return 0;
}
-void
-_gnutls_epoch_set_null_algos(gnutls_session_t session,
- record_parameters_st * params)
-{
- /* This is only called on startup. We are extra paranoid about this
- because it may cause unencrypted application data to go out on
- the wire. */
- if (params->initialized || params->epoch != 0) {
- gnutls_assert();
- return;
- }
-
- params->cipher = cipher_to_entry(GNUTLS_CIPHER_NULL);
- params->mac = mac_to_entry(GNUTLS_MAC_NULL);
- params->initialized = 1;
-}
-
int _gnutls_epoch_set_keys(gnutls_session_t session, uint16_t epoch)
{
int hash_size;
}
int
-_gnutls_epoch_alloc(gnutls_session_t session, uint16_t epoch,
- record_parameters_st ** out)
+_gnutls_epoch_new(gnutls_session_t session, unsigned null_epoch, record_parameters_st **newp)
{
record_parameters_st **slot;
_gnutls_record_log("REC[%p]: Allocating epoch #%u\n", session,
- epoch);
+ session->security_parameters.epoch_next);
- slot = epoch_get_slot(session, epoch);
+ slot = epoch_get_slot(session, session->security_parameters.epoch_next);
/* If slot out of range or not empty. */
if (slot == NULL)
if (*slot == NULL)
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
- (*slot)->epoch = epoch;
- (*slot)->cipher = NULL;
- (*slot)->mac = NULL;
+ (*slot)->epoch = session->security_parameters.epoch_next;
+
+ if (null_epoch) {
+ (*slot)->cipher = cipher_to_entry(GNUTLS_CIPHER_NULL);
+ (*slot)->mac = mac_to_entry(GNUTLS_MAC_NULL);
+ (*slot)->initialized = 1;
+ } else {
+ (*slot)->cipher = NULL;
+ (*slot)->mac = NULL;
+ }
if (IS_DTLS(session))
- _gnutls_write_uint16(epoch,
+ _gnutls_write_uint16(session->security_parameters.epoch_next,
UINT64DATA((*slot)->write.
sequence_number));
- if (out != NULL)
- *out = *slot;
+ if (newp != NULL)
+ *newp = *slot;
return 0;
}
int _gnutls_read_connection_state_init(gnutls_session_t session);
int _gnutls_write_connection_state_init(gnutls_session_t session);
+#define _gnutls_epoch_bump(session) \
+ (session)->security_parameters.epoch_next++
+
int _gnutls_epoch_get(gnutls_session_t session, unsigned int epoch_rel,
record_parameters_st ** params_out);
-int _gnutls_epoch_alloc(gnutls_session_t session, uint16_t epoch,
- record_parameters_st ** out);
+int _gnutls_epoch_new(gnutls_session_t session, unsigned null_epoch, record_parameters_st **newp);
void _gnutls_epoch_gc(gnutls_session_t session);
void _gnutls_epoch_free(gnutls_session_t session,
record_parameters_st * state);
session->internals.priorities->cs.size == 0)
return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
+ ret =
+ _gnutls_epoch_new(session, 0, NULL);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
session->internals.used_exts_size = 0;
session->internals.crt_requested = 0;
session->internals.handshake_in_progress = 1;
return gnutls_assert_val(GNUTLS_E_HANDSHAKE_DURING_FALSE_START);
}
- ret =
- _gnutls_epoch_get(session,
- session->security_parameters.epoch_next,
- NULL);
- if (ret < 0) {
- /* We assume the epoch is not allocated if _gnutls_epoch_get fails. */
- ret =
- _gnutls_epoch_alloc(session,
- session->security_parameters.
- epoch_next, NULL);
- if (ret < 0)
- return gnutls_assert_val(ret);
- }
-
if (session->security_parameters.entity == GNUTLS_CLIENT) {
do {
ret = handshake_client(session);
_gnutls_handshake_internal_state_clear(session);
- session->security_parameters.epoch_next++;
+ _gnutls_epoch_bump(session);
}
return 0;
int gnutls_init(gnutls_session_t * session, unsigned int flags)
{
int ret;
- record_parameters_st *epoch;
FAIL_IF_LIB_ERROR;
if (*session == NULL)
return GNUTLS_E_MEMORY_ERROR;
- ret = _gnutls_epoch_alloc(*session, 0, &epoch);
+ ret = _gnutls_epoch_new(*session, 1, NULL);
if (ret < 0) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
+ gnutls_free(*session);
+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
}
-
- /* Set all NULL algos on epoch 0 */
- _gnutls_epoch_set_null_algos(*session, epoch);
-
- (*session)->security_parameters.epoch_next = 1;
+ _gnutls_epoch_bump(*session);
(*session)->security_parameters.entity =
(flags & GNUTLS_SERVER ? GNUTLS_SERVER : GNUTLS_CLIENT);
projects / thirdparty / gnutls.git / commitdiff
