added the concept of optional handshake packets (like CERTIFICATE_REQUEST).

several other fixes.
author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2001-08-06 08:30:25 +0000
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2001-08-06 08:30:25 +0000
commit: a312f0d008595c86b793f810e7d283f1108dcca8 (patch)
tree: 9823109e27beac4c2ab2c4ef0b611c1dd6bad0e9
parent: 8fa8ed88631f45c133308f6db731520830713fb9 (diff)
download: gnutls-a312f0d008595c86b793f810e7d283f1108dcca8.tar.gz
10 files changed, 191 insertions, 91 deletions
diff --git a/lib/auth_rsa.c b/lib/auth_rsa.c
index ee80b6cea4..f3fd7bfd49 100644
--- a/lib/auth_rsa.c
+++ b/lib/auth_rsa.c
@@ -461,7 +461,6 @@ int proc_rsa_certificate(GNUTLS_STATE state, opaque * data, int data_size)
  
         _gnutls_copy_x509_client_auth_info( info, &peer_certificate_list[0], verify);
 
-
 	gnutls_free( peer_certificate_list);
 
 	return 0;
diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c
index b2a77944da..add41039da 100644
--- a/lib/gnutls_buffers.c
+++ b/lib/gnutls_buffers.c
@@ -269,7 +269,12 @@ int gnutls_insertHashDataBuffer( GNUTLS_STATE state, char *data, int length)
 	state->gnutls_internals.hash_buffer.data =
 		    gnutls_realloc(state->gnutls_internals.hash_buffer.data,
 			   state->gnutls_internals.hash_buffer.size);
-		memcpy(&state->gnutls_internals.hash_buffer.data[old_buffer], data, length);
+			   
+	if (state->gnutls_internals.hash_buffer.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+	memcpy(&state->gnutls_internals.hash_buffer.data[old_buffer], data, length);
 
 	return 0;
 }
@@ -298,6 +303,11 @@ int gnutls_getHashDataFromBuffer( GNUTLS_STATE state, char *data, int length)
 	    gnutls_realloc(state->gnutls_internals.hash_buffer.data,
 			   state->gnutls_internals.hash_buffer.size);
 
+	if (state->gnutls_internals.hash_buffer.data == NULL) {
+		gnutls_assert();
+		return GNUTLS_E_MEMORY_ERROR;
+	}
+
 	return length;	
 
 }
diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c
index 81604fa1ac..55744768c7 100644
--- a/lib/gnutls_cert.c
+++ b/lib/gnutls_cert.c
@@ -758,6 +758,7 @@ return GNUTLS_E_UNIMPLEMENTED_FEATURE;
 		return result;
 	}
 
+	memset( &gCert->subjectAltName, 0, sizeof(gCert->subjectAltName));
 	if ((result =
 	     _gnutls_get_ext_type( c2, "certificate2.tbsCertificate.extensions", gCert)) < 0) {
 		gnutls_assert();
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index f934a1b470..3842a09303 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -411,7 +411,6 @@ int _gnutls_send_finished(SOCKET cd, GNUTLS_STATE state)
 /* This is to be called after sending our finished message. If everything
  * went fine we have negotiated a secure connection 
  */
-#define HANDSHAKE_HEADERS_SIZE 4
 int _gnutls_recv_finished(SOCKET cd, GNUTLS_STATE state)
 {
 	uint8 *data, *vrfy;
@@ -423,7 +422,7 @@ int _gnutls_recv_finished(SOCKET cd, GNUTLS_STATE state)
 
 	ret =
 	    _gnutls_recv_handshake(cd, state, &vrfy, &vrfysize,
-				   GNUTLS_FINISHED);
+				   GNUTLS_FINISHED, MANDATORY_PACKET);
 	if (ret < 0) {
 		ERR("recv finished int", ret);
 		gnutls_assert();
@@ -446,13 +445,13 @@ int _gnutls_recv_finished(SOCKET cd, GNUTLS_STATE state)
 					  (state->security_parameters.
 					   entity + 1) % 2,
 					  vrfysize +
-					  HANDSHAKE_HEADERS_SIZE);
+					  HANDSHAKE_HEADER_SIZE);
 	} else {		/* TLS 1.0 */
 		data =
 		    _gnutls_finished(state,
 				     (state->security_parameters.entity +
 				      1) % 2,
-				     vrfysize + HANDSHAKE_HEADERS_SIZE);
+				     vrfysize + HANDSHAKE_HEADER_SIZE);
 	}
 
 	if (memcmp(vrfy, data, data_size) != 0) {
@@ -563,7 +562,7 @@ int _gnutls_send_handshake(SOCKET cd, GNUTLS_STATE state, void *i_data,
 
 	datasize = i_datasize;
 
-	i_datasize += HANDSHAKE_HEADERS_SIZE;
+	i_datasize += HANDSHAKE_HEADER_SIZE;
 	data = gnutls_malloc(i_datasize);
 
 	memcpy(&data[pos++], &type, 1);
@@ -580,9 +579,12 @@ int _gnutls_send_handshake(SOCKET cd, GNUTLS_STATE state, void *i_data,
 
 	/* Here we keep the handshake messages in order to hash them later!
 	 */
-	if (type != GNUTLS_HELLO_REQUEST)
-		gnutls_insertHashDataBuffer(state, data, i_datasize);
-
+	if (type != GNUTLS_HELLO_REQUEST) {
+		if ( (ret=gnutls_insertHashDataBuffer(state, data, i_datasize)) < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
 	ret =
 	    _gnutls_Send_int(cd, state, GNUTLS_HANDSHAKE, type, data,
 			     i_datasize);
@@ -591,132 +593,181 @@ int _gnutls_send_handshake(SOCKET cd, GNUTLS_STATE state, void *i_data,
 	return ret;
 }
 
-
-/* This function will receive handshake messages of the given types,
- * and will pass the message to the right place in order to be processed.
- * Eg. for the SERVER_HELLO message (if it is expected), it will be
- * send to _gnutls_recv_hello().
+/* This function will read the handshake header, and return it to the called. If the
+ * received handshake packet is not the one expected then it buffers the header, and
+ * returns UNEXPECTED_HANDSHAKE_PACKET.
  */
 #define SSL2_HEADERS 1
-int _gnutls_recv_handshake(SOCKET cd, GNUTLS_STATE state, uint8 ** data,
-			   int *datalen, HandshakeType type)
+static int _gnutls_recv_handshake_header( SOCKET cd, GNUTLS_STATE state, uint8 ** const header,
+			   int *header_size, HandshakeType type, HandshakeType* recv_type)
 {
 	int ret;
-	uint32 length32 = 0, sum = 0;
+	uint32 length32 = 0;
 	uint8 *dataptr = NULL;	/* for realloc */
-	int handshake_headers = HANDSHAKE_HEADERS_SIZE;
-	HandshakeType recv_type;
+	int handshake_header_size = HANDSHAKE_HEADER_SIZE;
 
-	dataptr = gnutls_malloc(HANDSHAKE_HEADERS_SIZE);
+	/* if we have data into the buffer then return them, do not read the next packet
+	 */
+	if (state->gnutls_internals.handshake_header_buffer.header_size > 0) {
+		*header = state->gnutls_internals.handshake_header_buffer.header;
+		*header_size = state->gnutls_internals.handshake_header_buffer.header_size;
+		*recv_type = state->gnutls_internals.handshake_header_buffer.recv_type;
 
+		state->gnutls_internals.handshake_header_buffer.header_size = 0; /* reset buffering */
+		return state->gnutls_internals.handshake_header_buffer.packet_length;
+	}
+
+	dataptr = state->gnutls_internals.handshake_header_buffer.header;
+	
 	ret =
-	    _gnutls_Recv_int(cd, state, GNUTLS_HANDSHAKE, type, dataptr,
-			     SSL2_HEADERS);
+	    _gnutls_Recv_int(cd, state, GNUTLS_HANDSHAKE, type, dataptr, SSL2_HEADERS);
 	if (ret <= 0) {
 		gnutls_assert();
-		gnutls_free(dataptr);
 		return (ret < 0) ? ret : GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
 	}
+	
 	if (ret != SSL2_HEADERS) {
 		gnutls_assert();
-		gnutls_free(dataptr);
 		return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
 	}
-	if (state->gnutls_internals.v2_hello == 0
-	    || type != GNUTLS_CLIENT_HELLO) {
 
+	if (state->gnutls_internals.v2_hello == 0 || type != GNUTLS_CLIENT_HELLO) {
 		ret =
 		    _gnutls_Recv_int(cd, state, GNUTLS_HANDSHAKE, type,
 				     &dataptr[SSL2_HEADERS],
-				     HANDSHAKE_HEADERS_SIZE -
+				     HANDSHAKE_HEADER_SIZE -
 				     SSL2_HEADERS);
 		if (ret <= 0) {
 			gnutls_assert();
-			gnutls_free(dataptr);
 			return (ret < 0) ? ret : GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
 		}
-		if (ret != HANDSHAKE_HEADERS_SIZE - SSL2_HEADERS) {
+		if (ret != HANDSHAKE_HEADER_SIZE - SSL2_HEADERS) {
 			gnutls_assert();
-			gnutls_free(dataptr);
 			return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
 		}
-		recv_type = dataptr[0];
+		*recv_type = dataptr[0];
 
-		if (recv_type != type) {
-			gnutls_assert();
-			gnutls_free(dataptr);
-			return GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET;
-		}
 		length32 = READuint24(&dataptr[1]);
-
+		handshake_header_size = HANDSHAKE_HEADER_SIZE;
 #ifdef HANDSHAKE_DEBUG
 		_gnutls_log("Handshake: %s was received [%ld bytes]\n",
 			    _gnutls_handshake2str(dataptr[0]),
 			    length32 + HANDSHAKE_HEADERS_SIZE);
 #endif
 
-
 	} else {		/* v2 hello */
 		length32 = state->gnutls_internals.v2_hello - SSL2_HEADERS;	/* we've read the first byte */
 
-		handshake_headers = SSL2_HEADERS;	/* we've already read one byte */
+		handshake_header_size = SSL2_HEADERS;	/* we've already read one byte */
 
-		recv_type = dataptr[0];
+		*recv_type = dataptr[0];
 #ifdef HANDSHAKE_DEBUG
 		_gnutls_log(
 			  "Handshake: %s(v2) was received [%ld bytes]\n",
 				   _gnutls_handshake2str(recv_type),
-				   length32 + handshake_headers);
+				   length32 + handshake_header_size);
 #endif
 
-		if (recv_type != GNUTLS_CLIENT_HELLO) {		/* it should be one or nothing */
+		if (*recv_type != GNUTLS_CLIENT_HELLO) {		/* it should be one or nothing */
 			gnutls_assert();
 			return GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET;
 		}
 	}
 
-	dataptr = gnutls_realloc(dataptr, length32 + handshake_headers);
+	if (recv_type != GNUTLS_HELLO_REQUEST) {
+		if ( (ret=gnutls_insertHashDataBuffer(state, dataptr, handshake_header_size)) < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
+
+	if (*recv_type != type) {
+		gnutls_assert();
+
+		/* put the packet into the buffer */
+		memcpy( state->gnutls_internals.handshake_header_buffer.header, dataptr, handshake_header_size);
+		state->gnutls_internals.handshake_header_buffer.header_size = handshake_header_size;
+		state->gnutls_internals.handshake_header_buffer.packet_length = length32;
+		state->gnutls_internals.handshake_header_buffer.recv_type = *recv_type;
+		return GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET;
+	}
+
+	state->gnutls_internals.handshake_header_buffer.header_size = 0; /* no buffering */
+	*header = dataptr;
+	*header_size = handshake_header_size;
+
+	return length32;
+}
+
+/* This function will receive handshake messages of the given types,
+ * and will pass the message to the right place in order to be processed.
+ * Eg. for the SERVER_HELLO message (if it is expected), it will be
+ * send to _gnutls_recv_hello().
+ */
+
+int _gnutls_recv_handshake(SOCKET cd, GNUTLS_STATE state, uint8 ** data,
+			   int *datalen, HandshakeType type, Optional optional)
+{
+	int ret;
+	uint32 length32 = 0;
+	int handshake_header_size;
+	opaque * dataptr;
+	HandshakeType recv_type;
+	opaque *handshake_header;
+
+	ret = _gnutls_recv_handshake_header( cd, state, &handshake_header, &handshake_header_size, type, &recv_type);
+	if (ret < 0) {
+		if (ret == GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET && optional==OPTIONAL_PACKET) {
+			gnutls_assert();
+			return 0; /* ok just ignore the packet */
+		}
+		gnutls_assert();
+		return ret;
+	}
+
+	length32 = ret;
+
+	if (length32 > 0)
+		dataptr = gnutls_malloc(length32);
+
+		
 	if (dataptr == NULL) {
 		gnutls_assert();
 		return GNUTLS_E_MEMORY_ERROR;
 	}
-	if (length32 > 0 && data != NULL)
-		*data = gnutls_malloc(length32);
 
 	if (datalen != NULL)
 		*datalen = length32;
 
-	sum = handshake_headers;
-	do {
+	if (length32 > 0) {
 		ret =
-		    _gnutls_Recv_int(cd, state, GNUTLS_HANDSHAKE, type,
-				     &dataptr[sum], length32);
-		sum += ret;
-	} while (((sum - handshake_headers) < length32) && (ret > 0));
-
-	if (ret < 0) {
-		gnutls_assert();
-		gnutls_free(dataptr);
-		return ret;
+		    _gnutls_Recv_int(cd, state, GNUTLS_HANDSHAKE, type, dataptr, length32);
+		if (ret <= 0) {
+			gnutls_assert();
+			gnutls_free(dataptr);
+			return (ret==0)?GNUTLS_E_UNEXPECTED_PACKET_LENGTH:ret;
+		}
 	}
 	ret = GNUTLS_E_UNKNOWN_ERROR;
 
-	if (length32 > 0 && data != NULL)
-		memcpy(*data, &dataptr[handshake_headers], length32);
 
-	/* here we buffer the handshake messages - needed at Finished message */
+	if (data != NULL && length32 > 0)
+		*data = dataptr;
 
-	if (recv_type != GNUTLS_HELLO_REQUEST)
-		gnutls_insertHashDataBuffer(state, dataptr,
-					    length32 + handshake_headers);
+	/* here we buffer the handshake messages - needed at Finished message */
 
+	if (recv_type != GNUTLS_HELLO_REQUEST && length32 > 0) {
+		if ( (ret=gnutls_insertHashDataBuffer(state, dataptr, length32)) < 0) {
+			gnutls_assert();
+			return ret;
+		}
+	}
 	switch (recv_type) {
 	case GNUTLS_CLIENT_HELLO:
 	case GNUTLS_SERVER_HELLO:
 		ret =
-		    _gnutls_recv_hello(cd, state,
-				       &dataptr[handshake_headers],
-				       length32);
+		    _gnutls_recv_hello(cd, state, dataptr, length32);
+		gnutls_free( dataptr);
 		break;
 	case GNUTLS_CERTIFICATE:
 		ret = length32;
@@ -743,7 +794,6 @@ int _gnutls_recv_handshake(SOCKET cd, GNUTLS_STATE state, uint8 ** data,
 		gnutls_assert();
 		ret = GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET;
 	}
-	gnutls_free(dataptr);
 	return ret;
 }
 
@@ -1240,7 +1290,7 @@ int gnutls_handshake_begin(SOCKET cd, GNUTLS_STATE state) {
 		/* receive the server hello */
 		ret =
 		    _gnutls_recv_handshake(cd, state, NULL, NULL,
-					   GNUTLS_SERVER_HELLO);
+					   GNUTLS_SERVER_HELLO, MANDATORY_PACKET);
 		if (ret < 0) {
 			gnutls_assert();
 			ERR("recv hello", ret);
@@ -1261,7 +1311,7 @@ int gnutls_handshake_begin(SOCKET cd, GNUTLS_STATE state) {
 
 		ret =
 		    _gnutls_recv_handshake(cd, state, NULL, NULL,
-					   GNUTLS_CLIENT_HELLO);
+					   GNUTLS_CLIENT_HELLO, MANDATORY_PACKET);
 		if (ret < 0) {
 			ERR("recv hello", ret);
 			gnutls_assert();
@@ -1457,7 +1507,7 @@ int gnutls_handshake_finish(SOCKET cd, GNUTLS_STATE state) {
 		if (state->gnutls_internals.resumed == RESUME_FALSE)	/* if we are not resuming */
 			ret =
 			    _gnutls_recv_handshake(cd, state, NULL, NULL,
-					       GNUTLS_SERVER_HELLO_DONE);
+					       GNUTLS_SERVER_HELLO_DONE, MANDATORY_PACKET);
 		if (ret < 0) {
 			gnutls_assert();
 			ERR("recv server hello done", ret);
diff --git a/lib/gnutls_handshake.h b/lib/gnutls_handshake.h
index 70f02ef5cd..983d0e88c8 100644
--- a/lib/gnutls_handshake.h
+++ b/lib/gnutls_handshake.h
@@ -18,13 +18,15 @@
  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
  */
 
+typedef enum Optional { OPTIONAL_PACKET, MANDATORY_PACKET } Optional;
+
 int _gnutls_send_handshake(int cd, GNUTLS_STATE state, void* i_data, uint32 i_datasize, HandshakeType type);
 int gnutls_send_hello_request(int cd, GNUTLS_STATE state);
 int _gnutls_recv_hello_request(int cd, GNUTLS_STATE state, void* data, uint32 data_size);
 int _gnutls_send_hello(int cd, GNUTLS_STATE state);
 int _gnutls_recv_hello(int cd, GNUTLS_STATE state, char* data, int datalen);
 int gnutls_handshake(int cd, GNUTLS_STATE state);
-int _gnutls_recv_handshake( int cd, GNUTLS_STATE state, uint8**, int*, HandshakeType);
+int _gnutls_recv_handshake( int cd, GNUTLS_STATE state, uint8**, int*, HandshakeType, Optional optional);
 int _gnutls_generate_session_id( char* session_id, uint8* len);
 int gnutls_handshake_begin(int cd, GNUTLS_STATE state);
 int gnutls_handshake_finish(int cd, GNUTLS_STATE state);
@@ -32,3 +34,4 @@ void _gnutls_set_server_random( GNUTLS_STATE state, uint8* random);
 void _gnutls_set_client_random( GNUTLS_STATE state, uint8* random);
 int _gnutls_create_random( opaque* dst);
 int _gnutls_remove_unwanted_ciphersuites( GNUTLS_STATE state, GNUTLS_CipherSuite ** cipherSuites, int numCipherSuites);
+
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 5497cde7da..25defee769 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -59,12 +59,10 @@
 
 /* the maximum size of encrypted packets */
 #define MAX_ENC_LEN 16384
-#define HEADER_SIZE 5
-#define MAX_RECV_SIZE 18432+HEADER_SIZE 	/* 2^14+2048+HEADER_SIZE */
+#define RECORD_HEADER_SIZE 5
+#define MAX_RECV_SIZE 18432+RECORD_HEADER_SIZE 	/* 2^14+2048+RECORD_HEADER_SIZE */
 
-#ifdef USE_DMALLOC
-# include <dmalloc.h>
-#endif
+#define HANDSHAKE_HEADER_SIZE 4
 
 #ifdef USE_GCRYPT
 # include <gnutls_gcry.h>
@@ -190,8 +188,6 @@ typedef struct GNUTLS_KEY_INT* GNUTLS_KEY;
 #include <gnutls_hash_int.h>
 #include <gnutls_cipher_int.h>
 
-//#include <gnutls_auth.h>
-
 typedef struct {
 	uint8 CipherSuite[2];
 } GNUTLS_CipherSuite;
@@ -289,6 +285,15 @@ typedef struct {
 #define Protocol_Priority GNUTLS_Priority
 
 typedef struct {
+	opaque				header[HANDSHAKE_HEADER_SIZE];
+	/* this holds the number of bytes in the handshake_header[] */
+	int				header_size;
+	/* this holds the length of the handshake packet */
+	int				packet_length;
+	HandshakeType			recv_type;
+} HANDSHAKE_HEADER_BUFFER;
+
+typedef struct {
 	gnutls_datum			buffer;
 	gnutls_datum			hash_buffer; /* used to keep all handshake messages */
 	gnutls_datum			buffer_handshake; /* this is a buffer that holds the current handshake message */
@@ -318,6 +323,9 @@ typedef struct {
 #ifdef HAVE_LIBGDBM
 	GDBM_FILE			db_reader;
 #endif
+	/* keeps the headers of the handshake packet 
+	 */
+	HANDSHAKE_HEADER_BUFFER		handshake_header_buffer;
 } GNUTLS_INTERNALS;
 
 struct GNUTLS_STATE_INT {
diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c
index 1963ed9786..21d6e5a5c7 100644
--- a/lib/gnutls_kx.c
+++ b/lib/gnutls_kx.c
@@ -263,7 +263,7 @@ int _gnutls_recv_server_kx_message(SOCKET cd, GNUTLS_STATE state)
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 				   &datasize,
-				   GNUTLS_SERVER_KEY_EXCHANGE);
+				   GNUTLS_SERVER_KEY_EXCHANGE, MANDATORY_PACKET);
 		if (ret < 0)
 			return ret;
 
@@ -292,7 +292,7 @@ int _gnutls_recv_server_certificate_request(SOCKET cd, GNUTLS_STATE state)
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 				   &datasize,
-				   GNUTLS_CERTIFICATE_REQUEST);
+				   GNUTLS_CERTIFICATE_REQUEST, OPTIONAL_PACKET);
 		if (ret <= 0)
 			return ret;
 
@@ -322,7 +322,7 @@ int _gnutls_recv_server_kx_message2(SOCKET cd, GNUTLS_STATE state)
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 				   &datasize,
-				   GNUTLS_SERVER_KEY_EXCHANGE);
+				   GNUTLS_SERVER_KEY_EXCHANGE, MANDATORY_PACKET);
 		if (ret < 0)
 			return ret;
 
@@ -353,7 +353,7 @@ int _gnutls_recv_client_kx_message(SOCKET cd, GNUTLS_STATE state)
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 					   &datasize,
-					   GNUTLS_CLIENT_KEY_EXCHANGE);
+					   GNUTLS_CLIENT_KEY_EXCHANGE, MANDATORY_PACKET);
 		if (ret < 0)
 			return ret;
 
@@ -384,7 +384,7 @@ int _gnutls_recv_client_kx_message0(SOCKET cd, GNUTLS_STATE state)
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 					   &datasize,
-					   GNUTLS_CLIENT_KEY_EXCHANGE);
+					   GNUTLS_CLIENT_KEY_EXCHANGE, MANDATORY_PACKET);
 		if (ret < 0)
 			return ret;
 
@@ -442,7 +442,7 @@ int _gnutls_recv_certificate(SOCKET cd, GNUTLS_STATE state)
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 					   &datasize,
-					   GNUTLS_CERTIFICATE);
+					   GNUTLS_CERTIFICATE, MANDATORY_PACKET);
 		if (ret < 0) {
 			gnutls_assert();
 			return ret;
diff --git a/lib/gnutls_mem.c b/lib/gnutls_mem.c
index 2f50d087fe..07c8e09c74 100644
--- a/lib/gnutls_mem.c
+++ b/lib/gnutls_mem.c
@@ -22,8 +22,16 @@
 #include <gnutls_errors.h>
 #include <gnutls_num.h>
 
+#ifdef USE_DMALLOC
+
+int _gnutls_is_secure_memory(const void* ign) {
+	return 0;
+}
+
+#else
+
 /* #define MALLOC_DEBUG */
-#define EXTRA_SIZE sizeof(size_t)+1
+# define EXTRA_SIZE sizeof(size_t)+1
 
 int _gnutls_is_secure_memory(const svoid* mem) {
         return *((opaque*)mem-1);
@@ -147,3 +155,4 @@ char* ret;
 	
 	return ret;
 }
+#endif /* USE_DMALLOC */
diff --git a/lib/gnutls_mem.h b/lib/gnutls_mem.h
index aad0e0aac8..a352defad0 100644
--- a/lib/gnutls_mem.h
+++ b/lib/gnutls_mem.h
@@ -1,5 +1,23 @@
+#ifdef USE_DMALLOC
+# include <dmalloc.h>
+#endif
+
 typedef void svoid; /* for functions that allocate using secure_free */
 
+#ifdef USE_DMALLOC
+# define gnutls_malloc malloc
+# define gnutls_realloc realloc
+# define gnutls_free free
+# define gnutls_calloc calloc
+# define secure_malloc malloc
+# define secure_realloc realloc
+# define secure_free free
+# define secure_calloc calloc
+# define gnutls_strdup strdup
+int _gnutls_is_secure_memory(const void*);
+
+#else
+
 svoid* secure_malloc( size_t size);
 svoid* secure_calloc( size_t nmemb, size_t size);
 size_t _secure_ptr_size( svoid* ptr);
@@ -13,3 +31,5 @@ size_t _gnutls_malloc_ptr_size( void* ptr);
 void* gnutls_realloc( void* ptr, size_t size);
 void gnutls_free( void* ptr);
 char* gnutls_strdup( const char* s);
+
+#endif
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 8e14630c69..7b68602e91 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -449,7 +449,7 @@ ssize_t gnutls_send_int(SOCKET cd, GNUTLS_STATE state, ContentType type, Handsha
 		WRITEuint16( cipher_size, &headers[3]);
 		
 #warning "CHECK if the double write breaks other implementations"
-		if (_gnutls_Write(cd, headers, HEADER_SIZE, flags) != HEADER_SIZE) {
+		if (_gnutls_Write(cd, headers, RECORD_HEADER_SIZE, flags) != RECORD_HEADER_SIZE) {
 			state->gnutls_internals.valid_connection = VALID_FALSE;
 			state->gnutls_internals.resumable = RESUME_FALSE;
 			gnutls_assert();
@@ -485,9 +485,9 @@ ssize_t gnutls_send_int(SOCKET cd, GNUTLS_STATE state, ContentType type, Handsha
 
 		WRITEuint16( cipher_size, &headers[3]);
 
-		memcpy( cipher, headers, HEADER_SIZE);
+		memcpy( cipher, headers, RECORD_HEADER_SIZE);
 
-		cipher_size += HEADER_SIZE;
+		cipher_size += RECORD_HEADER_SIZE;
 		if (_gnutls_Write(cd, cipher, cipher_size, flags) != cipher_size) {
 			state->gnutls_internals.valid_connection = VALID_FALSE;
 			state->gnutls_internals.resumable = RESUME_FALSE;
@@ -551,12 +551,12 @@ ssize_t gnutls_recv_int(SOCKET cd, GNUTLS_STATE state, ContentType type, Handsha
 	uint8 *tmpdata;
 	int tmplen;
 	GNUTLS_Version version;
-	uint8 headers[HEADER_SIZE];
+	uint8 headers[RECORD_HEADER_SIZE];
 	ContentType recv_type;
 	uint16 length;
 	uint8 *ciphertext;
 	int ret = 0;
-	int header_size = HEADER_SIZE;
+	int header_size = RECORD_HEADER_SIZE;
 	/* If we have enough data in the cache do not bother receiving
 	 * a new packet. (in order to flush the cache)
 	 */
@@ -579,7 +579,7 @@ ssize_t gnutls_recv_int(SOCKET cd, GNUTLS_STATE state, ContentType type, Handsha
 	/* in order for GNUTLS_E_AGAIN to be returned the socket
 	 * must be set to non blocking mode
 	 */
-	if ( (ret = _gnutls_Read(cd, headers, HEADER_SIZE, MSG_PEEK|flags)) != HEADER_SIZE) {
+	if ( (ret = _gnutls_Read(cd, headers, RECORD_HEADER_SIZE, MSG_PEEK|flags)) != RECORD_HEADER_SIZE) {
 		if (ret==(0-EAGAIN)) return GNUTLS_E_AGAIN;
 
 		state->gnutls_internals.valid_connection = VALID_FALSE;
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2001-08-06 08:30:25 +0000
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2001-08-06 08:30:25 +0000
commit	a312f0d008595c86b793f810e7d283f1108dcca8 (patch)
tree	9823109e27beac4c2ab2c4ef0b611c1dd6bad0e9
parent	8fa8ed88631f45c133308f6db731520830713fb9 (diff)
download	gnutls-a312f0d008595c86b793f810e7d283f1108dcca8.tar.gz