Rework setting next compression method

Only update compression method if all internal check succeed and next
epoch will use this it. Also while we are at at, actually check for
_gnutls_set_compression() return value.

Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>

4 files changed, 34 insertions, 34 deletions

diff --git a/lib/constate.c b/lib/constate.c
index 41071eaa69..6d971c208e 100644
--- a/lib/constate.c
+++ b/lib/constate.c
@@ -282,14 +282,13 @@ _gnutls_set_cipher_suite(gnutls_session_t session,
 }
 
 int
-_gnutls_epoch_set_compression(gnutls_session_t session,
-			      int epoch_rel,
-			      gnutls_compression_method_t comp_algo)
+_gnutls_set_compression(gnutls_session_t session,
+			gnutls_compression_method_t comp_algo)
 {
 	record_parameters_st *params;
 	int ret;
 
-	ret = _gnutls_epoch_get(session, epoch_rel, &params);
+	ret = _gnutls_epoch_get(session, EPOCH_NEXT, &params);
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
@@ -302,6 +301,7 @@ _gnutls_epoch_set_compression(gnutls_session_t session,
 		    gnutls_assert_val
 		    (GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM);
 
+	session->security_parameters.compression_method = comp_algo;
 	params->compression_algorithm = comp_algo;
 
 	return 0;
diff --git a/lib/constate.h b/lib/constate.h
index 9f0128b7e1..d256332185 100644
--- a/lib/constate.h
+++ b/lib/constate.h
@@ -25,8 +25,8 @@
 
 int _gnutls_set_cipher_suite(gnutls_session_t session,
 			     const uint8_t suite[2]);
-int _gnutls_epoch_set_compression(gnutls_session_t session, int epoch_rel,
-				  gnutls_compression_method_t comp_algo);
+int _gnutls_set_compression(gnutls_session_t session,
+			    gnutls_compression_method_t comp_algo);
 int _gnutls_epoch_get_compression(gnutls_session_t session, int epoch_rel);
 void _gnutls_epoch_set_null_algos(gnutls_session_t session,
 				  record_parameters_st * params);
diff --git a/lib/handshake.c b/lib/handshake.c
index eefd816af4..548881bfaa 100644
--- a/lib/handshake.c
+++ b/lib/handshake.c
@@ -135,10 +135,6 @@ static int resume_copy_required_values(gnutls_session_t session)
 	 * That is because the client must see these in our
 	 * hello message.
 	 */
-	session->security_parameters.compression_method =
-	    session->internals.resumed_security_parameters.
-	    compression_method;
-
 	ret = _gnutls_set_cipher_suite(session,
 				       session->internals.
 				       resumed_security_parameters.
@@ -146,10 +142,10 @@ static int resume_copy_required_values(gnutls_session_t session)
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
-	ret = _gnutls_epoch_set_compression(session, EPOCH_NEXT,
-					    session->internals.
-					    resumed_security_parameters.
-					    compression_method);
+	ret = _gnutls_set_compression(session,
+				      session->internals.
+				      resumed_security_parameters.
+				      compression_method);
 	if (ret < 0)
 		return gnutls_assert_val(ret);
 
@@ -1058,6 +1054,7 @@ server_select_comp_method(gnutls_session_t session,
 {
 	int x, i, j;
 	uint8_t comps[MAX_ALGOS];
+	int ret;
 
 	x = _gnutls_supported_compression_methods(session, comps,
 						  MAX_ALGOS);
@@ -1075,10 +1072,10 @@ server_select_comp_method(gnutls_session_t session,
 					    _gnutls_compression_get_id
 					    (comps[i]);
 
-					_gnutls_epoch_set_compression
-					    (session, EPOCH_NEXT, method);
-					session->security_parameters.
-					    compression_method = method;
+					ret = _gnutls_set_compression
+					    (session, method);
+					if (ret < 0)
+						return gnutls_assert_val(ret);
 
 					_gnutls_handshake_log
 					    ("HSK[%p]: Selected Compression Method: %s\n",
@@ -1098,10 +1095,10 @@ server_select_comp_method(gnutls_session_t session,
 					    _gnutls_compression_get_id
 					    (comps[i]);
 
-					_gnutls_epoch_set_compression
-					    (session, EPOCH_NEXT, method);
-					session->security_parameters.
-					    compression_method = method;
+					ret = _gnutls_set_compression
+					    (session, method);
+					if (ret < 0)
+						return gnutls_assert_val(ret);
 
 					_gnutls_handshake_log
 					    ("HSK[%p]: Selected Compression Method: %s\n",
@@ -1609,6 +1606,7 @@ set_client_comp_method(gnutls_session_t session,
 	uint8_t compression_methods[MAX_ALGOS];
 	int id = _gnutls_compression_get_id(comp_method);
 	int i;
+	int ret;
 
 	_gnutls_handshake_log
 	    ("HSK[%p]: Selected compression method: %s (%d)\n", session,
@@ -1634,8 +1632,9 @@ set_client_comp_method(gnutls_session_t session,
 		return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
 	}
 
-	session->security_parameters.compression_method = id;
-	_gnutls_epoch_set_compression(session, EPOCH_NEXT, id);
+	ret = _gnutls_set_compression(session, id);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
 
 	return 0;
 }
@@ -1675,9 +1674,6 @@ client_check_if_resuming(gnutls_session_t session,
 		       session->security_parameters.client_random,
 		       GNUTLS_RANDOM_SIZE);
 
-		session->security_parameters.compression_method =
-			session->internals.resumed_security_parameters.compression_method;
-
 		ret = _gnutls_set_cipher_suite
 		    (session,
 		     session->internals.resumed_security_parameters.
@@ -1686,10 +1682,14 @@ client_check_if_resuming(gnutls_session_t session,
 			gnutls_assert();
 			goto no_resume;
 		}
-		_gnutls_epoch_set_compression(session, EPOCH_NEXT,
-					      session->internals.
-					      resumed_security_parameters.
-					      compression_method);
+		ret = _gnutls_set_compression(session,
+					session->internals.
+					resumed_security_parameters.
+					compression_method);
+		if (ret < 0) {
+			gnutls_assert();
+			goto no_resume;
+		}
 
 		session->internals.resumed = RESUME_TRUE;	/* we are resuming */
 
diff --git a/lib/sslv2_compat.c b/lib/sslv2_compat.c
index f85fb8c163..8a875f503b 100644
--- a/lib/sslv2_compat.c
+++ b/lib/sslv2_compat.c
@@ -249,9 +249,9 @@ _gnutls_read_client_hello_v2(gnutls_session_t session, uint8_t * data,
 		session->internals.resumed = RESUME_FALSE;
 	}
 
-	_gnutls_epoch_set_compression(session, EPOCH_NEXT,
-				      GNUTLS_COMP_NULL);
-	session->security_parameters.compression_method = GNUTLS_COMP_NULL;
+	ret = _gnutls_set_compression(session, GNUTLS_COMP_NULL);
+	if (ret < 0)
+		return gnutls_assert_val(ret);
 
 	return sret;
 }