Added support for Digest and NTLM authentication using GnuTLS.

author: Dan Fandrich <dan@coneharvesters.com> 2009-02-12 20:48:40 +0000
committer: Dan Fandrich <dan@coneharvesters.com> 2009-02-12 20:48:40 +0000
commit: 9a4c887c4a7279acc4cae66b11540746244e9cc3 (patch)
tree: 395649682d8b46f2a83c5f12d5fa772cb5517180 /lib/gtls.c
parent: de41c6ef4344ff7135274a0481e11c3c1a38a0d5 (diff)
1 files changed, 26 insertions, 0 deletions
diff --git a/lib/gtls.c b/lib/gtls.c
index 53a7400a8..b37edd45f 100644
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -33,6 +33,7 @@
 #ifdef USE_GNUTLS
 #include <gnutls/gnutls.h>
 #include <gnutls/x509.h>
+#include <gcrypt.h>
 
 #include <string.h>
 #include <stdlib.h>
@@ -777,4 +778,29 @@ size_t Curl_gtls_version(char *buffer, size_t size)
   return snprintf(buffer, size, "GnuTLS/%s", gnutls_check_version(NULL));
 }
 
+static void gtls_seed(struct SessionHandle *data)
+{
+  /* TODO: to a good job seeding the RNG */
+  /* This may involve the gcry_control function and these options: */
+  /* GCRYCTL_SET_RANDOM_SEED_FILE */
+  /* GCRYCTL_SET_RNDEGD_SOCKET */
+}
+
+int Curl_gtls_seed(struct SessionHandle *data)
+{
+  /* we have the "SSL is seeded" boolean static to prevent multiple
+     time-consuming seedings in vain */
+  static bool ssl_seeded = FALSE;
+
+  /* Quickly add a bit of entropy */
+  gcry_fast_random_poll();
+
+  if(!ssl_seeded || data->set.str[STRING_SSL_RANDOM_FILE] ||
+     data->set.str[STRING_SSL_EGDSOCKET]) {
+    gtls_seed(data);
+    ssl_seeded = TRUE;
+  }
+  return 0;
+}
+
 #endif /* USE_GNUTLS */
author	Dan Fandrich <dan@coneharvesters.com>	2009-02-12 20:48:40 +0000
committer	Dan Fandrich <dan@coneharvesters.com>	2009-02-12 20:48:40 +0000
commit	9a4c887c4a7279acc4cae66b11540746244e9cc3 (patch)
tree	395649682d8b46f2a83c5f12d5fa772cb5517180 /lib/gtls.c
parent	de41c6ef4344ff7135274a0481e11c3c1a38a0d5 (diff)