diff options
| -rw-r--r-- | lib/gnutls.c | 20 | ||||
| -rw-r--r-- | lib/gnutls.h | 11 | ||||
| -rw-r--r-- | lib/gnutls_algorithms.c | 41 | ||||
| -rw-r--r-- | lib/gnutls_algorithms.h | 3 | ||||
| -rw-r--r-- | lib/gnutls_cipher.c | 4 | ||||
| -rw-r--r-- | lib/gnutls_handshake.c | 16 | ||||
| -rw-r--r-- | lib/gnutls_int.h | 17 | ||||
| -rw-r--r-- | lib/gnutls_plaintext.c | 5 |
8 files changed, 58 insertions, 59 deletions
diff --git a/lib/gnutls.c b/lib/gnutls.c index ea22aac7e8..3d798d4385 100644 --- a/lib/gnutls.c +++ b/lib/gnutls.c @@ -47,16 +47,12 @@ void gnutls_free(void *ptr) { GNUTLS_Version gnutls_get_current_version(GNUTLS_STATE state) { GNUTLS_Version ver; - ver.local = state->connection_state.version.local; - ver.major = state->connection_state.version.major; - ver.minor = state->connection_state.version.minor; + ver = state->connection_state.version; return ver; } void gnutls_set_current_version(GNUTLS_STATE state, GNUTLS_Version version) { - state->connection_state.version.local = version.local; - state->connection_state.version.major = version.major; - state->connection_state.version.minor = version.minor; + state->connection_state.version = version; } int gnutls_is_secure_memory(const void* mem) { @@ -434,8 +430,8 @@ ssize_t gnutls_send_int(int cd, GNUTLS_STATE state, ContentType type, void *_dat } headers[0]=type; - headers[1]=state->connection_state.version.major; - headers[2]=state->connection_state.version.minor; + headers[1]=_gnutls_version_get_major(state->connection_state.version); + headers[2]=_gnutls_version_get_minor(state->connection_state.version); for (i = 0; i < iterations; i++) { cipher_size = _gnutls_encrypt( state, &data[i*Size], Size, &cipher, type); @@ -507,8 +503,8 @@ ssize_t _gnutls_send_change_cipher_spec(int cd, GNUTLS_STATE state) } headers[0] = type; - headers[1] = state->connection_state.version.major; - headers[2] = state->connection_state.version.minor; + headers[1] = _gnutls_version_get_major(state->connection_state.version); + headers[2] = _gnutls_version_get_minor(state->connection_state.version); #ifdef HANDSHAKE_DEBUG fprintf(stderr, "Send Change Cipher Spec\n"); @@ -600,9 +596,7 @@ ssize_t gnutls_recv_int(int cd, GNUTLS_STATE state, ContentType type, char *data } memcpy( &recv_type, &headers[0], 1); - memcpy( &version.major, &headers[1], 1); - memcpy( &version.minor, &headers[2], 1); - version.local = 0; /* TLS/SSL 3.0 */ + version = _gnutls_version_get( headers[1], headers[2]); memcpy( &length, &headers[3], 2); #ifndef WORDS_BIGENDIAN diff --git a/lib/gnutls.h b/lib/gnutls.h index 916bff8e00..85d47ebd43 100644 --- a/lib/gnutls.h +++ b/lib/gnutls.h @@ -33,14 +33,9 @@ typedef enum CompressionMethod CompressionMethod; enum ConnectionEnd { GNUTLS_SERVER, GNUTLS_CLIENT }; typedef enum ConnectionEnd ConnectionEnd; -typedef struct { - unsigned char local; - unsigned char major; - unsigned char minor; -} GNUTLS_Version; -extern GNUTLS_Version GNUTLS_TLS1; -extern GNUTLS_Version GNUTLS_SSL3; - +#define GNUTLS_Version int +#define GNUTLS_TLS1 0 +#define GNUTLS_SSL3 1 struct GNUTLS_STATE_INT; typedef struct GNUTLS_STATE_INT* GNUTLS_STATE; diff --git a/lib/gnutls_algorithms.c b/lib/gnutls_algorithms.c index 5a2aa4142e..3ec1cbcff1 100644 --- a/lib/gnutls_algorithms.c +++ b/lib/gnutls_algorithms.c @@ -27,16 +27,15 @@ typedef struct { char *name; - GNUTLS_Version *id; - int supported; /* 0 not supported, > 0 is supported */ + GNUTLS_Version id; /* gnutls internal version number */ + int major; /* defined by the protocol */ + int minor; /* defined by the protocol */ + int supported; /* 0 not supported, > 0 is supported */ } gnutls_version_entry; -GNUTLS_Version GNUTLS_TLS1 = { 0, 3, 1 }; -GNUTLS_Version GNUTLS_SSL3 = { 0, 3, 0 }; - static gnutls_version_entry sup_versions[] = { - {"SSL3", &GNUTLS_SSL3, 1}, - {"TLS1", &GNUTLS_TLS1, 1}, + {"SSL3", GNUTLS_SSL3, 3, 0, 1}, + {"TLS1", GNUTLS_TLS1, 3, 1, 1}, {0} }; @@ -45,7 +44,7 @@ static gnutls_version_entry sup_versions[] = { for(p = sup_versions; p->name != NULL; p++) { b ; } #define GNUTLS_VERSION_ALG_LOOP(a) \ - GNUTLS_VERSION_LOOP( if( (p->id->local == version.local)&&(p->id->major == version.major)&&(p->id->minor == version.minor) ) { a; break; } ) + GNUTLS_VERSION_LOOP( if(p->id == version) { a; break; }) #define GNUTLS_CIPHER_ENTRY(name, blksize, keysize, block, iv) \ @@ -618,17 +617,33 @@ int _gnutls_kx_is_ok(KXAlgorithm algorithm) else ret = 1; return ret; +} + +int _gnutls_version_get_minor( GNUTLS_Version version) { +int ret = -1; + + GNUTLS_VERSION_ALG_LOOP(ret = p->minor); + return ret; +} + +GNUTLS_Version _gnutls_version_get( int major, int minor) { +int ret = -1; + + GNUTLS_VERSION_LOOP(if ((p->major == major) && (p->minor==minor)) ret = p->id); + return ret; +} + +int _gnutls_version_get_major( GNUTLS_Version version) { +int ret = -1; + GNUTLS_VERSION_ALG_LOOP(ret = p->major); + return ret; } /* Version Functions */ int _gnutls_version_cmp(GNUTLS_Version ver1, GNUTLS_Version ver2) { - if (ver1.major != ver2.major) - return 1; - if (ver1.minor != ver2.minor) - return 1; - if (ver1.local != ver2.local) + if (ver1 != ver2) return 1; return 0; } diff --git a/lib/gnutls_algorithms.h b/lib/gnutls_algorithms.h index f4298976e1..c019a31aae 100644 --- a/lib/gnutls_algorithms.h +++ b/lib/gnutls_algorithms.h @@ -20,6 +20,9 @@ /* functions for version */ int _gnutls_version_is_supported(GNUTLS_STATE state, const GNUTLS_Version version); +int _gnutls_version_get_major( GNUTLS_Version ver); +int _gnutls_version_get_minor( GNUTLS_Version ver); +GNUTLS_Version _gnutls_version_get( int major, int minor); /* functions for macs */ int _gnutls_mac_get_digest_size(MACAlgorithm algorithm); diff --git a/lib/gnutls_cipher.c b/lib/gnutls_cipher.c index 374a27c985..c922727f97 100644 --- a/lib/gnutls_cipher.c +++ b/lib/gnutls_cipher.c @@ -92,8 +92,8 @@ int _gnutls_decrypt(GNUTLS_STATE state, char *ciphertext, gcipher.type = type; gcipher.length = ciphertext_size; - gcipher.version.major = state->connection_state.version.major; - gcipher.version.minor = state->connection_state.version.minor; + gcipher.version.major = _gnutls_version_get_major(state->connection_state.version); + gcipher.version.minor = _gnutls_version_get_minor(state->connection_state.version); gcipher.fragment = gnutls_malloc(ciphertext_size); memmove(gcipher.fragment, ciphertext, ciphertext_size); diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 566753bfea..f99aea9e63 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -493,8 +493,8 @@ int _gnutls_send_hello(int cd, GNUTLS_STATE state, opaque * SessionID, */ data = gnutls_malloc(datalen); - data[pos++] = state->connection_state.version.major; - data[pos++] = state->connection_state.version.minor; + data[pos++] = _gnutls_version_get_major(state->connection_state.version); + data[pos++] = _gnutls_version_get_minor(state->connection_state.version); #ifdef WORDS_BIGENDIAN cur_time = time(NULL); #else @@ -565,8 +565,8 @@ int _gnutls_send_hello(int cd, GNUTLS_STATE state, opaque * SessionID, datalen = 2 + session_id_len + 1 + 32; data = gnutls_malloc(datalen); - data[pos++] = state->connection_state.version.major; - data[pos++] = state->connection_state.version.minor; + data[pos++] = _gnutls_version_get_major(state->connection_state.version); + data[pos++] = _gnutls_version_get_minor(state->connection_state.version); memmove( &data[pos], state->security_parameters.server_random, 32); pos += 32; @@ -625,9 +625,7 @@ int _gnutls_recv_hello(int cd, GNUTLS_STATE state, char *data, int datalen) #ifdef DEBUG fprintf(stderr, "Server's version: %d.%d\n", data[pos], data[pos+1]); #endif - version.local = 0; /* TLS 1.0 / SSL 3.0 */ - version.major = data[pos]; - version.minor = data[pos+1]; + version = _gnutls_version_get( data[pos], data[pos+1]); if ( _gnutls_version_is_supported( state, version) == 0) { gnutls_assert(); return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; @@ -722,9 +720,7 @@ int _gnutls_recv_hello(int cd, GNUTLS_STATE state, char *data, int datalen) #ifdef DEBUG fprintf(stderr, "Client's version: %d.%d\n", data[pos], data[pos+1]); #endif - version.local = 0; /* TLS 1.0 / SSL 3.0 */ - version.major = data[pos]; - version.minor = data[pos+1]; + version = _gnutls_version_get( data[pos], data[pos+1]); if ( _gnutls_version_is_supported( state, version) == 0) { gnutls_assert(); return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index a88f2a732c..bbf13428d2 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -164,17 +164,12 @@ typedef struct { } CipherSpecs; -typedef struct { - uint8 local; - uint8 major; - uint8 minor; -} GNUTLS_Version; - -extern GNUTLS_Version GNUTLS_TLS1; -extern GNUTLS_Version GNUTLS_SSL3; +#define GNUTLS_Version int +#define GNUTLS_TLS1 0 +#define GNUTLS_SSL3 1 typedef struct { - GNUTLS_Version version; + GNUTLS_Version version; opaque* read_compression_state; opaque* write_compression_state; GNUTLS_CIPHER_HANDLE write_cipher_state; @@ -182,8 +177,8 @@ typedef struct { opaque* read_mac_secret; opaque* write_mac_secret; uint8 mac_secret_size; - uint64 read_sequence_number; - uint64 write_sequence_number; + uint64 read_sequence_number; + uint64 write_sequence_number; } ConnectionState; typedef struct { diff --git a/lib/gnutls_plaintext.c b/lib/gnutls_plaintext.c index 2f0b4ce4ea..5ce2f06253 100644 --- a/lib/gnutls_plaintext.c +++ b/lib/gnutls_plaintext.c @@ -21,6 +21,7 @@ #include <defines.h> #include "gnutls_int.h" #include "gnutls_errors.h" +#include "gnutls_algorithms.h" /* Plaintext Handling */ int _gnutls_text2TLSPlaintext(GNUTLS_STATE state, ContentType type, GNUTLSPlaintext** plain, char *text, uint16 length) @@ -37,8 +38,8 @@ int _gnutls_text2TLSPlaintext(GNUTLS_STATE state, ContentType type, GNUTLSPlaint memmove(plaintext->fragment, text, length); plaintext->length = length; plaintext->type = type; - plaintext->version.major = state->connection_state.version.major; - plaintext->version.minor = state->connection_state.version.minor; + plaintext->version.major = _gnutls_version_get_major(state->connection_state.version); + plaintext->version.minor = _gnutls_version_get_minor(state->connection_state.version); return 0; } |