corrected buffer overruns

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2001-01-10 21:23:04 +0000
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2001-01-10 21:23:04 +0000
commit: b572ae7208bdc12b7f4a803ec590d00166abf6e6 (patch)
tree: e8b7b924eec775781f50a6f699f37310190fd856
parent: 0eb4a09aed26ca5bf7ca45f74b374ad0006a27ac (diff)
download: gnutls-b572ae7208bdc12b7f4a803ec590d00166abf6e6.tar.gz
9 files changed, 77 insertions, 73 deletions
diff --git a/lib/Makefile.am b/lib/Makefile.am
index f04c9ab895..406132bf99 100644
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -2,12 +2,12 @@ include_HEADERS = gnutls.h
 EXTRA_DIST = debug.h gnutls_compress.h defines.h gnutls_plaintext.h \
 	gnutls_cipher.h gnutls_buffers.h gnutls_errors.h gnutls_int.h \
 	gnutls_handshake.h gnutls_num.h gnutls_algorithms.h gnutls_dh.h \
-	gnutls_kx.h gnutls_hash_int.h gnutls_cipher_int.h gnutls_der.h \
+	gnutls_kx.h gnutls_hash_int.h gnutls_cipher_int.h \
 	gnutls_cert.lex gnutls_compress_int.h gnutls_session.h gnutls_priority.h
 lib_LTLIBRARIES = libgnutls.la
 libgnutls_la_SOURCES = gnutls.c gnutls_compress.c debug.c gnutls_plaintext.c \
 	gnutls_cipher.c gnutls_buffers.c gnutls_handshake.c gnutls_num.c \
 	gnutls_errors.c gnutls_algorithms.c gnutls_dh.c gnutls_kx.c \
-	gnutls_priority.c gnutls_hash_int.c gnutls_cipher_int.c gnutls_der.c \
+	gnutls_priority.c gnutls_hash_int.c gnutls_cipher_int.c \
 	gnutls_compress_int.c gnutls_session.c
 libgnutls_la_LDFLAGS = -version-info $(LT_CURRENT):$(LT_REVISION):$(LT_AGE)
diff --git a/lib/gnutls.c b/lib/gnutls.c
index 979d151e4d..197916d42c 100644
--- a/lib/gnutls.c
+++ b/lib/gnutls.c
@@ -39,6 +39,11 @@
 # define EAGAIN EWOULDBLOCK
 #endif
 
+void gnutls_free(void *ptr) {
+	if (ptr!=NULL) free(ptr);
+}
+
+
 GNUTLS_Version gnutls_get_current_version(GNUTLS_STATE state) {
 GNUTLS_Version ver;
 	ver.local = state->connection_state.version.local;
diff --git a/lib/gnutls.h b/lib/gnutls.h
index 49a9ef6d81..952fe244b6 100644
--- a/lib/gnutls.h
+++ b/lib/gnutls.h
@@ -22,7 +22,7 @@ enum ContentType { GNUTLS_APPLICATION_DATA=23 };
 typedef enum ContentType ContentType;
 #define GNUTLS_AES GNUTLS_RIJNDAEL
 
-enum BulkCipherAlgorithm { GNUTLS_NULL_CIPHER, GNUTLS_ARCFOUR=1, GNUTLS_3DES = 4, GNUTLS_RIJNDAEL };
+enum BulkCipherAlgorithm { GNUTLS_NULL_CIPHER, GNUTLS_ARCFOUR=1, GNUTLS_3DES = 4, GNUTLS_RIJNDAEL, GNUTLS_TWOFISH };
 typedef enum BulkCipherAlgorithm BulkCipherAlgorithm;
 enum KXAlgorithm { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_DH_DSS, GNUTLS_KX_DH_RSA, GNUTLS_KX_ANON_DH };
 typedef enum KXAlgorithm KXAlgorithm;
diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c
index d9142778d0..cc7fdba27a 100644
--- a/lib/gnutls_algorithms.c
+++ b/lib/gnutls_algorithms.c
@@ -64,11 +64,8 @@ typedef struct gnutls_cipher_entry gnutls_cipher_entry;
 static gnutls_cipher_entry algorithms[] = {
 	GNUTLS_CIPHER_ENTRY(GNUTLS_3DES, 8, 24, 1, 8),
 	GNUTLS_CIPHER_ENTRY(GNUTLS_RIJNDAEL, 16, 16, 1, 16),
-#ifdef USE_MCRYPT
+	GNUTLS_CIPHER_ENTRY(GNUTLS_TWOFISH, 16, 16, 1, 16),
 	GNUTLS_CIPHER_ENTRY(GNUTLS_ARCFOUR, 1, 16, 0, 0),
-#else
-	GNUTLS_CIPHER_ENTRY(GNUTLS_ARCFOUR, 1, 16, 0, 0),
-#endif
 	GNUTLS_CIPHER_ENTRY(GNUTLS_NULL_CIPHER, 1, 0, 0, 0),
 	{0}
 };
@@ -166,8 +163,8 @@ static gnutls_kx_algo_entry kx_algorithms[] = {
 
 
 /* Cipher SUITES */
-#define GNUTLS_CIPHER_SUITE_ENTRY( name, block_algorithm, kx_algorithm, mac_algorithm, compression_algorithm) \
-	{ #name, {name}, block_algorithm, kx_algorithm, mac_algorithm, compression_algorithm }
+#define GNUTLS_CIPHER_SUITE_ENTRY( name, block_algorithm, kx_algorithm, mac_algorithm ) \
+	{ #name, {name}, block_algorithm, kx_algorithm, mac_algorithm }
 
 typedef struct {
 	char *name;
@@ -175,12 +172,12 @@ typedef struct {
 	BulkCipherAlgorithm block_algorithm;
 	KXAlgorithm kx_algorithm;
 	MACAlgorithm mac_algorithm;
-	CompressionMethod compression_algorithm;
 } gnutls_cipher_suite_entry;
 
 #define GNUTLS_DH_anon_3DES_EDE_CBC_SHA { 0x00, 0x1B }
 #define GNUTLS_DH_anon_ARCFOUR_MD5 { 0x00, 0x18 }
 #define GNUTLS_DH_anon_RIJNDAEL_128_CBC_SHA { 0x00, 0x34 }
+#define GNUTLS_DH_anon_TWOFISH_128_CBC_SHA { 0xFF, 0x50 }
 
 #define GNUTLS_DH_DSS_3DES_EDE_CBC_SHA { 0x00, 0x0D }
 #define GNUTLS_DH_RSA_3DES_EDE_CBC_SHA { 0x00, 0x10 }
@@ -205,59 +202,52 @@ typedef struct {
 static gnutls_cipher_suite_entry cs_algorithms[] = {
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DH_anon_ARCFOUR_MD5,
 				  GNUTLS_ARCFOUR,
-				  GNUTLS_KX_ANON_DH, GNUTLS_MAC_MD5,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_KX_ANON_DH, GNUTLS_MAC_MD5),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DH_anon_3DES_EDE_CBC_SHA,
 				  GNUTLS_3DES, GNUTLS_KX_ANON_DH,
-				  GNUTLS_MAC_SHA,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DH_DSS_3DES_EDE_CBC_SHA,
 				  GNUTLS_3DES,
-				  GNUTLS_KX_DH_DSS, GNUTLS_MAC_SHA,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_KX_DH_DSS, GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DH_RSA_3DES_EDE_CBC_SHA,
 				  GNUTLS_3DES,
-				  GNUTLS_KX_DH_RSA, GNUTLS_MAC_SHA,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_KX_DH_RSA, GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DHE_DSS_3DES_EDE_CBC_SHA,
 				  GNUTLS_3DES, GNUTLS_KX_DHE_DSS,
-				  GNUTLS_MAC_SHA,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DHE_RSA_3DES_EDE_CBC_SHA,
 				  GNUTLS_3DES, GNUTLS_KX_DHE_RSA,
-				  GNUTLS_MAC_SHA,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_RSA_ARCFOUR_SHA,
 				  GNUTLS_ARCFOUR,
-				  GNUTLS_KX_RSA, GNUTLS_MAC_SHA,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_KX_RSA, GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_RSA_ARCFOUR_MD5,
 				  GNUTLS_ARCFOUR,
-				  GNUTLS_KX_RSA, GNUTLS_MAC_MD5,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_KX_RSA, GNUTLS_MAC_MD5),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_RSA_3DES_EDE_CBC_SHA,
 				  GNUTLS_3DES,
-				  GNUTLS_KX_RSA, GNUTLS_MAC_SHA,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_KX_RSA, GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_RSA_RIJNDAEL_128_CBC_SHA,
 				  GNUTLS_RIJNDAEL, GNUTLS_KX_RSA,
-				  GNUTLS_MAC_SHA,
-				  GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DH_DSS_RIJNDAEL_128_CBC_SHA,
 				  GNUTLS_RIJNDAEL, GNUTLS_KX_DH_DSS,
-				  GNUTLS_MAC_SHA, GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DH_RSA_RIJNDAEL_128_CBC_SHA,
 				  GNUTLS_RIJNDAEL, GNUTLS_KX_DH_RSA,
-				  GNUTLS_MAC_SHA, GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DHE_DSS_RIJNDAEL_128_CBC_SHA,
 				  GNUTLS_RIJNDAEL, GNUTLS_KX_DHE_DSS,
-				  GNUTLS_MAC_SHA, GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DHE_RSA_RIJNDAEL_128_CBC_SHA,
 				  GNUTLS_RIJNDAEL, GNUTLS_KX_DHE_RSA,
-				  GNUTLS_MAC_SHA, GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_MAC_SHA),
 	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DH_anon_RIJNDAEL_128_CBC_SHA,
 				  GNUTLS_RIJNDAEL, GNUTLS_KX_ANON_DH,
-				  GNUTLS_MAC_SHA, GNUTLS_NULL_COMPRESSION),
+				  GNUTLS_MAC_SHA),
+	GNUTLS_CIPHER_SUITE_ENTRY(GNUTLS_DH_anon_TWOFISH_128_CBC_SHA,
+				  GNUTLS_TWOFISH, GNUTLS_KX_ANON_DH,
+				  GNUTLS_MAC_SHA),
 	{0}
 };
 
@@ -329,7 +319,7 @@ char *_gnutls_mac_get_name(MACAlgorithm algorithm)
 int _gnutls_mac_count()
 {
 	uint8 i, counter = 0;
-	for (i = 0; i < 255; i++) {
+	for (i = 0; i < 256; i++) {
 		if (_gnutls_mac_is_ok(i) == 0)
 			counter++;
 	}
@@ -390,7 +380,7 @@ char *_gnutls_compression_get_name(CompressionMethod algorithm)
 int _gnutls_compression_count()
 {
 	uint8 i, counter = 0;
-	for (i = 0; i < 255; i++) {
+	for (i = 0; i < 256; i++) {
 		if (_gnutls_compression_is_ok(i) == 0)
 			counter++;
 	}
@@ -486,7 +476,7 @@ char *_gnutls_cipher_get_name(BulkCipherAlgorithm algorithm)
 int _gnutls_cipher_count()
 {
 	uint8 i, counter = 0;
-	for (i = 0; i < 255; i++) {
+	for (i = 0; i < 256; i++) {
 		if (_gnutls_cipher_is_ok(i) == 0)
 			counter++;
 	}
@@ -585,7 +575,7 @@ char *_gnutls_kx_get_name(KXAlgorithm algorithm)
 int _gnutls_kx_count()
 {
 	uint8 i, counter = 0;
-	for (i = 0; i < 255; i++) {
+	for (i = 0; i < 256; i++) {
 		if (_gnutls_kx_is_ok(i) == 0)
 			counter++;
 	}
@@ -656,15 +646,6 @@ _gnutls_cipher_suite_get_mac_algo(const GNUTLS_CipherSuite suite)
 
 }
 
-CompressionMethod
-_gnutls_cipher_suite_get_compression_algo(const GNUTLS_CipherSuite suite)
-{
-	size_t ret = 0;
-	GNUTLS_CIPHER_SUITE_ALG_LOOP(ret = p->compression_algorithm);
-	return ret;
-
-}
-
 char *_gnutls_cipher_suite_get_name(GNUTLS_CipherSuite suite)
 {
 	char *ret = NULL;
@@ -707,16 +688,18 @@ int _gnutls_cipher_suite_is_ok(GNUTLS_CipherSuite suite)
 int _gnutls_cipher_suite_count()
 {
 	GNUTLS_CipherSuite suite;
-	uint8 i, counter = 0, j;
-	for (j = 0; j < 255; j++) {
+	int i, counter = 0, j;
+
+	for (j = 0; j < 256; j++) {
 		suite.CipherSuite[0] = j;
-		if (j != 0 && j != 255)
-			continue;	/* these are the only suites we support */
-		for (i = 0; i < 255; i++) {
+		if (j!=0x00 && j!=0xFF) continue;
+
+		for (i = 0; i < 256; i++) {
 			suite.CipherSuite[1] = i;
 			if (_gnutls_cipher_suite_is_ok(suite) == 0)
 				counter++;
 		}
+
 	}
 	return counter;
 }
@@ -952,7 +935,7 @@ _gnutls_supported_ciphersuites(GNUTLS_STATE state,
 		tmp_ciphers[i].CipherSuite[1] =
 		    cs_algorithms[i].id.CipherSuite[1];
 	}
-
+fprintf(stderr, "COUNT: %d\n",count);
 	for (i = 0; i < count; i++) {
 		if (_gnutls_kx_priority
 		    (state,
@@ -995,14 +978,15 @@ _gnutls_supported_ciphersuites(GNUTLS_STATE state,
 #define SUPPORTED_COMPRESSION_METHODS state->gnutls_internals.CompressionMethodPriority.algorithms
 int
 _gnutls_supported_compression_methods(GNUTLS_STATE state,
-				      CompressionMethod ** comp)
+				      uint8** comp)
 {
 	int i;
-	*comp = gnutls_malloc(SUPPORTED_COMPRESSION_METHODS * 1);
+	
+	*comp = gnutls_malloc(SUPPORTED_COMPRESSION_METHODS);
+	if (*comp==NULL) return GNUTLS_E_MEMORY_ERROR;
 
 	for (i = 0; i < SUPPORTED_COMPRESSION_METHODS; i++) {
-
-		(*comp)[i] =
+		(*comp)[i] = (uint8)
 		    state->gnutls_internals.
 		    CompressionMethodPriority.algorithm_priority[i];
 	}
diff --git a/lib/gnutls_algorithms.h b/lib/gnutls_algorithms.h
index 5ad9714d35..f51a79b3dc 100644
--- a/lib/gnutls_algorithms.h
+++ b/lib/gnutls_algorithms.h
@@ -12,14 +12,13 @@ int   _gnutls_mac_count();
 int   _gnutls_cipher_suite_is_ok(GNUTLS_CipherSuite algorithm);
 int   _gnutls_supported_ciphersuites(GNUTLS_STATE state, GNUTLS_CipherSuite **ciphers);
 int   _gnutls_supported_ciphersuites_sorted(GNUTLS_STATE state, GNUTLS_CipherSuite **ciphers);
-int   _gnutls_supported_compression_methods(GNUTLS_STATE state, CompressionMethod **comp);
+int   _gnutls_supported_compression_methods(GNUTLS_STATE state, uint8 **comp);
 
 int   _gnutls_cipher_suite_count();
 char* _gnutls_cipher_suite_get_name(GNUTLS_CipherSuite algorithm);
 BulkCipherAlgorithm _gnutls_cipher_suite_get_cipher_algo(const GNUTLS_CipherSuite algorithm);
 KXAlgorithm _gnutls_cipher_suite_get_kx_algo(const GNUTLS_CipherSuite algorithm);
 MACAlgorithm _gnutls_cipher_suite_get_mac_algo(const GNUTLS_CipherSuite algorithm);
-CompressionMethod _gnutls_cipher_suite_get_compression_algo(const GNUTLS_CipherSuite suite);
 GNUTLS_CipherSuite  _gnutls_cipher_suite_get_suite_name(GNUTLS_CipherSuite algorithm);
 
 /* functions for ciphers */
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 0a3dd88da8..30f9d628ff 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -70,6 +70,7 @@ int _gnutls_encrypt(GNUTLS_STATE state, char *data, size_t data_size,
 	}
 	memmove((*ciphertext), gcipher->fragment, gcipher->length);
 
+
 	total_length += gcipher->length;
 	_gnutls_freeTLSCiphertext(gcipher);
 
@@ -495,13 +496,13 @@ int _gnutls_TLSCompressed2TLSCiphertext(GNUTLS_STATE state,
 		if (_gnutls_version_ssl3(state->connection_state.version) == 0) {
 			rand[0] = 0;
 		} else {
-			rand[0] =
-			    (rand[0] % (255 / blocksize)) * blocksize;
+			rand[0] = (rand[0] / blocksize) * blocksize;
 		}
 
 		length =
 		    compressed->length +
 		    state->security_parameters.hash_size;
+
 		pad = (uint8) (blocksize - (length % blocksize)) + rand[0];
 
 		length += pad;
@@ -509,9 +510,9 @@ int _gnutls_TLSCompressed2TLSCiphertext(GNUTLS_STATE state,
 
 		memset(&data[length - pad], pad - 1, pad);
 		memmove(data, content, compressed->length);
-
 		memmove(&data[compressed->length], MAC,
 			state->security_parameters.hash_size);
+
 		gnutls_cipher_encrypt(state->connection_state.
 				      write_cipher_state, data, length);
 
diff --git a/lib/gnutls_cipher_int.c b/lib/gnutls_cipher_int.c
index 549db02462..adc6cfa169 100644
--- a/lib/gnutls_cipher_int.c
+++ b/lib/gnutls_cipher_int.c
@@ -38,6 +38,13 @@ GNUTLS_CIPHER_HANDLE ret;
 		ret = gcry_cipher_open(GCRY_CIPHER_RIJNDAEL, GCRY_CIPHER_MODE_CBC, 0);
 #endif
 		break;
+	case GNUTLS_TWOFISH:
+#ifdef USE_MCRYPT
+		ret = mcrypt_module_open( "twofish", NULL, "cbc", NULL);
+#else
+		ret = gcry_cipher_open(GCRY_CIPHER_TWOFISH, GCRY_CIPHER_MODE_CBC, 0);
+#endif
+		break;
 	case GNUTLS_3DES:
 #ifdef USE_MCRYPT
 		ret = mcrypt_module_open( "tripledes", NULL, "cbc", NULL);
@@ -75,7 +82,10 @@ int gnutls_cipher_encrypt(GNUTLS_CIPHER_HANDLE handle, void* text, int textlen)
 #ifdef USE_MCRYPT
 		mcrypt_generic( handle, text, textlen);
 #else
-		gcry_cipher_encrypt( handle, text, textlen, text, textlen);
+		if (gcry_cipher_encrypt( handle, text, textlen, NULL, textlen)!=0) {
+			gnutls_assert();
+			return GNUTLS_E_UNKNOWN_ERROR;
+		}
 #endif
 	}
 	return 0;
@@ -86,7 +96,10 @@ int gnutls_cipher_decrypt(GNUTLS_CIPHER_HANDLE handle, void* ciphertext, int cip
 #ifdef USE_MCRYPT
 		mdecrypt_generic( handle, ciphertext, ciphertextlen);
 #else
-		gcry_cipher_decrypt( handle, ciphertext, ciphertextlen, ciphertext, ciphertextlen);
+		if (gcry_cipher_decrypt( handle, ciphertext, ciphertextlen, NULL, ciphertextlen)!=0) {
+			gnutls_assert();
+			return GNUTLS_E_UNKNOWN_ERROR;
+		}
 #endif
 	}
 	return 0;
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 1b6f387178..ee9a3aa613 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -245,7 +245,7 @@ static int SelectSuite(GNUTLS_STATE state, opaque ret[2], char *data, int datale
 static int SelectCompMethod(GNUTLS_STATE state, CompressionMethod * ret, opaque *data, int datalen)
 {
 	int x, i, j;
-	CompressionMethod *ciphers;
+	uint8 *ciphers;
 
 	x = _gnutls_supported_compression_methods(state, &ciphers);
 	memset(ret, '\0', sizeof(CompressionMethod));
@@ -476,7 +476,7 @@ int _gnutls_send_hello(int cd, GNUTLS_STATE state, opaque * SessionID,
 	uint32 cur_time;
 	int pos = 0;
 	GNUTLS_CipherSuite *cipher_suites;
-	CompressionMethod *compression_methods;
+	uint8 *compression_methods;
 	int i, datalen, ret = 0;
 	uint16 x;
 
@@ -535,9 +535,11 @@ int _gnutls_send_hello(int cd, GNUTLS_STATE state, opaque * SessionID,
 				2);
 			pos += 2;
 		}
+		gnutls_free(cipher_suites);
 
 		z = _gnutls_supported_compression_methods
 		    (state, &compression_methods);
+
 		memmove(&data[pos++], &z, 1); /* put the number of compression methods */
 
 		datalen += z; 
@@ -547,7 +549,6 @@ int _gnutls_send_hello(int cd, GNUTLS_STATE state, opaque * SessionID,
 			memmove(&data[pos++], &compression_methods[i], 1);
 		}
 
-		gnutls_free(cipher_suites);
 		gnutls_free(compression_methods);
 
 		ret =
@@ -617,7 +618,7 @@ int _gnutls_recv_hello(int cd, GNUTLS_STATE state, char *data, int datalen)
 	uint8 session_id_len = 0, z;
 	int pos = 0;
 	GNUTLS_CipherSuite cipher_suite, *cipher_suites;
-	CompressionMethod compression_method, *compression_methods;
+	uint8 compression_method, *compression_methods;
 	int i, ret=0;
 	uint16 x, sizeOfSuites;
 	GNUTLS_Version version;
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 579929690c..9b20ec17cb 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -4,9 +4,9 @@
 
 /*
 #define HANDSHAKE_DEBUG
-#define HARD_DEBUG
 #define READ_DEBUG
 #define WRITE_DEBUG
+#define HARD_DEBUG
 #define DEBUG
 */
 
@@ -16,19 +16,19 @@
 
 /* for big numbers support */ /* FIXME */
 #include <gcrypt.h>
+#include <dmalloc.h>
 
 #define GNUTLS_MPI MPI
 #define gnutls_mpi_release mpi_release
 
 #define svoid void /* for functions that allocate using secure_free */
-#define secure_free free
+#define secure_free gnutls_free
 #define secure_malloc malloc
 #define secure_realloc realloc
 #define secure_calloc calloc
 #define gnutls_malloc malloc
 #define gnutls_realloc realloc
 #define gnutls_calloc calloc
-#define gnutls_free free
 
 typedef struct {
 	uint8	pint[3];
@@ -85,7 +85,7 @@ typedef struct {
 
 /* STATE */
 enum ConnectionEnd { GNUTLS_SERVER, GNUTLS_CLIENT };
-enum BulkCipherAlgorithm { GNUTLS_NULL_CIPHER, GNUTLS_ARCFOUR=1, GNUTLS_3DES = 4, GNUTLS_RIJNDAEL };
+enum BulkCipherAlgorithm { GNUTLS_NULL_CIPHER, GNUTLS_ARCFOUR=1, GNUTLS_3DES = 4, GNUTLS_RIJNDAEL, GNUTLS_TWOFISH };
 enum KXAlgorithm { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, GNUTLS_KX_DH_DSS, GNUTLS_KX_DH_RSA, GNUTLS_KX_ANON_DH };
 enum KeyExchangeAlgorithm { GNUTLS_RSA, GNUTLS_DIFFIE_HELLMAN };
 enum CipherType { CIPHER_STREAM, CIPHER_BLOCK };
@@ -296,6 +296,7 @@ typedef struct {
 } GNUTLS_ServerHello;
 
 /* functions */
+void gnutls_free(void* ptr);
 int _gnutls_send_alert( int cd, GNUTLS_STATE state, AlertLevel level, AlertDescription desc);
 int gnutls_close(int cd, GNUTLS_STATE state);
 svoid *gnutls_PRF( opaque * secret, int secret_size, uint8 * label,
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2001-01-10 21:23:04 +0000
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2001-01-10 21:23:04 +0000
commit	b572ae7208bdc12b7f4a803ec590d00166abf6e6 (patch)
tree	e8b7b924eec775781f50a6f699f37310190fd856
parent	0eb4a09aed26ca5bf7ca45f74b374ad0006a27ac (diff)
download	gnutls-b572ae7208bdc12b7f4a803ec590d00166abf6e6.tar.gz