[SCM] GNU gnutls branch, master, updated. gnutls_2_11

gnutls-commit

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-246-g8ed0bf7

From:	Nikos Mavrogiannopoulos
Subject:	[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-246-g8ed0bf7
Date:	Thu, 24 Feb 2011 16:22:54 +0000

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=8ed0bf779a35bccde60fa8d8006d6e12a3a4ecd6

The branch, master has been updated
       via  8ed0bf779a35bccde60fa8d8006d6e12a3a4ecd6 (commit)
       via  788fe551fff7cd3f40870a93d4d46843f3163079 (commit)
      from  c9bfe9720a0bde9cb6355d9a7dd89d9c72e1dbbd (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 8ed0bf779a35bccde60fa8d8006d6e12a3a4ecd6
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Thu Feb 24 17:19:29 2011 +0100

    Detect fork() in the random number generator and reseed.

commit 788fe551fff7cd3f40870a93d4d46843f3163079
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Wed Feb 23 21:25:10 2011 +0100

    use timeouts closer to DTLS RFC.

-----------------------------------------------------------------------

Summary of changes:
 lib/gnutls_dtls.c  |   14 ++++++++++----
 lib/gnutls_state.c |    4 ++--
 lib/nettle/rnd.c   |   10 ++++++++++
 3 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/lib/gnutls_dtls.c b/lib/gnutls_dtls.c
index db598b9..a1cbcf1 100644
--- a/lib/gnutls_dtls.c
+++ b/lib/gnutls_dtls.c
@@ -137,6 +137,9 @@ static int drop_usage_count(gnutls_session_t session)
   return 0;
 }
 
+#define MAX_TIMEOUT 60000
+#define FINISHED_TIMEOUT 3000
+
 /* This function transmits the flight that has been previously
  * buffered.
  *
@@ -153,6 +156,7 @@ int ret;
     &session->internals.handshake_send_buffer;
   mbuffer_st *cur;
   unsigned int total_timeout = 0;
+  unsigned int timeout = session->internals.dtls.retrans_timeout;
   gnutls_handshake_description_t last_type = 0;
 
   do 
@@ -176,7 +180,7 @@ int ret;
          (session->security_parameters.entity == GNUTLS_CLIENT && 
session->internals.resumed == RESUME_TRUE)))
         {
           opaque c;
-          ret = _gnutls_io_check_recv(session, &c, 1, 
session->internals.dtls.retrans_timeout);
+          ret = _gnutls_io_check_recv(session, &c, 1, FINISHED_TIMEOUT);
           if (ret == GNUTLS_E_TIMEDOUT)
             ret = 0;
           else if (ret >= 0)
@@ -184,14 +188,16 @@ int ret;
               if (c == GNUTLS_HANDSHAKE) /* retransmit */
                 ret = GNUTLS_E_TIMEDOUT;
             }
-          total_timeout += session->internals.dtls.retrans_timeout;
         }
       else /* all other messages -> implicit ack (receive of next flight) */
         {
-          ret = _gnutls_io_check_recv(session, NULL, 0, 
session->internals.dtls.retrans_timeout);
-          total_timeout += session->internals.dtls.retrans_timeout;
+          ret = _gnutls_io_check_recv(session, NULL, 0, timeout);
         }
 
+      total_timeout += timeout;
+      timeout *= 2;
+      timeout %= MAX_TIMEOUT;
+
       if (total_timeout >= session->internals.dtls.total_timeout) {
         ret = gnutls_assert_val(GNUTLS_E_TIMEDOUT);
         goto cleanup;
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index f5f7b75..e21b8e5 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -409,8 +409,8 @@ gnutls_init_dtls (gnutls_session_t * session,
   (*session)->internals.dtls.mtu = DTLS_DEFAULT_MTU;
   (*session)->internals.transport = GNUTLS_DGRAM;
 
-  (*session)->internals.dtls.retrans_timeout = 300;
-  (*session)->internals.dtls.total_timeout = 6000;
+  (*session)->internals.dtls.retrans_timeout = 800;
+  (*session)->internals.dtls.total_timeout = 60000;
 
   (*session)->internals.dtls.record_sw_size = 0;
 
diff --git a/lib/nettle/rnd.c b/lib/nettle/rnd.c
index e623c90..9ccb398 100644
--- a/lib/nettle/rnd.c
+++ b/lib/nettle/rnd.c
@@ -155,6 +155,7 @@ wrap_nettle_rnd_deinit (void *ctx)
 #include <sys/time.h>
 #include <fcntl.h>
 #include <locks.h>
+#include <unistd.h> /* getpid */
 #ifdef HAVE_GETRUSAGE
 #include <sys/resource.h>
 #endif
@@ -346,6 +347,7 @@ do_device_source_egd (int init)
 static int
 do_device_source (int init)
 {
+  static pid_t pid; /* detect fork() */
   int ret;
   static int (*do_source) (int init) = NULL;
 /* using static var here is ok since we are
@@ -354,6 +356,8 @@ do_device_source (int init)
 
   if (init == 1)
     {
+      pid = getpid();
+
       do_source = do_device_source_urandom;
       ret = do_source (init);
       if (ret < 0)
@@ -372,6 +376,12 @@ do_device_source (int init)
     }
   else
     {
+      if (getpid() != pid) 
+        { /* fork() detected */
+          device_last_read = 0;
+          pid = getpid();
+        }
+    
       return do_source (init);
     }
 }


hooks/post-receive
-- 
GNU gnutls

[Prev in Thread]

Current Thread

[Next in Thread]

[SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-246-g8ed0bf7, Nikos Mavrogiannopoulos <=

Prev by Date: [SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-244-gc9bfe97
Next by Date: [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-132-g786d7ec
Previous by thread: [SCM] GNU gnutls branch, master, updated. gnutls_2_11_6-244-gc9bfe97
Next by thread: [SCM] GNU gnutls branch, gnutls_2_12_x, updated. gnutls_2_11_6-132-g786d7ec
Index(es):
- Date
- Thread