diff options
| author | Simon Josefsson <simon@josefsson.org> | 2008-08-13 13:33:22 +0200 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2008-08-13 13:33:22 +0200 |
| commit | 5524c9a9c0beafe24a2ca310dc54afb1fec37d2c (patch) | |
| tree | d86e90bc7ac13d337bea7eb6670f573d6501f6af | |
| parent | 54d293438f3e98f01bdd52588a8a6ce360bfc75c (diff) | |
| download | gnutls-5524c9a9c0beafe24a2ca310dc54afb1fec37d2c.tar.gz | |
Fix namespace problem with TLS_MASTER_SIZE and TLS_RANDOM_SIZE.
| -rw-r--r-- | includes/gnutls/compat.h | 4 | ||||
| -rw-r--r-- | includes/gnutls/gnutls.h.in | 4 | ||||
| -rw-r--r-- | lib/auth_rsa.c | 6 | ||||
| -rw-r--r-- | lib/gnutls_constate.c | 46 | ||||
| -rw-r--r-- | lib/gnutls_handshake.c | 48 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 10 | ||||
| -rw-r--r-- | lib/gnutls_kx.c | 42 | ||||
| -rw-r--r-- | lib/gnutls_session_pack.c | 24 | ||||
| -rw-r--r-- | lib/gnutls_sig.c | 24 | ||||
| -rw-r--r-- | lib/gnutls_state.c | 14 | ||||
| -rw-r--r-- | lib/gnutls_v2_compat.c | 12 | ||||
| -rw-r--r-- | libextra/gnutls_ia.c | 20 |
12 files changed, 128 insertions, 126 deletions
diff --git a/includes/gnutls/compat.h b/includes/gnutls/compat.h index baf45a42a9..c1abbf9175 100644 --- a/includes/gnutls/compat.h +++ b/includes/gnutls/compat.h @@ -102,4 +102,8 @@ #define GNUTLS_X509_CRT_ONELINE GNUTLS_CRT_PRINT_ONELINE #define GNUTLS_X509_CRT_UNSIGNED_FULL GNUTLS_CRT_PRINT_UNSIGNED_FULL +/* These old #define's violate the gnutls_* namespace. */ +#define TLS_MASTER_SIZE GNUTLS_MASTER_SIZE +#define TLS_RANDOM_SIZE GNUTLS_RANDOM_SIZE + #endif /* GCOMPAT_H */ diff --git a/includes/gnutls/gnutls.h.in b/includes/gnutls/gnutls.h.in index 81e363d241..8078fdb337 100644 --- a/includes/gnutls/gnutls.h.in +++ b/includes/gnutls/gnutls.h.in @@ -602,8 +602,8 @@ extern "C" /* returns security values. * Do not use them unless you know what you're doing. */ -#define TLS_MASTER_SIZE 48 -#define TLS_RANDOM_SIZE 32 +#define GNUTLS_MASTER_SIZE 48 +#define GNUTLS_RANDOM_SIZE 32 const void *gnutls_session_get_server_random (gnutls_session_t session); const void *gnutls_session_get_client_random (gnutls_session_t session); const void *gnutls_session_get_master_secret (gnutls_session_t session); diff --git a/lib/auth_rsa.c b/lib/auth_rsa.c index 7113b04650..6e95ce17ce 100644 --- a/lib/auth_rsa.c +++ b/lib/auth_rsa.c @@ -249,7 +249,7 @@ _gnutls_proc_rsa_client_kx (gnutls_session_t session, opaque * data, ret = _gnutls_pkcs1_rsa_decrypt (&plaintext, &ciphertext, params, params_len, 2); /* btype==2 */ - if (ret < 0 || plaintext.size != TLS_MASTER_SIZE) + if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE) { /* In case decryption fails then don't inform * the peer. Just use a random key. (in order to avoid @@ -281,7 +281,7 @@ _gnutls_proc_rsa_client_kx (gnutls_session_t session, opaque * data, if (randomize_key != 0) { - session->key->key.size = TLS_MASTER_SIZE; + session->key->key.size = GNUTLS_MASTER_SIZE; session->key->key.data = gnutls_malloc (session->key->key.size); if (session->key->key.data == NULL) { @@ -338,7 +338,7 @@ _gnutls_gen_rsa_client_kx (gnutls_session_t session, opaque ** data) return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } - session->key->key.size = TLS_MASTER_SIZE; + session->key->key.size = GNUTLS_MASTER_SIZE; session->key->key.data = gnutls_secure_malloc (session->key->key.size); if (session->key->key.data == NULL) diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c index e5d894c3a0..ae21196a7d 100644 --- a/lib/gnutls_constate.c +++ b/lib/gnutls_constate.c @@ -62,8 +62,8 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, /* FIXME: This function is too long */ opaque *key_block; - opaque rnd[2 * TLS_RANDOM_SIZE]; - opaque rrnd[2 * TLS_RANDOM_SIZE]; + opaque rnd[2 * GNUTLS_RANDOM_SIZE]; + opaque rrnd[2 * GNUTLS_RANDOM_SIZE]; int pos, ret; int block_size; char buf[65]; @@ -88,27 +88,27 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, return GNUTLS_E_MEMORY_ERROR; } - memcpy (rnd, session->security_parameters.server_random, TLS_RANDOM_SIZE); - memcpy (&rnd[TLS_RANDOM_SIZE], - session->security_parameters.client_random, TLS_RANDOM_SIZE); + memcpy (rnd, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); + memcpy (&rnd[GNUTLS_RANDOM_SIZE], + session->security_parameters.client_random, GNUTLS_RANDOM_SIZE); - memcpy (rrnd, session->security_parameters.client_random, TLS_RANDOM_SIZE); - memcpy (&rrnd[TLS_RANDOM_SIZE], - session->security_parameters.server_random, TLS_RANDOM_SIZE); + memcpy (rrnd, session->security_parameters.client_random, GNUTLS_RANDOM_SIZE); + memcpy (&rrnd[GNUTLS_RANDOM_SIZE], + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); if (session->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */ ret = _gnutls_ssl3_generate_random - (session->security_parameters.master_secret, TLS_MASTER_SIZE, rnd, - 2 * TLS_RANDOM_SIZE, block_size, key_block); + (session->security_parameters.master_secret, GNUTLS_MASTER_SIZE, rnd, + 2 * GNUTLS_RANDOM_SIZE, block_size, key_block); } else { /* TLS 1.0 */ ret = _gnutls_PRF (session, session->security_parameters.master_secret, - TLS_MASTER_SIZE, keyexp, keyexp_length, - rnd, 2 * TLS_RANDOM_SIZE, block_size, key_block); + GNUTLS_MASTER_SIZE, keyexp, keyexp_length, + rnd, 2 * GNUTLS_RANDOM_SIZE, block_size, key_block); } if (ret < 0) @@ -191,7 +191,7 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, ret = _gnutls_ssl3_hash_md5 (&key_block[pos], key_size, rrnd, - 2 * TLS_RANDOM_SIZE, + 2 * GNUTLS_RANDOM_SIZE, EXPORT_FINAL_KEY_SIZE, client_write_key); @@ -202,7 +202,7 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, _gnutls_PRF (session, &key_block[pos], key_size, cliwrite, cliwrite_length, rrnd, - 2 * TLS_RANDOM_SIZE, + 2 * GNUTLS_RANDOM_SIZE, EXPORT_FINAL_KEY_SIZE, client_write_key); } @@ -222,7 +222,7 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, { /* SSL 3 */ ret = _gnutls_ssl3_hash_md5 (&key_block[pos], key_size, - rnd, 2 * TLS_RANDOM_SIZE, + rnd, 2 * GNUTLS_RANDOM_SIZE, EXPORT_FINAL_KEY_SIZE, server_write_key); } @@ -231,7 +231,7 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, ret = _gnutls_PRF (session, &key_block[pos], key_size, servwrite, servwrite_length, - rrnd, 2 * TLS_RANDOM_SIZE, + rrnd, 2 * GNUTLS_RANDOM_SIZE, EXPORT_FINAL_KEY_SIZE, server_write_key); } @@ -323,7 +323,7 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, if (session->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */ ret = _gnutls_ssl3_hash_md5 ("", 0, - rrnd, TLS_RANDOM_SIZE * 2, + rrnd, GNUTLS_RANDOM_SIZE * 2, IV_size, iv_block); if (ret < 0) @@ -335,7 +335,7 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, } ret = _gnutls_ssl3_hash_md5 ("", 0, rnd, - TLS_RANDOM_SIZE * 2, + GNUTLS_RANDOM_SIZE * 2, IV_size, &iv_block[IV_size]); } @@ -343,7 +343,7 @@ _gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size, { /* TLS 1.0 */ ret = _gnutls_PRF (session, "", 0, ivblock, ivblock_length, rrnd, - 2 * TLS_RANDOM_SIZE, IV_size * 2, iv_block); + 2 * GNUTLS_RANDOM_SIZE, IV_size * 2, iv_block); } if (ret < 0) @@ -426,9 +426,9 @@ _gnutls_set_write_keys (gnutls_session_t session) #define CPY_COMMON dst->entity = src->entity; \ dst->kx_algorithm = src->kx_algorithm; \ memcpy( &dst->current_cipher_suite, &src->current_cipher_suite, sizeof(cipher_suite_st)); \ - memcpy( dst->master_secret, src->master_secret, TLS_MASTER_SIZE); \ - memcpy( dst->client_random, src->client_random, TLS_RANDOM_SIZE); \ - memcpy( dst->server_random, src->server_random, TLS_RANDOM_SIZE); \ + memcpy( dst->master_secret, src->master_secret, GNUTLS_MASTER_SIZE); \ + memcpy( dst->client_random, src->client_random, GNUTLS_RANDOM_SIZE); \ + memcpy( dst->server_random, src->server_random, GNUTLS_RANDOM_SIZE); \ memcpy( dst->session_id, src->session_id, TLS_MAX_SESSION_ID_SIZE); \ dst->session_id_size = src->session_id_size; \ dst->cert_type = src->cert_type; \ @@ -437,7 +437,7 @@ _gnutls_set_write_keys (gnutls_session_t session) dst->max_record_send_size = src->max_record_send_size; \ dst->version = src->version; \ memcpy( &dst->extensions, &src->extensions, sizeof(tls_ext_st)); \ - memcpy( &dst->inner_secret, &src->inner_secret, TLS_MASTER_SIZE); + memcpy( &dst->inner_secret, &src->inner_secret, GNUTLS_MASTER_SIZE); static void _gnutls_cpy_read_security_parameters (security_parameters_st * diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 06a326d398..1540cca2d5 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -86,9 +86,9 @@ resume_copy_required_values (gnutls_session_t session) { /* get the new random values */ memcpy (session->internals.resumed_security_parameters.server_random, - session->security_parameters.server_random, TLS_RANDOM_SIZE); + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); memcpy (session->internals.resumed_security_parameters.client_random, - session->security_parameters.client_random, TLS_RANDOM_SIZE); + session->security_parameters.client_random, GNUTLS_RANDOM_SIZE); /* keep the ciphersuite and compression * That is because the client must see these in our @@ -124,13 +124,13 @@ resume_copy_required_values (gnutls_session_t session) void _gnutls_set_server_random (gnutls_session_t session, uint8_t * rnd) { - memcpy (session->security_parameters.server_random, rnd, TLS_RANDOM_SIZE); + memcpy (session->security_parameters.server_random, rnd, GNUTLS_RANDOM_SIZE); } void _gnutls_set_client_random (gnutls_session_t session, uint8_t * rnd) { - memcpy (session->security_parameters.client_random, rnd, TLS_RANDOM_SIZE); + memcpy (session->security_parameters.client_random, rnd, GNUTLS_RANDOM_SIZE); } /* Calculate The SSL3 Finished message @@ -179,11 +179,11 @@ _gnutls_ssl3_finished (gnutls_session_t session, int type, opaque * ret) _gnutls_mac_deinit_ssl3_handshake (&td_md5, ret, session-> security_parameters.master_secret, - TLS_MASTER_SIZE); + GNUTLS_MASTER_SIZE); _gnutls_mac_deinit_ssl3_handshake (&td_sha, &ret[16], session-> security_parameters.master_secret, - TLS_MASTER_SIZE); + GNUTLS_MASTER_SIZE); return 0; } @@ -248,10 +248,10 @@ _gnutls_finished (gnutls_session_t session, int type, void *ret) } return _gnutls_PRF (session, session->security_parameters.master_secret, - TLS_MASTER_SIZE, mesg, siz, concat, len, 12, ret); + GNUTLS_MASTER_SIZE, mesg, siz, concat, len, 12, ret); } -/* this function will produce TLS_RANDOM_SIZE==32 bytes of random data +/* this function will produce GNUTLS_RANDOM_SIZE==32 bytes of random data * and put it to dst. */ int @@ -269,7 +269,7 @@ _gnutls_tls_create_random (opaque * dst) /* generate server random value */ _gnutls_write_uint32 (tim, dst); - ret = _gnutls_rnd (GNUTLS_RND_NONCE, &dst[4], TLS_RANDOM_SIZE - 4); + ret = _gnutls_rnd (GNUTLS_RND_NONCE, &dst[4], GNUTLS_RANDOM_SIZE - 4); if (ret < 0) { gnutls_assert (); @@ -354,7 +354,7 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, gnutls_protocol_t adv_version; int neg_version; int len = datalen; - opaque rnd[TLS_RANDOM_SIZE], *suite_ptr, *comp_ptr; + opaque rnd[GNUTLS_RANDOM_SIZE], *suite_ptr, *comp_ptr; if (session->internals.v2_hello != 0) { /* version 2.0 */ @@ -378,9 +378,9 @@ _gnutls_read_client_hello (gnutls_session_t session, opaque * data, /* Read client random value. */ - DECR_LEN (len, TLS_RANDOM_SIZE); + DECR_LEN (len, GNUTLS_RANDOM_SIZE); _gnutls_set_client_random (session, &data[pos]); - pos += TLS_RANDOM_SIZE; + pos += GNUTLS_RANDOM_SIZE; _gnutls_tls_create_random (rnd); _gnutls_set_server_random (session, rnd); @@ -1451,9 +1451,9 @@ _gnutls_client_check_if_resuming (gnutls_session_t session, { /* resume session */ memcpy (session->internals.resumed_security_parameters.server_random, - session->security_parameters.server_random, TLS_RANDOM_SIZE); + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); memcpy (session->internals.resumed_security_parameters.client_random, - session->security_parameters.client_random, TLS_RANDOM_SIZE); + session->security_parameters.client_random, GNUTLS_RANDOM_SIZE); session->internals.resumed = RESUME_TRUE; /* we are resuming */ return 0; @@ -1508,9 +1508,9 @@ _gnutls_read_server_hello (gnutls_session_t session, pos += 2; - DECR_LEN (len, TLS_RANDOM_SIZE); + DECR_LEN (len, GNUTLS_RANDOM_SIZE); _gnutls_set_server_random (session, &data[pos]); - pos += TLS_RANDOM_SIZE; + pos += GNUTLS_RANDOM_SIZE; /* Read session ID @@ -1702,7 +1702,7 @@ _gnutls_send_client_hello (gnutls_session_t session, int again) int extdatalen; int pos = 0; int datalen = 0, ret = 0; - opaque rnd[TLS_RANDOM_SIZE]; + opaque rnd[GNUTLS_RANDOM_SIZE]; gnutls_protocol_t hver; opaque extdata[MAX_EXT_DATA_LENGTH]; @@ -1719,8 +1719,8 @@ _gnutls_send_client_hello (gnutls_session_t session, int again) if (again == 0) { - datalen = 2 + (session_id_len + 1) + TLS_RANDOM_SIZE; - /* 2 for version, (4 for unix time + 28 for random bytes==TLS_RANDOM_SIZE) + datalen = 2 + (session_id_len + 1) + GNUTLS_RANDOM_SIZE; + /* 2 for version, (4 for unix time + 28 for random bytes==GNUTLS_RANDOM_SIZE) */ data = gnutls_malloc (datalen); @@ -1774,8 +1774,8 @@ _gnutls_send_client_hello (gnutls_session_t session, int again) _gnutls_tls_create_random (rnd); _gnutls_set_client_random (session, rnd); - memcpy (&data[pos], rnd, TLS_RANDOM_SIZE); - pos += TLS_RANDOM_SIZE; + memcpy (&data[pos], rnd, GNUTLS_RANDOM_SIZE); + pos += GNUTLS_RANDOM_SIZE; /* Copy the Session ID */ @@ -1929,7 +1929,7 @@ _gnutls_send_server_hello (gnutls_session_t session, int again) if (again == 0) { - datalen = 2 + session_id_len + 1 + TLS_RANDOM_SIZE + 3; + datalen = 2 + session_id_len + 1 + GNUTLS_RANDOM_SIZE + 3; extdatalen = _gnutls_gen_extensions (session, extdata, sizeof (extdata)); @@ -1952,8 +1952,8 @@ _gnutls_send_server_hello (gnutls_session_t session, int again) _gnutls_version_get_minor (session->security_parameters.version); memcpy (&data[pos], - session->security_parameters.server_random, TLS_RANDOM_SIZE); - pos += TLS_RANDOM_SIZE; + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); + pos += GNUTLS_RANDOM_SIZE; data[pos++] = session_id_len; if (session_id_len > 0) diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 9e6ed88d13..390b729173 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -49,9 +49,7 @@ */ #define MAX_HANDSHAKE_PACKET_SIZE 48*1024 -#define TLS_RANDOM_SIZE 32 #define TLS_MAX_SESSION_ID_SIZE 32 -#define TLS_MASTER_SIZE 48 /* The maximum digest size of hash algorithms. */ @@ -321,9 +319,9 @@ typedef struct * on resume; */ cipher_suite_st current_cipher_suite; - opaque master_secret[TLS_MASTER_SIZE]; - opaque client_random[TLS_RANDOM_SIZE]; - opaque server_random[TLS_RANDOM_SIZE]; + opaque master_secret[GNUTLS_MASTER_SIZE]; + opaque client_random[GNUTLS_RANDOM_SIZE]; + opaque server_random[GNUTLS_RANDOM_SIZE]; opaque session_id[TLS_MAX_SESSION_ID_SIZE]; uint8_t session_id_size; time_t timestamp; @@ -338,7 +336,7 @@ typedef struct gnutls_certificate_type_t cert_type; gnutls_protocol_t version; /* moved here */ /* For TLS/IA. XXX: Move to IA credential? */ - opaque inner_secret[TLS_MASTER_SIZE]; + opaque inner_secret[GNUTLS_MASTER_SIZE]; } security_parameters_st; /* This structure holds the generated keys diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c index c37d751792..088df6909c 100644 --- a/lib/gnutls_kx.c +++ b/lib/gnutls_kx.c @@ -75,17 +75,17 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) if (gnutls_protocol_get_version (session) == GNUTLS_SSL3) { - opaque rnd[2 * TLS_RANDOM_SIZE + 1]; + opaque rnd[2 * GNUTLS_RANDOM_SIZE + 1]; memcpy (rnd, session->security_parameters.client_random, - TLS_RANDOM_SIZE); - memcpy (&rnd[TLS_RANDOM_SIZE], - session->security_parameters.server_random, TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); + memcpy (&rnd[GNUTLS_RANDOM_SIZE], + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); ret = _gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, - rnd, 2 * TLS_RANDOM_SIZE, - TLS_MASTER_SIZE, + rnd, 2 * GNUTLS_RANDOM_SIZE, + GNUTLS_MASTER_SIZE, session-> security_parameters.master_secret); @@ -94,7 +94,7 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) session->security_parameters.extensions.oprfi_server_len > 0) { opaque *rnd; - size_t rndlen = 2 * TLS_RANDOM_SIZE; + size_t rndlen = 2 * GNUTLS_RANDOM_SIZE; rndlen += session->security_parameters.extensions.oprfi_client_len; rndlen += session->security_parameters.extensions.oprfi_server_len; @@ -128,45 +128,45 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) sizeof (buf))); memcpy (rnd, session->security_parameters.client_random, - TLS_RANDOM_SIZE); - memcpy (rnd + TLS_RANDOM_SIZE, + GNUTLS_RANDOM_SIZE); + memcpy (rnd + GNUTLS_RANDOM_SIZE, session->security_parameters.extensions.oprfi_client, session->security_parameters.extensions.oprfi_client_len); - memcpy (rnd + TLS_RANDOM_SIZE + + memcpy (rnd + GNUTLS_RANDOM_SIZE + session->security_parameters.extensions.oprfi_client_len, - session->security_parameters.server_random, TLS_RANDOM_SIZE); - memcpy (rnd + TLS_RANDOM_SIZE + + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); + memcpy (rnd + GNUTLS_RANDOM_SIZE + session->security_parameters.extensions.oprfi_client_len + - TLS_RANDOM_SIZE, + GNUTLS_RANDOM_SIZE, session->security_parameters.extensions.oprfi_server, session->security_parameters.extensions.oprfi_server_len); ret = _gnutls_PRF (session, PREMASTER.data, PREMASTER.size, MASTER_SECRET, strlen (MASTER_SECRET), - rnd, rndlen, TLS_MASTER_SIZE, + rnd, rndlen, GNUTLS_MASTER_SIZE, session->security_parameters.master_secret); gnutls_free (rnd); } else { - opaque rnd[2 * TLS_RANDOM_SIZE + 1]; + opaque rnd[2 * GNUTLS_RANDOM_SIZE + 1]; memcpy (rnd, session->security_parameters.client_random, - TLS_RANDOM_SIZE); - memcpy (&rnd[TLS_RANDOM_SIZE], - session->security_parameters.server_random, TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); + memcpy (&rnd[GNUTLS_RANDOM_SIZE], + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); ret = _gnutls_PRF (session, PREMASTER.data, PREMASTER.size, MASTER_SECRET, strlen (MASTER_SECRET), - rnd, 2 * TLS_RANDOM_SIZE, TLS_MASTER_SIZE, + rnd, 2 * GNUTLS_RANDOM_SIZE, GNUTLS_MASTER_SIZE, session->security_parameters.master_secret); } /* TLS/IA inner secret is derived from the master secret. */ memcpy (session->security_parameters.inner_secret, - session->security_parameters.master_secret, TLS_MASTER_SIZE); + session->security_parameters.master_secret, GNUTLS_MASTER_SIZE); if (!keep_premaster) _gnutls_free_datum (&PREMASTER); @@ -177,7 +177,7 @@ generate_normal_master (gnutls_session_t session, int keep_premaster) _gnutls_hard_log ("INT: MASTER SECRET: %s\n", _gnutls_bin2hex (session-> security_parameters.master_secret, - TLS_MASTER_SIZE, buf, sizeof (buf))); + GNUTLS_MASTER_SIZE, buf, sizeof (buf))); return ret; } diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c index 9a48f25ebe..dde2ed57b3 100644 --- a/lib/gnutls_session_pack.c +++ b/lib/gnutls_session_pack.c @@ -1019,15 +1019,15 @@ pack_security_parameters (gnutls_session_t session, packed_session->data[pos++] = session->security_parameters.version; memcpy (&packed_session->data[pos], - session->security_parameters.master_secret, TLS_MASTER_SIZE); - pos += TLS_MASTER_SIZE; + session->security_parameters.master_secret, GNUTLS_MASTER_SIZE); + pos += GNUTLS_MASTER_SIZE; memcpy (&packed_session->data[pos], - session->security_parameters.client_random, TLS_RANDOM_SIZE); - pos += TLS_RANDOM_SIZE; + session->security_parameters.client_random, GNUTLS_RANDOM_SIZE); + pos += GNUTLS_RANDOM_SIZE; memcpy (&packed_session->data[pos], - session->security_parameters.server_random, TLS_RANDOM_SIZE); - pos += TLS_RANDOM_SIZE; + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); + pos += GNUTLS_RANDOM_SIZE; packed_session->data[pos++] = session->security_parameters.session_id_size; memcpy (&packed_session->data[pos], session->security_parameters.session_id, @@ -1143,15 +1143,15 @@ unpack_security_parameters (gnutls_session_t session, packed_session->data[pos++]; memcpy (session->internals.resumed_security_parameters.master_secret, - &packed_session->data[pos], TLS_MASTER_SIZE); - pos += TLS_MASTER_SIZE; + &packed_session->data[pos], GNUTLS_MASTER_SIZE); + pos += GNUTLS_MASTER_SIZE; memcpy (session->internals.resumed_security_parameters.client_random, - &packed_session->data[pos], TLS_RANDOM_SIZE); - pos += TLS_RANDOM_SIZE; + &packed_session->data[pos], GNUTLS_RANDOM_SIZE); + pos += GNUTLS_RANDOM_SIZE; memcpy (session->internals.resumed_security_parameters.server_random, - &packed_session->data[pos], TLS_RANDOM_SIZE); - pos += TLS_RANDOM_SIZE; + &packed_session->data[pos], GNUTLS_RANDOM_SIZE); + pos += GNUTLS_RANDOM_SIZE; session->internals.resumed_security_parameters.session_id_size = packed_session->data[pos++]; diff --git a/lib/gnutls_sig.c b/lib/gnutls_sig.c index e97978fbb6..df4d586689 100644 --- a/lib/gnutls_sig.c +++ b/lib/gnutls_sig.c @@ -79,7 +79,7 @@ _gnutls_tls_sign_hdata (gnutls_session_t session, _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], session-> security_parameters.master_secret, - TLS_MASTER_SIZE); + GNUTLS_MASTER_SIZE); } else _gnutls_hash_deinit (&td_sha, &concat[16]); @@ -100,7 +100,7 @@ _gnutls_tls_sign_hdata (gnutls_session_t session, _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, session-> security_parameters.master_secret, - TLS_MASTER_SIZE); + GNUTLS_MASTER_SIZE); else _gnutls_hash_deinit (&td_md5, concat); @@ -148,9 +148,9 @@ _gnutls_tls_sign_params (gnutls_session_t session, gnutls_cert * cert, } _gnutls_hash (&td_sha, session->security_parameters.client_random, - TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); _gnutls_hash (&td_sha, session->security_parameters.server_random, - TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); _gnutls_hash (&td_sha, params->data, params->size); switch (cert->subject_pk_algorithm) @@ -168,9 +168,9 @@ _gnutls_tls_sign_params (gnutls_session_t session, gnutls_cert * cert, } _gnutls_hash (&td_md5, session->security_parameters.client_random, - TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); _gnutls_hash (&td_md5, session->security_parameters.server_random, - TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); _gnutls_hash (&td_md5, params->data, params->size); _gnutls_hash_deinit (&td_md5, concat); @@ -406,11 +406,11 @@ _gnutls_verify_sig_hdata (gnutls_session_t session, gnutls_cert * cert, _gnutls_mac_deinit_ssl3_handshake (&td_md5, concat, session-> security_parameters.master_secret, - TLS_MASTER_SIZE); + GNUTLS_MASTER_SIZE); _gnutls_mac_deinit_ssl3_handshake (&td_sha, &concat[16], session-> security_parameters.master_secret, - TLS_MASTER_SIZE); + GNUTLS_MASTER_SIZE); } else { @@ -457,9 +457,9 @@ _gnutls_verify_sig_params (gnutls_session_t session, gnutls_cert * cert, } _gnutls_hash (&td_md5, session->security_parameters.client_random, - TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); _gnutls_hash (&td_md5, session->security_parameters.server_random, - TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); _gnutls_hash (&td_md5, params->data, params->size); } @@ -473,9 +473,9 @@ _gnutls_verify_sig_params (gnutls_session_t session, gnutls_cert * cert, } _gnutls_hash (&td_sha, session->security_parameters.client_random, - TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); _gnutls_hash (&td_sha, session->security_parameters.server_random, - TLS_RANDOM_SIZE); + GNUTLS_RANDOM_SIZE); _gnutls_hash (&td_sha, params->data, params->size); if (ver < GNUTLS_TLS1_2) diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index e425d8da5a..d260d446af 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -980,7 +980,7 @@ gnutls_prf_raw (gnutls_session_t session, ret = _gnutls_PRF (session, session->security_parameters.master_secret, - TLS_MASTER_SIZE, + GNUTLS_MASTER_SIZE, label, label_size, (opaque *) seed, seed_size, outsize, out); @@ -1025,7 +1025,7 @@ gnutls_prf (gnutls_session_t session, { int ret; opaque *seed; - size_t seedsize = 2 * TLS_RANDOM_SIZE + extra_size; + size_t seedsize = 2 * GNUTLS_RANDOM_SIZE + extra_size; seed = gnutls_malloc (seedsize); if (!seed) @@ -1036,15 +1036,15 @@ gnutls_prf (gnutls_session_t session, memcpy (seed, server_random_first ? session->security_parameters.server_random : - session->security_parameters.client_random, TLS_RANDOM_SIZE); - memcpy (seed + TLS_RANDOM_SIZE, server_random_first ? + session->security_parameters.client_random, GNUTLS_RANDOM_SIZE); + memcpy (seed + GNUTLS_RANDOM_SIZE, server_random_first ? session->security_parameters.client_random : - session->security_parameters.server_random, TLS_RANDOM_SIZE); + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); - memcpy (seed + 2 * TLS_RANDOM_SIZE, extra, extra_size); + memcpy (seed + 2 * GNUTLS_RANDOM_SIZE, extra, extra_size); ret = _gnutls_PRF (session, session->security_parameters.master_secret, - TLS_MASTER_SIZE, + GNUTLS_MASTER_SIZE, label, label_size, seed, seedsize, outsize, out); gnutls_free (seed); diff --git a/lib/gnutls_v2_compat.c b/lib/gnutls_v2_compat.c index 828b8ced36..5f692e6925 100644 --- a/lib/gnutls_v2_compat.c +++ b/lib/gnutls_v2_compat.c @@ -97,7 +97,7 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, int ret = 0; uint16_t sizeOfSuites; gnutls_protocol_t adv_version; - opaque rnd[TLS_RANDOM_SIZE]; + opaque rnd[GNUTLS_RANDOM_SIZE]; int len = datalen; int err; uint16_t challenge; @@ -146,7 +146,7 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, challenge = _gnutls_read_uint16 (&data[pos]); pos += 2; - if (challenge < 16 || challenge > TLS_RANDOM_SIZE) + if (challenge < 16 || challenge > GNUTLS_RANDOM_SIZE) { gnutls_assert (); return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; @@ -212,9 +212,9 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, pos += session_id_len; DECR_LEN (len, challenge); - memset (rnd, 0, TLS_RANDOM_SIZE); + memset (rnd, 0, GNUTLS_RANDOM_SIZE); - memcpy (&rnd[TLS_RANDOM_SIZE - challenge], &data[pos], challenge); + memcpy (&rnd[GNUTLS_RANDOM_SIZE - challenge], &data[pos], challenge); _gnutls_set_client_random (session, rnd); @@ -235,9 +235,9 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, { /* resumed! */ /* get the new random values */ memcpy (session->internals.resumed_security_parameters.server_random, - session->security_parameters.server_random, TLS_RANDOM_SIZE); + session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); memcpy (session->internals.resumed_security_parameters.client_random, - session->security_parameters.client_random, TLS_RANDOM_SIZE); + session->security_parameters.client_random, GNUTLS_RANDOM_SIZE); session->internals.resumed = RESUME_TRUE; return 0; diff --git a/libextra/gnutls_ia.c b/libextra/gnutls_ia.c index dac4198585..d6a91fa162 100644 --- a/libextra/gnutls_ia.c +++ b/libextra/gnutls_ia.c @@ -167,7 +167,7 @@ _gnutls_ia_prf (gnutls_session_t session, { int ret; opaque *seed; - size_t seedsize = 2 * TLS_RANDOM_SIZE + extra_size; + size_t seedsize = 2 * GNUTLS_RANDOM_SIZE + extra_size; seed = gnutls_malloc (seedsize); if (!seed) @@ -176,13 +176,13 @@ _gnutls_ia_prf (gnutls_session_t session, return GNUTLS_E_MEMORY_ERROR; } - memcpy (seed, session->security_parameters.server_random, TLS_RANDOM_SIZE); - memcpy (seed + TLS_RANDOM_SIZE, session->security_parameters.client_random, - TLS_RANDOM_SIZE); - memcpy (seed + 2 * TLS_RANDOM_SIZE, extra, extra_size); + memcpy (seed, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); + memcpy (seed + GNUTLS_RANDOM_SIZE, session->security_parameters.client_random, + GNUTLS_RANDOM_SIZE); + memcpy (seed + 2 * GNUTLS_RANDOM_SIZE, extra, extra_size); ret = _gnutls_PRF (session, session->security_parameters.inner_secret, - TLS_MASTER_SIZE, + GNUTLS_MASTER_SIZE, label, label_size, seed, seedsize, outsize, out); gnutls_free (seed); @@ -214,7 +214,7 @@ gnutls_ia_permute_inner_secret (gnutls_session_t session, inner_permutation_label, session_keys_size, session_keys, - TLS_RANDOM_SIZE, + GNUTLS_RANDOM_SIZE, session->security_parameters.inner_secret); } @@ -257,7 +257,7 @@ gnutls_ia_generate_challenge (gnutls_session_t session, void gnutls_ia_extract_inner_secret (gnutls_session_t session, char *buffer) { - memcpy (buffer, session->security_parameters.inner_secret, TLS_MASTER_SIZE); + memcpy (buffer, session->security_parameters.inner_secret, GNUTLS_MASTER_SIZE); } /** @@ -287,7 +287,7 @@ gnutls_ia_endphase_send (gnutls_session_t session, int final_p) int ret; ret = _gnutls_PRF (session, session->security_parameters.inner_secret, - TLS_MASTER_SIZE, label, size_of_label - 1, + GNUTLS_MASTER_SIZE, label, size_of_label - 1, /* XXX specification unclear on seed. */ "", 0, CHECKSUM_SIZE, local_checksum); if (ret < 0) @@ -340,7 +340,7 @@ gnutls_ia_verify_endphase (gnutls_session_t session, const char *checksum) int ret; ret = _gnutls_PRF (session, session->security_parameters.inner_secret, - TLS_MASTER_SIZE, + GNUTLS_MASTER_SIZE, label, size_of_label - 1, "", 0, CHECKSUM_SIZE, local_checksum); if (ret < 0) |