corrected copyright notices
[gnutls.git] / lib / gnutls_int.h
blob239c9b3b4445bd8216eab8728f70be137dd6d412
1 /*
2 * Copyright (C) 2000-2012 Free Software Foundation, Inc.
4 * Author: Nikos Mavrogiannopoulos
6 * This file is part of GnuTLS.
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
23 #ifndef GNUTLS_INT_H
24 #define GNUTLS_INT_H
26 #ifdef HAVE_CONFIG_H
27 #include <config.h>
28 #endif
30 #include <stddef.h>
31 #include <string.h>
32 #include <stdlib.h>
33 #include <stdio.h>
34 #include <ctype.h>
35 #include <limits.h>
36 #include <stdint.h>
38 #ifdef NO_SSIZE_T
39 #define HAVE_SSIZE_T
40 typedef int ssize_t;
41 #endif
43 #include <sys/types.h>
44 #include <unistd.h>
45 #include <sys/stat.h>
46 #if HAVE_SYS_SOCKET_H
47 # include <sys/socket.h>
48 #elif HAVE_WS2TCPIP_H
49 # include <ws2tcpip.h>
50 #endif
51 #include <time.h>
52 #include <u64.h> /* gnulib for uint64_t */
54 #ifdef HAVE_LIBNETTLE
55 # include <nettle/memxor.h>
56 #else
57 # include <gl/memxor.h>
58 # define memxor gl_memxor
59 #endif
61 #ifdef __GNUC__
62 # ifndef _GNUTLS_GCC_VERSION
63 # define _GNUTLS_GCC_VERSION (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
64 # endif
65 # if _GNUTLS_GCC_VERSION >= 30100
66 # define likely(x) __builtin_expect((x), 1)
67 # define unlikely(x) __builtin_expect((x), 0)
68 # endif
69 #endif
71 #ifndef likely
72 # define likely
73 # define unlikely
74 #endif
76 /* some systems had problems with long long int, thus,
77 * it is not used.
79 typedef struct
81 unsigned char i[8];
82 } uint64;
84 #include <gnutls/gnutls.h>
85 #include <gnutls/dtls.h>
86 #include <gnutls/abstract.h>
87 #include <system.h>
90 * They are not needed any more. You can simply enable
91 * the gnutls_log callback to get error descriptions.
93 #define BUFFERS_DEBUG
94 #define WRITE_DEBUG
95 #define READ_DEBUG
96 #define HANDSHAKE_DEBUG // Prints some information on handshake
97 #define COMPRESSION_DEBUG
98 #define DEBUG
101 /* The size of a handshake message should not
102 * be larger than this value.
104 #define MAX_HANDSHAKE_PACKET_SIZE 48*1024
106 #define TLS_MAX_SESSION_ID_SIZE 32
108 /* The maximum digest size of hash algorithms.
110 #define MAX_HASH_SIZE 64
111 #define MAX_CIPHER_BLOCK_SIZE 16
112 #define MAX_CIPHER_KEY_SIZE 32
114 #define MAX_USERNAME_SIZE 128
115 #define MAX_SERVER_NAME_SIZE 128
117 #define SESSION_TICKET_KEY_NAME_SIZE 16
118 #define SESSION_TICKET_KEY_SIZE 16
119 #define SESSION_TICKET_IV_SIZE 16
120 #define SESSION_TICKET_MAC_SECRET_SIZE 32
122 #define AEAD_EXPLICIT_DATA_SIZE 8
123 #define AEAD_IMPLICIT_DATA_SIZE 4
125 #define GNUTLS_MASTER_SIZE 48
126 #define GNUTLS_RANDOM_SIZE 32
128 /* DTLS */
129 #define DTLS_RECORD_WINDOW_SIZE 64
131 /* TLS Extensions */
132 /* we can receive up to MAX_EXT_TYPES extensions.
134 #define MAX_EXT_TYPES 32
137 * gnutls_ext_parse_type_t:
138 * @GNUTLS_EXT_NONE: Never parsed
139 * @GNUTLS_EXT_ANY: Any extension type.
140 * @GNUTLS_EXT_APPLICATION: Application extension.
141 * @GNUTLS_EXT_TLS: TLS-internal extension.
142 * @GNUTLS_EXT_MANDATORY: Extension parsed even if resuming (or extensions are disabled).
144 * Enumeration of different TLS extension types. This flag
145 * indicates for an extension whether it is useful to application
146 * level or TLS level only. This is (only) used to parse the
147 * application level extensions before the "client_hello" callback
148 * is called.
150 typedef enum
152 GNUTLS_EXT_ANY = 0,
153 GNUTLS_EXT_APPLICATION = 1,
154 GNUTLS_EXT_TLS = 2,
155 GNUTLS_EXT_MANDATORY = 3,
156 GNUTLS_EXT_NONE = 4
157 } gnutls_ext_parse_type_t;
160 /* expire time for resuming sessions */
161 #define DEFAULT_EXPIRE_TIME 3600
163 typedef enum transport_t
165 GNUTLS_STREAM,
166 GNUTLS_DGRAM
167 } transport_t;
169 /* the maximum size of encrypted packets */
170 #define IS_DTLS(session) (session->internals.transport == GNUTLS_DGRAM)
172 #define DEFAULT_MAX_RECORD_SIZE 16384
173 #define TLS_RECORD_HEADER_SIZE 5
174 #define DTLS_RECORD_HEADER_SIZE (TLS_RECORD_HEADER_SIZE+8)
175 #define RECORD_HEADER_SIZE(session) (IS_DTLS(session) ? DTLS_RECORD_HEADER_SIZE : TLS_RECORD_HEADER_SIZE)
176 #define MAX_RECORD_HEADER_SIZE DTLS_RECORD_HEADER_SIZE
178 #define MAX_RECORD_SEND_SIZE(session) (IS_DTLS(session)?((size_t)gnutls_dtls_get_data_mtu(session)):(size_t)session->security_parameters.max_record_send_size)
179 #define MAX_RECORD_RECV_SIZE(session) ((size_t)session->security_parameters.max_record_recv_size)
180 #define MAX_PAD_SIZE 255
181 #define EXTRA_COMP_SIZE 2048
182 #define MAX_RECORD_OVERHEAD (MAX_CIPHER_BLOCK_SIZE/*iv*/+MAX_PAD_SIZE+EXTRA_COMP_SIZE+MAX_HASH_SIZE/*MAC*/)
183 #define MAX_RECV_SIZE(session) (MAX_RECORD_OVERHEAD+MAX_RECORD_RECV_SIZE(session)+RECORD_HEADER_SIZE(session))
185 #define TLS_HANDSHAKE_HEADER_SIZE 4
186 #define DTLS_HANDSHAKE_HEADER_SIZE (TLS_HANDSHAKE_HEADER_SIZE+8)
187 #define HANDSHAKE_HEADER_SIZE(session) (IS_DTLS(session) ? DTLS_HANDSHAKE_HEADER_SIZE : TLS_HANDSHAKE_HEADER_SIZE)
188 #define MAX_HANDSHAKE_HEADER_SIZE DTLS_HANDSHAKE_HEADER_SIZE
190 /* This is the maximum handshake message size we send without
191 fragmentation. This currently ignores record layer overhead. */
192 #define DTLS_DEFAULT_MTU 1200
194 /* the maximum size of the DTLS cookie */
195 #define DTLS_MAX_COOKIE_SIZE 32
197 /* The maximum number of HELLO_VERIFY_REQUEST messages the client
198 processes before aborting. */
199 #define MAX_HANDSHAKE_HELLO_VERIFY_REQUESTS 5
201 /* defaults for verification functions
203 #define DEFAULT_MAX_VERIFY_DEPTH 16
204 #define DEFAULT_MAX_VERIFY_BITS 16*1024
205 #define MAX_VERIFY_DEPTH 4096
207 #include <gnutls_mem.h>
209 #define MEMSUB(x,y) ((ssize_t)((ptrdiff_t)x-(ptrdiff_t)y))
211 #define DECR_LEN(len, x) do { len-=x; if (len<0) {gnutls_assert(); return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;} } while (0)
212 #define DECR_LENGTH_RET(len, x, RET) do { len-=x; if (len<0) {gnutls_assert(); return RET;} } while (0)
213 #define DECR_LENGTH_COM(len, x, COM) do { len-=x; if (len<0) {gnutls_assert(); COM;} } while (0)
215 #define GNUTLS_POINTER_TO_INT(_) ((int) GNUTLS_POINTER_TO_INT_CAST (_))
216 #define GNUTLS_INT_TO_POINTER(_) ((void*) GNUTLS_POINTER_TO_INT_CAST (_))
218 typedef struct
220 uint8_t pint[3];
221 } uint24;
223 #include <gnutls_mpi.h>
225 typedef enum handshake_state_t
226 { STATE0 = 0, STATE1, STATE2,
227 STATE3, STATE4, STATE5, STATE6, STATE7, STATE8,
228 STATE9, STATE10, STATE11, STATE12, STATE13, STATE14,
229 STATE15, STATE16, STATE17,
230 STATE20 = 20, STATE21, STATE22,
231 STATE30 = 30, STATE31, STATE40 = 40, STATE41, STATE50 = 50,
232 STATE60 = 60, STATE61, STATE62, STATE70, STATE71
233 } handshake_state_t;
235 typedef enum heartbeat_state_t
237 SHB_SEND1 = 0,
238 SHB_SEND2,
239 SHB_RECV,
240 } heartbeat_state_t;
242 typedef enum recv_state_t
244 RECV_STATE_0 = 0,
245 RECV_STATE_DTLS_RETRANSMIT,
246 } recv_state_t;
248 #include <gnutls_str.h>
250 /* This is the maximum number of algorithms (ciphers or macs etc).
251 * keep it synced with GNUTLS_MAX_ALGORITHM_NUM in gnutls.h
253 #define MAX_ALGOS GNUTLS_MAX_ALGORITHM_NUM
255 typedef enum extensions_t
257 GNUTLS_EXTENSION_SERVER_NAME = 0,
258 GNUTLS_EXTENSION_MAX_RECORD_SIZE = 1,
259 GNUTLS_EXTENSION_STATUS_REQUEST = 5,
260 GNUTLS_EXTENSION_CERT_TYPE = 9,
261 GNUTLS_EXTENSION_SUPPORTED_ECC = 10,
262 GNUTLS_EXTENSION_SUPPORTED_ECC_PF = 11,
263 GNUTLS_EXTENSION_SRP = 12,
264 GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS = 13,
265 GNUTLS_EXTENSION_SRTP = 14,
266 GNUTLS_EXTENSION_HEARTBEAT = 15,
267 GNUTLS_EXTENSION_SESSION_TICKET = 35,
268 GNUTLS_EXTENSION_SAFE_RENEGOTIATION = 65281 /* aka: 0xff01 */
269 } extensions_t;
271 typedef enum
272 { CIPHER_STREAM, CIPHER_BLOCK } cipher_type_t;
274 #define RESUME_TRUE 1
275 #define RESUME_FALSE 0
277 /* Record Protocol */
278 typedef enum content_type_t
280 GNUTLS_CHANGE_CIPHER_SPEC = 20, GNUTLS_ALERT,
281 GNUTLS_HANDSHAKE, GNUTLS_APPLICATION_DATA,
282 GNUTLS_HEARTBEAT
283 } content_type_t;
286 #define GNUTLS_PK_ANY (gnutls_pk_algorithm_t)-1
287 #define GNUTLS_PK_NONE (gnutls_pk_algorithm_t)-2
289 /* Message buffers (mbuffers) structures */
291 /* this is actually the maximum number of distinct handshake
292 * messages that can arrive in a single flight
294 #define MAX_HANDSHAKE_MSGS 6
295 typedef struct
297 /* Handshake layer type and sequence of message */
298 gnutls_handshake_description_t htype;
299 uint32_t length;
301 /* valid in DTLS */
302 uint16_t sequence;
304 /* indicate whether that message is complete.
305 * complete means start_offset == 0 and end_offset == length
307 uint32_t start_offset;
308 uint32_t end_offset;
310 uint8_t header[MAX_HANDSHAKE_HEADER_SIZE];
311 int header_size;
313 gnutls_buffer_st data;
314 } handshake_buffer_st;
316 typedef struct mbuffer_st
318 /* when used in mbuffer_head_st */
319 struct mbuffer_st *next;
320 struct mbuffer_st *prev;
322 /* msg->size - mark = number of bytes left to process in this
323 message. Mark should only be non-zero when this buffer is the
324 head of the queue. */
325 size_t mark;
328 /* the data */
329 gnutls_datum_t msg;
330 size_t maximum_size;
332 /* used during fill in, to separate header from data
333 * body. */
334 unsigned int user_mark;
336 /* Filled in by record layer on recv:
337 * type, record_sequence
340 /* record layer content type */
341 content_type_t type;
343 /* record layer sequence */
344 uint64 record_sequence;
346 /* Filled in by handshake layer on send:
347 * type, epoch, htype, handshake_sequence
350 /* Record layer epoch of message */
351 uint16_t epoch;
353 /* Handshake layer type and sequence of message */
354 gnutls_handshake_description_t htype;
355 uint16_t handshake_sequence;
356 } mbuffer_st;
358 typedef struct mbuffer_head_st
360 mbuffer_st *head;
361 mbuffer_st *tail;
363 unsigned int length;
364 size_t byte_length;
365 } mbuffer_head_st;
367 /* Store & Retrieve functions defines:
370 typedef struct auth_cred_st
372 gnutls_credentials_type_t algorithm;
374 /* the type of credentials depends on algorithm
376 void *credentials;
377 struct auth_cred_st *next;
378 } auth_cred_st;
380 struct gnutls_key_st
382 /* For ECDH KX */
383 gnutls_pk_params_st ecdh_params;
384 bigint_t ecdh_x;
385 bigint_t ecdh_y;
387 /* For DH KX */
388 gnutls_datum_t key;
389 bigint_t KEY;
390 bigint_t client_Y;
391 bigint_t client_g;
392 bigint_t client_p;
393 bigint_t dh_secret;
394 /* for SRP */
395 bigint_t A;
396 bigint_t B;
397 bigint_t u;
398 bigint_t b;
399 bigint_t a;
400 bigint_t x;
401 /* RSA: e, m
403 bigint_t rsa[2];
405 /* this is used to hold the peers authentication data
407 /* auth_info_t structures SHOULD NOT contain malloced
408 * elements. Check gnutls_session_pack.c, and gnutls_auth.c.
409 * Remember that this should be calloced!
411 void *auth_info;
412 gnutls_credentials_type_t auth_info_type;
413 int auth_info_size; /* needed in order to store to db for restoring
415 uint8_t crypt_algo;
417 auth_cred_st *cred; /* used to specify keys/certificates etc */
419 int crt_requested;
420 /* some ciphersuites use this
421 * to provide client authentication.
422 * 1 if client auth was requested
423 * by the peer, 0 otherwise
424 *** In case of a server this
425 * holds 1 if we should wait
426 * for a client certificate verify
429 typedef struct gnutls_key_st gnutls_key_st;
431 struct pin_info_st
433 gnutls_pin_callback_t cb;
434 void* data;
437 struct record_state_st;
438 typedef struct record_state_st record_state_st;
440 struct record_parameters_st;
441 typedef struct record_parameters_st record_parameters_st;
443 /* STATE (cont) */
445 #include <gnutls_hash_int.h>
446 #include <gnutls_cipher_int.h>
447 #include <gnutls_compress.h>
449 typedef struct
451 uint8_t hash_algorithm;
452 uint8_t sign_algorithm; /* pk algorithm actually */
453 } sign_algorithm_st;
455 /* This structure holds parameters got from TLS extension
456 * mechanism. (some extensions may hold parameters in auth_info_t
457 * structures also - see SRP).
460 #define MAX_SIGNATURE_ALGORITHMS 16
461 #define MAX_SIGN_ALGO_SIZE (2 + MAX_SIGNATURE_ALGORITHMS * 2)
463 #define MAX_VERIFY_DATA_SIZE 36 /* in SSL 3.0, 12 in TLS 1.0 */
465 /* auth_info_t structures now MAY contain malloced
466 * elements.
469 /* This structure and auth_info_t, are stored in the resume database,
470 * and are restored, in case of resume.
471 * Holds all the required parameters to resume the current
472 * session.
475 /* if you add anything in Security_Parameters struct, then
476 * also modify CPY_COMMON in gnutls_constate.c.
479 /* Note that the security parameters structure is set up after the
480 * handshake has finished. The only value you may depend on while
481 * the handshake is in progress is the cipher suite value.
483 typedef struct
485 unsigned int entity; /* GNUTLS_SERVER or GNUTLS_CLIENT */
486 gnutls_kx_algorithm_t kx_algorithm;
488 /* The epoch used to read and write */
489 uint16_t epoch_read;
490 uint16_t epoch_write;
492 /* The epoch that the next handshake will initialize. */
493 uint16_t epoch_next;
495 /* The epoch at index 0 of record_parameters. */
496 uint16_t epoch_min;
498 /* this is the ciphersuite we are going to use
499 * moved here from internals in order to be restored
500 * on resume;
502 uint8_t cipher_suite[2];
503 gnutls_compression_method_t compression_method;
504 uint8_t master_secret[GNUTLS_MASTER_SIZE];
505 uint8_t client_random[GNUTLS_RANDOM_SIZE];
506 uint8_t server_random[GNUTLS_RANDOM_SIZE];
507 uint8_t session_id[TLS_MAX_SESSION_ID_SIZE];
508 uint8_t session_id_size;
509 time_t timestamp;
511 /* The send size is the one requested by the programmer.
512 * The recv size is the one negotiated with the peer.
514 uint16_t max_record_send_size;
515 uint16_t max_record_recv_size;
516 /* holds the negotiated certificate type */
517 gnutls_certificate_type_t cert_type;
518 gnutls_ecc_curve_t ecc_curve; /* holds the first supported ECC curve requested by client */
519 gnutls_protocol_t version; /* moved here */
521 /* Holds the signature algorithm used in this session - If any */
522 gnutls_sign_algorithm_t sign_algo;
524 /* FIXME: The following are not saved in the session storage
525 * for session resumption.
528 /* Used by extensions that enable supplemental data: Which ones
529 * do that? Do they belong in security parameters?
531 int do_recv_supplemental, do_send_supplemental;
532 } security_parameters_st;
534 struct record_state_st
536 gnutls_datum_t mac_secret;
537 gnutls_datum_t IV;
538 gnutls_datum_t key;
539 auth_cipher_hd_st cipher_state;
540 comp_hd_st compression_state;
541 uint64 sequence_number;
544 /* These are used to resolve relative epochs. These values are just
545 outside the 16 bit range to prevent off-by-one errors. An absolute
546 epoch may be referred to by its numeric id in the range
547 0x0000-0xffff. */
548 #define EPOCH_READ_CURRENT 70000
549 #define EPOCH_WRITE_CURRENT 70001
550 #define EPOCH_NEXT 70002
552 struct record_parameters_st
554 uint16_t epoch;
555 int initialized;
557 gnutls_cipher_algorithm_t cipher_algorithm;
558 gnutls_mac_algorithm_t mac_algorithm;
559 gnutls_compression_method_t compression_algorithm;
561 /* for DTLS */
562 uint64_t record_sw[DTLS_RECORD_WINDOW_SIZE];
563 unsigned int record_sw_size;
565 record_state_st read;
566 record_state_st write;
568 /* Whether this state is in use, i.e., if there is
569 a pending handshake message waiting to be encrypted
570 under this epoch's parameters.
572 int usage_cnt;
575 typedef struct
577 unsigned int priority[MAX_ALGOS];
578 unsigned int algorithms;
579 } priority_st;
581 typedef enum
583 SR_DISABLED,
584 SR_UNSAFE,
585 SR_PARTIAL,
586 SR_SAFE
587 } safe_renegotiation_t;
589 /* For the external api */
590 struct gnutls_priority_st
592 priority_st cipher;
593 priority_st mac;
594 priority_st kx;
595 priority_st compression;
596 priority_st protocol;
597 priority_st cert_type;
598 priority_st sign_algo;
599 priority_st supported_ecc;
601 /* to disable record padding */
602 unsigned int no_extensions:1;
603 unsigned int no_padding:1;
604 unsigned int allow_large_records:1;
605 safe_renegotiation_t sr;
606 unsigned int ssl3_record_version:1;
607 unsigned int server_precedence:1;
608 unsigned int allow_weak_keys:1;
609 /* Whether stateless compression will be used */
610 unsigned int stateless_compression:1;
611 unsigned int additional_verify_flags;
614 #define ENABLE_COMPAT(x) \
615 (x)->no_padding = 1; \
616 (x)->allow_large_records = 1; \
617 (x)->allow_weak_keys = 1
619 /* DH and RSA parameters types.
621 typedef struct gnutls_dh_params_int
623 /* [0] is the prime, [1] is the generator.
625 bigint_t params[2];
626 int q_bits; /* length of q in bits. If zero then length is unknown.
628 } dh_params_st;
630 typedef struct
632 gnutls_dh_params_t dh_params;
633 int free_dh_params;
634 gnutls_rsa_params_t rsa_params;
635 int free_rsa_params;
636 } internal_params_st;
638 /* DTLS session state
640 typedef struct
642 /* HelloVerifyRequest DOS prevention cookie */
643 uint8_t cookie[DTLS_MAX_COOKIE_SIZE];
644 uint8_t cookie_len;
646 /* For DTLS handshake fragmentation and reassembly. */
647 uint16_t hsk_write_seq;
648 /* the sequence number of the expected packet */
649 unsigned int hsk_read_seq;
650 uint16_t mtu;
652 /* a flight transmission is in process */
653 unsigned int flight_init:1;
654 /* whether this is the last flight in the protocol */
655 unsigned int last_flight:1;
657 /* the retransmission timeout in milliseconds */
658 unsigned int retrans_timeout_ms;
659 /* the connection timeout in milliseconds */
660 unsigned int total_timeout_ms;
662 unsigned int hsk_hello_verify_requests;
664 /* non blocking stuff variables */
665 unsigned int blocking:1;
666 /* starting time of current handshake */
667 struct timespec handshake_start_time;
669 /* The actual retrans_timeout for the next message (e.g. doubled or so)
671 unsigned int actual_retrans_timeout_ms;
673 /* timers to handle async handshake after gnutls_handshake()
674 * has terminated. Required to handle retransmissions.
676 time_t async_term;
678 /* last retransmission triggered by record layer */
679 struct timespec last_retransmit;
680 unsigned int packets_dropped;
681 } dtls_st;
684 typedef union
686 void *ptr;
687 uint32_t num;
688 } extension_priv_data_t;
690 typedef struct
692 /* holds all the parsed data received by the record layer */
693 mbuffer_head_st record_buffer;
695 int handshake_hash_buffer_prev_len; /* keeps the length of handshake_hash_buffer, excluding
696 * the last received message */
697 gnutls_buffer_st handshake_hash_buffer; /* used to keep the last received handshake
698 * message */
699 unsigned int resumable:1; /* TRUE or FALSE - if we can resume that session */
700 unsigned int ticket_sent:1; /* whether a session ticket was sent */
701 handshake_state_t handshake_final_state;
702 handshake_state_t handshake_state; /* holds
703 * a number which indicates where
704 * the handshake procedure has been
705 * interrupted. If it is 0 then
706 * no interruption has happened.
709 int invalid_connection:1; /* true or FALSE - if this session is valid */
711 int may_not_read:1; /* if it's 0 then we can read/write, otherwise it's forbiden to read/write
713 int may_not_write:1;
714 int read_eof:1; /* non-zero if we have received a closure alert. */
716 int last_alert; /* last alert received */
718 /* The last handshake messages sent or received.
720 int last_handshake_in;
721 int last_handshake_out;
723 /* priorities */
724 struct gnutls_priority_st priorities;
726 /* resumed session */
727 unsigned int resumed:1; /* RESUME_TRUE or FALSE - if we are resuming a session */
728 unsigned int resumption_requested:1; /* non-zero if resumption was requested by client */
729 security_parameters_st resumed_security_parameters;
731 /* These buffers are used in the handshake
732 * protocol only. freed using _gnutls_handshake_io_buffer_clear();
734 mbuffer_head_st handshake_send_buffer;
735 handshake_buffer_st handshake_recv_buffer[MAX_HANDSHAKE_MSGS];
736 int handshake_recv_buffer_size;
738 /* this buffer holds a record packet -mostly used for
739 * non blocking IO.
741 mbuffer_head_st record_recv_buffer; /* buffer holding the unparsed record that is currently
742 * being received */
743 mbuffer_head_st record_send_buffer; /* holds cached data
744 * for the gnutls_io_write_buffered()
745 * function.
747 size_t record_send_buffer_user_size; /* holds the
748 * size of the user specified data to
749 * send.
752 int expire_time; /* after expire_time seconds this session will expire */
753 struct mod_auth_st_int *auth_struct; /* used in handshake packets and KX algorithms */
755 /* this is the highest version available
756 * to the peer. (advertized version).
757 * This is obtained by the Handshake Client Hello
758 * message. (some implementations read the Record version)
760 uint8_t adv_version_major;
761 uint8_t adv_version_minor;
763 /* if this is non zero a certificate request message
764 * will be sent to the client. - only if the ciphersuite
765 * supports it.
767 int send_cert_req;
769 /* bits to use for DHE and DHA
770 * use _gnutls_dh_get_prime_bits() and gnutls_dh_set_prime_bits()
771 * to access it.
773 uint16_t dh_prime_bits;
775 size_t max_handshake_data_buffer_size;
777 /* PUSH & PULL functions.
779 gnutls_pull_timeout_func pull_timeout_func;
780 gnutls_pull_func pull_func;
781 gnutls_push_func push_func;
782 gnutls_vec_push_func vec_push_func;
783 gnutls_errno_func errno_func;
784 /* Holds the first argument of PUSH and PULL
785 * functions;
787 gnutls_transport_ptr_t transport_recv_ptr;
788 gnutls_transport_ptr_t transport_send_ptr;
790 /* STORE & RETRIEVE functions. Only used if other
791 * backend than gdbm is used.
793 gnutls_db_store_func db_store_func;
794 gnutls_db_retr_func db_retrieve_func;
795 gnutls_db_remove_func db_remove_func;
796 void *db_ptr;
798 /* post client hello callback (server side only)
800 gnutls_handshake_post_client_hello_func user_hello_func;
802 /* holds the selected certificate and key.
803 * use _gnutls_selected_certs_deinit() and _gnutls_selected_certs_set()
804 * to change them.
806 gnutls_pcert_st *selected_cert_list;
807 int selected_cert_list_length;
808 struct gnutls_privkey_st *selected_key;
809 int selected_need_free:1;
811 /* holds the extensions we sent to the peer
812 * (in case of a client)
814 uint16_t extensions_sent[MAX_EXT_TYPES];
815 uint16_t extensions_sent_size;
817 /* is 0 if we are to send the whole PGP key, or non zero
818 * if the fingerprint is to be sent.
820 int pgp_fingerprint;
822 /* This holds the default version that our first
823 * record packet will have. */
824 uint8_t default_record_version[2];
826 void *user_ptr;
828 int enable_private; /* non zero to
829 * enable cipher suites
830 * which have 0xFF status.
833 /* Holds 0 if the last called function was interrupted while
834 * receiving, and non zero otherwise.
836 int direction;
838 /* This callback will be used (if set) to receive an
839 * openpgp key. (if the peer sends a fingerprint)
841 gnutls_openpgp_recv_key_func openpgp_recv_key_func;
843 /* If non zero the server will not advertise the CA's he
844 * trusts (do not send an RDN sequence).
846 int ignore_rdn_sequence;
848 /* This is used to set an arbitary version in the RSA
849 * PMS secret. Can be used by clients to test whether the
850 * server checks that version. (** only used in gnutls-cli-debug)
852 uint8_t rsa_pms_version[2];
854 /* Here we cache the DH or RSA parameters got from the
855 * credentials structure, or from a callback. That is to
856 * minimize external calls.
858 internal_params_st params;
860 /* To avoid using global variables, and especially on Windows where
861 * the application may use a different errno variable than GnuTLS,
862 * it is possible to use gnutls_transport_set_errno to set a
863 * session-specific errno variable in the user-replaceable push/pull
864 * functions. This value is used by the send/recv functions. (The
865 * strange name of this variable is because 'errno' is typically
866 * #define'd.)
868 int errnum;
870 /* Function used to perform public-key signing operation during
871 handshake. Used by gnutls_sig.c:_gnutls_tls_sign(), see also
872 gnutls_sign_callback_set(). */
873 gnutls_sign_func sign_func;
874 void *sign_func_userdata;
876 /* minimum bits to allow for SRP
877 * use gnutls_srp_set_prime_bits() to adjust it.
879 uint16_t srp_prime_bits;
881 /* A handshake process has been completed */
882 unsigned int initial_negotiation_completed:1;
884 struct
886 uint16_t type;
887 extension_priv_data_t priv;
888 int set:1;
889 } extension_int_data[MAX_EXT_TYPES];
891 struct
893 uint16_t type;
894 extension_priv_data_t priv;
895 int set:1;
896 } resumed_extension_int_data[MAX_EXT_TYPES];
897 /* The type of transport protocol; stream or datagram */
898 transport_t transport;
900 /* DTLS session state */
901 dtls_st dtls;
903 /* if set it means that the master key was set using
904 * gnutls_session_set_master() rather than being negotiated. */
905 unsigned int premaster_set:1;
907 unsigned int cb_tls_unique_len;
908 unsigned char cb_tls_unique[MAX_VERIFY_DATA_SIZE];
910 time_t handshake_endtime; /* end time in seconds */
911 unsigned int handshake_timeout_ms; /* timeout in milliseconds */
913 gnutls_buffer_st hb_local_data;
914 gnutls_buffer_st hb_remote_data;
915 struct timespec hb_ping_start; /* timestamp: when first HeartBeat ping was sent*/
916 struct timespec hb_ping_sent; /* timestamp: when last HeartBeat ping was sent*/
917 unsigned int hb_actual_retrans_timeout_ms; /* current timeout, in milliseconds*/
918 unsigned int hb_retrans_timeout_ms; /* the default timeout, in milliseconds*/
919 unsigned int hb_total_timeout_ms; /* the total timeout, in milliseconds*/
921 unsigned int ocsp_check_ok; /* will be zero if the OCSP response TLS extension
922 * check failed (OCSP was old/unrelated or so). */
924 heartbeat_state_t hb_state; /* for ping */
926 recv_state_t recv_state; /* state of the receive function */
928 /* If you add anything here, check _gnutls_handshake_internal_state_clear().
930 } internals_st;
932 /* Maximum number of epochs we keep around. */
933 #define MAX_EPOCH_INDEX 16
935 struct gnutls_session_int
937 security_parameters_st security_parameters;
938 record_parameters_st *record_parameters[MAX_EPOCH_INDEX];
939 internals_st internals;
940 gnutls_key_st key;
944 /* functions
946 void _gnutls_free_auth_info (gnutls_session_t session);
948 /* These two macros return the advertised TLS version of
949 * the peer.
951 #define _gnutls_get_adv_version_major( session) \
952 session->internals.adv_version_major
954 #define _gnutls_get_adv_version_minor( session) \
955 session->internals.adv_version_minor
957 #define set_adv_version( session, major, minor) \
958 session->internals.adv_version_major = major; \
959 session->internals.adv_version_minor = minor
961 void _gnutls_set_adv_version (gnutls_session_t, gnutls_protocol_t);
962 gnutls_protocol_t _gnutls_get_adv_version (gnutls_session_t);
964 int _gnutls_is_secure_mem_null (const void *);
966 inline static gnutls_protocol_t
967 _gnutls_protocol_get_version (gnutls_session_t session)
969 return session->security_parameters.version;
972 #define gnutls_protocol_get_version _gnutls_protocol_get_version
974 inline static void
975 _gnutls_set_current_version (gnutls_session_t session,
976 gnutls_protocol_t version)
978 session->security_parameters.version = version;
982 #endif /* GNUTLS_INT_H */