00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015 #include "tlsgnutlsserveranon.h"
00016
00017 #ifdef HAVE_GNUTLS
00018
00019 #include <errno.h>
00020
00021 namespace gloox
00022 {
00023
00024 GnuTLSServerAnon::GnuTLSServerAnon( TLSHandler *th )
00025 : GnuTLSBase( th ), m_dhBits( 1024 )
00026 {
00027 init();
00028 }
00029
00030 GnuTLSServerAnon::~GnuTLSServerAnon()
00031 {
00032 gnutls_anon_free_server_credentials( m_anoncred );
00033 gnutls_dh_params_deinit( m_dhParams );
00034 }
00035
00036 void GnuTLSServerAnon::cleanup()
00037 {
00038 GnuTLSBase::cleanup();
00039 init();
00040 }
00041
00042 void GnuTLSServerAnon::init()
00043 {
00044 const int protocolPriority[] = { GNUTLS_TLS1, 0 };
00045 const int kxPriority[] = { GNUTLS_KX_ANON_DH, 0 };
00046 const int cipherPriority[] = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC,
00047 GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0 };
00048 const int compPriority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
00049 const int macPriority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
00050
00051 if( gnutls_global_init() != 0 )
00052 return;
00053
00054 if( gnutls_anon_allocate_server_credentials( &m_anoncred ) < 0 )
00055 return;
00056
00057 generateDH();
00058 gnutls_anon_set_server_dh_params( m_anoncred, m_dhParams );
00059
00060 if( gnutls_init( m_session, GNUTLS_SERVER ) != 0 )
00061 return;
00062
00063 gnutls_protocol_set_priority( *m_session, protocolPriority );
00064 gnutls_cipher_set_priority( *m_session, cipherPriority );
00065 gnutls_compression_set_priority( *m_session, compPriority );
00066 gnutls_kx_set_priority( *m_session, kxPriority );
00067 gnutls_mac_set_priority( *m_session, macPriority );
00068 gnutls_credentials_set( *m_session, GNUTLS_CRD_ANON, m_anoncred );
00069
00070 gnutls_dh_set_prime_bits( *m_session, m_dhBits );
00071
00072 gnutls_transport_set_ptr( *m_session, (gnutls_transport_ptr_t)this );
00073 gnutls_transport_set_push_function( *m_session, pushFunc );
00074 gnutls_transport_set_pull_function( *m_session, pullFunc );
00075 }
00076
00077 void GnuTLSServerAnon::generateDH()
00078 {
00079 gnutls_dh_params_init( &m_dhParams );
00080 gnutls_dh_params_generate2( m_dhParams, m_dhBits );
00081 }
00082
00083 void GnuTLSServerAnon::getCertInfo()
00084 {
00085 m_certInfo.status = CertOk;
00086
00087 const char* info;
00088 info = gnutls_compression_get_name( gnutls_compression_get( *m_session ) );
00089 if( info )
00090 m_certInfo.compression = info;
00091
00092 info = gnutls_mac_get_name( gnutls_mac_get( *m_session ) );
00093 if( info )
00094 m_certInfo.mac = info;
00095
00096 info = gnutls_cipher_get_name( gnutls_cipher_get( *m_session ) );
00097 if( info )
00098 m_certInfo.cipher = info;
00099
00100 info = gnutls_protocol_get_name( gnutls_protocol_get_version( *m_session ) );
00101 if( info )
00102 m_certInfo.protocol = info;
00103
00104 m_valid = true;
00105 }
00106
00107 }
00108
00109 #endif // HAVE_GNUTLS