1

我尝试使用本网站 ( http://www.wikinology.cn/wiki/GnuTLS_Extension_Development_Notes ) 中定义的 gnutls 添加我自己的 TLS 扩展,所以让我一步一步解释:

注意:我使用了 gnutls-3.3.14 和扩展名为:SupportedAndAcceptedCertType。

1- m4/hooks.m4

AC_MSG_CHECKING([whether to disable foobar support])
AC_ARG_ENABLE(SupportedAndAcceptedCertType,
    AS_HELP_STRING([--disable-SupportedAndAcceptedCertType],
        [disable SupportedAndAcceptedCertType support]),
    ac_enable_SupportedAndAcceptedCertType=no)

if test x$ac_enable_SupportedAndAcceptedCertType != xno; then
 AC_MSG_RESULT(no)
 AC_DEFINE(ENABLE_SupportedAndAcceptedCertType, 1, [enable SupportedAndAcceptedCertType])

else
 ac_full=0
 AC_MSG_RESULT(yes)

fi
AM_CONDITIONAL(ENABLE_SupportedAndAcceptedCertType, test "$ac_enable_SupportedAndAcceptedCertType" != "no")

2- gnutls_int.h:

GNUTLS_EXTENSION_SupportedAndAcceptedCertType=9999

3-在 gnutls_extensions.c 中:

/ * 测试 * /

if ENABLE_SupportedAndAcceptedCertType
  ret = _gnutls_ext_register (&SupportedAndAcceptedCertType_ext);

  if (ret != GNUTLS_E_SUCCESS)
    return ret;
endif

/*结束测试*/

4-在 ext 文件中创建 SupportedAndAcceptedCertType.h:

include "ext/SupportedAndAcceptedCertType.h"

extension_entry_st SupportedAndAcceptedCertType_ext = 

    {

    .name = "SupportedAndAcceptedCertType",
    .type = GNUTLS_EXTENSION_SupportedAndAcceptedCertType,
    .parse_type = GNUTLS_EXT_TLS,
    .recv_func = _SupportedAndAcceptedCertType_recv_params,
    .send_func = _SupportedAndAcceptedCertType_send_params,
    .pack_func = _SupportedAndAcceptedCertType_pack,
    .unpack_func = _SupportedAndAcceptedCertType_unpack,
    .deinit_func = NULL

    }

5-在 ext 文件中创建 SupportedAndAcceptedCertType.c:

include < gnutls_extensions.h >

int _SupportedAndAcceptedCertType_recv_params (gnutls_session_t session, const opaque * data,size_t data_size)
{
  return 0;
}

int _SupportedAndAcceptedCertType_send_params (gnutls_session_t session, gnutls_buffer_st* data)
{
  return 0;
}

int _SupportedAndAcceptedCertType_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps)
{
   return 0;
}


int _SupportedAndAcceptedCertType_unpack (gnutls_buffer_st * ps, extension_priv_data_t * epriv)
{
   return 0;
}


static void _SupportedAndAcceptedCertType_deinit_data(extension_priv_data_t priv);

6-在 Makefile.am 中:

if ENABLE_SupportedAndAcceptedCertType
libgnutls_ext_la_SOURCES += ext/SupportedAndAcceptedCertType.c ext/SupportedAndAcceptedCertType.h
endif

现在基于网站“ http://www.wikinology.cn/wiki/GnuTLS_Extension_Development_Notes ”,我目前在步骤“更新模板文件:

必须更新这些文件:

库/Makefile.in

lib/includes/gnutls/gnutls.h.in

我该怎么做这一步?在这一步之后,我可以在握手中看到我的扩展(ClientHello 和 ServerHello)吗?

谢谢

4

0 回答 0