}
_gnutls_selected_certs_set(session, local_certs,
- (local_certs != NULL) ? st2.ncerts : 0,
- local_key, 1);
+ st2.ncerts, local_key, 1);
ret = 0;
cleanup:
_gnutls_free_datum(&akey);
- gnutls_pcert_deinit(&peer_certificate_list[0]);
- gnutls_free(peer_certificate_list);
+ if (peer_certificate_list != NULL) {
+ gnutls_pcert_deinit(&peer_certificate_list[0]);
+ gnutls_free(peer_certificate_list);
+ }
return ret;
}
gettime(&session->internals.hb_ping_start);
session->internals.hb_local_data.length = data_size;
session->internals.hb_state = SHB_SEND2;
+
+ /* fallthrough */
case SHB_SEND2:
session->internals.hb_actual_retrans_timeout_ms =
session->internals.hb_retrans_timeout_ms;
return GNUTLS_E_INVALID_SESSION;
}
- if (session->security_parameters.session_id == NULL
- || session->security_parameters.session_id_size == 0) {
+ if (session->security_parameters.session_id_size == 0) {
gnutls_assert();
return GNUTLS_E_INVALID_SESSION;
}
size_t i, init_size = extdata->length;
pos = extdata->length; /* we will store length later on */
- _gnutls_buffer_append_prefix(extdata, 16, 0);
+
+ ret = _gnutls_buffer_append_prefix(extdata, 16, 0);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
for (i = 0; i < extfunc_size; i++) {
extension_entry_st *p = &extfunc[i];
return ret;
}
+ /* fallthrough */
case STATE2:
/* send the finished message */
ret = _gnutls_send_finished(session, FAGAIN(STATE2));
return ret;
}
+ /* fallthrough */
case STATE31:
FINAL_STATE = STATE31;
}
tmp_output_size = 0;
- asn1_der_coding(dinfo, "", NULL, &tmp_output_size, NULL);
+ result = asn1_der_coding(dinfo, "", NULL, &tmp_output_size, NULL);
+ if (result != ASN1_MEM_ERROR) {
+ gnutls_assert();
+ asn1_delete_structure(&dinfo);
+ return _gnutls_asn2err(result);
+ }
tmp_output = gnutls_malloc(tmp_output_size);
if (tmp_output == NULL) {
**/
int gnutls_protocol_set_priority(gnutls_session_t session, const int *list)
{
- _set_priority(&session->internals.priorities.protocol, list);
-
- /* set the current version to the first in the chain.
- * This will be overridden later.
- */
- if (list)
+ if (list) {
+ _set_priority(&session->internals.priorities.protocol, list);
+ /* set the current version to the first in the chain.
+ * This will be overridden later.
+ */
_gnutls_set_current_version(session, list[0]);
+ }
return 0;
}
#define SET_PROFILE(to_set) \
profile = GNUTLS_VFLAGS_TO_PROFILE(priority_cache->additional_verify_flags); \
if (profile == 0 || profile > to_set) { \
- priority_cache->additional_verify_flags &= !GNUTLS_VFLAGS_PROFILE_MASK; \
+ priority_cache->additional_verify_flags &= ~GNUTLS_VFLAGS_PROFILE_MASK; \
priority_cache->additional_verify_flags |= GNUTLS_PROFILE_TO_VFLAGS(to_set); \
}
if (ret == 0)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
- if (ret == 0 && range->low != range->high)
- /* Cannot use LH, but a range was given */
- return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
-
_gnutls_set_range(&cur_range, range->low, range->high);
_gnutls_record_log
gnutls_assert();
return ret;
}
-
+ /* fallthrough */
case STATE61:
ret =
gnutls_alert_send(session, GNUTLS_AL_WARNING,
if (info == NULL)
return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
- if (info->username)
- username_len = strlen(info->username) + 1; /* include the terminating null */
- else
- username_len = 0;
-
- if (info->hint)
- hint_len = strlen(info->hint) + 1; /* include the terminating null */
- else
- hint_len = 0;
+ username_len = strlen(info->username) + 1; /* include the terminating null */
+ hint_len = strlen(info->hint) + 1; /* include the terminating null */
size_offset = ps->length;
BUFFER_APPEND_NUM(ps, 0);
return ret;
cleanup:
- for (j = 0; j < i; i++)
+ for (j = 0; j < i; j++)
gnutls_x509_crt_deinit(new_list[j]);
return ret;
if (*fd == -1 || do_restart)
*fd = _rndegd_connect_socket();
+ if (*fd == -1)
+ return -1;
+
do_restart = 0;
nbytes = length < 255 ? length : 255;
gnutls_openpgp_crt_get_preferred_key_id(gnutls_openpgp_crt_t key,
gnutls_openpgp_keyid_t keyid)
{
- if (!key->preferred_set)
- return
- gnutls_assert_val
- (GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR);
-
if (!key || !keyid) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
+ if (!key->preferred_set)
+ return
+ gnutls_assert_val
+ (GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR);
+
memcpy(keyid, key->preferred_keyid, GNUTLS_OPENPGP_KEYID_SIZE);
return 0;
gnutls_openpgp_privkey_get_preferred_key_id(gnutls_openpgp_privkey_t key,
gnutls_openpgp_keyid_t keyid)
{
- if (!key->preferred_set)
- return
- gnutls_assert_val
- (GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR);
-
if (!key || !keyid) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
+ if (!key->preferred_set)
+ return
+ gnutls_assert_val
+ (GNUTLS_E_OPENPGP_PREFERRED_KEY_ERROR);
+
memcpy(keyid, key->preferred_keyid, GNUTLS_OPENPGP_KEYID_SIZE);
return 0;
a[0].value = &class;
a[0].value_len = sizeof class;
- pkcs11_get_attribute_value(sinfo->module,
+ rv = pkcs11_get_attribute_value(sinfo->module,
sinfo->pks, obj, a, 1);
+ if (rv != CKR_OK) {
+ class = -1;
+ }
}
if (find_data->flags ==
return gnutls_assert_val(GNUTLS_E_PARSING_ERROR);
}
- if ((p = strstr(url, "storage=user")) != NULL)
+ if (strstr(url, "storage=user") != NULL)
s->storage = TSS_PS_TYPE_USER;
else
s->storage = TSS_PS_TYPE_SYSTEM;
char *out;
ret = base64_encode_alloc((void *) raw->data, raw->size, &out);
- if (ret == 0)
+ if (ret == 0 || out == NULL)
return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
b64->data = (void *) out;