diff options
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | THANKS | 1 | ||||
| -rw-r--r-- | acconfig.h | 2 | ||||
| -rw-r--r-- | configure.in | 15 | ||||
| -rw-r--r-- | lib/gnutls_handshake.c | 8 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 2 | ||||
| -rw-r--r-- | lib/gnutls_mem.c | 6 | ||||
| -rw-r--r-- | lib/gnutls_mem.h | 4 | ||||
| -rw-r--r-- | src/cli.c | 4 |
9 files changed, 37 insertions, 12 deletions
@@ -1,3 +1,10 @@ +2002-03-12 14:13 nmav <nmav@gnutls.org> + + * ChangeLog, NEWS, acconfig.h, configure.in, lib/gnutls_int.h, + lib/gnutls_record.c, lib/gnutls_state.c: + + made CBC chosen plaintext protection configurable + 2002-03-11 12:45 twoaday <twoaday@gnutls.org> * lib/gnutls_openpgp.c: @@ -11,3 +11,4 @@ Marco d'Itri <md@linux.it> Mike Siers <mikes@poliac.com> Marc Huber <Marc.Huber@web.de> Guillaume Morin <guillaume@morinfr.org> +Andrew McDonald <andrew@mcdonald.org.uk> diff --git a/acconfig.h b/acconfig.h index 1d42363a9f..7bff0536a1 100644 --- a/acconfig.h +++ b/acconfig.h @@ -16,6 +16,8 @@ #undef LT_REVISION #undef LT_AGE #undef USE_DMALLOC +#undef USE_EFENCE +#undef USE_LIBCALLOC #undef USE_GCRYPT #undef GNUTLS_VERSION diff --git a/configure.in b/configure.in index bbad7492e0..cfe31dd6f1 100644 --- a/configure.in +++ b/configure.in @@ -49,6 +49,13 @@ AC_ARG_ENABLE(dmalloc-mode, opt_dmalloc_mode=$enableval) AC_MSG_RESULT($opt_dmalloc_mode) +opt_efence_mode=no +AC_MSG_CHECKING([whether in electric fence mode]) +AC_ARG_ENABLE(efence-mode, +[ --enable-efence-mode enable electric fence mode], +opt_efence_mode=$enableval) +AC_MSG_RESULT($opt_efence_mode) + opt_maintainer_mode=no AC_MSG_CHECKING([whether in maintanance mode]) AC_ARG_ENABLE(maintainer-mode, @@ -101,8 +108,16 @@ if test $ac_cv_c_compiler_gnu != no; then if test x$opt_dmalloc_mode = xyes; then AC_CHECK_LIB( dmalloc, main) AC_DEFINE(USE_DMALLOC) + AC_DEFINE(USE_LIBCALLOC) + else + if test x$opt_efence_mode = xyes; then + AC_CHECK_LIB( efence, main) + AC_DEFINE(USE_EFENCE) + AC_DEFINE(USE_LIBCALLOC) + fi fi + AC_MSG_CHECKING([whether we have GNU assembler]) GAS=`as --version < /dev/null|grep GNU` diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 3b9e576241..b86d03a25f 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -2331,13 +2331,13 @@ int _gnutls_remove_unwanted_ciphersuites(GNUTLS_STATE state, */ cert = NULL; - if (state->security_parameters.entity == GNUTLS_SERVER) cert = _gnutls_server_find_cert(state, requested_pk_algo); if (cert == NULL) { /* No certificate was found */ + gnutls_assert(); alg_size = 0; alg = NULL; } else { @@ -2373,9 +2373,9 @@ int _gnutls_remove_unwanted_ciphersuites(GNUTLS_STATE state, /* if it is defined but had no credentials */ if (_gnutls_get_kx_cred - (state->gnutls_key, kx, NULL) == NULL) + (state->gnutls_key, kx, NULL) == NULL) { keep = 1; - else + } else /* If there was no credentials to use with the specified * key exchange method, then just remove it. */ @@ -2385,7 +2385,7 @@ int _gnutls_remove_unwanted_ciphersuites(GNUTLS_STATE state, if (state->security_parameters.entity == GNUTLS_SERVER) { /* here we check if the KX algorithm - * is compatible with the X.509 certificate. + * is compatible with the certificate. */ for (j = 0; j < alg_size; j++) { if (alg[j] == kx) { diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 5fba9199ad..40861b1727 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -35,6 +35,8 @@ #define RECORD_DEBUG #define DEBUG */ +#define HANDSHAKE_DEBUG // Prints some information on handshake +#define DEBUG /* It might be a good idea to replace int with void* * here. diff --git a/lib/gnutls_mem.c b/lib/gnutls_mem.c index d2b8b63df4..96e6b1e03d 100644 --- a/lib/gnutls_mem.c +++ b/lib/gnutls_mem.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2001 Nikos Mavroyanopoulos + * Copyright (C) 2001,2002 Nikos Mavroyanopoulos * * This file is part of GNUTLS. * @@ -22,7 +22,7 @@ #include <gnutls_errors.h> #include <gnutls_num.h> -#ifdef USE_DMALLOC +#ifdef USE_LIBCALLOC int _gnutls_is_secure_memory(const void *ign) { @@ -224,5 +224,5 @@ char *gnutls_strdup(const char *s) return ret; } -#endif /* USE_DMALLOC */ +#endif /* USE_LIBCALLOC */ diff --git a/lib/gnutls_mem.h b/lib/gnutls_mem.h index ae8f5e7389..f0eff9c580 100644 --- a/lib/gnutls_mem.h +++ b/lib/gnutls_mem.h @@ -7,10 +7,10 @@ typedef void svoid; /* for functions that allocate using gnutls_secure_free */ -#ifdef USE_DMALLOC +#ifdef USE_LIBCALLOC # define gnutls_malloc malloc # define gnutls_realloc realloc -# define gnutls_realloc_fast realloc +# define gnutls_realloc_fast(x, y) (y==0?x:realloc(x, y)) # define gnutls_free free # define gnutls_calloc calloc # define gnutls_secure_malloc malloc @@ -180,7 +180,6 @@ int main(int argc, char **argv) x509_crlfile); if (ret < 0) { fprintf(stderr, "Error setting the x509 trust file\n"); - exit(1); } } @@ -189,9 +188,8 @@ int main(int argc, char **argv) gnutls_certificate_set_x509_key_file(xcred, x509_certfile, x509_keyfile); if (ret < 0) { - fprintf(stderr, "Error setting the x509 key files ('%s', '%s'\n", + fprintf(stderr, "Error setting the x509 key files ('%s', '%s')\n", x509_certfile, x509_keyfile); - exit(1); } } |