alert: add callback to intercept alert messages

This adds gnutls_alert_set_read_function(), to allow QUIC
implementations to be notified when an alert message is sent.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/devel/libgnutls-latest-x86_64.abi b/devel/libgnutls-latest-x86_64.abi
index 8dbbe794b2767bef4f156b374ea14daa473fbd89..94399a34bab7da938af57651e88847f375ccbad1 100644 (file)
--- a/devel/libgnutls-latest-x86_64.abi
+++ b/devel/libgnutls-latest-x86_64.abi
@@ -77,6 +77,7 @@
     <elf-symbol name='gnutls_alert_get_strname' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/>
     <elf-symbol name='gnutls_alert_send' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/>
     <elf-symbol name='gnutls_alert_send_appropriate' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/>
+    <elf-symbol name='gnutls_alert_set_read_function' version='GNUTLS_3_7_0' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/>
     <elf-symbol name='gnutls_alpn_get_selected_protocol' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/>
     <elf-symbol name='gnutls_alpn_set_protocols' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/>
     <elf-symbol name='gnutls_anon_allocate_client_credentials' version='GNUTLS_3_4' is-default-version='yes' type='func-type' binding='global-binding' visibility='default-visibility' is-defined='yes'/>

diff --git a/devel/symbols.last b/devel/symbols.last
index 3a9be1bc5e693c48ada4e0411178b5f9d2c02207..a3482d25a600d09ba1420df4ac934bf47f090ddc 100644 (file)
--- a/devel/symbols.last
+++ b/devel/symbols.last
@@ -25,6 +25,7 @@ gnutls_alert_get_name@GNUTLS_3_4
 gnutls_alert_get_strname@GNUTLS_3_4
 gnutls_alert_send@GNUTLS_3_4
 gnutls_alert_send_appropriate@GNUTLS_3_4
+gnutls_alert_set_read_function@GNUTLS_3_7_0
 gnutls_alpn_get_selected_protocol@GNUTLS_3_4
 gnutls_alpn_set_protocols@GNUTLS_3_4
 gnutls_anon_allocate_client_credentials@GNUTLS_3_4

diff --git a/doc/Makefile.am b/doc/Makefile.am
index fd495a83a35dbb0470f2ac05f0ce3d97954cea1f..ea2af3197663e17f1f9190143e275747b9228e25 100644 (file)
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -658,6 +658,8 @@ FUNCS += functions/gnutls_alert_send
 FUNCS += functions/gnutls_alert_send.short
 FUNCS += functions/gnutls_alert_send_appropriate
 FUNCS += functions/gnutls_alert_send_appropriate.short
+FUNCS += functions/gnutls_alert_set_read_function
+FUNCS += functions/gnutls_alert_set_read_function.short
 FUNCS += functions/gnutls_alpn_get_selected_protocol
 FUNCS += functions/gnutls_alpn_get_selected_protocol.short
 FUNCS += functions/gnutls_alpn_set_protocols

diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am
index 66fb70ab565e3c427325ac6f17ba9c58ebd9e7bf..0cfec06b7ab4280e3e0e08d1d1b279c2f6d8c789 100644 (file)
--- a/doc/manpages/Makefile.am
+++ b/doc/manpages/Makefile.am
@@ -130,6 +130,7 @@ APIMANS += gnutls_alert_get_name.3
 APIMANS += gnutls_alert_get_strname.3
 APIMANS += gnutls_alert_send.3
 APIMANS += gnutls_alert_send_appropriate.3
+APIMANS += gnutls_alert_set_read_function.3
 APIMANS += gnutls_alpn_get_selected_protocol.3
 APIMANS += gnutls_alpn_set_protocols.3
 APIMANS += gnutls_anon_allocate_client_credentials.3

diff --git a/lib/alert.c b/lib/alert.c
index cfd1205d01fbacf6b248f5c47e1f40cb18b9c4d4..c8ca99286cf18bca9458435a9c2da5b249231fb5 100644 (file)
--- a/lib/alert.c
+++ b/lib/alert.c
@@ -165,6 +165,22 @@ gnutls_alert_send(gnutls_session_t session, gnutls_alert_level_t level,
        _gnutls_record_log("REC: Sending Alert[%d|%d] - %s\n", data[0],
                           data[1], name);
 
+       if (session->internals.alert_read_func) {
+               record_parameters_st *params;
+
+               ret = _gnutls_epoch_get(session, EPOCH_WRITE_CURRENT, &params);
+               if (ret < 0)
+                       return gnutls_assert_val(ret);
+               ret = session->internals.alert_read_func(session,
+                                                    params->write.level,
+                                                    level,
+                                                    desc);
+               if (ret < 0)
+                       return gnutls_assert_val(ret);
+
+               return ret;
+       }
+
        if ((ret =
             _gnutls_send_int(session, GNUTLS_ALERT, -1,
                              EPOCH_WRITE_CURRENT, data, 2,

diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 182ae6f6c9af1c0325b435a463271f7104fa398a..b9134dcbdd0923677724a161d4718e6c381aa150 100644 (file)
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -1234,6 +1234,7 @@ typedef struct {
        int16_t h_post;         /* whether post-generation/receive */
        gnutls_handshake_read_func h_read_func;
        gnutls_handshake_secret_func h_secret_func;
+       gnutls_alert_read_func alert_read_func;
 
        gnutls_keylog_func keylog_func;
 

diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 0fe672fa963a29aaa08c8299bd61c3a5a8dc560e..b3f7185e94f4a8530a2585f44c453c89009e8de9 100644 (file)
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -3265,6 +3265,28 @@ void
 gnutls_handshake_set_secret_function(gnutls_session_t session,
                                     gnutls_handshake_secret_func func);
 
+  /**
+   * gnutls_alert_read_func:
+   * @session: the current session
+   * @level: #gnutls_record_encryption_level_t
+   * @alert_level: the level of the alert
+   * @alert_desc: the alert description
+   *
+   * Function prototype for alert intercepting hooks. It is set using
+   * gnutls_alert_set_read_function().
+   *
+   * Returns: Non zero on error.
+   * Since: 3.7.0
+   */
+typedef int (*gnutls_alert_read_func) (gnutls_session_t session,
+                                      gnutls_record_encryption_level_t level,
+                                      gnutls_alert_level_t alert_level,
+                                      gnutls_alert_description_t alert_desc);
+
+void
+gnutls_alert_set_read_function(gnutls_session_t session,
+                              gnutls_alert_read_func func);
+
 /* FIPS140-2 related functions */
 unsigned gnutls_fips140_mode_enabled(void);
 

diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 58db94fb78f6100d6e61c841bb1f5dcb79c083ff..46dab4051a16d71a86ed700c7cd508417e4357b7 100644 (file)
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -1334,6 +1334,7 @@ GNUTLS_3_6_14
 GNUTLS_3_7_0
 {
  global:
+       gnutls_alert_set_read_function;
        gnutls_handshake_set_read_function;
        gnutls_handshake_set_secret_function;
        gnutls_handshake_write;

diff --git a/lib/state.c b/lib/state.c
index bdcf4185e3b91df9365fc772d1c65e1d56120894..fcf6183fa4305c2fdc3130936c447fa3a0b42182 100644 (file)
--- a/lib/state.c
+++ b/lib/state.c
@@ -1490,6 +1490,23 @@ gnutls_handshake_set_read_function(gnutls_session_t session,
        session->internals.h_read_func = func;
 }
 
+/**
+ * gnutls_alert_set_read_function:
+ * @session: is #gnutls_session_t type
+ * @func: is the function to be called
+ *
+ * This function will set a callback to be called when an alert
+ * message is being sent.
+ *
+ * Since: 3.7.0
+ */
+void
+gnutls_alert_set_read_function(gnutls_session_t session,
+                              gnutls_alert_read_func func)
+{
+       session->internals.alert_read_func = func;
+}
+
 /**
  * gnutls_record_get_state:
  * @session: is a #gnutls_session_t type