gloox 1.0

tlsgnutlsclientanon.cpp

00001 /*
00002   Copyright (c) 2005-2009 by Jakob Schroeter <js@camaya.net>
00003   This file is part of the gloox library. http://camaya.net/gloox
00004 
00005   This software is distributed under a license. The full license
00006   agreement can be found in the file LICENSE in this distribution.
00007   This software may not be copied, modified, sold or distributed
00008   other than expressed in the named license agreement.
00009 
00010   This software is distributed without any warranty.
00011 */
00012 
00013 
00014 
00015 #include "tlsgnutlsclientanon.h"
00016 
00017 #ifdef HAVE_GNUTLS
00018 
00019 #include <errno.h>
00020 
00021 namespace gloox
00022 {
00023 
00024   GnuTLSClientAnon::GnuTLSClientAnon( TLSHandler* th )
00025     : GnuTLSBase( th )
00026   {
00027   }
00028 
00029   GnuTLSClientAnon::~GnuTLSClientAnon()
00030   {
00031     gnutls_anon_free_client_credentials( m_anoncred );
00032   }
00033 
00034   void GnuTLSClientAnon::cleanup()
00035   {
00036     GnuTLSBase::cleanup();
00037     init();
00038   }
00039 
00040   bool GnuTLSClientAnon::init( const std::string&,
00041                                const std::string&,
00042                                const StringList& )
00043   {
00044     const int protocolPriority[] = { GNUTLS_TLS1, 0 };
00045     const int kxPriority[]       = { GNUTLS_KX_ANON_DH, 0 };
00046     const int cipherPriority[]   = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC,
00047                                      GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0 };
00048     const int compPriority[]     = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
00049     const int macPriority[]      = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
00050 
00051     if( m_initLib && gnutls_global_init() != 0 )
00052       return false;
00053 
00054     if( gnutls_anon_allocate_client_credentials( &m_anoncred ) < 0 )
00055       return false;
00056 
00057     if( gnutls_init( m_session, GNUTLS_CLIENT ) != 0 )
00058       return false;
00059 
00060     gnutls_protocol_set_priority( *m_session, protocolPriority );
00061     gnutls_cipher_set_priority( *m_session, cipherPriority );
00062     gnutls_compression_set_priority( *m_session, compPriority );
00063     gnutls_kx_set_priority( *m_session, kxPriority );
00064     gnutls_mac_set_priority( *m_session, macPriority );
00065     gnutls_credentials_set( *m_session, GNUTLS_CRD_ANON, m_anoncred );
00066 
00067     gnutls_transport_set_ptr( *m_session, (gnutls_transport_ptr_t)this );
00068     gnutls_transport_set_push_function( *m_session, pushFunc );
00069     gnutls_transport_set_pull_function( *m_session, pullFunc );
00070 
00071     m_valid = true;
00072     return true;
00073   }
00074 
00075   void GnuTLSClientAnon::getCertInfo()
00076   {
00077     m_certInfo.status = CertOk;
00078 
00079     const char* info;
00080     info = gnutls_compression_get_name( gnutls_compression_get( *m_session ) );
00081     if( info )
00082       m_certInfo.compression = info;
00083 
00084     info = gnutls_mac_get_name( gnutls_mac_get( *m_session ) );
00085     if( info )
00086       m_certInfo.mac = info;
00087 
00088     info = gnutls_cipher_get_name( gnutls_cipher_get( *m_session ) );
00089     if( info )
00090       m_certInfo.cipher = info;
00091 
00092     info = gnutls_protocol_get_name( gnutls_protocol_get_version( *m_session ) );
00093     if( info )
00094       m_certInfo.protocol = info;
00095 
00096     m_valid = true;
00097   }
00098 
00099 }
00100 
00101 #endif // HAVE_GNUTLS