File gnutls-1.4.4-sign-callback.patch of Package gnutls

Overview Repositories Revisions Requests Users Attributes Meta

File gnutls-1.4.4-sign-callback.patch of Package gnutls

--- gnutls-1.4.4/includes/gnutls/gnutls.h.in~	2007-03-06 10:58:32.000000000 -0500
+++ gnutls-1.4.4/includes/gnutls/gnutls.h.in	2007-03-08 14:59:14.000000000 -0500
@@ -970,6 +970,14 @@ extern "C"
     (gnutls_certificate_credentials_t cred,
      gnutls_certificate_server_retrieve_function * func);
 
+  typedef int gnutls_certificate_client_sign_function (gnutls_datum_t * cert,
+                                                       gnutls_certificate_type_t cert_type,
+                                                       const gnutls_datum_t *hash_concat,
+                                                       gnutls_datum_t * signature);
+  void gnutls_certificate_client_set_sign_function
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_client_sign_function * func);
+
   void gnutls_certificate_server_set_request (gnutls_session_t session,
 					      gnutls_certificate_request_t
 					      req);
--- gnutls-1.4.4/lib/auth_cert.h~	2006-03-08 05:44:59.000000000 -0500
+++ gnutls-1.4.4/lib/auth_cert.h	2007-03-08 14:37:10.000000000 -0500
@@ -95,6 +95,7 @@ typedef struct gnutls_certificate_creden
 
   gnutls_certificate_client_retrieve_function *client_get_cert_callback;
   gnutls_certificate_server_retrieve_function *server_get_cert_callback;
+  gnutls_certificate_client_sign_function *client_sign_callback;
 } certificate_credentials_st;
 
 typedef struct rsa_info_st
--- gnutls-1.4.4/lib/gnutls_cert.c~	2006-03-21 11:11:25.000000000 -0500
+++ gnutls-1.4.4/lib/gnutls_cert.c	2007-03-08 15:13:28.000000000 -0500
@@ -363,6 +363,12 @@ void gnutls_certificate_server_set_retri
   cred->server_get_cert_callback = func;
 }
 
+void gnutls_certificate_client_set_sign_function
+    (gnutls_certificate_credentials_t cred,
+     gnutls_certificate_client_sign_function * func)
+{
+    cred->client_sign_callback = func;
+}
 
 /* These are set by the gnutls_extra library's initialization function.
  */
--- gnutls-1.4.4/lib/auth_cert.c~	2006-06-28 05:06:09.000000000 -0400
+++ gnutls-1.4.4/lib/auth_cert.c	2007-03-08 15:01:28.000000000 -0500
@@ -1301,20 +1301,25 @@ _gnutls_gen_cert_client_cert_vrfy (gnutl
       return ret;
     }
 
-  if (apr_pkey != NULL)
+  if (apr_pkey == NULL)
     {
-      if ((ret =
-	   _gnutls_tls_sign_hdata (session,
-				   &apr_cert_list[0],
-				   apr_pkey, &signature)) < 0)
-	{
-	  gnutls_assert ();
-	  return ret;
-	}
-    }
-  else
+      gnutls_certificate_credentials_t cred;
+      cred = (gnutls_certificate_credentials_t)
+          _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL);
+
+      if (cred == NULL || cred->client_sign_callback == NULL)
+        {
+          return 0;
+        }
+    }
+
+  if ((ret =
+       _gnutls_tls_sign_hdata (session,
+                               &apr_cert_list[0],
+                               apr_pkey, &signature)) < 0)
     {
-      return 0;
+      gnutls_assert ();
+      return ret;
     }
 
   *data = gnutls_malloc (signature.size + 2);
--- gnutls-1.4.4/lib/gnutls_sig.c~	2006-03-08 05:44:59.000000000 -0500
+++ gnutls-1.4.4/lib/gnutls_sig.c	2007-03-08 15:06:52.000000000 -0500
@@ -57,6 +57,7 @@ _gnutls_tls_sign_hdata (gnutls_session_t
   mac_hd_t td_md5;
   mac_hd_t td_sha;
   gnutls_protocol_t ver = gnutls_protocol_get_version (session);
+  gnutls_certificate_credentials_t cred;
 
   td_sha = _gnutls_hash_copy (session->internals.handshake_mac_handle_sha);
   if (td_sha == NULL)
@@ -111,7 +112,15 @@ _gnutls_tls_sign_hdata (gnutls_session_t
       gnutls_assert ();
       return GNUTLS_E_INTERNAL_ERROR;
     }
-  ret = _gnutls_tls_sign (cert, pkey, &dconcat, signature);
+
+  cred = (gnutls_certificate_credentials_t)
+      _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL);
+
+  if (cred != NULL && cred->client_sign_callback != NULL)
+      ret = cred->client_sign_callback (&cert->raw, cert->cert_type, &dconcat, signature);
+  else
+      ret = _gnutls_tls_sign (cert, pkey, &dconcat, signature);
+
   if (ret < 0)
     {
       gnutls_assert ();
--- gnutls-1.4.4/includes/gnutls/gnutls.h.in~	2007-03-09 12:48:09.000000000 -0500
+++ gnutls-1.4.4/includes/gnutls/gnutls.h.in	2007-03-09 12:48:48.000000000 -0500
@@ -970,7 +970,8 @@ extern "C"
     (gnutls_certificate_credentials_t cred,
      gnutls_certificate_server_retrieve_function * func);
 
-  typedef int gnutls_certificate_client_sign_function (gnutls_datum_t * cert,
+  typedef int gnutls_certificate_client_sign_function (gnutls_session_t session,
+                                                       gnutls_datum_t * cert,
                                                        gnutls_certificate_type_t cert_type,
                                                        const gnutls_datum_t *hash_concat,
                                                        gnutls_datum_t * signature);
--- gnutls-1.4.4/lib/gnutls_sig.c~	2007-03-09 12:50:46.000000000 -0500
+++ gnutls-1.4.4/lib/gnutls_sig.c	2007-03-09 12:51:15.000000000 -0500
@@ -117,7 +117,9 @@ _gnutls_tls_sign_hdata (gnutls_session_t
       _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL);
 
   if (cred != NULL && cred->client_sign_callback != NULL)
-      ret = cred->client_sign_callback (&cert->raw, cert->cert_type, &dconcat, signature);
+      ret = cred->client_sign_callback (session,
+                                        &cert->raw, cert->cert_type,
+                                        &dconcat, signature);
   else
       ret = _gnutls_tls_sign (cert, pkey, &dconcat, signature);
 
--- gnutls-1.4.4/lib/auth_cert.c~	2007-03-12 12:48:09.000000000 -0400
+++ gnutls-1.4.4/lib/auth_cert.c	2007-03-13 14:52:42.000000000 -0400
@@ -1301,6 +1301,11 @@ _gnutls_gen_cert_client_cert_vrfy (gnutl
       return ret;
     }
 
+  if (apr_cert_list_length == 0)
+    {
+      return 0;
+    }
+
   if (apr_pkey == NULL)
     {
       gnutls_certificate_credentials_t cred;

Places

File gnutls-1.4.4-sign-callback.patch of Package gnutls

Places