tlsgnutlsclientanon.cpp
00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015 #include "tlsgnutlsclientanon.h"
00016
00017 #ifdef HAVE_GNUTLS
00018
00019 #include <errno.h>
00020
00021 namespace gloox
00022 {
00023
00024 GnuTLSClientAnon::GnuTLSClientAnon( TLSHandler* th )
00025 : GnuTLSBase( th )
00026 {
00027 }
00028
00029 GnuTLSClientAnon::~GnuTLSClientAnon()
00030 {
00031 gnutls_anon_free_client_credentials( m_anoncred );
00032 }
00033
00034 void GnuTLSClientAnon::cleanup()
00035 {
00036 GnuTLSBase::cleanup();
00037 init();
00038 }
00039
00040 bool GnuTLSClientAnon::init( const std::string&,
00041 const std::string&,
00042 const StringList& )
00043 {
00044 const int protocolPriority[] = { GNUTLS_TLS1, 0 };
00045 const int kxPriority[] = { GNUTLS_KX_ANON_DH, 0 };
00046 const int cipherPriority[] = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC,
00047 GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0 };
00048 const int compPriority[] = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
00049 const int macPriority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
00050
00051 if( m_initLib && gnutls_global_init() != 0 )
00052 return false;
00053
00054 if( gnutls_anon_allocate_client_credentials( &m_anoncred ) < 0 )
00055 return false;
00056
00057 if( gnutls_init( m_session, GNUTLS_CLIENT ) != 0 )
00058 return false;
00059
00060 gnutls_protocol_set_priority( *m_session, protocolPriority );
00061 gnutls_cipher_set_priority( *m_session, cipherPriority );
00062 gnutls_compression_set_priority( *m_session, compPriority );
00063 gnutls_kx_set_priority( *m_session, kxPriority );
00064 gnutls_mac_set_priority( *m_session, macPriority );
00065 gnutls_credentials_set( *m_session, GNUTLS_CRD_ANON, m_anoncred );
00066
00067 gnutls_transport_set_ptr( *m_session, (gnutls_transport_ptr_t)this );
00068 gnutls_transport_set_push_function( *m_session, pushFunc );
00069 gnutls_transport_set_pull_function( *m_session, pullFunc );
00070
00071 m_valid = true;
00072 return true;
00073 }
00074
00075 void GnuTLSClientAnon::getCertInfo()
00076 {
00077 m_certInfo.status = CertOk;
00078
00079 const char* info;
00080 info = gnutls_compression_get_name( gnutls_compression_get( *m_session ) );
00081 if( info )
00082 m_certInfo.compression = info;
00083
00084 info = gnutls_mac_get_name( gnutls_mac_get( *m_session ) );
00085 if( info )
00086 m_certInfo.mac = info;
00087
00088 info = gnutls_cipher_get_name( gnutls_cipher_get( *m_session ) );
00089 if( info )
00090 m_certInfo.cipher = info;
00091
00092 info = gnutls_protocol_get_name( gnutls_protocol_get_version( *m_session ) );
00093 if( info )
00094 m_certInfo.protocol = info;
00095
00096 m_valid = true;
00097 }
00098
00099 }
00100
00101 #endif // HAVE_GNUTLS