diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-07-14 11:30:51 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2017-08-11 08:18:07 +0200 |
commit | 0b572406fa500a57c3e0a4abb74ef6ff0dca91fd (patch) | |
tree | 307ffe8ae694a91daee01101f9ae2a58c8e1f816 | |
parent | 720b255c3691458bf7836f424add0c3886f5b0dd (diff) | |
download | gnutls-0b572406fa500a57c3e0a4abb74ef6ff0dca91fd.tar.gz |
extensions: simplified requirements from send callback
The callback no longer needs to return the number of sent data;
they are now calculated by the caller.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | doc/cha-internals.texi | 8 | ||||
-rw-r--r-- | lib/errors.h | 3 | ||||
-rw-r--r-- | lib/extensions.c | 27 | ||||
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 5 |
4 files changed, 27 insertions, 16 deletions
diff --git a/doc/cha-internals.texi b/doc/cha-internals.texi index d368054712..532057d51a 100644 --- a/doc/cha-internals.texi +++ b/doc/cha-internals.texi @@ -246,7 +246,13 @@ The @funcintref{_foobar_recv_params} function is responsible for parsing incoming extension data (both in the client and server). The @funcintref{_foobar_send_params} function is responsible for -sending extension data (both in the client and server). +sending extension data (both in the client and server). It should +append data to provided buffer and return a positive (or zero) number on +success or a negative error code. Previous to 3.6.0 versions of GnuTLS required +that function to return the number of bytes that were written. If zero +is returned and no bytes are appended the extension will not be sent. +If a zero byte extension is to be sent this function must return +@code{GNUTLS_E_INT_RET_0}. If you receive length fields that don't match, return @code{GNUTLS_E_@-UNEXPECTED_@-PACKET_@-LENGTH}. If you receive invalid diff --git a/lib/errors.h b/lib/errors.h index ab71b69b98..e0f6b906c2 100644 --- a/lib/errors.h +++ b/lib/errors.h @@ -28,9 +28,6 @@ #include <mpi.h> #include <gnutls/x509.h> -#define GNUTLS_E_INT_RET_0 -1251 -#define GNUTLS_E_INT_CHECK_AGAIN -1252 - #ifdef __FILE__ #ifdef __LINE__ #define gnutls_assert() _gnutls_assert_log( "ASSERT: %s[%s]:%d\n", __FILE__,__func__,__LINE__); diff --git a/lib/extensions.c b/lib/extensions.c index b4c2284f9a..bd4f933fb7 100644 --- a/lib/extensions.c +++ b/lib/extensions.c @@ -293,7 +293,8 @@ static int send_extension(gnutls_session_t session, const extension_entry_st *p, gnutls_buffer_st *extdata, gnutls_ext_parse_type_t parse_type) { - int size_pos, size, ret; + int size_pos, appended, ret; + size_t size_prev; if (p->send_func == NULL) return 0; @@ -323,16 +324,23 @@ int send_extension(gnutls_session_t session, const extension_entry_st *p, if (ret < 0) return gnutls_assert_val(ret); - size = p->send_func(session, extdata); + size_prev = extdata->length; + ret = p->send_func(session, extdata); + if (ret < 0 && ret != GNUTLS_E_INT_RET_0) { + return gnutls_assert_val(ret); + } + /* returning GNUTLS_E_INT_RET_0 means to send an empty * extension of this type. */ - if (size > 0 || size == GNUTLS_E_INT_RET_0) { - if (size == GNUTLS_E_INT_RET_0) - size = 0; + appended = extdata->length - size_prev; + + if (appended > 0 || ret == GNUTLS_E_INT_RET_0) { + if (ret == GNUTLS_E_INT_RET_0) + appended = 0; /* write the real size */ - _gnutls_write_uint16(size, + _gnutls_write_uint16(appended, &extdata->data[size_pos]); /* add this extension to the extension list @@ -342,11 +350,8 @@ int send_extension(gnutls_session_t session, const extension_entry_st *p, _gnutls_handshake_log ("EXT[%p]: Sending extension %s (%d bytes)\n", - session, p->name, size); - } else if (size < 0) { - gnutls_assert(); - return size; - } else if (size == 0) + session, p->name, appended); + } else if (appended == 0) extdata->length -= 4; /* reset type and size */ return 0; diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 80c0819fb6..9562785498 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -2939,7 +2939,10 @@ unsigned gnutls_fips140_mode_enabled(void); #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250 - +/* Internal errors of the library; will never be returned + * to a calling application */ +#define GNUTLS_E_INT_RET_0 -1251 +#define GNUTLS_E_INT_CHECK_AGAIN -1252 #define GNUTLS_E_APPLICATION_ERROR_MAX -65000 #define GNUTLS_E_APPLICATION_ERROR_MIN -65500 |