Add GnuTLS channel binding support

author Howard Chu <hyc@openldap.org>

Sat, 7 Sep 2013 16:38:47 +0000 (09:38 -0700)

committer Howard Chu <hyc@openldap.org>

Sat, 7 Sep 2013 16:38:47 +0000 (09:38 -0700)
author Howard Chu <hyc@openldap.org>
Sat, 7 Sep 2013 16:38:47 +0000 (09:38 -0700)
committer Howard Chu <hyc@openldap.org>
Sat, 7 Sep 2013 16:38:47 +0000 (09:38 -0700)
diff --git a/libraries/libldap/tls_g.c b/libraries/libldap/tls_g.c

index 4cfc32b25eb70cb6e2352bfa8fc5a94f5655d3a9..9acffaf7351a69c2be77f5d435beb1e8db7db18d 100644 (file)
--- a/libraries/libldap/tls_g.c
+++ b/libraries/libldap/tls_g.c
@@ -785,6 +785,22 @@ tlsg_session_strength( tls_session *session )
  static int
  tlsg_session_unique( tls_session *sess, struct berval *buf, int is_server)
  {
+/* channel bindings added in 2.12.0 */
+#if GNUTLS_VERSION_NUMBER >= 0x020c00
+       tlsg_session *s = (tlsg_session *)sess;
+       gnutls_datum_t cb;
+       int rc;
+
+       rc = gnutls_session_channel_binding( s->session, GNUTLS_CB_TLS_UNIQUE, &cb );
+       if ( rc == 0 ) {
+               int len = cb.size;
+               if ( len > buf->bv_len )
+                       len = buf->bv_len;
+               buf->bv_len = len;
+               memcpy( buf->bv_val, cb.data, len );
+               return len;
+       }
+#endif
         return 0;
  }
author	Howard Chu <hyc@openldap.org>
	Sat, 7 Sep 2013 16:38:47 +0000 (09:38 -0700)
committer	Howard Chu <hyc@openldap.org>
	Sat, 7 Sep 2013 16:38:47 +0000 (09:38 -0700)