From: Nikos Mavrogiannopoulos Date: Fri, 3 Jun 2011 12:27:10 +0000 (+0200) Subject: simplified _gnutls_selected_cert_supported_kx(). X-Git-Tag: gnutls_2_99_3~59 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fef1a0e62ce53e24837e19fe1964c85be33f2130;p=thirdparty%2Fgnutls.git simplified _gnutls_selected_cert_supported_kx(). --- diff --git a/lib/auth/cert.h b/lib/auth/cert.h index efcdd85e7d..b0199615f6 100644 --- a/lib/auth/cert.h +++ b/lib/auth/cert.h @@ -166,7 +166,7 @@ int certificate_credentials_append_pkey (gnutls_certificate_credentials_t res, gnutls_privkey_t pkey); int _gnutls_selected_cert_supported_kx (struct gnutls_session_int *session, - gnutls_kx_algorithm_t ** alg, + gnutls_kx_algorithm_t * alg, int *alg_size); #endif diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index f726c7da1c..9cb6685904 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -247,19 +247,17 @@ int ret; */ int _gnutls_selected_cert_supported_kx (gnutls_session_t session, - gnutls_kx_algorithm_t ** alg, + gnutls_kx_algorithm_t * alg, int *alg_size) { gnutls_kx_algorithm_t kx; gnutls_pk_algorithm_t pk, cert_pk; - gnutls_kx_algorithm_t kxlist[MAX_ALGOS]; gnutls_pcert_st *cert; int i; if (session->internals.selected_cert_list_length == 0) { *alg_size = 0; - *alg = NULL; return 0; } @@ -275,8 +273,11 @@ _gnutls_selected_cert_supported_kx (gnutls_session_t session, /* then check key usage */ if (_gnutls_check_key_usage (cert, kx) == 0) { - kxlist[i] = kx; + alg[i] = kx; i++; + + if (i > *alg_size) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); } } } @@ -287,14 +288,8 @@ _gnutls_selected_cert_supported_kx (gnutls_session_t session, return GNUTLS_E_INVALID_REQUEST; } - *alg = gnutls_calloc (i, sizeof (gnutls_kx_algorithm_t)); - if (*alg == NULL) - return GNUTLS_E_MEMORY_ERROR; - *alg_size = i; - memcpy (*alg, kxlist, i * sizeof (gnutls_kx_algorithm_t)); - return 0; } diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index ff8a3d8774..bb2932f811 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -3073,8 +3073,8 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t session, gnutls_certificate_credentials_t cert_cred; gnutls_kx_algorithm_t kx; int server = session->security_parameters.entity == GNUTLS_SERVER ? 1 : 0; - gnutls_kx_algorithm_t *alg = NULL; - int alg_size = 0; + gnutls_kx_algorithm_t alg[MAX_ALGOS]; + int alg_size = MAX_ALGOS; /* if we should use a specific certificate, * we should remove all algorithms that are not supported @@ -3106,7 +3106,7 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t session, * supported by the X509 certificate parameters. */ if ((ret = - _gnutls_selected_cert_supported_kx (session, &alg, &alg_size)) < 0) + _gnutls_selected_cert_supported_kx (session, alg, &alg_size)) < 0) { gnutls_assert (); return ret; @@ -3116,7 +3116,6 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t session, if (newSuite == NULL) { gnutls_assert (); - gnutls_free (alg); return GNUTLS_E_MEMORY_ERROR; } @@ -3189,7 +3188,6 @@ _gnutls_remove_unwanted_ciphersuites (gnutls_session_t session, } } - gnutls_free (alg); gnutls_free (*cipherSuites); *cipherSuites = newSuite;