4
4
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
6
6
<meta name="generator" content="DocBook XSL Stylesheets V1.75.2">
7
<link rel="home" href="index.html" title="GNU TLS API Reference Manual">
8
<link rel="up" href="ch01.html" title="GNU TLS API Reference Manual">
7
<link rel="home" href="index.html" title="GnuTLS API Reference Manual">
8
<link rel="up" href="intro.html" title="GnuTLS API Reference Manual">
9
9
<link rel="prev" href="gnutls-gnutls.html" title="gnutls">
10
10
<link rel="next" href="gnutls-x509.html" title="x509">
11
<meta name="generator" content="GTK-Doc V1.14 (XML mode)">
11
<meta name="generator" content="GTK-Doc V1.15 (XML mode)">
12
12
<link rel="stylesheet" href="style.css" type="text/css">
14
14
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF">
15
15
<table class="navigation" id="top" width="100%" summary="Navigation header" cellpadding="2" cellspacing="2">
16
16
<tr valign="middle">
17
17
<td><a accesskey="p" href="gnutls-gnutls.html"><img src="left.png" width="24" height="24" border="0" alt="Prev"></a></td>
18
<td><a accesskey="u" href="ch01.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
18
<td><a accesskey="u" href="intro.html"><img src="up.png" width="24" height="24" border="0" alt="Up"></a></td>
19
19
<td><a accesskey="h" href="index.html"><img src="home.png" width="24" height="24" border="0" alt="Home"></a></td>
20
<th width="100%" align="center">GNU TLS API Reference Manual</th>
20
<th width="100%" align="center">GnuTLS API Reference Manual</th>
21
21
<td><a accesskey="n" href="gnutls-x509.html"><img src="right.png" width="24" height="24" border="0" alt="Next"></a></td>
23
23
<tr><td colspan="5" class="shortcuts">
113
113
} gnutls_ia_apptype_t;
116
Enumeration of different certificate encoding formats.
118
<div class="variablelist"><table border="0">
119
<col align="left" valign="top">
122
<td><p><a name="GNUTLS-IA-APPLICATION-PAYLOAD:CAPS"></a><span class="term"><code class="literal">GNUTLS_IA_APPLICATION_PAYLOAD</code></span></p></td>
123
<td>TLS/IA application payload.
127
<td><p><a name="GNUTLS-IA-INTERMEDIATE-PHASE-FINISHED:CAPS"></a><span class="term"><code class="literal">GNUTLS_IA_INTERMEDIATE_PHASE_FINISHED</code></span></p></td>
128
<td>TLS/IA intermediate phase finished.
132
<td><p><a name="GNUTLS-IA-FINAL-PHASE-FINISHED:CAPS"></a><span class="term"><code class="literal">GNUTLS_IA_FINAL_PHASE_FINISHED</code></span></p></td>
133
<td>TLS/IA final phase finished.
119
140
<div class="refsect2" title="gnutls_ia_avp_func ()">
172
193
<a name="gnutls-ia-free-client-credentials"></a><h3>gnutls_ia_free_client_credentials ()</h3>
173
194
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_ia_free_client_credentials (<em class="parameter"><code><span class="type">gnutls_ia_client_credentials_t</span> sc</code></em>);</pre>
196
This structure is complex enough to manipulate directly thus this
197
helper function is provided in order to free (deallocate) it.
176
199
<div class="variablelist"><table border="0">
177
200
<col align="left" valign="top">
179
202
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
203
<td>is a <span class="type">gnutls_ia_client_credentials_t</span> structure.
188
211
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_ia_allocate_client_credentials
189
212
(<em class="parameter"><code><span class="type">gnutls_ia_client_credentials_t</span> *sc</code></em>);</pre>
214
This structure is complex enough to manipulate directly thus this
215
helper function is provided in order to allocate it.
218
Adding this credential to a session will enable TLS/IA, and will
219
require an Application Phase after the TLS handshake (if the server
220
support TLS/IA). Use <a class="link" href="gnutls-extra.html#gnutls-ia-enable" title="gnutls_ia_enable ()"><code class="function">gnutls_ia_enable()</code></a> to toggle the TLS/IA mode.
192
222
<div class="variablelist"><table border="0">
193
223
<col align="left" valign="top">
196
226
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
227
<td>is a pointer to a <span class="type">gnutls_ia_server_credentials_t</span> structure.
201
231
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
232
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
233
an error code is returned.
210
241
<a name="gnutls-ia-free-server-credentials"></a><h3>gnutls_ia_free_server_credentials ()</h3>
211
242
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_ia_free_server_credentials (<em class="parameter"><code><span class="type">gnutls_ia_server_credentials_t</span> sc</code></em>);</pre>
244
This structure is complex enough to manipulate directly thus this
245
helper function is provided in order to free (deallocate) it.
214
247
<div class="variablelist"><table border="0">
215
248
<col align="left" valign="top">
217
250
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
251
<td>is a <span class="type">gnutls_ia_server_credentials_t</span> structure.
226
259
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_ia_allocate_server_credentials
227
260
(<em class="parameter"><code><span class="type">gnutls_ia_server_credentials_t</span> *sc</code></em>);</pre>
262
This structure is complex enough to manipulate directly thus this
263
helper function is provided in order to allocate it.
266
Adding this credential to a session will enable TLS/IA, and will
267
require an Application Phase after the TLS handshake (if the client
268
support TLS/IA). Use <a class="link" href="gnutls-extra.html#gnutls-ia-enable" title="gnutls_ia_enable ()"><code class="function">gnutls_ia_enable()</code></a> to toggle the TLS/IA mode.
230
270
<div class="variablelist"><table border="0">
231
271
<col align="left" valign="top">
234
274
<td><p><span class="term"><em class="parameter"><code>sc</code></em> :</span></p></td>
275
<td>is a pointer to a <span class="type">gnutls_ia_server_credentials_t</span> structure.
239
279
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
280
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (0) is returned, otherwise
281
an error code is returned.
249
290
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_ia_set_client_avp_function (<em class="parameter"><code><span class="type">gnutls_ia_client_credentials_t</span> cred</code></em>,
250
291
<em class="parameter"><code><a class="link" href="gnutls-extra.html#gnutls-ia-avp-func" title="gnutls_ia_avp_func ()"><span class="type">gnutls_ia_avp_func</span></a> avp_func</code></em>);</pre>
293
Set the TLS/IA AVP callback handler used for the session.
296
The AVP callback is called to process AVPs received from the
297
server, and to get a new AVP to send to the server.
300
The callback's function form is:
301
int (*avp_func) (gnutls_session_t session, void *ptr,
302
const char *last, size_t lastlen,
303
char **next, size_t *nextlen);
306
The <em class="parameter"><code>session</code></em> parameter is the <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure
307
corresponding to the current session. The <em class="parameter"><code>ptr</code></em> parameter is the
308
application hook pointer, set through
309
<a class="link" href="gnutls-extra.html#gnutls-ia-set-client-avp-ptr" title="gnutls_ia_set_client_avp_ptr ()"><code class="function">gnutls_ia_set_client_avp_ptr()</code></a>. The AVP received from the server
310
is present in <em class="parameter"><code>last</code></em> of <em class="parameter"><code>lastlen</code></em> size, which will be <code class="literal">NULL</code> on the
311
first invocation. The newly allocated output AVP to send to the
312
server should be placed in *<em class="parameter"><code>next</code></em> of *<em class="parameter"><code>nextlen</code></em> size.
315
The callback may invoke <a class="link" href="gnutls-extra.html#gnutls-ia-permute-inner-secret" title="gnutls_ia_permute_inner_secret ()"><code class="function">gnutls_ia_permute_inner_secret()</code></a> to mix any
316
generated session keys with the TLS/IA inner secret.
319
Return 0 (<a class="link" href="gnutls-extra.html#GNUTLS-IA-APPLICATION-PAYLOAD:CAPS"><code class="literal">GNUTLS_IA_APPLICATION_PAYLOAD</code></a>) on success, or a negative
320
error code to abort the TLS/IA handshake.
323
Note that the callback must use allocate the <em class="parameter"><code>next</code></em> parameter using
324
<a class="link" href="gnutls-gnutls.html#gnutls-malloc" title="gnutls_malloc"><code class="function">gnutls_malloc()</code></a>, because it is released via <a class="link" href="gnutls-gnutls.html#gnutls-free" title="gnutls_free"><code class="function">gnutls_free()</code></a> by the
325
TLS/IA handshake function.
253
327
<div class="variablelist"><table border="0">
254
328
<col align="left" valign="top">
257
331
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
332
<td>is a <span class="type">gnutls_ia_client_credentials_t</span> structure.
262
336
<td><p><span class="term"><em class="parameter"><code>avp_func</code></em> :</span></p></td>
337
<td>is the callback function
272
346
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_ia_set_client_avp_ptr (<em class="parameter"><code><span class="type">gnutls_ia_client_credentials_t</span> cred</code></em>,
273
347
<em class="parameter"><code><span class="type">void</span> *ptr</code></em>);</pre>
349
Sets the pointer that will be provided to the TLS/IA callback
350
function as the first argument.
276
352
<div class="variablelist"><table border="0">
277
353
<col align="left" valign="top">
280
356
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
357
<td>is a <span class="type">gnutls_ia_client_credentials_t</span> structure.
285
361
<td><p><span class="term"><em class="parameter"><code>ptr</code></em> :</span></p></td>
294
370
<a name="gnutls-ia-get-client-avp-ptr"></a><h3>gnutls_ia_get_client_avp_ptr ()</h3>
295
371
<pre class="programlisting"><span class="returnvalue">void</span> * gnutls_ia_get_client_avp_ptr (<em class="parameter"><code><span class="type">gnutls_ia_client_credentials_t</span> cred</code></em>);</pre>
373
Returns the pointer that will be provided to the TLS/IA callback
374
function as the first argument.
298
376
<div class="variablelist"><table border="0">
299
377
<col align="left" valign="top">
302
380
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
381
<td>is a <span class="type">gnutls_ia_client_credentials_t</span> structure.
307
385
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
386
<td> The client callback data pointer.
340
418
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_ia_set_server_avp_ptr (<em class="parameter"><code><span class="type">gnutls_ia_server_credentials_t</span> cred</code></em>,
341
419
<em class="parameter"><code><span class="type">void</span> *ptr</code></em>);</pre>
421
Sets the pointer that will be provided to the TLS/IA callback
422
function as the first argument.
344
424
<div class="variablelist"><table border="0">
345
425
<col align="left" valign="top">
348
428
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
429
<td>is a <span class="type">gnutls_ia_client_credentials_t</span> structure.
353
433
<td><p><span class="term"><em class="parameter"><code>ptr</code></em> :</span></p></td>
362
442
<a name="gnutls-ia-get-server-avp-ptr"></a><h3>gnutls_ia_get_server_avp_ptr ()</h3>
363
443
<pre class="programlisting"><span class="returnvalue">void</span> * gnutls_ia_get_server_avp_ptr (<em class="parameter"><code><span class="type">gnutls_ia_server_credentials_t</span> cred</code></em>);</pre>
445
Returns the pointer that will be provided to the TLS/IA callback
446
function as the first argument.
366
448
<div class="variablelist"><table border="0">
367
449
<col align="left" valign="top">
370
452
<td><p><span class="term"><em class="parameter"><code>cred</code></em> :</span></p></td>
453
<td>is a <span class="type">gnutls_ia_client_credentials_t</span> structure.
375
457
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
458
<td> The server callback data pointer.
385
467
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_ia_handshake_p (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
387
469
Predicate to be used after <a class="link" href="gnutls-gnutls.html#gnutls-handshake" title="gnutls_handshake ()"><code class="function">gnutls_handshake()</code></a> to decide whether to
388
invoke <a class="link" href="gnutls-extra.html#gnutls-ia-handshake" title="gnutls_ia_handshake ()"><code class="function">gnutls_ia_handshake()</code></a>. Usable by both clients and servers.</p>
470
invoke <a class="link" href="gnutls-extra.html#gnutls-ia-handshake" title="gnutls_ia_handshake ()"><code class="function">gnutls_ia_handshake()</code></a>. Usable by both clients and servers.
389
472
<div class="variablelist"><table border="0">
390
473
<col align="left" valign="top">
409
492
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_ia_handshake (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>);</pre>
411
494
Perform a TLS/IA handshake. This should be called after
412
<a class="link" href="gnutls-gnutls.html#gnutls-handshake" title="gnutls_handshake ()"><code class="function">gnutls_handshake()</code></a> iff <a class="link" href="gnutls-extra.html#gnutls-ia-handshake-p" title="gnutls_ia_handshake_p ()"><code class="function">gnutls_ia_handshake_p()</code></a>.</p>
495
<a class="link" href="gnutls-gnutls.html#gnutls-handshake" title="gnutls_handshake ()"><code class="function">gnutls_handshake()</code></a> iff <a class="link" href="gnutls-extra.html#gnutls-ia-handshake-p" title="gnutls_ia_handshake_p ()"><code class="function">gnutls_ia_handshake_p()</code></a>.
413
497
<div class="variablelist"><table border="0">
414
498
<col align="left" valign="top">
440
524
This can be called in the TLS/IA AVP callback to mix any generated
441
session keys with the TLS/IA inner secret.</p>
525
session keys with the TLS/IA inner secret.
442
527
<div class="variablelist"><table border="0">
443
528
<col align="left" valign="top">
482
567
In the server, this can be called instead of <a class="link" href="gnutls-extra.html#gnutls-ia-send" title="gnutls_ia_send ()"><code class="function">gnutls_ia_send()</code></a> if
483
the server wishes to end an application phase.</p>
568
the server wishes to end an application phase.
484
570
<div class="variablelist"><table border="0">
485
571
<col align="left" valign="top">
509
595
<em class="parameter"><code>const <span class="type">char</span> *checksum</code></em>);</pre>
511
597
Verify TLS/IA end phase checksum data. If verification fails, the
512
<code class="literal">GNUTLS_A_INNER_APPLICATION_VERIFICATION</code> alert is sent to the other
598
<a class="link" href="gnutls-gnutls.html#GNUTLS-A-INNER-APPLICATION-VERIFICATION:CAPS"><code class="literal">GNUTLS_A_INNER_APPLICATION_VERIFICATION</code></a> alert is sent to the other
516
602
This function is called when <a class="link" href="gnutls-extra.html#gnutls-ia-recv" title="gnutls_ia_recv ()"><code class="function">gnutls_ia_recv()</code></a> return
517
603
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-IA-IPHF-RECEIVED:CAPS" title="GNUTLS_E_WARNING_IA_IPHF_RECEIVED"><code class="literal">GNUTLS_E_WARNING_IA_IPHF_RECEIVED</code></a> or
518
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-IA-FPHF-RECEIVED:CAPS" title="GNUTLS_E_WARNING_IA_FPHF_RECEIVED"><code class="literal">GNUTLS_E_WARNING_IA_FPHF_RECEIVED</code></a>.</p>
604
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-IA-FPHF-RECEIVED:CAPS" title="GNUTLS_E_WARNING_IA_FPHF_RECEIVED"><code class="literal">GNUTLS_E_WARNING_IA_FPHF_RECEIVED</code></a>.
519
606
<div class="variablelist"><table border="0">
520
607
<col align="left" valign="top">
546
633
<em class="parameter"><code>const <span class="type">char</span> *data</code></em>,
547
634
<em class="parameter"><code><span class="type">size_t</span> sizeofdata</code></em>);</pre>
636
Send TLS/IA application payload data. This function has the
637
similar semantics with <code class="function">send()</code>. The only difference is that it
638
accepts a GnuTLS session, and uses different error codes.
641
The TLS/IA protocol is synchronous, so you cannot send more than
642
one packet at a time. The client always send the first packet.
645
To finish an application phase in the server, use
646
<a class="link" href="gnutls-extra.html#gnutls-ia-endphase-send" title="gnutls_ia_endphase_send ()"><code class="function">gnutls_ia_endphase_send()</code></a>. The client cannot end an application
647
phase unilaterally; rather, a client is required to respond with an
648
endphase of its own if gnutls_ia_recv indicates that the server has
652
If the EINTR is returned by the internal push function (the default
653
is <code class="function">send()</code>} then <a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a> will be returned. If
654
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-INTERRUPTED:CAPS" title="GNUTLS_E_INTERRUPTED"><code class="literal">GNUTLS_E_INTERRUPTED</code></a> or <a class="link" href="gnutls-gnutls.html#GNUTLS-E-AGAIN:CAPS" title="GNUTLS_E_AGAIN"><code class="literal">GNUTLS_E_AGAIN</code></a> is returned, you must call
655
this function again, with the same parameters; alternatively you
656
could provide a <code class="literal">NULL</code> pointer for data, and 0 for size.
550
658
<div class="variablelist"><table border="0">
551
659
<col align="left" valign="top">
554
662
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
663
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
559
667
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
668
<td>contains the data to send
564
672
<td><p><span class="term"><em class="parameter"><code>sizeofdata</code></em> :</span></p></td>
673
<td>is the length of the data
569
677
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
678
<td> The number of bytes sent, or a negative error code.
580
688
<em class="parameter"><code><span class="type">char</span> *data</code></em>,
581
689
<em class="parameter"><code><span class="type">size_t</span> sizeofdata</code></em>);</pre>
691
Receive TLS/IA data. This function has the similar semantics with
692
<code class="function">recv()</code>. The only difference is that it accepts a GnuTLS session,
693
and uses different error codes.
696
If the server attempt to finish an application phase, this function
697
will return <a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-IA-IPHF-RECEIVED:CAPS" title="GNUTLS_E_WARNING_IA_IPHF_RECEIVED"><code class="literal">GNUTLS_E_WARNING_IA_IPHF_RECEIVED</code></a> or
698
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-IA-FPHF-RECEIVED:CAPS" title="GNUTLS_E_WARNING_IA_FPHF_RECEIVED"><code class="literal">GNUTLS_E_WARNING_IA_FPHF_RECEIVED</code></a>. The caller should then invoke
699
<a class="link" href="gnutls-extra.html#gnutls-ia-verify-endphase" title="gnutls_ia_verify_endphase ()"><code class="function">gnutls_ia_verify_endphase()</code></a>, and if it runs the client side, also
700
send an endphase message of its own using gnutls_ia_endphase_send.
703
If EINTR is returned by the internal push function (the default is
704
<em class="parameter"><code>code</code></em>{<code class="function">recv()</code>}) then GNUTLS_E_INTERRUPTED will be returned. If
705
GNUTLS_E_INTERRUPTED or GNUTLS_E_AGAIN is returned, you must call
706
this function again, with the same parameters; alternatively you
707
could provide a NULL pointer for data, and 0 for size.
584
709
<div class="variablelist"><table border="0">
585
710
<col align="left" valign="top">
588
713
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
714
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
593
718
<td><p><span class="term"><em class="parameter"><code>data</code></em> :</span></p></td>
719
<td>the buffer that the data will be read into, must hold >= 12 bytes.
598
723
<td><p><span class="term"><em class="parameter"><code>sizeofdata</code></em> :</span></p></td>
724
<td>the number of requested bytes, must be >= 12.
603
728
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
729
<td> The number of bytes received. A negative error code is
730
returned in case of an error. The
731
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-IA-IPHF-RECEIVED:CAPS" title="GNUTLS_E_WARNING_IA_IPHF_RECEIVED"><code class="literal">GNUTLS_E_WARNING_IA_IPHF_RECEIVED</code></a> and
732
<a class="link" href="gnutls-gnutls.html#GNUTLS-E-WARNING-IA-FPHF-RECEIVED:CAPS" title="GNUTLS_E_WARNING_IA_FPHF_RECEIVED"><code class="literal">GNUTLS_E_WARNING_IA_FPHF_RECEIVED</code></a> errors are returned when an
733
application phase finished message has been sent by the server.
615
744
<em class="parameter"><code><span class="type">char</span> *buffer</code></em>);</pre>
617
746
Generate an application challenge that the client cannot control or
618
predict, based on the TLS/IA inner secret.</p>
747
predict, based on the TLS/IA inner secret.
619
749
<div class="variablelist"><table border="0">
620
750
<col align="left" valign="top">
658
788
application phase, the inner secret will be identical to the inner
659
789
secret in the original session. It is important to include, for
660
790
example, the client and server randomness when deriving a sesssion
661
key from the inner secret.</p>
791
key from the inner secret.
662
793
<div class="variablelist"><table border="0">
663
794
<col align="left" valign="top">
681
812
<pre class="programlisting"><span class="returnvalue">void</span> gnutls_ia_enable (<em class="parameter"><code><a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> session</code></em>,
682
813
<em class="parameter"><code><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="type">int</span></a> allow_skip_on_resume</code></em>);</pre>
815
Specify whether we must advertise support for the TLS/IA extension
816
during the handshake.
819
At the client side, we always advertise TLS/IA if gnutls_ia_enable
820
was called before the handshake; at the server side, we also
821
require that the client has advertised that it wants to run TLS/IA
822
before including the advertisement, as required by the protocol.
825
Similarly, at the client side we always advertise that we allow
826
TLS/IA to be skipped for resumed sessions if <em class="parameter"><code>allow_skip_on_resume</code></em>
827
is non-zero; at the server side, we also require that the session
828
is indeed resumable and that the client has also advertised that it
829
allows TLS/IA to be skipped for resumed sessions.
832
After the TLS handshake, call <a class="link" href="gnutls-extra.html#gnutls-ia-handshake-p" title="gnutls_ia_handshake_p ()"><code class="function">gnutls_ia_handshake_p()</code></a> to find out
833
whether both parties agreed to do a TLS/IA handshake, before
834
calling <a class="link" href="gnutls-extra.html#gnutls-ia-handshake" title="gnutls_ia_handshake ()"><code class="function">gnutls_ia_handshake()</code></a> or one of the lower level gnutls_ia_*
685
837
<div class="variablelist"><table border="0">
686
838
<col align="left" valign="top">
689
841
<td><p><span class="term"><em class="parameter"><code>session</code></em> :</span></p></td>
842
<td>is a <a class="link" href="gnutls-gnutls.html#gnutls-session-t" title="gnutls_session_t"><span class="type">gnutls_session_t</span></a> structure.
694
846
<td><p><span class="term"><em class="parameter"><code>allow_skip_on_resume</code></em> :</span></p></td>
847
<td>non-zero if local party allows to skip the
848
TLS/IA application phases for a resumed session.
703
856
<a name="gnutls-global-init-extra"></a><h3>gnutls_global_init_extra ()</h3>
704
857
<pre class="programlisting"><a class="link" href="gnutls-crypto.html#int" title="int ()"><span class="returnvalue">int</span></a> gnutls_global_init_extra (<em class="parameter"><code><span class="type">void</span></code></em>);</pre>
859
This function initializes the global state of gnutls-extra library
863
Note that <a class="link" href="gnutls-gnutls.html#gnutls-global-init" title="gnutls_global_init ()"><code class="function">gnutls_global_init()</code></a> has to be called before this
864
function. If this function is not called then the gnutls-extra
865
library will not be usable.
868
This function is not thread safe, see the discussion for
869
<a class="link" href="gnutls-gnutls.html#gnutls-global-init" title="gnutls_global_init ()"><code class="function">gnutls_global_init()</code></a> on how to deal with that.
707
871
<div class="variablelist"><table border="0">
708
872
<col align="left" valign="top">
710
874
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
875
<td> On success, <a class="link" href="gnutls-gnutls.html#GNUTLS-E-SUCCESS:CAPS" title="GNUTLS_E_SUCCESS"><code class="literal">GNUTLS_E_SUCCESS</code></a> (zero) is returned,
876
otherwise an error code is returned.
721
886
Register a non-libgcrypt based MD5 and HMAC-MD5 handler. This is
722
887
useful if you run Libgcrypt in FIPS-mode. Normally TLS requires
723
888
use of MD5, so without this you cannot use GnuTLS with libgcrypt in
725
891
<div class="variablelist"><table border="0">
726
892
<col align="left" valign="top">
738
904
<a name="gnutls-extra-check-version"></a><h3>gnutls_extra_check_version ()</h3>
739
905
<pre class="programlisting">const <span class="returnvalue">char</span> * gnutls_extra_check_version (<em class="parameter"><code>const <span class="type">char</span> *req_version</code></em>);</pre>
907
Check GnuTLS Extra Library version.
910
See <a class="link" href="gnutls-extra.html#GNUTLS-EXTRA-VERSION:CAPS" title="GNUTLS_EXTRA_VERSION"><code class="literal">GNUTLS_EXTRA_VERSION</code></a> for a suitable <em class="parameter"><code>req_version</code></em> string.
742
912
<div class="variablelist"><table border="0">
743
913
<col align="left" valign="top">
746
916
<td><p><span class="term"><em class="parameter"><code>req_version</code></em> :</span></p></td>
917
<td>version string to compare with, or <code class="literal">NULL</code>.
751
921
<td><p><span class="term"><span class="emphasis"><em>Returns</em></span> :</span></p></td>
922
<td> Check that the version of the library is at
923
minimum the one given as a string in <em class="parameter"><code>req_version</code></em> and return the
924
actual version string of the library; return <code class="literal">NULL</code> if the
925
condition is not met. If <code class="literal">NULL</code> is passed to this function no
926
check is done and only the version string is returned.