diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2001-11-13 12:02:17 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2001-11-13 12:02:17 +0000 |
commit | 1d01ac626c51fbb6a247a5678a1fce0887ee856b (patch) | |
tree | 61fc5b37457dad8905507f831aa4e5593cd2f084 /lib | |
parent | 07386f65480afa58f8447eea1a41094e6dd93b83 (diff) | |
download | gnutls-1d01ac626c51fbb6a247a5678a1fce0887ee856b.tar.gz |
more non blocking IO fixes
Diffstat (limited to 'lib')
-rw-r--r-- | lib/auth_rsa.c | 3 | ||||
-rw-r--r-- | lib/gnutls_algorithms.c | 24 | ||||
-rw-r--r-- | lib/gnutls_buffers.c | 27 | ||||
-rw-r--r-- | lib/gnutls_cipher.c | 22 | ||||
-rw-r--r-- | lib/gnutls_constate.c | 3 | ||||
-rw-r--r-- | lib/gnutls_handshake.c | 95 | ||||
-rw-r--r-- | lib/gnutls_handshake.h | 4 | ||||
-rw-r--r-- | lib/gnutls_int.h | 15 | ||||
-rw-r--r-- | lib/gnutls_kx.c | 2 | ||||
-rw-r--r-- | lib/gnutls_priority.c | 13 | ||||
-rw-r--r-- | lib/gnutls_record.c | 8 | ||||
-rw-r--r-- | lib/io_debug.h | 2 |
12 files changed, 127 insertions, 91 deletions
diff --git a/lib/auth_rsa.c b/lib/auth_rsa.c index cd45871362..ee4c838750 100644 --- a/lib/auth_rsa.c +++ b/lib/auth_rsa.c @@ -114,7 +114,8 @@ return ret; if (plaintext.size != TLS_MASTER_SIZE) { /* WOW */ RANDOMIZE_KEY(state->gnutls_key->key, secure_malloc); } else { - if (_gnutls_get_adv_version_major( state) != plaintext.data[0] || _gnutls_get_adv_version_minor( state) != plaintext.data[1]) { + if (_gnutls_get_adv_version_major( state) != plaintext.data[0] + || _gnutls_get_adv_version_minor( state) != plaintext.data[1]) { gnutls_assert(); ret = GNUTLS_E_DECRYPTION_FAILED; } diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index f22393ef7a..29aef537c3 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -727,20 +727,36 @@ int _gnutls_version_priority(GNUTLS_STATE state, GNUTLS_Version _gnutls_version_lowest(GNUTLS_STATE state) { /* returns the lowest version supported */ + int i, min = 0xff; + if (state->gnutls_internals.ProtocolPriority.algorithm_priority==NULL) { return GNUTLS_VERSION_UNKNOWN; } else - return state->gnutls_internals.ProtocolPriority. - algorithm_priority[state->gnutls_internals.ProtocolPriority.algorithms-1]; + for (i=0;i<state->gnutls_internals.ProtocolPriority.algorithms;i++) { + if (state->gnutls_internals.ProtocolPriority.algorithm_priority[i] < min) + min = state->gnutls_internals.ProtocolPriority.algorithm_priority[i]; + } + + if (min==0xff) return GNUTLS_VERSION_UNKNOWN; /* unknown version */ + + return min; } GNUTLS_Version _gnutls_version_max(GNUTLS_STATE state) { /* returns the maximum version supported */ + int i, max=0x00; + if (state->gnutls_internals.ProtocolPriority.algorithm_priority==NULL) { return GNUTLS_VERSION_UNKNOWN; } else - return state->gnutls_internals.ProtocolPriority. - algorithm_priority[0]; + for (i=0;i<state->gnutls_internals.ProtocolPriority.algorithms;i++) { + if (state->gnutls_internals.ProtocolPriority.algorithm_priority[i] > max) + max = state->gnutls_internals.ProtocolPriority.algorithm_priority[i]; + } + + if (max==0x00) return GNUTLS_VERSION_UNKNOWN; /* unknown version */ + + return max; } diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c index e1ae16bce2..64a9ee9775 100644 --- a/lib/gnutls_buffers.c +++ b/lib/gnutls_buffers.c @@ -1,4 +1,4 @@ -#define READ_DEBUG +#define IO_DEBUG 5 /* * Copyright (C) 2000,2001 Nikos Mavroyanopoulos * @@ -18,7 +18,7 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA */ -#define IO_DEBUG 5 + #include <gnutls_int.h> #include <gnutls_errors.h> #include <gnutls_num.h> @@ -712,9 +712,13 @@ ssize_t _gnutls_handshake_recv_int(int fd, GNUTLS_STATE state, ContentType type, ptr = iptr; left = sizeOfPtr; + if (sizeOfPtr == 0 || iptr == NULL) { + gnutls_assert(); + return GNUTLS_E_INVALID_PARAMETERS; + } + if (state->gnutls_internals.handshake_recv_buffer.size > 0) { /* if we have already received some data */ - fprintf(stderr, "C1: BUFFER_SIZE: %d\n", state->gnutls_internals.handshake_recv_buffer.size); if (sizeOfPtr <= state->gnutls_internals.handshake_recv_buffer.size) { /* if requested less data then return it. */ @@ -726,7 +730,6 @@ ssize_t _gnutls_handshake_recv_int(int fd, GNUTLS_STATE state, ContentType type, memmove( state->gnutls_internals.handshake_recv_buffer.data, &state->gnutls_internals.handshake_recv_buffer.data[sizeOfPtr], state->gnutls_internals.handshake_recv_buffer.size); - fprintf(stderr, "C2: BUFFER_SIZE: %d\n", state->gnutls_internals.handshake_recv_buffer.size); return sizeOfPtr; } @@ -766,7 +769,6 @@ ssize_t _gnutls_handshake_recv_int(int fd, GNUTLS_STATE state, ContentType type, state->gnutls_internals.handshake_recv_buffer.size = 0; gnutls_assert(); - fprintf(stderr, "C3: BUFFER_SIZE: %d\n", state->gnutls_internals.handshake_recv_buffer.size); return i; } else { @@ -780,20 +782,7 @@ ssize_t _gnutls_handshake_recv_int(int fd, GNUTLS_STATE state, ContentType type, state->gnutls_internals.handshake_recv_buffer.size = 0; -{int x,j,sum=0; - fprintf(stderr, "HREAD: read %d bytes from %d\n", (sizeOfPtr-left), fd); - for (x=0;x<((sizeOfPtr-left)/16)+1;x++) { - fprintf(stderr, "%.4x - ",x); - for (j=0;j<16;j++) { - if (sum<(sizeOfPtr-left)) { - fprintf(stderr, "%.2x ", ((unsigned char*)ptr)[sum++]); - } - } - fprintf(stderr, "\n"); - - } -} - return (sizeOfPtr - left); + return sizeOfPtr - left; } /* Buffer for handshake packets. Keeps the packets in order diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index b408777990..030aa1d4c9 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -132,10 +132,10 @@ int _gnutls_compressed2TLSCiphertext(GNUTLS_STATE state, _gnutls_cipher_get_block_size(state->security_parameters. write_bulk_cipher_algorithm); - minor = _gnutls_version_get_minor(state->connection_state.version); - major = _gnutls_version_get_major(state->connection_state.version); + minor = _gnutls_version_get_minor(state->security_parameters.version); + major = _gnutls_version_get_major(state->security_parameters.version); - if ( state->connection_state.version == GNUTLS_SSL3) { /* SSL 3.0 */ + if ( state->security_parameters.version == GNUTLS_SSL3) { /* SSL 3.0 */ td = gnutls_mac_init_ssl3(state->security_parameters. write_mac_algorithm, @@ -166,13 +166,13 @@ int _gnutls_compressed2TLSCiphertext(GNUTLS_STATE state, gnutls_hmac(td, UINT64DATA(seq_num), 8); gnutls_hmac(td, &type, 1); - if ( state->connection_state.version != GNUTLS_SSL3) { /* TLS 1.0 only */ + if ( state->security_parameters.version != GNUTLS_SSL3) { /* TLS 1.0 only */ gnutls_hmac(td, &major, 1); gnutls_hmac(td, &minor, 1); } gnutls_hmac(td, &c_length, 2); gnutls_hmac(td, compressed.data, compressed.size); - if ( state->connection_state.version == GNUTLS_SSL3) { /* SSL 3.0 */ + if ( state->security_parameters.version == GNUTLS_SSL3) { /* SSL 3.0 */ gnutls_mac_deinit_ssl3(td, MAC); } else { gnutls_hmac_deinit(td, MAC); @@ -197,7 +197,7 @@ int _gnutls_compressed2TLSCiphertext(GNUTLS_STATE state, } /* make rand a multiple of blocksize */ - if ( state->connection_state.version == GNUTLS_SSL3) { + if ( state->security_parameters.version == GNUTLS_SSL3) { rand = 0; } else { rand = (rand / blocksize) * blocksize; @@ -261,13 +261,13 @@ int _gnutls_ciphertext2TLSCompressed(GNUTLS_STATE state, uint8 major, minor; int hash_size = _gnutls_mac_get_digest_size(state->security_parameters.read_mac_algorithm); - minor = _gnutls_version_get_minor(state->connection_state.version); - major = _gnutls_version_get_major(state->connection_state.version); + minor = _gnutls_version_get_minor(state->security_parameters.version); + major = _gnutls_version_get_major(state->security_parameters.version); blocksize = _gnutls_cipher_get_block_size(state->security_parameters. read_bulk_cipher_algorithm); - if ( state->connection_state.version == GNUTLS_SSL3) { + if ( state->security_parameters.version == GNUTLS_SSL3) { td = gnutls_mac_init_ssl3(state->security_parameters. read_mac_algorithm, @@ -354,13 +354,13 @@ int _gnutls_ciphertext2TLSCompressed(GNUTLS_STATE state, gnutls_hmac(td, UINT64DATA(seq_num), 8); gnutls_hmac(td, &type, 1); - if ( state->connection_state.version != GNUTLS_SSL3) { /* TLS 1.0 only */ + if ( state->security_parameters.version != GNUTLS_SSL3) { /* TLS 1.0 only */ gnutls_hmac(td, &major, 1); gnutls_hmac(td, &minor, 1); } gnutls_hmac(td, &c_length, 2); gnutls_hmac(td, data, compress->size); - if ( state->connection_state.version == GNUTLS_SSL3) { /* SSL 3.0 */ + if ( state->security_parameters.version == GNUTLS_SSL3) { /* SSL 3.0 */ gnutls_mac_deinit_ssl3(td, MAC); } else { gnutls_hmac_deinit(td, MAC); diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c index ef56c13132..9f72f76ad5 100644 --- a/lib/gnutls_constate.c +++ b/lib/gnutls_constate.c @@ -53,7 +53,7 @@ int _gnutls_set_keys(GNUTLS_STATE state, int hash_size, int IV_size, int key_siz memcpy(random, state->security_parameters.server_random, TLS_RANDOM_SIZE); memcpy(&random[TLS_RANDOM_SIZE], state->security_parameters.client_random, TLS_RANDOM_SIZE); - if ( state->connection_state.version == GNUTLS_SSL3) { /* SSL 3 */ + if ( state->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */ key_block = gnutls_ssl3_generate_random( state->security_parameters.master_secret, TLS_MASTER_SIZE, random, 2*TLS_RANDOM_SIZE, block_size); } else { /* TLS 1.0 */ @@ -152,6 +152,7 @@ int _gnutls_set_write_keys(GNUTLS_STATE state) dst->session_id_size = src->session_id_size; \ dst->timestamp = src->timestamp; \ dst->max_record_size = src->max_record_size; \ + dst->version = src->version; \ memcpy( &dst->extensions, &src->extensions, sizeof(TLSExtensions)); static void _gnutls_cpy_read_security_parameters( SecurityParameters * dst, SecurityParameters* src) { diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 11111c47a4..0b8735a6fd 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -86,6 +86,9 @@ static void resume_copy_required_values(GNUTLS_STATE state) state->security_parameters.entity = state->gnutls_internals.resumed_security_parameters.entity; + state->security_parameters.version = + state->gnutls_internals.resumed_security_parameters.version; + memcpy(state->security_parameters.session_id, state->gnutls_internals.resumed_security_parameters. session_id, sizeof(state->security_parameters.session_id)); @@ -299,7 +302,8 @@ int _gnutls_read_client_hello(GNUTLS_STATE state, opaque * data, DECR_LEN(len, 1); memcpy(&session_id_len, &data[pos++], 1); - /* RESUME SESSION */ + /* RESUME SESSION + */ if (session_id_len > TLS_MAX_SESSION_ID_SIZE) { gnutls_assert(); return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; @@ -403,7 +407,7 @@ int _gnutls_send_finished(SOCKET cd, GNUTLS_STATE state, int again) int data_size=0; if (again==0) { - if (state->connection_state.version == GNUTLS_SSL3) { + if (state->security_parameters.version == GNUTLS_SSL3) { data = _gnutls_ssl3_finished(state, state->security_parameters. @@ -444,7 +448,7 @@ int _gnutls_recv_finished(SOCKET cd, GNUTLS_STATE state) gnutls_assert(); return ret; } - if (state->connection_state.version == GNUTLS_SSL3) { + if (state->security_parameters.version == GNUTLS_SSL3) { data_size = 36; } else { data_size = 12; @@ -454,7 +458,7 @@ int _gnutls_recv_finished(SOCKET cd, GNUTLS_STATE state) gnutls_assert(); return GNUTLS_E_ERROR_IN_FINISHED_PACKET; } - if (state->connection_state.version == GNUTLS_SSL3) { + if (state->security_parameters.version == GNUTLS_SSL3) { /* skip the bytes from the last message */ data = _gnutls_ssl3_finished(state, @@ -654,17 +658,18 @@ static int _gnutls_recv_handshake_header(SOCKET cd, GNUTLS_STATE state, uint8 *dataptr = NULL; /* for realloc */ int handshake_header_size = HANDSHAKE_HEADER_SIZE; - /* if we have data into the buffer then return them, do not read the next packet + /* if we have data into the buffer then return them, do not read the next packet. + * In order to return we need a full TLS handshake header, or in case of a version 2 + * packet, then we return the first byte. */ - if (state->gnutls_internals.handshake_header_buffer.header_size == - handshake_header_size) { + if ((state->gnutls_internals.handshake_header_buffer.header_size == handshake_header_size || + (state->gnutls_internals.v2_hello!=0 && type==GNUTLS_CLIENT_HELLO)) && + state->gnutls_internals.handshake_header_buffer.packet_length > 0) { + *recv_type = - state->gnutls_internals.handshake_header_buffer. - recv_type; + state->gnutls_internals.handshake_header_buffer.recv_type; - state->gnutls_internals.handshake_header_buffer.header_size = 0; /* reset buffering */ - return state->gnutls_internals.handshake_header_buffer. - packet_length; + return state->gnutls_internals.handshake_header_buffer.packet_length; } /* Note: SSL2_HEADERS == 1 */ @@ -678,7 +683,7 @@ static int _gnutls_recv_handshake_header(SOCKET cd, GNUTLS_STATE state, _gnutls_handshake_recv_int(cd, state, GNUTLS_HANDSHAKE, type, dataptr, SSL2_HEADERS); - if (ret <= 0) { + if (ret < 0) { gnutls_assert(); return (ret < 0) ? ret : GNUTLS_E_UNEXPECTED_PACKET_LENGTH; } @@ -687,7 +692,7 @@ static int _gnutls_recv_handshake_header(SOCKET cd, GNUTLS_STATE state, gnutls_assert(); return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; } - state->gnutls_internals.handshake_header_buffer.header_size += SSL2_HEADERS; + state->gnutls_internals.handshake_header_buffer.header_size += ret; } if (state->gnutls_internals.v2_hello == 0 || type != GNUTLS_CLIENT_HELLO) { @@ -711,6 +716,9 @@ static int _gnutls_recv_handshake_header(SOCKET cd, GNUTLS_STATE state, length32 = READuint24(&dataptr[1]); handshake_header_size = HANDSHAKE_HEADER_SIZE; + + state->gnutls_internals.handshake_header_buffer.header_size += ret; + #ifdef HANDSHAKE_DEBUG _gnutls_log("Handshake: %s was received [%ld bytes]\n", _gnutls_handshake2str(dataptr[0]), @@ -735,6 +743,16 @@ static int _gnutls_recv_handshake_header(SOCKET cd, GNUTLS_STATE state, } } + /* put the packet into the buffer */ + state->gnutls_internals.handshake_header_buffer.header_size = handshake_header_size; + state->gnutls_internals.handshake_header_buffer.packet_length = length32; + state->gnutls_internals.handshake_header_buffer.recv_type = *recv_type; + + if (*recv_type != type) { + gnutls_assert(); + return GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET; + } + if (*recv_type != GNUTLS_HELLO_REQUEST) { if ((ret = gnutls_insert_to_handshake_buffer(state, dataptr, @@ -745,24 +763,12 @@ static int _gnutls_recv_handshake_header(SOCKET cd, GNUTLS_STATE state, } } - if (*recv_type != type) { - gnutls_assert(); - - /* put the packet into the buffer */ - state->gnutls_internals.handshake_header_buffer. - header_size = handshake_header_size; - state->gnutls_internals.handshake_header_buffer. - packet_length = length32; - state->gnutls_internals.handshake_header_buffer.recv_type = - *recv_type; - return GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET; - } - - state->gnutls_internals.handshake_header_buffer.header_size = 0; /* no buffering */ - return length32; } +#define _gnutls_clear_handshake_header_buffer( state) state->gnutls_internals.handshake_header_buffer.header_size = 0 + + /* This function will receive handshake messages of the given types, * and will pass the message to the right place in order to be processed. * Eg. for the SERVER_HELLO message (if it is expected), it will be @@ -820,6 +826,13 @@ int _gnutls_recv_handshake(SOCKET cd, GNUTLS_STATE state, uint8 ** data, ret; } } + + /* If we fail before this then we will reuse the handshake header + * have have received above. if we get here the we clear the handshake + * header we received. + */ + _gnutls_clear_handshake_header_buffer( state); + ret = GNUTLS_E_UNKNOWN_ERROR; if (data != NULL && length32 > 0) @@ -835,6 +848,7 @@ int _gnutls_recv_handshake(SOCKET cd, GNUTLS_STATE state, uint8 ** data, return ret; } } + switch (recv_type) { case GNUTLS_CLIENT_HELLO: case GNUTLS_SERVER_HELLO: @@ -898,6 +912,7 @@ static int _gnutls_read_server_hello(GNUTLS_STATE state, char *data, } else { _gnutls_set_current_version(state, version); } + pos += 2; DECR_LEN(len, TLS_RANDOM_SIZE); @@ -1055,8 +1070,10 @@ static int _gnutls_send_client_hello(SOCKET cd, GNUTLS_STATE state, int again) state->gnutls_internals.resumed_security_parameters. session_id_size; - if (SessionID == NULL) + if (SessionID == NULL || session_id_len == 0) { session_id_len = 0; + SessionID = NULL; + } data = NULL; datalen = 0; @@ -1076,12 +1093,20 @@ static int _gnutls_send_client_hello(SOCKET cd, GNUTLS_STATE state, int again) */ if (SessionID==NULL) hver = _gnutls_version_max(state); - else - hver = gnutls_get_current_version(state); + else { /* we are resuming a session */ + hver = state->gnutls_internals.resumed_security_parameters.version; + _gnutls_set_current_version( state, hver); + } + if (hver <= 0) { + if (hver==0) hver = GNUTLS_E_UNKNOWN_ERROR; + gnutls_assert(); + return hver; + } + data[pos++] = _gnutls_version_get_major(hver); data[pos++] = _gnutls_version_get_minor(hver); - + _gnutls_create_random(random); _gnutls_set_client_random(state, random); @@ -1198,9 +1223,9 @@ static int _gnutls_send_server_hello(SOCKET cd, GNUTLS_STATE state, int again) } data[pos++] = - _gnutls_version_get_major(state->connection_state.version); + _gnutls_version_get_major(state->security_parameters.version); data[pos++] = - _gnutls_version_get_minor(state->connection_state.version); + _gnutls_version_get_minor(state->security_parameters.version); memcpy(&data[pos], state->security_parameters.server_random, TLS_RANDOM_SIZE); diff --git a/lib/gnutls_handshake.h b/lib/gnutls_handshake.h index 3f4d44dd34..0208caa4c1 100644 --- a/lib/gnutls_handshake.h +++ b/lib/gnutls_handshake.h @@ -38,8 +38,8 @@ int _gnutls_remove_unwanted_ciphersuites( GNUTLS_STATE state, GNUTLS_CipherSuite void gnutls_set_max_handshake_data_buffer_size( GNUTLS_STATE state, int max); #define set_adv_version( state, major, minor) \ - state->gnutls_internals.adv_version_major = data[pos]; \ - state->gnutls_internals.adv_version_minor = data[pos+1] + state->gnutls_internals.adv_version_major = major; \ + state->gnutls_internals.adv_version_minor = minor #define STATE state->gnutls_internals.handshake_state diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 8efed39c8f..d42a5f4fef 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -234,6 +234,11 @@ typedef struct { uint8 CipherSuite[2]; } GNUTLS_CipherSuite; +/* Versions should be in order of the oldest + * (eg. SSL3 is before TLS1) + */ +typedef enum GNUTLS_Version { GNUTLS_SSL3=1, GNUTLS_TLS1, GNUTLS_VERSION_UNKNOWN=0xff } GNUTLS_Version; + /* This structure holds parameters got from TLS extension * mechanism. (some extensions may hold parameters in AUTH_INFO * structures instead - see SRP). @@ -291,6 +296,7 @@ typedef struct { time_t timestamp; TLSExtensions extensions; uint16 max_record_size; + GNUTLS_Version version; /* moved here */ } SecurityParameters; /* This structure holds the generated keys @@ -308,13 +314,8 @@ typedef struct { */ } CipherSpecs; -/* Versions should be in order of the oldest - * (eg. SSL3 is before TLS1) - */ -typedef enum GNUTLS_Version { GNUTLS_SSL3=1, GNUTLS_TLS1, GNUTLS_VERSION_UNKNOWN=0xff } GNUTLS_Version; typedef struct { - GNUTLS_Version version; GNUTLS_CIPHER_HANDLE write_cipher_state; GNUTLS_CIPHER_HANDLE read_cipher_state; gnutls_datum read_mac_secret; @@ -414,7 +415,9 @@ typedef struct { char* db_name; int expire_time; struct MOD_AUTH_STRUCT_INT* auth_struct; /* used in handshake packets and KX algorithms */ - int v2_hello; /* set 0 normally - 1 if v2 hello was received - server side only */ + int v2_hello; /* 0 if the client hello is v3+. + * non-zero if we got a v2 hello. + */ #ifdef HAVE_LIBGDBM GDBM_FILE db_reader; #endif diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c index 875c73f1db..20d6355c3b 100644 --- a/lib/gnutls_kx.c +++ b/lib/gnutls_kx.c @@ -59,7 +59,7 @@ char random[2*TLS_RANDOM_SIZE]; _gnutls_log( "SERVER RANDOM[%d]: %s\n", 32, _gnutls_bin2hex(state->security_parameters.server_random,32)); #endif - if ( state->connection_state.version == GNUTLS_SSL3) { + if ( state->security_parameters.version == GNUTLS_SSL3) { master = gnutls_ssl3_generate_random( premaster, premaster_size, random, 2*TLS_RANDOM_SIZE, TLS_MASTER_SIZE); diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index bfe24640c3..d20ac5a0b1 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -56,7 +56,8 @@ int gnutls_set_cipher_priority( GNUTLS_STATE state, GNUTLS_LIST) { if (state->gnutls_internals.BulkCipherAlgorithmPriority.algorithm_priority!=NULL) gnutls_free(state->gnutls_internals.BulkCipherAlgorithmPriority.algorithm_priority); - state->gnutls_internals.BulkCipherAlgorithmPriority.algorithm_priority = gnutls_malloc(sizeof(int*)*num); + + state->gnutls_internals.BulkCipherAlgorithmPriority.algorithm_priority = gnutls_malloc(sizeof(int)*num); if (state->gnutls_internals.BulkCipherAlgorithmPriority.algorithm_priority == NULL) return GNUTLS_E_MEMORY_ERROR; @@ -103,7 +104,7 @@ int gnutls_set_kx_priority( GNUTLS_STATE state, GNUTLS_LIST) { if (state->gnutls_internals.KXAlgorithmPriority.algorithm_priority!=NULL) gnutls_free(state->gnutls_internals.KXAlgorithmPriority.algorithm_priority); - state->gnutls_internals.KXAlgorithmPriority.algorithm_priority = gnutls_malloc(sizeof(int*)*num); + state->gnutls_internals.KXAlgorithmPriority.algorithm_priority = gnutls_malloc(sizeof(int)*num); if (state->gnutls_internals.KXAlgorithmPriority.algorithm_priority==NULL) return GNUTLS_E_MEMORY_ERROR; state->gnutls_internals.KXAlgorithmPriority.algorithms = num; @@ -148,7 +149,7 @@ int gnutls_set_mac_priority( GNUTLS_STATE state, GNUTLS_LIST) { if (state->gnutls_internals.MACAlgorithmPriority.algorithm_priority!=NULL) gnutls_free(state->gnutls_internals.MACAlgorithmPriority.algorithm_priority); - state->gnutls_internals.MACAlgorithmPriority.algorithm_priority = gnutls_malloc(sizeof(int*)*num); + state->gnutls_internals.MACAlgorithmPriority.algorithm_priority = gnutls_malloc(sizeof(int)*num); if (state->gnutls_internals.MACAlgorithmPriority.algorithm_priority ==NULL) return GNUTLS_E_MEMORY_ERROR; state->gnutls_internals.MACAlgorithmPriority.algorithms = num; @@ -193,7 +194,7 @@ int gnutls_set_compression_priority( GNUTLS_STATE state, GNUTLS_LIST) { if (state->gnutls_internals.CompressionMethodPriority.algorithm_priority!=NULL) gnutls_free(state->gnutls_internals.CompressionMethodPriority.algorithm_priority); - state->gnutls_internals.CompressionMethodPriority.algorithm_priority = gnutls_malloc(sizeof(int*)*num); + state->gnutls_internals.CompressionMethodPriority.algorithm_priority = gnutls_malloc(sizeof(int)*num); if (state->gnutls_internals.CompressionMethodPriority.algorithm_priority == NULL) return GNUTLS_E_MEMORY_ERROR; @@ -238,7 +239,7 @@ int gnutls_set_protocol_priority( GNUTLS_STATE state, GNUTLS_LIST) { if (state->gnutls_internals.ProtocolPriority.algorithm_priority!=NULL) gnutls_free(state->gnutls_internals.ProtocolPriority.algorithm_priority); - state->gnutls_internals.ProtocolPriority.algorithm_priority = gnutls_malloc(sizeof(int*)*num); + state->gnutls_internals.ProtocolPriority.algorithm_priority = gnutls_malloc(sizeof(int)*num); if (state->gnutls_internals.ProtocolPriority.algorithm_priority == NULL) { gnutls_assert(); @@ -247,7 +248,7 @@ int gnutls_set_protocol_priority( GNUTLS_STATE state, GNUTLS_LIST) { state->gnutls_internals.ProtocolPriority.algorithms = num; for (i=0;i<num;i++) { - state->gnutls_internals.ProtocolPriority.algorithm_priority[i] = va_arg( _ap, int); + state->gnutls_internals.ProtocolPriority.algorithm_priority[i] = va_arg( _ap, GNUTLS_Version); } va_end(ap); diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index dfb6f2956d..6c316635af 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -38,12 +38,12 @@ GNUTLS_Version gnutls_get_current_version(GNUTLS_STATE state) { GNUTLS_Version ver; - ver = state->connection_state.version; + ver = state->security_parameters.version; return ver; } void _gnutls_set_current_version(GNUTLS_STATE state, GNUTLS_Version version) { - state->connection_state.version = version; + state->security_parameters.version = version; } /** @@ -532,8 +532,8 @@ ssize_t gnutls_send_int(SOCKET cd, GNUTLS_STATE state, ContentType type, Handsha (int) uint64touint32(&state->connection_state.write_sequence_number), _gnutls_packet2str(type), type, sizeofdata); #endif - if ( sizeofdata > 128) //MAX_RECORD_SIZE) - data2send = 128; //MAX_RECORD_SIZE; + if ( sizeofdata > MAX_RECORD_SIZE) + data2send = MAX_RECORD_SIZE; else data2send = sizeofdata; diff --git a/lib/io_debug.h b/lib/io_debug.h index d79fabf7ea..3b2e9ee4a5 100644 --- a/lib/io_debug.h +++ b/lib/io_debug.h @@ -64,6 +64,6 @@ static int send_debug (int fd, const char *buf, int len, int flags) return send (fd, buf, len, flags); } -//#define send send_debug +#define send send_debug #endif |