From joe at x2a.org Wed Sep 1 02:32:16 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Tue, 31 Aug 2010 20:32:16 -0400 Subject: [PULL][PATCH] Small buffering fixes, start of recv side cleanup In-Reply-To: <4C7AA79A.4070404@gnutls.org> References: <4C771E72.3030204@x2a.org> <4C7AA79A.4070404@gnutls.org> Message-ID: <4C7D9F10.5090000@x2a.org> On 2010-08-29 14:31, Nikos Mavrogiannopoulos wrote: > On 08/27/2010 04:09 AM, Jonathan Bastien-Filiatrault wrote: >> Greetings, >> >> I have started work again on DTLS. This needs preparation on the read >> side in order to be able to receive datagrams in whole chunks at once. >> >> The first 5 commits include fixes and documentation for every function. >> The last 3 are the actual changes on the read side. The diffstat would >> be negative if the documentation was not added. > > Hi and thank you! My question would be how would you move on. That is > what would be your next (planned) moves in adding DTLS? My pleasure, I am currently working on getting GnuTLS to receive datagram-sized chunks and adapting the record layer so that records cannot span datagrams when using DTLS. Towards that goal, I have forward-ported my old (1 year+) patches to the current master branch. My current progress is here (broken code warning in full effect): http://github.com/jothan/gnutls/commits/rebase%2Fdtls/ The handshake buffering code in those patches needs to be completely redone. The next steps are the recv + record side work I mentionned above. After that, I will need to add HelloVerifyRequest processing. At that point, I should be very close to (drum roll...) achieving the first inter-implementation Free Software DTLS handshake between OpenSSL and GnuTLS. Many issues regarding timeout and retransmission issues are yet to be solved. The division of responsibilities between the application and the library regarding those issues are pretty much still in the air. Regarding the patches, would it help you and Simon if I mail patches series individually instead or in addition to requesting a git-pull ? It might more accessible to others for comment and review. > regards, > Nikos Cheers, Jonathan From schwab at linux-m68k.org Sun Sep 5 10:06:09 2010 From: schwab at linux-m68k.org (Andreas Schwab) Date: Sun, 05 Sep 2010 10:06:09 +0200 Subject: Emacs core TLS support In-Reply-To: <8762yklrdk.fsf@lifelogs.com> (Ted Zlatanov's message of "Sat, 04 Sep 2010 23:57:11 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> Message-ID: Ted Zlatanov writes: > +int > +emacs_gnutls_write (int fildes, gnutls_session_t state, char *buf, > + unsigned int nbyte) > +{ > + register int rtnval, bytes_written; > + > + puts("emacs_gnutls_write"); You should remove the debugging output. > +DEFUN ("gnutls-init", Fgnutls_init, Sgnutls_init, 2, 2, 0, > + doc: /* Initializes GNU TLS for process PROC for use as CONNECTION-END. > +CONNECTION-END is used to indicate if this process is as a server or > +client. Can be one of `gnutls-client' and `gnutls-server'. Currently > +only `gnutls-client' is supported. > + > +Processes must be initialized with this function before other GNU TLS > +functions are used. This function allocates resources which can only > +be deallocated by calling `gnutls-deinit'. Returns zero on success. */) > + (Lisp_Object proc, Lisp_Object connection_end) > +{ > + int ret; > + > + CHECK_PROCESS (proc); > + > + ret = gnutls_init((gnutls_session_t*)&(XPROCESS(proc)->gnutls_state), Aliasing violation. > + connection_end); > + > + return XINT(ret); IMHO all your functions should return t on success and either some error symbol on failure or even raise an error. > +DEFUN ("gnutls-cred-set", Fgnutls_cred_set, > + Sgnutls_cred_set, 2, 2, 0, > + doc: /* Enables GNU TLS authentication for PROCESS. > +TYPE is an integer indicating the type of the credentials, either > +`gnutls-anon', `gnutls-srp' or `gnutls-x509pki'. > + > +Each authentication type may need additional information in order to > +work. For anonymous (`gnutls-anon'), see also > +`gnutls-anon-set-client-cred'. For SRP (`gnutls-srp'), see also > +`gnutls-srp-set-client-cred'. For X.509 PKI (`gnutls-x509pki'), see > +also `gnutls-x509pki-set-client-trust-file', > +`gnutls-x509pki-set-client-key-file', and > +`gnutls-x509pki-set-cert-callback'. */) > + (Lisp_Object proc, Lisp_Object type) > +{ > + gnutls_session_t state; > + gnutls_certificate_credentials_t x509_cred; > + gnutls_anon_client_credentials_t anon_cred; > + gnutls_srp_client_credentials_t srp_cred; > + int ret; > + > + CHECK_PROCESS (proc); > + state = (gnutls_session_t) XPROCESS(proc)->gnutls_state; > + > + x509_cred = (gnutls_certificate_client_credentials) XPROCESS(proc)->x509_cred; > + anon_cred = (gnutls_anon_client_credentials_t) XPROCESS(proc)->anon_cred; > + srp_cred = (gnutls_srp_client_credentials_t) XPROCESS(proc)->srp_cred; > + > + switch (XINT (type)) Need to check type. > + return XINT(ret); return make_number (ret); > + // defsubr (&Sgnutls_x509pki_set_client_key_file); > + // defsubr (&Sgnutls_x509pki_set_client_trust_file); > + // defsubr (&Sgnutls_srp_set_client_cred); > + // defsubr (&Sgnutls_anon_set_client_cred); No C99. > === added file 'src/gnutls.h' > --- src/gnutls.h 1970-01-01 00:00:00 +0000 > +++ src/gnutls.h 2010-09-05 04:42:32 +0000 > @@ -0,0 +1,4 @@ > +#ifdef HAVE_GNUTLS > +#include > + > +#endif I don't see the point of this header. > === modified file 'src/process.h' > --- src/process.h 2010-08-11 12:34:46 +0000 > +++ src/process.h 2010-09-05 04:42:32 +0000 > @@ -121,6 +121,14 @@ > needs to be synced to `status'. */ > unsigned int raw_status_new : 1; > int raw_status; > + > +#ifdef HAVE_GNUTLS > + /* XXX Store GNU TLS state and auth mechanisms in Lisp_Objects. */ > + Lisp_Object gnutls_state; > + Lisp_Object x509_cred, x509_callback; > + Lisp_Object anon_cred; > + Lisp_Object srp_cred; > +#endif None of them should be Lisp_Objects. Also make sure the resources are properly released when the process object is deleted. Andreas. -- Andreas Schwab, schwab at linux-m68k.org GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." From schwab at linux-m68k.org Mon Sep 6 09:47:22 2010 From: schwab at linux-m68k.org (Andreas Schwab) Date: Mon, 06 Sep 2010 09:47:22 +0200 Subject: Emacs core TLS support In-Reply-To: (Stefan Monnier's message of "Mon, 06 Sep 2010 00:47:39 +0200") References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> Message-ID: Stefan Monnier writes: > I recommend you compile your Emacs with -DUSE_LISP_UNION_TYPE which will Or configure with --enable-use-lisp-union-type. Andreas. -- Andreas Schwab, schwab at linux-m68k.org GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." From schwab at linux-m68k.org Mon Sep 6 17:53:46 2010 From: schwab at linux-m68k.org (Andreas Schwab) Date: Mon, 06 Sep 2010 17:53:46 +0200 Subject: Emacs core TLS support In-Reply-To: <87wrqzhrjv.fsf@lifelogs.com> (Ted Zlatanov's message of "Mon, 06 Sep 2010 09:31:32 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> Message-ID: Ted Zlatanov writes: >>> +DEFUN ("gnutls-init", Fgnutls_init, Sgnutls_init, 2, 2, 0, > ... >>> + ret = gnutls_init((gnutls_session_t*)&(XPROCESS(proc)->gnutls_state), > > AS> Aliasing violation. > > Can you explain please? The function wants to store a value of one type into an object of a different type. BAD. The compiler is allowed to assume the object was never changed. > AS> IMHO all your functions should return t on success and either some error > AS> symbol on failure or even raise an error. > > Yes, but I'm not sure which one. Can you recommend? Take your pick. I don't know anything about gnutls. >>> === modified file 'src/process.h' >>> + >>> +#ifdef HAVE_GNUTLS >>> + /* XXX Store GNU TLS state and auth mechanisms in Lisp_Objects. */ >>> + Lisp_Object gnutls_state; >>> + Lisp_Object x509_cred, x509_callback; >>> + Lisp_Object anon_cred; >>> + Lisp_Object srp_cred; >>> +#endif > > AS> None of them should be Lisp_Objects. Also make sure the resources are > AS> properly released when the process object is deleted. > > I don't know enough (the choice of using Lisp_Objects was in the > original patch) to know what to do instead of using Lisp_Objects. Why > not, first of all? You never store Lisp_Object values in there, so what's the point? x509_callback is never used, btw. Andreas. -- Andreas Schwab, schwab at linux-m68k.org GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." From schwab at linux-m68k.org Mon Sep 6 19:18:01 2010 From: schwab at linux-m68k.org (Andreas Schwab) Date: Mon, 06 Sep 2010 19:18:01 +0200 Subject: Emacs core TLS support In-Reply-To: <87wrqzhrjv.fsf@lifelogs.com> (Ted Zlatanov's message of "Mon, 06 Sep 2010 09:31:32 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> Message-ID: Ted Zlatanov writes: > @@ -1998,6 +1999,13 @@ > fi > AC_SUBST(LIBSELINUX_LIBS) > > +HAVE_GNUTLS=no > +if test "${with_gnutls}" = "yes" ; then > + PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 2.2.4]) Are you sure you want to make gnutls a required dependency of Emacs? > + AC_DEFINE(HAVE_GNUTLS) $ autoreconf autoheader: warning: missing template: HAVE_GNUTLS autoheader: Use AC_DEFINE([HAVE_GNUTLS], [], [Description]) autoreconf: /usr/bin/autoheader failed with exit status: 1 Andreas. -- Andreas Schwab, schwab at linux-m68k.org GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." From monnier at iro.umontreal.ca Mon Sep 6 00:47:39 2010 From: monnier at iro.umontreal.ca (Stefan Monnier) Date: Mon, 06 Sep 2010 00:47:39 +0200 Subject: Emacs core TLS support In-Reply-To: <8762yklrdk.fsf@lifelogs.com> (Ted Zlatanov's message of "Sat, 04 Sep 2010 23:57:11 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> Message-ID: Overall, it looks good. Some comments on your code. > @@ -3682,6 +3690,7 @@ > echo " Does Emacs use -ldbus? ${HAVE_DBUS}" > echo " Does Emacs use -lgconf? ${HAVE_GCONF}" > echo " Does Emacs use -lselinux? ${HAVE_LIBSELINUX}" > +echo " Does Emacs use Gnu TLS? ${HAVE_GNUTLS}" For symmetry, I'd say "Does Emacs use -lgnutls?". > --- lisp/net/gnutls.el 1970-01-01 00:00:00 +0000 > +++ lisp/net/gnutls.el 2010-09-05 04:42:32 +0000 > @@ -0,0 +1,120 @@ > +;; By Simon Josefsson 2001-12-01 > +;; See http://josefsson.org/emacs-security/ Use C-u M-x checkdoc-current-buffer which will help you follow the usual coding conventions (e.g. inserting the GPL blurb). > +(defvar starttls-host nil) What is this for? It seems to only ever be set and never read. Making it global doesn't make sense, and making it buffer-local only makes sense if you presume there's never going to be more than a single TLS process per buffer, which can't guarantee. For that reason, any needed aux data should be kept in process properties, I think. > + (set (make-variable-buffer-local 'starttls-host) host))) Hpefully the byte-compiler flags this which should use `make-local-variable' instead (or move the (make-variable-buffer-local 'starttls-host) to the toplevel right after the defvar). Tho, as mentioned above, probably the real solution doesn't use such a variable. > +DEFUN ("gnutls-init", Fgnutls_init, Sgnutls_init, 2, 2, 0, > + doc: /* Initializes GNU TLS for process PROC for use as CONNECTION-END. > +CONNECTION-END is used to indicate if this process is as a server or > +client. Can be one of `gnutls-client' and `gnutls-server'. Currently > +only `gnutls-client' is supported. This formulation means that the symbols (rather than the value of the corresponding variables) `gnutls-client' and `gnutls-server' are the valid values. > +Processes must be initialized with this function before other GNU TLS > +functions are used. This function allocates resources which can only > +be deallocated by calling `gnutls-deinit'. Returns zero on success. */) > + (Lisp_Object proc, Lisp_Object connection_end) > +{ > + int ret; > + > + CHECK_PROCESS (proc); > + > + ret = gnutls_init((gnutls_session_t*)&(XPROCESS(proc)->gnutls_state), > + connection_end); I recommend you compile your Emacs with -DUSE_LISP_UNION_TYPE which will catch errors such as the one above: clearly gnutls_init doesn't take a Lisp_Object as second argument. You probably meant to add an XINT (...), and you'll want to add a CHECK_NUMBER for it beforehand as well. This said, while I understand the general desire to just bring the C API of GNU TLS into Elisp, as long as you do it by hand, you might as well use here a Lisp boolean for connection_end. > + return XINT(ret); -DUSE_LISP_UNION_TYPE will also catch this error. > + state = (gnutls_session_t) XPROCESS(proc)->gnutls_state; > + gnutls_deinit(state); Please always put a space before the open paren of a macro or function call. Applies to the rest of the code as well, of course. > + int ret; > + ret = gnutls_global_init(); Uninitialized variables are dangerous, so it's a good habit to initialize vars when you declare them, especially when it's trivial to do so. It's also more concise: int ret = gnutls_global_init(); > + XSETINT (lret, ret); > + return lret; > +} return make_number (lret); will save you the uninitialized lret as well. > +DEFUN ("gnutls-cert-set-x509-trust-file", > + Fgnutls_cert_set_x509_trust_file, > + Sgnutls_cert_set_x509_trust_file, 2, 2, 0, > + doc: /* Set X.509 client trust file for PROCESS > +CERTFILE is a PEM encoded file. Returns zero on success. > +*/) By convention we keep the closing */) at the end of the previous line. > + (Lisp_Object proc, Lisp_Object certfile) > +{ > + gnutls_session_t state; > + gnutls_certificate_credentials_t x509_cred; > + Lisp_Object lret; > + int ret; > + > + CHECK_STRING(certfile); > + > + CHECK_PROCESS (proc); > + state = (gnutls_session_t) XPROCESS(proc)->gnutls_state; > + > + x509_cred = (gnutls_certificate_credentials_t) XPROCESS(proc)->x509_cred; > + > + ret = gnutls_certificate_set_x509_trust_file (x509_cred, XSTRING (certfile)->data, GNUTLS_X509_FMT_PEM); > + > + XSETINT (lret, ret); > + return lret; > +} > + > +DEFUN ("gnutls-cred-set", Fgnutls_cred_set, > + Sgnutls_cred_set, 2, 2, 0, > + doc: /* Enables GNU TLS authentication for PROCESS. > +TYPE is an integer indicating the type of the credentials, either > +`gnutls-anon', `gnutls-srp' or `gnutls-x509pki'. Again, the above formulation means that the caller should pass those symbols rather than value associated with the corresponding variables. > + switch (XINT (type)) Here, you extract the integer value without having checked that `type' is indeed an integer. > + { > + case GNUTLS_CRD_CERTIFICATE: > + if (gnutls_certificate_allocate_credentials (&x509_cred) < 0) > + memory_full (); Can it really only mean "memory is full"? > === added file 'src/gnutls.h' > --- src/gnutls.h 1970-01-01 00:00:00 +0000 > +++ src/gnutls.h 2010-09-05 04:42:32 +0000 > @@ -0,0 +1,4 @@ > +#ifdef HAVE_GNUTLS > +#include > + > +#endif Why add this file? Doesn't seem worth the trouble. > +#ifdef HAVE_GNUTLS > +/* Defined in gnutls.c */ > +extern void syms_of_gnutls (void); > +#endif If you have a src/gnutls.h, then the above should be moved to there. > +#ifdef HAVE_GNUTLS > + /* XXX Store GNU TLS state and auth mechanisms in Lisp_Objects. */ > + Lisp_Object gnutls_state; > + Lisp_Object x509_cred, x509_callback; > + Lisp_Object anon_cred; > + Lisp_Object srp_cred; > +#endif Rather than hardcode variables in gnutls.el, an alternative could be to define those variables in gnutls.c so you can initialize them to the values taken from gnutls/gnutls.h. Stefan From monnier at iro.umontreal.ca Mon Sep 6 23:00:51 2010 From: monnier at iro.umontreal.ca (Stefan Monnier) Date: Mon, 06 Sep 2010 23:00:51 +0200 Subject: Emacs core TLS support In-Reply-To: <87wrqzhrjv.fsf@lifelogs.com> (Ted Zlatanov's message of "Mon, 06 Sep 2010 09:31:32 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> Message-ID: > Yeah, I'll do that for `gnutls-bye' with a CONT parameter. It's just a > NILP check to handle booleans IIUC (there's no CHECK_BOOLEAN, so it's > either NILP or EQ to Qt). Yes, NILP is the way to test it (anything that's not nil is considered as a way to say "true"). >>> +DEFUN ("gnutls-cred-set", Fgnutls_cred_set, >>> + Sgnutls_cred_set, 2, 2, 0, >>> + doc: /* Enables GNU TLS authentication for PROCESS. >>> +TYPE is an integer indicating the type of the credentials, either >>> +`gnutls-anon', `gnutls-srp' or `gnutls-x509pki'. SM> Again, the above formulation means that the caller should pass those SM> symbols rather than value associated with the corresponding variables. > In this case I think that's the right approach actually so we shouldn't > have defconsts. See new definition, it uses two local Lisp_Objects for > the symbol names. > Where should I allocate those constant Lisp_Objects > globally properly? It's typically declared as global (static or not, depending on whether it's used in other files) and initialized in syms_of_. Look at other syms_of_ to see what it looks like. > And should I default to anonymous? I don't know what that means. >>> +#ifdef HAVE_GNUTLS >>> + /* XXX Store GNU TLS state and auth mechanisms in Lisp_Objects. */ >>> + Lisp_Object gnutls_state; >>> + Lisp_Object x509_cred, x509_callback; >>> + Lisp_Object anon_cred; >>> + Lisp_Object srp_cred; >>> +#endif These extra slots don't actually Lisp objects, so this type is wrong (and it forces you to use casts: any use of cast is a sign of a problem, tho admittedly C often makes problems unavoidable). If you check the "struct Lisp_Process" in process.h you'll see this: /* After this point, there are no Lisp_Objects any more. */ /* alloc.c assumes that `pid' is the first such non-Lisp slot. */ so the slots you add at the end are ignored by the GC (which is what you want in your case, since they're not Lisp objects and hence the GC wouldn't know what to do with them) and can be of any type. So just use the types you need here such that casts aren't needed. > I'd like to take the direction of a more Lisp-y API on top of the GnuTLS > API. So any constants should be limited to the function bodies and I'd > like to stick to symbols (as with gnutls-cred-set in the new patch). BTW, if it makes the code simpler, you can use the following trick: use symbols, but associate an integer to each symbol by way of symbol properties. I.e. something like static Lisp_Object Qgnutls_foo; gnutls_function (Lisp_Object arg1, ...) { arg1 = Fget (arg1, Qgnutls_code); int op = INTEGERP (arg1) ? XINT (arg1) : ....; if (op < n1 || op > n2) error ("Invalid op code"); gnutls_foo (..., op, ...); } syms_of_gnutls () { ... Qgnutls_foo = intern ("gnutls-foo"); ... Fput (Qgnutls_foo, Qgnutls_code, make_number (GNUTLS_FOO)); } It's not super-lightweight, but it can be more convenient than a bunch of (EQ (foo, Qgnutls_bar)) if there are many different possible values. >>> + ret = gnutls_init((gnutls_session_t*)&(XPROCESS(proc)->gnutls_state), AS> Aliasing violation. > Can you explain please? Casts are evil, try real hard to stay away from them (he said, and then added a few casts). AS> IMHO all your functions should return t on success and either some error AS> symbol on failure or even raise an error. > Yes, but I'm not sure which one. Can you recommend? error ("some informative string"); > I don't know enough (the choice of using Lisp_Objects was in the > original patch) to know what to do instead of using Lisp_Objects. Why > not, first of all? The type you declare should correspond to the type of the objects you store there. Always. If you stick to this principle and avoid freeing live objects (and stay within array bounds, and a few more such things) your code will be more portable and won't dump core (hence will be generally easier to debug). Stefan From tzz at lifelogs.com Tue Sep 7 01:13:08 2010 From: tzz at lifelogs.com (Ted Zlatanov) Date: Mon, 06 Sep 2010 18:13:08 -0500 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> Message-ID: <87fwxmihyz.fsf@lifelogs.com> On Mon, 06 Sep 2010 23:00:51 +0200 Stefan Monnier wrote: >> In this case I think that's the right approach actually so we >> shouldn't have defconsts. See new definition, it uses two local >> Lisp_Objects for the symbol names. Where should I allocate those >> constant Lisp_Objects globally properly? SM> It's typically declared as global (static or not, depending on whether SM> it's used in other files) and initialized in syms_of_. SM> Look at other syms_of_ to see what it looks like. Done, thanks. >> And should I default to anonymous? SM> I don't know what that means. If the user passes an unknown symbol to `gnutls-cred-set', should it be treated as `gnutls_anon' or generate an error? It could work either way. I'm leaning towards an error but it seems kind of rude to the user. OTOH it could be a serious problem to use encryption the user did not intend because of a typo. SM> the slots you add at the end are ignored by the GC (which is what SM> you want in your case, since they're not Lisp objects and hence the SM> GC wouldn't know what to do with them) and can be of any type. So SM> just use the types you need here such that casts aren't needed. OK. I introduced a new field `gnutls_state_usable' to indicate the session has been initialized. I could have made it a byte but it may be useful to hold Lisp-related state for this patch as it evolves. It's before the GC marker field "pid" so it will be noticed by alloc.c. SM> BTW, if it makes the code simpler, you can use the following trick: use SM> symbols, but associate an integer to each symbol by way of SM> symbol properties. I don't like the properties because they are loosely bound to the symbol (for errors I think it's better to bind meaning to value tightly). Is it OK to do the current approach, where I have the function `gnutls_make_error' to return the right thing, whether it's a known integer-as-symbol or a generic integer? I think it's the right approach and it seems semantically sensible. Plus it's easy to extend `gnutls_make_error' as we need more errors by name. SM> The type you declare should correspond to the type of the objects you SM> store there. Always. If you stick to this principle and avoid freeing SM> live objects (and stay within array bounds, and a few more such things) SM> your code will be more portable and won't dump core (hence will be SM> generally easier to debug). Got it. I think I'm doing it more correctly now and there will be no GC issues, as I mentioned above. On Mon, 06 Sep 2010 19:18:01 +0200 Andreas Schwab wrote: AS> Ted Zlatanov writes: >> +HAVE_GNUTLS=no >> +if test "${with_gnutls}" = "yes" ; then >> + PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 2.2.4]) AS> Are you sure you want to make gnutls a required dependency of Emacs? >> + AC_DEFINE(HAVE_GNUTLS) AS> $ autoreconf AS> autoheader: warning: missing template: HAVE_GNUTLS AS> autoheader: Use AC_DEFINE([HAVE_GNUTLS], [], [Description]) AS> autoreconf: /usr/bin/autoheader failed with exit status: 1 No. What would you suggest? On Mon, 06 Sep 2010 17:53:46 +0200 Andreas Schwab wrote: AS> Ted Zlatanov writes: >>>> +DEFUN ("gnutls-init", Fgnutls_init, Sgnutls_init, 2, 2, 0, >> ... >>>> + ret = gnutls_init((gnutls_session_t*)&(XPROCESS(proc)->gnutls_state), >> AS> Aliasing violation. >> >> Can you explain please? AS> The function wants to store a value of one type into an object of a AS> different type. BAD. The compiler is allowed to assume the object was AS> never changed. OK, you mean the cast is wrong. I fixed that. That leaves only the transport cast from int in gnutls_{handshake,rehandshake} which I believe is right from the original patch. AS> IMHO all your functions should return t on success and either some error AS> symbol on failure or even raise an error. >> >> Yes, but I'm not sure which one. Can you recommend? AS> Take your pick. I don't know anything about gnutls. Well, none of the failures are fatal and there's a lot of ways to retry the connection. I think it's better to return the integer error value or t to simplify the usage. I changed the patch accordingly. >>>> === modified file 'src/process.h' >>>> + >>>> +#ifdef HAVE_GNUTLS >>>> + /* XXX Store GNU TLS state and auth mechanisms in Lisp_Objects. */ >>>> + Lisp_Object gnutls_state; >>>> + Lisp_Object x509_cred, x509_callback; >>>> + Lisp_Object anon_cred; >>>> + Lisp_Object srp_cred; >>>> +#endif >> AS> None of them should be Lisp_Objects. Also make sure the resources are AS> properly released when the process object is deleted. >> >> I don't know enough (the choice of using Lisp_Objects was in the >> original patch) to know what to do instead of using Lisp_Objects. Why >> not, first of all? AS> You never store Lisp_Object values in there, so what's the point? AS> x509_callback is never used, btw. Fixed (also see my response above to Stefan Monnier). I've attached the patch as it stands. Thanks again for all your comments. Getting there... Ted -------------- next part -------------- A non-text attachment was scrubbed... Name: tls.patch Type: text/x-diff Size: 24470 bytes Desc: not available URL: From nmav at gnutls.org Wed Sep 8 14:54:37 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 08 Sep 2010 14:54:37 +0200 Subject: [PULL][PATCH] Small buffering fixes, start of recv side cleanup In-Reply-To: <4C7D9F10.5090000@x2a.org> References: <4C771E72.3030204@x2a.org> <4C7AA79A.4070404@gnutls.org> <4C7D9F10.5090000@x2a.org> Message-ID: <4C87878D.1020204@gnutls.org> On 09/01/2010 02:32 AM, Jonathan Bastien-Filiatrault wrote: >> Hi and thank you! My question would be how would you move on. That is >> what would be your next (planned) moves in adding DTLS? > > My pleasure, > > I am currently working on getting GnuTLS to receive datagram-sized > chunks and adapting the record layer so that records cannot span > datagrams when using DTLS. > > Towards that goal, I have forward-ported my old (1 year+) patches to the > current master branch. > My current progress is here (broken code warning in full effect): > http://github.com/jothan/gnutls/commits/rebase%2Fdtls/ > The handshake buffering code in those patches needs to be completely > redone. Pretty fair. > The next steps are the recv + record side work I mentionned above. After > that, I will need to add HelloVerifyRequest processing. At that point, I > should be very close to (drum roll...) achieving the first > inter-implementation Free Software DTLS handshake between OpenSSL and > GnuTLS. That would be nice :) > Many issues regarding timeout and retransmission issues are yet to be > solved. The division of responsibilities between the application and the > library regarding those issues are pretty much still in the air. I'd suggest to move everything to the layer over gnutls. As far as I understand from DTLS is that it can be used over many unreliable layers with different characteristics. Maybe some sensible "defaults" exist for UDP, as we do now for TCP. > Regarding the patches, would it help you and Simon if I mail patches > series individually instead or in addition to requesting a git-pull ? It > might more accessible to others for comment and review. At least for me patches are easier reviewed by e-mail. However I think it might be better to send patches (at least for merging) once some milestones you set are completed (say once DTLS datagrams can be sent and received, handshake works etc). That way you'll be free to change anything in your previous work, without fearing touching already submitted code. The current master code that you are working on shouldn't change in this aspect. Looking forward for your patches! :) best regards, Nikos From joe at x2a.org Wed Sep 8 15:42:43 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 08 Sep 2010 09:42:43 -0400 Subject: [PULL][PATCH] Small buffering fixes, start of recv side cleanup In-Reply-To: <4C87878D.1020204@gnutls.org> References: <4C771E72.3030204@x2a.org> <4C7AA79A.4070404@gnutls.org> <4C7D9F10.5090000@x2a.org> <4C87878D.1020204@gnutls.org> Message-ID: <4C8792D3.6000901@x2a.org> Nikos Mavrogiannopoulos wrote: > On 09/01/2010 02:32 AM, Jonathan Bastien-Filiatrault wrote: > >>> Hi and thank you! My question would be how would you move on. That is >>> what would be your next (planned) moves in adding DTLS? >> My pleasure, >> >> I am currently working on getting GnuTLS to receive datagram-sized >> chunks and adapting the record layer so that records cannot span >> datagrams when using DTLS. >> >> Towards that goal, I have forward-ported my old (1 year+) patches to the >> current master branch. >> My current progress is here (broken code warning in full effect): >> http://github.com/jothan/gnutls/commits/rebase%2Fdtls/ >> The handshake buffering code in those patches needs to be completely >> redone. > > Pretty fair. > >> The next steps are the recv + record side work I mentionned above. After >> that, I will need to add HelloVerifyRequest processing. At that point, I >> should be very close to (drum roll...) achieving the first >> inter-implementation Free Software DTLS handshake between OpenSSL and >> GnuTLS. > > That would be nice :) This has been accomplished in the latest patches. I will post that code tonight to the mailing list, but I do not expect it to be merged as it still has many loose ends. >> Many issues regarding timeout and retransmission issues are yet to be >> solved. The division of responsibilities between the application and the >> library regarding those issues are pretty much still in the air. > > I'd suggest to move everything to the layer over gnutls. As far as I > understand from DTLS is that it can be used over many unreliable layers > with different characteristics. Maybe some sensible "defaults" exist for > UDP, as we do now for TCP. Ok, will do. >> Regarding the patches, would it help you and Simon if I mail patches >> series individually instead or in addition to requesting a git-pull ? It >> might more accessible to others for comment and review. > > At least for me patches are easier reviewed by e-mail. However I think > it might be better to send patches (at least for merging) once some > milestones you set are completed (say once DTLS datagrams can be sent > and received, handshake works etc). That way you'll be free to change > anything in your previous work, without fearing touching already > submitted code. The current master code that you are working on > shouldn't change in this aspect. Looking forward for your patches! :) My latest patches posted on github handshake fully with OpenSSL in DTLS mode. Application data can be exchanged. I have only tried it on the loopback interface, but it should work over the net as long as the packets are short enough and not lost. I can also post the example program I am using. Still to do: - Implement handshake reliability - MTU/MSS handling - Handshake fragmentation and reassembly. - Bulk encryption parameter versionning. I am currently working on bulk encryption parameter versionning (the epoch field in DTLS). This involves decoupling the encryption parameters from the rest of the session. The resulting code should be somewhat cleaner and easier to understand (and shorter). I have mostly succeeded, but many details remain. These patches will affect the internal api for TLS. This is the biggest patch by far: lib/ext_session_ticket.c | 56 +--- lib/gnutls_alert.c | 2 +- lib/gnutls_buffers.c | 1 + lib/gnutls_cipher.c | 74 +++--- lib/gnutls_cipher.h | 11 +- lib/gnutls_compress.c | 13 +- lib/gnutls_compress.h | 6 +- lib/gnutls_constate.c | 717 ++++++++++++++++++--------------------------- lib/gnutls_constate.h | 33 ++- lib/gnutls_dtls.c | 2 +- lib/gnutls_handshake.c | 12 +- lib/gnutls_int.h | 97 ++++--- lib/gnutls_record.c | 65 +++-- lib/gnutls_record.h | 2 +- lib/gnutls_session_pack.c | 55 +++- lib/gnutls_state.c | 75 +++-- libextra/gnutls_ia.c | 2 +- 17 files changed, 565 insertions(+), 658 deletions(-) I will post the buffering patches tonight, the diffstat is not nearly as impressing. > > best regards, > Nikos From joe at x2a.org Thu Sep 9 00:34:39 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 8 Sep 2010 18:34:39 -0400 Subject: [PATCH] Read-side mbuffers Message-ID: <1283985287-17027-1-git-send-email-joe@x2a.org> As promised, here are my patches for the socket and record buffers on the receive side. It does not seem that modifications to the upper layers (application, handshake) are needed for DTLS. From joe at x2a.org Thu Sep 9 00:34:40 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 8 Sep 2010 18:34:40 -0400 Subject: [PATCH 1/8] mbuffers: Document the internal mbuffer API. In-Reply-To: <1283985287-17027-1-git-send-email-joe@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> Message-ID: <1283985287-17027-2-git-send-email-joe@x2a.org> After a year of not hacking GnuTLS, I needed to look at the code to know how mbuffers work. This will make it much easier for anybody not familiar with this code. Signed-off-by: Jonathan Bastien-Filiatrault diff --git a/lib/gnutls_mbuffers.c b/lib/gnutls_mbuffers.c index de06324..630f53a 100644 --- a/lib/gnutls_mbuffers.c +++ b/lib/gnutls_mbuffers.c @@ -27,6 +27,32 @@ /* Here be mbuffers */ +/* A note on terminology: + * + * Variables named bufel designate a single buffer segment (mbuffer_st + * type). This type is textually referred to as a "segment" or a + * "buffer element". + * + * Variables named buf desigate a chain of buffer segments + * (mbuffer_head_st type). This type is textually referred to as a + * "buffer head" or simply as "buffer". + * + * Design objectives: + * + * - Make existing code easier to understand. + * - Make common operations more efficient by avoiding unnecessary + * copying. + * - Provide a common datatype with a well-known interface to move + * data around and through the multiple protocol layers. + * - Enable a future implementation of DTLS, which needs the concept + * of record boundaries. + */ + + +/* Initialize a buffer head. + * + * Cost: O(1) + */ void _mbuffer_init (mbuffer_head_st *buf) { @@ -37,6 +63,11 @@ _mbuffer_init (mbuffer_head_st *buf) buf->byte_length = 0; } +/* Deallocate all buffer segments and reset the buffer head. + * + * Cost: O(n) + * n: Number of segments currently in the buffer. + */ void _mbuffer_clear (mbuffer_head_st *buf) { @@ -51,6 +82,10 @@ _mbuffer_clear (mbuffer_head_st *buf) _mbuffer_init (buf); } +/* Append a segment to the end of this buffer. + * + * Cost: O(1) + */ void _mbuffer_enqueue (mbuffer_head_st *buf, mbuffer_st *bufel) { @@ -63,6 +98,12 @@ _mbuffer_enqueue (mbuffer_head_st *buf, mbuffer_st *bufel) buf->tail = &bufel->next; } +/* Get a reference to the first segment of the buffer and its data. + * + * Used to start iteration or to peek at the data. + * + * Cost: O(1) + */ mbuffer_st* _mbuffer_get_first (mbuffer_head_st *buf, gnutls_datum_t *msg) { mbuffer_st *bufel = buf->head; @@ -80,6 +121,12 @@ mbuffer_st* _mbuffer_get_first (mbuffer_head_st *buf, gnutls_datum_t *msg) return bufel; } +/* Get a reference to the next segment of the buffer and its data. + * + * Used to iterate over the buffer segments. + * + * Cost: O(1) + */ mbuffer_st* _mbuffer_get_next (mbuffer_st * cur, gnutls_datum_t *msg) { mbuffer_st *bufel = cur->next; @@ -97,6 +144,13 @@ mbuffer_st* _mbuffer_get_next (mbuffer_st * cur, gnutls_datum_t *msg) return bufel; } +/* Remove the first segment from the buffer. + * + * Used to dequeue data from the buffer. Not yet exposed in the + * internal interface since it is not yet needed outside of this unit. + * + * Cost: O(1) + */ static inline void remove_front (mbuffer_head_st *buf) { @@ -116,6 +170,15 @@ remove_front (mbuffer_head_st *buf) buf->tail = &buf->head; } +/* Remove a specified number of bytes from the start of the buffer. + * + * Useful for uses that treat the buffer as a simple array of bytes. + * + * Returns 0 on success or an error code otherwise. + * + * Cost: O(n) + * n: Number of segments needed to remove the specified amount of data. + */ int _mbuffer_remove_bytes (mbuffer_head_st *buf, size_t bytes) { @@ -145,6 +208,18 @@ _mbuffer_remove_bytes (mbuffer_head_st *buf, size_t bytes) return 0; } +/* Allocate a buffer segment. The segment is not initially "owned" by + * any buffer. + * + * maximum_size: Amount of data that this segment can contain. + * size: Amount of useful data that is contained in this + * buffer. Generally 0, but this is a shortcut when a fixed amount of + * data will immediately be added to this segment. + * + * Returns the segment or NULL on error. + * + * Cost: O(1) + */ mbuffer_st * _mbuffer_alloc (size_t payload_size, size_t maximum_size) { @@ -168,6 +243,16 @@ _mbuffer_alloc (size_t payload_size, size_t maximum_size) return st; } +/* Copy data into a segment. The segment must not be part of a buffer + * head when using this function. + * + * Bounds checking is performed by this function. + * + * Returns 0 on success or an error code otherwise. + * + * Cost: O(n) + * n: number of bytes to copy + */ int _mbuffer_append_data (mbuffer_st *bufel, void* newdata, size_t newdata_size) { -- 1.7.1 From joe at x2a.org Thu Sep 9 00:34:41 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 8 Sep 2010 18:34:41 -0400 Subject: [PATCH 2/8] mbuffers: Make _mbuffer_remove_bytes return a meaningful error code. In-Reply-To: <1283985287-17027-1-git-send-email-joe@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> Message-ID: <1283985287-17027-3-git-send-email-joe@x2a.org> Signed-off-by: Jonathan Bastien-Filiatrault diff --git a/lib/gnutls_mbuffers.c b/lib/gnutls_mbuffers.c index 630f53a..7ebcc40 100644 --- a/lib/gnutls_mbuffers.c +++ b/lib/gnutls_mbuffers.c @@ -186,7 +186,10 @@ _mbuffer_remove_bytes (mbuffer_head_st *buf, size_t bytes) mbuffer_st *bufel, *next; if (bytes > buf->byte_length) - return -1; + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } for (bufel = buf->head; bufel != NULL && left > 0; bufel = next) { -- 1.7.1 From joe at x2a.org Thu Sep 9 00:34:42 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 8 Sep 2010 18:34:42 -0400 Subject: [PATCH 3/8] mbuffers: fix wrong size calculation. In-Reply-To: <1283985287-17027-1-git-send-email-joe@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> Message-ID: <1283985287-17027-4-git-send-email-joe@x2a.org> maximum_size is the maximum size of the payload, not including overhead. Signed-off-by: Jonathan Bastien-Filiatrault diff --git a/lib/gnutls_mbuffers.c b/lib/gnutls_mbuffers.c index 7ebcc40..45c4b97 100644 --- a/lib/gnutls_mbuffers.c +++ b/lib/gnutls_mbuffers.c @@ -259,7 +259,7 @@ _mbuffer_alloc (size_t payload_size, size_t maximum_size) int _mbuffer_append_data (mbuffer_st *bufel, void* newdata, size_t newdata_size) { - if (sizeof(mbuffer_st)+bufel->msg.size+newdata_size < bufel->maximum_size) + if (bufel->msg.size+newdata_size <= bufel->maximum_size) { memcpy(&bufel->msg.data[bufel->msg.size], newdata, newdata_size); bufel->msg.size+=newdata_size; -- 1.7.1 From joe at x2a.org Thu Sep 9 00:34:44 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 8 Sep 2010 18:34:44 -0400 Subject: [PATCH 5/8] Parenthesize size calculations. In-Reply-To: <1283985287-17027-1-git-send-email-joe@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> Message-ID: <1283985287-17027-6-git-send-email-joe@x2a.org> This is standard practice and the DTLS code got bit by this. Signed-off-by: Jonathan Bastien-Filiatrault diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 2d37678..4cdff88 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -115,8 +115,8 @@ typedef struct #define MAX_RECORD_RECV_SIZE (size_t)session->security_parameters.max_record_recv_size #define MAX_PAD_SIZE 255 #define EXTRA_COMP_SIZE 2048 -#define MAX_RECORD_OVERHEAD MAX_PAD_SIZE+EXTRA_COMP_SIZE -#define MAX_RECV_SIZE MAX_RECORD_OVERHEAD+MAX_RECORD_RECV_SIZE+RECORD_HEADER_SIZE +#define MAX_RECORD_OVERHEAD (MAX_PAD_SIZE+EXTRA_COMP_SIZE) +#define MAX_RECV_SIZE (MAX_RECORD_OVERHEAD+MAX_RECORD_RECV_SIZE+RECORD_HEADER_SIZE) #define HANDSHAKE_HEADER_SIZE 4 -- 1.7.1 From joe at x2a.org Thu Sep 9 00:34:43 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 8 Sep 2010 18:34:43 -0400 Subject: [PATCH 4/8] mbuffers: Add mbuffer_linearize. In-Reply-To: <1283985287-17027-1-git-send-email-joe@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> Message-ID: <1283985287-17027-5-git-send-email-joe@x2a.org> Signed-off-by: Jonathan Bastien-Filiatrault diff --git a/lib/gnutls_mbuffers.c b/lib/gnutls_mbuffers.c index 45c4b97..c9af21d 100644 --- a/lib/gnutls_mbuffers.c +++ b/lib/gnutls_mbuffers.c @@ -272,3 +272,42 @@ _mbuffer_append_data (mbuffer_st *bufel, void* newdata, size_t newdata_size) return 0; } + +/* Takes a buffer in multiple chunks and puts all the data in a single + * contiguous segment. + * + * Returns 0 on success or an error code otherwise. + * + * Cost: O(n) + * n: number of segments initially in the buffer + */ +int +_mbuffer_linearize (mbuffer_head_st *buf) +{ + mbuffer_st *bufel, *cur; + gnutls_datum_t msg; + size_t pos=0; + + if (buf->length <= 1) + /* Nothing to do */ + return 0; + + bufel = _mbuffer_alloc (buf->byte_length, buf->byte_length); + if (!bufel) { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + + for (cur = _mbuffer_get_first(buf, &msg); + msg.data != NULL; + cur = _mbuffer_get_next(cur, &msg)) + { + memcpy (&bufel->msg.data[pos], msg.data, cur->msg.size); + pos += cur->msg.size; + } + + _mbuffer_clear (buf); + _mbuffer_enqueue (buf, bufel); + + return 0; +} diff --git a/lib/gnutls_mbuffers.h b/lib/gnutls_mbuffers.h index ed94824..8f08a96 100644 --- a/lib/gnutls_mbuffers.h +++ b/lib/gnutls_mbuffers.h @@ -40,6 +40,7 @@ mbuffer_st* _mbuffer_get_next (mbuffer_st * cur, gnutls_datum_t *msg); * one. */ int _mbuffer_append_data (mbuffer_st *bufel, void* newdata, size_t newdata_size); +int _mbuffer_linearize (mbuffer_head_st *buf); /* For "user" use. One can have buffer data and header. -- 1.7.1 From joe at x2a.org Thu Sep 9 00:34:45 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 8 Sep 2010 18:34:45 -0400 Subject: [PATCH 6/8] mbuffers: make _gnutls_io_read_buffered use mbuffers. In-Reply-To: <1283985287-17027-1-git-send-email-joe@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> Message-ID: <1283985287-17027-7-git-send-email-joe@x2a.org> This will be needed by the DTLS code to make sure reads are stored in segments that correspond to datagram boundaries. Signed-off-by: Jonathan Bastien-Filiatrault diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c index 34ef9df..c44765f 100644 --- a/lib/gnutls_buffers.c +++ b/lib/gnutls_buffers.c @@ -445,36 +445,26 @@ _gnutls_io_clear_peeked_data (gnutls_session_t session) return 0; } - -void -_gnutls_io_clear_read_buffer (gnutls_session_t session) -{ - session->internals.record_recv_buffer.length = 0; -} - /* This function is like recv(with MSG_PEEK). But it does not return -1 on error. * It does return gnutls_errno instead. * This function reads data from the socket and keeps them in a buffer, of up to * MAX_RECV_SIZE. * * This is not a general purpose function. It returns EXACTLY the data requested, - * which are stored in a local (in the session) buffer. A pointer (iptr) to this buffer is returned. + * which are stored in a local (in the session) buffer. * */ ssize_t -_gnutls_io_read_buffered (gnutls_session_t session, opaque ** iptr, - size_t sizeOfPtr, content_type_t recv_type) +_gnutls_io_read_buffered (gnutls_session_t session, size_t total, + content_type_t recv_type) { ssize_t ret = 0, ret2 = 0; size_t min; - int buf_pos; - opaque *buf; - int recvlowat; - int recvdata; + opaque buf[MAX_RECV_SIZE]; + mbuffer_st *bufel; + size_t recvlowat, recvdata, readsize; - *iptr = session->internals.record_recv_buffer.data; - - if (sizeOfPtr > MAX_RECV_SIZE || sizeOfPtr == 0) + if (total > MAX_RECV_SIZE || total == 0) { gnutls_assert (); /* internal error */ return GNUTLS_E_INVALID_REQUEST; @@ -505,13 +495,13 @@ _gnutls_io_read_buffered (gnutls_session_t session, opaque ** iptr, /* calculate the actual size, ie. get the minimum of the * buffered data and the requested data. */ - min = MIN (session->internals.record_recv_buffer.length, sizeOfPtr); + min = MIN (session->internals.record_recv_buffer.byte_length, total); if (min > 0) { /* if we have enough buffered data * then just return them. */ - if (min == sizeOfPtr) + if (min == total) { return min; } @@ -520,39 +510,30 @@ _gnutls_io_read_buffered (gnutls_session_t session, opaque ** iptr, /* min is over zero. recvdata is the data we must * receive in order to return the requested data. */ - recvdata = sizeOfPtr - min; + recvdata = total - min; + readsize = recvdata - recvlowat; /* Check if the previously read data plus the new data to * receive are longer than the maximum receive buffer size. */ - if ((session->internals.record_recv_buffer.length + recvdata) > + if ((session->internals.record_recv_buffer.byte_length + recvdata) > MAX_RECV_SIZE) { gnutls_assert (); /* internal error */ return GNUTLS_E_INVALID_REQUEST; } - /* Allocate the data required to store the new packet. - */ - ret = _gnutls_buffer_resize (&session->internals.record_recv_buffer, - recvdata + - session->internals.record_recv_buffer.length); - if (ret < 0) { gnutls_assert (); return ret; } - buf_pos = session->internals.record_recv_buffer.length; - buf = session->internals.record_recv_buffer.data; - *iptr = buf; - /* READ DATA - but leave RCVLOWAT bytes in the kernel buffer. */ - if (recvdata - recvlowat > 0) + if (readsize > 0) { - ret = _gnutls_read (session, &buf[buf_pos], recvdata - recvlowat, session->internals.pull_func); + ret = _gnutls_read (session, buf, readsize, session->internals.pull_func); /* return immediately if we got an interrupt or eagain * error. @@ -569,21 +550,27 @@ _gnutls_io_read_buffered (gnutls_session_t session, opaque ** iptr, { _gnutls_read_log ("RB: Have %d bytes into buffer. Adding %d bytes.\n", - (int) session->internals.record_recv_buffer.length, (int) ret); - _gnutls_read_log ("RB: Requested %d bytes\n", (int) sizeOfPtr); - session->internals.record_recv_buffer.length += ret; - } + (int) session->internals.record_recv_buffer.byte_length, (int) ret); + _gnutls_read_log ("RB: Requested %d bytes\n", (int) total); - buf_pos = session->internals.record_recv_buffer.length; + bufel = _mbuffer_alloc (0, ret); + if (!bufel) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + _mbuffer_append_data (bufel, buf, ret); + _mbuffer_enqueue (&session->internals.record_recv_buffer, bufel); + } /* This is hack in order for select to work. Just leave recvlowat data, * into the kernel buffer (using a read with MSG_PEEK), thus making * select think, that the socket is ready for reading. * MSG_PEEK is only used with berkeley style sockets. */ - if (ret == (recvdata - recvlowat) && recvlowat > 0) + if (ret == readsize && recvlowat > 0) { - ret2 = _gnutls_read (session, &buf[buf_pos], recvlowat, system_read_peek); + ret2 = _gnutls_read (session, buf, recvlowat, system_read_peek); if (ret2 < 0 && gnutls_error_is_fatal (ret2) == 0) { @@ -596,11 +583,17 @@ _gnutls_io_read_buffered (gnutls_session_t session, opaque ** iptr, (int) ret2); _gnutls_read_log ("RB-PEEK: Have %d bytes into buffer. Adding %d bytes.\nRB: Requested %d bytes\n", - (int) session->internals.record_recv_buffer.length, (int) ret2, - (int) sizeOfPtr); + (int) session->internals.record_recv_buffer.byte_length, (int) ret2, + (int) total); session->internals.have_peeked_data = 1; - session->internals.record_recv_buffer.length += ret2; - + bufel = _mbuffer_alloc (0, ret2); + if (!bufel) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + _mbuffer_append_data (bufel, buf, ret2); + _mbuffer_enqueue (&session->internals.record_recv_buffer, bufel); } } @@ -625,9 +618,9 @@ _gnutls_io_read_buffered (gnutls_session_t session, opaque ** iptr, return 0; } - ret = session->internals.record_recv_buffer.length; + ret = session->internals.record_recv_buffer.byte_length; - if ((ret > 0) && ((size_t) ret < sizeOfPtr)) + if ((ret > 0) && ((size_t) ret < total)) { /* Short Read */ gnutls_assert (); diff --git a/lib/gnutls_buffers.h b/lib/gnutls_buffers.h index 5352874..bdd40f4 100644 --- a/lib/gnutls_buffers.h +++ b/lib/gnutls_buffers.h @@ -35,9 +35,8 @@ int _gnutls_record_buffer_get_size (content_type_t type, int _gnutls_record_buffer_get (content_type_t type, gnutls_session_t session, opaque * data, size_t length); -ssize_t _gnutls_io_read_buffered (gnutls_session_t, opaque ** iptr, - size_t n, content_type_t); -void _gnutls_io_clear_read_buffer (gnutls_session_t); +ssize_t _gnutls_io_read_buffered (gnutls_session_t, size_t n, + content_type_t); int _gnutls_io_clear_peeked_data (gnutls_session_t session); ssize_t _gnutls_io_write_buffered (gnutls_session_t session, diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 4cdff88..d8cd028 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -544,7 +544,7 @@ typedef struct /* this buffer holds a record packet -mostly used for * non blocking IO. */ - gnutls_buffer_st record_recv_buffer; + mbuffer_head_st record_recv_buffer; mbuffer_head_st record_send_buffer; /* holds cached data * for the gnutls_io_write_buffered() * function. diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index 4faa3ac..27e5e56 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -848,17 +848,15 @@ _gnutls_recv_int (gnutls_session_t session, content_type_t type, gnutls_handshake_description_t htype, opaque * data, size_t sizeofdata) { - gnutls_datum_t tmp; int decrypted_length; opaque version[2]; - uint8_t *headers; content_type_t recv_type; uint16_t length; uint8_t *ciphertext; - uint8_t *recv_data; int ret, ret2; uint16_t header_size; int empty_packet = 0; + gnutls_datum_t data_enc, tmp; if (type != GNUTLS_ALERT && (sizeofdata == 0 || data == NULL)) { @@ -899,7 +897,7 @@ begin: header_size = RECORD_HEADER_SIZE; if ((ret = - _gnutls_io_read_buffered (session, &headers, header_size, + _gnutls_io_read_buffered (session, header_size, -1)) != header_size) { if (ret < 0 && gnutls_error_is_fatal (ret) == 0) @@ -916,8 +914,16 @@ begin: return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; } + ret = _mbuffer_linearize (&session->internals.record_recv_buffer); + if (ret != 0) { + gnutls_assert (); + return ret; + } + + _mbuffer_get_first (&session->internals.record_recv_buffer, &data_enc); + if ((ret = - record_check_headers (session, headers, type, htype, &recv_type, + record_check_headers (session, data_enc.data, type, htype, &recv_type, version, &length, &header_size)) < 0) { gnutls_assert (); @@ -969,8 +975,7 @@ begin: /* check if we have that data into buffer. */ if ((ret = - _gnutls_io_read_buffered (session, &recv_data, - header_size + length, + _gnutls_io_read_buffered (session, header_size + length, recv_type)) != header_size + length) { if (ret < 0 && gnutls_error_is_fatal (ret) == 0) @@ -985,8 +990,14 @@ begin: /* ok now we are sure that we can read all the data - so * move on ! */ - _gnutls_io_clear_read_buffer (session); - ciphertext = &recv_data[header_size]; + + ret = _mbuffer_linearize (&session->internals.record_recv_buffer); + if (ret != 0) { + gnutls_assert (); + return ret; + } + _mbuffer_get_first (&session->internals.record_recv_buffer, &data_enc); + ciphertext = &data_enc.data[header_size]; ret = get_temp_recv_buffer (session, &tmp); if (ret < 0) @@ -1007,6 +1018,7 @@ begin: gnutls_assert (); return ret; } + _mbuffer_remove_bytes (&session->internals.record_recv_buffer, header_size + length); decrypted_length = ret; /* Check if this is a CHANGE_CIPHER_SPEC diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 416c1ba..b25d31b 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -296,7 +296,7 @@ gnutls_init (gnutls_session_t * session, gnutls_connection_end_t con_end) _gnutls_buffer_init (&(*session)->internals.ia_data_buffer); _mbuffer_init (&(*session)->internals.record_send_buffer); - _gnutls_buffer_init (&(*session)->internals.record_recv_buffer); + _mbuffer_init (&(*session)->internals.record_recv_buffer); _mbuffer_init (&(*session)->internals.handshake_send_buffer); _gnutls_buffer_init (&(*session)->internals.handshake_recv_buffer); @@ -304,7 +304,6 @@ gnutls_init (gnutls_session_t * session, gnutls_connection_end_t con_end) (*session)->key = gnutls_calloc (1, sizeof (struct gnutls_key_st)); if ((*session)->key == NULL) { - cleanup_session: gnutls_free (*session); *session = NULL; return GNUTLS_E_MEMORY_ERROR; @@ -319,17 +318,6 @@ gnutls_init (gnutls_session_t * session, gnutls_connection_end_t con_end) gnutls_handshake_set_max_packet_length ((*session), MAX_HANDSHAKE_PACKET_SIZE); - /* Allocate a minimum size for recv_data - * This is allocated in order to avoid small messages, making - * the receive procedure slow. - */ - if (_gnutls_buffer_resize (&(*session)->internals.record_recv_buffer, - INITIAL_RECV_BUFFER_SIZE)) - { - gnutls_free ((*session)->key); - goto cleanup_session; - } - /* set the socket pointers to -1; */ (*session)->internals.transport_recv_ptr = (gnutls_transport_ptr_t) - 1; @@ -402,7 +390,7 @@ gnutls_deinit (gnutls_session_t session) _gnutls_buffer_clear (&session->internals.handshake_hash_buffer); _gnutls_buffer_clear (&session->internals.handshake_data_buffer); _gnutls_buffer_clear (&session->internals.application_data_buffer); - _gnutls_buffer_clear (&session->internals.record_recv_buffer); + _mbuffer_clear (&session->internals.record_recv_buffer); _mbuffer_clear (&session->internals.record_send_buffer); gnutls_credentials_clear (session); -- 1.7.1 From joe at x2a.org Thu Sep 9 00:34:47 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 8 Sep 2010 18:34:47 -0400 Subject: [PATCH 8/8] Fully mbufferize _gnutls_read and _gnutls_read_buffered. In-Reply-To: <1283985287-17027-1-git-send-email-joe@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> Message-ID: <1283985287-17027-9-git-send-email-joe@x2a.org> Signed-off-by: Jonathan Bastien-Filiatrault diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c index c44765f..be84e90 100644 --- a/lib/gnutls_buffers.c +++ b/lib/gnutls_buffers.c @@ -269,23 +269,36 @@ inline static int get_errno(gnutls_session_t session) * Flags are only used if the default recv() function is being used. */ static ssize_t -_gnutls_read (gnutls_session_t session, void *iptr, - size_t sizeOfPtr, gnutls_pull_func pull_func) +_gnutls_read (gnutls_session_t session, mbuffer_st **bufel, + size_t size, gnutls_pull_func pull_func) { size_t left; ssize_t i = 0; - char *ptr = iptr; + char *ptr; gnutls_transport_ptr_t fd = session->internals.transport_recv_ptr; + if (!bufel) + { + gnutls_assert (); + return GNUTLS_E_INTERNAL_ERROR; + } + + *bufel = _mbuffer_alloc (0, size); + if (!*bufel) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + ptr = (*bufel)->msg.data; + session->internals.direction = 0; - left = sizeOfPtr; + left = size; while (left > 0) { - reset_errno(session); - i = pull_func (fd, &ptr[sizeOfPtr - left], left); + i = pull_func (fd, &ptr[size - left], left); if (i < 0) { @@ -296,11 +309,11 @@ _gnutls_read (gnutls_session_t session, void *iptr, if (err == EAGAIN || err == EINTR) { - if (sizeOfPtr - left > 0) + if (size - left > 0) { _gnutls_read_log ("READ: returning %d bytes from %p\n", - (int) (sizeOfPtr - left), fd); + (int) (size - left), fd); goto finish; } @@ -325,7 +338,7 @@ _gnutls_read (gnutls_session_t session, void *iptr, } left -= i; - + (*bufel)->msg.size += i; } finish: @@ -333,11 +346,11 @@ finish: if (_gnutls_log_level >= 7) { _gnutls_read_log ("READ: read %d bytes from %p\n", - (int) (sizeOfPtr - left), fd); + (int) (size - left), fd); } - return (sizeOfPtr - left); + return (size - left); } @@ -408,32 +421,24 @@ _gnutls_debug_log("errno: %d\n", err); int _gnutls_io_clear_peeked_data (gnutls_session_t session) { - char *peekdata; + mbuffer_st *peekdata; int ret, sum; if (session->internals.have_peeked_data == 0 || RCVLOWAT == 0) return 0; - peekdata = gnutls_malloc (RCVLOWAT); - if (peekdata == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - /* this was already read by using MSG_PEEK - so it shouldn't fail */ sum = 0; do { /* we need this to finish now */ - ret = _gnutls_read (session, peekdata, RCVLOWAT - sum, session->internals.pull_func); + ret = _gnutls_read (session, &peekdata, RCVLOWAT - sum, session->internals.pull_func); if (ret > 0) sum += ret; + _mbuffer_xfree (&peekdata); } while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN || sum < RCVLOWAT); - gnutls_free (peekdata); - if (ret < 0) { gnutls_assert (); @@ -460,8 +465,7 @@ _gnutls_io_read_buffered (gnutls_session_t session, size_t total, { ssize_t ret = 0, ret2 = 0; size_t min; - opaque buf[MAX_RECV_SIZE]; - mbuffer_st *bufel; + mbuffer_st *bufel=NULL; size_t recvlowat, recvdata, readsize; if (total > MAX_RECV_SIZE || total == 0) @@ -533,13 +537,14 @@ _gnutls_io_read_buffered (gnutls_session_t session, size_t total, */ if (readsize > 0) { - ret = _gnutls_read (session, buf, readsize, session->internals.pull_func); + ret = _gnutls_read (session, &bufel, readsize, session->internals.pull_func); /* return immediately if we got an interrupt or eagain * error. */ if (ret < 0 && gnutls_error_is_fatal (ret) == 0) { + _mbuffer_xfree(&bufel); return ret; } } @@ -553,15 +558,11 @@ _gnutls_io_read_buffered (gnutls_session_t session, size_t total, (int) session->internals.record_recv_buffer.byte_length, (int) ret); _gnutls_read_log ("RB: Requested %d bytes\n", (int) total); - bufel = _mbuffer_alloc (0, ret); - if (!bufel) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - _mbuffer_append_data (bufel, buf, ret); _mbuffer_enqueue (&session->internals.record_recv_buffer, bufel); } + else + _mbuffer_xfree(&bufel); + /* This is hack in order for select to work. Just leave recvlowat data, * into the kernel buffer (using a read with MSG_PEEK), thus making @@ -570,10 +571,11 @@ _gnutls_io_read_buffered (gnutls_session_t session, size_t total, */ if (ret == readsize && recvlowat > 0) { - ret2 = _gnutls_read (session, buf, recvlowat, system_read_peek); + ret2 = _gnutls_read (session, &bufel, recvlowat, system_read_peek); if (ret2 < 0 && gnutls_error_is_fatal (ret2) == 0) { + _mbuffer_xfree(&bufel); return ret2; } @@ -586,15 +588,10 @@ _gnutls_io_read_buffered (gnutls_session_t session, size_t total, (int) session->internals.record_recv_buffer.byte_length, (int) ret2, (int) total); session->internals.have_peeked_data = 1; - bufel = _mbuffer_alloc (0, ret2); - if (!bufel) - { - gnutls_assert (); - return GNUTLS_E_INVALID_REQUEST; - } - _mbuffer_append_data (bufel, buf, ret2); _mbuffer_enqueue (&session->internals.record_recv_buffer, bufel); } + else + _mbuffer_xfree(&bufel); } if (ret < 0 || ret2 < 0) -- 1.7.1 From joe at x2a.org Thu Sep 9 00:34:46 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Wed, 8 Sep 2010 18:34:46 -0400 Subject: [PATCH 7/8] mbuffers: Add _mbuffer_xfree operation. In-Reply-To: <1283985287-17027-1-git-send-email-joe@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> Message-ID: <1283985287-17027-8-git-send-email-joe@x2a.org> Signed-off-by: Jonathan Bastien-Filiatrault diff --git a/lib/gnutls_mbuffers.h b/lib/gnutls_mbuffers.h index 8f08a96..beb1eab 100644 --- a/lib/gnutls_mbuffers.h +++ b/lib/gnutls_mbuffers.h @@ -25,7 +25,8 @@ #ifndef GNUTLS_MBUFFERS_H # define GNUTLS_MBUFFERS_H -#include "gnutls_int.h" +#include +#include void _mbuffer_init (mbuffer_head_st *buf); void _mbuffer_clear (mbuffer_head_st *buf); @@ -95,4 +96,18 @@ inline static mbuffer_st* _gnutls_handshake_alloc(size_t size, size_t maximum) return ret; } +/* Free a segment, if the pointer is not NULL + * + * We take a ** to detect and fix double free bugs (the dangling + * pointer case). It also makes sure the pointer has a known value + * after freeing. + */ +inline static void _mbuffer_xfree(mbuffer_st **bufel) +{ + if(*bufel) + gnutls_free(*bufel); + + *bufel = NULL; +} + #endif -- 1.7.1 From nmav at gnutls.org Thu Sep 9 08:42:20 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 09 Sep 2010 08:42:20 +0200 Subject: [PATCH] Read-side mbuffers In-Reply-To: <1283985287-17027-1-git-send-email-joe@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> Message-ID: <4C8881CC.6070702@gnutls.org> On 09/09/2010 12:34 AM, Jonathan Bastien-Filiatrault wrote: > As promised, here are my patches for the socket and record buffers on > the receive side. It does not seem that modifications to the upper > layers (application, handshake) are needed for DTLS. Thanks. From a quick glimpse they look fine. How did you check DTLS? regards, Nikos From joe at x2a.org Thu Sep 9 19:00:42 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Thu, 09 Sep 2010 13:00:42 -0400 Subject: [PATCH] Read-side mbuffers In-Reply-To: <4C8881CC.6070702@gnutls.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> <4C8881CC.6070702@gnutls.org> Message-ID: <4C8912BA.5000903@x2a.org> Nikos Mavrogiannopoulos wrote: > On 09/09/2010 12:34 AM, Jonathan Bastien-Filiatrault wrote: >> As promised, here are my patches for the socket and record buffers on >> the receive side. It does not seem that modifications to the upper >> layers (application, handshake) are needed for DTLS. > > Thanks. From a quick glimpse they look fine. How did you check DTLS? With my DTLS patches that can complete a handshake. You can have a look at http://github.com/jothan/gnutls. Would you like me to send this series of patches to the mailing list for preliminary review ? These patches are a work in progress and many improvements still need to be done. > regards, > Nikos Thanks, Jonathan From nmav at gnutls.org Thu Sep 9 19:16:34 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 09 Sep 2010 19:16:34 +0200 Subject: [PATCH] Read-side mbuffers In-Reply-To: <4C8912BA.5000903@x2a.org> References: <1283985287-17027-1-git-send-email-joe@x2a.org> <4C8881CC.6070702@gnutls.org> <4C8912BA.5000903@x2a.org> Message-ID: <4C891672.1050204@gnutls.org> On 09/09/2010 07:00 PM, Jonathan Bastien-Filiatrault wrote: > Nikos Mavrogiannopoulos wrote: >> On 09/09/2010 12:34 AM, Jonathan Bastien-Filiatrault wrote: >>> As promised, here are my patches for the socket and record buffers on >>> the receive side. It does not seem that modifications to the upper >>> layers (application, handshake) are needed for DTLS. >> >> Thanks. From a quick glimpse they look fine. How did you check DTLS? > With my DTLS patches that can complete a handshake. You can have a look > at http://github.com/jothan/gnutls. Would you like me to send this > series of patches to the mailing list for preliminary review ? These > patches are a work in progress and many improvements still need to be done. I understand. No need to send, I'll just browse a bit. My point was mostly, whether you are using gnutls-cli or you made another client. Good luck anyway! :) regards, Nikos From larsi at gnus.org Fri Sep 10 00:00:56 2010 From: larsi at gnus.org (Lars Magne Ingebrigtsen) Date: Fri, 10 Sep 2010 00:00:56 +0200 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87sk1j54sy.fsf@lifelogs.com> Message-ID: Ted Zlatanov writes: [...] >>> +HAVE_GNUTLS=no >>> +if test "${with_gnutls}" = "yes" ; then >>> + PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 2.2.4]) > > AS> Are you sure you want to make gnutls a required dependency of Emacs? How does this make gnutls a required dependency? I'm not really very familiar with the autoconf language, but I thought that this meant that somebody had said --with-gnutls=yes... But I think gnutls should be a required dependency. So much communication these days require having tsl/ssl functionality that it seems totally reasonable to me to have that as a requirement. -- (domestic pets only, the antidote for overdose, milk.) larsi at gnus.org * Lars Magne Ingebrigtsen From iamin83567 at gmail.com Fri Sep 10 17:35:26 2010 From: iamin83567 at gmail.com (=?GB2312?B?0+HA6MP0?=) Date: Fri, 10 Sep 2010 23:35:26 +0800 Subject: make check error of gnutls-2.10.1 on AIX 5.3.0.11 and gcc 4.2.0.0 Message-ID: The error messages were thrown after run make check for checking ./configure && make. What's another logs should be post for diagnose?Thanks. make check-TESTS Self test `./simple' finished with 0 errors PASS: simple /bin/sh: 262214 Segmentation fault(coredump) FAIL: gc /bin/sh: 262220 Segmentation fault(coredump) FAIL: set_pkcs12_cred /bin/sh: 262226 Segmentation fault(coredump) FAIL: certder /bin/sh: 262232 Segmentation fault(coredump) FAIL: mpi /bin/sh: 262238 Segmentation fault(coredump) FAIL: certificate_set_x509_crl /bin/sh: 262244 Segmentation fault(coredump) FAIL: dn /bin/sh: 262250 Segmentation fault(coredump) FAIL: parse_ca /bin/sh: 262256 Segmentation fault(coredump) FAIL: moredn /bin/sh: 262262 Segmentation fault(coredump) FAIL: crypto_rng /bin/sh: 409808 Segmentation fault(coredump) FAIL: mini /bin/sh: 409814 Segmentation fault(coredump) FAIL: finished /bin/sh: 409820 Segmentation fault(coredump) FAIL: hostname-check /bin/sh: 409826 Segmentation fault(coredump) FAIL: cve-2008-4989 /bin/sh: 409832 Segmentation fault(coredump) FAIL: pkcs12_s2k /bin/sh: 409838 Segmentation fault(coredump) FAIL: chainverify /bin/sh: 409844 Segmentation fault(coredump) FAIL: crq_key_id /bin/sh: 409850 Segmentation fault(coredump) FAIL: x509sign-verify /bin/sh: 409600 Segmentation fault(coredump) FAIL: cve-2009-1415 /bin/sh: 409606 Segmentation fault(coredump) FAIL: cve-2009-1416 /bin/sh: 409612 Segmentation fault(coredump) FAIL: crq_apis /bin/sh: 409618 Segmentation fault(coredump) FAIL: init_roundtrip /bin/sh: 409624 Segmentation fault(coredump) FAIL: pkcs12_s2k_pem /bin/sh: 409630 Segmentation fault(coredump) FAIL: dn2 /bin/sh: 409636 Segmentation fault(coredump) FAIL: mini-eagain /bin/sh: 409642 Segmentation fault(coredump) FAIL: nul-in-x509-names /bin/sh: 409648 Segmentation fault(coredump) FAIL: x509_altname /bin/sh: 409654 Segmentation fault(coredump) FAIL: pkcs12_encode /bin/sh: 409660 Segmentation fault(coredump) FAIL: mini-x509 /bin/sh: 409666 Segmentation fault(coredump) FAIL: mini-x509-rehandshake /bin/sh: 409672 Segmentation fault(coredump) FAIL: openssl /bin/sh: 409678 Segmentation fault(coredump) FAIL: openpgp-keyring /bin/sh: 409684 Segmentation fault(coredump) FAIL: pgps2kgnu /bin/sh: 409690 Segmentation fault(coredump) FAIL: x509self /bin/sh: 409696 Segmentation fault(coredump) FAIL: x509signself /bin/sh: 409702 Segmentation fault FAIL: x509dn bind: Address already in use server: bind failed Self test `./anonself' finished with 1 errors FAIL: anonself bind: Address already in use server: bind failed Self test `./pskself' finished with 1 errors FAIL: pskself bind: Address already in use server: bind failed Self test `./dhepskself' finished with 1 errors FAIL: dhepskself bind: Address already in use server: bind failed Self test `./tlsia' finished with 1 errors FAIL: tlsia bind: Address already in use server: bind failed Self test `./resume' finished with 1 errors FAIL: resume /bin/sh: 417924 Segmentation fault FAIL: netconf-psk /bin/sh: 389168 Segmentation fault(coredump) FAIL: setcredcrash /bin/sh: 389174 Segmentation fault(coredump) FAIL: openpgpself RFC 2253 escaping not working? FAIL: rfc2253-escape-test =================================== 44 of 45 tests failed Please report to bug-gnutls at gnu.org =================================== make: 1254-004 The error code from the last command is 1. Stop. make: 1254-004 The error code from the last command is 2. Stop. make: 1254-004 The error code from the last command is 1. Stop. make: 1254-004 The error code from the last command is 1. Stop. From tzz at lifelogs.com Sat Sep 11 16:59:59 2010 From: tzz at lifelogs.com (Ted Zlatanov) Date: Sat, 11 Sep 2010 09:59:59 -0500 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> Message-ID: <8762ycfhqo.fsf@lifelogs.com> Nearly ready. Since the last patch we have: - full initialization and handshake (no memory issues, etc.) - everything happens in gnutls-boot, including global initialization; all the parameters are either x509 or anon - use of gnutls_initstage in the process to mark progress of initialization and whether the process is done initializing and handshaking - no SRP anywhere, just anon and x509 (I'll add SRP if we need it and when the other two are working) Now I get GNUTLS_E_INSUFFICIENT_CREDENTIALS when I open a x509 connection to an IMAP TLS server so I think there's still work to do. The trust file seems to be wrong (see lisp/net/gnutls.el, I tried both "/etc/ssl/certs/ca-certificates.crt" and "/etc/ssl/certs/ca.pem"). The GnuTLS examples don't seem to cover the standard situation of talking to a web server over SSL and possibly accepting an insecure connection if the server credentials are bad. I must have missed something. Could the GnuTLS developers look at my patch and help me out? Thanks Ted From tzz at lifelogs.com Sat Sep 11 17:00:59 2010 From: tzz at lifelogs.com (Ted Zlatanov) Date: Sat, 11 Sep 2010 10:00:59 -0500 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> Message-ID: <871v90fhp0.fsf@lifelogs.com> On Sat, 11 Sep 2010 09:59:59 -0500 Ted Zlatanov wrote: TZ> Nearly ready. Since the last patch we have: patch++ -------------- next part -------------- A non-text attachment was scrubbed... Name: tls.patch Type: text/x-diff Size: 27483 bytes Desc: not available URL: From tzz at lifelogs.com Sat Sep 11 17:04:50 2010 From: tzz at lifelogs.com (Ted Zlatanov) Date: Sat, 11 Sep 2010 10:04:50 -0500 Subject: need help adding GnuTLS support to Emacs References: <87bp9dhh0y.fsf@lifelogs.com> <20100809065126.GA2684@seumegasse.bebt.de> <871va3h2av.fsf@lifelogs.com> <87ocd6ul29.fsf@mocca.josefsson.org> <874oeti9wl.fsf@lifelogs.com> <87iq33sw89.fsf@mocca.josefsson.org> Message-ID: <87wrqse2y5.fsf@lifelogs.com> On Sat, 21 Aug 2010 19:37:26 +0200 Simon Josefsson wrote: SJ> Do you really want to expose this function to elisp? It is SJ> thread-unsafe. It makes more sense if Emacs initialized the GnuTLS SJ> library on startup instead. I call gnutls-global-init every time gnutls-boot (the new entry point) is called. It keeps track so it won't actally call the C global init more than once. Thread safety is not a concern with Emacs currently, but if it was the global init flag is the only place I would question. WDYT? If you and any other GnuTLS developers could take a look at the patch I just posted and the questions I had, I'd really appreciate it. I'm very close to dropping this into the Emacs repo. Thanks! Ted From monnier at iro.umontreal.ca Sun Sep 12 12:58:47 2010 From: monnier at iro.umontreal.ca (Stefan Monnier) Date: Sun, 12 Sep 2010 12:58:47 +0200 Subject: Emacs core TLS support In-Reply-To: <871v90fhp0.fsf@lifelogs.com> (Ted Zlatanov's message of "Sat, 11 Sep 2010 10:00:59 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <871v90fhp0.fsf@lifelogs.com> Message-ID: > patch++ Looks good, except for a few coding style conventions: > + } while( rtnval==GNUTLS_E_INTERRUPTED || rtnval==GNUTLS_E_AGAIN); > + fsync(STDOUT_FILENO); Place a space *before* the open-paren and around infix operators. > + /* means the we will only be called again if the library cannot > + * determine which certificate to send > + */ Put the comment-close at the end of the previous line. > + // message ("gnutls: setting the trustfile"); > + > + // if (EQ (type, Qgnutls_x509pki)) > + // { > + // CHECK_STRING (trustfile); > + > + // x509_cred = XPROCESS (proc)->x509_cred; > + // puts("Setting certificate"); > + // puts(XSTRING (trustfile)->data); > + // ret = gnutls_certificate_set_x509_trust_file (x509_cred, > + // XSTRING (trustfile)->data, > + // GNUTLS_X509_FMT_PEM); > + // } > + > + // if (ret != GNUTLS_E_SUCCESS) > + // return gnutls_make_error (ret); We use /*..*/ comments, or "#if 0 ... #endif". > + doc: /* Terminate current GNU TLS connection for PROCESS. > +The connection should have been initiated using gnutls_handshake(). This should mention `gnutls-handshake' rather than gnutls_handshake(). BTW, for functions whose are meant to be "internal" (e.g. only expected to be used via a wrapper in gnutls.el) you can use a "gnutls--" prefix. This is not a widely used convention in Elisp, but some packages try to use it. > +#define GNUTLS_STAGE_EMPTY 0 > +#define GNUTLS_STAGE_CRED_ALLOC 1 > +#define GNUTLS_STAGE_FILES 2 > +#define GNUTLS_STAGE_INIT 3 > +#define GNUTLS_STAGE_PRIORITY 4 > +#define GNUTLS_STAGE_CRED_SET 5 Please use an enum (and use it for the type of the gnutls_initstage field, of course). > +#define GNUTLS_STAGE_HANDSHAKE_CANDO 5 Why is that the same value as GNUTLS_STAGE_CRED_SET? > +#define GNUTLS_STAGE_HANDSHAKE_DONE 6 > +#define GNUTLS_PROCESS_USABLE(proc) ( GNUTLS_INITSTAGE(proc) >= GNUTLS_STAGE_READY ) No need for spaces after the open and before the close paren. > +#ifdef HAVE_GNUTLS > +/* Defined in gnutls.c */ > +extern void syms_of_gnutls (void); > +#endif Why here rather than in gnutls.h? Also gnutls.c and gnutls.h need a GPL notice at the beginning. See other files for the usual boilerplate. > + /* AKA GNUTLS_INITSTAGE(proc) */ Please finish your comments with a full-stop (and follow it by 2 spaces). > + nbytes = emacs_gnutls_read (channel, XPROCESS (proc)->gnutls_state, chars + carryover + 1, readmax - 1); Don't overflow the 80th column. Stefan From nmav at gnutls.org Mon Sep 13 09:49:30 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Mon, 13 Sep 2010 09:49:30 +0200 Subject: Emacs core TLS support In-Reply-To: <8762ycfhqo.fsf@lifelogs.com> References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> Message-ID: 2010/9/11 Ted Zlatanov : > - no SRP anywhere, just anon and x509 (I'll add SRP if we need it and > ?when the other two are working) > Now I get GNUTLS_E_INSUFFICIENT_CREDENTIALS when I open a x509 > connection to an IMAP TLS server so I think there's still work to do. > The trust file seems to be wrong (see lisp/net/gnutls.el, I tried both > "/etc/ssl/certs/ca-certificates.crt" and "/etc/ssl/certs/ca.pem"). > The GnuTLS examples don't seem to cover the standard situation of > talking to a web server over SSL and possibly accepting an insecure > connection if the server credentials are bad. ?I must have missed > something. ?Could the GnuTLS developers look at my patch and help me > out? I cannot look at the patch but the example you are looking for is: http://www.gnu.org/software/gnutls/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support to do the connection, and this one to verify the certificate: http://www.gnu.org/software/gnutls/manual/html_node/Verifying-peer_0027s-certificate.html#Verifying-peer_0027s-certificate regards, Nikos From nmav at gnutls.org Tue Sep 14 13:56:46 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Tue, 14 Sep 2010 13:56:46 +0200 Subject: gnutls 2.11.1 Message-ID: <4C8F62FE.1020808@gnutls.org> Hello, The GnuTLS 2.11.x branch is NOT what you want for your stable system. It is intended for developers and experienced users. This is major update release that includes features such as PKCS #11 support for cryptographic objects, support for local system thread locks, new message buffering layer, support for nettle library and more. Here are the compressed sources: ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-2.11.1.tar.bz2 ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.11.1.tar.bz2 Here is the OpenPGP signature: ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-2.11.1.tar.bz2.sig ftp://alpha.gnu.org/gnu/gnutls/gnutls-2.11.1.tar.bz2.sig regards, Nikos * Version 2.11.1 (released 2010-09-14) ** libgnutls: Nettle is the default crypto back end. Use --with-libgcrypt to use the libgcrypt back end. ** libgnutls: Depend on nettle 2.1. This makes nettle a fully working backend crypto library. ** libgnutls: Added RSA_NULL_SHA1 and SHA256 ciphersuites. ** libgnutls: Several updates in the buffering internal interface. ** libgnutls: Is now more liberal in the PEM decoding. That is spaces and tabs are being skipped. ** libgnutls: Added support for draft-pechanec-pkcs11uri-02. ** libgnutls: The %COMPAT flag now allows larger records that violate the TLS spec. ** libgnutls: by default lowat level has been set to zero to avoid unnecessary system calls. Applications that depended on it being 1 should explicitly call gnutls_transport_set_lowat(). ** libgnutls: Updated documentation and gnutls_pk_params_t mappings to ECRYPT II recommendations. Mappings were moved to a single location and DSA keys are handled differently (since DSA2 allows for 1024,2048 and 3072 keys only). ** libgnutls: gnutls_x509_privkey_import() will fallback to gnutls_x509_privkey_import_pkcs8() without a password, if it is unable to decode the key. ** libgnutls: HMAC-MD5 no longer used by default. ** API and ABI modifications: gnutls_openpgp_privkey_sec_param: ADDED gnutls_x509_privkey_sec_param: ADDED From tzz at lifelogs.com Tue Sep 14 17:45:05 2010 From: tzz at lifelogs.com (Ted Zlatanov) Date: Tue, 14 Sep 2010 10:45:05 -0500 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <871v90fhp0.fsf@lifelogs.com> Message-ID: <87lj74cose.fsf@lifelogs.com> On Sun, 12 Sep 2010 12:58:47 +0200 Stefan Monnier wrote: SM> Place a space *before* the open-paren and around infix operators. ... SM> Put the comment-close at the end of the previous line. ... SM> We use /*..*/ comments, or "#if 0 ... #endif". ... SM> This should mention `gnutls-handshake' rather than gnutls_handshake(). ... SM> Please use an enum (and use it for the type of the gnutls_initstage SM> field, of course). ... SM> No need for spaces after the open and before the close paren. ... SM> Please finish your comments with a full-stop (and follow it by 2 spaces). ... SM> Don't overflow the 80th column. All done. Some were oversights, some my stupidity... Sorry for the annoyance. SM> BTW, for functions whose are meant to be "internal" (e.g. only expected SM> to be used via a wrapper in gnutls.el) you can use a "gnutls--" prefix. SM> This is not a widely used convention in Elisp, but some packages try to SM> use it. >> +#define GNUTLS_STAGE_CRED_SET 5 >> +#define GNUTLS_STAGE_HANDSHAKE_CANDO 5 SM> Why is that the same value as GNUTLS_STAGE_CRED_SET? Because you can't handshake before credentials are set. I think that's the best way to express it (rather than a GNUTLS_CAN_HANDSHAKE macro or some such). >> +#ifdef HAVE_GNUTLS >> +/* Defined in gnutls.c */ >> +extern void syms_of_gnutls (void); >> +#endif SM> Why here rather than in gnutls.h? ... SM> Also gnutls.c and gnutls.h need a GPL notice at the beginning. SM> See other files for the usual boilerplate. Fixed. That also removed lisp.h from the patch. I also added a convenience gnutls-error-string function so users can interpret GnuTLS errors. Almost ready for the trunk commit, just need to get the handshake working (I keep getting E_AGAIN). Ted -------------- next part -------------- A non-text attachment was scrubbed... Name: tls.patch Type: text/x-diff Size: 29544 bytes Desc: not available URL: From tzz at lifelogs.com Tue Sep 14 20:30:47 2010 From: tzz at lifelogs.com (Ted Zlatanov) Date: Tue, 14 Sep 2010 13:30:47 -0500 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> Message-ID: <8739tcch48.fsf@lifelogs.com> On Mon, 13 Sep 2010 09:49:30 +0200 Nikos Mavrogiannopoulos wrote: NM> 2010/9/11 Ted Zlatanov : >> - no SRP anywhere, just anon and x509 (I'll add SRP if we need it and >> ?when the other two are working) >> Now I get GNUTLS_E_INSUFFICIENT_CREDENTIALS when I open a x509 >> connection to an IMAP TLS server so I think there's still work to do. >> The trust file seems to be wrong (see lisp/net/gnutls.el, I tried both >> "/etc/ssl/certs/ca-certificates.crt" and "/etc/ssl/certs/ca.pem"). >> The GnuTLS examples don't seem to cover the standard situation of >> talking to a web server over SSL and possibly accepting an insecure >> connection if the server credentials are bad. ?I must have missed >> something. ?Could the GnuTLS developers look at my patch and help me >> out? NM> I cannot look at the patch but the example you are looking for is: NM> http://www.gnu.org/software/gnutls/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support NM> to do the connection, and this one to verify the certificate: NM> http://www.gnu.org/software/gnutls/manual/html_node/Verifying-peer_0027s-certificate.html#Verifying-peer_0027s-certificate What ca.pem should I use? There's one in GnuTLS and one in /etc/ssl/certs/ca.pem on my Ubuntu system. It should Just Work so it may make sense to ship ca.pem with Emacs. WDYT? The simple client code is implemented in my current patch. Without verifying anything I keep getting GNUTLS_E_AGAIN when I try to handshake against an SSL server. See gnutls-boot, the control flow is really simple and I think correct. What am I missing? Thanks! Ted From nmav at gnutls.org Tue Sep 14 20:55:51 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Tue, 14 Sep 2010 20:55:51 +0200 Subject: Emacs core TLS support In-Reply-To: <8739tcch48.fsf@lifelogs.com> References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <8739tcch48.fsf@lifelogs.com> Message-ID: <4C8FC537.2020207@gnutls.org> On 09/14/2010 08:30 PM, Ted Zlatanov wrote: > On Mon, 13 Sep 2010 09:49:30 +0200 Nikos Mavrogiannopoulos wrote: > > NM> 2010/9/11 Ted Zlatanov : >>> - no SRP anywhere, just anon and x509 (I'll add SRP if we need it and >>> when the other two are working) >>> Now I get GNUTLS_E_INSUFFICIENT_CREDENTIALS when I open a x509 >>> connection to an IMAP TLS server so I think there's still work to do. >>> The trust file seems to be wrong (see lisp/net/gnutls.el, I tried both >>> "/etc/ssl/certs/ca-certificates.crt" and "/etc/ssl/certs/ca.pem"). >>> The GnuTLS examples don't seem to cover the standard situation of >>> talking to a web server over SSL and possibly accepting an insecure >>> connection if the server credentials are bad. I must have missed >>> something. Could the GnuTLS developers look at my patch and help me >>> out? > NM> I cannot look at the patch but the example you are looking for is: > NM> http://www.gnu.org/software/gnutls/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support > NM> to do the connection, and this one to verify the certificate: > NM> http://www.gnu.org/software/gnutls/manual/html_node/Verifying-peer_0027s-certificate.html#Verifying-peer_0027s-certificate > > What ca.pem should I use? There's one in GnuTLS and one in > /etc/ssl/certs/ca.pem on my Ubuntu system. It should Just Work so it > may make sense to ship ca.pem with Emacs. WDYT? This is local policy, I don't think that it has to be shipped with emacs. Just give the option of someone specifying it. > The simple client code is implemented in my current patch. Without > verifying anything I keep getting GNUTLS_E_AGAIN when I try to handshake > against an SSL server. See gnutls-boot, the control flow is really > simple and I think correct. What am I missing? GNUTLS_E_AGAIN is returned only if the transport layer function (recv/send) return -1 and EAGAIN. Usually this is normal behavior and is enough to loop around them. Do you use non-blocking IO? regards, Nikos From arfrever.fta at gmail.com Tue Sep 14 23:05:40 2010 From: arfrever.fta at gmail.com (Arfrever Frehtes Taifersar Arahesis) Date: Tue, 14 Sep 2010 23:05:40 +0200 Subject: gnutls 2.11.1 In-Reply-To: <4C8F62FE.1020808@gnutls.org> References: <4C8F62FE.1020808@gnutls.org> Message-ID: <201009142306.18647.Arfrever.FTA@gmail.com> When GnuTLS 2.11.1 has been built with support for Nettle, then 1 test fails: Making check in tests make[2]: Entering directory `/var/tmp/portage/net-libs/gnutls-2.11.1/work/gnutls-2.11.1/guile/tests' make check-TESTS make[3]: Entering directory `/var/tmp/portage/net-libs/gnutls-2.11.1/work/gnutls-2.11.1/guile/tests' PASS: anonymous-auth.scm PASS: session-record-port.scm PASS: pkcs-import-export.scm PASS: errors.scm PASS: x509-certificates.scm PASS: x509-auth.scm PASS: openpgp-keys.scm PASS: openpgp-keyring.scm /bin/sh: line 5: 23938 Segmentation fault GUILE_AUTO_COMPILE=0 ../../guile/pre-inst-guile -L . ${dir}$tst FAIL: openpgp-auth.scm PASS: srp-base64.scm =================================== 1 of 10 tests failed Please report to bug-gnutls at gnu.org =================================== make[3]: *** [check-TESTS] Error 1 make[3]: Leaving directory `/var/tmp/portage/net-libs/gnutls-2.11.1/work/gnutls-2.11.1/guile/tests' make[2]: *** [check-am] Error 2 make[2]: Leaving directory `/var/tmp/portage/net-libs/gnutls-2.11.1/work/gnutls-2.11.1/guile/tests' make[1]: *** [check-recursive] Error 1 make[1]: Leaving directory `/var/tmp/portage/net-libs/gnutls-2.11.1/work/gnutls-2.11.1/guile' make: *** [check-recursive] Error 1 emake failed This problem doesn't occur when GnuTLS 2.11.1 has been built with support for libgcrypt. -- Arfrever Frehtes Taifersar Arahesis -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 836 bytes Desc: This is a digitally signed message part. URL: From nmav at gnutls.org Wed Sep 15 08:06:30 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 15 Sep 2010 08:06:30 +0200 Subject: gnutls 2.11.1 In-Reply-To: <201009142306.18647.Arfrever.FTA@gmail.com> References: <4C8F62FE.1020808@gnutls.org> <201009142306.18647.Arfrever.FTA@gmail.com> Message-ID: <4C906266.2050601@gnutls.org> On 09/14/2010 11:05 PM, Arfrever Frehtes Taifersar Arahesis wrote: > When GnuTLS 2.11.1 has been built with support for Nettle, then 1 test fails: > PASS: openpgp-keyring.scm > /bin/sh: line 5: 23938 Segmentation fault GUILE_AUTO_COMPILE=0 ../../guile/pre-inst-guile -L . ${dir}$tst > FAIL: openpgp-auth.scm [...] > This problem doesn't occur when GnuTLS 2.11.1 has been built with support for libgcrypt. Hello, I don't use the guile bindings and didn't notice. Ludovic could you help pinpoint what could be the problem there? regards, Nikos From ludo at gnu.org Wed Sep 15 11:59:00 2010 From: ludo at gnu.org (Ludovic =?iso-8859-1?Q?Court=E8s?=) Date: Wed, 15 Sep 2010 11:59:00 +0200 Subject: gnutls 2.11.1 In-Reply-To: <4C906266.2050601@gnutls.org> (Nikos Mavrogiannopoulos's message of "Wed, 15 Sep 2010 08:06:30 +0200") References: <4C8F62FE.1020808@gnutls.org> <201009142306.18647.Arfrever.FTA@gmail.com> <4C906266.2050601@gnutls.org> Message-ID: <878w33iazf.fsf@gnu.org> Hi, Nikos Mavrogiannopoulos writes: > On 09/14/2010 11:05 PM, Arfrever Frehtes Taifersar Arahesis wrote: >> When GnuTLS 2.11.1 has been built with support for Nettle, then 1 test fails: >> PASS: openpgp-keyring.scm >> /bin/sh: line 5: 23938 Segmentation fault GUILE_AUTO_COMPILE=0 ../../guile/pre-inst-guile -L . ${dir}$tst >> FAIL: openpgp-auth.scm > [...] >> This problem doesn't occur when GnuTLS 2.11.1 has been built with support for libgcrypt. > > Hello, > I don't use the guile bindings and didn't notice. Ludovic could you > help pinpoint what could be the problem there? Sure. Arfrever: what version of Guile did you use? On which platform? Can you provide a backtrace of the Guile segfault? You can set ?ulimit -c unlimited? (or similar) and then run gdb on the core file. Thanks, Ludo?. From tzz at lifelogs.com Wed Sep 15 13:01:27 2010 From: tzz at lifelogs.com (Ted Zlatanov) Date: Wed, 15 Sep 2010 06:01:27 -0500 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> Message-ID: <87d3sf9soo.fsf@lifelogs.com> On Mon, 13 Sep 2010 09:49:30 +0200 Nikos Mavrogiannopoulos wrote: NM> I cannot look at the patch but the example you are looking for is: NM> http://www.gnu.org/software/gnutls/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support NM> to do the connection, and this one to verify the certificate: NM> http://www.gnu.org/software/gnutls/manual/html_node/Verifying-peer_0027s-certificate.html#Verifying-peer_0027s-certificate Thanks for your help. I am still a little lost though :) Can you give a specific command line that would start gnutls-serv so the simple client (ex-client2.c) you reference will connect to it? If that's not possible, is there a way to augment ex-client2.c so it connects to an invocation of gnutls-serv without building all the gnutls-cli (cli.c, etc.) infrastructure? I can do a test connection with gnutls-cli but that's a much more complicated program and I'm trying to get the simple connection working, even without verification. If I can get the bare minimum SSL and TLS working I can drop the patch into Emacs and get more eyes on it. I'm tempted to do so now so I can stop sending this patch out :) It would be wonderful, incidentally, if there was a way to configure all the file options with a single string, similar to the priority string, and just get back a session. A config file would also work if a single string is too hard to parse. I don't see any options that couldn't work like this and it would make setting up a GnuTLS connection much easier. On Tue, 14 Sep 2010 20:55:51 +0200 Nikos Mavrogiannopoulos wrote: NM> GNUTLS_E_AGAIN is returned only if the transport layer function NM> (recv/send) return -1 and EAGAIN. Usually this is normal behavior and is NM> enough to loop around them. Do you use non-blocking IO? Ah, thanks for the hint. All the GnuTLS source code (e.g. the do_handshake() function in cli.c) keeps looping forever as long as GNUTLS_E_AGAIN is returned. That seems dangerous regardless of the underlying mechanism because we don't want to lock up Emacs waiting for a connection, but OTOH there's no other way to know if the handshake is done. I limited it to 25000 times (used to be 25) in my patch. Is that a reasonable limit? Should I base it on time elapsed? With a limit of 25K and by checking `gnutls-error-fatalp' which calls `gnutls_error_is_fatal', the handshake succeeds after 1250 tries against a remote SSL server. So now against that server I get: -24 (Decryption has failed.) and against "gnutls-serv --priority NORMAL --http" I get -12 (A TLS fatal alert has been received.) (the server side says "Error in handshake Error: Could not negotiate a supported cipher suite.") which is a lot better: at least the handshake is no longer the problem and it tells us the transport FDs are set correctly. So we can progress to figuring out the bare minimum I mentioned above. Latest patch attached, as usual. Thanks again... Ted -------------- next part -------------- A non-text attachment was scrubbed... Name: tls.patch Type: text/x-diff Size: 30665 bytes Desc: not available URL: From nmav at gnutls.org Wed Sep 15 14:13:57 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Wed, 15 Sep 2010 14:13:57 +0200 Subject: Emacs core TLS support In-Reply-To: <87d3sf9soo.fsf@lifelogs.com> References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <87d3sf9soo.fsf@lifelogs.com> Message-ID: 2010/9/15 Ted Zlatanov : > NM> I cannot look at the patch but the example you are looking for is: > NM> http://www.gnu.org/software/gnutls/manual/html_node/Simple-client-example-with-X_002e509-certificate-support.html#Simple-client-example-with-X_002e509-certificate-support > NM> to do the connection, and this one to verify the certificate: > NM> http://www.gnu.org/software/gnutls/manual/html_node/Verifying-peer_0027s-certificate.html#Verifying-peer_0027s-certificate > Thanks for your help. ?I am still a little lost though :) > > Can you give a specific command line that would start gnutls-serv so the > simple client (ex-client2.c) you reference will connect to it? ?If > that's not possible, is there a way to augment ex-client2.c so it > connects to an invocation of gnutls-serv without building all the > gnutls-cli (cli.c, etc.) infrastructure? Use/check the gnutls-http-serv script in doc/credentials. It sets up a server with a certificate, ready for testing. If the server doesn't have a certificate it wouldn't be able to fully operate. > NM> GNUTLS_E_AGAIN is returned only if the transport layer function > NM> (recv/send) return -1 and EAGAIN. Usually this is normal behavior and is > NM> enough to loop around them. Do you use non-blocking IO? > Ah, thanks for the hint. ?All the GnuTLS source code (e.g. the > do_handshake() function in cli.c) keeps looping forever as long as > GNUTLS_E_AGAIN is returned. ?That seems dangerous regardless of the > underlying mechanism because we don't want to lock up Emacs waiting for > a connection, but OTOH there's no other way to know if the handshake is > done. ?I limited it to 25000 times (used to be 25) in my patch. ?Is that > a reasonable limit? ?Should I base it on time elapsed? > With a limit of 25K and by checking `gnutls-error-fatalp' which calls > `gnutls_error_is_fatal', the handshake succeeds after 1250 tries against > a remote SSL server. So now against that server I get: Maybe a time limit would be more reasonable, but it depends on the context. Why would you use non-blocking IO in that case? regards, Nikos From joe at x2a.org Fri Sep 17 05:32:05 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Thu, 16 Sep 2010 23:32:05 -0400 Subject: [PATCH 1/2] Add gnutls_assert_val idiom. Message-ID: <1284694326-12630-1-git-send-email-joe@x2a.org> This warrants being made in an inline function or macro since it is used throughout the code. This converts 4 line repetitive blocks into 1 line. Signed-off-by: Jonathan Bastien-Filiatrault --- lib/gnutls_errors.h | 17 +++++++++++++++++ 1 files changed, 17 insertions(+), 0 deletions(-) diff --git a/lib/gnutls_errors.h b/lib/gnutls_errors.h index 8bc0c6f..7ed3da9 100644 --- a/lib/gnutls_errors.h +++ b/lib/gnutls_errors.h @@ -83,4 +83,21 @@ _gnutls_log (int, const char *fmt, ...) #endif /* C99_MACROS */ +/* GCC won't inline this by itself and results in a "fatal warning" + otherwise. Making this a macro has been tried, but it interacts + badly with the do..while in the expansion. Welcome to the dark + side. */ +static inline +#ifdef __GNUC__ + __attribute__ ((always_inline)) +#endif +int +gnutls_assert_val_int (int val, const char* file, int line) +{ + _gnutls_debug_log( "ASSERT: %s:%d\n", file, line); + return val; +} + +#define gnutls_assert_val(x) gnutls_assert_val_int(x, __FILE__, __LINE__) + #endif /* GNUTLS_ERRORS_H */ -- 1.7.1 From joe at x2a.org Fri Sep 17 05:32:06 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Thu, 16 Sep 2010 23:32:06 -0400 Subject: [PATCH 2/2] Explicit symmetric cipher state versionning. In-Reply-To: <1284694326-12630-1-git-send-email-joe@x2a.org> References: <1284694326-12630-1-git-send-email-joe@x2a.org> Message-ID: <1284694326-12630-2-git-send-email-joe@x2a.org> This introduces the concept of a "cipher epoch". The epoch number is the number of successful handshakes and is incremented by one each time. This concept is native to DTLS and this patch makes the symmetric cipher state explicit for TLS in preparation for DTLS. This concept was implicit in plain TLS and ChangeCipherSpec messages triggered a "pending state copy". Now, we the current epoch number is simply incremented to the parameters negotiated by the handshake. The main side effects of this patch is a slightly more abstract internal API and, in some cases, simpler code. The session blob format is also changed a bit since this patch avoids storing information that is now redundant. If this breaks library users' expectations, this side effect can be negated. The cipher_specs structure has been removed. The conn_state has become record_state_st. Only symmetric cipher information is versioned. Things such as key exchange algorithm and the master secret are not versioned and their handling is unchanged. I have tested this patch as much as I could. It introduces no test suite regressions on my x64 Debian GNU/Linux system. Do not hesitate to point out shortcomings or suggest changes. Since this is a big diff, I am expecting this to be an iterative process. Signed-off-by: Jonathan Bastien-Filiatrault --- lib/ext_session_ticket.c | 54 +-- lib/gnutls_alert.c | 2 +- lib/gnutls_buffers.c | 1 + lib/gnutls_cipher.c | 78 ++-- lib/gnutls_cipher.h | 10 +- lib/gnutls_compress.c | 11 +- lib/gnutls_compress.h | 6 +- lib/gnutls_constate.c | 970 +++++++++++++++++++-------------------------- lib/gnutls_constate.h | 32 +- lib/gnutls_handshake.c | 38 ++- lib/gnutls_int.h | 84 +++-- lib/gnutls_num.h | 2 +- lib/gnutls_record.c | 74 +++- lib/gnutls_record.h | 2 +- lib/gnutls_session_pack.c | 30 +- lib/gnutls_state.c | 71 ++-- libextra/gnutls_ia.c | 2 +- 17 files changed, 676 insertions(+), 791 deletions(-) diff --git a/lib/ext_session_ticket.c b/lib/ext_session_ticket.c index 69e4ee9..4c02518 100644 --- a/lib/ext_session_ticket.c +++ b/lib/ext_session_ticket.c @@ -34,6 +34,7 @@ #include #include #include +#include #ifdef ENABLE_SESSION_TICKET @@ -579,30 +580,6 @@ gnutls_session_ticket_enable_server (gnutls_session_t session, return 0; } -#define SAVE_WRITE_SECURITY_PARAMETERS \ - do \ - { \ - write_bulk_cipher_algorithm = \ - session->security_parameters.write_bulk_cipher_algorithm; \ - write_mac_algorithm = \ - session->security_parameters.write_mac_algorithm; \ - write_compression_algorithm = \ - session->security_parameters.write_compression_algorithm; \ - } \ - while (0) - -#define RESTORE_WRITE_SECURITY_PARAMETERS \ - do \ - { \ - session->security_parameters.write_bulk_cipher_algorithm = \ - write_bulk_cipher_algorithm; \ - session->security_parameters.write_mac_algorithm = \ - write_mac_algorithm; \ - session->security_parameters.write_compression_algorithm = \ - write_compression_algorithm; \ - } \ - while (0) - int _gnutls_send_new_session_ticket (gnutls_session_t session, int again) { @@ -612,11 +589,9 @@ _gnutls_send_new_session_ticket (gnutls_session_t session, int again) int ret; struct ticket ticket; uint16_t ticket_len; - gnutls_cipher_algorithm_t write_bulk_cipher_algorithm; - gnutls_mac_algorithm_t write_mac_algorithm; - gnutls_compression_method_t write_compression_algorithm; session_ticket_ext_st* priv=NULL; extension_priv_data_t epriv; + uint16_t epoch_saved = session->security_parameters.epoch_write; if (again == 0) { @@ -632,28 +607,17 @@ _gnutls_send_new_session_ticket (gnutls_session_t session, int again) _gnutls_write_connection_state_init() does this job, but it also triggers encryption, while NewSessionTicket should not be encrypted in the record layer. */ - SAVE_WRITE_SECURITY_PARAMETERS; - ret = _gnutls_set_write_cipher (session, - _gnutls_cipher_suite_get_cipher_algo - (&session-> - security_parameters.current_cipher_suite)); + ret = _gnutls_epoch_set_keys (session, session->security_parameters.epoch_next); if (ret < 0) - return ret; + { + gnutls_assert (); + return ret; + } - ret = _gnutls_set_write_mac (session, - _gnutls_cipher_suite_get_mac_algo - (&session-> - security_parameters.current_cipher_suite)); - if (ret < 0) - return ret; - ret = _gnutls_set_write_compression (session, - session-> - internals.compression_method); - if (ret < 0) - return ret; + session->security_parameters.epoch_write = session->security_parameters.epoch_next; ret = encrypt_ticket (session, priv, &ticket); - RESTORE_WRITE_SECURITY_PARAMETERS; + session->security_parameters.epoch_write = epoch_saved; if (ret < 0) { gnutls_assert (); diff --git a/lib/gnutls_alert.c b/lib/gnutls_alert.c index 170ca7e..c376fd5 100644 --- a/lib/gnutls_alert.c +++ b/lib/gnutls_alert.c @@ -133,7 +133,7 @@ gnutls_alert_send (gnutls_session_t session, gnutls_alert_level_t level, _gnutls_record_log ("REC: Sending Alert[%d|%d] - %s\n", data[0], data[1], name); - if ((ret = _gnutls_send_int (session, GNUTLS_ALERT, -1, data, 2, MBUFFER_FLUSH)) >= 0) + if ((ret = _gnutls_send_int (session, GNUTLS_ALERT, -1, EPOCH_WRITE_CURRENT, data, 2, MBUFFER_FLUSH)) >= 0) return 0; else return ret; diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c index be84e90..1964c72 100644 --- a/lib/gnutls_buffers.c +++ b/lib/gnutls_buffers.c @@ -753,6 +753,7 @@ _gnutls_handshake_io_write_flush (gnutls_session_t session) { ret = _gnutls_send_int (session, GNUTLS_HANDSHAKE, session->internals.handshake_send_buffer_htype, + EPOCH_WRITE_CURRENT, msg.data, msg.size, 0/* do not flush */); if (ret >= 0) diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index 5e327e2..bf73ab7 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -45,8 +45,10 @@ inline static int is_write_comp_null (gnutls_session_t session) { - if (session->security_parameters.write_compression_algorithm == - GNUTLS_COMP_NULL) + record_parameters_st *record_params; + + _gnutls_epoch_get (session, EPOCH_WRITE_CURRENT, &record_params); + if (record_params->compression_algorithm == GNUTLS_COMP_NULL) return 0; return 1; @@ -55,8 +57,10 @@ is_write_comp_null (gnutls_session_t session) inline static int is_read_comp_null (gnutls_session_t session) { - if (session->security_parameters.read_compression_algorithm == - GNUTLS_COMP_NULL) + record_parameters_st *record_params; + + _gnutls_epoch_get (session, EPOCH_READ_CURRENT, &record_params); + if (record_params->compression_algorithm == GNUTLS_COMP_NULL) return 0; return 1; @@ -72,7 +76,8 @@ int _gnutls_encrypt (gnutls_session_t session, const opaque * headers, size_t headers_size, const opaque * data, size_t data_size, opaque * ciphertext, - size_t ciphertext_size, content_type_t type, int random_pad) + size_t ciphertext_size, content_type_t type, int random_pad, + record_parameters_st *params) { gnutls_datum_t plain; gnutls_datum_t comp; @@ -92,7 +97,7 @@ _gnutls_encrypt (gnutls_session_t session, const opaque * headers, /* Here comp is allocated and must be * freed. */ - ret = _gnutls_m_plaintext2compressed (session, &comp, &plain); + ret = _gnutls_m_plaintext2compressed (session, &comp, &plain, params); if (ret < 0) { gnutls_assert (); @@ -102,7 +107,7 @@ _gnutls_encrypt (gnutls_session_t session, const opaque * headers, ret = _gnutls_compressed2ciphertext (session, &ciphertext[headers_size], ciphertext_size - headers_size, - comp, type, random_pad); + comp, type, random_pad, params); if (free_comp) _gnutls_free_datum (&comp); @@ -127,7 +132,8 @@ _gnutls_encrypt (gnutls_session_t session, const opaque * headers, int _gnutls_decrypt (gnutls_session_t session, opaque * ciphertext, size_t ciphertext_size, uint8_t * data, - size_t max_data_size, content_type_t type) + size_t max_data_size, content_type_t type, + record_parameters_st *params) { gnutls_datum_t gtxt; gnutls_datum_t gcipher; @@ -141,7 +147,7 @@ _gnutls_decrypt (gnutls_session_t session, opaque * ciphertext, ret = _gnutls_ciphertext2compressed (session, data, max_data_size, - gcipher, type); + gcipher, type, params); if (ret < 0) { return ret; @@ -161,7 +167,7 @@ _gnutls_decrypt (gnutls_session_t session, opaque * ciphertext, gcomp.data = data; gcomp.size = ret; - ret = _gnutls_m_compressed2plaintext (session, >xt, &gcomp); + ret = _gnutls_m_compressed2plaintext (session, >xt, &gcomp, params); if (ret < 0) { return ret; @@ -335,7 +341,8 @@ int _gnutls_compressed2ciphertext (gnutls_session_t session, opaque * cipher_data, int cipher_size, gnutls_datum_t compressed, - content_type_t _type, int random_pad) + content_type_t _type, int random_pad, + record_parameters_st *params) { uint8_t MAC[MAX_HASH_SIZE]; uint16_t c_length; @@ -345,14 +352,11 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, opaque preamble[PREAMBLE_SIZE]; int preamble_size; int hash_size = - _gnutls_hash_get_algo_len (session-> - security_parameters.write_mac_algorithm); + _gnutls_hash_get_algo_len (params->mac_algorithm); int blocksize = - gnutls_cipher_get_block_size (session-> - security_parameters.write_bulk_cipher_algorithm); + gnutls_cipher_get_block_size (params->cipher_algorithm); cipher_type_t block_algo = - _gnutls_cipher_is_block (session-> - security_parameters.write_bulk_cipher_algorithm); + _gnutls_cipher_is_block (params->cipher_algorithm); opaque *data_ptr; int ver = gnutls_protocol_get_version (session); @@ -361,13 +365,13 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, c_length = _gnutls_conv_uint16 (compressed.size); - if (session->security_parameters.write_mac_algorithm != GNUTLS_MAC_NULL) + if (params->mac_algorithm != GNUTLS_MAC_NULL) { /* actually when the algorithm in not the NULL one */ digest_hd_st td; - ret = mac_init (&td, session->security_parameters.write_mac_algorithm, - session->connection_state.write_mac_secret.data, - session->connection_state.write_mac_secret.size, ver); + ret = mac_init (&td, params->mac_algorithm, + params->write.mac_secret.data, + params->write.mac_secret.size, ver); if (ret < 0) { @@ -376,7 +380,7 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, } preamble_size = make_preamble (UINT64DATA - (session->connection_state.write_sequence_number), + (params->write.sequence_number), type, c_length, ver, preamble); mac_hash (&td, preamble, preamble_size, ver); mac_hash (&td, compressed.data, compressed.size, ver); @@ -436,7 +440,7 @@ _gnutls_compressed2ciphertext (gnutls_session_t session, /* Actual encryption (inplace). */ ret = - _gnutls_cipher_encrypt (&session->connection_state.write_cipher_state, + _gnutls_cipher_encrypt (¶ms->write.cipher_state, cipher_data, length); if (ret < 0) { @@ -455,7 +459,8 @@ int _gnutls_ciphertext2compressed (gnutls_session_t session, opaque * compress_data, int compress_size, - gnutls_datum_t ciphertext, uint8_t type) + gnutls_datum_t ciphertext, uint8_t type, + record_parameters_st *params) { uint8_t MAC[MAX_HASH_SIZE]; uint16_t c_length; @@ -467,23 +472,19 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, int preamble_size; int ver = gnutls_protocol_get_version (session); int hash_size = - _gnutls_hash_get_algo_len (session-> - security_parameters.read_mac_algorithm); + _gnutls_hash_get_algo_len (params->mac_algorithm); blocksize = - gnutls_cipher_get_block_size (session-> - security_parameters.read_bulk_cipher_algorithm); + gnutls_cipher_get_block_size (params->cipher_algorithm); /* actual decryption (inplace) */ - switch (_gnutls_cipher_is_block - (session->security_parameters.read_bulk_cipher_algorithm)) + switch (_gnutls_cipher_is_block (params->cipher_algorithm)) { case CIPHER_STREAM: if ((ret = - _gnutls_cipher_decrypt (&session-> - connection_state.read_cipher_state, + _gnutls_cipher_decrypt (¶ms->read.cipher_state, ciphertext.data, ciphertext.size)) < 0) { gnutls_assert (); @@ -501,8 +502,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, } if ((ret = - _gnutls_cipher_decrypt (&session-> - connection_state.read_cipher_state, + _gnutls_cipher_decrypt (¶ms->read.cipher_state, ciphertext.data, ciphertext.size)) < 0) { gnutls_assert (); @@ -562,13 +562,13 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, /* Pass the type, version, length and compressed through * MAC. */ - if (session->security_parameters.read_mac_algorithm != GNUTLS_MAC_NULL) + if (params->mac_algorithm != GNUTLS_MAC_NULL) { digest_hd_st td; - ret = mac_init (&td, session->security_parameters.read_mac_algorithm, - session->connection_state.read_mac_secret.data, - session->connection_state.read_mac_secret.size, ver); + ret = mac_init (&td, params->mac_algorithm, + params->read.mac_secret.data, + params->read.mac_secret.size, ver); if (ret < 0) { @@ -578,7 +578,7 @@ _gnutls_ciphertext2compressed (gnutls_session_t session, preamble_size = make_preamble (UINT64DATA - (session->connection_state.read_sequence_number), type, + (params->read.sequence_number), type, c_length, ver, preamble); mac_hash (&td, preamble, preamble_size, ver); if (length > 0) diff --git a/lib/gnutls_cipher.h b/lib/gnutls_cipher.h index d2265b3..75a5aa4 100644 --- a/lib/gnutls_cipher.h +++ b/lib/gnutls_cipher.h @@ -27,16 +27,18 @@ int _gnutls_encrypt (gnutls_session_t session, const opaque * headers, size_t headers_size, const opaque * data, size_t data_size, opaque * ciphertext, size_t ciphertext_size, content_type_t type, - int random_pad); + int random_pad, record_parameters_st *params); int _gnutls_decrypt (gnutls_session_t session, opaque * ciphertext, size_t ciphertext_size, uint8_t * data, size_t data_size, - content_type_t type); + content_type_t type, record_parameters_st *params); int _gnutls_compressed2ciphertext (gnutls_session_t session, opaque * cipher_data, int cipher_size, gnutls_datum_t compressed, - content_type_t _type, int random_pad); + content_type_t _type, int random_pad, + record_parameters_st *params); int _gnutls_ciphertext2compressed (gnutls_session_t session, opaque * compress_data, int compress_size, - gnutls_datum_t ciphertext, uint8_t type); + gnutls_datum_t ciphertext, uint8_t type, + record_parameters_st *params); diff --git a/lib/gnutls_compress.c b/lib/gnutls_compress.c index 0a49df1..4efa0f1 100644 --- a/lib/gnutls_compress.c +++ b/lib/gnutls_compress.c @@ -30,6 +30,7 @@ #include "gnutls_int.h" #include "gnutls_compress.h" #include "gnutls_errors.h" +#include "gnutls_constate.h" #include #include @@ -38,13 +39,14 @@ int _gnutls_m_plaintext2compressed (gnutls_session_t session, gnutls_datum_t * compressed, - const gnutls_datum_t * plaintext) + const gnutls_datum_t * plaintext, + const record_parameters_st *params) { int size; opaque *data; size = - _gnutls_compress (session->connection_state.write_compression_state, + _gnutls_compress (params->write.compression_state, plaintext->data, plaintext->size, &data, MAX_RECORD_SEND_SIZE + EXTRA_COMP_SIZE); if (size < 0) @@ -61,13 +63,14 @@ _gnutls_m_plaintext2compressed (gnutls_session_t session, int _gnutls_m_compressed2plaintext (gnutls_session_t session, gnutls_datum_t * plain, - const gnutls_datum_t * compressed) + const gnutls_datum_t * compressed, + const record_parameters_st *params) { int size; opaque *data; size = - _gnutls_decompress (session->connection_state.read_compression_state, + _gnutls_decompress (params->read.compression_state, compressed->data, compressed->size, &data, MAX_RECORD_RECV_SIZE); if (size < 0) diff --git a/lib/gnutls_compress.h b/lib/gnutls_compress.h index 273c8fe..93b2786 100644 --- a/lib/gnutls_compress.h +++ b/lib/gnutls_compress.h @@ -27,10 +27,12 @@ int _gnutls_m_plaintext2compressed (gnutls_session_t session, gnutls_datum_t * compressed, - const gnutls_datum_t * plaintext); + const gnutls_datum_t * plaintext, + const record_parameters_st *params); int _gnutls_m_compressed2plaintext (gnutls_session_t session, gnutls_datum_t * plain, - const gnutls_datum_t * compressed); + const gnutls_datum_t * compressed, + const record_parameters_st *params); /* Algorithm handling. */ int _gnutls_supported_compression_methods (gnutls_session_t session, diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c index b91abc4..9fa0665 100644 --- a/lib/gnutls_constate.c +++ b/lib/gnutls_constate.c @@ -36,6 +36,7 @@ #include #include #include +#include static const char keyexp[] = "key expansion"; static const int keyexp_length = sizeof (keyexp) - 1; @@ -57,7 +58,7 @@ static const int servwrite_length = sizeof (servwrite) - 1; * (session->cipher_specs) */ static int -_gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, +_gnutls_set_keys (gnutls_session_t session, record_parameters_st *params, int hash_size, int IV_size, int key_size, int export_flag) { /* FIXME: This function is too long @@ -70,15 +71,10 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, /* avoid using malloc */ opaque key_block[2 * MAX_HASH_SIZE + 2 * MAX_CIPHER_KEY_SIZE + 2 * MAX_CIPHER_BLOCK_SIZE]; + record_state_st *client_write, *server_write; - if (session->cipher_specs.generated_keys != 0) - { - /* keys have already been generated. - * reset generated_keys and exit normally. - */ - session->cipher_specs.generated_keys = 0; - return 0; - } + client_write = session->security_parameters.entity == GNUTLS_CLIENT ? ¶ms->write : ¶ms->read; + server_write = session->security_parameters.entity == GNUTLS_SERVER ? ¶ms->write : ¶ms->read; block_size = 2 * hash_size + 2 * key_size; if (export_flag == 0) @@ -110,42 +106,28 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, } if (ret < 0) - { - gnutls_assert (); - return ret; - } + return gnutls_assert_val (ret); _gnutls_hard_log ("INT: KEY BLOCK[%d]: %s\n", block_size, _gnutls_bin2hex (key_block, block_size, buf, sizeof (buf), NULL)); - _gnutls_free_datum (&session->cipher_specs.server_write_mac_secret); - _gnutls_free_datum (&session->cipher_specs.client_write_mac_secret); - _gnutls_free_datum (&session->cipher_specs.server_write_IV); - _gnutls_free_datum (&session->cipher_specs.client_write_IV); - _gnutls_free_datum (&session->cipher_specs.server_write_key); - _gnutls_free_datum (&session->cipher_specs.client_write_key); - pos = 0; if (hash_size > 0) { if (_gnutls_sset_datum - (&session->cipher_specs.client_write_mac_secret, + (&client_write->mac_secret, &key_block[pos], hash_size) < 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR); + pos += hash_size; if (_gnutls_sset_datum - (&session->cipher_specs.server_write_mac_secret, + (&server_write->mac_secret, &key_block[pos], hash_size) < 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR); + pos += hash_size; } @@ -197,10 +179,7 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, } if (ret < 0) - { - gnutls_assert (); - return ret; - } + return gnutls_assert_val (ret); client_write_key_size = EXPORT_FINAL_KEY_SIZE; pos += key_size; @@ -223,22 +202,17 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, } if (ret < 0) - { - gnutls_assert (); - return ret; - } + return gnutls_assert_val (ret); server_write_key_size = EXPORT_FINAL_KEY_SIZE; pos += key_size; } if (_gnutls_sset_datum - (&session->cipher_specs.client_write_key, + (&client_write->key, client_write_key, client_write_key_size) < 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR); + _gnutls_hard_log ("INT: CLIENT WRITE KEY [%d]: %s\n", client_write_key_size, _gnutls_bin2hex (client_write_key, @@ -246,12 +220,9 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, sizeof (buf), NULL)); if (_gnutls_sset_datum - (&session->cipher_specs.server_write_key, + (&server_write->key, server_write_key, server_write_key_size) < 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR); _gnutls_hard_log ("INT: SERVER WRITE KEY [%d]: %s\n", server_write_key_size, @@ -267,21 +238,17 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, if (IV_size > 0 && export_flag == 0) { if (_gnutls_sset_datum - (&session->cipher_specs.client_write_IV, &key_block[pos], + (&client_write->IV, &key_block[pos], IV_size) < 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR); + pos += IV_size; if (_gnutls_sset_datum - (&session->cipher_specs.server_write_IV, &key_block[pos], + (&server_write->IV, &key_block[pos], IV_size) < 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR); + pos += IV_size; } @@ -296,10 +263,8 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, IV_size, iv_block); if (ret < 0) - { - gnutls_assert (); - return ret; - } + return gnutls_assert_val (ret); + ret = _gnutls_ssl3_hash_md5 ("", 0, rnd, GNUTLS_RANDOM_SIZE * 2, @@ -314,74 +279,177 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, } if (ret < 0) - { - gnutls_assert (); - return ret; - } + return gnutls_assert_val (ret); if (_gnutls_sset_datum - (&session->cipher_specs.client_write_IV, iv_block, IV_size) < 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + (&client_write->IV, iv_block, IV_size) < 0) + return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR); if (_gnutls_sset_datum - (&session->cipher_specs.server_write_IV, + (&server_write->IV, &iv_block[IV_size], IV_size) < 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR); } - session->cipher_specs.generated_keys = 1; - return 0; } static int -_gnutls_set_read_keys (gnutls_session_t session) +_gnutls_init_record_state (record_parameters_st *params, int read, + record_state_st *state) { - int hash_size; - int IV_size; - int key_size, export_flag; - gnutls_cipher_algorithm_t algo; + int ret; + + ret = _gnutls_cipher_init (&state->cipher_state, + params->cipher_algorithm, + &state->key, &state->IV); + if (ret < 0 + && params->cipher_algorithm != GNUTLS_CIPHER_NULL) + return gnutls_assert_val (ret); + + state->compression_state = + _gnutls_comp_init (params->compression_algorithm, read); + + if (state->compression_state == GNUTLS_COMP_FAILED) + return gnutls_assert_val (GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM); + + return 0; +} + +int +_gnutls_epoch_set_cipher_suite (gnutls_session_t session, + int epoch_rel, + cipher_suite_st *suite) +{ + gnutls_cipher_algorithm_t cipher_algo; gnutls_mac_algorithm_t mac_algo; + record_parameters_st *params; + int ret; - mac_algo = session->security_parameters.read_mac_algorithm; - algo = session->security_parameters.read_bulk_cipher_algorithm; + ret = _gnutls_epoch_get (session, epoch_rel, ¶ms); + if (ret < 0) + return gnutls_assert_val (ret); - hash_size = _gnutls_hash_get_algo_len (mac_algo); - IV_size = _gnutls_cipher_get_iv_size (algo); - key_size = gnutls_cipher_get_key_size (algo); - export_flag = _gnutls_cipher_get_export_flag (algo); + if (params->initialized + || params->cipher_algorithm != GNUTLS_CIPHER_UNKNOWN + || params->mac_algorithm != GNUTLS_MAC_UNKNOWN) + return gnutls_assert_val (GNUTLS_E_INTERNAL_ERROR); + + cipher_algo =_gnutls_cipher_suite_get_cipher_algo (suite); + mac_algo = _gnutls_cipher_suite_get_mac_algo (suite); - return _gnutls_set_keys (session, hash_size, IV_size, key_size, - export_flag); + if (_gnutls_cipher_is_ok (cipher_algo) != 0 + || _gnutls_mac_is_ok (mac_algo) != 0) + return gnutls_assert_val (GNUTLS_E_UNWANTED_ALGORITHM); + + params->cipher_algorithm = cipher_algo; + params->mac_algorithm = mac_algo; + + return 0; } -static int -_gnutls_set_write_keys (gnutls_session_t session) +int +_gnutls_epoch_set_compression (gnutls_session_t session, + int epoch_rel, + gnutls_compression_method_t comp_algo) +{ + record_parameters_st *params; + int ret; + + ret = _gnutls_epoch_get (session, epoch_rel, ¶ms); + if (ret < 0) + return gnutls_assert_val (ret); + + if (params->initialized + || params->compression_algorithm != GNUTLS_COMP_UNKNOWN) + return gnutls_assert_val (GNUTLS_E_INTERNAL_ERROR); + + if (_gnutls_compression_is_ok (comp_algo) != 0) + return gnutls_assert_val (GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM); + + params->compression_algorithm = comp_algo; + + return 0; +} + +void +_gnutls_epoch_set_null_algos (gnutls_session_t session, + record_parameters_st *params) +{ + /* This is only called on startup. We are extra paranoid about this + because it may cause unencrypted application data to go out on + the wire. */ + if (params->initialized || params->epoch != 0) + { + gnutls_assert (); + return; + } + + params->cipher_algorithm = GNUTLS_CIPHER_NULL; + params->mac_algorithm = GNUTLS_MAC_NULL; + params->compression_algorithm = GNUTLS_COMP_NULL; + params->initialized = 1; +} + +int +_gnutls_epoch_set_keys (gnutls_session_t session, uint16_t epoch) { int hash_size; int IV_size; int key_size, export_flag; - gnutls_cipher_algorithm_t algo; + gnutls_cipher_algorithm_t cipher_algo; gnutls_mac_algorithm_t mac_algo; + gnutls_compression_method_t comp_algo; + record_parameters_st *params; + int ret; + + ret = _gnutls_epoch_get (session, epoch, ¶ms); + if (ret < 0) + return gnutls_assert_val (ret); - mac_algo = session->security_parameters.write_mac_algorithm; - algo = session->security_parameters.write_bulk_cipher_algorithm; + if (params->initialized) + return 0; + _gnutls_record_log + ("REC[%p]: Initializing epoch #%u\n", session, params->epoch); + + cipher_algo = params->cipher_algorithm; + mac_algo = params->mac_algorithm; + comp_algo = params->compression_algorithm; + + if (_gnutls_cipher_is_ok (cipher_algo) != 0 + || _gnutls_mac_is_ok (mac_algo) != 0) + return gnutls_assert_val (GNUTLS_E_INTERNAL_ERROR); + + if (_gnutls_compression_is_ok (comp_algo) != 0) + return gnutls_assert_val (GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM); + + IV_size = _gnutls_cipher_get_iv_size (cipher_algo); + key_size = gnutls_cipher_get_key_size (cipher_algo); + export_flag = _gnutls_cipher_get_export_flag (cipher_algo); hash_size = _gnutls_hash_get_algo_len (mac_algo); - IV_size = _gnutls_cipher_get_iv_size (algo); - key_size = gnutls_cipher_get_key_size (algo); - export_flag = _gnutls_cipher_get_export_flag (algo); - return _gnutls_set_keys (session, hash_size, IV_size, key_size, - export_flag); + ret = _gnutls_set_keys + (session, params, hash_size, IV_size, key_size, export_flag); + if (ret < 0) + return gnutls_assert_val (ret); + + ret = _gnutls_init_record_state (params, 1, ¶ms->read); + if (ret < 0) + return gnutls_assert_val (ret); + + ret = _gnutls_init_record_state (params, 0, ¶ms->write); + if (ret < 0) + return gnutls_assert_val (ret); + + _gnutls_record_log + ("REC[%p]: Epoch #%u ready\n", session, params->epoch); + + params->initialized = 1; + return 0; } + #define CPY_COMMON dst->entity = src->entity; \ dst->kx_algorithm = src->kx_algorithm; \ memcpy( &dst->current_cipher_suite, &src->current_cipher_suite, sizeof(cipher_suite_st)); \ @@ -397,25 +465,12 @@ _gnutls_set_write_keys (gnutls_session_t session) dst->version = src->version static void -_gnutls_cpy_read_security_parameters (security_parameters_st * - dst, security_parameters_st * src) +_gnutls_set_resumed_parameters (gnutls_session_t session) { - CPY_COMMON; - - dst->read_bulk_cipher_algorithm = src->read_bulk_cipher_algorithm; - dst->read_mac_algorithm = src->read_mac_algorithm; - dst->read_compression_algorithm = src->read_compression_algorithm; -} + security_parameters_st *src = &session->internals.resumed_security_parameters; + security_parameters_st *dst = &session->security_parameters; -static void -_gnutls_cpy_write_security_parameters (security_parameters_st * - dst, security_parameters_st * src) -{ CPY_COMMON; - - dst->write_bulk_cipher_algorithm = src->write_bulk_cipher_algorithm; - dst->write_mac_algorithm = src->write_mac_algorithm; - dst->write_compression_algorithm = src->write_compression_algorithm; } /* Sets the current connection session to conform with the @@ -432,69 +487,76 @@ _gnutls_connection_state_init (gnutls_session_t session) /* Setup the master secret */ if ((ret = _gnutls_generate_master (session, 0)) < 0) - { - gnutls_assert (); - return ret; - } - + return gnutls_assert_val (ret); return 0; } + +static int +_gnutls_check_algos (gnutls_session_t session, + cipher_suite_st *suite, gnutls_compression_method_t comp_algo) +{ + gnutls_cipher_algorithm_t cipher_algo; + gnutls_mac_algorithm_t mac_algo; + + cipher_algo = _gnutls_cipher_suite_get_cipher_algo (suite); + mac_algo = _gnutls_cipher_suite_get_mac_algo (suite); + + if (_gnutls_cipher_is_ok (cipher_algo) != 0) + return gnutls_assert_val (GNUTLS_E_INTERNAL_ERROR); + + if (_gnutls_cipher_priority (session, cipher_algo) < 0) + return gnutls_assert_val (GNUTLS_E_UNWANTED_ALGORITHM); + + + if (_gnutls_mac_is_ok (mac_algo) != 0) + return gnutls_assert_val (GNUTLS_E_INTERNAL_ERROR); + + if (_gnutls_mac_priority (session, mac_algo) < 0) + return gnutls_assert_val (GNUTLS_E_UNWANTED_ALGORITHM); + + + if (_gnutls_compression_is_ok (comp_algo) != 0) + return gnutls_assert_val (GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM); + + return 0; +} + /* Initializes the read connection session * (read encrypted data) */ int _gnutls_read_connection_state_init (gnutls_session_t session) { - int mac_size; - int rc; + const uint16_t epoch_next = session->security_parameters.epoch_next; + int ret; - _gnutls_uint64zero (session->connection_state.read_sequence_number); - -/* Update internals from CipherSuite selected. - * If we are resuming just copy the connection session - */ + /* Update internals from CipherSuite selected. + * If we are resuming just copy the connection session + */ if (session->internals.resumed == RESUME_FALSE) { - rc = _gnutls_set_read_cipher (session, - _gnutls_cipher_suite_get_cipher_algo - (&session-> - security_parameters.current_cipher_suite)); - if (rc < 0) - return rc; - rc = _gnutls_set_read_mac (session, - _gnutls_cipher_suite_get_mac_algo - (&session-> - security_parameters.current_cipher_suite)); - if (rc < 0) - return rc; + ret = _gnutls_check_algos (session, + &session->security_parameters.current_cipher_suite, + session->internals.compression_method); + if (ret < 0) + return ret; - rc = _gnutls_set_kx (session, - _gnutls_cipher_suite_get_kx_algo - (&session-> - security_parameters.current_cipher_suite)); - if (rc < 0) - return rc; - - rc = _gnutls_set_read_compression (session, - session-> - internals.compression_method); - if (rc < 0) - return rc; - } - else - { /* RESUME_TRUE */ - _gnutls_cpy_read_security_parameters (&session->security_parameters, - &session-> - internals.resumed_security_parameters); + ret = _gnutls_set_kx (session, + _gnutls_cipher_suite_get_kx_algo + (&session-> + security_parameters.current_cipher_suite)); + if (ret < 0) + return ret; } + else if (session->security_parameters.entity == GNUTLS_CLIENT) + _gnutls_set_resumed_parameters (session); - - rc = _gnutls_set_read_keys (session); - if (rc < 0) - return rc; + ret = _gnutls_epoch_set_keys (session, epoch_next); + if (ret < 0) + return ret; _gnutls_handshake_log ("HSK[%p]: Cipher Suite: %s\n", session, @@ -502,124 +564,8 @@ _gnutls_read_connection_state_init (gnutls_session_t session) (&session-> security_parameters.current_cipher_suite)); - if (_gnutls_compression_is_ok - (session->security_parameters.read_compression_algorithm) != 0) - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM; - } - - if (_gnutls_mac_is_ok - (session->security_parameters.read_mac_algorithm) != 0) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - /* Free all the previous keys/ sessions etc. - */ - if (session->connection_state.read_mac_secret.data != NULL) - _gnutls_free_datum (&session->connection_state.read_mac_secret); - - _gnutls_cipher_deinit (&session->connection_state.read_cipher_state); - - if (session->connection_state.read_compression_state != NULL) - _gnutls_comp_deinit (session->connection_state.read_compression_state, 1); - - - mac_size = - _gnutls_hash_get_algo_len (session-> - security_parameters.read_mac_algorithm); - - _gnutls_handshake_log - ("HSK[%p]: Initializing internal [read] cipher sessions\n", session); - - switch (session->security_parameters.entity) - { - case GNUTLS_SERVER: - /* initialize cipher session - */ - rc = _gnutls_cipher_init (&session->connection_state.read_cipher_state, - session->security_parameters. - read_bulk_cipher_algorithm, - &session->cipher_specs.client_write_key, - &session->cipher_specs.client_write_IV); - if (rc < 0 - && session->security_parameters.read_bulk_cipher_algorithm != - GNUTLS_CIPHER_NULL) - { - gnutls_assert (); - return rc; - } - - /* copy mac secrets from cipherspecs, to connection - * session. - */ - if (mac_size > 0) - { - if (_gnutls_sset_datum (&session->connection_state.read_mac_secret, - session-> - cipher_specs.client_write_mac_secret.data, - session-> - cipher_specs.client_write_mac_secret.size) < - 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - } - - break; - - case GNUTLS_CLIENT: - rc = _gnutls_cipher_init (&session->connection_state.read_cipher_state, - session->security_parameters. - read_bulk_cipher_algorithm, - &session->cipher_specs.server_write_key, - &session->cipher_specs.server_write_IV); - - if (rc < 0 - && session->security_parameters.read_bulk_cipher_algorithm != - GNUTLS_CIPHER_NULL) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - - /* copy mac secret to connection session - */ - if (mac_size > 0) - { - if (_gnutls_sset_datum (&session->connection_state.read_mac_secret, - session-> - cipher_specs.server_write_mac_secret.data, - session-> - cipher_specs.server_write_mac_secret.size) < - 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - } - - break; - - default: /* this check is useless */ - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - session->connection_state.read_compression_state = - _gnutls_comp_init (session-> - security_parameters.read_compression_algorithm, 1); - - if (session->connection_state.read_compression_state == GNUTLS_COMP_FAILED) - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM; - } + session->security_parameters.epoch_read = epoch_next; + _gnutls_epoch_gc (session); return 0; } @@ -632,280 +578,49 @@ _gnutls_read_connection_state_init (gnutls_session_t session) int _gnutls_write_connection_state_init (gnutls_session_t session) { - int mac_size; - int rc; - - _gnutls_uint64zero (session->connection_state.write_sequence_number); + const uint16_t epoch_next = session->security_parameters.epoch_next; + int ret; /* Update internals from CipherSuite selected. * If we are resuming just copy the connection session */ if (session->internals.resumed == RESUME_FALSE) { - rc = _gnutls_set_write_cipher (session, - _gnutls_cipher_suite_get_cipher_algo - (&session-> - security_parameters.current_cipher_suite)); - if (rc < 0) - return rc; - rc = _gnutls_set_write_mac (session, - _gnutls_cipher_suite_get_mac_algo - (&session-> - security_parameters.current_cipher_suite)); - if (rc < 0) - return rc; + ret = _gnutls_check_algos (session, + &session->security_parameters.current_cipher_suite, + session->internals.compression_method); + if (ret < 0) + return ret; - rc = _gnutls_set_kx (session, - _gnutls_cipher_suite_get_kx_algo - (&session-> - security_parameters.current_cipher_suite)); - if (rc < 0) - return rc; - - rc = _gnutls_set_write_compression (session, - session-> - internals.compression_method); - if (rc < 0) - return rc; - } - else - { /* RESUME_TRUE */ - _gnutls_cpy_write_security_parameters (&session->security_parameters, - &session-> - internals.resumed_security_parameters); - _gnutls_ext_restore_resumed_session(session); + ret = _gnutls_set_kx (session, + _gnutls_cipher_suite_get_kx_algo + (&session-> + security_parameters.current_cipher_suite)); + if (ret < 0) + return ret; } + else if (session->security_parameters.entity == GNUTLS_SERVER) + _gnutls_set_resumed_parameters (session); - rc = _gnutls_set_write_keys (session); - if (rc < 0) - return rc; + ret = _gnutls_epoch_set_keys (session, epoch_next); + if (ret < 0) + return gnutls_assert_val (ret); _gnutls_handshake_log ("HSK[%p]: Cipher Suite: %s\n", session, _gnutls_cipher_suite_get_name (&session-> security_parameters.current_cipher_suite)); - if (_gnutls_compression_is_ok - (session->security_parameters.write_compression_algorithm) != 0) - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM; - } - - if (_gnutls_mac_is_ok - (session->security_parameters.write_mac_algorithm) != 0) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - - - /* Free all the previous keys/ sessions etc. - */ - if (session->connection_state.write_mac_secret.data != NULL) - _gnutls_free_datum (&session->connection_state.write_mac_secret); - - _gnutls_cipher_deinit (&session->connection_state.write_cipher_state); - - if (session->connection_state.write_compression_state != NULL) - _gnutls_comp_deinit (session->connection_state.write_compression_state, - 0); - - mac_size = - _gnutls_hash_get_algo_len (session-> - security_parameters.write_mac_algorithm); - _gnutls_handshake_log ("HSK[%p]: Initializing internal [write] cipher sessions\n", session); - switch (session->security_parameters.entity) - { - case GNUTLS_SERVER: - /* initialize cipher session - */ - rc = _gnutls_cipher_init (&session->connection_state.write_cipher_state, - session-> - security_parameters.write_bulk_cipher_algorithm, - &session->cipher_specs.server_write_key, - &session->cipher_specs.server_write_IV); - - if (rc < 0 - && session->security_parameters.write_bulk_cipher_algorithm != - GNUTLS_CIPHER_NULL) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - - /* copy mac secrets from cipherspecs, to connection - * session. - */ - if (mac_size > 0) - { - if (_gnutls_sset_datum (&session->connection_state.write_mac_secret, - session-> - cipher_specs.server_write_mac_secret.data, - session-> - cipher_specs.server_write_mac_secret.size) < - 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - } - - - break; - - case GNUTLS_CLIENT: - rc = _gnutls_cipher_init (&session->connection_state.write_cipher_state, - session-> - security_parameters.write_bulk_cipher_algorithm, - &session->cipher_specs.client_write_key, - &session->cipher_specs.client_write_IV); - - if (rc < 0 - && session->security_parameters.write_bulk_cipher_algorithm != - GNUTLS_CIPHER_NULL) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - /* copy mac secret to connection session - */ - if (mac_size > 0) - { - if (_gnutls_sset_datum (&session->connection_state.write_mac_secret, - session-> - cipher_specs.client_write_mac_secret.data, - session-> - cipher_specs.client_write_mac_secret.size) < - 0) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - } - - break; - - default: - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - - session->connection_state.write_compression_state = - _gnutls_comp_init (session-> - security_parameters.write_compression_algorithm, 0); - - if (session->connection_state.write_compression_state == GNUTLS_COMP_FAILED) - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM; - } - - return 0; -} - -/* Sets the specified cipher into the pending session - */ -int -_gnutls_set_read_cipher (gnutls_session_t session, - gnutls_cipher_algorithm_t algo) -{ - - if (_gnutls_cipher_is_ok (algo) == 0) - { - if (_gnutls_cipher_priority (session, algo) < 0) - { - gnutls_assert (); - return GNUTLS_E_UNWANTED_ALGORITHM; - } - - session->security_parameters.read_bulk_cipher_algorithm = algo; - - } - else - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } + session->security_parameters.epoch_write = epoch_next; + _gnutls_epoch_gc (session); return 0; - -} - -int -_gnutls_set_write_cipher (gnutls_session_t session, - gnutls_cipher_algorithm_t algo) -{ - - if (_gnutls_cipher_is_ok (algo) == 0) - { - if (_gnutls_cipher_priority (session, algo) < 0) - { - gnutls_assert (); - return GNUTLS_E_UNWANTED_ALGORITHM; - } - - session->security_parameters.write_bulk_cipher_algorithm = algo; - - } - else - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - return 0; - -} - - -/* Sets the specified algorithm into pending compression session - */ -int -_gnutls_set_read_compression (gnutls_session_t session, - gnutls_compression_method_t algo) -{ - - if (_gnutls_compression_is_ok (algo) == 0) - { - session->security_parameters.read_compression_algorithm = algo; - } - else - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM; - } - return 0; - -} - -int -_gnutls_set_write_compression (gnutls_session_t session, - gnutls_compression_method_t algo) -{ - - if (_gnutls_compression_is_ok (algo) == 0) - { - session->security_parameters.write_compression_algorithm = algo; - } - else - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM; - } - return 0; - } -/* Sets the specified kx algorithm into pending session +/* Sets the specified kx algorithm into pending session */ int _gnutls_set_kx (gnutls_session_t session, gnutls_kx_algorithm_t algo) @@ -916,66 +631,177 @@ _gnutls_set_kx (gnutls_session_t session, gnutls_kx_algorithm_t algo) session->security_parameters.kx_algorithm = algo; } else - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } + return gnutls_assert_val (GNUTLS_E_INTERNAL_ERROR); + if (_gnutls_kx_priority (session, algo) < 0) - { - gnutls_assert (); - /* we shouldn't get here */ - return GNUTLS_E_UNWANTED_ALGORITHM; - } + return gnutls_assert_val (GNUTLS_E_UNWANTED_ALGORITHM); return 0; - } -/* Sets the specified mac algorithm into pending session */ -int -_gnutls_set_read_mac (gnutls_session_t session, gnutls_mac_algorithm_t algo) +static inline int +epoch_resolve(gnutls_session_t session, + unsigned int epoch_rel, uint16_t *epoch_out) { - - if (_gnutls_mac_is_ok (algo) == 0) - { - session->security_parameters.read_mac_algorithm = algo; - } - else + switch (epoch_rel) { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; + case EPOCH_READ_CURRENT: + *epoch_out = session->security_parameters.epoch_read; + return 0; + + case EPOCH_WRITE_CURRENT: + *epoch_out = session->security_parameters.epoch_write; + return 0; + + case EPOCH_NEXT: + *epoch_out = session->security_parameters.epoch_next; + return 0; + + default: + if (epoch_rel > 0xffffu) + return gnutls_assert_val (GNUTLS_E_INVALID_REQUEST); + + *epoch_out = epoch_rel; + return 0; } - if (_gnutls_mac_priority (session, algo) < 0) +} + +static inline record_parameters_st** +epoch_get_slot(gnutls_session_t session, uint16_t epoch) +{ + uint16_t epoch_index = + epoch - session->security_parameters.epoch_min; + + if (epoch_index >= MAX_EPOCH_INDEX) { gnutls_assert (); - return GNUTLS_E_UNWANTED_ALGORITHM; + return NULL; } + /* The slot may still be empty (NULL) */ + return &session->record_parameters[epoch_index]; +} - return 0; +int +_gnutls_epoch_get (gnutls_session_t session, unsigned int epoch_rel, + record_parameters_st **params_out) +{ + uint16_t epoch; + record_parameters_st **params; + int ret; + + ret = epoch_resolve (session, epoch_rel, &epoch); + if (ret < 0) + return gnutls_assert_val (ret); + + params = epoch_get_slot (session, epoch); + if (params == NULL || *params == NULL) + return gnutls_assert_val (GNUTLS_E_INVALID_REQUEST); + *params_out = *params; + + return 0; } int -_gnutls_set_write_mac (gnutls_session_t session, gnutls_mac_algorithm_t algo) +_gnutls_epoch_alloc(gnutls_session_t session, uint16_t epoch, + record_parameters_st **out) { + record_parameters_st **slot; - if (_gnutls_mac_is_ok (algo) == 0) - { - session->security_parameters.write_mac_algorithm = algo; - } - else - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - if (_gnutls_mac_priority (session, algo) < 0) - { - gnutls_assert (); - return GNUTLS_E_UNWANTED_ALGORITHM; - } + _gnutls_record_log + ("REC[%p]: Allocating epoch #%u\n", session, epoch); + + slot = epoch_get_slot(session, epoch); + + /* If slot out of range or not empty. */ + if (slot == NULL) + return gnutls_assert_val (GNUTLS_E_INVALID_REQUEST); + + if(*slot != NULL) + return gnutls_assert_val (GNUTLS_E_INVALID_REQUEST); + + *slot = gnutls_calloc (1, sizeof (record_parameters_st)); + if (*slot == NULL) + return gnutls_assert_val (GNUTLS_E_MEMORY_ERROR); + + (*slot)->epoch = epoch; + (*slot)->cipher_algorithm = GNUTLS_CIPHER_UNKNOWN; + (*slot)->mac_algorithm = GNUTLS_MAC_UNKNOWN; + (*slot)->compression_algorithm = GNUTLS_COMP_UNKNOWN; + if (out != NULL) + *out = *slot; return 0; +} + +static inline int +epoch_alive (gnutls_session_t session, record_parameters_st *params) +{ + const security_parameters_st *sp = &session->security_parameters; + + /* DTLS will, in addition, need to check the epoch timeout value. */ + return (params->epoch == sp->epoch_read + || params->epoch == sp->epoch_write + || params->epoch == sp->epoch_next); +} + +void +_gnutls_epoch_gc (gnutls_session_t session) +{ + int i, j; + unsigned int min_index = 0; + + _gnutls_record_log + ("REC[%p]: Start of epoch cleanup\n", session); + + /* Free all dead cipher state */ + for(i=0; i < MAX_EPOCH_INDEX; i++) + if (session->record_parameters[i] != NULL + && !epoch_alive (session, session->record_parameters[i])) + { + _gnutls_epoch_free (session, session->record_parameters[i]); + session->record_parameters[i] = NULL; + } + + /* Look for contiguous NULLs at the start of the array */ + for(i=0; i < MAX_EPOCH_INDEX && session->record_parameters[i] == NULL; i++); + min_index = i; + + /* Pick up the slack in the epoch window. */ + for(i=0, j=min_index; j < MAX_EPOCH_INDEX; i++, j++) + session->record_parameters[i] = session->record_parameters[j]; + + /* Set the new epoch_min */ + if (session->record_parameters[0] != NULL) + session->security_parameters.epoch_min = session->record_parameters[0]->epoch; + + _gnutls_record_log + ("REC[%p]: End of epoch cleanup\n", session); +} + +static inline void +free_record_state (record_state_st *state, int read) +{ + _gnutls_free_datum (&state->mac_secret); + _gnutls_free_datum (&state->IV); + _gnutls_free_datum (&state->key); + + _gnutls_cipher_deinit (&state->cipher_state); + + if (state->compression_state != NULL) + _gnutls_comp_deinit (state->compression_state, read); +} + +void +_gnutls_epoch_free (gnutls_session_t session, record_parameters_st *params) +{ + _gnutls_record_log + ("REC[%p]: Epoch #%u freed\n", session, params->epoch); + + free_record_state (¶ms->read, 1); + free_record_state (¶ms->write, 0); + gnutls_free (params); } diff --git a/lib/gnutls_constate.h b/lib/gnutls_constate.h index ba5b056..513ab1c 100644 --- a/lib/gnutls_constate.h +++ b/lib/gnutls_constate.h @@ -23,19 +23,27 @@ * */ +#ifndef GNUTLS_CONSTATE_H +#define GNUTLS_CONSTATE_H + +int _gnutls_epoch_set_cipher_suite (gnutls_session_t session, int epoch_rel, + cipher_suite_st *suite); +int _gnutls_epoch_set_compression (gnutls_session_t session, int epoch_rel, + gnutls_compression_method_t comp_algo); +void _gnutls_epoch_set_null_algos (gnutls_session_t session, + record_parameters_st *params); +int _gnutls_epoch_set_keys (gnutls_session_t session, uint16_t epoch); int _gnutls_connection_state_init (gnutls_session_t session); int _gnutls_read_connection_state_init (gnutls_session_t session); int _gnutls_write_connection_state_init (gnutls_session_t session); -int _gnutls_set_write_cipher (gnutls_session_t session, - gnutls_cipher_algorithm_t algo); -int _gnutls_set_write_mac (gnutls_session_t session, - gnutls_mac_algorithm_t algo); -int _gnutls_set_read_cipher (gnutls_session_t session, - gnutls_cipher_algorithm_t algo); -int _gnutls_set_read_mac (gnutls_session_t session, - gnutls_mac_algorithm_t algo); -int _gnutls_set_read_compression (gnutls_session_t session, - gnutls_compression_method_t algo); -int _gnutls_set_write_compression (gnutls_session_t session, - gnutls_compression_method_t algo); + int _gnutls_set_kx (gnutls_session_t session, gnutls_kx_algorithm_t algo); + +int _gnutls_epoch_get (gnutls_session_t session, unsigned int epoch_rel, + record_parameters_st **params_out); +int _gnutls_epoch_alloc(gnutls_session_t session, uint16_t epoch, + record_parameters_st **out); +void _gnutls_epoch_gc (gnutls_session_t session); +void _gnutls_epoch_free (gnutls_session_t session, record_parameters_st *state); + +#endif diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 5418462..b7f1c54 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -124,8 +124,11 @@ resume_copy_required_values (gnutls_session_t session) session->internals.resumed_security_parameters.current_cipher_suite. suite, 2); - session->internals.compression_method = - session->internals.resumed_security_parameters.read_compression_algorithm; + _gnutls_epoch_set_cipher_suite (session, EPOCH_NEXT, + &session->internals.resumed_security_parameters.current_cipher_suite); + _gnutls_epoch_set_compression (session, EPOCH_NEXT, + session->internals.resumed_compression_method); + /* or write_compression_algorithm * they are the same */ @@ -931,6 +934,10 @@ _gnutls_server_select_suite (gnutls_session_t session, opaque * data, _gnutls_cipher_suite_get_name (&cs)); memcpy (session->security_parameters.current_cipher_suite.suite, ciphers[i].suite, 2); + _gnutls_epoch_set_cipher_suite (session, EPOCH_NEXT, + &session->security_parameters.current_cipher_suite); + + retval = 0; goto finish; } @@ -1013,6 +1020,8 @@ _gnutls_server_select_comp_method (gnutls_session_t session, session->internals.compression_method = method; gnutls_free (comps); + _gnutls_epoch_set_compression (session, EPOCH_NEXT, method); + _gnutls_handshake_log ("HSK[%p]: Selected Compression Method: %s\n", session, gnutls_compression_get_name (session-> @@ -1565,6 +1574,7 @@ _gnutls_client_set_ciphersuite (gnutls_session_t session, opaque suite[2]) } memcpy (session->security_parameters.current_cipher_suite.suite, suite, 2); + _gnutls_epoch_set_cipher_suite (session, EPOCH_NEXT, &session->security_parameters.current_cipher_suite); _gnutls_handshake_log ("HSK[%p]: Selected cipher suite: %s\n", session, _gnutls_cipher_suite_get_name @@ -1645,7 +1655,7 @@ _gnutls_client_set_comp_method (gnutls_session_t session, opaque comp_method) session->internals.compression_method = _gnutls_compression_get_id (comp_method); - + _gnutls_epoch_set_compression (session, EPOCH_NEXT, session->internals.compression_method); return 0; } @@ -1678,6 +1688,12 @@ _gnutls_client_check_if_resuming (gnutls_session_t session, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); memcpy (session->internals.resumed_security_parameters.client_random, session->security_parameters.client_random, GNUTLS_RANDOM_SIZE); + + _gnutls_epoch_set_cipher_suite + (session, EPOCH_NEXT, &session->internals.resumed_security_parameters.current_cipher_suite); + _gnutls_epoch_set_compression + (session, EPOCH_NEXT, session->internals.resumed_compression_method); + session->internals.resumed = RESUME_TRUE; /* we are resuming */ return 0; @@ -2594,6 +2610,20 @@ int gnutls_handshake (gnutls_session_t session) { int ret; + record_parameters_st *params; + + ret = _gnutls_epoch_get (session, session->security_parameters.epoch_next, + ¶ms); + if (ret < 0) + { + /* We assume the epoch is not allocated if _gnutls_epoch_get fails. */ + ret = _gnutls_epoch_alloc (session, session->security_parameters.epoch_next, NULL); + if (ret < 0) + { + gnutls_assert (); + return ret; + } + } if (session->security_parameters.entity == GNUTLS_CLIENT) { @@ -2629,6 +2659,8 @@ gnutls_handshake (gnutls_session_t session) _gnutls_handshake_io_buffer_clear (session); _gnutls_handshake_internal_state_clear (session); + session->security_parameters.epoch_next++; + return 0; } diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index d8cd028..5d1b64e 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -285,6 +285,12 @@ struct gnutls_key_st typedef struct gnutls_key_st *gnutls_key_st; +struct record_state_st; +typedef struct record_state_st record_state_st; + +struct record_parameters_st; +typedef struct record_parameters_st record_parameters_st; + /* STATE (cont) */ #include @@ -334,18 +340,17 @@ typedef struct { gnutls_connection_end_t entity; gnutls_kx_algorithm_t kx_algorithm; - /* we've got separate write/read bulk/macs because - * there is a time in handshake where the peer has - * null cipher and we don't - */ - gnutls_cipher_algorithm_t read_bulk_cipher_algorithm; - gnutls_mac_algorithm_t read_mac_algorithm; - gnutls_compression_method_t read_compression_algorithm; + handshake_mac_type_t handshake_mac_handle_type; /* one of HANDSHAKE_TYPE_10 and HANDSHAKE_TYPE_12 */ - gnutls_cipher_algorithm_t write_bulk_cipher_algorithm; - gnutls_mac_algorithm_t write_mac_algorithm; - gnutls_compression_method_t write_compression_algorithm; - handshake_mac_type_t handshake_mac_handle_type; /* one of HANDSHAKE_TYPE_10 and HANDSHAKE_TYPE_12 */ + /* The epoch used to read and write */ + uint16_t epoch_read; + uint16_t epoch_write; + + /* The epoch that the next handshake will initialize. */ + uint16_t epoch_next; + + /* The epoch at index 0 of record_parameters. */ + uint16_t epoch_min; /* this is the ciphersuite we are going to use * moved here from internals in order to be restored @@ -378,34 +383,36 @@ typedef struct int do_recv_supplemental, do_send_supplemental; } security_parameters_st; -/* This structure holds the generated keys - */ -typedef struct +struct record_state_st { - gnutls_datum_t server_write_mac_secret; - gnutls_datum_t client_write_mac_secret; - gnutls_datum_t server_write_IV; - gnutls_datum_t client_write_IV; - gnutls_datum_t server_write_key; - gnutls_datum_t client_write_key; - int generated_keys; /* zero if keys have not - * been generated. Non zero - * otherwise. - */ -} cipher_specs_st; + gnutls_datum_t mac_secret; + gnutls_datum_t IV; + gnutls_datum_t key; + cipher_hd_st cipher_state; + comp_hd_t compression_state; + uint64 sequence_number; +}; +/* These are used to resolve relative epochs. These values are just + outside the 16 bit range to prevent off-by-one errors. An absolute + epoch may be referred to by its numeric id in the range + 0x0000-0xffff. */ +#define EPOCH_READ_CURRENT 70000 +#define EPOCH_WRITE_CURRENT 70001 +#define EPOCH_NEXT 70002 -typedef struct +struct record_parameters_st { - cipher_hd_st write_cipher_state; - cipher_hd_st read_cipher_state; - comp_hd_t read_compression_state; - comp_hd_t write_compression_state; - gnutls_datum_t read_mac_secret; - gnutls_datum_t write_mac_secret; - uint64 read_sequence_number; - uint64 write_sequence_number; -} conn_stat_st; + uint16_t epoch; + int initialized; + + gnutls_cipher_algorithm_t cipher_algorithm; + gnutls_mac_algorithm_t mac_algorithm; + gnutls_compression_method_t compression_algorithm; + + record_state_st read; + record_state_st write; +}; typedef struct { @@ -528,6 +535,7 @@ typedef struct /* resumed session */ int resumed:1; /* RESUME_TRUE or FALSE - if we are resuming a session */ security_parameters_st resumed_security_parameters; + gnutls_compression_method_t resumed_compression_method; /* sockets internals */ int lowat; @@ -719,11 +727,13 @@ typedef struct */ } internals_st; +/* Maximum number of epochs we keep around. */ +#define MAX_EPOCH_INDEX 16 + struct gnutls_session_int { security_parameters_st security_parameters; - cipher_specs_st cipher_specs; - conn_stat_st connection_state; + record_parameters_st *record_parameters[MAX_EPOCH_INDEX]; internals_st internals; gnutls_key_st key; }; diff --git a/lib/gnutls_num.h b/lib/gnutls_num.h index 18a13ca..e35b92f 100644 --- a/lib/gnutls_num.h +++ b/lib/gnutls_num.h @@ -44,6 +44,6 @@ uint32_t _gnutls_uint64touint32 (const uint64 *); int _gnutls_uint64pp (uint64 *); # define _gnutls_uint64zero(x) x.i[0] = x.i[1] = x.i[2] = x.i[3] = x.i[4] = x.i[5] = x.i[6] = x.i[7] = 0 -# define UINT64DATA(x) x.i +# define UINT64DATA(x) (x.i) #endif /* GNUTLS_NUM_H */ diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index 27e5e56..972c8ad 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -42,6 +42,7 @@ #include "gnutls_num.h" #include "gnutls_record.h" #include "gnutls_datum.h" +#include "gnutls_constate.h" #include "ext_max_record.h" #include #include @@ -334,8 +335,8 @@ copy_record_version (gnutls_session_t session, */ ssize_t _gnutls_send_int (gnutls_session_t session, content_type_t type, - gnutls_handshake_description_t htype, const void *_data, - size_t sizeofdata, unsigned int mflags) + gnutls_handshake_description_t htype, unsigned int epoch_rel, + const void *_data, size_t sizeofdata, unsigned int mflags) { mbuffer_st *bufel; size_t cipher_size; @@ -343,6 +344,24 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, int data2send_size; uint8_t headers[5]; const uint8_t *data = _data; + record_parameters_st *record_params; + record_state_st *record_state; + + ret = _gnutls_epoch_get (session, epoch_rel, &record_params); + if (ret < 0) + { + gnutls_assert (); + return ret; + } + + /* Safeguard against processing data with an incomplete cipher state. */ + if (!record_params->initialized) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + + record_state = &record_params->write; /* Do not allow null pointer if the send buffer is empty. * If the previous send was interrupted then a null pointer is @@ -372,8 +391,7 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, _gnutls_record_log ("REC[%p]: Sending Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session-> - connection_state.write_sequence_number), + (int) _gnutls_uint64touint32 (&record_state->sequence_number), _gnutls_packet2str (type), type, (int) sizeofdata); if (sizeofdata > MAX_RECORD_SEND_SIZE) @@ -411,7 +429,7 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, _gnutls_encrypt (session, headers, RECORD_HEADER_SIZE, data, data2send_size, _mbuffer_get_udata_ptr(bufel), cipher_size, type, (session->internals.priorities.no_padding == - 0) ? 1 : 0); + 0) ? 1 : 0, record_params); if (cipher_size <= 0) { gnutls_assert (); @@ -426,8 +444,7 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, /* increase sequence number */ - if (_gnutls_uint64pp - (&session->connection_state.write_sequence_number) != 0) + if (_gnutls_uint64pp (&record_state->sequence_number) != 0) { session_invalidate (session); gnutls_assert (); @@ -467,7 +484,7 @@ _gnutls_send_int (gnutls_session_t session, content_type_t type, session, (int) _gnutls_uint64touint32 - (&session->connection_state.write_sequence_number), + (&record_state->sequence_number), _gnutls_packet2str (type), type, (int)cipher_size); return retval; @@ -484,7 +501,7 @@ _gnutls_send_change_cipher_spec (gnutls_session_t session, int again) _gnutls_handshake_log ("REC[%p]: Sent ChangeCipherSpec\n", session); if (again == 0) - return _gnutls_send_int (session, GNUTLS_CHANGE_CIPHER_SPEC, -1, data, 1, MBUFFER_FLUSH); + return _gnutls_send_int (session, GNUTLS_CHANGE_CIPHER_SPEC, -1, EPOCH_WRITE_CURRENT, data, 1, MBUFFER_FLUSH); else { return _gnutls_io_write_flush (session); @@ -845,8 +862,8 @@ get_temp_recv_buffer (gnutls_session_t session, gnutls_datum_t * tmp) */ ssize_t _gnutls_recv_int (gnutls_session_t session, content_type_t type, - gnutls_handshake_description_t htype, opaque * data, - size_t sizeofdata) + gnutls_handshake_description_t htype, + opaque * data, size_t sizeofdata) { int decrypted_length; opaque version[2]; @@ -857,6 +874,24 @@ _gnutls_recv_int (gnutls_session_t session, content_type_t type, uint16_t header_size; int empty_packet = 0; gnutls_datum_t data_enc, tmp; + record_parameters_st *record_params; + record_state_st *record_state; + + ret = _gnutls_epoch_get (session, EPOCH_READ_CURRENT, &record_params); + if (ret < 0) + { + gnutls_assert (); + return ret; + } + + /* Safeguard against processing data with an incomplete cipher state. */ + if (!record_params->initialized) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + + record_state = &record_params->read; if (type != GNUTLS_ALERT && (sizeofdata == 0 || data == NULL)) { @@ -951,13 +986,11 @@ begin: _gnutls_record_log ("REC[%p]: Expected Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session-> - connection_state.read_sequence_number), + (int) _gnutls_uint64touint32 (&record_state->sequence_number), _gnutls_packet2str (type), type, (int) sizeofdata); _gnutls_record_log ("REC[%p]: Received Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session-> - connection_state.read_sequence_number), + (int) _gnutls_uint64touint32 (&record_state->sequence_number), _gnutls_packet2str (recv_type), recv_type, length); if (length > MAX_RECV_SIZE) @@ -1010,7 +1043,7 @@ begin: */ ret = _gnutls_decrypt (session, ciphertext, length, tmp.data, tmp.size, - recv_type); + recv_type, record_params); if (ret < 0) { session_unresumable (session); @@ -1042,13 +1075,12 @@ begin: _gnutls_record_log ("REC[%p]: Decrypted Packet[%d] %s(%d) with length: %d\n", session, - (int) _gnutls_uint64touint32 (&session-> - connection_state.read_sequence_number), + (int) _gnutls_uint64touint32 (&record_state->sequence_number), _gnutls_packet2str (recv_type), recv_type, decrypted_length); /* increase sequence number */ - if (_gnutls_uint64pp (&session->connection_state.read_sequence_number) != 0) + if (_gnutls_uint64pp (&record_state->sequence_number) != 0) { session_invalidate (session); gnutls_assert (); @@ -1148,8 +1180,8 @@ ssize_t gnutls_record_send (gnutls_session_t session, const void *data, size_t sizeofdata) { - return _gnutls_send_int (session, GNUTLS_APPLICATION_DATA, -1, data, - sizeofdata, MBUFFER_FLUSH); + return _gnutls_send_int (session, GNUTLS_APPLICATION_DATA, -1, EPOCH_WRITE_CURRENT, + data, sizeofdata, MBUFFER_FLUSH); } /** diff --git a/lib/gnutls_record.h b/lib/gnutls_record.h index 6d35247..76c8520 100644 --- a/lib/gnutls_record.h +++ b/lib/gnutls_record.h @@ -30,7 +30,7 @@ # include ssize_t _gnutls_send_int (gnutls_session_t session, content_type_t type, - gnutls_handshake_description_t htype, + gnutls_handshake_description_t htype, unsigned int epoch_rel, const void *data, size_t sizeofdata, unsigned int mflags); ssize_t _gnutls_recv_int (gnutls_session_t session, content_type_t type, gnutls_handshake_description_t, opaque * data, diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c index 70de27d..542abb3 100644 --- a/lib/gnutls_session_pack.c +++ b/lib/gnutls_session_pack.c @@ -42,6 +42,7 @@ #include #include #include +#include static int pack_certificate_auth_info (gnutls_session_t, gnutls_buffer_st * packed_session); @@ -740,6 +741,21 @@ pack_security_parameters (gnutls_session_t session, int ret; int size_offset; size_t cur_size; + record_parameters_st *params; + + if ( session->security_parameters.epoch_read + != session->security_parameters.epoch_write) + { + gnutls_assert (); + return GNUTLS_E_INVALID_REQUEST; + } + + ret = _gnutls_epoch_get (session, EPOCH_READ_CURRENT, ¶ms); + if (ret < 0) + { + gnutls_assert (); + return ret; + } /* move after the auth info stuff. */ @@ -750,14 +766,9 @@ pack_security_parameters (gnutls_session_t session, BUFFER_APPEND(ps, &session->security_parameters.entity, 1); BUFFER_APPEND(ps, &session->security_parameters.kx_algorithm, 1); - BUFFER_APPEND(ps, &session->security_parameters.read_bulk_cipher_algorithm, 1); - BUFFER_APPEND(ps, &session->security_parameters.read_mac_algorithm, 1); - BUFFER_APPEND(ps, &session->security_parameters.read_compression_algorithm, 1); - BUFFER_APPEND(ps, &session->security_parameters.write_bulk_cipher_algorithm, 1); - BUFFER_APPEND(ps, &session->security_parameters.write_mac_algorithm, 1); - BUFFER_APPEND(ps, &session->security_parameters.write_compression_algorithm, 1); BUFFER_APPEND(ps, &session->security_parameters.current_cipher_suite.suite[0], 1); BUFFER_APPEND(ps, &session->security_parameters.current_cipher_suite.suite[1], 1); + BUFFER_APPEND(ps, ¶ms->compression_algorithm, 1); BUFFER_APPEND(ps, &session->security_parameters.cert_type, 1); BUFFER_APPEND(ps, &session->security_parameters.version, 1); @@ -795,15 +806,10 @@ unpack_security_parameters (gnutls_session_t session, BUFFER_POP(ps, &session->internals.resumed_security_parameters.entity, 1); BUFFER_POP(ps, &session->internals.resumed_security_parameters.kx_algorithm, 1); - BUFFER_POP(ps, &session->internals.resumed_security_parameters.read_bulk_cipher_algorithm, 1); - BUFFER_POP(ps, &session->internals.resumed_security_parameters.read_mac_algorithm, 1); - BUFFER_POP(ps, &session->internals.resumed_security_parameters.read_compression_algorithm, 1); - BUFFER_POP(ps, &session->internals.resumed_security_parameters.write_bulk_cipher_algorithm, 1); - BUFFER_POP(ps, &session->internals.resumed_security_parameters.write_mac_algorithm, 1); - BUFFER_POP(ps, &session->internals.resumed_security_parameters.write_compression_algorithm, 1); BUFFER_POP(ps, &session->internals.resumed_security_parameters.current_cipher_suite.suite[0], 1); BUFFER_POP(ps, &session->internals.resumed_security_parameters. current_cipher_suite.suite[1], 1); + BUFFER_POP(ps, &session->internals.resumed_compression_method, 1); BUFFER_POP(ps, &session->internals.resumed_security_parameters.cert_type, 1); BUFFER_POP(ps, &session->internals.resumed_security_parameters.version, 1); diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index b25d31b..7e21cf0 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -40,6 +40,7 @@ #include #include #include +#include #include #include #include @@ -73,7 +74,10 @@ _gnutls_session_cert_type_set (gnutls_session_t session, gnutls_cipher_algorithm_t gnutls_cipher_get (gnutls_session_t session) { - return session->security_parameters.read_bulk_cipher_algorithm; + record_parameters_st *record_params; + _gnutls_epoch_get (session, EPOCH_READ_CURRENT, &record_params); + + return record_params->cipher_algorithm; } /** @@ -119,7 +123,10 @@ gnutls_kx_get (gnutls_session_t session) gnutls_mac_algorithm_t gnutls_mac_get (gnutls_session_t session) { - return session->security_parameters.read_mac_algorithm; + record_parameters_st *record_params; + _gnutls_epoch_get (session, EPOCH_READ_CURRENT, &record_params); + + return record_params->mac_algorithm; } /** @@ -134,7 +141,10 @@ gnutls_mac_get (gnutls_session_t session) gnutls_compression_method_t gnutls_compression_get (gnutls_session_t session) { - return session->security_parameters.read_compression_algorithm; + record_parameters_st *record_params; + _gnutls_epoch_get (session, EPOCH_READ_CURRENT, &record_params); + + return record_params->compression_algorithm; } /* Check if the given certificate type is supported. @@ -265,30 +275,30 @@ _gnutls_handshake_internal_state_clear (gnutls_session_t session) int gnutls_init (gnutls_session_t * session, gnutls_connection_end_t con_end) { + int ret; + record_parameters_st *epoch; + *session = gnutls_calloc (1, sizeof (struct gnutls_session_int)); if (*session == NULL) return GNUTLS_E_MEMORY_ERROR; + ret = _gnutls_epoch_alloc (*session, 0, &epoch); + if (ret < 0) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + + /* Set all NULL algos on epoch 0 */ + _gnutls_epoch_set_null_algos(*session, epoch); + + (*session)->security_parameters.epoch_next = 1; + (*session)->security_parameters.entity = con_end; /* the default certificate type for TLS */ (*session)->security_parameters.cert_type = DEFAULT_CERT_TYPE; -/* Set the defaults for initial handshake */ - (*session)->security_parameters.read_bulk_cipher_algorithm = - (*session)->security_parameters.write_bulk_cipher_algorithm = - GNUTLS_CIPHER_NULL; - - (*session)->security_parameters.read_mac_algorithm = - (*session)->security_parameters.write_mac_algorithm = GNUTLS_MAC_NULL; - - (*session)->security_parameters.read_compression_algorithm = - GNUTLS_COMP_NULL; - (*session)->security_parameters.write_compression_algorithm = - GNUTLS_COMP_NULL; - - (*session)->internals.enable_private = 0; - /* Initialize buffers */ _gnutls_buffer_init (&(*session)->internals.application_data_buffer); _gnutls_buffer_init (&(*session)->internals.handshake_data_buffer); @@ -372,6 +382,7 @@ _gnutls_session_is_resumable (gnutls_session_t session) void gnutls_deinit (gnutls_session_t session) { + unsigned int i; if (session == NULL) return; @@ -383,8 +394,12 @@ gnutls_deinit (gnutls_session_t session) _gnutls_handshake_io_buffer_clear (session); _gnutls_ext_free_session_data (session); - _gnutls_free_datum (&session->connection_state.read_mac_secret); - _gnutls_free_datum (&session->connection_state.write_mac_secret); + for(i=0; i < MAX_EPOCH_INDEX; i++) + if (session->record_parameters[i] != NULL) + { + _gnutls_epoch_free (session, session->record_parameters[i]); + session->record_parameters[i] = NULL; + } _gnutls_buffer_clear (&session->internals.ia_data_buffer); _gnutls_buffer_clear (&session->internals.handshake_hash_buffer); @@ -396,22 +411,6 @@ gnutls_deinit (gnutls_session_t session) gnutls_credentials_clear (session); _gnutls_selected_certs_deinit (session); - _gnutls_cipher_deinit (&session->connection_state.read_cipher_state); - _gnutls_cipher_deinit (&session->connection_state.write_cipher_state); - - if (session->connection_state.read_compression_state != NULL) - _gnutls_comp_deinit (session->connection_state.read_compression_state, 1); - if (session->connection_state.write_compression_state != NULL) - _gnutls_comp_deinit (session->connection_state.write_compression_state, - 0); - - _gnutls_free_datum (&session->cipher_specs.server_write_mac_secret); - _gnutls_free_datum (&session->cipher_specs.client_write_mac_secret); - _gnutls_free_datum (&session->cipher_specs.server_write_IV); - _gnutls_free_datum (&session->cipher_specs.client_write_IV); - _gnutls_free_datum (&session->cipher_specs.server_write_key); - _gnutls_free_datum (&session->cipher_specs.client_write_key); - if (session->key != NULL) { _gnutls_mpi_release (&session->key->KEY); diff --git a/libextra/gnutls_ia.c b/libextra/gnutls_ia.c index e2ff0d9..f303386 100644 --- a/libextra/gnutls_ia.c +++ b/libextra/gnutls_ia.c @@ -97,7 +97,7 @@ _gnutls_send_inner_application (gnutls_session_t session, memcpy (p + 4, data, sizeofdata); } - len = _gnutls_send_int (session, GNUTLS_INNER_APPLICATION, -1, p, plen, MBUFFER_FLUSH); + len = _gnutls_send_int (session, GNUTLS_INNER_APPLICATION, -1, EPOCH_WRITE_CURRENT, p, plen, MBUFFER_FLUSH); if (p) gnutls_free (p); -- 1.7.1 From nmav at gnutls.org Fri Sep 17 08:23:01 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 17 Sep 2010 08:23:01 +0200 Subject: [PATCH 2/2] Explicit symmetric cipher state versionning. In-Reply-To: <1284694326-12630-2-git-send-email-joe@x2a.org> References: <1284694326-12630-1-git-send-email-joe@x2a.org> <1284694326-12630-2-git-send-email-joe@x2a.org> Message-ID: <4C930945.5060104@gnutls.org> On 09/17/2010 05:32 AM, Jonathan Bastien-Filiatrault wrote: > This introduces the concept of a "cipher epoch". The epoch number is > the number of successful handshakes and is incremented by one each > time. This concept is native to DTLS and this patch makes the > symmetric cipher state explicit for TLS in preparation for DTLS. This > concept was implicit in plain TLS and ChangeCipherSpec messages > triggered a "pending state copy". Now, we the current epoch number is > simply incremented to the parameters negotiated by the handshake. > > The main side effects of this patch is a slightly more abstract > internal API and, in some cases, simpler code. The session blob format > is also changed a bit since this patch avoids storing information that > is now redundant. If this breaks library users' expectations, this > side effect can be negated. > > The cipher_specs structure has been removed. The conn_state has become > record_state_st. Only symmetric cipher information is > versioned. Things such as key exchange algorithm and the master secret > are not versioned and their handling is unchanged. I like the changes. I've commited them! regards, Nikos From nmav at gnutls.org Fri Sep 17 08:42:17 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 17 Sep 2010 08:42:17 +0200 Subject: gnutls 2.11.1 In-Reply-To: <878w33iazf.fsf@gnu.org> References: <4C8F62FE.1020808@gnutls.org> <201009142306.18647.Arfrever.FTA@gmail.com> <4C906266.2050601@gnutls.org> <878w33iazf.fsf@gnu.org> Message-ID: <4C930DC9.6020906@gnutls.org> On 09/15/2010 11:59 AM, Ludovic Court?s wrote: > Hi, > > Nikos Mavrogiannopoulos writes: > >> On 09/14/2010 11:05 PM, Arfrever Frehtes Taifersar Arahesis wrote: >>> When GnuTLS 2.11.1 has been built with support for Nettle, then 1 test fails: >>> PASS: openpgp-keyring.scm >>> /bin/sh: line 5: 23938 Segmentation fault GUILE_AUTO_COMPILE=0 ../../guile/pre-inst-guile -L . ${dir}$tst >>> FAIL: openpgp-auth.scm >> [...] >>> This problem doesn't occur when GnuTLS 2.11.1 has been built with support for libgcrypt. >> >> Hello, >> I don't use the guile bindings and didn't notice. Ludovic could you >> help pinpoint what could be the problem there? > > Sure. > > Arfrever: what version of Guile did you use? On which platform? > > Can you provide a backtrace of the Guile segfault? You can set ?ulimit > -c unlimited? (or similar) and then run gdb on the core file. Do the self tests pass on your system? I installed guile and found out that the tests stop at: [...] Making check in tests make[2]: Entering directory `/home/nmav/cvs/gnutls/guile/tests' make check-TESTS make[3]: Entering directory `/home/nmav/cvs/gnutls/guile/tests' guile: uncaught throw to gnutls-error: (# handshake) I have no idea with scheme, but if you could pinpoint which things are failing on the tests, I could try and see what is wrong. regards, Nikos From ludo at gnu.org Fri Sep 17 10:22:55 2010 From: ludo at gnu.org (Ludovic =?iso-8859-1?Q?Court=E8s?=) Date: Fri, 17 Sep 2010 10:22:55 +0200 Subject: gnutls 2.11.1 In-Reply-To: <4C930DC9.6020906@gnutls.org> (Nikos Mavrogiannopoulos's message of "Fri, 17 Sep 2010 08:42:17 +0200") References: <4C8F62FE.1020808@gnutls.org> <201009142306.18647.Arfrever.FTA@gmail.com> <4C906266.2050601@gnutls.org> <878w33iazf.fsf@gnu.org> <4C930DC9.6020906@gnutls.org> Message-ID: <8739t8wzhc.fsf@gnu.org> Hi, Nikos Mavrogiannopoulos writes: > On 09/15/2010 11:59 AM, Ludovic Court?s wrote: >> Hi, >> >> Nikos Mavrogiannopoulos writes: >> >>> On 09/14/2010 11:05 PM, Arfrever Frehtes Taifersar Arahesis wrote: >>>> When GnuTLS 2.11.1 has been built with support for Nettle, then 1 test fails: >>>> PASS: openpgp-keyring.scm >>>> /bin/sh: line 5: 23938 Segmentation fault GUILE_AUTO_COMPILE=0 ../../guile/pre-inst-guile -L . ${dir}$tst >>>> FAIL: openpgp-auth.scm >>> [...] >>>> This problem doesn't occur when GnuTLS 2.11.1 has been built with support for libgcrypt. >>> >>> Hello, >>> I don't use the guile bindings and didn't notice. Ludovic could you >>> help pinpoint what could be the problem there? >> >> Sure. >> >> Arfrever: what version of Guile did you use? On which platform? >> >> Can you provide a backtrace of the Guile segfault? You can set ?ulimit >> -c unlimited? (or similar) and then run gdb on the core file. > > Do the self tests pass on your system? Right, it happens on ?master? [0] but not with GnuTLS 2.10.1 with either Guile 1.9 [1] or Guile 1.8 [2]. I?m investigating... Ludo?. [0] http://hydra.nixos.org/jobset/gnu/gnutls-master [1] http://hydra.nixos.org/job/nixpkgs/guile2test/gnutls [2] http://hydra.nixos.org/job/nixpkgs/trunk/gnutls From joe at x2a.org Sat Sep 18 01:26:05 2010 From: joe at x2a.org (Jonathan Bastien-Filiatrault) Date: Fri, 17 Sep 2010 19:26:05 -0400 Subject: [PATCH 2/2] Explicit symmetric cipher state versionning. In-Reply-To: <4C930945.5060104@gnutls.org> References: <1284694326-12630-1-git-send-email-joe@x2a.org> <1284694326-12630-2-git-send-email-joe@x2a.org> <4C930945.5060104@gnutls.org> Message-ID: <4C93F90D.3000907@x2a.org> On 2010-09-17 02:23, Nikos Mavrogiannopoulos wrote: > On 09/17/2010 05:32 AM, Jonathan Bastien-Filiatrault wrote: [patch description] > I like the changes. I've commited them! > > regards, > Nikos > Wow, thanks, that made my day ! Working on a single commit for over a week of free time can seem like forever... Thanks and have a nice weekend, Jonathan From ludo at gnu.org Sat Sep 18 23:35:51 2010 From: ludo at gnu.org (Ludovic =?iso-8859-1?Q?Court=E8s?=) Date: Sat, 18 Sep 2010 23:35:51 +0200 Subject: gnutls 2.11.1 References: <4C8F62FE.1020808@gnutls.org> <201009142306.18647.Arfrever.FTA@gmail.com> <4C906266.2050601@gnutls.org> <878w33iazf.fsf@gnu.org> <4C930DC9.6020906@gnutls.org> Message-ID: <878w2yohu0.fsf@inria.fr> Hi, Nikos Mavrogiannopoulos writes: > On 09/15/2010 11:59 AM, Ludovic Court?s wrote: >> Hi, >> >> Nikos Mavrogiannopoulos writes: >> >>> On 09/14/2010 11:05 PM, Arfrever Frehtes Taifersar Arahesis wrote: >>>> When GnuTLS 2.11.1 has been built with support for Nettle, then 1 test fails: >>>> PASS: openpgp-keyring.scm >>>> /bin/sh: line 5: 23938 Segmentation fault GUILE_AUTO_COMPILE=0 ../../guile/pre-inst-guile -L . ${dir}$tst >>>> FAIL: openpgp-auth.scm >>> [...] >>>> This problem doesn't occur when GnuTLS 2.11.1 has been built with support for libgcrypt. OK, I?ve reproduced it. The ?openpgp-auth.scm? programs spawns a client and server that authenticate using OpenPGP keys. The server either hangs or segfaults this way: --8<---------------cut here---------------start------------->8--- Program received signal SIGSEGV, Segmentation fault. 0x00007ffff762956c in __gmpz_set () from /nix/store/00fbkpgn2g1xrp39crrvnyjb2kj3m6js-gmp-4.3.2/lib/libgmp.so.3 (gdb) bt #0 0x00007ffff762956c in __gmpz_set () from /nix/store/00fbkpgn2g1xrp39crrvnyjb2kj3m6js-gmp-4.3.2/lib/libgmp.so.3 #1 0x00007ffff76230dd in __gmpz_invert () from /nix/store/00fbkpgn2g1xrp39crrvnyjb2kj3m6js-gmp-4.3.2/lib/libgmp.so.3 #2 0x00007ffff5bbda41 in wrap_nettle_pk_fixup (algo=, direction=, params=0x7fffffffc200) at pk.c:564 #3 0x00007ffff5ba05ea in _gnutls_pk_fixup (pkey=, keyid=, params=0x7fffffffc2d0, params_size=0x7fffffffc36c) at ../gnutls_pk.h:42 #4 _gnutls_openpgp_privkey_get_mpis (pkey=, keyid=, params=0x7fffffffc2d0, params_size=0x7fffffffc36c) at privkey.c:765 #5 0x00007ffff5ba37c9 in gnutls_openpgp_privkey_sign_hash (key=0x6666f0, hash=0x7fffffffc4c0, signature=0x7fffffffc530) at gnutls_openpgp.c:885 #6 0x00007ffff5b56729 in _gnutls_handshake_sign_data (session=0x6754f0, cert=0x676430, pkey=0x669680, params=, signature=0x7fffffffc530, sign_algo=) at gnutls_sig.c:221 #7 0x00007ffff5b579be in gen_dhe_server_kx (session=0x6754f0, data=0x7fffffffc5a8) at auth_dhe.c:151 #8 0x00007ffff5b44a8e in _gnutls_send_server_kx_message (session=0x6754f0, again=) at gnutls_kx.c:180 #9 0x00007ffff5b41f1f in _gnutls_handshake_server (session=0x6754f0) at gnutls_handshake.c:2971 #10 0x00007ffff5b4253d in gnutls_handshake (session=0x6754f0) at gnutls_handshake.c:2634 #11 0x00007ffff5e191c2 in scm_gnutls_handshake (session=) at core.c:161 #12 0x00007ffff7b3ef98 in vm_debug_engine (vm=0x6bc370, program=0x1, argv=0x6be320, nargs=0) at vm-i-system.c:860 #13 0x00007ffff7b3ef98 in vm_debug_engine (vm=0x6bc370, program=0x1, argv=0x6be260, nargs=0) at vm-i-system.c:860 #14 0x00007ffff7ac8fa3 in scm_primitive_eval (exp=0x95c6e0) at eval.c:844 #15 0x00007ffff7ac9003 in scm_eval (exp=0x95c6e0, module_or_state=0x6bd090) at eval.c:878 #16 0x00007ffff7b0d3af in scm_shell (argc=2, argv=0x7fffffffcca8) at script.c:760 #17 0x00007ffff7ae0ecf in invoke_main_func (body_data=) at init.c:383 #18 0x00007ffff7abfb2a in c_body (d=0x7fffffffcad0) at continuations.c:473 #19 0x00007ffff7b3ed1b in vm_debug_engine (vm=0x6bc370, program=0x8e3520, argv=0x6be0b8, nargs=1) at vm-i-system.c:928 #20 0x00007ffff7ac8e63 in scm_call_4 (proc=0x659090, arg1=, arg2=, arg3=, arg4=) at eval.c:582 #21 0x00007ffff7ac0173 in scm_i_with_continuation_barrier (body=0x7ffff7abfb20 , body_data=0x7fffffffcad0, handler=0x7ffff7abfb40 , handler_data=0x7fffffffcad0, pre_unwind_handler=, pre_unwind_handler_data=) at continuations.c:450 #22 0x00007ffff7ac0210 in scm_c_with_continuation_barrier (func=, data=) at continuations.c:491 #23 0x00007ffff7b30822 in scm_i_with_guile_and_parent (func=0x7ffff7ae0eb0 , data=0x7fffffffcba0, parent=) at threads.c:741 #24 0x00007ffff7ae0f85 in scm_boot_guile (argc=, argv=, main_func=, closure=) at init.c:366 #25 0x0000000000400c70 in main (argc=, argv=) at guile.c:70 (gdb) frame 5 #5 0x00007ffff5ba37c9 in gnutls_openpgp_privkey_sign_hash (key=0x6666f0, hash=0x7fffffffc4c0, signature=0x7fffffffc530) at gnutls_openpgp.c:885 885 result = _gnutls_openpgp_privkey_get_mpis (key, NULL, (gdb) p *key $1 = {knode = 0x6670d0, preferred_keyid = "\000\000\000\000\000\000\000", preferred_set = 0} (gdb) p *key->knode $2 = {next = 0x6671d0, pkt = 0x679780, is_deleted = 0, is_cloned = 0} --8<---------------cut here---------------end--------------->8--- This Guile test is the only unit test for OpenPGP authentication in GnuTLS, and I feel that the issue is more closely related to the CDK/Nettle integration than to Guile. So, here?s a patch that adds a similar unit test in C. The test hangs while the server generates DH parameters, apparently stuck in the second loop of ?gen_prime?. After some time the stack looks scrambled: --8<---------------cut here---------------start------------->8--- (gdb) bt #0 0x00007ffff78eef73 in __gmpn_redc_1 () from /nix/store/ms38kzmhai2xfzvzyvzdfdcpdays942x-user-environment/lib/libgmp.so.3 #1 0x000000000000000e in ?? () #2 0x000000000000000b in ?? () #3 0x000000000000000e in ?? () #4 0x0000000000000008 in ?? () #5 0x0000000000000011 in ?? () #6 0x00007fffffffcf50 in ?? () #7 0x00007ffff78c85ac in __gmpz_powm () from /nix/store/ms38kzmhai2xfzvzyvzdfdcpdays942x-user-environment/lib/libgmp.so.3 Backtrace stopped: previous frame inner to this frame (corrupt stack?) --8<---------------cut here---------------end--------------->8--- Unfortunately Valgrind doesn?t reveal anything interesting. Any idea what to look at now? Thanks, Ludo?. PS: The code in lib/nettle ought to go through ?indent? IMO. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-Add-an-OpenPGP-authentication-unit-test.patch Type: text/x-patch Size: 10149 bytes Desc: the patch URL: From nmav at gnutls.org Sun Sep 19 09:11:22 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Sun, 19 Sep 2010 09:11:22 +0200 Subject: gnutls 2.11.1 In-Reply-To: <878w2yohu0.fsf@inria.fr> References: <4C8F62FE.1020808@gnutls.org> <201009142306.18647.Arfrever.FTA@gmail.com> <4C906266.2050601@gnutls.org> <878w33iazf.fsf@gnu.org> <4C930DC9.6020906@gnutls.org> <878w2yohu0.fsf@inria.fr> Message-ID: <4C95B79A.4030705@gnutls.org> On 09/18/2010 11:35 PM, Ludovic Court?s wrote: > --8<---------------cut here---------------start------------->8--- > Program received signal SIGSEGV, Segmentation fault. > 0x00007ffff762956c in __gmpz_set () from /nix/store/00fbkpgn2g1xrp39crrvnyjb2kj3m6js-gmp-4.3.2/lib/libgmp.so.3 > (gdb) bt > #0 0x00007ffff762956c in __gmpz_set () from /nix/store/00fbkpgn2g1xrp39crrvnyjb2kj3m6js-gmp-4.3.2/lib/libgmp.so.3 > #1 0x00007ffff76230dd in __gmpz_invert () from /nix/store/00fbkpgn2g1xrp39crrvnyjb2kj3m6js-gmp-4.3.2/lib/libgmp.so.3 > #2 0x00007ffff5bbda41 in wrap_nettle_pk_fixup (algo=, direction=, params=0x7fffffffc200) at pk.c:564 > #3 0x00007ffff5ba05ea in _gnutls_pk_fixup (pkey=, keyid=, params=0x7fffffffc2d0, params_size=0x7fffffffc36c) at ../gnutls_pk.h:42 > #4 _gnutls_openpgp_privkey_get_mpis (pkey=, keyid=, params=0x7fffffffc2d0, params_size=0x7fffffffc36c) at privkey.c:765 > #5 0x00007ffff5ba37c9 in gnutls_openpgp_privkey_sign_hash (key=0x6666f0, hash=0x7fffffffc4c0, signature=0x7fffffffc530) at gnutls_openpgp.c:885 > #6 0x00007ffff5b56729 in _gnutls_handshake_sign_data (session=0x6754f0, cert=0x676430, pkey=0x669680, params=, signature=0x7fffffffc530, sign_algo=) at gnutls_sig.c:221 > #7 0x00007ffff5b579be in gen_dhe_server_kx (session=0x6754f0, data=0x7fffffffc5a8) at auth_dhe.c:151 > #8 0x00007ffff5b44a8e in _gnutls_send_server_kx_message (session=0x6754f0, again=) at gnutls_kx.c:180 > #9 0x00007ffff5b41f1f in _gnutls_handshake_server (session=0x6754f0) at gnutls_handshake.c:2971 > #10 0x00007ffff5b4253d in gnutls_handshake (session=0x6754f0) at gnutls_handshake.c:2634 > #11 0x00007ffff5e191c2 in scm_gnutls_handshake (session=) at core.c:161 > #12 0x00007ffff7b3ef98 in vm_debug_engine (vm=0x6bc370, program=0x1, argv=0x6be320, nargs=0) at vm-i-system.c:860 > #13 0x00007ffff7b3ef98 in vm_debug_engine (vm=0x6bc370, program=0x1, argv=0x6be260, nargs=0) at vm-i-system.c:860 > #14 0x00007ffff7ac8fa3 in scm_primitive_eval (exp=0x95c6e0) at eval.c:844 > #15 0x00007ffff7ac9003 in scm_eval (exp=0x95c6e0, module_or_state=0x6bd090) at eval.c:878 > #16 0x00007ffff7b0d3af in scm_shell (argc=2, argv=0x7fffffffcca8) at script.c:760 > #17 0x00007ffff7ae0ecf in invoke_main_func (body_data=) at init.c:383 > #18 0x00007ffff7abfb2a in c_body (d=0x7fffffffcad0) at continuations.c:473 > #19 0x00007ffff7b3ed1b in vm_debug_engine (vm=0x6bc370, program=0x8e3520, argv=0x6be0b8, nargs=1) at vm-i-system.c:928 > #20 0x00007ffff7ac8e63 in scm_call_4 (proc=0x659090, arg1=, arg2=, arg3=, arg4=) at eval.c:582 > #21 0x00007ffff7ac0173 in scm_i_with_continuation_barrier (body=0x7ffff7abfb20 , body_data=0x7fffffffcad0, handler=0x7ffff7abfb40 , handler_data=0x7fffffffcad0, > pre_unwind_handler=, pre_unwind_handler_data=) at continuations.c:450 > #22 0x00007ffff7ac0210 in scm_c_with_continuation_barrier (func=, data=) at continuations.c:491 > #23 0x00007ffff7b30822 in scm_i_with_guile_and_parent (func=0x7ffff7ae0eb0 , data=0x7fffffffcba0, parent=) at threads.c:741 > #24 0x00007ffff7ae0f85 in scm_boot_guile (argc=, argv=, main_func=, closure=) at init.c:366 > #25 0x0000000000400c70 in main (argc=, argv=) at guile.c:70 > (gdb) frame 5 > #5 0x00007ffff5ba37c9 in gnutls_openpgp_privkey_sign_hash (key=0x6666f0, hash=0x7fffffffc4c0, signature=0x7fffffffc530) at gnutls_openpgp.c:885 > 885 result = _gnutls_openpgp_privkey_get_mpis (key, NULL, > (gdb) p *key > $1 = {knode = 0x6670d0, preferred_keyid = "\000\000\000\000\000\000\000", preferred_set = 0} > (gdb) p *key->knode > $2 = {next = 0x6671d0, pkt = 0x679780, is_deleted = 0, is_cloned = 0} > --8<---------------cut here---------------end--------------->8--- > > This Guile test is the only unit test for OpenPGP authentication in > GnuTLS, and I feel that the issue is more closely related to the > CDK/Nettle integration than to Guile. > Thank you! I've found the bug and commited a fix. regards, Nikos From ludo at gnu.org Sun Sep 19 22:40:43 2010 From: ludo at gnu.org (Ludovic =?iso-8859-1?Q?Court=E8s?=) Date: Sun, 19 Sep 2010 22:40:43 +0200 Subject: gnutls 2.11.1 In-Reply-To: <4C95B79A.4030705@gnutls.org> (Nikos Mavrogiannopoulos's message of "Sun, 19 Sep 2010 09:11:22 +0200") References: <4C8F62FE.1020808@gnutls.org> <201009142306.18647.Arfrever.FTA@gmail.com> <4C906266.2050601@gnutls.org> <878w33iazf.fsf@gnu.org> <4C930DC9.6020906@gnutls.org> <878w2yohu0.fsf@inria.fr> <4C95B79A.4030705@gnutls.org> Message-ID: <87vd61lb5g.fsf@gnu.org> Hi Nikos, Nikos Mavrogiannopoulos writes: > On 09/18/2010 11:35 PM, Ludovic Court?s wrote: > >> --8<---------------cut here---------------start------------->8--- >> Program received signal SIGSEGV, Segmentation fault. >> 0x00007ffff762956c in __gmpz_set () from /nix/store/00fbkpgn2g1xrp39crrvnyjb2kj3m6js-gmp-4.3.2/lib/libgmp.so.3 >> (gdb) bt >> #0 0x00007ffff762956c in __gmpz_set () from /nix/store/00fbkpgn2g1xrp39crrvnyjb2kj3m6js-gmp-4.3.2/lib/libgmp.so.3 >> #1 0x00007ffff76230dd in __gmpz_invert () from /nix/store/00fbkpgn2g1xrp39crrvnyjb2kj3m6js-gmp-4.3.2/lib/libgmp.so.3 >> #2 0x00007ffff5bbda41 in wrap_nettle_pk_fixup (algo=, direction=, params=0x7fffffffc200) at pk.c:564 >> #3 0x00007ffff5ba05ea in _gnutls_pk_fixup (pkey=, keyid=, params=0x7fffffffc2d0, params_size=0x7fffffffc36c) at ../gnutls_pk.h:42 >> #4 _gnutls_openpgp_privkey_get_mpis (pkey=, keyid=, params=0x7fffffffc2d0, params_size=0x7fffffffc36c) at privkey.c:765 >> #5 0x00007ffff5ba37c9 in gnutls_openpgp_privkey_sign_hash (key=0x6666f0, hash=0x7fffffffc4c0, signature=0x7fffffffc530) at gnutls_openpgp.c:885 >> #6 0x00007ffff5b56729 in _gnutls_handshake_sign_data (session=0x6754f0, cert=0x676430, pkey=0x669680, params=, signature=0x7fffffffc530, sign_algo=) at gnutls_sig.c:221 >> #7 0x00007ffff5b579be in gen_dhe_server_kx (session=0x6754f0, data=0x7fffffffc5a8) at auth_dhe.c:151 >> #8 0x00007ffff5b44a8e in _gnutls_send_server_kx_message (session=0x6754f0, again=) at gnutls_kx.c:180 >> #9 0x00007ffff5b41f1f in _gnutls_handshake_server (session=0x6754f0) at gnutls_handshake.c:2971 >> #10 0x00007ffff5b4253d in gnutls_handshake (session=0x6754f0) at gnutls_handshake.c:2634 >> #11 0x00007ffff5e191c2 in scm_gnutls_handshake (session=) at core.c:161 >> #12 0x00007ffff7b3ef98 in vm_debug_engine (vm=0x6bc370, program=0x1, argv=0x6be320, nargs=0) at vm-i-system.c:860 >> #13 0x00007ffff7b3ef98 in vm_debug_engine (vm=0x6bc370, program=0x1, argv=0x6be260, nargs=0) at vm-i-system.c:860 >> #14 0x00007ffff7ac8fa3 in scm_primitive_eval (exp=0x95c6e0) at eval.c:844 >> #15 0x00007ffff7ac9003 in scm_eval (exp=0x95c6e0, module_or_state=0x6bd090) at eval.c:878 >> #16 0x00007ffff7b0d3af in scm_shell (argc=2, argv=0x7fffffffcca8) at script.c:760 >> #17 0x00007ffff7ae0ecf in invoke_main_func (body_data=) at init.c:383 >> #18 0x00007ffff7abfb2a in c_body (d=0x7fffffffcad0) at continuations.c:473 >> #19 0x00007ffff7b3ed1b in vm_debug_engine (vm=0x6bc370, program=0x8e3520, argv=0x6be0b8, nargs=1) at vm-i-system.c:928 >> #20 0x00007ffff7ac8e63 in scm_call_4 (proc=0x659090, arg1=, arg2=, arg3=, arg4=) at eval.c:582 >> #21 0x00007ffff7ac0173 in scm_i_with_continuation_barrier (body=0x7ffff7abfb20 , body_data=0x7fffffffcad0, handler=0x7ffff7abfb40 , handler_data=0x7fffffffcad0, >> pre_unwind_handler=, pre_unwind_handler_data=) at continuations.c:450 >> #22 0x00007ffff7ac0210 in scm_c_with_continuation_barrier (func=, data=) at continuations.c:491 >> #23 0x00007ffff7b30822 in scm_i_with_guile_and_parent (func=0x7ffff7ae0eb0 , data=0x7fffffffcba0, parent=) at threads.c:741 >> #24 0x00007ffff7ae0f85 in scm_boot_guile (argc=, argv=, main_func=, closure=) at init.c:366 >> #25 0x0000000000400c70 in main (argc=, argv=) at guile.c:70 >> (gdb) frame 5 >> #5 0x00007ffff5ba37c9 in gnutls_openpgp_privkey_sign_hash (key=0x6666f0, hash=0x7fffffffc4c0, signature=0x7fffffffc530) at gnutls_openpgp.c:885 >> 885 result = _gnutls_openpgp_privkey_get_mpis (key, NULL, >> (gdb) p *key >> $1 = {knode = 0x6670d0, preferred_keyid = "\000\000\000\000\000\000\000", preferred_set = 0} >> (gdb) p *key->knode >> $2 = {next = 0x6671d0, pkt = 0x679780, is_deleted = 0, is_cloned = 0} >> --8<---------------cut here---------------end--------------->8--- >> >> This Guile test is the only unit test for OpenPGP authentication in >> GnuTLS, and I feel that the issue is more closely related to the >> CDK/Nettle integration than to Guile. >> > > Thank you! I've found the bug and commited a fix. Great! BTW, the test written in Scheme is almost twice as small as the one in C and requires very little Scheme knowledge (hint, hint ;-)). Thanks, Ludo?. From simon at josefsson.org Tue Sep 21 13:37:42 2010 From: simon at josefsson.org (Simon Josefsson) Date: Tue, 21 Sep 2010 13:37:42 +0200 Subject: Emacs core TLS support In-Reply-To: <87d3sf9soo.fsf@lifelogs.com> (Ted Zlatanov's message of "Wed, 15 Sep 2010 06:01:27 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <87d3sf9soo.fsf@lifelogs.com> Message-ID: <87eicn2upl.fsf@mocca.josefsson.org> Ted Zlatanov writes: > +(defconst gnutls-version "0.3.1") This should be removed. If the GnuTLS version is at all interesting for elisp callers, there could be an elisp function gnutls-check-version that in C calls gnutls_check_version. > +(defun open-ssl-stream (name buffer host service) > + "Open a SSL connection for a service to a host. I suggest using 'TLS' or possibly 'SSL/TLS' consistently in documentation. Is 'open-ssl-stream' for backwards compatibility? Otherwise I suggest 'open-tls-stream'. > + > +;; (open-ssl-stream "tls" "tls-buffer" "yourserver.com" "https") Looks like debug code that should be removed? > +(defun starttls-negotiate (proc &optional priority-string > + credentials credentials-file) > + "Negotiate a SSL or TLS connection. Here I suggest 'TLS' or 'SSL/TLS' instead. > +PRIORITY-STRING is as per the GnuTLS docs. Maybe there could be an info hyperlink here? > + "/tmp/ca.pem" This should be fixed, naturally. > + > + (priority-string (or priority-string > + (cond > + ((eq credentials 'gnutls-anon) > + "PERFORMANCE:+ANON-DH:!ARCFOUR-128") > + ((eq credentials 'gnutls-x509pki) > + "PERFORMANCE")))) I think NORMAL should be used instead of PERFORMANCE here. > + (gnutls-message-maybe > + (setq ret (gnutls-boot proc priority-string credentials credentials-file)) > + "boot: %s") How much debug code do we want to retain? I'm not sure. > +(defun starttls-open-stream (name buffer host service) > + "Open a TLS connection for a service to a host. 'TLS' or 'SSL/TLS' again. > +DEFUN ("gnutls-global-init", Fgnutls_global_init, > + Sgnutls_global_init, 0, 0, 0, > + doc: /* Initializes global GNU TLS state to defaults. > +Call `gnutls-global-deinit' when GNU TLS usage is no longer needed. > +Returns zero on success. */) ... > +DEFUN ("gnutls-global-deinit", Fgnutls_global_deinit, > + Sgnutls_global_deinit, 0, 0, 0, > + doc: /* Deinitializes global GNU TLS state. > +See also `gnutls-global-init'. */) I think this shouldn't be exposed to Elisp, Emacs startup code could initialize GnuTLS directly. > +DEFUN ("gnutls-boot", Fgnutls_boot, Sgnutls_boot, 3, 6, 0, > + doc: /* Initializes client-mode GnuTLS for process PROC. > +Currently only client mode is supported. Returns a success/failure > +value you can check with `gnutls-errorp'. > + > +PRIORITY_STRING is a string describing the priority. > +TYPE is either `gnutls-anon' or `gnutls-x509pki'. > +TRUSTFILE is a PEM encoded trust file for `gnutls-x509pki'. > +KEYFILE is ... for `gnutls-x509pki' (TODO). > +CALLBACK is ... for `gnutls-x509pki' (TODO). Two comments here: 1) The name is a bit generic..? 2) The design makes it a bit difficult to support multiple credentials. The GnuTLS API allows clients to have several credentials (X.509, OpenPGP, etc). Perhaps copying the GnuTLS API further is more flexible. Good work. I think you are getting there! /Simon From INVALID.NOREPLY at gnu.org Thu Sep 23 09:56:23 2010 From: INVALID.NOREPLY at gnu.org (Knut Anders Hatlen) Date: Thu, 23 Sep 2010 07:56:23 +0000 Subject: [sr #107481] Missing output from gnutls-cli on Solaris Message-ID: <20100923-075622.sv80171.22559@savannah.gnu.org> URL: Summary: Missing output from gnutls-cli on Solaris Project: GnuTLS Submitted by: kah Submitted on: Thu 23 Sep 2010 07:56:22 AM GMT Category: None Priority: 5 - Normal Severity: 3 - Normal Status: None Privacy: Public Assigned to: None Originator Email: Open/Closed: Open Discussion Lock: Any Operating System: None _______________________________________________________ Details: I've seen the following problem with GnuTLS 2.8.6 and 2.10.1 on Solaris 10 and Solaris 11 Express: When I execute gnutls-cli in a terminal, for example "gnutls-cli -p 993 imap.gmail.com", I see the following lines at the end of the output: - MAC: MD5 - Compression: NULL - Handshake was completed - Simple Client Mode: * OK Gimap ready for requests from X.Y.Z.W x31if2123995weq.86 However, if I redirect the output to a file, or pipe it to another process, I only see this output at the end: $ gnutls-cli -p 993 imap.gmail.com < /dev/null | cat (...) - MAC: MD5 - Compression: NULL * OK Gimap ready for requests from X.Y.Z.W m37if2142737wej.5 Note that the "Handshake was completed" line and "Simple Client Mode" have disappeared. This causes problems for programs that look for these lines to verify that the handshake was successful. For example, the open-tls-stream function in Emacs hangs because of it. I think this is caused by these lines in src/cli.c: /* do not buffer */ #if !(defined _WIN32 || defined __WIN32__) setbuf (stdin, NULL); #endif setbuf (stdout, NULL); setbuf (stderr, NULL); Apparently, this will remove buffered contents that haven't been flushed yet. If I add fflush(stdout); fflush(stderr); before the calls to setbuf(), the output becomes the expected one even in the case where the output is redirected/piped. _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From INVALID.NOREPLY at gnu.org Thu Sep 23 10:02:31 2010 From: INVALID.NOREPLY at gnu.org (Nikos Mavrogiannopoulos) Date: Thu, 23 Sep 2010 08:02:31 +0000 Subject: [sr #107481] Missing output from gnutls-cli on Solaris In-Reply-To: <20100923-075622.sv80171.22559@savannah.gnu.org> References: <20100923-075622.sv80171.22559@savannah.gnu.org> Message-ID: <20100923-110231.sv707.33074@savannah.gnu.org> Follow-up Comment #1, sr #107481 (project gnutls): Thank you. I've commited a fix in the repository. _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From INVALID.NOREPLY at gnu.org Thu Sep 23 12:35:18 2010 From: INVALID.NOREPLY at gnu.org (Knut Anders Hatlen) Date: Thu, 23 Sep 2010 10:35:18 +0000 Subject: [sr #107481] Missing output from gnutls-cli on Solaris In-Reply-To: <20100923-110231.sv707.33074@savannah.gnu.org> References: <20100923-075622.sv80171.22559@savannah.gnu.org> <20100923-110231.sv707.33074@savannah.gnu.org> Message-ID: <20100923-103518.sv80171.34290@savannah.gnu.org> Follow-up Comment #2, sr #107481 (project gnutls): Thanks for the quick response! I pulled the latest development sources and verified that the problem is fixed now. _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From vivek at collabora.co.uk Thu Sep 23 17:56:44 2010 From: vivek at collabora.co.uk (Vivek Dasmohapatra) Date: Thu, 23 Sep 2010 16:56:44 +0100 (BST) Subject: [patch] Fix various bugs when using the gnutls async API In-Reply-To: <1281534548.12716.38.camel@night> References: <1281534548.12716.38.camel@night> Message-ID: Hi Sjoerd - slightly different approach in this patch (same analysis though): This applies to the 2.10.x branch and makes all our tests happy again (I suspect your other changes to 2.11.x are still necessary for that branch, though I haven't dug too deeply). -------------- next part -------------- A non-text attachment was scrubbed... Name: 0001-IMED_RET-macro-should-not-clear-session-hash-data-if.patch Type: text/x-diff Size: 1034 bytes Desc: URL: From Joshua.Davies at travelocity.com Thu Sep 23 23:04:58 2010 From: Joshua.Davies at travelocity.com (Davies, Joshua) Date: Thu, 23 Sep 2010 16:04:58 -0500 Subject: "possibly undefined macro: AC_PROG_LIBTOOL" when Trying to build GnuTLS from git Message-ID: I downloaded the latest gnutls, per the instructions at: http://www.gnu.org/software/gnutls/devel.html. However, when I try running "make bootstrap" (per the instructions in README-ALPHA), I get: [jdavies at localhost gnutls]$ make bootstrap for f in lib/po/*.po.in; do \ cp $f `echo $f | sed 's/.in//'`; \ done mv lib/build-aux/config.rpath lib/build-aux/config.rpath- test -f ./configure || autoreconf --install Copying file ABOUT-NLS Copying file build-aux/config.rpath Copying file m4/codeset.m4 Copying file m4/gettext.m4 Copying file m4/glibc2.m4 Copying file m4/glibc21.m4 Copying file m4/iconv.m4 Copying file m4/intdiv0.m4 Copying file m4/intl.m4 Copying file m4/intldir.m4 Copying file m4/intlmacosx.m4 Copying file m4/intmax.m4 Copying file m4/inttypes-pri.m4 Copying file m4/inttypes_h.m4 Copying file m4/lcmessage.m4 Copying file m4/lib-ld.m4 Copying file m4/lib-link.m4 Copying file m4/lib-prefix.m4 Copying file m4/lock.m4 Copying file m4/longlong.m4 Copying file m4/nls.m4 Copying file m4/po.m4 Copying file m4/printf-posix.m4 Copying file m4/progtest.m4 Copying file m4/size_max.m4 Copying file m4/stdint_h.m4 Copying file m4/uintmax_t.m4 Copying file m4/visibility.m4 Copying file m4/wchar_t.m4 Copying file m4/wint_t.m4 Copying file m4/xsize.m4 Copying file po/Makefile.in.in Copying file po/Makevars.template Copying file po/Rules-quot Copying file po/boldquot.sed Copying file po/en at boldquot.header Copying file po/en at quot.header Copying file po/insert-header.sin Copying file po/quot.sed Copying file po/remove-potcdate.sin configure.ac:36: error: possibly undefined macro: AC_LIBTOOL_WIN32_DLL If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. configure.ac:37: error: possibly undefined macro: AC_PROG_LIBTOOL autoreconf: /usr/local/bin/autoconf failed with exit status: 1 make: *** [autoreconf] Error 1 I've upgrade autoconf and automake to 2.61 and 1.10.3 per the dependencies list. If I download 2.8.6 from the FTP site, it builds correctly, and there aren't a heck of a lot of differences between configure.ac in 2.8.6 and the configure.ac that I'm trying to build above. Any thoughts? Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: From nmav at gnutls.org Thu Sep 23 23:13:54 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Thu, 23 Sep 2010 23:13:54 +0200 Subject: [patch] Fix various bugs when using the gnutls async API In-Reply-To: References: <1281534548.12716.38.camel@night> Message-ID: <4C9BC312.5000905@gnutls.org> On 09/23/2010 05:56 PM, Vivek Dasmohapatra wrote: > Hi Sjoerd - slightly different approach in this patch (same analysis > though): > This applies to the 2.10.x branch and makes all our tests happy again (I > suspect your other changes to 2.11.x are still necessary for that > branch, though I haven't dug too deeply). Hi, I've fixed it differently in the git. Could you verify that it works for you? regards, Nikos From vivek at collabora.co.uk Fri Sep 24 13:34:25 2010 From: vivek at collabora.co.uk (Vivek Dasmohapatra) Date: Fri, 24 Sep 2010 12:34:25 +0100 (BST) Subject: [patch] Fix various bugs when using the gnutls async API In-Reply-To: <4C9BC312.5000905@gnutls.org> References: <1281534548.12716.38.camel@night> <4C9BC312.5000905@gnutls.org> Message-ID: On Thu, 23 Sep 2010, Nikos Mavrogiannopoulos wrote: > Hi, > I've fixed it differently in the git. Could you verify that it works > for you? b7328f78 * origin/gnutls_2_10_x Be liberal in the PEM decoding. ? Does not fix the problem: In that branch IMED_RET still clears the hash data on EAGAIN if check_fatal is not set. 2.11.x works, but our stumbling block is that there's no 2.10.x version that contains the fix (that I can see). Am I looking in the wrong place? From nmav at gnutls.org Fri Sep 24 13:58:27 2010 From: nmav at gnutls.org (Nikos Mavrogiannopoulos) Date: Fri, 24 Sep 2010 13:58:27 +0200 Subject: [patch] Fix various bugs when using the gnutls async API In-Reply-To: References: <1281534548.12716.38.camel@night> <4C9BC312.5000905@gnutls.org> Message-ID: This is the commit I was referring to: http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=0d07d8432d57805a8354ebd6c1e7829f3ab159cb regards, Nikos On Fri, Sep 24, 2010 at 1:34 PM, Vivek Dasmohapatra wrote: > On Thu, 23 Sep 2010, Nikos Mavrogiannopoulos wrote: > >> Hi, >> I've fixed it differently in the git. Could you verify that it works >> for you? > > b7328f78 * origin/gnutls_2_10_x Be liberal in the PEM decoding. ? > > Does not fix the problem: In that branch IMED_RET > still clears the hash data on EAGAIN if check_fatal is not > set. > > 2.11.x works, but our stumbling block is that there's no > 2.10.x version that contains the fix (that I can see). > > Am I looking in the wrong place? > From vivek at collabora.co.uk Fri Sep 24 13:59:02 2010 From: vivek at collabora.co.uk (Vivek Dasmohapatra) Date: Fri, 24 Sep 2010 12:59:02 +0100 (BST) Subject: [patch] Fix various bugs when using the gnutls async API In-Reply-To: References: <1281534548.12716.38.camel@night> <4C9BC312.5000905@gnutls.org> Message-ID: On Fri, 24 Sep 2010, Vivek Dasmohapatra wrote: Oops, updated the wrong repo... 0d07d843 * origin/gnutls_2_10_x No longer use is_fatal() during handshake. Looks much more plausible, passes the tests. Cheers. From ametzler at downhill.at.eu.org Fri Sep 24 18:06:20 2010 From: ametzler at downhill.at.eu.org (Andreas Metzler) Date: Fri, 24 Sep 2010 18:06:20 +0200 Subject: "possibly undefined macro: AC_PROG_LIBTOOL" when Trying to build GnuTLS from git In-Reply-To: References: Message-ID: <20100924160620.GA2604@downhill.g.la> On 2010-09-23 "Davies, Joshua" wrote: > I downloaded the latest gnutls, per the instructions at: > http://www.gnu.org/software/gnutls/devel.html. However, when I try > running "make bootstrap" (per the instructions in README-ALPHA), I > get: [...] > configure.ac:37: error: possibly undefined macro: AC_PROG_LIBTOOL > autoreconf: /usr/local/bin/autoconf failed with exit status: 1 > make: *** [autoreconf] Error 1 Looks like you are missing libtool(.m4). > I've upgrade autoconf and automake to 2.61 and 1.10.3 per the > dependencies list. If I download 2.8.6 from the FTP site, it builds > correctly, and there aren't a heck of a lot of differences between > configure.ac in 2.8.6 and the configure.ac that I'm trying to build > above. The 2.8.6 release tarball already contains the build infrastructure (output of automake/autoconf/libtoolize, etc). cu andreas From tzz at lifelogs.com Sun Sep 26 08:12:13 2010 From: tzz at lifelogs.com (Ted Zlatanov) Date: Sun, 26 Sep 2010 01:12:13 -0500 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87r5ptpnz2.fsf@stupidchicken.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <87d3sf9soo.fsf@lifelogs.com> <87eicn2upl.fsf@mocca.josefsson.org> Message-ID: <87k4m92fuq.fsf@lifelogs.com> On Tue, 21 Sep 2010 13:37:42 +0200 Simon Josefsson wrote: SJ> Ted Zlatanov writes: >> +(defconst gnutls-version "0.3.1") >> + "/tmp/ca.pem" SJ> This should be removed. Done. >> + (priority-string (or priority-string >> + (cond >> + ((eq credentials 'gnutls-anon) >> + "PERFORMANCE:+ANON-DH:!ARCFOUR-128") >> + ((eq credentials 'gnutls-x509pki) >> + "PERFORMANCE")))) SJ> I think NORMAL should be used instead of PERFORMANCE here. Done. >> +(defun open-ssl-stream (name buffer host service) >> + "Open a SSL connection for a service to a host. SJ> I suggest using 'TLS' or possibly 'SSL/TLS' consistently in SJ> documentation. OK, but let's get the code working first. SJ> Is 'open-ssl-stream' for backwards compatibility? Otherwise I SJ> suggest 'open-tls-stream'. Yes, it's trying to be compatible. I'd rather get rid of the compatibility but we'll see. >> +;; (open-ssl-stream "tls" "tls-buffer" "yourserver.com" "https") SJ> Looks like debug code that should be removed? Please let it be for now. It's useful for quick testing. >> +PRIORITY-STRING is as per the GnuTLS docs. SJ> Maybe there could be an info hyperlink here? Sorry, you mean to the GnuTLS webserver? I don't know if that's necessary. >> + (gnutls-message-maybe >> + (setq ret (gnutls-boot proc priority-string credentials credentials-file)) >> + "boot: %s") SJ> How much debug code do we want to retain? I'm not sure. For now, as much as possible. We can always turn it down later. >> +DEFUN ("gnutls-global-init", Fgnutls_global_init, >> + Sgnutls_global_init, 0, 0, 0, >> + doc: /* Initializes global GNU TLS state to defaults. >> +Call `gnutls-global-deinit' when GNU TLS usage is no longer needed. >> +Returns zero on success. */) SJ> ... >> +DEFUN ("gnutls-global-deinit", Fgnutls_global_deinit, >> + Sgnutls_global_deinit, 0, 0, 0, >> + doc: /* Deinitializes global GNU TLS state. >> +See also `gnutls-global-init'. */) SJ> I think this shouldn't be exposed to Elisp, Emacs startup code could SJ> initialize GnuTLS directly. OK, done. >> +DEFUN ("gnutls-boot", Fgnutls_boot, Sgnutls_boot, 3, 6, 0, >> + doc: /* Initializes client-mode GnuTLS for process PROC. >> +Currently only client mode is supported. Returns a success/failure >> +value you can check with `gnutls-errorp'. >> + >> +PRIORITY_STRING is a string describing the priority. >> +TYPE is either `gnutls-anon' or `gnutls-x509pki'. >> +TRUSTFILE is a PEM encoded trust file for `gnutls-x509pki'. >> +KEYFILE is ... for `gnutls-x509pki' (TODO). >> +CALLBACK is ... for `gnutls-x509pki' (TODO). SJ> Two comments here: 1) The name is a bit generic..? Well, "init" is taken and I have a small vocabulary :) SJ> 2) The design makes it a bit difficult to support multiple SJ> credentials. The GnuTLS API allows clients to have several SJ> credentials (X.509, OpenPGP, etc). Perhaps copying the GnuTLS API SJ> further is more flexible. I thought of making it more flexible but I really want to get the basic case working. As I mentioned earlier I think GnuTLS should consider further extending the idea of priority strings to a full configuration (credentials especially) in a single string or file. That would make using it so much easier from Emacs Lisp. I tried to figure out the TLS handshake problem but it has stumped me. It's taken me many hours and I still don't know what I'm missing so, as I mentioned in my other message, I've checked in my current state to let others take a look. If you or other GnuTLS developers can help, it would be greatly appreciated. Once the handshake works I will work on the other improvements you mentioned and on getting the GnuTLS support into Gnus and other parts of Emacs. Thanks Ted From larsi at gnus.org Sun Sep 26 17:32:10 2010 From: larsi at gnus.org (Lars Magne Ingebrigtsen) Date: Sun, 26 Sep 2010 17:32:10 +0200 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <87d3sf9soo.fsf@lifelogs.com> <87r5gh2fzj.fsf@lifelogs.com> Message-ID: Ted Zlatanov writes: > gnutls: handshake: handshaking > gnutls.el: (err=[-9] A TLS packet with unexpected length was received.) handshake: nil > Ouch, error return -9 (A TLS packet with unexpected length was received.) > nil > Mark set [2 times] (open-ssl-stream "tls" "tls-buffer" "imap.gmail.com" "imaps") Yes, I'm getting the same: gnutls.el: (err=[gnutls-e-again] Resource temporarily unavailable, try again.) handshake: nil gnutls: handshake: handshaking [2 times] gnutls.el: (err=[-15] An unexpected TLS packet was received.) handshake: nil Ouch, error return -15 (An unexpected TLS packet was received.) -- (domestic pets only, the antidote for overdose, milk.) larsi at gnus.org * Lars Magne Ingebrigtsen From cloos at jhcloos.com Sun Sep 26 23:50:37 2010 From: cloos at jhcloos.com (James Cloos) Date: Sun, 26 Sep 2010 17:50:37 -0400 Subject: Emacs core TLS support In-Reply-To: <87r5gh2fzj.fsf@lifelogs.com> (Ted Zlatanov's message of "Sun, 26 Sep 2010 01:09:20 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <87d3sf9soo.fsf@lifelogs.com> <87r5gh2fzj.fsf@lifelogs.com> Message-ID: >>>>> "TZ" == Ted Zlatanov writes: TZ> I've gone over my code carefully and just can't figure out what's TZ> different. I'm sure it's something simple I've overlooked. It probably would help to get a full packet trace of the failed handshake and look at it in wireshark. -JimC -- James Cloos OpenPGP: 1024D/ED7DAEA6 From cloos at jhcloos.com Mon Sep 27 20:25:10 2010 From: cloos at jhcloos.com (James Cloos) Date: Mon, 27 Sep 2010 14:25:10 -0400 Subject: Emacs core TLS support In-Reply-To: <877hi79rt2.fsf@lifelogs.com> (Ted Zlatanov's message of "Mon, 27 Sep 2010 09:36:41 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <87d3sf9soo.fsf@lifelogs.com> <87r5gh2fzj.fsf@lifelogs.com> <877hi79rt2.fsf@lifelogs.com> Message-ID: >>>>> "TZ" == Ted Zlatanov writes: TZ> It's not really helpful to me since I don't know TLS well. Sorry. My point was that wireshark does a decent job of decoding the TLS such that anyone should be able to follow what is happening. -JimC -- James Cloos OpenPGP: 1024D/ED7DAEA6 From tzz at lifelogs.com Mon Sep 27 20:45:26 2010 From: tzz at lifelogs.com (Ted Zlatanov) Date: Mon, 27 Sep 2010 13:45:26 -0500 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <87d3sf9soo.fsf@lifelogs.com> <87r5gh2fzj.fsf@lifelogs.com> <877hi79rt2.fsf@lifelogs.com> Message-ID: <87bp7j6n5l.fsf@lifelogs.com> On Mon, 27 Sep 2010 14:25:10 -0400 James Cloos wrote: >>>>>> "TZ" == Ted Zlatanov writes: TZ> It's not really helpful to me since I don't know TLS well. JC> Sorry. My point was that wireshark does a decent job of decoding the JC> TLS such that anyone should be able to follow what is happening. With Lars' latest change we found that enabling logging, in itself, will make things work (yay!). We guessed it was the delay introduced by logging but using (sit-for 0.1) in the handshake loop doesn't work like enabling logging. So it's something specific about the logging function's interaction with Emacs and looking at the wire is *probably* not going to help. But I don't know yet what's going on. Ted From larsi at gnus.org Mon Sep 27 21:07:42 2010 From: larsi at gnus.org (Lars Magne Ingebrigtsen) Date: Mon, 27 Sep 2010 21:07:42 +0200 Subject: Emacs core TLS support References: <878wc1vfh3.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <87d3sf9soo.fsf@lifelogs.com> <87r5gh2fzj.fsf@lifelogs.com> <877hi79rt2.fsf@lifelogs.com> <87bp7j6n5l.fsf@lifelogs.com> Message-ID: Ted Zlatanov writes: > With Lars' latest change we found that enabling logging, in itself, will > make things work (yay!). We guessed it was the delay introduced by > logging but using (sit-for 0.1) in the handshake loop doesn't work like > enabling logging. So it's something specific about the logging > function's interaction with Emacs and looking at the wire is *probably* > not going to help. But I don't know yet what's going on. I did one further test. If I replace the `message' in the logging function with a printf, it still works. But if I then said $ emacs > /dev/null then it didn't work. Which may point to a timing issue again. I forgot to test with > file, to actually see what the debugging info was. :-/ -- (domestic pets only, the antidote for overdose, milk.) larsi at gnus.org * Lars Magne Ingebrigtsen From INVALID.NOREPLY at gnu.org Wed Sep 29 06:34:58 2010 From: INVALID.NOREPLY at gnu.org (Micah Anderson) Date: Wed, 29 Sep 2010 04:34:58 +0000 Subject: [sr #107485] Add new extended key usage ipsecIKE Message-ID: <20100929-043457.sv80249.38471@savannah.gnu.org> URL: Summary: Add new extended key usage ipsecIKE Project: GnuTLS Submitted by: micahanderson Submitted on: Wed 29 Sep 2010 04:34:57 AM GMT Category: None Priority: 5 - Normal Severity: 3 - Normal Status: None Privacy: Public Assigned to: None Originator Email: Open/Closed: Open Discussion Lock: Any Operating System: None _______________________________________________________ Details: According to RFC 4945 ? 5.1.3.12 section title "ExtendedKeyUsage"[0] the following extended key usage has been added: ... this document defines an ExtendedKeyUsage keyPurposeID that MAY be used to limit a certificate's use: id-kp-ipsecIKE OBJECT IDENTIFIER ::= { id-kp 17 } where id-kp is defined in RFC 3280 [5]. If a certificate is intended to be used with both IKE and other applications, and one of the other applications requires use of an EKU value, then such certificates MUST contain either the keyPurposeID id-kp-ipsecIKE or anyExtendedKeyUsage [5], as well as the keyPurposeID values associated with the other applications. Similarly, if a CA issues multiple otherwise-similar certificates for multiple applications including IKE, and it is intended that the IKE certificate NOT be used with another application, the IKE certificate MAY contain an EKU extension listing a keyPurposeID of id-kp-ipsecIKE to discourage its use with the other application. Recall, however, that EKU extensions in certificates meant for use in IKE are NOT RECOMMENDED. Conforming IKE implementations are not required to support EKU. If a critical EKU extension appears in a certificate and EKU is not supported by the implementation, then RFC 3280 requires that the certificate be rejected. Implementations that do support EKU MUST support the following logic for certificate validation: o If no EKU extension, continue. o If EKU present AND contains either id-kp-ipsecIKE or anyExtendedKeyUsage, continue. o Otherwise, reject cert. I believe that the attached patch adds the ipsecIKE extended key usage flag to openssl. You can also pull my repository, with the patch from: git clone git://labs.riseup.net/~micah/gnutls _______________________________________________________ File Attachments: ------------------------------------------------------- Date: Wed 29 Sep 2010 04:34:57 AM GMT Name: gnutls_ipsec_ike.diff Size: 4kB By: micahanderson _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From INVALID.NOREPLY at gnu.org Wed Sep 29 07:47:32 2010 From: INVALID.NOREPLY at gnu.org (Micah Anderson) Date: Wed, 29 Sep 2010 05:47:32 +0000 Subject: [sr #107485] Add new extended key usage ipsecIKE In-Reply-To: <20100929-043457.sv80249.38471@savannah.gnu.org> References: <20100929-043457.sv80249.38471@savannah.gnu.org> Message-ID: <20100929-054731.sv80249.22648@savannah.gnu.org> Follow-up Comment #1, sr #107485 (project gnutls): >I believe that the attached patch adds the ipsecIKE extended key > usage flag to openssl. You can also pull my repository, with the > patch from: git clone git://labs.riseup.net/~micah/gnutls err, make that s/openssl/certtool... :redface: _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From INVALID.NOREPLY at gnu.org Wed Sep 29 09:41:42 2010 From: INVALID.NOREPLY at gnu.org (Nikos Mavrogiannopoulos) Date: Wed, 29 Sep 2010 07:41:42 +0000 Subject: [sr #107485] Add new extended key usage ipsecIKE In-Reply-To: <20100929-054731.sv80249.22648@savannah.gnu.org> References: <20100929-043457.sv80249.38471@savannah.gnu.org> <20100929-054731.sv80249.22648@savannah.gnu.org> Message-ID: <20100929-104141.sv707.18705@savannah.gnu.org> Update of sr #107485 (project gnutls): Status: None => Done Assigned to: None => nmav _______________________________________________________ Follow-up Comment #2: Thank you. The patch has been commited. _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From INVALID.NOREPLY at gnu.org Wed Sep 29 09:44:02 2010 From: INVALID.NOREPLY at gnu.org (Nikos Mavrogiannopoulos) Date: Wed, 29 Sep 2010 07:44:02 +0000 Subject: [sr #107481] Missing output from gnutls-cli on Solaris In-Reply-To: <20100923-103518.sv80171.34290@savannah.gnu.org> References: <20100923-075622.sv80171.22559@savannah.gnu.org> <20100923-110231.sv707.33074@savannah.gnu.org> <20100923-103518.sv80171.34290@savannah.gnu.org> Message-ID: <20100929-104401.sv707.63416@savannah.gnu.org> Update of sr #107481 (project gnutls): Status: None => Done Assigned to: None => nmav Open/Closed: Open => Closed _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From INVALID.NOREPLY at gnu.org Wed Sep 29 09:44:30 2010 From: INVALID.NOREPLY at gnu.org (Nikos Mavrogiannopoulos) Date: Wed, 29 Sep 2010 07:44:30 +0000 Subject: [sr #107424] gnutls cannot handle openssl-1.0.o.a certs In-Reply-To: <20100725-125611.sv8049.45042@savannah.gnu.org> References: <20100709-092256.sv0.62113@savannah.gnu.org> <20100724-140033.sv707.73772@savannah.gnu.org> <20100724-114533.sv0.57366@savannah.gnu.org> <20100724-114646.sv0.39448@savannah.gnu.org> <20100724-150656.sv707.4093@savannah.gnu.org> <20100724-133411.sv0.62195@savannah.gnu.org> <20100724-170719.sv707.59427@savannah.gnu.org> <20100724-231723.sv8049.88151@savannah.gnu.org> <20100725-102906.sv707.96805@savannah.gnu.org> <20100725-125611.sv8049.45042@savannah.gnu.org> Message-ID: <20100929-104430.sv707.70439@savannah.gnu.org> Update of sr #107424 (project gnutls): Status: None => Done Assigned to: None => nmav Open/Closed: Open => Closed _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From INVALID.NOREPLY at gnu.org Wed Sep 29 09:44:56 2010 From: INVALID.NOREPLY at gnu.org (Nikos Mavrogiannopoulos) Date: Wed, 29 Sep 2010 07:44:56 +0000 Subject: [sr #107420] certtool cannot handle input redirection In-Reply-To: <20100705-094453.sv707.95720@savannah.gnu.org> References: <20100704-140035.sv20807.20788@savannah.gnu.org> <20100705-093418.sv707.47825@savannah.gnu.org> <20100705-093431.sv707.65626@savannah.gnu.org> <20100705-094453.sv707.95720@savannah.gnu.org> Message-ID: <20100929-104456.sv707.43138@savannah.gnu.org> Update of sr #107420 (project gnutls): Open/Closed: Open => Closed _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From simon at josefsson.org Thu Sep 30 11:13:09 2010 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Sep 2010 11:13:09 +0200 Subject: GnuTLS 2.10.2 released Message-ID: <87zkuzd26y.fsf@mocca.josefsson.org> We are proud to announce a new stable GnuTLS release: Version 2.10.2. GnuTLS is a modern C library that implements the standard network security protocol Transport Layer Security (TLS), for use by network applications. GnuTLS is developed for GNU/Linux, but works on many Unix-like systems and comes with a binary installer for Windows. The GnuTLS library is distributed under the terms of the GNU Lesser General Public License version 2.1 (or later). The "extra" GnuTLS library (which contains TLS/IA support, LZO compression and Libgcrypt FIPS-mode handler), the OpenSSL compatibility library, the self tests and the command line tools are all distributed under the GNU General Public License version 3.0 (or later). The manual is distributed under the GNU Free Documentation License version 1.3 (or later). The project page of the library is available at: http://www.gnu.org/software/gnutls/ What's New ========== ** Use Libtool 2.2.10 to ease MinGW64 builds. ** libgnutls: Add new extended key usage ipsecIKE. ** libgnutls: Is now more liberal in the PEM decoding. That is spaces and tabs are being skipped. ** libgnutls: Renamed NULL MAC to MAC-NULL to prevent clash with NULL cipher. This prevented the usage of the TLS ciphersuites with NULL cipher. See . ** libgnutls: The %COMPAT flag now allows larger records that violate the TLS spec. ** libgnutls: Fix asynchronous API handling. The code was clearing session hash data on EAGAIN. Problem reported by Sjoerd Simons and Vivek Dasmohapatra . See . ** gnutls-cli: Flush stdout/stderr before removing buffering. Reported by Knut Anders Hatlen see . ** API and ABI modifications: No changes since last version. Getting the Software ==================== GnuTLS may be downloaded from one of the GNU mirror sites or directly From . The list of GNU mirrors can be found at and a list of GnuTLS mirrors can be found at . Here are the BZIP2 compressed sources (7.2MB): ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2.tar.bz2 http://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2.tar.bz2 Here are OpenPGP detached signatures signed using key 0xB565716F: ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2.tar.bz2.sig http://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2.tar.bz2.sig Note, that we don't distribute gzip compressed tarballs. In order to check that the version of GnuTLS which you are going to install is an original and unmodified one, you should verify the OpenPGP signature. You can use the command gpg --verify gnutls-2.10.2.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. The signing key can be identified with the following information: pub 1280R/B565716F 2002-05-05 [expires: 2011-03-30] Key fingerprint = 0424 D4EE 81A0 E3D1 19C6 F835 EDA2 1E94 B565 716F uid Simon Josefsson uid Simon Josefsson sub 1280R/4D5D40AE 2002-05-05 [expires: 2011-03-30] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Alternatively, after successfully verifying the OpenPGP signature of this announcement, you could verify that the files match the following checksum values. The values are for SHA-1 and SHA-224 respectively: 2704b7b86fc5e3444afcf20feb7bc9ff117d4816 gnutls-2.10.2.tar.bz2 d0a6c3f658da5dd6c74d9cf24ddf4b2b6bb4dd73c28d64c4053997c9 gnutls-2.10.2.tar.bz2 Documentation ============= The manual is available online at: http://www.gnu.org/software/gnutls/documentation.html In particular the following formats are available: HTML: http://www.gnu.org/software/gnutls/manual/html_node/index.html PDF: http://www.gnu.org/software/gnutls/manual/gnutls.pdf For developers there is a GnuTLS API reference manual formatted using the GTK-DOC tools: HTML: http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html PDF: http://www.gnu.org/software/gnutls/reference/gnutls.pdf Community ========= If you need help to use GnuTLS, or want to help others, you are invited to join our help-gnutls mailing list, see: http://lists.gnu.org/mailman/listinfo/help-gnutls If you wish to participate in the development of GnuTLS, you are invited to join our gnutls-dev mailing list, see: http://lists.gnu.org/mailman/listinfo/gnutls-devel Windows installer ================= GnuTLS has been ported to the Windows operating system, and a binary installer is available. The installer contains DLLs for application development, manuals, examples, and source code. The versions included are libgpg-error v1.8, libgcrypt v1.4.6, and GnuTLS v2.10.2. New in this release is that we have changed build environment for the Windows builds. We are now using MinGW-w64 from built with GCC 4.5.1. The Windows build scripts reside in: http://cvs.savannah.gnu.org/viewvc/windows-build-scripts/?root=gnutls The Windows binary installer (16MB): ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2-x86.exe http://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2-x86.exe The OpenPGP detached signatures signed using key 0xB565716F: ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2-x86.exe.sig http://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2-x86.exe.sig The checksum values for SHA-1 and SHA-224 are: 6f402bb6babb3aae591c76bde1bfd48e60d21100 gnutls-2.10.2-x86.exe 589c2fcf412836907df4057945bc4d43b6da337a62f3771121f5b31d gnutls-2.10.2-x86.exe A ZIP archive with Windows binaries (5.8MB): ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2-x86.zip http://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2-x86.zip The OpenPGP detached signatures signed using key 0xB565716F: ftp://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2-x86.zip.sig http://ftp.gnu.org/gnu/gnutls/gnutls-2.10.2-x86.zip.sig The checksum values for SHA-1 and SHA-224 are: d0dd205e4c30c04fbffe7cf1b6556a18571a5e91 gnutls-2.10.2-x86.zip bda8bbe2a5059e2ccb452d4a8082d80944779ea3ef734fc3f43aac68 gnutls-2.10.2-x86.zip A Debian mingw32 package is also available (5.4MB): ftp://ftp.gnu.org/gnu/gnutls/mingw32-gnutls_2.10.2-1_all.deb http://ftp.gnu.org/gnu/gnutls/mingw32-gnutls_2.10.2-1_all.deb The checksum values for SHA-1 and SHA-224 are: 925cdb8e1c4b0e7c462a4ad0b01a2f80f3d2537c mingw32-gnutls_2.10.2-1_all.deb 807d26b8d3f458ac8352481c262c188d1d842573fea5b2986121c0dd mingw32-gnutls_2.10.2-1_all.deb Internationalization ==================== The GnuTLS library messages have been translated into Czech, Dutch, French, German, Italian, Malay, Polish, Simplified Chinese, Swedish, and Vietnamese. We welcome the addition of more translations. Support ======= Improving GnuTLS is costly, but you can help! We are looking for organizations that find GnuTLS useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for GnuTLS are available, and they help finance continued maintenance. Simon Josefsson Datakonsult AB, a Stockholm based privately held company, is currently funding GnuTLS maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. The GnuTLS service directory is available at: http://www.gnu.org/software/gnutls/commercial.html Happy Hacking, Simon -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 420 bytes Desc: not available URL: From simon at josefsson.org Thu Sep 30 12:10:22 2010 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Sep 2010 12:10:22 +0200 Subject: Emacs core TLS support In-Reply-To: <87k4m92fuq.fsf@lifelogs.com> (Ted Zlatanov's message of "Sun, 26 Sep 2010 01:12:13 -0500") References: <878wc1vfh3.fsf@lifelogs.com> <871vhsvkut.fsf@lifelogs.com> <87d41csktn.fsf@lifelogs.com> <87k4v0n0m8.fsf@lifelogs.com> <87wrrvfnc4.fsf@lifelogs.com> <87r5i2d00q.fsf@lifelogs.com> <87zkwqijye.fsf@stupidchicken.com> <878w4actmg.fsf@lifelogs.com> <877hju123h.fsf@stupidchicken.com> <8762yklrdk.fsf@lifelogs.com> <87wrqzhrjv.fsf@lifelogs.com> <87fwxmihyz.fsf@lifelogs.com> <8762ycfhqo.fsf@lifelogs.com> <87d3sf9soo.fsf@lifelogs.com> <87eicn2upl.fsf@mocca.josefsson.org> <87k4m92fuq.fsf@lifelogs.com> Message-ID: <87sk0rbkz5.fsf@mocca.josefsson.org> Ted Zlatanov writes: >>> +PRIORITY-STRING is as per the GnuTLS docs. > > SJ> Maybe there could be an info hyperlink here? > > Sorry, you mean to the GnuTLS webserver? I don't know if that's > necessary. I was thinking to the Info manual. Just a nit... > SJ> 2) The design makes it a bit difficult to support multiple > SJ> credentials. The GnuTLS API allows clients to have several > SJ> credentials (X.509, OpenPGP, etc). Perhaps copying the GnuTLS API > SJ> further is more flexible. > > I thought of making it more flexible but I really want to get the basic > case working. That's probably a good idea. > As I mentioned earlier I think GnuTLS should consider further > extending the idea of priority strings to a full configuration > (credentials especially) in a single string or file. That would make > using it so much easier from Emacs Lisp. Hm. Interesting, yes, it could do that. I'm not sure it makes sense to support at the C layer, but I'll think about it. > I tried to figure out the TLS handshake problem but it has stumped me. > It's taken me many hours and I still don't know what I'm missing so, as > I mentioned in my other message, I've checked in my current state to let > others take a look. If you or other GnuTLS developers can help, it > would be greatly appreciated. Once the handshake works I will work on > the other improvements you mentioned and on getting the GnuTLS support > into Gnus and other parts of Emacs. Isn't it just that you don't have a proper X.509 setup? /Simon From simon at josefsson.org Thu Sep 30 12:15:19 2010 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Sep 2010 12:15:19 +0200 Subject: "possibly undefined macro: AC_PROG_LIBTOOL" when Trying to build GnuTLS from git In-Reply-To: (Joshua Davies's message of "Thu, 23 Sep 2010 16:04:58 -0500") References: Message-ID: <87ocbfbkqw.fsf@mocca.josefsson.org> "Davies, Joshua" writes: > I downloaded the latest gnutls, per the instructions at: http://www.gnu.org/software/gnutls/devel.html. However, when I try running "make bootstrap" (per the instructions in README-ALPHA), I get: Did you install all the dependencies? > configure.ac:36: error: possibly undefined macro: AC_LIBTOOL_WIN32_DLL > If this token and others are legitimate, please use m4_pattern_allow. > See the Autoconf documentation. > configure.ac:37: error: possibly undefined macro: AC_PROG_LIBTOOL > autoreconf: /usr/local/bin/autoconf failed with exit status: 1 Libtool is missing. If you are using a local autoconf installation, the simplest is to also install libtool locally too. > I've upgrade autoconf and automake to 2.61 and 1.10.3 per the > dependencies list. If I download 2.8.6 from the FTP site, it builds > correctly, and there aren't a heck of a lot of differences between > configure.ac in 2.8.6 and the configure.ac that I'm trying to build > above. Try latest 2.10.x releases too. /Simon From simon at josefsson.org Thu Sep 30 12:18:26 2010 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Sep 2010 12:18:26 +0200 Subject: Emacs and TLS support In-Reply-To: <87eicgyyun.fsf@lifelogs.com> (Ted Zlatanov's message of "Sun, 26 Sep 2010 16:33:04 -0500") References: <4C9F70AE.3020705@alice.it> <87tylcz0aa.fsf@lifelogs.com> <87eicgyyun.fsf@lifelogs.com> Message-ID: <87k4m3bklp.fsf@mocca.josefsson.org> Ted Zlatanov writes: > On Sun, 26 Sep 2010 23:06:46 +0200 Lars Magne Ingebrigtsen wrote: > > LMI> Ted Zlatanov writes: >>> I stepped through the GnuTLS function calls and couldn't find a problem >>> with the credential structures. It's frustrating that the exact same >>> code works for the example client in GnuTLS but breaks in Emacs (most of >>> my time debugging this was spent double-checking that the same functions >>> are called with the same parameters in both cases). > > LMI> I know nothing about tls, but have you confirmed that the library calls > LMI> really work in non-blocking mode? It's not uncommon to write libraries > LMI> that assume that socket connections are blocking... > > It would be great if the GnuTLS developers could comment. But these > references seem to specifically confirm that non-blocking sockets should > work the way I'm doing it: > > http://lists.gnupg.org/pipermail/gnutls-dev/2005-March/000839.html > http://www.gnu.org/software/gnutls/manual/html_node/The-transport-layer.html Yes, it should work both in blocking and non-blocking. > I tried setting the low water value to 0 in `Fgnutls_handshake' after > `gnutls_transport_set_ptr2' but it didn't make a difference: > > gnutls_transport_set_lowat (state, 0); > > So I removed it in the patch. I sort of suspect right now that > recv/send are not working correctly so I need to provide custom versions > with `gnutls_transport_set_pull_function' and > `gnutls_transport_set_push_function'. But I don't know enough about the > Emacs internals that set up processes, which are ridiculously > complicated because of all the supported platforms. And Simon Josefsson > said his patch worked when he first wrote it, so I assumed that this > kind of deep surgery would not be required. I don't know Emacs internals well enough, but it may be that replacing the send/recv functions could make things more reliable... I don't have a lot of time to help here alas, and when I tried building Emacs from CVS the other day it just crashed... maybe you could provide simple step-by-step instructions to get something building that I can test? With some specific CVS revision that is known working. /Simon From dam at opencsw.org Thu Sep 30 14:29:33 2010 From: dam at opencsw.org (Dagobert Michelsen) Date: Thu, 30 Sep 2010 14:29:33 +0200 Subject: Small issue on GnuTLS 2.10.2 In-Reply-To: <87zkuzd26y.fsf@mocca.josefsson.org> References: <87zkuzd26y.fsf@mocca.josefsson.org> Message-ID: <996662C3-824F-4579-B23B-8FD8969AFF53@opencsw.org> Hi Simon, I just encountered a small issue when compiling GnuTLS 2.10.2 on Solaris 9 with Sun Studio 12: - Method declared void returns something: > diff --git a/lib/crypto-api.c b/lib/crypto-api.c > index 183fcb3..e6a4a5a 100644 > --- a/lib/crypto-api.c > +++ b/lib/crypto-api.c > @@ -182,7 +182,7 @@ gnutls_hmac (gnutls_hmac_hd_t handle, const void > *text, size_t textlen) > void > gnutls_hmac_output (gnutls_hmac_hd_t handle, void *digest) > { > - return _gnutls_hmac_output ((digest_hd_st *) handle, digest); > + _gnutls_hmac_output ((digest_hd_st *) handle, digest); > } > > /** > @@ -303,7 +303,7 @@ gnutls_hash (gnutls_hash_hd_t handle, const void > *text, size_t textlen) > void > gnutls_hash_output (gnutls_hash_hd_t handle, void *digest) > { > - return _gnutls_hash_output ((digest_hd_st *) handle, digest); > + _gnutls_hash_output ((digest_hd_st *) handle, digest); > } > > /** Additionally, I get a lot of errors when processing the documentation: > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:8: Misplaced {. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:8: Misplaced }. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:11: Misplaced {. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:11: Misplaced }. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:11: Misplaced {. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:11: Misplaced }. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:13: Misplaced {. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:13: Misplaced }. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:19: Misplaced {. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:19: Misplaced }. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:22: Misplaced {. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:22: Misplaced }. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:23: Misplaced {. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:23: Misplaced }. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:30: Misplaced {. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:30: Misplaced }. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:36: Misplaced {. > /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- > sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:36: Misplaced }. > ... Best regards -- Dago From simon at josefsson.org Thu Sep 30 17:05:05 2010 From: simon at josefsson.org (Simon Josefsson) Date: Thu, 30 Sep 2010 17:05:05 +0200 Subject: Small issue on GnuTLS 2.10.2 In-Reply-To: <996662C3-824F-4579-B23B-8FD8969AFF53@opencsw.org> (Dagobert Michelsen's message of "Thu, 30 Sep 2010 14:29:33 +0200") References: <87zkuzd26y.fsf@mocca.josefsson.org> <996662C3-824F-4579-B23B-8FD8969AFF53@opencsw.org> Message-ID: <87y6aj9sri.fsf@mocca.josefsson.org> Dagobert Michelsen writes: > Hi Simon, > > I just encountered a small issue when compiling GnuTLS 2.10.2 on > Solaris 9 with Sun Studio 12: > > - Method declared void returns something: Thanks, fixed. I wish we could catch these with a GCC warning so you don't have to run into them all the time... > Additionally, I get a lot of errors when processing the documentation: > >> /home/dam/mgar/pkg/gnutls/trunk/work/solaris9-sparc/build-isa- >> sparcv8/gnutls-2.10.2/doc//gnutls-api.texi:8: Misplaced {. What texinfo version do you have? Can you quote the initial 30 lines of gnutls-api.texi after this has happened? /Simon From david.kirkby at onetel.net Thu Sep 30 18:17:07 2010 From: david.kirkby at onetel.net (Dr. David Kirkby) Date: Thu, 30 Sep 2010 17:17:07 +0100 Subject: Small issue on GnuTLS 2.10.2 In-Reply-To: <87y6aj9sri.fsf@mocca.josefsson.org> References: <87zkuzd26y.fsf@mocca.josefsson.org> <996662C3-824F-4579-B23B-8FD8969AFF53@opencsw.org> <87y6aj9sri.fsf@mocca.josefsson.org> Message-ID: <4CA4B803.2070005@onetel.net> On 09/30/10 04:05 PM, Simon Josefsson wrote: > Dagobert Michelsen writes: > >> Hi Simon, >> >> I just encountered a small issue when compiling GnuTLS 2.10.2 on >> Solaris 9 with Sun Studio 12: >> >> - Method declared void returns something: > > Thanks, fixed. I wish we could catch these with a GCC warning so you > don't have to run into them all the time... Assuming you develop under Linux, you could install Sun Studio there, which will catch a lot more problems than gcc, which is very lax. Sun Studio is obviously supported on Solaris, but also Linux too. http://www.oracle.com/technetwork/server-storage/solarisstudio/overview/index.html Dave From vivek at collabora.co.uk Thu Sep 30 18:28:27 2010 From: vivek at collabora.co.uk (Vivek Dasmohapatra) Date: Thu, 30 Sep 2010 17:28:27 +0100 (BST) Subject: Small issue on GnuTLS 2.10.2 In-Reply-To: <4CA4B803.2070005@onetel.net> References: <87zkuzd26y.fsf@mocca.josefsson.org> <996662C3-824F-4579-B23B-8FD8969AFF53@opencsw.org> <87y6aj9sri.fsf@mocca.josefsson.org> <4CA4B803.2070005@onetel.net> Message-ID: On Thu, 30 Sep 2010, Dr. David Kirkby wrote: >> Thanks, fixed. I wish we could catch these with a GCC warning so you >> don't have to run into them all the time... make sizeof cc sizeof.c -o sizeof sizeof.c: In function ?wfm?: sizeof.c:11: warning: ?return? with a value, in function returning void tested wiith: gcc (Debian 4.4.3-3) 4.4.3 gcc (GCC) 4.2.4 (Ubuntu 4.2.4-1ubuntu4) Seems to warn just fine. From vivek at collabora.co.uk Thu Sep 30 19:16:43 2010 From: vivek at collabora.co.uk (Vivek Dasmohapatra) Date: Thu, 30 Sep 2010 18:16:43 +0100 (BST) Subject: Small issue on GnuTLS 2.10.2 In-Reply-To: References: <87zkuzd26y.fsf@mocca.josefsson.org> <996662C3-824F-4579-B23B-8FD8969AFF53@opencsw.org> <87y6aj9sri.fsf@mocca.josefsson.org> <4CA4B803.2070005@onetel.net> Message-ID: On Thu, 30 Sep 2010, Vivek Dasmohapatra wrote: > On Thu, 30 Sep 2010, Dr. David Kirkby wrote: > >>> Thanks, fixed. I wish we could catch these with a GCC warning so you >>> don't have to run into them all the time... > > make sizeof > cc sizeof.c -o sizeof > sizeof.c: In function ?wfm?: > sizeof.c:11: warning: ?return? with a value, in function returning void > > tested wiith: gcc (Debian 4.4.3-3) 4.4.3 > gcc (GCC) 4.2.4 (Ubuntu 4.2.4-1ubuntu4) > > Seems to warn just fine. And you can crank up the pedantry even further with --pedantic, which will warn of a void expression return in a function with a void return signature. From INVALID.NOREPLY at gnu.org Thu Sep 30 22:41:36 2010 From: INVALID.NOREPLY at gnu.org (Simon Josefsson) Date: Thu, 30 Sep 2010 20:41:36 +0000 Subject: [sr #107485] Add new extended key usage ipsecIKE In-Reply-To: <20100929-104141.sv707.18705@savannah.gnu.org> References: <20100929-043457.sv80249.38471@savannah.gnu.org> <20100929-054731.sv80249.22648@savannah.gnu.org> <20100929-104141.sv707.18705@savannah.gnu.org> Message-ID: <20100930-204136.sv7213.63560@savannah.gnu.org> Update of sr #107485 (project gnutls): Open/Closed: Open => Closed _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/ From INVALID.NOREPLY at gnu.org Thu Sep 30 22:41:24 2010 From: INVALID.NOREPLY at gnu.org (Simon Josefsson) Date: Thu, 30 Sep 2010 20:41:24 +0000 Subject: [sr #107449] selftest sh-script fails on non-bash In-Reply-To: <20100806-204933.sv0.95708@savannah.gnu.org> References: <20100806-204933.sv0.95708@savannah.gnu.org> Message-ID: <20100930-204124.sv7213.41239@savannah.gnu.org> Update of sr #107449 (project gnutls): Status: None => Done Assigned to: None => jas Open/Closed: Open => Closed _______________________________________________________ Follow-up Comment #1: Thanks, applied and pushed. _______________________________________________________ Reply to this item at: _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/