2 * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2008, 2009, 2010
3 * Free Software Foundation, Inc.
5 * Author: Nikos Mavrogiannopoulos
7 * This file is part of GNUTLS.
9 * The GNUTLS library is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public License
11 * as published by the Free Software Foundation; either version 2.1 of
12 * the License, or (at your option) any later version.
14 * This library is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
19 * You should have received a copy of the GNU Lesser General Public
20 * License along with this library; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
26 #include <gnutls_int.h>
27 #include <gnutls_errors.h>
29 #include <gnutls_dh.h>
33 #include <gnutls_extensions.h> /* for _gnutls_ext_init */
34 #include <gnutls_cryptodev.h>
39 /* Minimum library versions we accept. */
40 #define GNUTLS_MIN_LIBGCRYPT_VERSION "1.2.4"
41 #define GNUTLS_MIN_LIBTASN1_VERSION "0.3.4"
43 /* created by asn1c */
44 extern const ASN1_ARRAY_TYPE gnutls_asn1_tab
[];
45 extern const ASN1_ARRAY_TYPE pkix_asn1_tab
[];
47 ASN1_TYPE _gnutls_pkix1_asn
;
48 ASN1_TYPE _gnutls_gnutls_asn
;
50 gnutls_log_func _gnutls_log_func
;
51 int _gnutls_log_level
= 0; /* default log level */
54 * gnutls_global_set_log_function - set the logging function
55 * @log_func: it's a log function
57 * This is the function where you set the logging function gnutls is
58 * going to use. This function only accepts a character array.
59 * Normally you may not use this function since it is only used for
62 * gnutls_log_func is of the form,
63 * void (*gnutls_log_func)( int level, const char*);
66 gnutls_global_set_log_function (gnutls_log_func log_func
)
68 _gnutls_log_func
= log_func
;
72 * gnutls_global_set_log_level - set the logging level
73 * @level: it's an integer from 0 to 9.
75 * This is the function that allows you to set the log level. The
76 * level is an integer between 0 and 9. Higher values mean more
77 * verbosity. The default value is 0. Larger values should only be
78 * used with care, since they may reveal sensitive information.
80 * Use a log level over 10 to enable all debugging options.
83 gnutls_global_set_log_level (int level
)
85 _gnutls_log_level
= level
;
89 * gnutls_global_set_mem_functions - set the memory allocation functions
90 * @alloc_func: it's the default memory allocation function. Like malloc().
91 * @secure_alloc_func: This is the memory allocation function that will be used for sensitive data.
92 * @is_secure_func: a function that returns 0 if the memory given is not secure. May be NULL.
93 * @realloc_func: A realloc function
94 * @free_func: The function that frees allocated data. Must accept a NULL pointer.
96 * This is the function were you set the memory allocation functions
97 * gnutls is going to use. By default the libc's allocation functions
98 * (malloc(), free()), are used by gnutls, to allocate both sensitive
99 * and not sensitive data. This function is provided to set the
100 * memory allocation functions to something other than the defaults
101 * (ie the gcrypt allocation functions).
103 * This function must be called before gnutls_global_init() is called.
104 * This function is not thread safe.
107 gnutls_global_set_mem_functions (gnutls_alloc_function alloc_func
,
108 gnutls_alloc_function secure_alloc_func
,
109 gnutls_is_secure_function is_secure_func
,
110 gnutls_realloc_function realloc_func
,
111 gnutls_free_function free_func
)
113 gnutls_secure_malloc
= secure_alloc_func
;
114 gnutls_malloc
= alloc_func
;
115 gnutls_realloc
= realloc_func
;
116 gnutls_free
= free_func
;
118 if (is_secure_func
!= NULL
)
119 _gnutls_is_secure_memory
= is_secure_func
;
121 _gnutls_is_secure_memory
= _gnutls_is_secure_mem_null
;
123 /* if using the libc's default malloc
124 * use libc's calloc as well.
126 if (gnutls_malloc
== malloc
)
128 gnutls_calloc
= calloc
;
131 { /* use the included ones */
132 gnutls_calloc
= _gnutls_calloc
;
134 gnutls_strdup
= _gnutls_strdup
;
138 static int _gnutls_init
= 0;
141 * gnutls_global_init - initialize the global data to defaults.
143 * This function initializes the global data to defaults. Every
144 * gnutls application has a global data which holds common parameters
145 * shared by gnutls session structures. You should call
146 * gnutls_global_deinit() when gnutls usage is no longer needed
148 * Note that this function will also initialize libgcrypt, if it has
149 * not been initialized before. Thus if you want to manually
150 * initialize libgcrypt you must do it before calling this function.
151 * This is useful in cases you want to disable libgcrypt's internal
154 * This function increment a global counter, so that
155 * gnutls_global_deinit() only releases resources when it has been
156 * called as many times as gnutls_global_init(). This is useful when
157 * GnuTLS is used by more than one library in an application. This
158 * function can be called many times, but will only do something the
161 * Note! This function is not thread safe. If two threads call this
162 * function simultaneously, they can cause a race between checking
163 * the global counter and incrementing it, causing both threads to
164 * execute the library initialization code. That would lead to a
165 * memory leak. To handle this, your application could invoke this
166 * function after aquiring a thread mutex. To ignore the potential
167 * memory leak is also an option.
169 * Returns: On success, %GNUTLS_E_SUCCESS (zero) is returned,
170 * otherwise an error code is returned.
173 gnutls_global_init (void)
181 if (gl_sockets_startup (SOCKETS_1_1
))
182 return GNUTLS_E_LIBRARY_VERSION_MISMATCH
;
184 bindtextdomain (PACKAGE
, LOCALEDIR
);
186 /* Initialize libgcrypt if it hasn't already been initialized. */
187 if (gcry_control (GCRYCTL_ANY_INITIALIZATION_P
) == 0)
191 p
= gcry_check_version (GNUTLS_MIN_LIBGCRYPT_VERSION
);
196 _gnutls_debug_log ("Checking for libgcrypt failed: %s < %s\n",
197 gcry_check_version (NULL
),
198 GNUTLS_MIN_LIBGCRYPT_VERSION
);
199 return GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY
;
202 /* for gcrypt in order to be able to allocate memory */
203 gcry_control (GCRYCTL_DISABLE_SECMEM
, NULL
, 0);
205 gcry_control (GCRYCTL_INITIALIZATION_FINISHED
, NULL
, 0);
208 /* initialize ASN.1 parser
209 * This should not deal with files in the final
212 if (asn1_check_version (GNUTLS_MIN_LIBTASN1_VERSION
) == NULL
)
215 _gnutls_debug_log ("Checking for libtasn1 failed: %s < %s\n",
216 asn1_check_version (NULL
),
217 GNUTLS_MIN_LIBTASN1_VERSION
);
218 return GNUTLS_E_INCOMPATIBLE_LIBTASN1_LIBRARY
;
221 res
= asn1_array2tree (pkix_asn1_tab
, &_gnutls_pkix1_asn
, NULL
);
222 if (res
!= ASN1_SUCCESS
)
224 result
= _gnutls_asn2err (res
);
228 res
= asn1_array2tree (gnutls_asn1_tab
, &_gnutls_gnutls_asn
, NULL
);
229 if (res
!= ASN1_SUCCESS
)
231 asn1_delete_structure (&_gnutls_pkix1_asn
);
232 result
= _gnutls_asn2err (res
);
236 /* Initialize the random generator */
237 result
= _gnutls_rnd_init ();
244 /* Initialize the default TLS extensions */
245 result
= _gnutls_ext_init ();
252 _gnutls_cryptodev_init();
259 * gnutls_global_deinit - deinitialize the global data
261 * This function deinitializes the global data, that were initialized
262 * using gnutls_global_init().
264 * Note! This function is not thread safe. See the discussion for
265 * gnutls_global_init() for more information.
268 gnutls_global_deinit (void)
270 if (_gnutls_init
== 1)
272 gl_sockets_cleanup ();
273 _gnutls_rnd_deinit ();
274 _gnutls_ext_deinit ();
275 asn1_delete_structure (&_gnutls_gnutls_asn
);
276 asn1_delete_structure (&_gnutls_pkix1_asn
);
277 _gnutls_crypto_deregister ();
278 _gnutls_cryptodev_deinit();
283 /* These functions should be elsewere. Kept here for
284 * historical reasons.
288 * gnutls_transport_set_pull_function - set a read like function
289 * @pull_func: a callback function similar to read()
290 * @session: gnutls session
292 * This is the function where you set a function for gnutls to receive
293 * data. Normally, if you use berkeley style sockets, do not need to
294 * use this function since the default (recv(2)) will probably be ok.
296 * PULL_FUNC is of the form,
297 * ssize_t (*gnutls_pull_func)(gnutls_transport_ptr_t, void*, size_t);
300 gnutls_transport_set_pull_function (gnutls_session_t session
,
301 gnutls_pull_func pull_func
)
303 session
->internals
._gnutls_pull_func
= pull_func
;
307 * gnutls_transport_set_push_function - set the function to send data
308 * @push_func: a callback function similar to write()
309 * @session: gnutls session
311 * This is the function where you set a push function for gnutls to
312 * use in order to send data. If you are going to use berkeley style
313 * sockets, you do not need to use this function since the default
314 * (send(2)) will probably be ok. Otherwise you should specify this
315 * function for gnutls to be able to send data.
317 * PUSH_FUNC is of the form,
318 * ssize_t (*gnutls_push_func)(gnutls_transport_ptr_t, const void*, size_t);
321 gnutls_transport_set_push_function (gnutls_session_t session
,
322 gnutls_push_func push_func
)
324 session
->internals
._gnutls_push_func
= push_func
;
328 * gnutls_check_version - checks the libgnutls version
329 * @req_version: version string to compare with, or %NULL.
331 * Check GnuTLS Library version.
333 * See %GNUTLS_VERSION for a suitable @req_version string.
335 * Return value: Check that the version of the library is at
336 * minimum the one given as a string in @req_version and return the
337 * actual version string of the library; return %NULL if the
338 * condition is not met. If %NULL is passed to this function no
339 * check is done and only the version string is returned.
342 gnutls_check_version (const char *req_version
)
344 if (!req_version
|| strverscmp (req_version
, VERSION
) <= 0)