tls packets are now send using one write(that way ssldump understands us)

2 files changed, 15 insertions, 26 deletions

diff --git a/lib/gnutls.c b/lib/gnutls.c
index 47ad4babad..b01b9ddf09 100644
--- a/lib/gnutls.c
+++ b/lib/gnutls.c
@@ -407,16 +407,14 @@ int gnutls_close_nowait(int cd, GNUTLS_STATE state)
  * send (if called by the user the Content is specific)
  * It is intended to transfer data, under the current state.    
  */
-#define MAX_ENC_LEN 16384
 ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void *_data, size_t sizeofdata, int flags)
 {
-	uint8 *cipher;
+	uint8 cipher[MAX_ENC_LEN];
 	int i, cipher_size;
 	int ret = 0;
 	int iterations;
 	uint16 length;
 	int Size;
-	uint8 headers[5];
 	uint8 *data=_data;
 
 	if (sizeofdata == 0)
@@ -433,25 +431,20 @@ ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void *_dat
 		Size = MAX_ENC_LEN;
 	}
 
-	headers[0]=type;
-	headers[1]=state->connection_state.version.major;
-	headers[2]=state->connection_state.version.minor;
+	cipher[0]=type;
+	cipher[1]=state->connection_state.version.major;
+	cipher[2]=state->connection_state.version.minor;
 	
 	for (i = 0; i < iterations; i++) {
-		cipher_size = _gnutls_encrypt( state, &data[i*Size], Size, &cipher, type);
+		cipher_size = _gnutls_encrypt( state, &data[i*Size], Size, &cipher[5], type);
 		if (cipher_size<=0) return cipher_size;
 #ifdef WORDS_BIGENDIAN
 		length = cipher_size;
 #else
 		length = byteswap16(cipher_size);
 #endif
-		memmove( &headers[3], &length, sizeof(uint16));
-		if (_gnutls_Write(cd, headers, sizeof(headers)) != sizeof(headers)) {
-			state->gnutls_internals.valid_connection = VALID_FALSE;
-			state->gnutls_internals.resumable = RESUME_FALSE;
-			gnutls_assert();
-			return GNUTLS_E_UNABLE_SEND_DATA;
-		}
+		memmove( &cipher[3], &length, sizeof(uint16));
+		cipher_size += HEADER_SIZE; /* add headers */
 		if (_gnutls_Write(cd, cipher, cipher_size) != cipher_size) {
 			state->gnutls_internals.valid_connection = VALID_FALSE;
 			state->gnutls_internals.resumable = RESUME_FALSE;
@@ -463,20 +456,15 @@ ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void *_dat
 		/* rest data */
 	if (iterations > 1) {
 		Size = sizeofdata % MAX_ENC_LEN;
-		cipher_size = _gnutls_encrypt( state, &data[i*Size], Size, &cipher, type);
+		cipher_size = _gnutls_encrypt( state, &data[i*Size], Size, &cipher[5], type);
 		if (cipher_size<=0) return cipher_size;
 #ifdef WORDS_BIGENDIAN
 		length = cipher_size;
 #else
 		length = byteswap16(cipher_size);
 #endif
-		memmove( &headers[3], &length, sizeof(uint16));
-		if (_gnutls_Write(cd, headers, sizeof(headers)) != sizeof(headers)) {
-			state->gnutls_internals.valid_connection = VALID_FALSE;
-			state->gnutls_internals.resumable = RESUME_FALSE;
-			gnutls_assert();
-			return GNUTLS_E_UNABLE_SEND_DATA;
-		}
+		memmove( &cipher[3], &length, sizeof(uint16));
+		cipher_size+=HEADER_SIZE; /* add headers */
 		if (_gnutls_Write(cd, cipher, cipher_size) != cipher_size) {
 			state->gnutls_internals.valid_connection = VALID_FALSE;
 			state->gnutls_internals.resumable = RESUME_FALSE;
@@ -488,8 +476,6 @@ ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void *_dat
 
 	ret += sizeofdata;
 
-	gnutls_free(cipher);
-
 	return ret;
 }
 
@@ -559,8 +545,6 @@ char peekdata;
  * flags is the sockets flags to use. Currently only MSG_DONTWAIT is
  * supported.
  */
-#define HEADER_SIZE 5
-#define MAX_RECV_SIZE 18432 	/* 2^14+2048 */
 ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data, size_t sizeofdata, int flags)
 {
 	uint8 *tmpdata;
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 7c8c2a68ac..22e4b498cc 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -14,6 +14,11 @@
 #define MAX24 16777215
 #define MAX16 65535
 
+/* the maximum size of encrypted packets */
+#define MAX_ENC_LEN 16384
+#define HEADER_SIZE 5
+#define MAX_RECV_SIZE 18432+HEADER_SIZE 	/* 2^14+2048+HEADER_SIZE */
+
 /* for big numbers support */ /* FIXME */
 #include <gcrypt.h>