added versioning support in crypto registration API, to avoid using

structures from previous or later versions.
author: Nikos Mavrogiannopoulos <nmav@crystal.(none)> 2008-05-06 18:16:09 +0300
committer: Nikos Mavrogiannopoulos <nmav@crystal.(none)> 2008-05-06 18:16:09 +0300
commit: 4ef94e2de7d2af2900c86097581c470362633618 (patch)
tree: db483f212dc6aea6acac78858bc4cf0a174f36fc
parent: 14a7c3138cac99b725ff3120b6671f53ab73c6ff (diff)
download: gnutls-4ef94e2de7d2af2900c86097581c470362633618.tar.gz
3 files changed, 121 insertions, 35 deletions
diff --git a/NEWS b/NEWS
index 77b7cb2dc8..60de271df9 100644
--- a/NEWS
+++ b/NEWS
@@ -3,10 +3,23 @@ Copyright (C) 2004, 2005, 2006, 2007, 2008 Simon Josefsson
 Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavrogiannopoulos
 See the end for copying conditions.
 
-* Version 2.3.8 (unreleased)
+* Version 2.5.0 (unreleased)
+
+** Added wide wildcard hostname matching. Patch by Jean-Philippe Garcia
+Ballester.
+
+** Added API to replace and update the crypto backend.
 
 ** API and ABI modifications:
-No changes since last version.
+gnutls_crypto_single_cipher_register2: Added
+gnutls_crypto_single_mac_register2: Added
+gnutls_crypto_single_digest_register2: Added
+gnutls_crypto_cipher_register2: Added
+gnutls_crypto_mac_register2: Added
+gnutls_crypto_digest_register2: Added
+gnutls_crypto_rnd_register2: Added
+gnutls_crypto_pk_register2: Added
+gnutls_crypto_bigint_register2: Added
 
 * Version 2.3.7 (released 2008-04-21)
 
diff --git a/includes/gnutls/crypto.h b/includes/gnutls/crypto.h
index 82e9d39132..d7429cb113 100644
--- a/includes/gnutls/crypto.h
+++ b/includes/gnutls/crypto.h
@@ -25,6 +25,7 @@
 #ifndef GNUTLS_CRYPTO_H
 # define GNUTLS_CRYPTO_H
 
+#define GNUTLS_CRYPTO_API_VERSION 0x01
 typedef struct {
   int (*init)( void** ctx);
   int (*setkey)( void* ctx, const void * key, size_t keysize);
@@ -189,16 +190,28 @@ typedef struct gnutls_crypto_pk {
 
 /* priority: infinity for backend algorithms, 90 for kernel algorithms - lowest wins 
  */
-int gnutls_crypto_single_cipher_register( gnutls_cipher_algorithm_t algorithm, int priority, gnutls_crypto_single_cipher_st* s);
-int gnutls_crypto_single_mac_register( gnutls_mac_algorithm_t algorithm, int priority, gnutls_crypto_single_mac_st* s);
-int gnutls_crypto_single_digest_register( gnutls_digest_algorithm_t algorithm, int priority, gnutls_crypto_single_digest_st* s);
+#define gnutls_crypto_single_cipher_register( algo, prio, st) gnutls_crypto_single_cipher_register2( algo, prio, GNUTLS_CRYPTO_API_VERSION, st)
+#define gnutls_crypto_single_mac_register( algo, prio, st) gnutls_crypto_single_mac_register2( algo, prio, GNUTLS_CRYPTO_API_VERSION, st)
+#define gnutls_crypto_single_digest_register( algo, prio, st) gnutls_crypto_single_digest_register2( algo, prio, GNUTLS_CRYPTO_API_VERSION, st)
 
-int gnutls_crypto_cipher_register( int priority, gnutls_crypto_cipher_st* s);
-int gnutls_crypto_mac_register( int priority, gnutls_crypto_mac_st* s);
-int gnutls_crypto_digest_register( int priority, gnutls_crypto_digest_st* s);
+int gnutls_crypto_single_cipher_register2( gnutls_cipher_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_cipher_st* s);
+int gnutls_crypto_single_mac_register2( gnutls_mac_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_mac_st* s);
+int gnutls_crypto_single_digest_register2( gnutls_digest_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_digest_st* s);
 
-int gnutls_crypto_rnd_register( int priority, gnutls_crypto_rnd_st* s);
-int gnutls_crypto_pk_register( int priority, gnutls_crypto_pk_st* s);
-int gnutls_crypto_bigint_register( int priority, gnutls_crypto_bigint_st* s);
+#define gnutls_crypto_cipher_register( prio, st) gnutls_crypto_cipher_register2( prio, GNUTLS_CRYPTO_API_VERSION, st)
+#define gnutls_crypto_mac_register( prio, st) gnutls_crypto_mac_register2( prio, GNUTLS_CRYPTO_API_VERSION, st)
+#define gnutls_crypto_digest_register( prio, st) gnutls_crypto_digest_register2( prio, GNUTLS_CRYPTO_API_VERSION, st)
+
+int gnutls_crypto_cipher_register2( int priority, int version, gnutls_crypto_cipher_st* s);
+int gnutls_crypto_mac_register2( int priority, int version, gnutls_crypto_mac_st* s);
+int gnutls_crypto_digest_register2( int priority, int version, gnutls_crypto_digest_st* s);
+
+#define gnutls_crypto_rnd_register( prio, st) gnutls_crypto_rnd_register2( prio, GNUTLS_CRYPTO_API_VERSION, st)
+#define gnutls_crypto_pk_register( prio, st) gnutls_crypto_pk_register2( prio, GNUTLS_CRYPTO_API_VERSION, st)
+#define gnutls_crypto_bigint_register( prio, st) gnutls_crypto_bigint_register2( prio, GNUTLS_CRYPTO_API_VERSION, st)
+
+int gnutls_crypto_rnd_register2( int priority, int version, gnutls_crypto_rnd_st* s);
+int gnutls_crypto_pk_register2( int priority, int version, gnutls_crypto_pk_st* s);
+int gnutls_crypto_bigint_register2( int priority, int version, gnutls_crypto_bigint_st* s);
 
 #endif
diff --git a/lib/crypto.c b/lib/crypto.c
index 1a5ca213e0..4e5e7e85e2 100644
--- a/lib/crypto.c
+++ b/lib/crypto.c
@@ -129,9 +129,10 @@ void _gnutls_crypto_deregister(void)
 }
 
 /**
-  * gnutls_crypto_single_cipher_register - register a cipher algorithm
+  * gnutls_crypto_single_cipher_register2 - register a cipher algorithm
   * @algorithm: is the gnutls algorithm identifier
   * @priority: is the priority of the algorithm
+  * @version: should be set to %GNUTLS_CRYPTO_API_VERSION
   * @s: is a structure holding new cipher's data
   *
   * This function will register a cipher algorithm to be used
@@ -145,8 +146,13 @@ void _gnutls_crypto_deregister(void)
   * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
   *
   **/
-int gnutls_crypto_single_cipher_register( gnutls_cipher_algorithm_t algorithm, int priority, gnutls_crypto_single_cipher_st* s)
+int gnutls_crypto_single_cipher_register2( gnutls_cipher_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_cipher_st* s)
 {
+  if (version != GNUTLS_CRYPTO_API_VERSION)
+    {
+      gnutls_assert();
+      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+    }
   return _algo_register( &glob_cl, algorithm, priority, s);
 }
 
@@ -156,8 +162,9 @@ gnutls_crypto_single_cipher_st *_gnutls_get_crypto_cipher( gnutls_cipher_algorit
 }
 
 /**
-  * gnutls_crypto_rnd_register - register a random generator
+  * gnutls_crypto_rnd_register2 - register a random generator
   * @priority: is the priority of the generator
+  * @version: should be set to %GNUTLS_CRYPTO_API_VERSION
   * @s: is a structure holding new generator's data
   *
   * This function will register a random generator to be used
@@ -171,10 +178,16 @@ gnutls_crypto_single_cipher_st *_gnutls_get_crypto_cipher( gnutls_cipher_algorit
   * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
   *
   **/
-int gnutls_crypto_rnd_register( int priority, gnutls_crypto_rnd_st* s)
+int gnutls_crypto_rnd_register2( int priority, int version, gnutls_crypto_rnd_st* s)
 {
+  if (version != GNUTLS_CRYPTO_API_VERSION)
+    {
+      gnutls_assert();
+      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+    }
+
   if (crypto_rnd_prio > priority) {
-	_gnutls_rnd_ops = *s;
+        memcpy( &_gnutls_rnd_ops, s, sizeof(*s));
 	crypto_rnd_prio = priority;
         return 0;
   }
@@ -182,9 +195,10 @@ int gnutls_crypto_rnd_register( int priority, gnutls_crypto_rnd_st* s)
 }
 
 /**
-  * gnutls_crypto_single_mac_register - register a MAC algorithm
+  * gnutls_crypto_single_mac_register2 - register a MAC algorithm
   * @algorithm: is the gnutls algorithm identifier
   * @priority: is the priority of the algorithm
+  * @version: should be set to %GNUTLS_CRYPTO_API_VERSION
   * @s: is a structure holding new algorithms's data
   *
   * This function will register a MAC algorithm to be used
@@ -198,8 +212,14 @@ int gnutls_crypto_rnd_register( int priority, gnutls_crypto_rnd_st* s)
   * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
   *
   **/
-int gnutls_crypto_single_mac_register( gnutls_mac_algorithm_t algorithm, int priority, gnutls_crypto_single_mac_st* s)
+int gnutls_crypto_single_mac_register2( gnutls_mac_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_mac_st* s)
 {
+  if (version != GNUTLS_CRYPTO_API_VERSION)
+    {
+      gnutls_assert();
+      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+    }
+
   return _algo_register( &glob_ml, algorithm, priority, s);
 }
 
@@ -209,9 +229,10 @@ gnutls_crypto_single_mac_st *_gnutls_get_crypto_mac( gnutls_mac_algorithm_t algo
 }
 
 /**
-  * gnutls_crypto_single_digest_register - register a digest algorithm
+  * gnutls_crypto_single_digest_register2 - register a digest algorithm
   * @algorithm: is the gnutls algorithm identifier
   * @priority: is the priority of the algorithm
+  * @version: should be set to %GNUTLS_CRYPTO_API_VERSION
   * @s: is a structure holding new algorithms's data
   *
   * This function will register a digest (hash) algorithm to be used
@@ -225,8 +246,13 @@ gnutls_crypto_single_mac_st *_gnutls_get_crypto_mac( gnutls_mac_algorithm_t algo
   * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
   *
   **/
-int gnutls_crypto_single_digest_register( gnutls_digest_algorithm_t algorithm, int priority, gnutls_crypto_single_digest_st* s)
+int gnutls_crypto_single_digest_register2( gnutls_digest_algorithm_t algorithm, int priority, int version, gnutls_crypto_single_digest_st* s)
 {
+  if (version != GNUTLS_CRYPTO_API_VERSION)
+    {
+      gnutls_assert();
+      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+    }
   return _algo_register( &glob_dl, algorithm, priority, s);
 }
 
@@ -236,8 +262,9 @@ gnutls_crypto_single_digest_st *_gnutls_get_crypto_digest( gnutls_digest_algorit
 }
 
 /**
-  * gnutls_crypto_bigint_register - register a bigint interface
+  * gnutls_crypto_bigint_register2 - register a bigint interface
   * @priority: is the priority of the interface
+  * @version: should be set to %GNUTLS_CRYPTO_API_VERSION
   * @s: is a structure holding new interface's data
   *
   * This function will register an interface for gnutls to operate
@@ -254,10 +281,16 @@ gnutls_crypto_single_digest_st *_gnutls_get_crypto_digest( gnutls_digest_algorit
   * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
   *
   **/
-int gnutls_crypto_bigint_register( int priority, gnutls_crypto_bigint_st* s)
+int gnutls_crypto_bigint_register2( int priority, int version, gnutls_crypto_bigint_st* s)
 {
+  if (version != GNUTLS_CRYPTO_API_VERSION)
+    {
+      gnutls_assert();
+      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+    }
+
   if (crypto_bigint_prio > priority) {
-	_gnutls_mpi_ops = *s;
+        memcpy( &_gnutls_mpi_ops, s, sizeof(*s));
 	crypto_bigint_prio = priority;
         return 0;
   }
@@ -265,8 +298,9 @@ int gnutls_crypto_bigint_register( int priority, gnutls_crypto_bigint_st* s)
 }
 
 /**
-  * gnutls_crypto_pk_register - register a public key interface
+  * gnutls_crypto_pk_register2 - register a public key interface
   * @priority: is the priority of the interface
+  * @version: should be set to %GNUTLS_CRYPTO_API_VERSION
   * @s: is a structure holding new interface's data
   *
   * This function will register an interface for gnutls to operate
@@ -283,10 +317,15 @@ int gnutls_crypto_bigint_register( int priority, gnutls_crypto_bigint_st* s)
   * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
   *
   **/
-int gnutls_crypto_pk_register( int priority, gnutls_crypto_pk_st* s)
+int gnutls_crypto_pk_register2( int priority, int version, gnutls_crypto_pk_st* s)
 {
+  if (version != GNUTLS_CRYPTO_API_VERSION)
+    {
+      gnutls_assert();
+      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+    }
   if (crypto_pk_prio > priority) {
-	_gnutls_pk_ops = *s;
+        memcpy( &_gnutls_pk_ops, s, sizeof(*s));
 	crypto_pk_prio = priority;
         return 0;
   }
@@ -294,8 +333,9 @@ int gnutls_crypto_pk_register( int priority, gnutls_crypto_pk_st* s)
 }
 
 /**
-  * gnutls_crypto_cipher_register - register a cipher interface
+  * gnutls_crypto_cipher_register2 - register a cipher interface
   * @priority: is the priority of the cipher interface
+  * @version: should be set to %GNUTLS_CRYPTO_API_VERSION
   * @s: is a structure holding new interface's data
   *
   * This function will register a cipher interface to be used
@@ -309,10 +349,16 @@ int gnutls_crypto_pk_register( int priority, gnutls_crypto_pk_st* s)
   * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
   *
   **/
-int gnutls_crypto_cipher_register( int priority, gnutls_crypto_cipher_st* s)
+int gnutls_crypto_cipher_register2( int priority, int version, gnutls_crypto_cipher_st* s)
 {
+  if (version != GNUTLS_CRYPTO_API_VERSION)
+    {
+      gnutls_assert();
+      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+    }
+
   if (crypto_cipher_prio > priority) {
-	_gnutls_cipher_ops = *s;
+        memcpy( &_gnutls_cipher_ops, s, sizeof(*s));
 	crypto_cipher_prio = priority;
         return 0;
   }
@@ -320,8 +366,9 @@ int gnutls_crypto_cipher_register( int priority, gnutls_crypto_cipher_st* s)
 }
 
 /**
-  * gnutls_crypto_mac_register - register a mac interface
+  * gnutls_crypto_mac_register2 - register a mac interface
   * @priority: is the priority of the mac interface
+  * @version: should be set to %GNUTLS_CRYPTO_API_VERSION
   * @s: is a structure holding new interface's data
   *
   * This function will register a mac interface to be used
@@ -335,10 +382,16 @@ int gnutls_crypto_cipher_register( int priority, gnutls_crypto_cipher_st* s)
   * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
   *
   **/
-int gnutls_crypto_mac_register( int priority, gnutls_crypto_mac_st* s)
+int gnutls_crypto_mac_register2( int priority, int version, gnutls_crypto_mac_st* s)
 {
+  if (version != GNUTLS_CRYPTO_API_VERSION)
+    {
+      gnutls_assert();
+      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+    }
+
   if (crypto_mac_prio > priority) {
-	_gnutls_mac_ops = *s;
+        memcpy( &_gnutls_mac_ops, s, sizeof(*s));
 	crypto_mac_prio = priority;
         return 0;
   }
@@ -346,8 +399,9 @@ int gnutls_crypto_mac_register( int priority, gnutls_crypto_mac_st* s)
 }
 
 /**
-  * gnutls_crypto_digest_register - register a digest interface
+  * gnutls_crypto_digest_register2 - register a digest interface
   * @priority: is the priority of the digest interface
+  * @version: should be set to %GNUTLS_CRYPTO_API_VERSION
   * @s: is a structure holding new interface's data
   *
   * This function will register a digest interface to be used
@@ -361,10 +415,16 @@ int gnutls_crypto_mac_register( int priority, gnutls_crypto_mac_st* s)
   * Returns: %GNUTLS_E_SUCCESS on success, otherwise an error.
   *
   **/
-int gnutls_crypto_digest_register( int priority, gnutls_crypto_digest_st* s)
+int gnutls_crypto_digest_register2( int priority, int version, gnutls_crypto_digest_st* s)
 {
+  if (version != GNUTLS_CRYPTO_API_VERSION)
+    {
+      gnutls_assert();
+      return GNUTLS_E_UNIMPLEMENTED_FEATURE;
+    }
+
   if (crypto_digest_prio > priority) {
-	_gnutls_digest_ops = *s;
+        memcpy( &_gnutls_digest_ops, s, sizeof(*s));
 	crypto_digest_prio = priority;
         return 0;
   }
author	Nikos Mavrogiannopoulos <nmav@crystal.(none)>	2008-05-06 18:16:09 +0300
committer	Nikos Mavrogiannopoulos <nmav@crystal.(none)>	2008-05-06 18:16:09 +0300
commit	4ef94e2de7d2af2900c86097581c470362633618 (patch)
tree	db483f212dc6aea6acac78858bc4cf0a174f36fc
parent	14a7c3138cac99b725ff3120b6671f53ab73c6ff (diff)
download	gnutls-4ef94e2de7d2af2900c86097581c470362633618.tar.gz