tls: add service parameter for handshake

This will be used for fine-grained GnuTLS stored public keys,
i.e. SSH-like authentication on first use.

diff --git a/include/vlc_tls.h b/include/vlc_tls.h
index e3f9e323c57b387704d6ccd5387e03660312542d..e9db9cc4c958923dea9f2cf980547bdc46b81800 100644 (file)
--- a/include/vlc_tls.h
+++ b/include/vlc_tls.h
@@ -42,13 +42,13 @@ struct vlc_tls
     vlc_tls_sys_t *sys;
 
     struct virtual_socket_t sock;
-    int  (*handshake) (vlc_tls_t *, const char *host);
+    int  (*handshake) (vlc_tls_t *, const char *host, const char *service);
 };
 
 VLC_API vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *, int fd,
-                                                const char *host);
+                                        const char *host, const char *service);
 vlc_tls_t *vlc_tls_SessionCreate (vlc_tls_creds_t *, int fd, const char *host);
-int vlc_tls_SessionHandshake (vlc_tls_t *, const char *host);
+int vlc_tls_SessionHandshake (vlc_tls_t *, const char *host, const char *serv);
 VLC_API void vlc_tls_SessionDelete (vlc_tls_t *);
 
 /* NOTE: It is assumed that a->sock.p_sys = a */

diff --git a/modules/access/http.c b/modules/access/http.c
index 226333b5a88630189af8c1c8f0e852b075f6eb67..d74bbb1fb42835d3b0dcf9b98225e7f2bb86beee 100644 (file)
--- a/modules/access/http.c
+++ b/modules/access/http.c
@@ -1225,7 +1225,7 @@ static int Connect( access_t *p_access, uint64_t i_tell )
 
         /* TLS/SSL handshake */
         p_sys->p_tls = vlc_tls_ClientSessionCreate( p_sys->p_creds, p_sys->fd,
-                                                    p_sys->url.psz_host );
+                                                p_sys->url.psz_host, "https" );
         if( p_sys->p_tls == NULL )
         {
             msg_Err( p_access, "cannot establish HTTP/TLS session" );

diff --git a/modules/misc/gnutls.c b/modules/misc/gnutls.c
index 3946c7a75b88334d4a86f10140e30ae84cc157f9..56124cbf996a3437d4ef188f2539ffa54d8faa52 100644 (file)
--- a/modules/misc/gnutls.c
+++ b/modules/misc/gnutls.c
@@ -214,7 +214,8 @@ static int gnutls_Recv (void *opaque, void *buf, size_t length)
  * 1 if more would-be blocking recv is needed,
  * 2 if more would-be blocking send is required.
  */
-static int gnutls_ContinueHandshake (vlc_tls_t *session, const char *host)
+static int gnutls_ContinueHandshake (vlc_tls_t *session, const char *host,
+                                     const char *service)
 {
     vlc_tls_sys_t *sys = session->sys;
     int val;
@@ -236,7 +237,7 @@ static int gnutls_ContinueHandshake (vlc_tls_t *session, const char *host)
     }
 
     sys->handshaked = true;
-    (void) host;
+    (void) host; (void) service;
     return 0;
 }
 
@@ -307,11 +308,12 @@ static struct
 };
 
 
-static int gnutls_HandshakeAndValidate (vlc_tls_t *session, const char *host)
+static int gnutls_HandshakeAndValidate (vlc_tls_t *session, const char *host,
+                                        const char *service)
 {
     vlc_tls_sys_t *sys = session->sys;
 
-    int val = gnutls_ContinueHandshake (session, host);
+    int val = gnutls_ContinueHandshake (session, host, service);
     if (val)
         return val;
 
@@ -418,7 +420,8 @@ struct vlc_tls_creds_sys
 {
     gnutls_certificate_credentials_t x509_cred;
     gnutls_dh_params_t dh_params; /* XXX: used for server only */
-    int (*handshake) (vlc_tls_t *, const char *); /* XXX: useful for server only */
+    int (*handshake) (vlc_tls_t *, const char *, const char *);
+        /* ^^ XXX: useful for server only */
 };
 
 

diff --git a/src/network/httpd.c b/src/network/httpd.c
index 5b97ea9cf2a5e5d44191968d4ec558bef44831d6..f76c47ce0594a65225ec419d849f66f82a9e97c5 100644 (file)
--- a/src/network/httpd.c
+++ b/src/network/httpd.c
@@ -1880,7 +1880,7 @@ static void httpd_ClientSend( httpd_client_t *cl )
 
 static void httpd_ClientTlsHandshake( httpd_client_t *cl )
 {
-    switch( vlc_tls_SessionHandshake( cl->p_tls, NULL ) )
+    switch( vlc_tls_SessionHandshake( cl->p_tls, NULL, NULL ) )
     {
         case 0:
             cl->i_state = HTTPD_CLIENT_RECEIVING;

diff --git a/src/network/tls.c b/src/network/tls.c
index 97e5556c4cb1159a14c1d28fc3d585c1a831205a..c5539059851c37efd2a02319d313200fc64d9f57 100644 (file)
--- a/src/network/tls.c
+++ b/src/network/tls.c
@@ -180,9 +180,10 @@ void vlc_tls_SessionDelete (vlc_tls_t *session)
     vlc_object_release (session);
 }
 
-int vlc_tls_SessionHandshake (vlc_tls_t *session, const char *host)
+int vlc_tls_SessionHandshake (vlc_tls_t *session, const char *host,
+                              const char *service)
 {
-    return session->handshake (session, host);
+    return session->handshake (session, host, service);
 }
 
 /**
@@ -196,7 +197,7 @@ int vlc_tls_SessionHandshake (vlc_tls_t *session, const char *host)
  * @return NULL on error.
  **/
 vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *crd, int fd,
-                                        const char *host)
+                                        const char *host, const char *service)
 {
     vlc_tls_t *session = vlc_tls_SessionCreate (crd, fd, host);
     if (session == NULL)
@@ -204,7 +205,7 @@ vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *crd, int fd,
 
     int val;
     do
-        val = vlc_tls_SessionHandshake (session, host);
+        val = vlc_tls_SessionHandshake (session, host, service);
     while (val > 0);
 
     if (val != 0)