[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_20-22-g6d0b
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_20-22-g6d0b4dc |
|
Date: |
Fri, 29 Jun 2012 22:37:31 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=6d0b4dc6ef9ed41982d82318f3aa577d8745f69f
The branch, gnutls_3_0_x-2 has been updated
via 6d0b4dc6ef9ed41982d82318f3aa577d8745f69f (commit)
from 1cf7f8a273e7d4f0a7062dd8215c71d746ac410f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6d0b4dc6ef9ed41982d82318f3aa577d8745f69f
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Jun 30 00:35:56 2012 +0200
gnutls_dtls_get_data_mtu() is more precise. Based on patch by David
Woodhouse.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 ++
lib/gnutls_dtls.c | 76 +++++++++++++++++++++++++++++++++++++++++++++++----
lib/gnutls_int.h | 3 +-
lib/gnutls_state.c | 47 --------------------------------
lib/gnutls_state.h | 2 -
5 files changed, 75 insertions(+), 56 deletions(-)
diff --git a/NEWS b/NEWS
index cae54d9..f67a36f 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,9 @@ See the end for copying conditions.
* Version 3.0.21 (unreleased)
+** libgnutls: gnutls_dtls_get_data_mtu() is more precise. Based
+on patch by David Woodhouse.
+
** libgnutls: Fixed memory leak in PKCS #8 key import.
** libgnutls: Added support for an old version of the DTLS protocol
diff --git a/lib/gnutls_dtls.c b/lib/gnutls_dtls.c
index f07b300..979198c 100644
--- a/lib/gnutls_dtls.c
+++ b/lib/gnutls_dtls.c
@@ -581,6 +581,63 @@ void gnutls_dtls_set_mtu (gnutls_session_t session,
unsigned int mtu)
session->internals.dtls.mtu = mtu;
}
+/* returns overhead imposed by the record layer (encryption/compression)
+ * etc. It does not include the record layer headers, since the caller
+ * needs to cope with rounding to multiples of blocksize, and the header
+ * is outside that.
+ *
+ * blocksize: will contain the block size when padding may be required or 1
+ *
+ * It may return a negative error code on error.
+ */
+static int _gnutls_record_overhead_rt(gnutls_session_t session, unsigned int
*blocksize)
+{
+record_parameters_st *params;
+int total = 0, ret, iv_size;
+
+ if (session->internals.initial_negotiation_completed == 0)
+ return GNUTLS_E_INVALID_REQUEST;
+
+ ret = _gnutls_epoch_get (session, EPOCH_WRITE_CURRENT, ¶ms);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+ /* requires padding */
+ iv_size = _gnutls_cipher_get_iv_size(params->cipher_algorithm);
+
+ if (_gnutls_cipher_is_block (params->cipher_algorithm) == CIPHER_BLOCK)
+ {
+ *blocksize = iv_size;
+
+ if (!IS_DTLS(session))
+ total += MAX_PAD_SIZE;
+ else
+ total += iv_size; /* iv_size == block_size */
+ }
+ else
+ {
+ *blocksize = 1;
+ }
+
+ if (params->mac_algorithm == GNUTLS_MAC_AEAD)
+ total += _gnutls_cipher_get_tag_size(params->cipher_algorithm);
+ else
+ {
+ ret = _gnutls_hmac_get_algo_len(params->mac_algorithm);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+ total+=ret;
+ }
+
+ if (params->compression_algorithm != GNUTLS_COMP_NULL)
+ total += EXTRA_COMP_SIZE;
+
+ /* We always pad with at least one byte; never 0. */
+ total++;
+
+ return total;
+}
+
/**
* gnutls_dtls_get_data_mtu:
* @session: is a #gnutls_session_t structure.
@@ -595,13 +652,20 @@ void gnutls_dtls_set_mtu (gnutls_session_t session,
unsigned int mtu)
**/
unsigned int gnutls_dtls_get_data_mtu (gnutls_session_t session)
{
-int ret;
+int mtu = session->internals.dtls.mtu;
+int blocksize = 0;
+int overhead;
+
+ mtu -= RECORD_HEADER_SIZE(session);
- ret = _gnutls_record_overhead_rt(session);
- if (ret >= 0)
- return session->internals.dtls.mtu - ret;
- else
- return session->internals.dtls.mtu - RECORD_HEADER_SIZE(session);
+ overhead = _gnutls_record_overhead_rt(session, &blocksize);
+ if (overhead < 0)
+ return mtu;
+
+ if (blocksize)
+ mtu -= mtu % blocksize;
+
+ return mtu - overhead;
}
/**
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 02c4f95..77705a3 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -82,6 +82,7 @@ typedef struct
} uint64;
#include <gnutls/gnutls.h>
+#include <gnutls/dtls.h>
#include <gnutls/abstract.h>
#include <system.h>
@@ -174,7 +175,7 @@ typedef enum transport_t
#define RECORD_HEADER_SIZE(session) (IS_DTLS(session) ?
DTLS_RECORD_HEADER_SIZE : TLS_RECORD_HEADER_SIZE)
#define MAX_RECORD_HEADER_SIZE DTLS_RECORD_HEADER_SIZE
-#define MAX_RECORD_SEND_SIZE(session)
(IS_DTLS(session)?((size_t)session->internals.dtls.mtu-DTLS_RECORD_HEADER_SIZE):(size_t)session->security_parameters.max_record_send_size)
+#define MAX_RECORD_SEND_SIZE(session)
(IS_DTLS(session)?((size_t)gnutls_dtls_get_data_mtu(session)):(size_t)session->security_parameters.max_record_send_size)
#define MAX_RECORD_RECV_SIZE(session)
((size_t)session->security_parameters.max_record_recv_size)
#define MAX_PAD_SIZE 255
#define EXTRA_COMP_SIZE 2048
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index 89d66f2..01590a4 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -1353,53 +1353,6 @@ gnutls_session_channel_binding (gnutls_session_t session,
return 0;
}
-/* returns overhead imposed by the record layer (encryption/compression)
- * etc. It does include the record layer headers.
- *
- * It may return a negative error code on error.
- */
-int _gnutls_record_overhead_rt(gnutls_session_t session)
-{
-record_parameters_st *params;
-int total = 0, ret, iv_size;
-
- if (session->internals.initial_negotiation_completed == 0)
- return RECORD_HEADER_SIZE(session);
-
- ret = _gnutls_epoch_get (session, EPOCH_WRITE_CURRENT, ¶ms);
- if (ret < 0)
- return gnutls_assert_val(ret);
-
- /* requires padding */
- iv_size = _gnutls_cipher_get_iv_size(params->cipher_algorithm);
- total += iv_size;
-
- if (_gnutls_cipher_is_block (params->cipher_algorithm) == CIPHER_BLOCK)
- {
- if (!IS_DTLS(session))
- total += MAX_PAD_SIZE;
- else
- total += iv_size; /* iv_size == block_size */
- }
-
- if (params->mac_algorithm == GNUTLS_MAC_AEAD)
- total += _gnutls_cipher_get_tag_size(params->cipher_algorithm);
- else
- {
- ret = _gnutls_hmac_get_algo_len(params->mac_algorithm);
- if (ret < 0)
- return gnutls_assert_val(ret);
- total+=ret;
- }
-
- if (params->compression_algorithm != GNUTLS_COMP_NULL)
- total += EXTRA_COMP_SIZE;
-
- total += RECORD_HEADER_SIZE(session);
-
- return total;
-}
-
/**
* gnutls_ecc_curve_get:
* @session: is a #gnutls_session_t structure.
diff --git a/lib/gnutls_state.h b/lib/gnutls_state.h
index b2e5511..a89e181 100644
--- a/lib/gnutls_state.h
+++ b/lib/gnutls_state.h
@@ -43,8 +43,6 @@ void
_gnutls_record_set_default_version (gnutls_session_t session,
unsigned char major, unsigned char minor);
-int _gnutls_record_overhead_rt(gnutls_session_t session);
-
#include <gnutls_auth.h>
#define CHECK_AUTH(auth, ret) if (gnutls_auth_get_type(session) != auth) { \
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_3_0_x-2, updated. gnutls_3_0_20-22-g6d0b4dc,
Nikos Mavrogiannopoulos <=