gnutls_int.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation
00003  *
00004  * Author: Nikos Mavrogiannopoulos
00005  *
00006  * This file is part of GNUTLS.
00007  *
00008  * The GNUTLS library is free software; you can redistribute it and/or
00009  * modify it under the terms of the GNU Lesser General Public License
00010  * as published by the Free Software Foundation; either version 2.1 of
00011  * the License, or (at your option) any later version.
00012  *
00013  * This library is distributed in the hope that it will be useful, but
00014  * WITHOUT ANY WARRANTY; without even the implied warranty of
00015  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
00016  * Lesser General Public License for more details.
00017  *
00018  * You should have received a copy of the GNU Lesser General Public
00019  * License along with this library; if not, write to the Free Software
00020  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
00021  * USA
00022  *
00023  */
00024 
00025 #ifndef GNUTLS_INT_H
00026 #define GNUTLS_INT_H
00027 
00028 #include <defines.h>
00029 
00030 #include "gnutls.h"
00031 #include "microhttpd.h"
00032 
00033 #include "gnutls_mem.h"
00034 
00035 /* FIXME: delete this once opencdk has reentrant keyring functions
00036  */
00037 #define KEYRING_HACK
00038 
00039 #ifndef MAX
00040 #define MAX(X,Y) ((X) > (Y) ? (X) : (Y))
00041 #endif
00042 
00043 #define MAX32 4294967295
00044 #define MAX24 16777215
00045 #define MAX16 65535
00046 
00047 /* The size of a handshake message should not
00048  * be larger than this value.
00049  */
00050 #define MAX_HANDSHAKE_PACKET_SIZE 48*1024
00051 
00052 #define TLS_RANDOM_SIZE 32
00053 #define TLS_MAX_SESSION_ID_SIZE 32
00054 #define TLS_MASTER_SIZE 48
00055 
00056 /* The maximum digest size of hash algorithms.
00057  */
00058 #define MAX_HASH_SIZE 64
00059 
00060 #define MAX_LOG_SIZE 1024       /* maximum size of log message */
00061 #define MAX_SERVER_NAME_SIZE 128
00062 
00063 /* we can receive up to MAX_EXT_TYPES extensions.
00064  */
00065 #define MAX_EXT_TYPES 64
00066 
00067 /* The initial size of the receive
00068  * buffer size. This will grow if larger
00069  * packets are received.
00070  */
00071 #define INITIAL_RECV_BUFFER_SIZE 256
00072 
00073 /* the default for TCP */
00074 #define DEFAULT_LOWAT 1
00075 
00076 /* expire time for resuming sessions */
00077 #define DEFAULT_EXPIRE_TIME 3600
00078 
00079 /* the maximum size of encrypted packets */
00080 #define DEFAULT_MAX_RECORD_SIZE 16384
00081 #define RECORD_HEADER_SIZE 5
00082 #define MAX_RECORD_SEND_SIZE (size_t)session->security_parameters.max_record_send_size
00083 #define MAX_RECORD_RECV_SIZE (size_t)session->security_parameters.max_record_recv_size
00084 #define MAX_PAD_SIZE 255
00085 #define EXTRA_COMP_SIZE 2048
00086 #define MAX_RECORD_OVERHEAD MAX_PAD_SIZE+EXTRA_COMP_SIZE
00087 #define MAX_RECV_SIZE MAX_RECORD_OVERHEAD+MAX_RECORD_RECV_SIZE+RECORD_HEADER_SIZE
00088 
00089 #define HANDSHAKE_HEADER_SIZE 4
00090 
00091 /* defaults for verification functions
00092  */
00093 #define DEFAULT_VERIFY_DEPTH 32
00094 #define DEFAULT_VERIFY_BITS 16*1024
00095 
00096 #define DECR_LEN(len, x) do { len-=x; if (len<0) {MHD_gnutls_assert(); return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;} } while (0)
00097 #define DECR_LENGTH_RET(len, x, RET) do { len-=x; if (len<0) {MHD_gnutls_assert(); return RET;} } while (0)
00098 #define DECR_LENGTH_COM(len, x, COM) do { len-=x; if (len<0) {MHD_gnutls_assert(); COM;} } while (0)
00099 
00100 #define HASH2MAC(x) ((enum MHD_GNUTLS_HashAlgorithm)x)
00101 
00102 /* TODO rm */
00103 /* Additional cast to bring void* to a type castable to int. */
00104 #define GNUTLS_POINTER_TO_INT_CAST (long)
00105 
00106 #define GNUTLS_POINTER_TO_INT(_) ((int) GNUTLS_POINTER_TO_INT_CAST (_))
00107 #define GNUTLS_INT_TO_POINTER(_) ((void*) GNUTLS_POINTER_TO_INT_CAST (_))
00108 
00109 typedef unsigned char opaque;
00110 typedef struct
00111 {
00112   opaque pint[3];
00113 } uint24;
00114 
00115 #include <gnutls_mpi.h>
00116 
00117 typedef enum change_cipher_spec_t
00118 {
00119   GNUTLS_TYPE_CHANGE_CIPHER_SPEC = 1
00120 } change_cipher_spec_t;
00121 
00122 typedef enum handshake_state_t
00123 {
00124   STATE0 = 0, STATE1, STATE2,
00125   STATE3, STATE4, STATE5,
00126   STATE6, STATE7, STATE8, STATE9, STATE20 = 20, STATE21,
00127   STATE30 = 30, STATE31, STATE50 = 50, STATE60 = 60, STATE61, STATE62,
00128   STATE70, STATE71
00129 } handshake_state_t;
00130 
00131 #include <gnutls_str.h>
00132 
00133 typedef MHD_gtls_string MHD_gtls_buffer;
00134 
00135 #define MHD_gtls_buffer_init(buf) MHD_gtls_string_init(buf, MHD_gnutls_malloc, MHD_gnutls_realloc, MHD_gnutls_free);
00136 #define MHD_gtls_buffer_clear MHD_gtls_string_clear
00137 #define MHD_gtls_buffer_append MHD_gtls_string_append_data
00138 
00139 /* This is the maximum number of algorithms (ciphers or macs etc).
00140  * keep it synced with GNUTLS_MAX_ALGORITHM_NUM in gnutls.h
00141  */
00142 #define MAX_ALGOS 16
00143 
00144 #define MAX_CIPHERSUITES 256
00145 
00146 typedef enum extensions_t
00147 { GNUTLS_EXTENSION_SERVER_NAME = 0,
00148   GNUTLS_EXTENSION_MAX_RECORD_SIZE = 1,
00149   GNUTLS_EXTENSION_CERT_TYPE = 9,
00150   GNUTLS_EXTENSION_SRP = 12,
00151   GNUTLS_EXTENSION_INNER_APPLICATION = 37703
00152 } extensions_t;
00153 
00154 typedef enum
00155 { CIPHER_STREAM, CIPHER_BLOCK } cipher_type_t;
00156 
00157 typedef enum valid_session_t
00158 { VALID_TRUE, VALID_FALSE } valid_session_t;
00159 typedef enum resumable_session_t
00160 { RESUME_TRUE,
00161   RESUME_FALSE
00162 } resumable_session_t;
00163 
00164 /* Record Protocol */
00165 typedef enum content_type_t
00166 {
00167   GNUTLS_CHANGE_CIPHER_SPEC = 20, GNUTLS_ALERT,
00168   GNUTLS_HANDSHAKE, GNUTLS_APPLICATION_DATA,
00169   GNUTLS_INNER_APPLICATION = 24
00170 } content_type_t;
00171 
00172 #define GNUTLS_PK_ANY (enum MHD_GNUTLS_PublicKeyAlgorithm)-1
00173 #define GNUTLS_PK_NONE (enum MHD_GNUTLS_PublicKeyAlgorithm)-2
00174 
00175 /* STATE (stop) */
00176 
00177 typedef void (*LOG_FUNC) (int, const char *);
00178 
00179 /* Store & Retrieve functions defines:  */
00180 typedef struct MHD_gtls_auth_cred_st
00181 {
00182   enum MHD_GNUTLS_CredentialsType algorithm;
00183 
00184   /* the type of credentials depends on algorithm
00185    */
00186   void *credentials;
00187   struct MHD_gtls_auth_cred_st *next;
00188 } auth_cred_st;
00189 
00190 struct MHD_gtls_key
00191 {
00192   /* For DH KX */
00193   MHD_gnutls_datum_t key;
00194   mpi_t KEY;
00195   mpi_t client_Y;
00196   mpi_t client_g;
00197   mpi_t client_p;
00198   mpi_t dh_secret;
00199   /* for SRP */
00200   mpi_t A;
00201   mpi_t B;
00202   mpi_t u;
00203   mpi_t b;
00204   mpi_t a;
00205   mpi_t x;
00206   /* RSA: e, m
00207    */
00208   mpi_t rsa[2];
00209 
00210   /* this is used to hold the peers authentication data
00211    */
00212   /* auth_info_t structures SHOULD NOT contain malloced
00213    * elements. Check MHD_gnutls_session_pack.c, and MHD_gnutls_auth.c.
00214    * Rememember that this should be calloced!
00215    */
00216   void *auth_info;
00217   enum MHD_GNUTLS_CredentialsType auth_info_type;
00218   int auth_info_size;           /* needed in order to store to db for restoring
00219                                  */
00220   uint8_t crypt_algo;
00221 
00222   auth_cred_st *cred;           /* used to specify keys/certificates etc */
00223 
00224   int certificate_requested;
00225   /* some ciphersuites use this
00226    * to provide client authentication.
00227    * 1 if client auth was requested
00228    * by the peer, 0 otherwise
00229    *** In case of a server this
00230    * holds 1 if we should wait
00231    * for a client certificate verify
00232    */
00233 };
00234 typedef struct MHD_gtls_key *MHD_gtls_key_st;
00235 
00236 /* STATE (cont) */
00237 #include <gnutls_hash_int.h>
00238 #include <gnutls_cipher_int.h>
00239 #include <gnutls_cert.h>
00240 
00241 typedef struct
00242 {
00243   uint8_t suite[2];
00244 } cipher_suite_st;
00245 
00246 /* This structure holds parameters got from TLS extension
00247  * mechanism. (some extensions may hold parameters in auth_info_t
00248  * structures also - see SRP).
00249  */
00250 typedef struct
00251 {
00252   opaque name[MAX_SERVER_NAME_SIZE];
00253   unsigned name_length;
00254   MHD_gnutls_server_name_type_t type;
00255 } server_name_st;
00256 
00257 #define MAX_SERVER_NAME_EXTENSIONS 3
00258 typedef struct
00259 {
00260   server_name_st server_names[MAX_SERVER_NAME_EXTENSIONS];
00261   /* limit server_name extensions */
00262   unsigned server_names_size;
00263 
00264   /* TLS/IA data. */
00265   int MHD_gnutls_ia_enable, MHD_gnutls_ia_peer_enable;
00266   int MHD_gnutls_ia_allowskip, MHD_gnutls_ia_peer_allowskip;
00267 
00268   /* Used by extensions that enable supplemental data. */
00269   int do_recv_supplemental, do_send_supplemental;
00270 
00271 } MHD_gtls_ext_st;
00272 
00273 /* This flag indicates for an extension whether
00274  * it is useful to application level or TLS level only.
00275  * This is used to parse the application level extensions
00276  * before the user_hello callback is called.
00277  */
00278 typedef enum tls_ext_parse_type_t
00279 {
00280   EXTENSION_ANY,
00281   EXTENSION_APPLICATION,
00282   EXTENSION_TLS
00283 } MHD_gtls_ext_parse_type_t;
00284 
00285 /* auth_info_t structures now MAY contain malloced
00286  * elements.
00287  */
00288 
00289 /* This structure and auth_info_t, are stored in the resume database,
00290  * and are restored, in case of resume.
00291  * Holds all the required parameters to resume the current
00292  * session.
00293  */
00294 
00295 /* if you add anything in Security_Parameters struct, then
00296  * also modify CPY_COMMON in MHD_gnutls_constate.c
00297  */
00298 
00299 /* Note that the security parameters structure is set up after the
00300  * handshake has finished. The only value you may depend on while
00301  * the handshake is in progress is the cipher suite value.
00302  */
00303 typedef struct
00304 {
00305   MHD_gnutls_connection_end_t entity;
00306   enum MHD_GNUTLS_KeyExchangeAlgorithm kx_algorithm;
00307   /* we've got separate write/read bulk/macs because
00308    * there is a time in handshake where the peer has
00309    * null cipher and we don't
00310    */
00311   enum MHD_GNUTLS_CipherAlgorithm read_bulk_cipher_algorithm;
00312   enum MHD_GNUTLS_HashAlgorithm read_mac_algorithm;
00313   enum MHD_GNUTLS_CompressionMethod read_compression_algorithm;
00314 
00315   enum MHD_GNUTLS_CipherAlgorithm write_bulk_cipher_algorithm;
00316   enum MHD_GNUTLS_HashAlgorithm write_mac_algorithm;
00317   enum MHD_GNUTLS_CompressionMethod write_compression_algorithm;
00318 
00319   /* this is the ciphersuite we are going to use
00320    * moved here from internals in order to be restored
00321    * on resume;
00322    */
00323   cipher_suite_st current_cipher_suite;
00324   opaque master_secret[TLS_MASTER_SIZE];
00325   opaque client_random[TLS_RANDOM_SIZE];
00326   opaque server_random[TLS_RANDOM_SIZE];
00327   opaque session_id[TLS_MAX_SESSION_ID_SIZE];
00328   uint8_t session_id_size;
00329   time_t timestamp;
00330   MHD_gtls_ext_st extensions;
00331 
00332   /* The send size is the one requested by the programmer.
00333    * The recv size is the one negotiated with the peer.
00334    */
00335   uint16_t max_record_send_size;
00336   uint16_t max_record_recv_size;
00337   /* holds the negotiated certificate type */
00338   enum MHD_GNUTLS_CertificateType cert_type;
00339   enum MHD_GNUTLS_Protocol version;     /* moved here */
00340   /* For TLS/IA.  XXX: Move to IA credential? */
00341   opaque inner_secret[TLS_MASTER_SIZE];
00342 } MHD_gtls_security_param_st;
00343 
00344 /* This structure holds the generated keys
00345  */
00346 typedef struct
00347 {
00348   MHD_gnutls_datum_t server_write_mac_secret;
00349   MHD_gnutls_datum_t client_write_mac_secret;
00350   MHD_gnutls_datum_t server_write_IV;
00351   MHD_gnutls_datum_t client_write_IV;
00352   MHD_gnutls_datum_t server_write_key;
00353   MHD_gnutls_datum_t client_write_key;
00354   int generated_keys;           /* zero if keys have not
00355                                  * been generated. Non zero
00356                                  * otherwise.
00357                                  */
00358 } MHD_gtls_cipher_specs_st;
00359 
00360 typedef struct
00361 {
00362   cipher_hd_t write_cipher_state;
00363   cipher_hd_t read_cipher_state;
00364   MHD_gnutls_datum_t read_mac_secret;
00365   MHD_gnutls_datum_t write_mac_secret;
00366   uint64 read_sequence_number;
00367   uint64 write_sequence_number;
00368 } MHD_gtls_conn_stat_st;
00369 
00370 typedef struct
00371 {
00372   unsigned int priority[MAX_ALGOS];
00373   unsigned int num_algorithms;
00374 } MHD_gtls_priority_st;
00375 
00376 /* For the external api */
00377 struct MHD_gtls_priority_st
00378 {
00379   MHD_gtls_priority_st cipher;
00380   MHD_gtls_priority_st mac;
00381   MHD_gtls_priority_st kx;
00382   MHD_gtls_priority_st compression;
00383   MHD_gtls_priority_st protocol;
00384 
00385   /* certificate type : x509, OpenPGP, etc. */
00386   MHD_gtls_priority_st cert_type;
00387 
00388   /* to disable record padding */
00389   int no_padding;
00390 };
00391 
00392 /* DH and RSA parameters types.
00393  */
00394 typedef struct MHD_gtls_dh_params_int
00395 {
00396   /* [0] is the prime, [1] is the generator.
00397    */
00398   mpi_t params[2];
00399 } MHD_gtls_dh_params_st;
00400 
00401 typedef struct
00402 {
00403   MHD_gtls_dh_params_t dh_params;
00404   int free_dh_params;
00405   MHD_gtls_rsa_params_t rsa_params;
00406   int free_rsa_params;
00407 } MHD_gtls_internal_params_st;
00408 
00409 typedef struct
00410 {
00411   opaque header[HANDSHAKE_HEADER_SIZE];
00412   /* this holds the number of bytes in the handshake_header[] */
00413   size_t header_size;
00414   /* this holds the length of the handshake packet */
00415   size_t packet_length;
00416   MHD_gnutls_handshake_description_t recv_type;
00417 } MHD_gtls_handshake_header_buffer_st;
00418 
00419 typedef struct
00420 {
00421   MHD_gtls_buffer application_data_buffer;      /* holds data to be delivered to application layer */
00422   MHD_gtls_buffer handshake_hash_buffer;        /* used to keep the last received handshake
00423                                                  * message */
00424   mac_hd_t handshake_mac_handle_sha;    /* hash of the handshake messages */
00425   mac_hd_t handshake_mac_handle_md5;    /* hash of the handshake messages */
00426 
00427   MHD_gtls_buffer handshake_data_buffer;        /* this is a buffer that holds the current handshake message */
00428   MHD_gtls_buffer ia_data_buffer;       /* holds inner application data (TLS/IA) */
00429   resumable_session_t resumable;        /* TRUE or FALSE - if we can resume that session */
00430   handshake_state_t handshake_state;    /* holds
00431                                          * a number which indicates where
00432                                          * the handshake procedure has been
00433                                          * interrupted. If it is 0 then
00434                                          * no interruption has happened.
00435                                          */
00436 
00437   valid_session_t valid_connection;     /* true or FALSE - if this session is valid */
00438 
00439   int may_not_read;             /* if it's 0 then we can read/write, otherwise it's forbiden to read/write
00440                                  */
00441   int may_not_write;
00442   int read_eof;                 /* non-zero if we have received a closure alert. */
00443 
00444   int last_alert;               /* last alert received */
00445   int last_alert_level;         /* last alert level */
00446 
00447   /* The last handshake messages sent or received.
00448    */
00449   int last_handshake_in;
00450   int last_handshake_out;
00451 
00452   /* this is the compression method we are going to use */
00453   enum MHD_GNUTLS_CompressionMethod compression_method;
00454 
00455   /* priorities */
00456   struct MHD_gtls_priority_st priorities;
00457 
00458   /* resumed session */
00459   resumable_session_t resumed;  /* RESUME_TRUE or FALSE - if we are resuming a session */
00460   MHD_gtls_security_param_st resumed_security_parameters;
00461 
00462   /* sockets internals */
00463   int lowat;
00464 
00465   /* These buffers are used in the handshake
00466    * protocol only. freed using MHD__gnutls_handshake_io_buffer_clear();
00467    */
00468   MHD_gtls_buffer handshake_send_buffer;
00469   size_t handshake_send_buffer_prev_size;
00470   content_type_t handshake_send_buffer_type;
00471   MHD_gnutls_handshake_description_t handshake_send_buffer_htype;
00472   content_type_t handshake_recv_buffer_type;
00473   MHD_gnutls_handshake_description_t handshake_recv_buffer_htype;
00474   MHD_gtls_buffer handshake_recv_buffer;
00475 
00476   /* this buffer holds a record packet -mostly used for
00477    * non blocking IO.
00478    */
00479   MHD_gtls_buffer record_recv_buffer;
00480   MHD_gtls_buffer record_send_buffer;   /* holds cached data
00481                                          * for the MHD_gnutls_io_write_buffered()
00482                                          * function.
00483                                          */
00484   size_t record_send_buffer_prev_size;  /* holds the
00485                                          * data written in the previous runs.
00486                                          */
00487   size_t record_send_buffer_user_size;  /* holds the
00488                                          * size of the user specified data to
00489                                          * send.
00490                                          */
00491 
00492   /* 0 if no peeked data was kept, 1 otherwise.
00493    */
00494   int have_peeked_data;
00495 
00496   int expire_time;              /* after expire_time seconds this session will expire */
00497   struct MHD_gtls_mod_auth_st_int *auth_struct; /* used in handshake packets and KX algorithms */
00498 
00499   /* TODO rm */
00500   int v2_hello;                 /* 0 if the client hello is v3+.
00501                                  * non-zero if we got a v2 hello.
00502                                  */
00503   /* keeps the headers of the handshake packet
00504    */
00505   MHD_gtls_handshake_header_buffer_st handshake_header_buffer;
00506 
00507   /* this is the highest version available
00508    * to the peer. (advertized version).
00509    * This is obtained by the Handshake Client Hello
00510    * message. (some implementations read the Record version)
00511    */
00512   uint8_t adv_version_major;
00513   uint8_t adv_version_minor;
00514 
00515   /* if this is non zero a certificate request message
00516    * will be sent to the client. - only if the ciphersuite
00517    * supports it.
00518    */
00519   int send_cert_req;
00520 
00521   /* bits to use for DHE and DHA
00522    * use MHD__gnutls_dh_get_prime_bits() and MHD__gnutls_dh_set_prime_bits()
00523    * to access it.
00524    */
00525   uint16_t dh_prime_bits;
00526 
00527   size_t max_handshake_data_buffer_size;
00528 
00529   /* PUSH & PULL functions.
00530    */
00531   MHD_gtls_pull_func MHD__gnutls_pull_func;
00532   MHD_gtls_push_func MHD__gnutls_push_func;
00533   /* Holds the first argument of PUSH and PULL
00534    * functions;
00535    */
00536   MHD_gnutls_transport_ptr_t transport_recv_ptr;
00537   MHD_gnutls_transport_ptr_t transport_send_ptr;
00538 
00539   /* Holds the record size requested by the
00540    * user.
00541    */
00542   uint16_t proposed_record_size;
00543 
00544   /* holds the selected certificate and key.
00545    * use MHD_gtls_selected_certs_deinit() and MHD_gtls_selected_certs_set()
00546    * to change them.
00547    */
00548   MHD_gnutls_cert *selected_cert_list;
00549   int selected_cert_list_length;
00550   MHD_gnutls_privkey *selected_key;
00551   int selected_need_free;
00552 
00553   /* holds the extensions we sent to the peer
00554    * (in case of a client)
00555    */
00556   uint16_t extensions_sent[MAX_EXT_TYPES];
00557   uint16_t extensions_sent_size;
00558 
00559   /* This holds the default version that our first
00560    * record packet will have. */
00561   opaque default_record_version[2];
00562 
00563   void *user_ptr;
00564 
00565   /* Holds 0 if the last called function was interrupted while
00566    * receiving, and non zero otherwise.
00567    */
00568   int direction;
00569 
00570   /* If non zero the server will not advertize the CA's he
00571    * trusts (do not send an RDN sequence).
00572    */
00573   int ignore_rdn_sequence;
00574 
00575   /* This is used to set an arbitary version in the RSA
00576    * PMS secret. Can be used by clients to test whether the
00577    * server checks that version. (** only used in gnutls-cli-debug)
00578    */
00579   opaque rsa_pms_version[2];
00580 
00581   /* Here we cache the DH or RSA parameters got from the
00582    * credentials structure, or from a callback. That is to
00583    * minimize external calls.
00584    */
00585   MHD_gtls_internal_params_st params;
00586 
00587   /* This buffer is used by the record recv functions,
00588    * as a temporary store buffer.
00589    */
00590   MHD_gnutls_datum_t recv_buffer;
00591 
00592   /* To avoid using global variables, and especially on Windows where
00593    * the application may use a different errno variable than GnuTLS,
00594    * it is possible to use MHD__gnutls_transport_set_errno to set a
00595    * session-specific errno variable in the user-replaceable push/pull
00596    * functions.  This value is used by the send/recv functions.  (The
00597    * strange name of this variable is because 'errno' is typically
00598    * #define'd.)
00599    */
00600   int errnum;
00601 
00602   /* Function used to perform public-key signing operation during
00603      handshake.  Used by MHD_gnutls_sig.c:MHD__gnutls_tls_sign(), see also
00604      MHD_gtls_sign_callback_set(). */
00605   MHD_gnutls_sign_func sign_func;
00606   void *sign_func_userdata;
00607 
00608   /* If you add anything here, check MHD_gtls_handshake_internal_state_clear().
00609    */
00610 } MHD_gtls_internals_st;
00611 
00612 struct MHD_gtls_session_int
00613 {
00614   MHD_gtls_security_param_st security_parameters;
00615   MHD_gtls_cipher_specs_st cipher_specs;
00616   MHD_gtls_conn_stat_st connection_state;
00617   MHD_gtls_internals_st internals;
00618   MHD_gtls_key_st key;
00619 };
00620 
00621 /* functions */
00622 void MHD_gtls_set_current_version (MHD_gtls_session_t session,
00623                                    enum MHD_GNUTLS_Protocol version);
00624 
00625 void MHD_gtls_free_auth_info (MHD_gtls_session_t session);
00626 
00627 /* These two macros return the advertized TLS version of
00628  * the peer.
00629  */
00630 #define MHD__gnutls_get_adv_version_major( session) \
00631         session->internals.adv_version_major
00632 
00633 #define MHD__gnutls_get_adv_version_minor( session) \
00634         session->internals.adv_version_minor
00635 
00636 #define set_adv_version( session, major, minor) \
00637         session->internals.adv_version_major = major; \
00638         session->internals.adv_version_minor = minor
00639 
00640 enum MHD_GNUTLS_Protocol MHD_gtls_get_adv_version (MHD_gtls_session_t);
00641 
00642 #endif /* GNUTLS_INT_H */

Generated by  doxygen 1.6.2