summaryrefslogtreecommitdiff
path: root/lib/gnutls_constate.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gnutls_constate.c')
-rw-r--r--lib/gnutls_constate.c1341
1 files changed, 716 insertions, 625 deletions
diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c
index 2f56869b95..3ac7b3ef2e 100644
--- a/lib/gnutls_constate.c
+++ b/lib/gnutls_constate.c
@@ -36,16 +36,16 @@
#include <gnutls_state.h>
static const char keyexp[] = "key expansion";
-static const int keyexp_length = sizeof(keyexp) - 1;
+static const int keyexp_length = sizeof (keyexp) - 1;
static const char ivblock[] = "IV block";
-static const int ivblock_length = sizeof(ivblock) - 1;
+static const int ivblock_length = sizeof (ivblock) - 1;
static const char cliwrite[] = "client write key";
-static const int cliwrite_length = sizeof(cliwrite) - 1;
+static const int cliwrite_length = sizeof (cliwrite) - 1;
static const char servwrite[] = "server write key";
-static const int servwrite_length = sizeof(servwrite) - 1;
+static const int servwrite_length = sizeof (servwrite) - 1;
#define EXPORT_FINAL_KEY_SIZE 16
@@ -54,341 +54,379 @@ static const int servwrite_length = sizeof(servwrite) - 1;
* This function creates the keys and stores them into pending session.
* (session->cipher_specs)
*/
-int _gnutls_set_keys(gnutls_session_t session, int hash_size, int IV_size,
- int key_size, int export_flag)
+int
+_gnutls_set_keys (gnutls_session_t session, int hash_size, int IV_size,
+ int key_size, int export_flag)
{
/* FIXME: This function is too long
*/
- opaque *key_block;
- opaque rnd[2 * TLS_RANDOM_SIZE];
- opaque rrnd[2 * TLS_RANDOM_SIZE];
- int pos, ret;
- int block_size;
- char buf[65];
-
- if (session->cipher_specs.generated_keys != 0) {
- /* keys have already been generated.
- * reset generated_keys and exit normally.
- */
- session->cipher_specs.generated_keys = 0;
- return 0;
- }
-
- block_size = 2 * hash_size + 2 * key_size;
- if (export_flag == 0)
- block_size += 2 * IV_size;
-
- key_block = gnutls_secure_malloc(block_size);
- if (key_block == NULL) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
- }
-
- memcpy(rnd, session->security_parameters.server_random,
- TLS_RANDOM_SIZE);
- memcpy(&rnd[TLS_RANDOM_SIZE],
- session->security_parameters.client_random, TLS_RANDOM_SIZE);
-
- memcpy(rrnd, session->security_parameters.client_random,
- TLS_RANDOM_SIZE);
- memcpy(&rrnd[TLS_RANDOM_SIZE],
- session->security_parameters.server_random, TLS_RANDOM_SIZE);
-
- if (session->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */
- ret =
- _gnutls_ssl3_generate_random(session->
- security_parameters.
- master_secret,
- TLS_MASTER_SIZE, rnd,
- 2 * TLS_RANDOM_SIZE,
- block_size, key_block);
- } else { /* TLS 1.0 */
- ret =
- _gnutls_PRF(session->security_parameters.master_secret,
- TLS_MASTER_SIZE, keyexp, keyexp_length,
- rnd, 2 * TLS_RANDOM_SIZE, block_size,
- key_block);
- }
-
- if (ret < 0) {
- gnutls_assert();
- gnutls_free(key_block);
- return ret;
- }
-
- _gnutls_hard_log("INT: KEY BLOCK[%d]: %s\n", block_size,
- _gnutls_bin2hex(key_block, block_size, buf,
- sizeof(buf)));
-
- pos = 0;
- if (hash_size > 0) {
- if (_gnutls_sset_datum
- (&session->cipher_specs.client_write_mac_secret,
- &key_block[pos], hash_size) < 0) {
- gnutls_free(key_block);
- return GNUTLS_E_MEMORY_ERROR;
- }
- pos += hash_size;
+ opaque *key_block;
+ opaque rnd[2 * TLS_RANDOM_SIZE];
+ opaque rrnd[2 * TLS_RANDOM_SIZE];
+ int pos, ret;
+ int block_size;
+ char buf[65];
+
+ if (session->cipher_specs.generated_keys != 0)
+ {
+ /* keys have already been generated.
+ * reset generated_keys and exit normally.
+ */
+ session->cipher_specs.generated_keys = 0;
+ return 0;
+ }
- if (_gnutls_sset_datum
- (&session->cipher_specs.server_write_mac_secret,
- &key_block[pos], hash_size) < 0) {
- gnutls_free(key_block);
- return GNUTLS_E_MEMORY_ERROR;
- }
- pos += hash_size;
+ block_size = 2 * hash_size + 2 * key_size;
+ if (export_flag == 0)
+ block_size += 2 * IV_size;
+
+ key_block = gnutls_secure_malloc (block_size);
+ if (key_block == NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
}
- if (key_size > 0) {
- opaque *client_write_key, *server_write_key;
- int client_write_key_size, server_write_key_size;
- int free_keys = 0;
+ memcpy (rnd, session->security_parameters.server_random, TLS_RANDOM_SIZE);
+ memcpy (&rnd[TLS_RANDOM_SIZE],
+ session->security_parameters.client_random, TLS_RANDOM_SIZE);
+
+ memcpy (rrnd, session->security_parameters.client_random, TLS_RANDOM_SIZE);
+ memcpy (&rrnd[TLS_RANDOM_SIZE],
+ session->security_parameters.server_random, TLS_RANDOM_SIZE);
+
+ if (session->security_parameters.version == GNUTLS_SSL3)
+ { /* SSL 3 */
+ ret =
+ _gnutls_ssl3_generate_random (session->
+ security_parameters.
+ master_secret,
+ TLS_MASTER_SIZE, rnd,
+ 2 * TLS_RANDOM_SIZE,
+ block_size, key_block);
+ }
+ else
+ { /* TLS 1.0 */
+ ret =
+ _gnutls_PRF (session->security_parameters.master_secret,
+ TLS_MASTER_SIZE, keyexp, keyexp_length,
+ rnd, 2 * TLS_RANDOM_SIZE, block_size, key_block);
+ }
- if (export_flag == 0) {
- client_write_key = &key_block[pos];
- client_write_key_size = key_size;
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ gnutls_free (key_block);
+ return ret;
+ }
- pos += key_size;
+ _gnutls_hard_log ("INT: KEY BLOCK[%d]: %s\n", block_size,
+ _gnutls_bin2hex (key_block, block_size, buf,
+ sizeof (buf)));
+
+ pos = 0;
+ if (hash_size > 0)
+ {
+ if (_gnutls_sset_datum
+ (&session->cipher_specs.client_write_mac_secret,
+ &key_block[pos], hash_size) < 0)
+ {
+ gnutls_free (key_block);
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+ pos += hash_size;
+
+ if (_gnutls_sset_datum
+ (&session->cipher_specs.server_write_mac_secret,
+ &key_block[pos], hash_size) < 0)
+ {
+ gnutls_free (key_block);
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+ pos += hash_size;
+ }
+
+ if (key_size > 0)
+ {
+ opaque *client_write_key, *server_write_key;
+ int client_write_key_size, server_write_key_size;
+ int free_keys = 0;
- server_write_key = &key_block[pos];
- server_write_key_size = key_size;
+ if (export_flag == 0)
+ {
+ client_write_key = &key_block[pos];
+ client_write_key_size = key_size;
- pos += key_size;
+ pos += key_size;
- } else { /* export */
- free_keys = 1;
+ server_write_key = &key_block[pos];
+ server_write_key_size = key_size;
- client_write_key = gnutls_secure_malloc(EXPORT_FINAL_KEY_SIZE);
- if (client_write_key == NULL) {
- gnutls_assert();
- gnutls_free(key_block);
- return GNUTLS_E_MEMORY_ERROR;
+ pos += key_size;
+
+ }
+ else
+ { /* export */
+ free_keys = 1;
+
+ client_write_key = gnutls_secure_malloc (EXPORT_FINAL_KEY_SIZE);
+ if (client_write_key == NULL)
+ {
+ gnutls_assert ();
+ gnutls_free (key_block);
+ return GNUTLS_E_MEMORY_ERROR;
}
- server_write_key = gnutls_secure_malloc(EXPORT_FINAL_KEY_SIZE);
- if (server_write_key == NULL) {
- gnutls_assert();
- gnutls_free(key_block);
- gnutls_free(client_write_key);
- return GNUTLS_E_MEMORY_ERROR;
+ server_write_key = gnutls_secure_malloc (EXPORT_FINAL_KEY_SIZE);
+ if (server_write_key == NULL)
+ {
+ gnutls_assert ();
+ gnutls_free (key_block);
+ gnutls_free (client_write_key);
+ return GNUTLS_E_MEMORY_ERROR;
}
- /* generate the final keys */
-
- if (session->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */
- ret =
- _gnutls_ssl3_hash_md5(&key_block[pos],
- key_size, rrnd,
- 2 * TLS_RANDOM_SIZE,
- EXPORT_FINAL_KEY_SIZE,
- client_write_key);
-
- } else { /* TLS 1.0 */
- ret =
- _gnutls_PRF(&key_block[pos], key_size,
- cliwrite, cliwrite_length,
- rrnd,
- 2 * TLS_RANDOM_SIZE,
- EXPORT_FINAL_KEY_SIZE, client_write_key);
+ /* generate the final keys */
+
+ if (session->security_parameters.version == GNUTLS_SSL3)
+ { /* SSL 3 */
+ ret =
+ _gnutls_ssl3_hash_md5 (&key_block[pos],
+ key_size, rrnd,
+ 2 * TLS_RANDOM_SIZE,
+ EXPORT_FINAL_KEY_SIZE,
+ client_write_key);
+
+ }
+ else
+ { /* TLS 1.0 */
+ ret =
+ _gnutls_PRF (&key_block[pos], key_size,
+ cliwrite, cliwrite_length,
+ rrnd,
+ 2 * TLS_RANDOM_SIZE,
+ EXPORT_FINAL_KEY_SIZE, client_write_key);
}
- if (ret < 0) {
- gnutls_assert();
- gnutls_free(key_block);
- gnutls_free(server_write_key);
- gnutls_free(client_write_key);
- return ret;
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ gnutls_free (key_block);
+ gnutls_free (server_write_key);
+ gnutls_free (client_write_key);
+ return ret;
}
- client_write_key_size = EXPORT_FINAL_KEY_SIZE;
- pos += key_size;
-
- if (session->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */
- ret =
- _gnutls_ssl3_hash_md5(&key_block[pos], key_size,
- rnd, 2 * TLS_RANDOM_SIZE,
- EXPORT_FINAL_KEY_SIZE,
- server_write_key);
- } else { /* TLS 1.0 */
- ret =
- _gnutls_PRF(&key_block[pos], key_size,
- servwrite, servwrite_length,
- rrnd, 2 * TLS_RANDOM_SIZE,
- EXPORT_FINAL_KEY_SIZE, server_write_key);
+ client_write_key_size = EXPORT_FINAL_KEY_SIZE;
+ pos += key_size;
+
+ if (session->security_parameters.version == GNUTLS_SSL3)
+ { /* SSL 3 */
+ ret =
+ _gnutls_ssl3_hash_md5 (&key_block[pos], key_size,
+ rnd, 2 * TLS_RANDOM_SIZE,
+ EXPORT_FINAL_KEY_SIZE,
+ server_write_key);
+ }
+ else
+ { /* TLS 1.0 */
+ ret =
+ _gnutls_PRF (&key_block[pos], key_size,
+ servwrite, servwrite_length,
+ rrnd, 2 * TLS_RANDOM_SIZE,
+ EXPORT_FINAL_KEY_SIZE, server_write_key);
}
- if (ret < 0) {
- gnutls_assert();
- gnutls_free(key_block);
- gnutls_free(server_write_key);
- gnutls_free(client_write_key);
- return ret;
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ gnutls_free (key_block);
+ gnutls_free (server_write_key);
+ gnutls_free (client_write_key);
+ return ret;
}
- server_write_key_size = EXPORT_FINAL_KEY_SIZE;
- pos += key_size;
+ server_write_key_size = EXPORT_FINAL_KEY_SIZE;
+ pos += key_size;
}
- if (_gnutls_sset_datum
- (&session->cipher_specs.client_write_key,
- client_write_key, client_write_key_size) < 0) {
- gnutls_free(key_block);
- gnutls_free(server_write_key);
- gnutls_free(client_write_key);
- return GNUTLS_E_MEMORY_ERROR;
+ if (_gnutls_sset_datum
+ (&session->cipher_specs.client_write_key,
+ client_write_key, client_write_key_size) < 0)
+ {
+ gnutls_free (key_block);
+ gnutls_free (server_write_key);
+ gnutls_free (client_write_key);
+ return GNUTLS_E_MEMORY_ERROR;
}
- _gnutls_hard_log("INT: CLIENT WRITE KEY [%d]: %s\n",
- client_write_key_size,
- _gnutls_bin2hex(client_write_key,
+ _gnutls_hard_log ("INT: CLIENT WRITE KEY [%d]: %s\n",
+ client_write_key_size,
+ _gnutls_bin2hex (client_write_key,
client_write_key_size, buf,
- sizeof(buf)));
-
- if (_gnutls_sset_datum
- (&session->cipher_specs.server_write_key,
- server_write_key, server_write_key_size) < 0) {
- gnutls_free(key_block);
- gnutls_free(server_write_key);
- gnutls_free(client_write_key);
- return GNUTLS_E_MEMORY_ERROR;
+ sizeof (buf)));
+
+ if (_gnutls_sset_datum
+ (&session->cipher_specs.server_write_key,
+ server_write_key, server_write_key_size) < 0)
+ {
+ gnutls_free (key_block);
+ gnutls_free (server_write_key);
+ gnutls_free (client_write_key);
+ return GNUTLS_E_MEMORY_ERROR;
}
- _gnutls_hard_log("INT: SERVER WRITE KEY [%d]: %s\n",
- server_write_key_size,
- _gnutls_bin2hex(server_write_key,
+ _gnutls_hard_log ("INT: SERVER WRITE KEY [%d]: %s\n",
+ server_write_key_size,
+ _gnutls_bin2hex (server_write_key,
server_write_key_size, buf,
- sizeof(buf)));
+ sizeof (buf)));
- if (free_keys != 0) {
- gnutls_free(server_write_key);
- gnutls_free(client_write_key);
+ if (free_keys != 0)
+ {
+ gnutls_free (server_write_key);
+ gnutls_free (client_write_key);
}
}
- /* IV generation in export and non export ciphers.
- */
- if (IV_size > 0 && export_flag == 0) {
- if (_gnutls_sset_datum
- (&session->cipher_specs.client_write_IV, &key_block[pos],
- IV_size) < 0) {
- gnutls_free(key_block);
- return GNUTLS_E_MEMORY_ERROR;
+ /* IV generation in export and non export ciphers.
+ */
+ if (IV_size > 0 && export_flag == 0)
+ {
+ if (_gnutls_sset_datum
+ (&session->cipher_specs.client_write_IV, &key_block[pos],
+ IV_size) < 0)
+ {
+ gnutls_free (key_block);
+ return GNUTLS_E_MEMORY_ERROR;
}
- pos += IV_size;
-
- if (_gnutls_sset_datum
- (&session->cipher_specs.server_write_IV, &key_block[pos],
- IV_size) < 0) {
- gnutls_free(key_block);
- return GNUTLS_E_MEMORY_ERROR;
+ pos += IV_size;
+
+ if (_gnutls_sset_datum
+ (&session->cipher_specs.server_write_IV, &key_block[pos],
+ IV_size) < 0)
+ {
+ gnutls_free (key_block);
+ return GNUTLS_E_MEMORY_ERROR;
}
- pos += IV_size;
-
- } else if (IV_size > 0 && export_flag != 0) {
- opaque *iv_block = gnutls_alloca(IV_size * 2);
- if (iv_block == NULL) {
- gnutls_assert();
- gnutls_free(key_block);
- return GNUTLS_E_MEMORY_ERROR;
+ pos += IV_size;
+
+ }
+ else if (IV_size > 0 && export_flag != 0)
+ {
+ opaque *iv_block = gnutls_alloca (IV_size * 2);
+ if (iv_block == NULL)
+ {
+ gnutls_assert ();
+ gnutls_free (key_block);
+ return GNUTLS_E_MEMORY_ERROR;
}
- if (session->security_parameters.version == GNUTLS_SSL3) { /* SSL 3 */
- ret =
- _gnutls_ssl3_hash_md5("", 0,
- rrnd, TLS_RANDOM_SIZE * 2,
- IV_size, iv_block);
-
- if (ret < 0) {
- gnutls_assert();
- gnutls_free(key_block);
- gnutls_afree(iv_block);
- return ret;
+ if (session->security_parameters.version == GNUTLS_SSL3)
+ { /* SSL 3 */
+ ret =
+ _gnutls_ssl3_hash_md5 ("", 0,
+ rrnd, TLS_RANDOM_SIZE * 2,
+ IV_size, iv_block);
+
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ gnutls_free (key_block);
+ gnutls_afree (iv_block);
+ return ret;
}
- ret =
- _gnutls_ssl3_hash_md5("", 0, rnd,
- TLS_RANDOM_SIZE * 2,
- IV_size, &iv_block[IV_size]);
+ ret =
+ _gnutls_ssl3_hash_md5 ("", 0, rnd,
+ TLS_RANDOM_SIZE * 2,
+ IV_size, &iv_block[IV_size]);
- } else { /* TLS 1.0 */
- ret =
- _gnutls_PRF("", 0,
- ivblock, ivblock_length, rrnd,
- 2 * TLS_RANDOM_SIZE, IV_size * 2, iv_block);
+ }
+ else
+ { /* TLS 1.0 */
+ ret =
+ _gnutls_PRF ("", 0,
+ ivblock, ivblock_length, rrnd,
+ 2 * TLS_RANDOM_SIZE, IV_size * 2, iv_block);
}
- if (ret < 0) {
- gnutls_assert();
- gnutls_afree(iv_block);
- gnutls_free(key_block);
- return ret;
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ gnutls_afree (iv_block);
+ gnutls_free (key_block);
+ return ret;
}
- if (_gnutls_sset_datum
- (&session->cipher_specs.client_write_IV, iv_block,
- IV_size) < 0) {
- gnutls_afree(iv_block);
- gnutls_free(key_block);
- return GNUTLS_E_MEMORY_ERROR;
+ if (_gnutls_sset_datum
+ (&session->cipher_specs.client_write_IV, iv_block, IV_size) < 0)
+ {
+ gnutls_afree (iv_block);
+ gnutls_free (key_block);
+ return GNUTLS_E_MEMORY_ERROR;
}
- if (_gnutls_sset_datum
- (&session->cipher_specs.server_write_IV,
- &iv_block[IV_size], IV_size) < 0) {
- gnutls_afree(iv_block);
- gnutls_free(key_block);
- return GNUTLS_E_MEMORY_ERROR;
+ if (_gnutls_sset_datum
+ (&session->cipher_specs.server_write_IV,
+ &iv_block[IV_size], IV_size) < 0)
+ {
+ gnutls_afree (iv_block);
+ gnutls_free (key_block);
+ return GNUTLS_E_MEMORY_ERROR;
}
- gnutls_afree(iv_block);
+ gnutls_afree (iv_block);
}
- gnutls_free(key_block);
+ gnutls_free (key_block);
- session->cipher_specs.generated_keys = 1;
+ session->cipher_specs.generated_keys = 1;
- return 0;
+ return 0;
}
-int _gnutls_set_read_keys(gnutls_session_t session)
+int
+_gnutls_set_read_keys (gnutls_session_t session)
{
- int hash_size;
- int IV_size;
- int key_size, export_flag;
- gnutls_cipher_algorithm_t algo;
- gnutls_mac_algorithm_t mac_algo;
-
- mac_algo = session->security_parameters.read_mac_algorithm;
- algo = session->security_parameters.read_bulk_cipher_algorithm;
-
- hash_size = _gnutls_hash_get_algo_len(mac_algo);
- IV_size = _gnutls_cipher_get_iv_size(algo);
- key_size = gnutls_cipher_get_key_size(algo);
- export_flag = _gnutls_cipher_get_export_flag(algo);
-
- return _gnutls_set_keys(session, hash_size, IV_size, key_size,
- export_flag);
+ int hash_size;
+ int IV_size;
+ int key_size, export_flag;
+ gnutls_cipher_algorithm_t algo;
+ gnutls_mac_algorithm_t mac_algo;
+
+ mac_algo = session->security_parameters.read_mac_algorithm;
+ algo = session->security_parameters.read_bulk_cipher_algorithm;
+
+ hash_size = _gnutls_hash_get_algo_len (mac_algo);
+ IV_size = _gnutls_cipher_get_iv_size (algo);
+ key_size = gnutls_cipher_get_key_size (algo);
+ export_flag = _gnutls_cipher_get_export_flag (algo);
+
+ return _gnutls_set_keys (session, hash_size, IV_size, key_size,
+ export_flag);
}
-int _gnutls_set_write_keys(gnutls_session_t session)
+int
+_gnutls_set_write_keys (gnutls_session_t session)
{
- int hash_size;
- int IV_size;
- int key_size, export_flag;
- gnutls_cipher_algorithm_t algo;
- gnutls_mac_algorithm_t mac_algo;
-
- mac_algo = session->security_parameters.write_mac_algorithm;
- algo = session->security_parameters.write_bulk_cipher_algorithm;
-
- hash_size = _gnutls_hash_get_algo_len(mac_algo);
- IV_size = _gnutls_cipher_get_iv_size(algo);
- key_size = gnutls_cipher_get_key_size(algo);
- export_flag = _gnutls_cipher_get_export_flag(algo);
-
- return _gnutls_set_keys(session, hash_size, IV_size, key_size,
- export_flag);
+ int hash_size;
+ int IV_size;
+ int key_size, export_flag;
+ gnutls_cipher_algorithm_t algo;
+ gnutls_mac_algorithm_t mac_algo;
+
+ mac_algo = session->security_parameters.write_mac_algorithm;
+ algo = session->security_parameters.write_bulk_cipher_algorithm;
+
+ hash_size = _gnutls_hash_get_algo_len (mac_algo);
+ IV_size = _gnutls_cipher_get_iv_size (algo);
+ key_size = gnutls_cipher_get_key_size (algo);
+ export_flag = _gnutls_cipher_get_export_flag (algo);
+
+ return _gnutls_set_keys (session, hash_size, IV_size, key_size,
+ export_flag);
}
#define CPY_COMMON dst->entity = src->entity; \
@@ -406,28 +444,26 @@ int _gnutls_set_write_keys(gnutls_session_t session)
dst->version = src->version; \
memcpy( &dst->extensions, &src->extensions, sizeof(tls_ext_st));
-static void _gnutls_cpy_read_security_parameters(security_parameters_st *
- dst,
- security_parameters_st *
- src)
+static void
+_gnutls_cpy_read_security_parameters (security_parameters_st *
+ dst, security_parameters_st * src)
{
- CPY_COMMON;
+ CPY_COMMON;
- dst->read_bulk_cipher_algorithm = src->read_bulk_cipher_algorithm;
- dst->read_mac_algorithm = src->read_mac_algorithm;
- dst->read_compression_algorithm = src->read_compression_algorithm;
+ dst->read_bulk_cipher_algorithm = src->read_bulk_cipher_algorithm;
+ dst->read_mac_algorithm = src->read_mac_algorithm;
+ dst->read_compression_algorithm = src->read_compression_algorithm;
}
-static void _gnutls_cpy_write_security_parameters(security_parameters_st *
- dst,
- security_parameters_st *
- src)
+static void
+_gnutls_cpy_write_security_parameters (security_parameters_st *
+ dst, security_parameters_st * src)
{
- CPY_COMMON;
+ CPY_COMMON;
- dst->write_bulk_cipher_algorithm = src->write_bulk_cipher_algorithm;
- dst->write_mac_algorithm = src->write_mac_algorithm;
- dst->write_compression_algorithm = src->write_compression_algorithm;
+ dst->write_bulk_cipher_algorithm = src->write_bulk_cipher_algorithm;
+ dst->write_mac_algorithm = src->write_mac_algorithm;
+ dst->write_compression_algorithm = src->write_compression_algorithm;
}
/* Sets the current connection session to conform with the
@@ -436,197 +472,210 @@ static void _gnutls_cpy_write_security_parameters(security_parameters_st *
* secrets and random numbers to have been negotiated)
* This is to be called after sending the Change Cipher Spec packet.
*/
-int _gnutls_connection_state_init(gnutls_session_t session)
+int
+_gnutls_connection_state_init (gnutls_session_t session)
{
- int ret;
+ int ret;
/* Setup the master secret
*/
- if ((ret = _gnutls_generate_master(session, 0), 0) < 0) {
- gnutls_assert();
- return ret;
+ if ((ret = _gnutls_generate_master (session, 0), 0) < 0)
+ {
+ gnutls_assert ();
+ return ret;
}
- return 0;
+ return 0;
}
/* Initializes the read connection session
* (read encrypted data)
*/
-int _gnutls_read_connection_state_init(gnutls_session_t session)
+int
+_gnutls_read_connection_state_init (gnutls_session_t session)
{
- int mac_size;
- int rc;
+ int mac_size;
+ int rc;
- _gnutls_uint64zero(session->connection_state.read_sequence_number);
+ _gnutls_uint64zero (session->connection_state.read_sequence_number);
/* Update internals from CipherSuite selected.
* If we are resuming just copy the connection session
*/
- if (session->internals.resumed == RESUME_FALSE) {
- rc = _gnutls_set_read_cipher(session,
- _gnutls_cipher_suite_get_cipher_algo
- (&session->security_parameters.
- current_cipher_suite));
- if (rc < 0)
- return rc;
- rc = _gnutls_set_read_mac(session,
- _gnutls_cipher_suite_get_mac_algo
- (&session->security_parameters.
- current_cipher_suite));
- if (rc < 0)
- return rc;
+ if (session->internals.resumed == RESUME_FALSE)
+ {
+ rc = _gnutls_set_read_cipher (session,
+ _gnutls_cipher_suite_get_cipher_algo
+ (&session->security_parameters.
+ current_cipher_suite));
+ if (rc < 0)
+ return rc;
+ rc = _gnutls_set_read_mac (session,
+ _gnutls_cipher_suite_get_mac_algo
+ (&session->security_parameters.
+ current_cipher_suite));
+ if (rc < 0)
+ return rc;
- rc = _gnutls_set_kx(session,
- _gnutls_cipher_suite_get_kx_algo
- (&session->security_parameters.
- current_cipher_suite));
- if (rc < 0)
- return rc;
+ rc = _gnutls_set_kx (session,
+ _gnutls_cipher_suite_get_kx_algo
+ (&session->security_parameters.
+ current_cipher_suite));
+ if (rc < 0)
+ return rc;
- rc = _gnutls_set_read_compression(session,
- session->internals.
- compression_method);
- if (rc < 0)
- return rc;
- } else { /* RESUME_TRUE */
- _gnutls_cpy_read_security_parameters(&session->
- security_parameters,
- &session->
- internals.
- resumed_security_parameters);
+ rc = _gnutls_set_read_compression (session,
+ session->internals.
+ compression_method);
+ if (rc < 0)
+ return rc;
+ }
+ else
+ { /* RESUME_TRUE */
+ _gnutls_cpy_read_security_parameters (&session->
+ security_parameters,
+ &session->
+ internals.
+ resumed_security_parameters);
}
- rc = _gnutls_set_read_keys(session);
- if (rc < 0)
- return rc;
+ rc = _gnutls_set_read_keys (session);
+ if (rc < 0)
+ return rc;
- _gnutls_handshake_log("HSK[%x]: Cipher Suite: %s\n",
- session, _gnutls_cipher_suite_get_name(&session->
+ _gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n",
+ session, _gnutls_cipher_suite_get_name (&session->
security_parameters.
current_cipher_suite));
- if (_gnutls_compression_is_ok
- (session->security_parameters.read_compression_algorithm) != 0) {
- gnutls_assert();
- return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
+ if (_gnutls_compression_is_ok
+ (session->security_parameters.read_compression_algorithm) != 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
}
- if (_gnutls_mac_is_ok
- (session->security_parameters.read_mac_algorithm) != 0) {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ if (_gnutls_mac_is_ok
+ (session->security_parameters.read_mac_algorithm) != 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- /* Free all the previous keys/ sessions etc.
- */
- if (session->connection_state.read_mac_secret.data != NULL)
- _gnutls_free_datum(&session->connection_state.read_mac_secret);
+ /* Free all the previous keys/ sessions etc.
+ */
+ if (session->connection_state.read_mac_secret.data != NULL)
+ _gnutls_free_datum (&session->connection_state.read_mac_secret);
- if (session->connection_state.read_cipher_state != NULL)
- _gnutls_cipher_deinit(session->connection_state.read_cipher_state);
+ if (session->connection_state.read_cipher_state != NULL)
+ _gnutls_cipher_deinit (session->connection_state.read_cipher_state);
- if (session->connection_state.read_compression_state != NULL)
- _gnutls_comp_deinit(session->connection_state.
- read_compression_state, 1);
+ if (session->connection_state.read_compression_state != NULL)
+ _gnutls_comp_deinit (session->connection_state.read_compression_state, 1);
- mac_size =
- _gnutls_hash_get_algo_len(session->security_parameters.
- read_mac_algorithm);
+ mac_size =
+ _gnutls_hash_get_algo_len (session->security_parameters.
+ read_mac_algorithm);
- _gnutls_handshake_log
- ("HSK[%x]: Initializing internal [read] cipher sessions\n",
- session);
+ _gnutls_handshake_log
+ ("HSK[%x]: Initializing internal [read] cipher sessions\n", session);
- switch (session->security_parameters.entity) {
+ switch (session->security_parameters.entity)
+ {
case GNUTLS_SERVER:
- /* initialize cipher session
- */
- session->connection_state.read_cipher_state =
- _gnutls_cipher_init(session->security_parameters.
- read_bulk_cipher_algorithm,
- &session->cipher_specs.
- client_write_key,
- &session->cipher_specs.client_write_IV);
- if (session->connection_state.read_cipher_state ==
- GNUTLS_CIPHER_FAILED
- && session->security_parameters.
- read_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL) {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ /* initialize cipher session
+ */
+ session->connection_state.read_cipher_state =
+ _gnutls_cipher_init (session->security_parameters.
+ read_bulk_cipher_algorithm,
+ &session->cipher_specs.
+ client_write_key,
+ &session->cipher_specs.client_write_IV);
+ if (session->connection_state.read_cipher_state ==
+ GNUTLS_CIPHER_FAILED
+ && session->security_parameters.
+ read_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- /* copy mac secrets from cipherspecs, to connection
- * session.
- */
- if (mac_size > 0) {
- if (_gnutls_sset_datum(&session->connection_state.
- read_mac_secret,
- session->cipher_specs.
- client_write_mac_secret.data,
- session->cipher_specs.
- client_write_mac_secret.size) < 0) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
+ /* copy mac secrets from cipherspecs, to connection
+ * session.
+ */
+ if (mac_size > 0)
+ {
+ if (_gnutls_sset_datum (&session->connection_state.
+ read_mac_secret,
+ session->cipher_specs.
+ client_write_mac_secret.data,
+ session->cipher_specs.
+ client_write_mac_secret.size) < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
}
}
- break;
+ break;
case GNUTLS_CLIENT:
- session->connection_state.read_cipher_state =
- _gnutls_cipher_init(session->security_parameters.
- read_bulk_cipher_algorithm,
- &session->cipher_specs.
- server_write_key,
- &session->cipher_specs.server_write_IV);
-
- if (session->connection_state.read_cipher_state ==
- GNUTLS_CIPHER_FAILED
- && session->security_parameters.
- read_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL) {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ session->connection_state.read_cipher_state =
+ _gnutls_cipher_init (session->security_parameters.
+ read_bulk_cipher_algorithm,
+ &session->cipher_specs.
+ server_write_key,
+ &session->cipher_specs.server_write_IV);
+
+ if (session->connection_state.read_cipher_state ==
+ GNUTLS_CIPHER_FAILED
+ && session->security_parameters.
+ read_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- /* copy mac secret to connection session
- */
- if (mac_size > 0) {
- if (_gnutls_sset_datum(&session->connection_state.
- read_mac_secret,
- session->cipher_specs.
- server_write_mac_secret.data,
- session->cipher_specs.
- server_write_mac_secret.size) < 0) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
+ /* copy mac secret to connection session
+ */
+ if (mac_size > 0)
+ {
+ if (_gnutls_sset_datum (&session->connection_state.
+ read_mac_secret,
+ session->cipher_specs.
+ server_write_mac_secret.data,
+ session->cipher_specs.
+ server_write_mac_secret.size) < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
}
}
- break;
+ break;
default: /* this check is useless */
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- session->connection_state.read_compression_state =
- _gnutls_comp_init(session->security_parameters.
- read_compression_algorithm, 1);
+ session->connection_state.read_compression_state =
+ _gnutls_comp_init (session->security_parameters.
+ read_compression_algorithm, 1);
- if (session->connection_state.read_compression_state ==
- GNUTLS_COMP_FAILED) {
- gnutls_assert();
- return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
+ if (session->connection_state.read_compression_state == GNUTLS_COMP_FAILED)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
}
- return 0;
+ return 0;
}
@@ -634,317 +683,359 @@ int _gnutls_read_connection_state_init(gnutls_session_t session)
/* Initializes the write connection session
* (write encrypted data)
*/
-int _gnutls_write_connection_state_init(gnutls_session_t session)
+int
+_gnutls_write_connection_state_init (gnutls_session_t session)
{
- int mac_size;
- int rc;
+ int mac_size;
+ int rc;
- _gnutls_uint64zero(session->connection_state.write_sequence_number);
+ _gnutls_uint64zero (session->connection_state.write_sequence_number);
/* Update internals from CipherSuite selected.
* If we are resuming just copy the connection session
*/
- if (session->internals.resumed == RESUME_FALSE) {
- rc = _gnutls_set_write_cipher(session,
- _gnutls_cipher_suite_get_cipher_algo
- (&session->security_parameters.
- current_cipher_suite));
- if (rc < 0)
- return rc;
- rc = _gnutls_set_write_mac(session,
- _gnutls_cipher_suite_get_mac_algo
- (&session->security_parameters.
- current_cipher_suite));
- if (rc < 0)
- return rc;
-
- rc = _gnutls_set_kx(session,
- _gnutls_cipher_suite_get_kx_algo
- (&session->security_parameters.
- current_cipher_suite));
- if (rc < 0)
- return rc;
-
- rc = _gnutls_set_write_compression(session,
- session->internals.
- compression_method);
- if (rc < 0)
- return rc;
- } else { /* RESUME_TRUE */
- _gnutls_cpy_write_security_parameters(&session->
- security_parameters,
- &session->
- internals.
- resumed_security_parameters);
- }
-
- rc = _gnutls_set_write_keys(session);
- if (rc < 0)
+ if (session->internals.resumed == RESUME_FALSE)
+ {
+ rc = _gnutls_set_write_cipher (session,
+ _gnutls_cipher_suite_get_cipher_algo
+ (&session->security_parameters.
+ current_cipher_suite));
+ if (rc < 0)
+ return rc;
+ rc = _gnutls_set_write_mac (session,
+ _gnutls_cipher_suite_get_mac_algo
+ (&session->security_parameters.
+ current_cipher_suite));
+ if (rc < 0)
return rc;
- _gnutls_handshake_log("HSK[%x]: Cipher Suite: %s\n", session,
- _gnutls_cipher_suite_get_name(&session->
+ rc = _gnutls_set_kx (session,
+ _gnutls_cipher_suite_get_kx_algo
+ (&session->security_parameters.
+ current_cipher_suite));
+ if (rc < 0)
+ return rc;
+
+ rc = _gnutls_set_write_compression (session,
+ session->internals.
+ compression_method);
+ if (rc < 0)
+ return rc;
+ }
+ else
+ { /* RESUME_TRUE */
+ _gnutls_cpy_write_security_parameters (&session->
+ security_parameters,
+ &session->
+ internals.
+ resumed_security_parameters);
+ }
+
+ rc = _gnutls_set_write_keys (session);
+ if (rc < 0)
+ return rc;
+
+ _gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", session,
+ _gnutls_cipher_suite_get_name (&session->
security_parameters.
current_cipher_suite));
- if (_gnutls_compression_is_ok
- (session->security_parameters.write_compression_algorithm) != 0) {
- gnutls_assert();
- return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
+ if (_gnutls_compression_is_ok
+ (session->security_parameters.write_compression_algorithm) != 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
}
- if (_gnutls_mac_is_ok
- (session->security_parameters.write_mac_algorithm) != 0) {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ if (_gnutls_mac_is_ok
+ (session->security_parameters.write_mac_algorithm) != 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- /* Free all the previous keys/ sessions etc.
- */
- if (session->connection_state.write_mac_secret.data != NULL)
- _gnutls_free_datum(&session->connection_state.write_mac_secret);
+ /* Free all the previous keys/ sessions etc.
+ */
+ if (session->connection_state.write_mac_secret.data != NULL)
+ _gnutls_free_datum (&session->connection_state.write_mac_secret);
- if (session->connection_state.write_cipher_state != NULL)
- _gnutls_cipher_deinit(session->connection_state.
- write_cipher_state);
+ if (session->connection_state.write_cipher_state != NULL)
+ _gnutls_cipher_deinit (session->connection_state.write_cipher_state);
- if (session->connection_state.write_compression_state != NULL)
- _gnutls_comp_deinit(session->connection_state.
- write_compression_state, 0);
+ if (session->connection_state.write_compression_state != NULL)
+ _gnutls_comp_deinit (session->connection_state.
+ write_compression_state, 0);
- mac_size =
- _gnutls_hash_get_algo_len(session->security_parameters.
- write_mac_algorithm);
+ mac_size =
+ _gnutls_hash_get_algo_len (session->security_parameters.
+ write_mac_algorithm);
- _gnutls_handshake_log
- ("HSK[%x]: Initializing internal [write] cipher sessions\n",
- session);
+ _gnutls_handshake_log
+ ("HSK[%x]: Initializing internal [write] cipher sessions\n", session);
- switch (session->security_parameters.entity) {
+ switch (session->security_parameters.entity)
+ {
case GNUTLS_SERVER:
- /* initialize cipher session
- */
- session->connection_state.write_cipher_state =
- _gnutls_cipher_init(session->security_parameters.
- write_bulk_cipher_algorithm,
- &session->cipher_specs.
- server_write_key,
- &session->cipher_specs.server_write_IV);
-
- if (session->connection_state.write_cipher_state ==
- GNUTLS_CIPHER_FAILED
- && session->security_parameters.
- write_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL) {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ /* initialize cipher session
+ */
+ session->connection_state.write_cipher_state =
+ _gnutls_cipher_init (session->security_parameters.
+ write_bulk_cipher_algorithm,
+ &session->cipher_specs.
+ server_write_key,
+ &session->cipher_specs.server_write_IV);
+
+ if (session->connection_state.write_cipher_state ==
+ GNUTLS_CIPHER_FAILED
+ && session->security_parameters.
+ write_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- /* copy mac secrets from cipherspecs, to connection
- * session.
- */
- if (mac_size > 0) {
- if (_gnutls_sset_datum(&session->connection_state.
- write_mac_secret,
- session->cipher_specs.
- server_write_mac_secret.data,
- session->cipher_specs.
- server_write_mac_secret.size) < 0) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
+ /* copy mac secrets from cipherspecs, to connection
+ * session.
+ */
+ if (mac_size > 0)
+ {
+ if (_gnutls_sset_datum (&session->connection_state.
+ write_mac_secret,
+ session->cipher_specs.
+ server_write_mac_secret.data,
+ session->cipher_specs.
+ server_write_mac_secret.size) < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
}
}
- break;
+ break;
case GNUTLS_CLIENT:
- session->connection_state.write_cipher_state =
- _gnutls_cipher_init(session->security_parameters.
- write_bulk_cipher_algorithm,
- &session->cipher_specs.
- client_write_key,
- &session->cipher_specs.client_write_IV);
-
- if (session->connection_state.write_cipher_state ==
- GNUTLS_CIPHER_FAILED
- && session->security_parameters.
- write_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL) {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ session->connection_state.write_cipher_state =
+ _gnutls_cipher_init (session->security_parameters.
+ write_bulk_cipher_algorithm,
+ &session->cipher_specs.
+ client_write_key,
+ &session->cipher_specs.client_write_IV);
+
+ if (session->connection_state.write_cipher_state ==
+ GNUTLS_CIPHER_FAILED
+ && session->security_parameters.
+ write_bulk_cipher_algorithm != GNUTLS_CIPHER_NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- /* copy mac secret to connection session
- */
- if (mac_size > 0) {
- if (_gnutls_sset_datum(&session->connection_state.
- write_mac_secret,
- session->cipher_specs.
- client_write_mac_secret.data,
- session->cipher_specs.
- client_write_mac_secret.size) < 0) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
+ /* copy mac secret to connection session
+ */
+ if (mac_size > 0)
+ {
+ if (_gnutls_sset_datum (&session->connection_state.
+ write_mac_secret,
+ session->cipher_specs.
+ client_write_mac_secret.data,
+ session->cipher_specs.
+ client_write_mac_secret.size) < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
}
}
- break;
+ break;
default:
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- session->connection_state.write_compression_state =
- _gnutls_comp_init(session->security_parameters.
- write_compression_algorithm, 0);
+ session->connection_state.write_compression_state =
+ _gnutls_comp_init (session->security_parameters.
+ write_compression_algorithm, 0);
- if (session->connection_state.write_compression_state ==
- GNUTLS_COMP_FAILED) {
- gnutls_assert();
- return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
+ if (session->connection_state.write_compression_state == GNUTLS_COMP_FAILED)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
}
- return 0;
+ return 0;
}
/* Sets the specified cipher into the pending session
*/
-int _gnutls_set_read_cipher(gnutls_session_t session,
- gnutls_cipher_algorithm_t algo)
+int
+_gnutls_set_read_cipher (gnutls_session_t session,
+ gnutls_cipher_algorithm_t algo)
{
- if (_gnutls_cipher_is_ok(algo) == 0) {
- if (_gnutls_cipher_priority(session, algo) < 0) {
- gnutls_assert();
- return GNUTLS_E_UNWANTED_ALGORITHM;
+ if (_gnutls_cipher_is_ok (algo) == 0)
+ {
+ if (_gnutls_cipher_priority (session, algo) < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNWANTED_ALGORITHM;
}
- session->security_parameters.read_bulk_cipher_algorithm = algo;
+ session->security_parameters.read_bulk_cipher_algorithm = algo;
- } else {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ }
+ else
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- return 0;
+ return 0;
}
-int _gnutls_set_write_cipher(gnutls_session_t session,
- gnutls_cipher_algorithm_t algo)
+int
+_gnutls_set_write_cipher (gnutls_session_t session,
+ gnutls_cipher_algorithm_t algo)
{
- if (_gnutls_cipher_is_ok(algo) == 0) {
- if (_gnutls_cipher_priority(session, algo) < 0) {
- gnutls_assert();
- return GNUTLS_E_UNWANTED_ALGORITHM;
+ if (_gnutls_cipher_is_ok (algo) == 0)
+ {
+ if (_gnutls_cipher_priority (session, algo) < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNWANTED_ALGORITHM;
}
- session->security_parameters.write_bulk_cipher_algorithm = algo;
+ session->security_parameters.write_bulk_cipher_algorithm = algo;
- } else {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ }
+ else
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- return 0;
+ return 0;
}
/* Sets the specified algorithm into pending compression session
*/
-int _gnutls_set_read_compression(gnutls_session_t session,
- gnutls_compression_method_t algo)
+int
+_gnutls_set_read_compression (gnutls_session_t session,
+ gnutls_compression_method_t algo)
{
- if (_gnutls_compression_is_ok(algo) == 0) {
- session->security_parameters.read_compression_algorithm = algo;
- } else {
- gnutls_assert();
- return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
+ if (_gnutls_compression_is_ok (algo) == 0)
+ {
+ session->security_parameters.read_compression_algorithm = algo;
+ }
+ else
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
}
- return 0;
+ return 0;
}
-int _gnutls_set_write_compression(gnutls_session_t session,
- gnutls_compression_method_t algo)
+int
+_gnutls_set_write_compression (gnutls_session_t session,
+ gnutls_compression_method_t algo)
{
- if (_gnutls_compression_is_ok(algo) == 0) {
- session->security_parameters.write_compression_algorithm = algo;
- } else {
- gnutls_assert();
- return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
+ if (_gnutls_compression_is_ok (algo) == 0)
+ {
+ session->security_parameters.write_compression_algorithm = algo;
}
- return 0;
+ else
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
+ }
+ return 0;
}
/* Sets the specified kx algorithm into pending session
*/
-int _gnutls_set_kx(gnutls_session_t session, gnutls_kx_algorithm_t algo)
+int
+_gnutls_set_kx (gnutls_session_t session, gnutls_kx_algorithm_t algo)
{
- if (_gnutls_kx_is_ok(algo) == 0) {
- session->security_parameters.kx_algorithm = algo;
- } else {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ if (_gnutls_kx_is_ok (algo) == 0)
+ {
+ session->security_parameters.kx_algorithm = algo;
+ }
+ else
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- if (_gnutls_kx_priority(session, algo) < 0) {
- gnutls_assert();
- /* we shouldn't get here */
- return GNUTLS_E_UNWANTED_ALGORITHM;
+ if (_gnutls_kx_priority (session, algo) < 0)
+ {
+ gnutls_assert ();
+ /* we shouldn't get here */
+ return GNUTLS_E_UNWANTED_ALGORITHM;
}
- return 0;
+ return 0;
}
/* Sets the specified mac algorithm into pending session */
-int _gnutls_set_read_mac(gnutls_session_t session,
- gnutls_mac_algorithm_t algo)
+int
+_gnutls_set_read_mac (gnutls_session_t session, gnutls_mac_algorithm_t algo)
{
- if (_gnutls_mac_is_ok(algo) == 0) {
- session->security_parameters.read_mac_algorithm = algo;
- } else {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ if (_gnutls_mac_is_ok (algo) == 0)
+ {
+ session->security_parameters.read_mac_algorithm = algo;
}
- if (_gnutls_mac_priority(session, algo) < 0) {
- gnutls_assert();
- return GNUTLS_E_UNWANTED_ALGORITHM;
+ else
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
+ }
+ if (_gnutls_mac_priority (session, algo) < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNWANTED_ALGORITHM;
}
- return 0;
+ return 0;
}
-int _gnutls_set_write_mac(gnutls_session_t session,
- gnutls_mac_algorithm_t algo)
+int
+_gnutls_set_write_mac (gnutls_session_t session, gnutls_mac_algorithm_t algo)
{
- if (_gnutls_mac_is_ok(algo) == 0) {
- session->security_parameters.write_mac_algorithm = algo;
- } else {
- gnutls_assert();
- return GNUTLS_E_INTERNAL_ERROR;
+ if (_gnutls_mac_is_ok (algo) == 0)
+ {
+ session->security_parameters.write_mac_algorithm = algo;
+ }
+ else
+ {
+ gnutls_assert ();
+ return GNUTLS_E_INTERNAL_ERROR;
}
- if (_gnutls_mac_priority(session, algo) < 0) {
- gnutls_assert();
- return GNUTLS_E_UNWANTED_ALGORITHM;
+ if (_gnutls_mac_priority (session, algo) < 0)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_UNWANTED_ALGORITHM;
}
- return 0;
+ return 0;
}
View Lorry Controller Status