gnutls-commit
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-261-ge6c6e1f

From: Nikos Mavrogiannopoulos
Subject: [SCM] GNU gnutls branch, master, updated. gnutls-3_0_12-261-ge6c6e1f
Date: Sat, 18 Feb 2012 11:53:04 +0000 
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".

http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=e6c6e1ffc206713b211b917ef6bd28a9aedd4733

The branch, master has been updated
       via  e6c6e1ffc206713b211b917ef6bd28a9aedd4733 (commit)
       via  dcfa2518a99309dd7003948167bdae512cfaf162 (commit)
       via  177994dc37aa883428124ddb051e4ada05651311 (commit)
      from  caced51103979204a5eb8cafd1a4134f01fd6dd1 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit e6c6e1ffc206713b211b917ef6bd28a9aedd4733
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sat Feb 18 12:57:42 2012 +0100

    Set the handshake type when calling record_add_to_buffers().

commit dcfa2518a99309dd7003948167bdae512cfaf162
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sat Feb 18 12:42:49 2012 +0100

    do not try to verify certificates when not needed.

commit 177994dc37aa883428124ddb051e4ada05651311
Author: Nikos Mavrogiannopoulos <address@hidden>
Date:   Sat Feb 18 12:34:30 2012 +0100

    properly report unexpected EOF.

-----------------------------------------------------------------------

Summary of changes:
 lib/gnutls_errors.c             |    3 ++-
 lib/gnutls_record.c             |   19 ++++++++-----------
 lib/includes/gnutls/gnutls.h.in |    1 +
 src/serv.c                      |    6 ++++--
 4 files changed, 15 insertions(+), 14 deletions(-)

diff --git a/lib/gnutls_errors.c b/lib/gnutls_errors.c
index 24f462d..85542ef 100644
--- a/lib/gnutls_errors.c
+++ b/lib/gnutls_errors.c
@@ -281,7 +281,8 @@ static const gnutls_error_entry error_algorithms[] = {
 
   ERROR_ENTRY (N_("Error interfacing with /dev/crypto"),
                GNUTLS_E_CRYPTODEV_IOCTL_ERROR, 1),
-
+  ERROR_ENTRY (N_("Peer has terminated the connection"),
+               GNUTLS_E_SESSION_EOF, 1),
   ERROR_ENTRY (N_("Channel binding data not available"),
                GNUTLS_E_CHANNEL_BINDING_NOT_AVAILABLE, 1),
 
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index acd44ae..a9a50c7 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -609,7 +609,7 @@ record_add_to_buffers (gnutls_session_t session,
               /* If we have been expecting for an alert do 
                */
               session->internals.read_eof = 1;
-              ret = GNUTLS_E_INT_RET_0;        /* EOF */
+              ret = GNUTLS_E_SESSION_EOF;
               goto cleanup;
             }
           else
@@ -1078,22 +1078,19 @@ begin:
   if (record.v2)
     decrypted->htype = GNUTLS_HANDSHAKE_CLIENT_HELLO_V2;
   else
-    decrypted->htype = -1;
+    {
+      uint8_t * p = _mbuffer_get_udata_ptr(decrypted);
+      decrypted->htype = p[0];
+    }
 
   ret =
     record_add_to_buffers (session, &record, type, htype, 
-      packet_sequence, decrypted);
+                           packet_sequence, decrypted);
 
   /* bufel is now either deinitialized or buffered somewhere else */
 
   if (ret < 0)
-    {
-      if (ret == GNUTLS_E_INT_RET_0)
-        {
-          return 0;
-        }
-      return gnutls_assert_val(ret);
-    }
+    return gnutls_assert_val(ret);
 
   return ret;
 
@@ -1185,7 +1182,7 @@ _gnutls_recv_int (gnutls_session_t session, 
content_type_t type,
     return ret;
 
   ret = _gnutls_recv_in_buffers(session, type, htype);
-  if (ret < 0)
+  if (ret < 0 && ret != GNUTLS_E_SESSION_EOF)
     return gnutls_assert_val(ret);
 
   return check_buffers (session, type, data, data_size, seq);
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 7e623e1..8bbb504 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -1888,6 +1888,7 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t 
session);
 #define GNUTLS_E_ILLEGAL_PARAMETER -325
 #define GNUTLS_E_NO_PRIORITIES_WERE_SET -326
 #define GNUTLS_E_X509_UNSUPPORTED_EXTENSION -327
+#define GNUTLS_E_SESSION_EOF -328
 
 #define GNUTLS_E_UNIMPLEMENTED_FEATURE -1250
 
diff --git a/src/serv.c b/src/serv.c
index 33b0fe9..e3a62e1 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -1308,7 +1308,8 @@ static void tcp_server(const char* name, int port)
                                             &client_address, calen, topbuf,
                                             sizeof (topbuf)));
                         print_info (j->tls_session, verbose);
-                        cert_verify(j->tls_session, NULL);
+                        if (gnutls_auth_get_type (j->tls_session) == 
GNUTLS_CRD_CERTIFICATE)
+                          cert_verify(j->tls_session, NULL);
                       }
                     j->handshake_ok = 1;
                   }
@@ -1432,7 +1433,8 @@ static void tcp_server(const char* name, int port)
                                             sizeof (topbuf)));
 
                         print_info (j->tls_session, verbose);
-                        cert_verify(j->tls_session, NULL);
+                        if (gnutls_auth_get_type (j->tls_session) == 
GNUTLS_CRD_CERTIFICATE)
+                          cert_verify(j->tls_session, NULL);
                       }
                     j->handshake_ok = 1;
                   }


hooks/post-receive
-- 
GNU gnutls
reply via email to
[Prev in Thread] Current Thread [Next in Thread]