#endif
-#include "vlc_tls.h"
+#include <vlc_tls.h>
#include <vlc_charset.h>
#include <gcrypt.h>
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
+#include <vlc_gcrypt.h>
+
#define CACHE_TIMEOUT 3600
#define CACHE_SIZE 64
add_obsolete_integer( "gnutls-dh-bits" );
add_integer( "gnutls-cache-timeout", CACHE_TIMEOUT, NULL,
- CACHE_TIMEOUT_TEXT, CACHE_TIMEOUT_LONGTEXT, VLC_TRUE );
+ CACHE_TIMEOUT_TEXT, CACHE_TIMEOUT_LONGTEXT, true );
add_integer( "gnutls-cache-size", CACHE_SIZE, NULL, CACHE_SIZE_TEXT,
- CACHE_SIZE_LONGTEXT, VLC_TRUE );
+ CACHE_SIZE_LONGTEXT, true );
vlc_module_end();
-
-
-#ifdef LIBVLC_USE_PTHREAD
-GCRY_THREAD_OPTION_PTHREAD_IMPL;
-# define gcry_threads_vlc gcry_threads_pthread
-#else
-/**
- * gcrypt thread option VLC implementation
- */
-
-static int gcry_vlc_mutex_init( void **p_sys )
-{
- int i_val;
- vlc_mutex_t *p_lock = (vlc_mutex_t *)malloc( sizeof( vlc_mutex_t ) );
-
- if( p_lock == NULL)
- return ENOMEM;
-
- i_val = vlc_mutex_init( (vlc_object_t *)NULL, p_lock );
- if( i_val )
- free( p_lock );
- else
- *p_sys = p_lock;
- return i_val;
-}
-
-static int gcry_vlc_mutex_destroy( void **p_sys )
-{
- vlc_mutex_t *p_lock = (vlc_mutex_t *)*p_sys;
- vlc_mutex_destroy( p_lock );
- free( p_lock );
- return VLC_SUCCESS;
-}
-
-static int gcry_vlc_mutex_lock( void **p_sys )
-{
- vlc_mutex_lock( (vlc_mutex_t *)*p_sys );
- return VLC_SUCCESS;
-}
-
-static int gcry_vlc_mutex_unlock( void **lock )
-{
- vlc_mutex_unlock( (vlc_mutex_t *)*lock );
- return VLC_SUCCESS;
-}
-
-static struct gcry_thread_cbs gcry_threads_vlc =
-{
- GCRY_THREAD_OPTION_USER,
- NULL,
- gcry_vlc_mutex_init,
- gcry_vlc_mutex_destroy,
- gcry_vlc_mutex_lock,
- gcry_vlc_mutex_unlock
-};
-#endif
-
-
/**
* Initializes GnuTLS with proper locking.
* @return VLC_SUCCESS on success, a VLC error code otherwise.
{
int ret = VLC_EGENERIC;
- vlc_mutex_t *lock = var_AcquireMutex ("gnutls_mutex");
+ vlc_gcrypt_init (); /* GnuTLS depends on gcrypt */
- gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_vlc);
+ vlc_mutex_t *lock = var_AcquireMutex ("gnutls_mutex");
if (gnutls_global_init ())
{
msg_Err (p_this, "cannot initialize GnuTLS");
{
gnutls_session_t session;
char *psz_hostname;
- vlc_bool_t b_handshaked;
+ bool b_handshaked;
};
return -1;
}
- p_sys->b_handshaked = VLC_TRUE;
+ p_sys->b_handshaked = true;
return 0;
}
static int
gnutls_Addx509File( vlc_object_t *p_this,
gnutls_certificate_credentials_t cred,
- const char *psz_path, vlc_bool_t b_priv );
+ const char *psz_path, bool b_priv );
static int
gnutls_Addx509Directory( vlc_object_t *p_this,
gnutls_certificate_credentials_t cred,
const char *psz_dirname,
- vlc_bool_t b_priv )
+ bool b_priv )
{
DIR* dir;
static int
gnutls_Addx509File( vlc_object_t *p_this,
gnutls_certificate_credentials cred,
- const char *psz_path, vlc_bool_t b_priv )
+ const char *psz_path, bool b_priv )
{
struct stat st;
p_session->sock.pf_recv = gnutls_Recv;
p_session->pf_set_fd = gnutls_SetFD;
- p_sys->session.b_handshaked = VLC_FALSE;
+ p_sys->session.b_handshaked = false;
const char *homedir = obj->p_libvlc->psz_datadir,
*datadir = config_GetDataDir ();
sprintf (path, "%s/ssl/certs", homedir);
gnutls_Addx509Directory (VLC_OBJECT (p_session),
- p_sys->x509_cred, path, VLC_FALSE);
+ p_sys->x509_cred, path, false);
sprintf (path, "%s/ca-certificates.crt", datadir);
gnutls_Addx509File (VLC_OBJECT (p_session),
- p_sys->x509_cred, path, VLC_FALSE);
+ p_sys->x509_cred, path, false);
p_session->pf_handshake = gnutls_HandshakeAndValidate;
/*p_session->pf_handshake = gnutls_ContinueHandshake;*/
sprintf (path, "%s/ssl/private", homedir);
gnutls_Addx509Directory (VLC_OBJECT (p_session), p_sys->x509_cred,
- path, VLC_TRUE);
+ path, true);
i_val = gnutls_init (&p_sys->session.session, GNUTLS_CLIENT);
if (i_val != 0)
tls_session_t *client = (tls_session_t *)obj;
tls_client_sys_t *p_sys = (tls_client_sys_t *)(client->p_sys);
- if (p_sys->session.b_handshaked == VLC_TRUE)
+ if (p_sys->session.b_handshaked == true)
gnutls_bye (p_sys->session.session, GNUTLS_SHUT_WR);
gnutls_deinit (p_sys->session.session);
/* credentials must be free'd *after* gnutls_deinit() */
tls_session_sys_t *p_sys = p_session->p_sys;
(void)p_server;
- if( p_sys->b_handshaked == VLC_TRUE )
+ if( p_sys->b_handshaked == true )
gnutls_bye( p_sys->session, GNUTLS_SHUT_WR );
gnutls_deinit( p_sys->session );
vlc_object_detach( p_session );
- vlc_object_destroy( p_session );
+ vlc_object_release( p_session );
free( p_sys );
}
p_session->p_sys = malloc( sizeof(struct tls_session_sys_t) );
if( p_session->p_sys == NULL )
{
- vlc_object_destroy( p_session );
+ vlc_object_release( p_session );
return NULL;
}
p_session->pf_set_fd = gnutls_SetFD;
p_session->pf_handshake = p_server_sys->pf_handshake;
- p_session->p_sys->b_handshaked = VLC_FALSE;
+ p_session->p_sys->b_handshaked = false;
p_session->p_sys->psz_hostname = NULL;
i_val = gnutls_init( &session, GNUTLS_SERVER );
error:
free( p_session->p_sys );
vlc_object_detach( p_session );
- vlc_object_destroy( p_session );
+ vlc_object_release( p_session );
return NULL;
}
/* No certificate validation by default */
p_sys->pf_handshake = gnutls_ContinueHandshake;
- vlc_mutex_init( p_server, &p_sys->cache_lock );
+ vlc_mutex_init( &p_sys->cache_lock );
/* Sets server's credentials */
val = gnutls_certificate_allocate_credentials( &p_sys->x509_cred );