[vlc-commits] tls: add service parameter for handshake

Rémi Denis-Courmont git at videolan.org
Sun Sep 30 15:45:16 CEST 2012 

vlc | branch: master | Rémi Denis-Courmont <remi at remlab.net> | Sun Sep 30 14:34:53 2012 +0300| [c8d471d5ec9d526971b76a7a80958b0244b4c948] | committer: Rémi Denis-Courmont

tls: add service parameter for handshake

This will be used for fine-grained GnuTLS stored public keys,
i.e. SSH-like authentication on first use.

> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=c8d471d5ec9d526971b76a7a80958b0244b4c948
---

 include/vlc_tls.h     |    6 +++---
 modules/access/http.c |    2 +-
 modules/misc/gnutls.c |   13 ++++++++-----
 src/network/httpd.c   |    2 +-
 src/network/tls.c     |    9 +++++----
 5 files changed, 18 insertions(+), 14 deletions(-)

diff --git a/include/vlc_tls.h b/include/vlc_tls.h
index e3f9e32..e9db9cc 100644
--- a/include/vlc_tls.h
+++ b/include/vlc_tls.h
@@ -42,13 +42,13 @@ struct vlc_tls
     vlc_tls_sys_t *sys;
 
     struct virtual_socket_t sock;
-    int  (*handshake) (vlc_tls_t *, const char *host);
+    int  (*handshake) (vlc_tls_t *, const char *host, const char *service);
 };
 
 VLC_API vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *, int fd,
-                                                const char *host);
+                                        const char *host, const char *service);
 vlc_tls_t *vlc_tls_SessionCreate (vlc_tls_creds_t *, int fd, const char *host);
-int vlc_tls_SessionHandshake (vlc_tls_t *, const char *host);
+int vlc_tls_SessionHandshake (vlc_tls_t *, const char *host, const char *serv);
 VLC_API void vlc_tls_SessionDelete (vlc_tls_t *);
 
 /* NOTE: It is assumed that a->sock.p_sys = a */
diff --git a/modules/access/http.c b/modules/access/http.c
index 226333b..d74bbb1 100644
--- a/modules/access/http.c
+++ b/modules/access/http.c
@@ -1225,7 +1225,7 @@ static int Connect( access_t *p_access, uint64_t i_tell )
 
         /* TLS/SSL handshake */
         p_sys->p_tls = vlc_tls_ClientSessionCreate( p_sys->p_creds, p_sys->fd,
-                                                    p_sys->url.psz_host );
+                                                p_sys->url.psz_host, "https" );
         if( p_sys->p_tls == NULL )
         {
             msg_Err( p_access, "cannot establish HTTP/TLS session" );
diff --git a/modules/misc/gnutls.c b/modules/misc/gnutls.c
index 3946c7a..56124cb 100644
--- a/modules/misc/gnutls.c
+++ b/modules/misc/gnutls.c
@@ -214,7 +214,8 @@ static int gnutls_Recv (void *opaque, void *buf, size_t length)
  * 1 if more would-be blocking recv is needed,
  * 2 if more would-be blocking send is required.
  */
-static int gnutls_ContinueHandshake (vlc_tls_t *session, const char *host)
+static int gnutls_ContinueHandshake (vlc_tls_t *session, const char *host,
+                                     const char *service)
 {
     vlc_tls_sys_t *sys = session->sys;
     int val;
@@ -236,7 +237,7 @@ static int gnutls_ContinueHandshake (vlc_tls_t *session, const char *host)
     }
 
     sys->handshaked = true;
-    (void) host;
+    (void) host; (void) service;
     return 0;
 }
 
@@ -307,11 +308,12 @@ static struct
 };
 
 
-static int gnutls_HandshakeAndValidate (vlc_tls_t *session, const char *host)
+static int gnutls_HandshakeAndValidate (vlc_tls_t *session, const char *host,
+                                        const char *service)
 {
     vlc_tls_sys_t *sys = session->sys;
 
-    int val = gnutls_ContinueHandshake (session, host);
+    int val = gnutls_ContinueHandshake (session, host, service);
     if (val)
         return val;
 
@@ -418,7 +420,8 @@ struct vlc_tls_creds_sys
 {
     gnutls_certificate_credentials_t x509_cred;
     gnutls_dh_params_t dh_params; /* XXX: used for server only */
-    int (*handshake) (vlc_tls_t *, const char *); /* XXX: useful for server only */
+    int (*handshake) (vlc_tls_t *, const char *, const char *);
+        /* ^^ XXX: useful for server only */
 };
 
 
diff --git a/src/network/httpd.c b/src/network/httpd.c
index 5b97ea9..f76c47c 100644
--- a/src/network/httpd.c
+++ b/src/network/httpd.c
@@ -1880,7 +1880,7 @@ static void httpd_ClientSend( httpd_client_t *cl )
 
 static void httpd_ClientTlsHandshake( httpd_client_t *cl )
 {
-    switch( vlc_tls_SessionHandshake( cl->p_tls, NULL ) )
+    switch( vlc_tls_SessionHandshake( cl->p_tls, NULL, NULL ) )
     {
         case 0:
             cl->i_state = HTTPD_CLIENT_RECEIVING;
diff --git a/src/network/tls.c b/src/network/tls.c
index 97e5556..c553905 100644
--- a/src/network/tls.c
+++ b/src/network/tls.c
@@ -180,9 +180,10 @@ void vlc_tls_SessionDelete (vlc_tls_t *session)
     vlc_object_release (session);
 }
 
-int vlc_tls_SessionHandshake (vlc_tls_t *session, const char *host)
+int vlc_tls_SessionHandshake (vlc_tls_t *session, const char *host,
+                              const char *service)
 {
-    return session->handshake (session, host);
+    return session->handshake (session, host, service);
 }
 
 /**
@@ -196,7 +197,7 @@ int vlc_tls_SessionHandshake (vlc_tls_t *session, const char *host)
  * @return NULL on error.
  **/
 vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *crd, int fd,
-                                        const char *host)
+                                        const char *host, const char *service)
 {
     vlc_tls_t *session = vlc_tls_SessionCreate (crd, fd, host);
     if (session == NULL)
@@ -204,7 +205,7 @@ vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *crd, int fd,
 
     int val;
     do
-        val = vlc_tls_SessionHandshake (session, host);
+        val = vlc_tls_SessionHandshake (session, host, service);
     while (val > 0);
 
     if (val != 0)

More information about the vlc-commits mailing list