gloox: tlsgnutlsclientanon.cpp Source File

00001 /*
00002   Copyright (c) 2005-2008 by Jakob Schroeter <js@camaya.net>
00003   This file is part of the gloox library. http://camaya.net/gloox
00004 
00005   This software is distributed under a license. The full license
00006   agreement can be found in the file LICENSE in this distribution.
00007   This software may not be copied, modified, sold or distributed
00008   other than expressed in the named license agreement.
00009 
00010   This software is distributed without any warranty.
00011 */
00012 
00013 
00014 
00015 #include "tlsgnutlsclientanon.h"
00016 
00017 #ifdef HAVE_GNUTLS
00018 
00019 #include <errno.h>
00020 
00021 namespace gloox
00022 {
00023 
00024   GnuTLSClientAnon::GnuTLSClientAnon( TLSHandler* th )
00025     : GnuTLSBase( th )
00026   {
00027   }
00028 
00029   GnuTLSClientAnon::~GnuTLSClientAnon()
00030   {
00031     gnutls_anon_free_client_credentials( m_anoncred );
00032   }
00033 
00034   void GnuTLSClientAnon::cleanup()
00035   {
00036     GnuTLSBase::cleanup();
00037     init();
00038   }
00039 
00040   bool GnuTLSClientAnon::init()
00041   {
00042     const int protocolPriority[] = { GNUTLS_TLS1, 0 };
00043     const int kxPriority[]       = { GNUTLS_KX_ANON_DH, 0 };
00044     const int cipherPriority[]   = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_CIPHER_AES_128_CBC,
00045                                      GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR, 0 };
00046     const int compPriority[]     = { GNUTLS_COMP_ZLIB, GNUTLS_COMP_NULL, 0 };
00047     const int macPriority[]      = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0 };
00048 
00049     if( m_initLib && gnutls_global_init() != 0 )
00050       return false;
00051 
00052     if( gnutls_anon_allocate_client_credentials( &m_anoncred ) < 0 )
00053       return false;
00054 
00055     if( gnutls_init( m_session, GNUTLS_CLIENT ) != 0 )
00056       return false;
00057 
00058     gnutls_protocol_set_priority( *m_session, protocolPriority );
00059     gnutls_cipher_set_priority( *m_session, cipherPriority );
00060     gnutls_compression_set_priority( *m_session, compPriority );
00061     gnutls_kx_set_priority( *m_session, kxPriority );
00062     gnutls_mac_set_priority( *m_session, macPriority );
00063     gnutls_credentials_set( *m_session, GNUTLS_CRD_ANON, m_anoncred );
00064 
00065     gnutls_transport_set_ptr( *m_session, (gnutls_transport_ptr_t)this );
00066     gnutls_transport_set_push_function( *m_session, pushFunc );
00067     gnutls_transport_set_pull_function( *m_session, pullFunc );
00068 
00069     m_valid = true;
00070     return true;
00071   }
00072 
00073   void GnuTLSClientAnon::getCertInfo()
00074   {
00075     m_certInfo.status = CertOk;
00076 
00077     const char* info;
00078     info = gnutls_compression_get_name( gnutls_compression_get( *m_session ) );
00079     if( info )
00080       m_certInfo.compression = info;
00081 
00082     info = gnutls_mac_get_name( gnutls_mac_get( *m_session ) );
00083     if( info )
00084       m_certInfo.mac = info;
00085 
00086     info = gnutls_cipher_get_name( gnutls_cipher_get( *m_session ) );
00087     if( info )
00088       m_certInfo.cipher = info;
00089 
00090     info = gnutls_protocol_get_name( gnutls_protocol_get_version( *m_session ) );
00091     if( info )
00092       m_certInfo.protocol = info;
00093 
00094     m_valid = true;
00095   }
00096 
00097 }
00098 
00099 #endif // HAVE_GNUTLS