/* GnuTLS glue for GNU Emacs.
- Copyright (C) 2010-2015 Free Software Foundation, Inc.
+ Copyright (C) 2010-2016 Free Software Foundation, Inc.
This file is part of GNU Emacs.
GNU Emacs is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
-the Free Software Foundation, either version 3 of the License, or
-(at your option) any later version.
+the Free Software Foundation, either version 3 of the License, or (at
+your option) any later version.
GNU Emacs is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
gnutls_hex_string (unsigned char *buf, ptrdiff_t buf_size, const char *prefix)
{
ptrdiff_t prefix_length = strlen (prefix);
- if ((STRING_BYTES_BOUND - prefix_length) / 3 < buf_size)
+ ptrdiff_t retlen;
+ if (INT_MULTIPLY_WRAPV (buf_size, 3, &retlen)
+ || INT_ADD_WRAPV (prefix_length - (buf_size != 0), retlen, &retlen))
string_overflow ();
- Lisp_Object ret = make_uninit_string (prefix_length + 3 * buf_size
- - (buf_size != 0));
+ Lisp_Object ret = make_uninit_string (retlen);
char *string = SSDATA (ret);
strcpy (string, prefix);
/* Initialize global GnuTLS state to defaults.
Call `gnutls-global-deinit' when GnuTLS usage is no longer needed.
Return zero on success. */
-static Lisp_Object
+Lisp_Object
emacs_gnutls_global_init (void)
{
int ret = GNUTLS_E_SUCCESS;
if (!gnutls_global_initialized)
- ret = gnutls_global_init ();
-
- gnutls_global_initialized = 1;
+ {
+ ret = gnutls_global_init ();
+ if (ret == GNUTLS_E_SUCCESS)
+ gnutls_global_initialized = 1;
+ }
return gnutls_make_error (ret);
}
instead.
:verify-error is a list of symbols to express verification checks or
-`t' to do all checks. Currently it can contain `:trustfiles' and
+t to do all checks. Currently it can contain `:trustfiles' and
`:hostname' to verify the certificate or the hostname respectively.
:min-prime-bits is the minimum accepted number of bits the client will
|| !NILP (Fmember (QCgnutls_bootprop_trustfiles, verify_error)))
{
emacs_gnutls_deinit (proc);
- error ("Certificate validation failed %s, verification code %d",
+ error ("Certificate validation failed %s, verification code %x",
c_hostname, peer_verification);
}
else
void
syms_of_gnutls (void)
{
+ DEFSYM (Qlibgnutls_version, "libgnutls-version");
+ Fset (Qlibgnutls_version,
+#ifdef HAVE_GNUTLS
+ make_number (GNUTLS_VERSION_MAJOR * 10000
+ + GNUTLS_VERSION_MINOR * 100
+ + GNUTLS_VERSION_PATCH)
+#else
+ make_number (-1)
+#endif
+ );
#ifdef HAVE_GNUTLS
gnutls_global_initialized = 0;
- DEFSYM (Qgnutls_dll, "gnutls");
DEFSYM (Qgnutls_code, "gnutls-code");
DEFSYM (Qgnutls_anon, "gnutls-anon");
DEFSYM (Qgnutls_x509pki, "gnutls-x509pki");
DEFSYM (QCgnutls_bootprop_trustfiles, ":trustfiles");
DEFSYM (QCgnutls_bootprop_keylist, ":keylist");
DEFSYM (QCgnutls_bootprop_crlfiles, ":crlfiles");
- DEFSYM (QCgnutls_bootprop_callbacks, ":callbacks");
DEFSYM (QCgnutls_bootprop_min_prime_bits, ":min-prime-bits");
DEFSYM (QCgnutls_bootprop_loglevel, ":loglevel");
DEFSYM (QCgnutls_bootprop_verify_flags, ":verify-flags");