diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-04-02 14:32:21 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-04-02 14:33:18 +0200 |
commit | 013c4d5de0c48524e72bf0de7536dd6dbc73387b (patch) | |
tree | c5857761cceb305d079925a102b58f5ff32ae6f7 | |
parent | ecd5e6d9f5b8b5032b2d0cc39b471853437fbdd9 (diff) | |
download | gnutls-013c4d5de0c48524e72bf0de7536dd6dbc73387b.tar.gz |
backported fixes for gnutls_record_cork() and DTLS.
-rw-r--r-- | NEWS | 3 | ||||
-rw-r--r-- | lib/gnutls_record.c | 15 |
2 files changed, 18 insertions, 0 deletions
@@ -8,6 +8,9 @@ See the end for copying conditions. only available in TLS 1.0 as SSL 3.0 doesn't specify parameters for these algorithms. +** libgnutls: gnutls_record_send is now safe to be called under DTLS when +in corked mode. + ** libgnutls: Changed the behaviour in wildcard acceptance in certificates. Wildcards are only accepted when there are more than two domain components after the wildcard. This drops support for the permissive RFC2818 wildcards diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index 0dc97b4ec9..5c1aeaea0e 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -1377,6 +1377,10 @@ _gnutls_recv_int (gnutls_session_t session, content_type_t type, * size. cf. gnutls_record_get_direction(). The errno value EMSGSIZE * maps to %GNUTLS_E_LARGE_PACKET. * + * Note that since 3.1.23 and 3.2.13 when sending under cork in DTLS mode, this + * function will refuse to send data over the MTU size by returning + * %GNUTLS_E_LARGE_PACKET. + * * Returns: The number of bytes sent, or a negative error code. The * number of bytes sent might be less than @data_size. The maximum * number of bytes this function can send in a single call depends @@ -1396,6 +1400,15 @@ gnutls_record_send (gnutls_session_t session, const void *data, { int ret; + if (IS_DTLS(session)) + { + if (data_size + session->internals.record_presend_buffer.length > + gnutls_dtls_get_data_mtu(session)) + { + return gnutls_assert_val(GNUTLS_E_LARGE_PACKET); + } + } + ret = _gnutls_buffer_append_data(&session->internals.record_presend_buffer, data, data_size); if (ret < 0) return gnutls_assert_val(ret); @@ -1412,6 +1425,8 @@ gnutls_record_send (gnutls_session_t session, const void *data, * All queued records will be sent when gnutls_uncork() is called, or * when the maximum record size is reached. * + * This function is safe to use with DTLS after GnuTLS 3.1.23 and 3.2.13. + * * Since: 3.1.9 **/ void |