[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-151-g35c17f2
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-151-g35c17f2 |
|
Date: |
Tue, 07 Feb 2012 18:34:53 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=35c17f2fd72083bf12c5faa83195d18c3cb759ce
The branch, master has been updated
via 35c17f2fd72083bf12c5faa83195d18c3cb759ce (commit)
via 02a59ca6489e89479b44655470c66926713caa9b (commit)
via 9f79b46d5fa6f50db566991929e88ba1ba802f3e (commit)
from 621ad0d2e7955d2a78cf6c13e309065a57ed7406 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 35c17f2fd72083bf12c5faa83195d18c3cb759ce
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 7 19:39:48 2012 +0100
Discard unexpected handshake or other packets in DTLS
commit 02a59ca6489e89479b44655470c66926713caa9b
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 7 19:21:54 2012 +0100
initial_negotiation_completed type changed to unsigned
commit 9f79b46d5fa6f50db566991929e88ba1ba802f3e
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 7 18:20:11 2012 +0100
Included missing file in windows builds.
-----------------------------------------------------------------------
Summary of changes:
lib/accelerated/x86/Makefile.am | 3 +-
lib/gnutls_int.h | 2 +-
lib/gnutls_record.c | 46 ++++++++++++++++++++++----------------
3 files changed, 30 insertions(+), 21 deletions(-)
diff --git a/lib/accelerated/x86/Makefile.am b/lib/accelerated/x86/Makefile.am
index 4e2aa62..3ddd066 100644
--- a/lib/accelerated/x86/Makefile.am
+++ b/lib/accelerated/x86/Makefile.am
@@ -39,11 +39,12 @@ libx86_la_SOURCES = sha-padlock.c hmac-padlock.c aes-x86.c
aes-padlock.c aes-gcm
if ASM_X86_64
AM_CFLAGS += -DASM_X86_64 -DASM_X86
+libx86_la_SOURCES += aes-gcm-x86.c
if WINDOWS
libx86_la_SOURCES += asm-coff/appro-aes-x86-64-coff.s
asm-coff/padlock-x86-64-coff.s asm-coff/cpuid-x86-64-coff.s
asm-coff/appro-aes-gcm-x86-64-coff.s
else
-libx86_la_SOURCES += asm/appro-aes-x86-64.s asm/appro-aes-gcm-x86-64.s
aes-gcm-x86.c asm/padlock-x86-64.s asm/cpuid-x86-64.s
+libx86_la_SOURCES += asm/appro-aes-x86-64.s asm/appro-aes-gcm-x86-64.s
asm/padlock-x86-64.s asm/cpuid-x86-64.s
endif
else
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index a306dd5..7f3c676 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -841,7 +841,7 @@ typedef struct
uint16_t srp_prime_bits;
/* A handshake process has been completed */
- int initial_negotiation_completed:1;
+ unsigned int initial_negotiation_completed:1;
struct
{
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index cec3d92..17cad7f 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -585,7 +585,7 @@ record_add_to_buffers (gnutls_session_t session,
if (bufel->msg.size < 2)
{
ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
- goto cleanup;
+ goto unexpected_packet;
}
_gnutls_record_log
@@ -619,7 +619,6 @@ record_add_to_buffers (gnutls_session_t session,
session_invalidate (session);
ret = gnutls_assert_val(GNUTLS_E_FATAL_ALERT_RECEIVED);
}
-
goto cleanup;
}
break;
@@ -635,17 +634,9 @@ record_add_to_buffers (gnutls_session_t session,
if (session->internals.initial_negotiation_completed == 0)
{
ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
- goto cleanup;
+ goto unexpected_packet;
}
- /* even if data is unexpected put it into the buffer */
- if ((ret =
- _gnutls_record_buffer_put (session, recv->type, seq,
- bufel)) < 0)
- {
- gnutls_assert ();
- goto cleanup;
- }
/* the got_application data is only returned
* if expecting client hello (for rehandshake
@@ -654,11 +645,21 @@ record_add_to_buffers (gnutls_session_t session,
if (type == GNUTLS_ALERT || (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO
&& type == GNUTLS_HANDSHAKE))
{
+ /* even if data is unexpected put it into the buffer */
+ if ((ret =
+ _gnutls_record_buffer_put (session, recv->type, seq,
+ bufel)) < 0)
+ {
+ gnutls_assert ();
+ goto cleanup;
+ }
+
return gnutls_assert_val(GNUTLS_E_GOT_APPLICATION_DATA);
}
else
{
- return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+ ret = gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);
+ goto unexpected_packet;
}
break;
@@ -666,12 +667,15 @@ record_add_to_buffers (gnutls_session_t session,
/* In DTLS we might receive a handshake replay from the peer to
indicate
* the our last TLS handshake messages were not received.
*/
- if (_dtls_is_async(session) && _dtls_async_timer_active(session))
+ if (IS_DTLS(session))
{
- ret = _dtls_retransmit(session);
- goto cleanup;
+ if (_dtls_is_async(session) && _dtls_async_timer_active(session))
+ {
+ ret = _dtls_retransmit(session);
+ goto cleanup;
+ }
}
-
+
/* This is legal if HELLO_REQUEST is received - and we are a client.
* If we are a server, a client may initiate a renegotiation at any
time.
*/
@@ -695,7 +699,7 @@ record_add_to_buffers (gnutls_session_t session,
/* So we accept it */
ret = _gnutls_recv_hello_request (session, bufel->msg.data,
bufel->msg.size);
- goto cleanup;
+ goto unexpected_packet;
break;
default:
@@ -705,13 +709,17 @@ record_add_to_buffers (gnutls_session_t session,
session, recv->type, type);
gnutls_assert ();
- ret = GNUTLS_E_INTERNAL_ERROR;
- goto cleanup;
+ ret = GNUTLS_E_UNEXPECTED_PACKET;
+ goto unexpected_packet;
}
}
return 0;
+unexpected_packet:
+ if (IS_DTLS(session) && ret != GNUTLS_E_REHANDSHAKE)
+ ret = GNUTLS_E_AGAIN; /* skip the packet */
+
cleanup:
_mbuffer_xfree(&bufel);
return ret;
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-151-g35c17f2,
Nikos Mavrogiannopoulos <=