0 )
00057 return;
00058
00059 gnutls_protocol_set_priority( *m_session, protocolPriority );
00060 gnutls_cipher_set_priority( *m_session, cipherPriority );
00061 gnutls_compression_set_priority( *m_session, compPriority );
00062 gnutls_kx_set_priority( *m_session, kxPriority );
00063 gnutls_mac_set_priority( *m_session, macPriority );
00064 gnutls_credentials_set( *m_session, GNUTLS_CRD_ANON, m_anoncred );
00065
00066 gnutls_transport_set_ptr( *m_session, (gnutls_transport_ptr_t)this );
00067 gnutls_transport_set_push_function( *m_session, pushFunc );
00068 gnutls_transport_set_pull_function( *m_session, pullFunc );
00069 }
00070
00071 void GnuTLSClientAnon::getCertInfo()
00072 {
00073 m_certInfo.status = CertOk;
00074
00075 const char* info;
00076 info = gnutls_compression_get_name( gnutls_compression_get( *m_session ) );
00077 if( info )
00078 m_certInfo.compression = info;
00079
00080 info = gnutls_mac_get_name( gnutls_mac_get( *m_session ) );
00081 if( info )
00082 m_certInfo.mac = info;
00083
00084 info = gnutls_cipher_get_name( gnutls_cipher_get( *m_session ) );
00085 if( info )
00086 m_certInfo.cipher = info;
00087
00088 info = gnutls_protocol_get_name( gnutls_protocol_get_version( *m_session ) );
00089 if( info )
00090 m_certInfo.protocol = info;
00091
00092 m_valid = true;
00093 }
00094
00095 }
00096
00097 #endif // HAVE_GNUTLS