+++ /dev/null
-diff -Nur gnutls-1.2.0/doc/examples.orig/ex-client1.c gnutls-1.2.0/doc/examples/ex-client1.c
---- gnutls-1.2.0/doc/examples.orig/ex-client1.c 1970-01-01 01:00:00.000000000 +0100
-+++ gnutls-1.2.0/doc/examples/ex-client1.c 2005-02-28 19:46:21.821264960 +0100
-@@ -0,0 +1,128 @@
-+
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <sys/types.h>
-+#include <sys/socket.h>
-+#include <netinet/in.h>
-+#include <arpa/inet.h>
-+#include <unistd.h>
-+#include <gnutls/gnutls.h>
-+
-+/* A very basic TLS client, with anonymous authentication.
-+ */
-+
-+#define MAX_BUF 1024
-+#define SA struct sockaddr
-+#define MSG "GET / HTTP/1.0\r\n\r\n"
-+
-+/* Connects to the peer and returns a socket
-+ * descriptor.
-+ */
-+int tcp_connect(void)
-+{
-+ const char *PORT = "5556";
-+ const char *SERVER = "127.0.0.1";
-+ int err, sd;
-+ struct sockaddr_in sa;
-+
-+ /* connects to server
-+ */
-+ sd = socket(AF_INET, SOCK_STREAM, 0);
-+
-+ memset(&sa, '\0', sizeof(sa));
-+ sa.sin_family = AF_INET;
-+ sa.sin_port = htons(atoi(PORT));
-+ inet_pton(AF_INET, SERVER, &sa.sin_addr);
-+
-+ err = connect(sd, (SA *) & sa, sizeof(sa));
-+ if (err < 0) {
-+ fprintf(stderr, "Connect error\n");
-+ exit(1);
-+ }
-+
-+ return sd;
-+}
-+
-+/* closes the given socket descriptor.
-+ */
-+void tcp_close(int sd)
-+{
-+ shutdown(sd, SHUT_RDWR); /* no more receptions */
-+ close(sd);
-+}
-+
-+int main()
-+{
-+ int ret, sd, ii;
-+ gnutls_session_t session;
-+ char buffer[MAX_BUF + 1];
-+ gnutls_anon_client_credentials_t anoncred;
-+ /* Need to enable anonymous KX specifically. */
-+ const int kx_prio[] = { GNUTLS_KX_ANON_DH, 0 };
-+
-+ gnutls_global_init();
-+
-+ gnutls_anon_allocate_client_credentials(&anoncred);
-+
-+ /* Initialize TLS session
-+ */
-+ gnutls_init(&session, GNUTLS_CLIENT);
-+
-+ /* Use default priorities */
-+ gnutls_set_default_priority(session);
-+ gnutls_kx_set_priority (session, kx_prio);
-+
-+ /* put the anonymous credentials to the current session
-+ */
-+ gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
-+
-+ /* connect to the peer
-+ */
-+ sd = tcp_connect();
-+
-+ gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) sd);
-+
-+ /* Perform the TLS handshake
-+ */
-+ ret = gnutls_handshake(session);
-+
-+ if (ret < 0) {
-+ fprintf(stderr, "*** Handshake failed\n");
-+ gnutls_perror(ret);
-+ goto end;
-+ } else {
-+ printf("- Handshake was completed\n");
-+ }
-+
-+ gnutls_record_send(session, MSG, strlen(MSG));
-+
-+ ret = gnutls_record_recv(session, buffer, MAX_BUF);
-+ if (ret == 0) {
-+ printf("- Peer has closed the TLS connection\n");
-+ goto end;
-+ } else if (ret < 0) {
-+ fprintf(stderr, "*** Error: %s\n", gnutls_strerror(ret));
-+ goto end;
-+ }
-+
-+ printf("- Received %d bytes: ", ret);
-+ for (ii = 0; ii < ret; ii++) {
-+ fputc(buffer[ii], stdout);
-+ }
-+ fputs("\n", stdout);
-+
-+ gnutls_bye(session, GNUTLS_SHUT_RDWR);
-+
-+ end:
-+
-+ tcp_close(sd);
-+
-+ gnutls_deinit(session);
-+
-+ gnutls_anon_free_client_credentials (anoncred);
-+
-+ gnutls_global_deinit();
-+
-+ return 0;
-+}
-diff -Nur gnutls-1.2.0/doc/examples.orig/ex-rfc2818.c gnutls-1.2.0/doc/examples/ex-rfc2818.c
---- gnutls-1.2.0/doc/examples.orig/ex-rfc2818.c 1970-01-01 01:00:00.000000000 +0100
-+++ gnutls-1.2.0/doc/examples/ex-rfc2818.c 2005-02-28 19:46:21.822264808 +0100
-@@ -0,0 +1,81 @@
-+#include <gnutls/gnutls.h>
-+#include <gnutls/x509.h>
-+
-+/* This function will try to verify the peer's certificate, and
-+ * also check if the hostname matches, and the activation, expiration dates.
-+ */
-+void verify_certificate( gnutls_session_t session, const char* hostname)
-+{
-+ unsigned int status;
-+ const gnutls_datum_t* cert_list;
-+ int cert_list_size, ret;
-+ gnutls_x509_crt_t cert;
-+
-+
-+ /* This verification function uses the trusted CAs in the credentials
-+ * structure. So you must have installed one or more CA certificates.
-+ */
-+ ret = gnutls_certificate_verify_peers2(session, &status);
-+
-+ if (ret < 0) {
-+ printf("Error\n");
-+ return;
-+ }
-+
-+ if (status & GNUTLS_CERT_INVALID)
-+ printf("The certificate is not trusted.\n");
-+
-+ if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
-+ printf("The certificate hasn't got a known issuer.\n");
-+
-+ if (status & GNUTLS_CERT_REVOKED)
-+ printf("The certificate has been revoked.\n");
-+
-+
-+ /* Up to here the process is the same for X.509 certificates and
-+ * OpenPGP keys. From now on X.509 certificates are assumed. This can
-+ * be easily extended to work with openpgp keys as well.
-+ */
-+ if ( gnutls_certificate_type_get(session) != GNUTLS_CRT_X509)
-+ return;
-+
-+ if ( gnutls_x509_crt_init( &cert) < 0) {
-+ printf("error in initialization\n");
-+ return;
-+ }
-+
-+ cert_list = gnutls_certificate_get_peers( session, &cert_list_size);
-+ if ( cert_list == NULL) {
-+ printf("No certificate was found!\n");
-+ return;
-+ }
-+
-+ /* This is not a real world example, since we only check the first
-+ * certificate in the given chain.
-+ */
-+ if ( gnutls_x509_crt_import( cert, &cert_list[0], GNUTLS_X509_FMT_DER) < 0) {
-+ printf("error parsing certificate\n");
-+ return;
-+ }
-+
-+ /* Beware here we do not check for errors.
-+ */
-+ if ( gnutls_x509_crt_get_expiration( cert) < time(0)) {
-+ printf("The certificate has expired\n");
-+ return;
-+ }
-+
-+ if ( gnutls_x509_crt_get_activation_time( cert) > time(0)) {
-+ printf("The certificate is not yet activated\n");
-+ return;
-+ }
-+
-+ if ( !gnutls_x509_crt_check_hostname( cert, hostname)) {
-+ printf("The certificate's owner does not match hostname '%s'\n", hostname);
-+ return;
-+ }
-+
-+ gnutls_x509_crt_deinit( cert);
-+
-+ return;
-+}
-diff -Nur gnutls-1.2.0/doc/examples.orig/ex-serv-anon.c gnutls-1.2.0/doc/examples/ex-serv-anon.c
---- gnutls-1.2.0/doc/examples.orig/ex-serv-anon.c 1970-01-01 01:00:00.000000000 +0100
-+++ gnutls-1.2.0/doc/examples/ex-serv-anon.c 2005-02-28 19:46:21.822264808 +0100
-@@ -0,0 +1,162 @@
-+
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <errno.h>
-+#include <sys/types.h>
-+#include <sys/socket.h>
-+#include <netinet/in.h>
-+#include <arpa/inet.h>
-+#include <string.h>
-+#include <unistd.h>
-+#include <gnutls/gnutls.h>
-+
-+/* This is a sample TLS 1.0 echo server, for anonymous authentication only.
-+ */
-+
-+
-+#define SA struct sockaddr
-+#define SOCKET_ERR(err,s) if(err==-1) {perror(s);return(1);}
-+#define MAX_BUF 1024
-+#define PORT 5556 /* listen to 5556 port */
-+#define DH_BITS 1024
-+
-+/* These are global */
-+gnutls_anon_server_credentials_t anoncred;
-+
-+gnutls_session_t initialize_tls_session()
-+{
-+ gnutls_session_t session;
-+ const int kx_prio[] = { GNUTLS_KX_ANON_DH, 0 };
-+
-+ gnutls_init(&session, GNUTLS_SERVER);
-+
-+ /* avoid calling all the priority functions, since the defaults
-+ * are adequate.
-+ */
-+ gnutls_set_default_priority(session);
-+ gnutls_kx_set_priority (session, kx_prio);
-+
-+ gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred);
-+
-+ gnutls_dh_set_prime_bits(session, DH_BITS);
-+
-+ return session;
-+}
-+
-+static gnutls_dh_params_t dh_params;
-+
-+static int generate_dh_params(void)
-+{
-+
-+ /* Generate Diffie Hellman parameters - for use with DHE
-+ * kx algorithms. These should be discarded and regenerated
-+ * once a day, once a week or once a month. Depending on the
-+ * security requirements.
-+ */
-+ gnutls_dh_params_init(&dh_params);
-+ gnutls_dh_params_generate2(dh_params, DH_BITS);
-+
-+ return 0;
-+}
-+
-+int main()
-+{
-+ int err, listen_sd, i;
-+ int sd, ret;
-+ struct sockaddr_in sa_serv;
-+ struct sockaddr_in sa_cli;
-+ int client_len;
-+ char topbuf[512];
-+ gnutls_session_t session;
-+ char buffer[MAX_BUF + 1];
-+ int optval = 1;
-+
-+ /* this must be called once in the program
-+ */
-+ gnutls_global_init();
-+
-+ gnutls_anon_allocate_server_credentials (&anoncred);
-+
-+ generate_dh_params();
-+
-+ gnutls_anon_set_server_dh_params (anoncred, dh_params);
-+
-+ /* Socket operations
-+ */
-+ listen_sd = socket(AF_INET, SOCK_STREAM, 0);
-+ SOCKET_ERR(listen_sd, "socket");
-+
-+ memset(&sa_serv, '\0', sizeof(sa_serv));
-+ sa_serv.sin_family = AF_INET;
-+ sa_serv.sin_addr.s_addr = INADDR_ANY;
-+ sa_serv.sin_port = htons(PORT); /* Server Port number */
-+
-+ setsockopt(listen_sd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(int));
-+
-+ err = bind(listen_sd, (SA *) & sa_serv, sizeof(sa_serv));
-+ SOCKET_ERR(err, "bind");
-+ err = listen(listen_sd, 1024);
-+ SOCKET_ERR(err, "listen");
-+
-+ printf("Server ready. Listening to port '%d'.\n\n", PORT);
-+
-+ client_len = sizeof(sa_cli);
-+ for (;;) {
-+ session = initialize_tls_session();
-+
-+ sd = accept(listen_sd, (SA *) & sa_cli, &client_len);
-+
-+ printf("- connection from %s, port %d\n",
-+ inet_ntop(AF_INET, &sa_cli.sin_addr, topbuf,
-+ sizeof(topbuf)), ntohs(sa_cli.sin_port));
-+
-+ gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) sd);
-+ ret = gnutls_handshake(session);
-+ if (ret < 0) {
-+ close(sd);
-+ gnutls_deinit(session);
-+ fprintf(stderr, "*** Handshake has failed (%s)\n\n",
-+ gnutls_strerror(ret));
-+ continue;
-+ }
-+ printf("- Handshake was completed\n");
-+
-+ /* see the Getting peer's information example */
-+ /* print_info(session); */
-+
-+ i = 0;
-+ for (;;) {
-+ bzero(buffer, MAX_BUF + 1);
-+ ret = gnutls_record_recv(session, buffer, MAX_BUF);
-+
-+ if (ret == 0) {
-+ printf("\n- Peer has closed the GNUTLS connection\n");
-+ break;
-+ } else if (ret < 0) {
-+ fprintf(stderr, "\n*** Received corrupted "
-+ "data(%d). Closing the connection.\n\n", ret);
-+ break;
-+ } else if (ret > 0) {
-+ /* echo data back to the client
-+ */
-+ gnutls_record_send(session, buffer, strlen(buffer));
-+ }
-+ }
-+ printf("\n");
-+ /* do not wait for the peer to close the connection.
-+ */
-+ gnutls_bye(session, GNUTLS_SHUT_WR);
-+
-+ close(sd);
-+ gnutls_deinit(session);
-+
-+ }
-+ close(listen_sd);
-+
-+ gnutls_anon_free_client_credentials (anoncred);
-+
-+ gnutls_global_deinit();
-+
-+ return 0;
-+
-+}
projects / packages / gnutls.git / commitdiff