lib/auth/libgnutls_auth.la
libdane/gnutls-dane.pc
libdane/libgnutls-dane.la
+lib/ephemeral_functions.h
lib/ext/libgnutls_ext.la
lib/extras/libgnutls_extras.la
lib/gcrypt/libcrypto.la
ACLOCAL_AMFLAGS = -I ../m4 -I ../gl/m4
-EXTRA_DIST = priority_options.gperf common.mk inih/LICENSE.txt
-BUILT_SOURCES = pkix_asn1_tab.c gnutls_asn1_tab.c priority_options.h
+EXTRA_DIST = priority_options.gperf common.mk inih/LICENSE.txt \
+ ephemeral_functions.gperf
+
+BUILT_SOURCES = pkix_asn1_tab.c gnutls_asn1_tab.c priority_options.h \
+ ephemeral_functions.h
SUBDIRS = includes x509 auth ext algorithms extras accelerated
cert-session.c handshake-checks.c dtls-sw.c dh-primes.c openpgp_compat.c \
crypto-selftests.c crypto-selftests-pk.c secrets.c extv.c extv.h \
hello_ext_lib.c hello_ext_lib.h ocsp-api.c stek.c cert-cred-rawpk.c \
- iov.c iov.h
+ iov.c iov.h ephemeral-api.c
if ENABLE_GOST
COBJECTS += vko.c
srp.h auth/srp_kx.h auth/srp_passwd.h \
file.h supplemental.h crypto.h random.h system.h\
locks.h mbuffers.h ecc.h pin.h fips.h \
- priority_options.h secrets.h stek.h cert-cred.h
+ priority_options.h secrets.h stek.h cert-cred.h \
+ ephemeral_functions.h
if ENABLE_PKCS11
HFILES += pkcs11_int.h pkcs11x.h
-gperf --global-table -t $^ > $@-tmp \
&& sed 's/^const struct priority_options_st \*/static const struct priority_options_st \*/' <$@-tmp >$@ \
&& rm -f $@-tmp
+
+ephemeral_functions.h: $(srcdir)/ephemeral_functions.gperf
+ -gperf --global-table -t $^ > $@-tmp \
+ && sed 's/^const struct ephemeral_function_st \*/static const struct ephemeral_function_st \*/' <$@-tmp >$@ \
+ && rm -f $@-tmp
--- /dev/null
+/*
+ * Copyright (C) 2020 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+#include "gnutls_int.h"
+#include <string.h>
+
+/* This will define _gnutls_ephemeral_get */
+#include "ephemeral_functions.h"
+
+const void *_gnutls_ephemeral_get(const char *name);
+
+/**
+ * _gnutls_ephemeral_get:
+ * @name: the name of the ephemeral function
+ *
+ * Resolves an ephemeral function symbol by the name.
+ *
+ * Returns: a non-NULL function symbol or %NULL if it is not found
+ *
+ * Since: 3.6.13
+ */
+const void *
+_gnutls_ephemeral_get(const char *name)
+{
+ const struct ephemeral_function_st *func;
+
+ func = _gnutls_ephemeral_get_function(name, strlen(name));
+ if (func == NULL) {
+ gnutls_assert();
+ return NULL;
+ }
+
+ return func->func;
+}
--- /dev/null
+%define lookup-function-name _gnutls_ephemeral_get_function
+%language=ANSI-C
+%readonly-tables
+struct ephemeral_function_st { const char *name; void *func; };
+%%
gnutls/openpgp.h gnutls/crypto.h gnutls/pkcs11.h \
gnutls/abstract.h gnutls/dtls.h gnutls/ocsp.h gnutls/tpm.h \
gnutls/x509-ext.h gnutls/self-test.h gnutls/system-keys.h \
- gnutls/urls.h gnutls/pkcs7.h gnutls/socket.h
+ gnutls/urls.h gnutls/pkcs7.h gnutls/socket.h \
+ gnutls/ephemeral.h
if ENABLE_CXX
nobase_include_HEADERS += gnutls/gnutlsxx.h
--- /dev/null
+/*
+ * Copyright (C) 2020 Red Hat, Inc.
+ *
+ * Author: Daiki Ueno
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* Ephemeral functions that are not exposed directly from the ABI. */
+
+#ifndef _GNUTLS_EPHEMERAL_H
+#define _GNUTLS_EPHEMERAL_H
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* *INDENT-ON* */
+
+const void *_gnutls_ephemeral_get(const char *name);
+
+/**
+ * GNUTLS_EPHEMERAL_INT:
+ * @name: the name of the function
+ * @ret: the return type (must be integral)
+ * @arglist: the list of argument types
+ * @args: the arguments
+ *
+ * A macro for emitting the wrapper definition of an ephemeral function.
+ *
+ * Since: 3.6.13
+ */
+#define GNUTLS_EPHEMERAL_INT(name, ret, arglist, args) \
+static inline ret name arglist \
+{ \
+ const void *func = _gnutls_ephemeral_get(#name); \
+ if (func == NULL) \
+ return GNUTLS_E_UNIMPLEMENTED_FEATURE; \
+ return ((ret (*)arglist)func)args; \
+}
+
+/* *INDENT-OFF* */
+#ifdef __cplusplus
+}
+#endif
+/* *INDENT-ON* */
+
+#endif /* _GNUTLS_EPHEMERAL_H */
#include <gnutls/compat.h>
+#if defined(GNUTLS_INTERNAL_BUILD) || defined(GNUTLS_EPHEMERAL_API)
+#include <gnutls/ephemeral.h>
+#endif
+
#endif /* GNUTLS_H */
_gnutls_buffer_unescape;
_gnutls_buffer_pop_datum;
_gnutls_buffer_clear;
+ _gnutls_ephemeral_get;
} GNUTLS_3_4;
exit(1);
}
+ ret = gnutls_prf_get(session);
+ if (ret != GNUTLS_MAC_SHA384) {
+ fprintf(stderr, "negotiated unexpected prf: %s\n", gnutls_mac_get_name(ret));
+ exit(1);
+ }
+
check_prfs(session);
gnutls_bye(session, GNUTLS_SHUT_WR);
projects / thirdparty / gnutls.git / commitdiff
