[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_2-18-gd54c5c0
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_1_2-18-gd54c5c0 |
|
Date: |
Sun, 30 Sep 2012 10:57:16 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=d54c5c0daf4c847de972b1c963e4003c85311580
The branch, master has been updated
via d54c5c0daf4c847de972b1c963e4003c85311580 (commit)
via c17bbb8376a4e62b187053403f22272a1a735749 (commit)
via 65c48e6b022fa5964d3456b4a65ee150bf29d595 (commit)
via 03f261a22565d7888747068f8996cb543feef490 (commit)
via 66b0edfcb5f890e72f759de32081a29fe9563057 (commit)
via bcd53f59d2630243aac2fe4ea6ae6742856903f8 (commit)
via 33e6e795e4d53f13b53b5e4a310a7c1404177207 (commit)
from dd3b2483a26a852dedb6223e4fcb389c0863998f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit d54c5c0daf4c847de972b1c963e4003c85311580
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Sep 30 12:57:01 2012 +0200
Print debugging information even when an extension is not parsed.
commit c17bbb8376a4e62b187053403f22272a1a735749
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Sep 30 12:53:37 2012 +0200
Fixed the receipt of session tickets during session resumption.
Reported by danblack
http://savannah.gnu.org/support/?108146
commit 65c48e6b022fa5964d3456b4a65ee150bf29d595
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Sep 30 12:04:45 2012 +0200
better output in resume
commit 03f261a22565d7888747068f8996cb543feef490
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Sep 30 12:04:22 2012 +0200
simplified handshake states.
commit 66b0edfcb5f890e72f759de32081a29fe9563057
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Sep 30 10:52:24 2012 +0200
Verify callback is run in either side.
commit bcd53f59d2630243aac2fe4ea6ae6742856903f8
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Sep 30 10:21:53 2012 +0200
removed unused functions.
commit 33e6e795e4d53f13b53b5e4a310a7c1404177207
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sun Sep 30 10:06:01 2012 +0200
Pack and unpack the status request extension data on resumption.
-----------------------------------------------------------------------
Summary of changes:
lib/auth/psk.c | 15 +++-
lib/ext/session_ticket.c | 2 +-
lib/ext/status_request.c | 44 ++++++++--
lib/gnutls_datum.c | 34 --------
lib/gnutls_datum.h | 5 -
lib/gnutls_extensions.c | 12 ++--
lib/gnutls_handshake.c | 210 +++++++++++++++++++++++++---------------------
lib/gnutls_handshake.h | 2 +
lib/gnutls_int.h | 2 +
lib/gnutls_x509.c | 8 ++-
tests/resume.c | 40 ++++-----
11 files changed, 195 insertions(+), 179 deletions(-)
diff --git a/lib/auth/psk.c b/lib/auth/psk.c
index 34d95de..858f2f9 100644
--- a/lib/auth/psk.c
+++ b/lib/auth/psk.c
@@ -68,6 +68,7 @@ _gnutls_set_psk_session_key (gnutls_session_t session,
{
gnutls_datum_t pwd_psk = { NULL, 0 };
size_t dh_secret_size;
+ uint8_t * p;
int ret;
if (dh_secret == NULL)
@@ -92,12 +93,18 @@ _gnutls_set_psk_session_key (gnutls_session_t session,
* (uint16_t) psk_size
* the psk
*/
- _gnutls_write_uint16 (dh_secret_size, session->key->key.data);
+ p = session->key->key.data;
+ _gnutls_write_uint16 (dh_secret_size, p);
+ p+=2;
if (dh_secret == NULL)
- memset (&session->key->key.data[2], 0, dh_secret_size);
+ memset (p, 0, dh_secret_size);
else
- memcpy (&session->key->key.data[2], dh_secret->data, dh_secret->size);
- _gnutls_write_datum16 (&session->key->key.data[dh_secret_size + 2], *ppsk);
+ memcpy (p, dh_secret->data, dh_secret->size);
+
+ p += dh_secret_size;
+ _gnutls_write_uint16 (ppsk->size, p);
+ if (ppsk->data != NULL)
+ memcpy (p+2, ppsk->data, ppsk->size);
ret = 0;
diff --git a/lib/ext/session_ticket.c b/lib/ext/session_ticket.c
index c94242c..ad965ef 100644
--- a/lib/ext/session_ticket.c
+++ b/lib/ext/session_ticket.c
@@ -54,7 +54,7 @@ static void session_ticket_deinit_data (extension_priv_data_t
priv);
extension_entry_st ext_mod_session_ticket = {
.name = "SESSION TICKET",
.type = GNUTLS_EXTENSION_SESSION_TICKET,
- .parse_type = GNUTLS_EXT_TLS,
+ .parse_type = GNUTLS_EXT_MANDATORY,
.recv_func = session_ticket_recv_params,
.send_func = session_ticket_send_params,
diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c
index 8cfe1de..dae127a 100644
--- a/lib/ext/status_request.c
+++ b/lib/ext/status_request.c
@@ -473,17 +473,41 @@ _gnutls_status_request_deinit_data (extension_priv_data_t
epriv)
}
static int
-_gnutls_status_request_pack (extension_priv_data_t epriv,
- gnutls_buffer_st * ps)
+_gnutls_status_request_pack (extension_priv_data_t epriv, gnutls_buffer_st *
ps)
{
- return -1;
+ status_request_ext_st *priv = epriv.ptr;
+ int ret;
+
+ BUFFER_APPEND_PFX4 (ps, priv->response.data,
+ priv->response.size);
+
+ return 0;
+
}
static int
_gnutls_status_request_unpack (gnutls_buffer_st * ps,
- extension_priv_data_t * _priv)
+ extension_priv_data_t * epriv)
{
- return -1;
+ status_request_ext_st *priv;
+ int ret;
+
+ priv = gnutls_calloc (1, sizeof (*priv));
+ if (priv == NULL)
+ {
+ gnutls_assert ();
+ return GNUTLS_E_MEMORY_ERROR;
+ }
+
+ BUFFER_POP_DATUM (ps, &priv->response);
+
+ epriv->ptr = priv;
+
+ return 0;
+
+error:
+ gnutls_free (priv);
+ return ret;
}
extension_entry_st ext_mod_status_request = {
@@ -531,6 +555,8 @@ _gnutls_send_server_certificate_status (gnutls_session_t
session, int again)
data[0] = 0x01;
_gnutls_write_uint24(priv->response.size, &data[1]);
memcpy(&data[4], priv->response.data, priv->response.size);
+
+ _gnutls_free_datum(&priv->response);
}
return _gnutls_send_handshake (session, data_size ? bufel : NULL,
GNUTLS_HANDSHAKE_CERTIFICATE_STATUS);
@@ -551,15 +577,15 @@ _gnutls_recv_server_certificate_status (gnutls_session_t
session)
_gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_STATUS_REQUEST,
&epriv);
if (ret < 0)
- {
- gnutls_assert ();
- return 0;
- }
+ return 0;
+
priv = epriv.ptr;
if (!priv->expect_cstatus)
return 0;
+ priv->expect_cstatus = 0;
+
ret = _gnutls_recv_handshake (session,
GNUTLS_HANDSHAKE_CERTIFICATE_STATUS,
0, &buf);
diff --git a/lib/gnutls_datum.c b/lib/gnutls_datum.c
index 9a6d55d..acbde1f 100644
--- a/lib/gnutls_datum.c
+++ b/lib/gnutls_datum.c
@@ -30,40 +30,6 @@
#include <gnutls_datum.h>
#include <gnutls_errors.h>
-
-void
-_gnutls_write_datum16 (uint8_t * dest, gnutls_datum_t dat)
-{
- _gnutls_write_uint16 (dat.size, dest);
- if (dat.data != NULL)
- memcpy (&dest[2], dat.data, dat.size);
-}
-
-void
-_gnutls_write_datum24 (uint8_t * dest, gnutls_datum_t dat)
-{
- _gnutls_write_uint24 (dat.size, dest);
- if (dat.data != NULL)
- memcpy (&dest[3], dat.data, dat.size);
-}
-
-void
-_gnutls_write_datum32 (uint8_t * dest, gnutls_datum_t dat)
-{
- _gnutls_write_uint32 (dat.size, dest);
- if (dat.data != NULL)
- memcpy (&dest[4], dat.data, dat.size);
-}
-
-void
-_gnutls_write_datum8 (uint8_t * dest, gnutls_datum_t dat)
-{
- dest[0] = (uint8_t) dat.size;
- if (dat.data != NULL)
- memcpy (&dest[1], dat.data, dat.size);
-}
-
-
int
_gnutls_set_datum (gnutls_datum_t * dat, const void *data,
size_t data_size)
diff --git a/lib/gnutls_datum.h b/lib/gnutls_datum.h
index bf8e650..5442c2b 100644
--- a/lib/gnutls_datum.h
+++ b/lib/gnutls_datum.h
@@ -23,11 +23,6 @@
#ifndef GNUTLS_DATUM_H
#define GNUTLS_DATUM_H
-void _gnutls_write_datum16 (uint8_t * dest, gnutls_datum_t dat);
-void _gnutls_write_datum24 (uint8_t * dest, gnutls_datum_t dat);
-void _gnutls_write_datum32 (uint8_t * dest, gnutls_datum_t dat);
-void _gnutls_write_datum8 (uint8_t * dest, gnutls_datum_t dat);
-
int _gnutls_set_datum (gnutls_datum_t * dat, const void *data,
size_t data_size);
diff --git a/lib/gnutls_extensions.c b/lib/gnutls_extensions.c
index 54797b5..aab0a67 100644
--- a/lib/gnutls_extensions.c
+++ b/lib/gnutls_extensions.c
@@ -172,11 +172,6 @@ _gnutls_parse_extensions (gnutls_session_t session,
type = _gnutls_read_uint16 (&data[pos]);
pos += 2;
-#if 0
- _gnutls_handshake_log ("EXT[%p]: Found extension '%s/%d'\n", session,
- _gnutls_extension_get_name (type), type);
-#endif
-
if ((ret = _gnutls_extension_list_check (session, type)) < 0)
{
gnutls_assert ();
@@ -193,7 +188,12 @@ _gnutls_parse_extensions (gnutls_session_t session,
ext_recv = _gnutls_ext_func_recv (type, parse_type);
if (ext_recv == NULL)
- continue;
+ {
+ _gnutls_handshake_log ("EXT[%p]: Found extension '%s/%d'\n", session,
+ _gnutls_extension_get_name (type), type);
+
+ continue;
+ }
_gnutls_handshake_log ("EXT[%p]: Parsing extension '%s/%d' (%d bytes)\n",
session, _gnutls_extension_get_name (type), type,
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 804ae1b..84dcd70 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -72,10 +72,14 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t
session,
int cipher_suites_size,
gnutls_pk_algorithm_t *pk_algos,
size_t pk_algos_size);
-static int _gnutls_handshake_common (gnutls_session_t session);
static int _gnutls_handshake_client (gnutls_session_t session);
static int _gnutls_handshake_server (gnutls_session_t session);
+static int
+_gnutls_recv_handshake_final (gnutls_session_t session, int init);
+static int
+_gnutls_send_handshake_final (gnutls_session_t session, int init);
+
/* Empties but does not free the buffer
*/
static inline void
@@ -2409,17 +2413,8 @@ gnutls_handshake (gnutls_session_t session)
return ret;
}
- ret = _gnutls_handshake_common (session);
-
- if (ret < 0)
- {
- if (_gnutls_abort_handshake (session, ret) == 0)
- STATE = STATE0;
-
- return ret;
- }
-
- STATE = STATE0;
+ /* clear handshake buffer */
+ _gnutls_handshake_hash_buffers_clear (session);
if (IS_DTLS(session)==0)
{
@@ -2473,19 +2468,28 @@ gnutls_handshake_set_timeout (gnutls_session_t session,
unsigned int ms)
} } while (0)
-static int run_verify_callback(gnutls_session_t session)
+/* Runs the certificate verification callback.
+ * side is either GNUTLS_CLIENT or GNUTLS_SERVER.
+ */
+static int run_verify_callback(gnutls_session_t session, unsigned int side)
{
gnutls_certificate_credentials_t cred;
- int ret;
+ int ret, type;
cred =
(gnutls_certificate_credentials_t) _gnutls_get_cred (session->key,
GNUTLS_CRD_CERTIFICATE,
NULL);
- if (cred == NULL)
+
+ if (side == GNUTLS_CLIENT)
+ type = gnutls_auth_server_get_type(session);
+ else
+ type = gnutls_auth_client_get_type(session);
+
+ if (type != GNUTLS_CRD_CERTIFICATE)
return 0;
- if (cred->verify_callback != NULL)
+ if (cred != NULL && cred->verify_callback != NULL)
{
ret = cred->verify_callback (session);
if (ret != 0)
@@ -2572,7 +2576,7 @@ _gnutls_handshake_client (gnutls_session_t session)
IMED_RET ("recv server certificate", ret, 1);
case STATE7:
- ret = run_verify_callback(session);
+ ret = run_verify_callback(session, GNUTLS_CLIENT);
STATE = STATE7;
if (ret < 0)
return gnutls_assert_val(ret);
@@ -2632,12 +2636,50 @@ _gnutls_handshake_client (gnutls_session_t session)
STATE = STATE14;
IMED_RET ("send client certificate verify", ret, 1);
+ case STATE15:
+ STATE = STATE15;
+ if (session->internals.resumed == RESUME_FALSE)
+ {
+ ret = _gnutls_send_handshake_final (session, TRUE);
+ IMED_RET ("send handshake final 2", ret, 1);
+ }
+ else
+ {
+ ret = _gnutls_recv_new_session_ticket (session);
+ IMED_RET ("recv handshake new session ticket", ret, 1);
+ }
+
+ case STATE16:
+ STATE = STATE16;
+ if (session->internals.resumed == RESUME_FALSE)
+ {
+ ret = _gnutls_recv_new_session_ticket (session);
+ IMED_RET ("recv handshake new session ticket", ret, 1);
+ }
+ else
+ {
+ ret = _gnutls_recv_handshake_final (session, TRUE);
+ IMED_RET ("recv handshake final", ret, 1);
+ }
+
+ case STATE17:
+ STATE = STATE17;
+ if (session->internals.resumed == RESUME_FALSE)
+ {
+ ret = _gnutls_recv_handshake_final (session, FALSE);
+ IMED_RET ("recv handshake final 2", ret, 1);
+ }
+ else
+ {
+ ret = _gnutls_send_handshake_final (session, FALSE);
+ IMED_RET ("send handshake final", ret, 1);
+ }
+
STATE = STATE0;
default:
break;
}
-
return 0;
}
@@ -2696,12 +2738,12 @@ _gnutls_send_handshake_final (gnutls_session_t session,
int init)
/* Send the CHANGE CIPHER SPEC PACKET */
- switch (STATE)
+ switch (FINAL_STATE)
{
case STATE0:
- case STATE20:
- ret = send_change_cipher_spec (session, AGAIN (STATE20));
- STATE = STATE0;
+ case STATE1:
+ ret = send_change_cipher_spec (session, FAGAIN (STATE1));
+ FINAL_STATE = STATE0;
if (ret < 0)
{
@@ -2728,10 +2770,10 @@ _gnutls_send_handshake_final (gnutls_session_t session,
int init)
return ret;
}
- case STATE21:
+ case STATE2:
/* send the finished message */
- ret = _gnutls_send_finished (session, AGAIN (STATE21));
- STATE = STATE21;
+ ret = _gnutls_send_finished (session, FAGAIN (STATE2));
+ FINAL_STATE = STATE2;
if (ret < 0)
{
ERR ("send Finished", ret);
@@ -2739,7 +2781,7 @@ _gnutls_send_handshake_final (gnutls_session_t session,
int init)
return ret;
}
- STATE = STATE0;
+ FINAL_STATE = STATE0;
default:
break;
}
@@ -2764,11 +2806,11 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
return gnutls_assert_val(ret);
tleft = ret;
- switch (STATE)
+ switch (FINAL_STATE)
{
case STATE0:
case STATE30:
- STATE = STATE30;
+ FINAL_STATE = STATE30;
/* This is the last flight and peer cannot be sure
* we have received it unless we notify him. So we
@@ -2816,7 +2858,7 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
}
case STATE31:
- STATE = STATE31;
+ FINAL_STATE = STATE31;
if (IS_DTLS(session) && !_dtls_is_async(session) &&
(gnutls_record_check_pending( session) +
@@ -2834,7 +2876,7 @@ _gnutls_recv_handshake_final (gnutls_session_t session,
int init)
gnutls_assert ();
return ret;
}
- STATE = STATE0;
+ FINAL_STATE = STATE0;
default:
break;
}
@@ -2933,95 +2975,71 @@ _gnutls_handshake_server (gnutls_session_t session)
IMED_RET ("recv client certificate", ret, 1);
case STATE9:
+ ret = run_verify_callback(session, GNUTLS_SERVER);
+ STATE = STATE9;
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+ case STATE10:
/* receive the client key exchange message */
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret = _gnutls_recv_client_kx_message (session);
- STATE = STATE9;
+ STATE = STATE10;
IMED_RET ("recv client kx", ret, 1);
- case STATE10:
+ case STATE11:
/* receive the client certificate verify message */
if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
ret = _gnutls_recv_client_certificate_verify_message (session);
- STATE = STATE10;
+ STATE = STATE11;
IMED_RET ("recv client certificate verify", ret, 1);
- STATE = STATE0; /* finished thus clear session */
- default:
- break;
- }
-
- return 0;
-}
-
-static int
-_gnutls_handshake_common (gnutls_session_t session)
-{
- int ret = 0;
-
- /* send and recv the change cipher spec and finished messages */
- if ((session->internals.resumed != RESUME_FALSE
- && session->security_parameters.entity == GNUTLS_CLIENT)
- || (session->internals.resumed == RESUME_FALSE
- && session->security_parameters.entity == GNUTLS_SERVER))
- {
- /* if we are a client resuming - or we are a server not resuming */
- ret = _gnutls_recv_handshake_final (session, TRUE);
- IMED_RET ("recv handshake final", ret, 1);
-
- switch (STATE)
- {
- case STATE0:
- case STATE40:
- ret = _gnutls_send_new_session_ticket (session, AGAIN (STATE40));
- STATE = STATE40;
- IMED_RET ("send handshake new session ticket", ret, 0);
- STATE = STATE0;
- default:
- break;
+ case STATE12:
+ STATE = STATE12;
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
+ {
+ ret = _gnutls_recv_handshake_final (session, TRUE);
+ IMED_RET ("recv handshake final", ret, 1);
}
-
- ret = _gnutls_send_handshake_final (session, FALSE);
- IMED_RET ("send handshake final", ret, 1);
-
- /* only store if we are not resuming a session and we didn't previously
send a ticket
- */
- if (session->security_parameters.entity == GNUTLS_SERVER &&
session->internals.ticket_sent == 0)
+ else
{
- /* in order to support session resuming */
- _gnutls_server_register_current_session (session);
+ ret = _gnutls_send_handshake_final (session, TRUE);
+ IMED_RET ("send handshake final 2", ret, 1);
}
- }
- else
- { /* if we are a client not resuming - or we are
a server resuming */
- ret = _gnutls_send_handshake_final (session, TRUE);
- IMED_RET ("send handshake final 2", ret, 1);
+ case STATE13:
+ ret = _gnutls_send_new_session_ticket (session, AGAIN (STATE13));
+ STATE = STATE13;
+ IMED_RET ("send handshake new session ticket", ret, 0);
- switch (STATE)
+ case STATE14:
+ STATE = STATE14;
+ if (session->internals.resumed == RESUME_FALSE) /* if we are not
resuming */
{
- case STATE0:
- case STATE41:
- ret = _gnutls_recv_new_session_ticket (session);
- STATE = STATE41;
- IMED_RET ("recv handshake new session ticket", ret, 1);
- STATE = STATE0;
- default:
- break;
+ ret = _gnutls_send_handshake_final (session, FALSE);
+ IMED_RET ("send handshake final", ret, 1);
+ }
+ else
+ {
+ ret = _gnutls_recv_handshake_final (session, FALSE);
+ IMED_RET ("recv handshake final 2", ret, 1);
}
- ret = _gnutls_recv_handshake_final (session, FALSE);
- IMED_RET ("recv handshake final 2", ret, 1);
+ if (session->security_parameters.entity == GNUTLS_SERVER &&
session->internals.ticket_sent == 0)
+ {
+ /* if no ticket, save session data */
+ _gnutls_server_register_current_session (session);
+ }
+ STATE = STATE0;
+ default:
+ break;
}
-
- /* clear handshake buffer */
- _gnutls_handshake_hash_buffers_clear (session);
- return ret;
-
+ return 0;
}
+
int
_gnutls_generate_session_id (uint8_t * session_id, uint8_t * len)
{
diff --git a/lib/gnutls_handshake.h b/lib/gnutls_handshake.h
index 4fa14f3..7d3b239 100644
--- a/lib/gnutls_handshake.h
+++ b/lib/gnutls_handshake.h
@@ -51,10 +51,12 @@ int _gnutls_user_hello_func (gnutls_session_t session,
void _gnutls_handshake_hash_buffers_clear (gnutls_session_t session);
#define STATE session->internals.handshake_state
+#define FINAL_STATE session->internals.handshake_final_state
/* This returns true if we have got there
* before (and not finished due to an interrupt).
*/
#define AGAIN(target) (STATE==target?1:0)
+#define FAGAIN(target) (FINAL_STATE==target?1:0)
#define AGAIN2(state, target) (state==target?1:0)
inline static int handshake_remaining_time(gnutls_session_t session)
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 9c4c850..48a60eb 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -225,6 +225,7 @@ typedef enum handshake_state_t
{ STATE0 = 0, STATE1, STATE2,
STATE3, STATE4, STATE5, STATE6, STATE7, STATE8,
STATE9, STATE10, STATE11, STATE12, STATE13, STATE14,
+ STATE15, STATE16, STATE17,
STATE20 = 20, STATE21, STATE22,
STATE30 = 30, STATE31, STATE40 = 40, STATE41, STATE50 = 50,
STATE60 = 60, STATE61, STATE62, STATE70, STATE71
@@ -697,6 +698,7 @@ typedef struct
* message */
unsigned int resumable:1; /* TRUE or FALSE - if we can resume
that session */
unsigned int ticket_sent:1; /* whether a session ticket was sent
*/
+ handshake_state_t handshake_final_state;
handshake_state_t handshake_state; /* holds
* a number which indicates where
* the handshake procedure has been
diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
index 3806a76..49ac9b1 100644
--- a/lib/gnutls_x509.c
+++ b/lib/gnutls_x509.c
@@ -1176,7 +1176,7 @@ add_new_crt_to_rdn_seq (gnutls_certificate_credentials_t
res, gnutls_x509_crt_t*
gnutls_datum_t tmp;
int ret;
size_t newsize;
- unsigned char *newdata;
+ unsigned char *newdata, *p;
unsigned i;
/* Add DN of the last added CAs to the RDN sequence
@@ -1216,7 +1216,11 @@ add_new_crt_to_rdn_seq (gnutls_certificate_credentials_t
res, gnutls_x509_crt_t*
return GNUTLS_E_MEMORY_ERROR;
}
- _gnutls_write_datum16 (newdata + res->x509_rdn_sequence.size, tmp);
+ p = newdata + res->x509_rdn_sequence.size;
+ _gnutls_write_uint16 (tmp.size, p);
+ if (tmp.data != NULL)
+ memcpy (p+2, tmp.data, tmp.size);
+
_gnutls_free_datum (&tmp);
res->x509_rdn_sequence.size = newsize;
diff --git a/tests/resume.c b/tests/resume.c
index 7388dc0..6b63332 100644
--- a/tests/resume.c
+++ b/tests/resume.c
@@ -535,37 +535,36 @@ static int
wrap_db_store (void *dbf, gnutls_datum_t key, gnutls_datum_t data)
{
if (debug)
- success ("resume db storing... (%d-%d)\n", key.size, data.size);
-
- if (debug)
{
unsigned int i;
- printf ("key:\n");
+ fprintf (stderr, "resume db storing (%d-%d): ", key.size, data.size);
for (i = 0; i < key.size; i++)
{
- printf ("%02x ", key.data[i] & 0xFF);
- if ((i + 1) % 16 == 0)
- printf ("\n");
+ fprintf (stderr, "%02x", key.data[i] & 0xFF);
}
- printf ("\n");
- printf ("data:\n");
+ fprintf (stderr, "\n");
+ fprintf (stderr, "data: ");
for (i = 0; i < data.size; i++)
{
- printf ("%02x ", data.data[i] & 0xFF);
- if ((i + 1) % 16 == 0)
- printf ("\n");
+ fprintf (stderr, "%02x", data.data[i] & 0xFF);
}
- printf ("\n");
+ fprintf (stderr, "\n");
}
if (cache_db == NULL)
return -1;
if (key.size > MAX_SESSION_ID_SIZE)
- return -1;
+ {
+ fail("Key size is too large\n");
+ return -1;
+ }
if (data.size > MAX_SESSION_DATA_SIZE)
- return -1;
+ {
+ fail("Data size is too large\n");
+ return -1;
+ }
memcpy (cache_db[cache_db_ptr].session_id, key.data, key.size);
cache_db[cache_db_ptr].session_id_size = key.size;
@@ -586,18 +585,15 @@ wrap_db_fetch (void *dbf, gnutls_datum_t key)
int i;
if (debug)
- success ("resume db fetch... (%d)\n", key.size);
- if (debug)
{
unsigned int i;
- printf ("key:\n");
+
+ fprintf (stderr, "resume db looking for (%d): ", key.size);
for (i = 0; i < key.size; i++)
{
- printf ("%02x ", key.data[i] & 0xFF);
- if ((i + 1) % 16 == 0)
- printf ("\n");
+ fprintf (stderr, "%02x", key.data[i] & 0xFF);
}
- printf ("\n");
+ fprintf (stderr, "\n");
}
if (cache_db == NULL)
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_1_2-18-gd54c5c0,
Nikos Mavrogiannopoulos <=