Commit c8d471d5 authored by Rémi Denis-Courmont's avatar Rémi Denis-Courmont

tls: add service parameter for handshake

This will be used for fine-grained GnuTLS stored public keys,
i.e. SSH-like authentication on first use.
parent ac8f4555
......@@ -42,13 +42,13 @@ struct vlc_tls
vlc_tls_sys_t *sys;
struct virtual_socket_t sock;
int (*handshake) (vlc_tls_t *, const char *host);
int (*handshake) (vlc_tls_t *, const char *host, const char *service);
};
VLC_API vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *, int fd,
const char *host);
const char *host, const char *service);
vlc_tls_t *vlc_tls_SessionCreate (vlc_tls_creds_t *, int fd, const char *host);
int vlc_tls_SessionHandshake (vlc_tls_t *, const char *host);
int vlc_tls_SessionHandshake (vlc_tls_t *, const char *host, const char *serv);
VLC_API void vlc_tls_SessionDelete (vlc_tls_t *);
/* NOTE: It is assumed that a->sock.p_sys = a */
......
......@@ -1225,7 +1225,7 @@ static int Connect( access_t *p_access, uint64_t i_tell )
/* TLS/SSL handshake */
p_sys->p_tls = vlc_tls_ClientSessionCreate( p_sys->p_creds, p_sys->fd,
p_sys->url.psz_host );
p_sys->url.psz_host, "https" );
if( p_sys->p_tls == NULL )
{
msg_Err( p_access, "cannot establish HTTP/TLS session" );
......
......@@ -214,7 +214,8 @@ static int gnutls_Recv (void *opaque, void *buf, size_t length)
* 1 if more would-be blocking recv is needed,
* 2 if more would-be blocking send is required.
*/
static int gnutls_ContinueHandshake (vlc_tls_t *session, const char *host)
static int gnutls_ContinueHandshake (vlc_tls_t *session, const char *host,
const char *service)
{
vlc_tls_sys_t *sys = session->sys;
int val;
......@@ -236,7 +237,7 @@ static int gnutls_ContinueHandshake (vlc_tls_t *session, const char *host)
}
sys->handshaked = true;
(void) host;
(void) host; (void) service;
return 0;
}
......@@ -307,11 +308,12 @@ static struct
};
static int gnutls_HandshakeAndValidate (vlc_tls_t *session, const char *host)
static int gnutls_HandshakeAndValidate (vlc_tls_t *session, const char *host,
const char *service)
{
vlc_tls_sys_t *sys = session->sys;
int val = gnutls_ContinueHandshake (session, host);
int val = gnutls_ContinueHandshake (session, host, service);
if (val)
return val;
......@@ -418,7 +420,8 @@ struct vlc_tls_creds_sys
{
gnutls_certificate_credentials_t x509_cred;
gnutls_dh_params_t dh_params; /* XXX: used for server only */
int (*handshake) (vlc_tls_t *, const char *); /* XXX: useful for server only */
int (*handshake) (vlc_tls_t *, const char *, const char *);
/* ^^ XXX: useful for server only */
};
......
......@@ -1880,7 +1880,7 @@ static void httpd_ClientSend( httpd_client_t *cl )
static void httpd_ClientTlsHandshake( httpd_client_t *cl )
{
switch( vlc_tls_SessionHandshake( cl->p_tls, NULL ) )
switch( vlc_tls_SessionHandshake( cl->p_tls, NULL, NULL ) )
{
case 0:
cl->i_state = HTTPD_CLIENT_RECEIVING;
......
......@@ -180,9 +180,10 @@ void vlc_tls_SessionDelete (vlc_tls_t *session)
vlc_object_release (session);
}
int vlc_tls_SessionHandshake (vlc_tls_t *session, const char *host)
int vlc_tls_SessionHandshake (vlc_tls_t *session, const char *host,
const char *service)
{
return session->handshake (session, host);
return session->handshake (session, host, service);
}
/**
......@@ -196,7 +197,7 @@ int vlc_tls_SessionHandshake (vlc_tls_t *session, const char *host)
* @return NULL on error.
**/
vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *crd, int fd,
const char *host)
const char *host, const char *service)
{
vlc_tls_t *session = vlc_tls_SessionCreate (crd, fd, host);
if (session == NULL)
......@@ -204,7 +205,7 @@ vlc_tls_t *vlc_tls_ClientSessionCreate (vlc_tls_creds_t *crd, int fd,
int val;
do
val = vlc_tls_SessionHandshake (session, host);
val = vlc_tls_SessionHandshake (session, host, service);
while (val > 0);
if (val != 0)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment