[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-349-g9573ebb
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-349-g9573ebb |
|
Date: |
Wed, 01 Sep 2010 16:57:49 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=9573ebb1c95e460c7afbd1016838411bd897fc6e
The branch, master has been updated
via 9573ebb1c95e460c7afbd1016838411bd897fc6e (commit)
from a05ba48fbb51bcf4fff383044e7a0d8f46929645 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 9573ebb1c95e460c7afbd1016838411bd897fc6e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Sep 1 18:56:54 2010 +0200
When the %COMPAT flag is specified, larger records that would otherwise
violate the TLS spec, are accepted.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +++
lib/gnutls_int.h | 1 +
lib/gnutls_priority.c | 5 +++--
lib/gnutls_record.c | 3 ++-
4 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/NEWS b/NEWS
index 3009b73..fc7dd47 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,9 @@ See the end for copying conditions.
* Version 2.11.1 (unreleased)
+** libgnutls: The %COMPAT flag now allows larger records that violate the
+TLS spec.
+
** libgnutls: by default lowat level has been set to zero to avoid unnecessary
system calls. Applications that depended on it being 1 should explicitly call
gnutls_transport_set_lowat().
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 6d3ef8a..2d37678 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -433,6 +433,7 @@ struct gnutls_priority_st
/* to disable record padding */
int no_padding:1;
+ int allow_large_records:1;
safe_renegotiation_t sr;
int ssl3_record_version;
int additional_verify_flags;
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index 5f1045b..45b6a08 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -713,9 +713,10 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
}
else if (broken_list[i][0] == '%')
{
- if (strcasecmp (&broken_list[i][1], "COMPAT") == 0)
+ if (strcasecmp (&broken_list[i][1], "COMPAT") == 0) {
(*priority_cache)->no_padding = 1;
- else if (strcasecmp (&broken_list[i][1],
+ (*priority_cache)->allow_large_records = 1;
+ } else if (strcasecmp (&broken_list[i][1],
"VERIFY_ALLOW_SIGN_RSA_MD5") == 0)
{
prio_add (&(*priority_cache)->sign_algo, GNUTLS_SIGN_RSA_MD5);
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index ba5564a..4faa3ac 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -798,7 +798,8 @@ get_temp_recv_buffer (gnutls_session_t session,
gnutls_datum_t * tmp)
{
size_t max_record_size;
- if (gnutls_compression_get (session) != GNUTLS_COMP_NULL)
+ if (gnutls_compression_get (session) != GNUTLS_COMP_NULL ||
+ session->internals.priorities.allow_large_records != 0)
max_record_size = MAX_RECORD_RECV_SIZE + EXTRA_COMP_SIZE;
else
max_record_size = MAX_RECORD_RECV_SIZE;
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_2_9_10-349-g9573ebb,
Nikos Mavrogiannopoulos <=