tlsgnutlsserveranon.cpp

00001 /*
00002   Copyright (c) 2005-2008 by Jakob Schroeter <js@camaya.net>
00003   This file is part of the gloox library. http://camaya.net/gloox
00004 
00005   This software is distributed under a license. The full license
00006   agreement can be found in the file LICENSE in this distribution.
00007   This software may not be copied, modified, sold or distributed
00008   other than expressed in the named license agreement.
00009 
00010   This software is distributed without any warranty.
00011 */
00012 
00013 
00014 
00015 #include "tlsgnutlsserveranon.h"
00016 
00017 #ifdef HAVE_GNUTLS
00018 
00019 #include <errno.h>
00020 
00021 namespace gloox
00022 {
00023 
00024   GnuTLSServerAnon::GnuTLSServerAnon( TLSHandler *th )
00025     : GnuTLSBase( th ), m_dhBits( 1024 )
00026   {
00027     init();
00028   }
00029 
00030   GnuTLSServerAnon::~GnuTLSServerAnon()
00031   {
00032     gnutls_anon_free_server_credentials( m_anoncred );
00033     gnutls_dh_params_deinit( m_dhParams );
00034   }
00035 
00036   void GnuTLSServerAnon::cleanup()
00037   {
00038     GnuTLSBase::cleanup();
00039     init();
00040   }
00041 
00042   void GnuTLSServerAnon::init()
00043   {
00044     const int protocolPriority[] = { GNUTLS_TLS1, 0 };
00045     const int kxPriority[]       = { GNUTLS_KX_ANON_DH, 0 };
00046     const int cipherPriority[]   = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC,
00047                                      GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0 };
00048     const int compPriority[]     = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
00049     const int macPriority[]      = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
00050 
00051     if( gnutls_global_init() != 0 )
00052       return;
00053 
00054     if( gnutls_anon_allocate_server_credentials( &m_anoncred ) < 0 )
00055       return;
00056 
00057     generateDH();
00058     gnutls_anon_set_server_dh_params( m_anoncred, m_dhParams );
00059 
00060     if( gnutls_init( m_session, GNUTLS_SERVER ) != 0 )
00061       return;
00062 
00063     gnutls_protocol_set_priority( *m_session, protocolPriority );
00064     gnutls_cipher_set_priority( *m_session, cipherPriority );
00065     gnutls_compression_set_priority( *m_session, compPriority );
00066     gnutls_kx_set_priority( *m_session, kxPriority );
00067     gnutls_mac_set_priority( *m_session, macPriority );
00068     gnutls_credentials_set( *m_session, GNUTLS_CRD_ANON, m_anoncred );
00069 
00070     gnutls_dh_set_prime_bits( *m_session, m_dhBits );
00071 
00072     gnutls_transport_set_ptr( *m_session, (gnutls_transport_ptr_t)this );
00073     gnutls_transport_set_push_function( *m_session, pushFunc );
00074     gnutls_transport_set_pull_function( *m_session, pullFunc );
00075   }
00076 
00077   void GnuTLSServerAnon::generateDH()
00078   {
00079     gnutls_dh_params_init( &m_dhParams );
00080     gnutls_dh_params_generate2( m_dhParams, m_dhBits );
00081   }
00082 
00083   void GnuTLSServerAnon::getCertInfo()
00084   {
00085     m_certInfo.status = CertOk;
00086 
00087     const char* info;
00088     info = gnutls_compression_get_name( gnutls_compression_get( *m_session ) );
00089     if( info )
00090       m_certInfo.compression = info;
00091 
00092     info = gnutls_mac_get_name( gnutls_mac_get( *m_session ) );
00093     if( info )
00094       m_certInfo.mac = info;
00095 
00096     info = gnutls_cipher_get_name( gnutls_cipher_get( *m_session ) );
00097     if( info )
00098       m_certInfo.cipher = info;
00099 
00100     info = gnutls_protocol_get_name( gnutls_protocol_get_version( *m_session ) );
00101     if( info )
00102       m_certInfo.protocol = info;
00103 
00104     m_valid = true;
00105   }
00106 
00107 }
00108 
00109 #endif // HAVE_GNUTLS

Generated on Mon Dec 7 13:28:19 2009 for gloox by  doxygen 1.6.1