From: Simon Ruderich Date: Thu, 8 Aug 2013 15:20:58 +0000 (+0200) Subject: Add initialize_tls_session_both() to reduce duplication. X-Git-Url: https://ruderich.org/simon/gitweb/?a=commitdiff_plain;h=50ea3161c83c2d0a7599530cca7986d9fb03262f;p=tlsproxy%2Ftlsproxy.git Add initialize_tls_session_both() to reduce duplication. --- diff --git a/src/connection.c b/src/connection.c index 3602842..291bbfa 100644 --- a/src/connection.c +++ b/src/connection.c @@ -59,6 +59,10 @@ static int initialize_tls_session_client(int peer_socket, static int initialize_tls_session_server(int peer_socket, gnutls_session_t *session, gnutls_certificate_credentials_t *x509_cred); +static int initialize_tls_session_both(int flags, + int peer_socket, + gnutls_session_t *session, + gnutls_certificate_credentials_t *x509_cred); static int fdopen_read_write(int socket, FILE **read_fd, FILE **write_fd); static int read_http_request(FILE *client_fd, char *request, size_t length); @@ -432,37 +436,8 @@ static int initialize_tls_session_client(int peer_socket, gnutls_certificate_set_dh_params(*x509_cred, global_tls_dh_params); - result = gnutls_init(session, GNUTLS_SERVER); - if (result != GNUTLS_E_SUCCESS) { - LOG(ERROR, - "initialize_tls_session_client(): gnutls_init(): %s", - gnutls_strerror(result)); - gnutls_certificate_free_credentials(*x509_cred); - return -1; - } - result = gnutls_priority_set(*session, global_tls_priority_cache); - if (result != GNUTLS_E_SUCCESS) { - LOG(ERROR, - "initialize_tls_session_client(): gnutls_priority_set(): %s", - gnutls_strerror(result)); - gnutls_deinit(*session); - gnutls_certificate_free_credentials(*x509_cred); - return -1; - } - result = gnutls_credentials_set(*session, - GNUTLS_CRD_CERTIFICATE, *x509_cred); - if (result != GNUTLS_E_SUCCESS) { - LOG(ERROR, - "initialize_tls_session_client(): gnutls_credentials_set(): %s", - gnutls_strerror(result)); - gnutls_deinit(*session); - gnutls_certificate_free_credentials(*x509_cred); - return -1; - } - - gnutls_transport_set_ptr(*session, (gnutls_transport_ptr_t)peer_socket); - - return 0; + return initialize_tls_session_both(GNUTLS_SERVER, + peer_socket, session, x509_cred); } static int initialize_tls_session_server(int peer_socket, gnutls_session_t *session, @@ -478,10 +453,19 @@ static int initialize_tls_session_server(int peer_socket, return -1; } - result = gnutls_init(session, GNUTLS_CLIENT); + return initialize_tls_session_both(GNUTLS_CLIENT, + peer_socket, session, x509_cred); +} +static int initialize_tls_session_both(int flags, + int peer_socket, + gnutls_session_t *session, + gnutls_certificate_credentials_t *x509_cred) { + int result; + + result = gnutls_init(session, flags); if (result != GNUTLS_E_SUCCESS) { LOG(ERROR, - "initialize_tls_session_server(): gnutls_init(): %s", + "initialize_tls_session_both(): gnutls_init(): %s", gnutls_strerror(result)); gnutls_certificate_free_credentials(*x509_cred); return -1; @@ -489,7 +473,7 @@ static int initialize_tls_session_server(int peer_socket, result = gnutls_priority_set(*session, global_tls_priority_cache); if (result != GNUTLS_E_SUCCESS) { LOG(ERROR, - "initialize_tls_session_server(): gnutls_priority_set(): %s", + "initialize_tls_session_both(): gnutls_priority_set(): %s", gnutls_strerror(result)); gnutls_deinit(*session); gnutls_certificate_free_credentials(*x509_cred); @@ -499,7 +483,7 @@ static int initialize_tls_session_server(int peer_socket, GNUTLS_CRD_CERTIFICATE, *x509_cred); if (result != GNUTLS_E_SUCCESS) { LOG(ERROR, - "initialize_tls_session_server(): gnutls_credentials_set(): %s", + "initialize_tls_session_both(): gnutls_credentials_set(): %s", gnutls_strerror(result)); gnutls_deinit(*session); gnutls_certificate_free_credentials(*x509_cred);