gnutls now sends (again) record packets using one write.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2001-08-19 11:52:20 +0000
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2001-08-19 11:52:20 +0000
commit: 4128d9c2a1441223f149de8856d0461d96f04eb4 (patch)
tree: 76bd2d97ceb579b6dbc5fa99747174b814eab194 /lib
parent: fbfd62394b0a7b8dc0307af1bf5caa489b6b6184 (diff)
download: gnutls-4128d9c2a1441223f149de8856d0461d96f04eb4.tar.gz
3 files changed, 18 insertions, 84 deletions
diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c
index 5ebd2496e9..3e5e7c1af7 100644
--- a/lib/gnutls_cipher.c
+++ b/lib/gnutls_cipher.c
@@ -33,6 +33,8 @@
 #include "gnutls_record.h"
 #include "gnutls_constate.h"
 
+/* returns ciphertext which contains RECORD_HEADER_SIZE unused bytes
+ */
 int _gnutls_encrypt(GNUTLS_STATE state, const char *data, size_t data_size,
 		    uint8 ** ciphertext, ContentType type)
 {
@@ -101,7 +103,8 @@ int _gnutls_decrypt(GNUTLS_STATE state, char *ciphertext,
 
 
 /* This is the actual encryption 
- * (and also keeps some space for headers in the encrypted data)
+ * (and also keeps some space for headers (RECORD_HEADER_SIZE) in the 
+ * encrypted data)
  */
 int _gnutls_compressed2TLSCiphertext(GNUTLS_STATE state,
 					gnutls_datum*
@@ -174,18 +177,11 @@ int _gnutls_compressed2TLSCiphertext(GNUTLS_STATE state,
 		length =
 		    compressed.size + hash_size;
 
-		data = gnutls_malloc(length);
+		data = gnutls_malloc(length+RECORD_HEADER_SIZE);
 		if (data==NULL) {
 			gnutls_assert();
 			return GNUTLS_E_MEMORY_ERROR;
 		}
-		memcpy(data, compressed.data, compressed.size);
-		memcpy(&data[compressed.size], MAC, hash_size);
-
-		gnutls_cipher_encrypt(state->connection_state.
-				      write_cipher_state, data, length);
-		cipher->data = data;
-		cipher->size = length;
 
 		break;
 	case CIPHER_BLOCK:
@@ -212,20 +208,12 @@ int _gnutls_compressed2TLSCiphertext(GNUTLS_STATE state,
 		pad = (uint8) (blocksize - (length % blocksize)) + rand;
 
 		length += pad;
-		data = gnutls_malloc(length);
+		data = gnutls_malloc(length+RECORD_HEADER_SIZE);
 		if (data==NULL) {
 			gnutls_assert();
 			return GNUTLS_E_MEMORY_ERROR;
 		}
-		memset(&data[length - pad], pad - 1, pad);
-		memcpy(data, compressed.data, compressed.size);
-		memcpy(&data[compressed.size], MAC, hash_size);
-
-		gnutls_cipher_encrypt(state->connection_state.
-				      write_cipher_state, data, length);
-
-		cipher->data = data;
-		cipher->size = length;
+		memset(&data[RECORD_HEADER_SIZE + length - pad], pad - 1, pad);
 
 		break;
 	default:
@@ -233,6 +221,15 @@ int _gnutls_compressed2TLSCiphertext(GNUTLS_STATE state,
 		return GNUTLS_E_UNKNOWN_CIPHER_TYPE;
 	}
 
+	memcpy(&data[RECORD_HEADER_SIZE], compressed.data, compressed.size);
+	memcpy(&data[compressed.size+RECORD_HEADER_SIZE], MAC, hash_size);
+
+	gnutls_cipher_encrypt(state->connection_state.
+			      write_cipher_state, &data[RECORD_HEADER_SIZE], 
+			      length);
+	cipher->data = data;
+	cipher->size = length + RECORD_HEADER_SIZE;
+
 	return 0;
 }
 
diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c
index 24ad5376bd..e4dea9f974 100644
--- a/lib/gnutls_kx.c
+++ b/lib/gnutls_kx.c
@@ -98,11 +98,6 @@ int _gnutls_send_server_kx_message(SOCKET cd, GNUTLS_STATE state)
 	if (state->gnutls_internals.auth_struct->gnutls_generate_server_kx==NULL) 
 		return 0;
 
-#ifdef HANDSHAKE_DEBUG
-	_gnutls_log( "Sending server KX message\n");
-#endif
-
-
 	data_size = state->gnutls_internals.auth_struct->gnutls_generate_server_kx( state, &data);
 
 	if (data_size < 0) {
@@ -135,11 +130,6 @@ int _gnutls_send_server_certificate_request(SOCKET cd, GNUTLS_STATE state)
 	if (state->gnutls_internals.send_cert_req <= 0)
 		return 0;
 		
-#ifdef HANDSHAKE_DEBUG
-	_gnutls_log( "Sending server Certificate request message\n");
-#endif
-
-
 	data_size = state->gnutls_internals.auth_struct->gnutls_generate_server_certificate_request( state, &data);
 
 	if (data_size < 0) {
@@ -167,10 +157,6 @@ int _gnutls_send_server_kx_message2(SOCKET cd, GNUTLS_STATE state)
 	if (state->gnutls_internals.auth_struct->gnutls_generate_server_kx2 != NULL) {
 		data_size = state->gnutls_internals.auth_struct->gnutls_generate_server_kx2( state, &data);
 
-#ifdef HANDSHAKE_DEBUG
-		_gnutls_log( "Sending server KX message2\n");
-#endif
-
 		if (data_size<0) {
 			gnutls_assert();
 			return data_size;
@@ -199,10 +185,6 @@ int _gnutls_send_client_kx_message(SOCKET cd, GNUTLS_STATE state)
 	if (state->gnutls_internals.auth_struct->gnutls_generate_client_kx==NULL) 
 		return 0;
 
-#ifdef HANDSHAKE_DEBUG
-	_gnutls_log( "Sending client KX message\n");
-#endif
-
 	data_size = state->gnutls_internals.auth_struct->gnutls_generate_client_kx( state, &data);
 	if (data_size < 0) {
 		gnutls_assert();
@@ -231,10 +213,6 @@ int _gnutls_send_client_kx_message0(SOCKET cd, GNUTLS_STATE state)
 	if ( state->gnutls_internals.auth_struct->gnutls_generate_client_kx0 == NULL)
 		return 0;
 
-#ifdef HANDSHAKE_DEBUG
-	_gnutls_log( "Sending client KX message0\n");
-#endif
-
 	data_size = state->gnutls_internals.auth_struct->gnutls_generate_client_kx0( state, &data);
 	if (data_size < 0) {
 		gnutls_assert();
@@ -273,9 +251,6 @@ int _gnutls_send_client_certificate_verify(SOCKET cd, GNUTLS_STATE state)
 		           */
 	}
 	
-#ifdef HANDSHAKE_DEBUG
-	_gnutls_log( "Sending client certificate verify message\n");
-#endif
 	data_size = state->gnutls_internals.auth_struct->gnutls_generate_client_cert_vrfy( state, &data);
 	if (data_size < 0) {
 		gnutls_assert();
@@ -302,10 +277,6 @@ int _gnutls_recv_server_kx_message(SOCKET cd, GNUTLS_STATE state)
 
 	if (state->gnutls_internals.auth_struct->gnutls_process_server_kx!=NULL) {
 
-#ifdef HANDSHAKE_DEBUG
-		_gnutls_log( "Receiving Server KX message\n");
-#endif
-
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 				   &datasize,
@@ -331,10 +302,6 @@ int _gnutls_recv_server_certificate_request(SOCKET cd, GNUTLS_STATE state)
 
 	if (state->gnutls_internals.auth_struct->gnutls_process_server_certificate_request!=NULL) {
 
-#ifdef HANDSHAKE_DEBUG
-		_gnutls_log( "Receiving Server Certificate request message\n");
-#endif
-
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 				   &datasize,
@@ -363,10 +330,6 @@ int _gnutls_recv_server_kx_message2(SOCKET cd, GNUTLS_STATE state)
 
 	if (state->gnutls_internals.auth_struct->gnutls_process_server_kx2 != NULL) {
 
-#ifdef HANDSHAKE_DEBUG
-		_gnutls_log( "Receiving Server KX message2\n");
-#endif
-
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 				   &datasize,
@@ -394,10 +357,6 @@ int _gnutls_recv_client_kx_message(SOCKET cd, GNUTLS_STATE state)
 	/* Do key exchange only if the algorithm permits it */
 	if (state->gnutls_internals.auth_struct->gnutls_process_client_kx != NULL) {
 
-#ifdef HANDSHAKE_DEBUG
-		_gnutls_log( "Receiving client KX message\n");
-#endif
-
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 					   &datasize,
@@ -425,10 +384,6 @@ int _gnutls_recv_client_kx_message0(SOCKET cd, GNUTLS_STATE state)
 	/* Do key exchange only if the algorithm permits it */
 	if (state->gnutls_internals.auth_struct->gnutls_process_client_kx0 != NULL) {
 
-#ifdef HANDSHAKE_DEBUG
-		_gnutls_log( "Receiving client KX message0\n");
-#endif
-
 		ret =
 		    _gnutls_recv_handshake(cd, state, &data,
 					   &datasize,
@@ -460,9 +415,6 @@ int _gnutls_send_client_certificate(SOCKET cd, GNUTLS_STATE state)
 	if (state->gnutls_internals.auth_struct->gnutls_generate_client_certificate==NULL) 
 		return 0;
 
-#ifdef HANDSHAKE_DEBUG
-	_gnutls_log( "Sending client certificate message\n");
-#endif
 
 	data_size = state->gnutls_internals.auth_struct->gnutls_generate_client_certificate( state, &data);
 
@@ -495,10 +447,6 @@ int _gnutls_send_server_certificate(SOCKET cd, GNUTLS_STATE state)
 	if (state->gnutls_internals.auth_struct->gnutls_generate_server_certificate==NULL) 
 		return 0;
 
-#ifdef HANDSHAKE_DEBUG
-	_gnutls_log( "Sending certificate message\n");
-#endif
-
 	data_size = state->gnutls_internals.auth_struct->gnutls_generate_server_certificate( state, &data);
 
 	if (data_size < 0) {
@@ -628,10 +576,6 @@ int _gnutls_recv_client_certificate_verify_message(SOCKET cd, GNUTLS_STATE state
 
 	if (state->gnutls_internals.auth_struct->gnutls_process_client_cert_vrfy != NULL) {
 
-#ifdef HANDSHAKE_DEBUG
-		_gnutls_log( "Receiving client certificate verify message\n");
-#endif
-
 		if ( state->gnutls_internals.send_cert_req == 0 ||
 			state->gnutls_key->certificate_requested == 0) {
 			return 0;
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 7b68602e91..b0bb5a646d 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -446,15 +446,8 @@ ssize_t gnutls_send_int(SOCKET cd, GNUTLS_STATE state, ContentType type, Handsha
 			return cipher_size; /* error */
 		}
 		
-		WRITEuint16( cipher_size, &headers[3]);
-		
-#warning "CHECK if the double write breaks other implementations"
-		if (_gnutls_Write(cd, headers, RECORD_HEADER_SIZE, flags) != RECORD_HEADER_SIZE) {
-			state->gnutls_internals.valid_connection = VALID_FALSE;
-			state->gnutls_internals.resumable = RESUME_FALSE;
-			gnutls_assert();
-			return GNUTLS_E_UNABLE_SEND_DATA;
-		}
+		WRITEuint16( cipher_size-RECORD_HEADER_SIZE, &headers[3]);
+		memcpy( cipher, headers, RECORD_HEADER_SIZE);
 
 		if (_gnutls_Write(cd, cipher, cipher_size, flags) != cipher_size) {
 			state->gnutls_internals.valid_connection = VALID_FALSE;
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2001-08-19 11:52:20 +0000
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2001-08-19 11:52:20 +0000
commit	4128d9c2a1441223f149de8856d0461d96f04eb4 (patch)
tree	76bd2d97ceb579b6dbc5fa99747174b814eab194 /lib
parent	fbfd62394b0a7b8dc0307af1bf5caa489b6b6184 (diff)
download	gnutls-4128d9c2a1441223f149de8856d0461d96f04eb4.tar.gz