r3289 - in trunk: libmcrypto libmcrypto/include/libmcrypto libmcrypto/source libmnetutil libmnetutil/include libmnetutil/include/libmnetutil libmnetutil/source
erik at minisip.org
erik at minisip.org
Thu Jun 7 10:24:50 CEST 2007
Author: erik
Date: 2007-06-07 10:24:49 +0200 (Thu, 07 Jun 2007)
New Revision: 3289
Added:
trunk/libmcrypto/include/libmcrypto/TlsSrpSocket.h
trunk/libmcrypto/source/TlsSrpSocket.cxx
Removed:
trunk/libmnetutil/include/libmnetutil/TlsSrpSocket.h
trunk/libmnetutil/source/TlsSrpSocket.cxx
Modified:
trunk/libmcrypto/configure.ac
trunk/libmcrypto/include/libmcrypto/Makefile.am
trunk/libmcrypto/source/Makefile.am
trunk/libmcrypto/source/cert.cxx
trunk/libmnetutil/Makefile.am
trunk/libmnetutil/configure.ac
trunk/libmnetutil/include/Makefile.am
Log:
* Fix SRP support.
* Added a few assertions to the certificate members
Modified: trunk/libmcrypto/configure.ac
===================================================================
--- trunk/libmcrypto/configure.ac 2007-05-22 20:08:46 UTC (rev 3288)
+++ trunk/libmcrypto/configure.ac 2007-06-07 08:24:49 UTC (rev 3289)
@@ -63,7 +63,20 @@
])
AM_CONDITIONAL(ENABLE_SCSIM, test "${ENABLE_SCSIM}" = "yes" )
+AC_ARG_ENABLE(srp,
+ AS_HELP_STRING([--enable-srp],
+ [enables TLS-SRP support]),
+ [ if test "${enable_srp}" = "yes"
+ then
+ AC_DEFINE(ENABLE_SRP, [], [TLS-SRP support is enabled])
+ ENABLE_SRP="yes"
+ fi
+ ])
+AM_CONDITIONAL(ENABLE_SRP, test "${ENABLE_SRP}" = "yes" )
+
+
+
dnl Checks for header files.
AC_HEADER_STDC
AC_CHECK_HEADERS([malloc.h stdlib.h string.h unistd.h])
Modified: trunk/libmcrypto/include/libmcrypto/Makefile.am
===================================================================
--- trunk/libmcrypto/include/libmcrypto/Makefile.am 2007-05-22 20:08:46 UTC (rev 3288)
+++ trunk/libmcrypto/include/libmcrypto/Makefile.am 2007-06-07 08:24:49 UTC (rev 3289)
@@ -19,7 +19,13 @@
SmartCardException.h
endif
+srp_src =
+if ENABLE_SRP
+srp_src += TlsSrpSocket.h
+endif
+
+
pkginclude_HEADERS = \
aes.h \
SipSim.h \
@@ -28,6 +34,7 @@
init.h \
$(scsim_src) \
base64.h \
+ $(srp_src)
hmac.h \
OakleyDH.h \
rand.h \
Copied: trunk/libmcrypto/include/libmcrypto/TlsSrpSocket.h (from rev 3278, trunk/libmnetutil/include/libmnetutil/TlsSrpSocket.h)
===================================================================
--- trunk/libmcrypto/include/libmcrypto/TlsSrpSocket.h (rev 0)
+++ trunk/libmcrypto/include/libmcrypto/TlsSrpSocket.h 2007-06-07 08:24:49 UTC (rev 3289)
@@ -0,0 +1,47 @@
+/*
+ * Copyright (C) 2004-2006 the Minisip Team
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * */
+
+/* Copyright (C) 2006
+ *
+ * Authors: Erik Ehrlund <eehrlund at kth.se>
+*/
+
+
+
+#include <gnutls/gnutls.h>
+#include <gnutls/extra.h>
+#include <string>
+#include <libmnetutil/StreamSocket.h>
+#include <libmnetutil/IPAddress.h>
+
+class TlsSrpSocket : public StreamSocket
+{
+
+ public:
+ TlsSrpSocket(std::string addrs, int32_t port, std::string user, std::string pass);
+ virtual ~TlsSrpSocket();
+ virtual int32_t write(const void *msg, int length);
+ virtual int32_t write(std::string msg);
+ virtual int32_t read (void *buf, int length);
+ private:
+ void TlsSrpSocketSrp_init(std::string addrs, int32_t port, std::string user, std::string pass);
+ gnutls_session_t session;
+ int fd;
+ gnutls_srp_client_credentials_t srp_cred;
+
+};
Modified: trunk/libmcrypto/source/Makefile.am
===================================================================
--- trunk/libmcrypto/source/Makefile.am 2007-05-22 20:08:46 UTC (rev 3288)
+++ trunk/libmcrypto/source/Makefile.am 2007-06-07 08:24:49 UTC (rev 3289)
@@ -28,7 +28,12 @@
SmartCardException.cxx
endif
+srp_src =
+if ENABLE_SRP
+srp_src += TlsSrpSocket.cxx
+endif
+
libmcrypto_core_la_SOURCES = \
aes.cxx \
SipSim.cxx \
@@ -37,6 +42,7 @@
init.cxx \
$(scsim_src) \
base64.cxx \
+ $(srp_src) \
TlsException.cxx \
uuid.cxx \
rijndael-alg-fst.cxx
Copied: trunk/libmcrypto/source/TlsSrpSocket.cxx (from rev 3278, trunk/libmnetutil/source/TlsSrpSocket.cxx)
===================================================================
--- trunk/libmcrypto/source/TlsSrpSocket.cxx (rev 0)
+++ trunk/libmcrypto/source/TlsSrpSocket.cxx 2007-06-07 08:24:49 UTC (rev 3289)
@@ -0,0 +1,178 @@
+/*
+ * Copyright (C) 2004-2006 the Minisip Team
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * */
+
+/* Copyright (C) 2006
+ *
+ * Authors: Erik Ehrlund <eehrlund at kth.se>
+*/
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/extra.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <iostream>
+#include <string>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <errno.h>
+#include <netdb.h>
+
+#include<libmcrypto/TlsSrpSocket.h>
+#include<libmcrypto/TlsException.h>
+#include<libmnetutil/NetworkException.h>
+using namespace std;
+
+
+/************************************************************************/
+void checkErr(int a)
+{
+ if(a<0)
+ {
+ perror("An error has occured");
+ throw TLSInitFailed();
+ return;
+ }
+}
+
+/************************************************************************/
+const int kx_priority[] =
+{
+ GNUTLS_KX_SRP, 0
+};
+
+/*********************************************************************************/
+/* constructor*/
+TlsSrpSocket::TlsSrpSocket(string addrs, int32_t port, string user, string pass)
+{
+ TlsSrpSocket::TlsSrpSocketSrp_init(addrs, port, user, pass);
+}
+
+/*********************************************************************************/
+TlsSrpSocket::~TlsSrpSocket()
+{
+ gnutls_bye (session, GNUTLS_SHUT_WR);
+ gnutls_deinit (session);
+ gnutls_srp_free_client_credentials (srp_cred);
+ gnutls_global_deinit ();
+ ::close(fd);
+}
+
+/*********************************************************************************/
+void TlsSrpSocket::TlsSrpSocketSrp_init(string addrs, int32_t port, string user, string pass)
+{
+
+ int err=0;
+ const char *usr = user.c_str();
+ const char *passw = pass.c_str();
+ const char *address = addrs.c_str();
+ /* init gnutls */
+ gnutls_global_init ();
+ gnutls_global_init_extra ();
+ gnutls_srp_allocate_client_credentials (&srp_cred);
+ gnutls_srp_set_client_credentials (srp_cred, usr, passw);
+
+ /* fix dest address */
+ struct in_addr *dstaddr;
+ struct hostent *hst;
+ struct sockaddr_in addr;
+
+ memset (&addr, '\0', sizeof (addr));
+ //cout<<"IPAddress: "<<address<<" usr: "<<usr<<" passw: "<<passw<<endl;
+ hst = gethostbyname(address);
+ if(hst ==NULL)
+ {
+ perror("Could not resolve host address");
+ throw ResolvError(-1);
+ return;
+ }
+
+ dstaddr = (struct in_addr *)hst->h_addr;
+ memcpy(&(addr.sin_addr), dstaddr, sizeof(struct in_addr));
+
+ addr.sin_family=AF_INET;
+ addr.sin_port = htons(port);
+ memset(&(addr.sin_zero), '\0', 8);
+
+ /* fix socket desc*/
+
+ fd = socket(PF_INET, SOCK_STREAM, 0);
+ if(fd<0){
+ throw SocketFailed( -1 );
+ return;
+ }
+ err = connect(fd, (struct sockaddr *)&addr, sizeof(struct sockaddr));
+ if(err<0)
+ {
+ ::close(fd);
+ throw ConnectFailed(-1);
+ return;
+ }
+
+
+ err = gnutls_init (&session, GNUTLS_CLIENT);
+ checkErr(err);
+
+ err= gnutls_set_default_priority (session); //use default cipher, mac and key exchange
+ checkErr(err);
+
+ err = gnutls_kx_set_priority (session, kx_priority); //overides default key exchange
+ checkErr(err);
+
+ err = gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred);
+ checkErr(err);
+
+ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd);
+
+ err = gnutls_handshake (session);
+ if (err<0)
+ {
+ perror("****** HANDSHAKE FAILED ********");
+ gnutls_perror(err);
+ throw "handshake failed";
+ return;
+ }
+ return;
+}
+
+/********************************************************************************/
+
+int32_t TlsSrpSocket::write(const void *msg, int length)
+{
+ int a ;
+ a = gnutls_record_send (session, msg , length);
+ return a;
+}
+/*********************************************************************************/
+int32_t TlsSrpSocket::write(string msg)
+{
+ int a ;
+ a = gnutls_record_send (session, msg.c_str(), msg.size());
+ return a;
+}
+
+/*********************************************************************************/
+int32_t TlsSrpSocket::read (void *buf, int maxlength)
+{
+ int recv;
+ recv = gnutls_record_recv (session, buf, maxlength);
+ return recv;
+}
Modified: trunk/libmcrypto/source/cert.cxx
===================================================================
--- trunk/libmcrypto/source/cert.cxx 2007-05-22 20:08:46 UTC (rev 3288)
+++ trunk/libmcrypto/source/cert.cxx 2007-06-07 08:24:49 UTC (rev 3289)
@@ -53,6 +53,7 @@
}
string certificate::get_pk_file(){
+ massert(m_pk);
return m_pk->get_file();
}
@@ -63,6 +64,11 @@
unsigned char *enckey,
int enckeylgth,
unsigned char *iv){
+ massert(m_pk);
+ massert(data);
+ massert(retdata);
+ massert(enckey);
+ massert(iv);
return m_pk->denvelope_data( data, size, retdata, retsize,
enckey, enckeylgth, iv );
}
@@ -70,11 +76,13 @@
int certificate::sign_data( unsigned char * data, int data_length,
unsigned char * sign,
int * sign_length ){
+ massert(m_pk);
return m_pk->sign_data( data, data_length, sign, sign_length );
}
int certificate::private_decrypt(const unsigned char *data, int size,
unsigned char *retdata, int *retsize){
+ massert(m_pk);
return m_pk->private_decrypt( data, size, retdata, retsize );
}
Modified: trunk/libmnetutil/Makefile.am
===================================================================
--- trunk/libmnetutil/Makefile.am 2007-05-22 20:08:46 UTC (rev 3288)
+++ trunk/libmnetutil/Makefile.am 2007-06-07 08:24:49 UTC (rev 3289)
@@ -25,11 +25,6 @@
source/NetworkFunctionsWin32.cxx
endif OS_WIN
-srp_src =
-if ENABLE_SRP
-srp_src += source/TlsSrpSocket.cxx
-endif
-
ipv6_src =
if HAVE_IPV6
ipv6_src += \
@@ -43,7 +38,6 @@
source/IPAddress.cxx \
source/IP4Address.cxx \
source/IP4ServerSocket.cxx \
- $(srp_src) \
$(ipv6_src) \
source/NetworkException.cxx \
source/NetworkFunctions.cxx \
Modified: trunk/libmnetutil/configure.ac
===================================================================
--- trunk/libmnetutil/configure.ac 2007-05-22 20:08:46 UTC (rev 3288)
+++ trunk/libmnetutil/configure.ac 2007-06-07 08:24:49 UTC (rev 3289)
@@ -27,17 +27,6 @@
AC_CHECK_HEADERS([ifaddrs.h netdb.h sys/socket.h])
AM_MINISIP_CHECK_IPV6
-AC_ARG_ENABLE(srp,
- AS_HELP_STRING([--enable-srp],
- [enables TLS-SRP support]),
- [ if test "${enable_srp}" = "yes"
- then
- AC_DEFINE(ENABLE_SRP, [], [TLS-SRP support is enabled])
- ENABLE_SRP="yes"
- fi
- ])
-AM_CONDITIONAL(ENABLE_SRP, test "${ENABLE_SRP}" = "yes" )
-
AG_CHECK_POSIX_REGCOMP
AM_CONDITIONAL(HAVE_POSIX_REGCOMP, test "${ag_cv_posix_regcomp}" = "yes")
Modified: trunk/libmnetutil/include/Makefile.am
===================================================================
--- trunk/libmnetutil/include/Makefile.am 2007-05-22 20:08:46 UTC (rev 3288)
+++ trunk/libmnetutil/include/Makefile.am 2007-06-07 08:24:49 UTC (rev 3289)
@@ -1,10 +1,4 @@
-srp_src =
-if ENABLE_SRP
-srp_src += libmnetutil/TlsSrpSocket.h
-endif
-
pkginclude_HEADERS = \
- $(srp_src) \
libmnetutil/init.h \
libmnetutil/DnsNaptr.h \
libmnetutil/IPAddress.h \
Deleted: trunk/libmnetutil/include/libmnetutil/TlsSrpSocket.h
===================================================================
--- trunk/libmnetutil/include/libmnetutil/TlsSrpSocket.h 2007-05-22 20:08:46 UTC (rev 3288)
+++ trunk/libmnetutil/include/libmnetutil/TlsSrpSocket.h 2007-06-07 08:24:49 UTC (rev 3289)
@@ -1,47 +0,0 @@
-/*
- * Copyright (C) 2004-2006 the Minisip Team
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- * */
-
-/* Copyright (C) 2006
- *
- * Authors: Erik Ehrlund <eehrlund at kth.se>
-*/
-
-
-
-#include <gnutls/gnutls.h>
-#include <gnutls/extra.h>
-#include <string>
-#include <libmnetutil/StreamSocket.h>
-#include <libmnetutil/IP4Address.h>
-
-class TlsSrpSocket : public StreamSocket
-{
-
- public:
- TlsSrpSocket(std::string addrs, int32_t port, std::string user, std::string pass);
- virtual ~TlsSrpSocket();
- virtual int32_t write(const void *msg, int length);
- virtual int32_t write(std::string msg);
- virtual int32_t read (void *buf, int length);
- private:
- void TlsSrpSocketSrp_init(std::string addrs, int32_t port, std::string user, std::string pass);
- gnutls_session_t session;
- int fd;
- gnutls_srp_client_credentials_t srp_cred;
-
-};
Deleted: trunk/libmnetutil/source/TlsSrpSocket.cxx
===================================================================
--- trunk/libmnetutil/source/TlsSrpSocket.cxx 2007-05-22 20:08:46 UTC (rev 3288)
+++ trunk/libmnetutil/source/TlsSrpSocket.cxx 2007-06-07 08:24:49 UTC (rev 3289)
@@ -1,177 +0,0 @@
-/*
- * Copyright (C) 2004-2006 the Minisip Team
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- * */
-
-/* Copyright (C) 2006
- *
- * Authors: Erik Ehrlund <eehrlund at kth.se>
-*/
-
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <gnutls/gnutls.h>
-#include <gnutls/extra.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <iostream>
-#include <string>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <errno.h>
-#include <netdb.h>
-
-#include <libmnetutil/TlsSrpSocket.h>
-#include<libmnetutil/NetworkException.h>
-using namespace std;
-
-
-/************************************************************************/
-void checkErr(int a)
-{
- if(a<0)
- {
- perror("An error has occured");
- throw TLSInitFailed();
- return;
- }
-}
-
-/************************************************************************/
-const int kx_priority[] =
-{
- GNUTLS_KX_SRP, 0
-};
-
-/*********************************************************************************/
-/* constructor*/
-TlsSrpSocket::TlsSrpSocket(string addrs, int32_t port, string user, string pass)
-{
- TlsSrpSocket::TlsSrpSocketSrp_init(addrs, port, user, pass);
-}
-
-/*********************************************************************************/
-TlsSrpSocket::~TlsSrpSocket()
-{
- gnutls_bye (session, GNUTLS_SHUT_WR);
- gnutls_deinit (session);
- gnutls_srp_free_client_credentials (srp_cred);
- gnutls_global_deinit ();
- ::close(fd);
-}
-
-/*********************************************************************************/
-void TlsSrpSocket::TlsSrpSocketSrp_init(string addrs, int32_t port, string user, string pass)
-{
-
- int err=0;
- const char *usr = user.c_str();
- const char *passw = pass.c_str();
- const char *address = addrs.c_str();
- /* init gnutls */
- gnutls_global_init ();
- gnutls_global_init_extra ();
- gnutls_srp_allocate_client_credentials (&srp_cred);
- gnutls_srp_set_client_credentials (srp_cred, usr, passw);
-
- /* fix dest address */
- struct in_addr *dstaddr;
- struct hostent *hst;
- struct sockaddr_in addr;
-
- memset (&addr, '\0', sizeof (addr));
- //cout<<"IPAddress: "<<address<<" usr: "<<usr<<" passw: "<<passw<<endl;
- hst = gethostbyname(address);
- if(hst ==NULL)
- {
- perror("Could not resolve host address");
- throw ResolvError(-1);
- return;
- }
-
- dstaddr = (struct in_addr *)hst->h_addr;
- memcpy(&(addr.sin_addr), dstaddr, sizeof(struct in_addr));
-
- addr.sin_family=AF_INET;
- addr.sin_port = htons(port);
- memset(&(addr.sin_zero), '\0', 8);
-
- /* fix socket desc*/
-
- fd = socket(PF_INET, SOCK_STREAM, 0);
- if(fd<0){
- throw SocketFailed( -1 );
- return;
- }
- err = connect(fd, (struct sockaddr *)&addr, sizeof(struct sockaddr));
- if(err<0)
- {
- ::close(fd);
- throw ConnectFailed(-1);
- return;
- }
-
-
- err = gnutls_init (&session, GNUTLS_CLIENT);
- checkErr(err);
-
- err= gnutls_set_default_priority (session); //use default cipher, mac and key exchange
- checkErr(err);
-
- err = gnutls_kx_set_priority (session, kx_priority); //overides default key exchange
- checkErr(err);
-
- err = gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred);
- checkErr(err);
-
- gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd);
-
- err = gnutls_handshake (session);
- if (err<0)
- {
- perror("****** HANDSHAKE FAILED ********");
- gnutls_perror(err);
- throw "handshake failed";
- return;
- }
- return;
-}
-
-/********************************************************************************/
-
-int32_t TlsSrpSocket::write(const void *msg, int length)
-{
- int a ;
- a = gnutls_record_send (session, msg , length);
- return a;
-}
-/*********************************************************************************/
-int32_t TlsSrpSocket::write(string msg)
-{
- int a ;
- a = gnutls_record_send (session, msg.c_str(), msg.size());
- return a;
-}
-
-/*********************************************************************************/
-int32_t TlsSrpSocket::read (void *buf, int maxlength)
-{
- int recv;
- recv = gnutls_record_recv (session, buf, maxlength);
- return recv;
-}
More information about the Minisip-devel
mailing list