diff options
| author | Daiki Ueno <dueno@redhat.com> | 2020-02-21 16:38:29 +0100 |
|---|---|---|
| committer | Daiki Ueno <dueno@redhat.com> | 2020-02-22 08:19:08 +0100 |
| commit | 8da3a71b358aa4a3199d1ee72c4e0d25a4588131 (patch) | |
| tree | d5b4d45bbdf4543e88ef4e0bcd58cad5789efa49 /lib/kx.c | |
| parent | 0f48ce3d377e4975324216543d9a2d352ec825c3 (diff) | |
| download | gnutls-tmp-keylog-func.tar.gz | |
keylogfile: simplify the callback mechanismtmp-keylog-func
This partially reverts commit 97117556 with a simpler interface. The
original intention of having the callback mechanism was to reuse it
for monitoring QUIC encryption changes. However, it turned out to be
insufficient because such changes must be emitted after a new epoch is
ready.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Diffstat (limited to 'lib/kx.c')
| -rw-r--r-- | lib/kx.c | 56 |
1 files changed, 12 insertions, 44 deletions
@@ -71,7 +71,7 @@ int _gnutls_generate_master(gnutls_session_t session, int keep_premaster) } /** - * gnutls_handshake_set_secret_function: + * gnutls_session_set_keylog_function: * @session: is #gnutls_session_t type * @func: is the function to be called * @@ -81,68 +81,36 @@ int _gnutls_generate_master(gnutls_session_t session, int keep_premaster) * Since: 3.6.13 */ void -gnutls_handshake_set_secret_function(gnutls_session_t session, - gnutls_handshake_secret_func func) +gnutls_session_set_keylog_function(gnutls_session_t session, + gnutls_keylog_func func) { - session->internals.secret_func = func; + session->internals.keylog_func = func; } int -_gnutls_call_secret_func(gnutls_session_t session, - gnutls_handshake_secret_type_t type, +_gnutls_call_keylog_func(gnutls_session_t session, + const char *label, const uint8_t *data, unsigned size) { - if (session->internals.secret_func) { + if (session->internals.keylog_func) { gnutls_datum_t secret = {(void*)data, size}; - return session->internals.secret_func(session, type, &secret); + return session->internals.keylog_func(session, label, &secret); } return 0; } -static const char * -secret_type_to_nss_keylog_label(gnutls_handshake_secret_type_t type) -{ - switch (type) { - case GNUTLS_SECRET_CLIENT_RANDOM: - return "CLIENT_RANDOM"; - case GNUTLS_SECRET_CLIENT_EARLY_TRAFFIC_SECRET: - return "CLIENT_EARLY_TRAFFIC_SECRET"; - case GNUTLS_SECRET_CLIENT_HANDSHAKE_TRAFFIC_SECRET: - return "CLIENT_HANDSHAKE_TRAFFIC_SECRET"; - case GNUTLS_SECRET_SERVER_HANDSHAKE_TRAFFIC_SECRET: - return "SERVER_HANDSHAKE_TRAFFIC_SECRET"; - case GNUTLS_SECRET_CLIENT_TRAFFIC_SECRET: - return "CLIENT_TRAFFIC_SECRET_0"; - case GNUTLS_SECRET_SERVER_TRAFFIC_SECRET: - return "SERVER_TRAFFIC_SECRET_0"; - case GNUTLS_SECRET_EARLY_EXPORTER_SECRET: - return "EARLY_EXPORTER_SECRET"; - case GNUTLS_SECRET_EXPORTER_SECRET: - return "EXPORTER_SECRET"; - default: - gnutls_assert(); - return NULL; - } -} - int -_gnutls_nss_keylog_secret_func(gnutls_session_t session, - gnutls_handshake_secret_type_t type, - const gnutls_datum_t *secret) +_gnutls_nss_keylog_func(gnutls_session_t session, + const char *label, + const gnutls_datum_t *secret) { - const char *label; - /* ignore subsequent traffic secrets that are calculated from * the previous traffic secret */ if (!session->internals.handshake_in_progress) return 0; - label = secret_type_to_nss_keylog_label(type); - if (unlikely(label == NULL)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - _gnutls_nss_keylog_write(session, label, secret->data, secret->size); return 0; } @@ -265,7 +233,7 @@ generate_normal_master(gnutls_session_t session, if (ret < 0) return ret; - ret = _gnutls_call_secret_func(session, GNUTLS_SECRET_CLIENT_RANDOM, + ret = _gnutls_call_keylog_func(session, "CLIENT_RANDOM", session->security_parameters.master_secret, GNUTLS_MASTER_SIZE); if (ret < 0) |