* then send that one.
*/
if (cred->ncerts == 1 &&
- (data_size == 0 || session->internals.force_client_cert)) {
+ (data_size == 0 || (session->internals.flags & GNUTLS_FORCE_CLIENT_CERT))) {
*indx = 0;
return 0;
}
* return.
*/
if (session->internals.dtls.flight_init != 0
- && session->internals.blocking == 0) {
+ && (session->internals.flags & GNUTLS_NONBLOCK)) {
/* just in case previous run was interrupted */
ret = _gnutls_io_write_flush(session);
if (ret < 0) {
goto cleanup;
} else { /* all other messages -> implicit ack (receive of next flight) */
- if (session->internals.blocking != 0)
+ if (!(session->internals.flags & GNUTLS_NONBLOCK))
ret =
_gnutls_io_check_recv(session,
timeout);
{
int ret;
- if (session->internals.blocking != 0)
+ if (!(session->internals.flags & GNUTLS_NONBLOCK))
ret = _gnutls_io_check_recv(session, TIMER_WINDOW);
else
ret = _gnutls_io_check_recv(session, 0);
int _rr; \
if (r != GNUTLS_E_INTERRUPTED) _rr = GNUTLS_E_AGAIN; \
else _rr = r; \
- if (session->internals.blocking != 0) \
+ if (!(session->internals.flags & GNUTLS_NONBLOCK)) \
millisleep(50); \
return gnutls_assert_val(_rr); \
} \
{
ssize_t data_size = _data_size;
- if (session->internals.try_ext_master_secret == 0 ||
+ if ((session->internals.flags & GNUTLS_NO_EXTENSIONS) ||
session->internals.priorities.no_ext_master_secret != 0) {
return 0;
}
_gnutls_ext_master_secret_send_params(gnutls_session_t session,
gnutls_buffer_st * extdata)
{
- if (session->internals.try_ext_master_secret == 0 ||
+ if ((session->internals.flags & GNUTLS_NO_EXTENSIONS) ||
session->internals.priorities.no_ext_master_secret != 0) {
session->security_parameters.ext_master_secret = 0;
return 0;
recv_state_t recv_state; /* state of the receive function */
bool sc_random_set;
- bool no_replay_protection; /* DTLS replay protection */
- bool allow_cert_change; /* whether the peer is allowed to change certificate */
- bool force_client_cert;
- bool try_ext_master_secret; /* whether to try negotiating the ext master secret */
+
+ unsigned flags; /* the flags in gnutls_init() */
/* a verify callback to override the verify callback from the credentials
* structure */
unsigned vc_status;
unsigned int additional_verify_flags; /* may be set by priorities or the vc functions */
- /* whether this session uses non-blocking sockets */
- bool blocking;
-
/* the SHA256 hash of the peer's certificate */
uint8_t cert_hash[32];
bool cert_hash_set;
- bool enable_false_start; /* whether TLS false start has been requested */
bool false_start_used; /* non-zero if false start was used for appdata */
/* If you add anything here, check _gnutls_handshake_internal_state_clear().
/* clear handshake buffer */
if (session->security_parameters.entity != GNUTLS_CLIENT ||
- !session->internals.enable_false_start ||
+ !(session->internals.flags & GNUTLS_ENABLE_FALSE_START) ||
session->internals.recv_state != RECV_STATE_FALSE_START) {
_gnutls_handshake_hash_buffers_clear(session);
char tmp[32];
int ret;
- if (session->internals.allow_cert_change != 0)
+ if (session->internals.flags & GNUTLS_ALLOW_CERT_CHANGE)
return 0;
ai = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
case STATE17:
STATE = STATE17;
- if (session->internals.resumed == RESUME_FALSE && session->internals.enable_false_start != 0 && can_send_false_start(session)) {
+ if (session->internals.resumed == RESUME_FALSE && (session->internals.flags & GNUTLS_ENABLE_FALSE_START) && can_send_false_start(session)) {
session->internals.false_start_used = 1;
session->internals.recv_state = RECV_STATE_FALSE_START;
/* complete this phase of the handshake. We
record_state = &record_params->read;
/* receive headers */
- ret = recv_headers(session, record_params, type, htype, &record, session->internals.blocking?&ms:0);
+ ret = recv_headers(session, record_params, type, htype, &record, (!(session->internals.flags & GNUTLS_NONBLOCK))?&ms:0);
if (ret < 0) {
ret = gnutls_assert_val_fatal(ret);
goto recv_error;
*/
ret =
_gnutls_io_read_buffered(session, record.packet_size,
- record.type, session->internals.blocking?&ms:0);
+ record.type, (!(session->internals.flags & GNUTLS_NONBLOCK))?&ms:0);
if (ret != record.packet_size) {
gnutls_assert();
goto recv_error;
* messing with our windows.
*/
if (IS_DTLS(session)) {
- if (likely(session->internals.no_replay_protection == 0)) {
+ if (likely(!(session->internals.flags & GNUTLS_NO_REPLAY_PROTECTION))) {
ret = _dtls_record_check(record_params, packet_sequence);
if (ret < 0) {
_gnutls_record_log
/* if false start is not complete we always expect for handshake packets
* prior to anything else. */
if (session->security_parameters.entity == GNUTLS_CLIENT &&
- session->internals.enable_false_start != 0) {
+ (session->internals.flags & GNUTLS_ENABLE_FALSE_START)) {
/* Attempt to complete handshake */
session->internals.recv_state = RECV_STATE_FALSE_START_HANDLING;
(*session)->internals.transport = GNUTLS_STREAM;
}
- if (flags & GNUTLS_NONBLOCK)
- (*session)->internals.blocking = 0;
- else
- (*session)->internals.blocking = 1;
-
/* Enable useful extensions */
if ((flags & GNUTLS_CLIENT) && !(flags & GNUTLS_NO_EXTENSIONS)) {
#ifdef ENABLE_SESSION_TICKETS
#endif
}
- if (!(flags & GNUTLS_NO_EXTENSIONS))
- (*session)->internals.try_ext_master_secret = 1;
-
- if (flags & GNUTLS_FORCE_CLIENT_CERT)
- (*session)->internals.force_client_cert = 1;
-
- if (flags & GNUTLS_NO_REPLAY_PROTECTION)
- (*session)->internals.no_replay_protection = 1;
-
- if (flags & GNUTLS_ALLOW_CERT_CHANGE)
- (*session)->internals.allow_cert_change = 1;
-
- if (flags & GNUTLS_ENABLE_FALSE_START)
- (*session)->internals.enable_false_start = 1;
+ (*session)->internals.flags = flags;
return 0;
}
projects / thirdparty / gnutls.git / commitdiff
