diff options
| author | Daiki Ueno <dueno@redhat.com> | 2018-10-12 17:10:51 +0200 |
|---|---|---|
| committer | Daiki Ueno <dueno@redhat.com> | 2018-11-11 07:03:43 +0100 |
| commit | 63e8714d8b4dcb4ccb78972e0b69a52d8c3850c8 (patch) | |
| tree | eaa9353c30b59ee2d508462d343fbc8aa287474b | |
| parent | cfe71476b634e38102d214b256a4e4760085b322 (diff) | |
| download | gnutls-63e8714d8b4dcb4ccb78972e0b69a52d8c3850c8.tar.gz | |
constate: add epoch_rel argument to _gnutls_epoch_dup
This is necessary for handling early data. Previously,
_gnutls_epoch_dup() copied the parameters from EPOCH_READ_CURRENT,
while the client only sets EPOCH_WRITE_CURRENT when sending early
data. This allows caller to specify from which epoch the parameters
are copied.
Signed-off-by: Daiki Ueno <dueno@redhat.com>
| -rw-r--r-- | lib/constate.c | 4 | ||||
| -rw-r--r-- | lib/constate.h | 2 | ||||
| -rw-r--r-- | lib/handshake-tls13.c | 2 | ||||
| -rw-r--r-- | lib/tls13/key_update.c | 2 |
4 files changed, 5 insertions, 5 deletions
diff --git a/lib/constate.c b/lib/constate.c index 456316258b..d9ec5c08ef 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -551,13 +551,13 @@ _gnutls_set_cipher_suite2(gnutls_session_t session, /* Sets the next epoch to be a clone of the current one. * The keys are not cloned, only the cipher and MAC. */ -int _gnutls_epoch_dup(gnutls_session_t session) +int _gnutls_epoch_dup(gnutls_session_t session, unsigned int epoch_rel) { record_parameters_st *prev; record_parameters_st *next; int ret; - ret = _gnutls_epoch_get(session, EPOCH_READ_CURRENT, &prev); + ret = _gnutls_epoch_get(session, epoch_rel, &prev); if (ret < 0) return gnutls_assert_val(ret); diff --git a/lib/constate.h b/lib/constate.h index 125a48f8f2..f8e1480410 100644 --- a/lib/constate.h +++ b/lib/constate.h @@ -34,7 +34,7 @@ int _gnutls_write_connection_state_init(gnutls_session_t session); #define _gnutls_epoch_bump(session) \ (session)->security_parameters.epoch_next++ -int _gnutls_epoch_dup(gnutls_session_t session); +int _gnutls_epoch_dup(gnutls_session_t session, unsigned int epoch_rel); int _gnutls_epoch_get(gnutls_session_t session, unsigned int epoch_rel, record_parameters_st ** params_out); diff --git a/lib/handshake-tls13.c b/lib/handshake-tls13.c index 25ec903bb6..5a1cb0eeda 100644 --- a/lib/handshake-tls13.c +++ b/lib/handshake-tls13.c @@ -255,7 +255,7 @@ static int generate_ap_traffic_keys(gnutls_session_t session) session->security_parameters.prf->output_size); _gnutls_epoch_bump(session); - ret = _gnutls_epoch_dup(session); + ret = _gnutls_epoch_dup(session, EPOCH_READ_CURRENT); if (ret < 0) return gnutls_assert_val(ret); diff --git a/lib/tls13/key_update.c b/lib/tls13/key_update.c index d9c495efdc..0c5c93734a 100644 --- a/lib/tls13/key_update.c +++ b/lib/tls13/key_update.c @@ -40,7 +40,7 @@ static int update_keys(gnutls_session_t session, hs_stage_t stage) return gnutls_assert_val(ret); _gnutls_epoch_bump(session); - ret = _gnutls_epoch_dup(session); + ret = _gnutls_epoch_dup(session, EPOCH_READ_CURRENT); if (ret < 0) return gnutls_assert_val(ret); |