summaryrefslogtreecommitdiff
path: root/lib/constate.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/constate.c')
-rw-r--r--lib/constate.c43
1 files changed, 16 insertions, 27 deletions
diff --git a/lib/constate.c b/lib/constate.c
index becdfd9dcb..45a4d2eea3 100644
--- a/lib/constate.c
+++ b/lib/constate.c
@@ -260,23 +260,6 @@ _gnutls_set_cipher_suite2(gnutls_session_t session,
return 0;
}
-void
-_gnutls_epoch_set_null_algos(gnutls_session_t session,
- record_parameters_st * params)
-{
- /* This is only called on startup. We are extra paranoid about this
- because it may cause unencrypted application data to go out on
- the wire. */
- if (params->initialized || params->epoch != 0) {
- gnutls_assert();
- return;
- }
-
- params->cipher = cipher_to_entry(GNUTLS_CIPHER_NULL);
- params->mac = mac_to_entry(GNUTLS_MAC_NULL);
- params->initialized = 1;
-}
-
int _gnutls_epoch_set_keys(gnutls_session_t session, uint16_t epoch)
{
int hash_size;
@@ -514,15 +497,14 @@ _gnutls_epoch_get(gnutls_session_t session, unsigned int epoch_rel,
}
int
-_gnutls_epoch_alloc(gnutls_session_t session, uint16_t epoch,
- record_parameters_st ** out)
+_gnutls_epoch_new(gnutls_session_t session, unsigned null_epoch, record_parameters_st **newp)
{
record_parameters_st **slot;
_gnutls_record_log("REC[%p]: Allocating epoch #%u\n", session,
- epoch);
+ session->security_parameters.epoch_next);
- slot = epoch_get_slot(session, epoch);
+ slot = epoch_get_slot(session, session->security_parameters.epoch_next);
/* If slot out of range or not empty. */
if (slot == NULL)
@@ -535,17 +517,24 @@ _gnutls_epoch_alloc(gnutls_session_t session, uint16_t epoch,
if (*slot == NULL)
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
- (*slot)->epoch = epoch;
- (*slot)->cipher = NULL;
- (*slot)->mac = NULL;
+ (*slot)->epoch = session->security_parameters.epoch_next;
+
+ if (null_epoch) {
+ (*slot)->cipher = cipher_to_entry(GNUTLS_CIPHER_NULL);
+ (*slot)->mac = mac_to_entry(GNUTLS_MAC_NULL);
+ (*slot)->initialized = 1;
+ } else {
+ (*slot)->cipher = NULL;
+ (*slot)->mac = NULL;
+ }
if (IS_DTLS(session))
- _gnutls_write_uint16(epoch,
+ _gnutls_write_uint16(session->security_parameters.epoch_next,
UINT64DATA((*slot)->write.
sequence_number));
- if (out != NULL)
- *out = *slot;
+ if (newp != NULL)
+ *newp = *slot;
return 0;
}
View Lorry Controller Status