From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Wed, 24 Feb 2016 13:43:17 +0000 (+0100)
Subject: Added gnutls_session_get_master_secret
X-Git-Tag: gnutls_3_5_0~321
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=fa09df03ed1784ae29bcdd2bb2245be7666a72d4;p=thirdparty%2Fgnutls.git

Added gnutls_session_get_master_secret

This provides the ability to export all session parameters in various
formats.

Resolves #64
---

diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 835b7ba792..efa4a19c51 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -1348,6 +1348,10 @@ int gnutls_session_get_data2(gnutls_session_t session,
 void gnutls_session_get_random(gnutls_session_t session,
 			       gnutls_datum_t * client,
 			       gnutls_datum_t * server);
+
+void gnutls_session_get_master_secret(gnutls_session_t session,
+			              gnutls_datum_t * secret);
+
 char *gnutls_session_get_desc(gnutls_session_t session);
 
 typedef int gnutls_certificate_verify_function(gnutls_session_t);
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index b7e6db969b..e43807f3e2 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -1077,6 +1077,7 @@ GNUTLS_3_4
 	gnutls_x509_crt_set_issuer_alt_othername;
 	gnutls_dh_params_import_dsa;
 	gnutls_session_get_flags;
+	gnutls_session_get_master_secret;
  local:
 	*;
 };
diff --git a/lib/state.c b/lib/state.c
index ac04888c32..99ad866eae 100644
--- a/lib/state.c
+++ b/lib/state.c
@@ -1128,6 +1128,23 @@ gnutls_session_get_random(gnutls_session_t session,
 	}
 }
 
+/**
+ * gnutls_session_get_master_secret:
+ * @session: is a #gnutls_session_t type.
+ * @secret: the session's master secret
+ *
+ * This function returns pointers to the master secret
+ * used in the TLS session. The pointers are not to be modified or deallocated.
+ *
+ * Since: 3.5.0
+ **/
+void
+gnutls_session_get_master_secret(gnutls_session_t session, gnutls_datum_t *secret)
+{
+	secret->data = session->security_parameters.master_secret;
+	secret->size = sizeof(session->security_parameters.master_secret);
+}
+
 unsigned int timespec_sub_ms(struct timespec *a, struct timespec *b)
 {
 	return (a->tv_sec * 1000 + a->tv_nsec / (1000 * 1000) -