]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
Correctly set compression method when resuming sessions.
authorNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 28 May 2011 21:44:58 +0000 (23:44 +0200)
committerNikos Mavrogiannopoulos <nmav@gnutls.org>
Sat, 28 May 2011 21:44:58 +0000 (23:44 +0200)
Reported by Dash Shendy.

lib/gnutls_constate.c
lib/gnutls_handshake.c
lib/gnutls_int.h
lib/gnutls_session_pack.c
lib/gnutls_v2_compat.c

index 83a77934591910362cad8d8ca780606471ae2b4b..e700a447fadca98d953e9b1afa17ca80f41f7042 100644 (file)
@@ -459,6 +459,7 @@ _gnutls_epoch_set_keys (gnutls_session_t session, uint16_t epoch)
        memcpy( dst->session_id, src->session_id, TLS_MAX_SESSION_ID_SIZE); \
        dst->session_id_size = src->session_id_size; \
        dst->cert_type = src->cert_type; \
+       dst->compression_method = src->compression_method; \
        dst->timestamp = src->timestamp; \
        dst->max_record_recv_size = src->max_record_recv_size; \
        dst->max_record_send_size = src->max_record_send_size; \
index f8934cf4511a10cb5a98530dad124e8b66ee97e1..02467b46ecde565d2e763e8a08621504eb73ae39 100644 (file)
@@ -134,13 +134,14 @@ resume_copy_required_values (gnutls_session_t session)
   memcpy (session->security_parameters.current_cipher_suite.suite,
           session->internals.resumed_security_parameters.current_cipher_suite.
           suite, 2);
+  session->security_parameters.compression_method = session->internals.resumed_security_parameters.compression_method;
 
   _gnutls_epoch_set_cipher_suite (session, EPOCH_NEXT,
                                   &session->
                                   internals.resumed_security_parameters.current_cipher_suite);
   _gnutls_epoch_set_compression (session, EPOCH_NEXT,
                                  session->
-                                 internals.resumed_compression_method);
+                                 internals.resumed_security_parameters.compression_method);
 
   /* or write_compression_algorithm
    * they are the same
@@ -1072,6 +1073,7 @@ _gnutls_server_select_comp_method (gnutls_session_t session,
               gnutls_free (comps);
 
               _gnutls_epoch_set_compression (session, EPOCH_NEXT, method);
+              session->security_parameters.compression_method = method;
 
               _gnutls_handshake_log
                 ("HSK[%p]: Selected Compression Method: %s\n", session,
@@ -1537,8 +1539,12 @@ _gnutls_client_set_comp_method (gnutls_session_t session, opaque comp_method)
 {
   int comp_methods_num;
   uint8_t *compression_methods;
+  int id = _gnutls_compression_get_id(comp_method);
   int i;
 
+  _gnutls_handshake_log ("HSK[%p]: Selected compression method: %s (%d)\n", session,
+                         gnutls_compression_get_name(id), (int)comp_method);
+
   comp_methods_num = _gnutls_supported_compression_methods (session,
                                                             &compression_methods);
   if (comp_methods_num < 0)
@@ -1564,7 +1570,8 @@ _gnutls_client_set_comp_method (gnutls_session_t session, opaque comp_method)
       return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM;
     }
 
-  _gnutls_epoch_set_compression (session, EPOCH_NEXT, _gnutls_compression_get_id(comp_method));
+  session->security_parameters.compression_method = id;
+  _gnutls_epoch_set_compression (session, EPOCH_NEXT, id);
 
   return 0;
 }
@@ -1604,7 +1611,7 @@ _gnutls_client_check_if_resuming (gnutls_session_t session,
          resumed_security_parameters.current_cipher_suite);
       _gnutls_epoch_set_compression (session, EPOCH_NEXT,
                                      session->
-                                     internals.resumed_compression_method);
+                                     internals.resumed_security_parameters.compression_method);
 
       session->internals.resumed = RESUME_TRUE; /* we are resuming */
 
@@ -2152,9 +2159,7 @@ _gnutls_send_server_hello (gnutls_session_t session, int again)
               session->security_parameters.current_cipher_suite.suite, 2);
       pos += 2;
 
-      comp =
-        (uint8_t) _gnutls_compression_get_num ( 
-         _gnutls_epoch_get_compression (session, session->security_parameters.epoch_next));
+      comp = _gnutls_compression_get_num ( session->security_parameters.compression_method);
       data[pos++] = comp;
 
       if (extdata.length > 0)
index 88f83a53b25b6e8597bcd5a0f8d0b9f9aa710eac..104492a578296001cf270e7e93e460bd4eff591b 100644 (file)
@@ -464,6 +464,7 @@ typedef struct
    * on resume;
    */
   cipher_suite_st current_cipher_suite;
+  gnutls_compression_method_t compression_method;
   opaque master_secret[GNUTLS_MASTER_SIZE];
   opaque client_random[GNUTLS_RANDOM_SIZE];
   opaque server_random[GNUTLS_RANDOM_SIZE];
@@ -682,7 +683,6 @@ typedef struct
   /* resumed session */
   int resumed:1;                /* RESUME_TRUE or FALSE - if we are resuming a session */
   security_parameters_st resumed_security_parameters;
-  gnutls_compression_method_t resumed_compression_method;
 
   /* These buffers are used in the handshake
    * protocol only. freed using _gnutls_handshake_io_buffer_clear();
index 6f92c4bb391c5e87bd2deb3c789af40770019bf8..c39cfbd064b6bf5748026896974887e97f0b3f27 100644 (file)
@@ -774,7 +774,7 @@ pack_security_parameters (gnutls_session_t session, gnutls_buffer_st * ps)
   BUFFER_APPEND (ps,
                  &session->security_parameters.current_cipher_suite.suite[1],
                  1);
-  BUFFER_APPEND_NUM (ps, params->compression_algorithm);
+  BUFFER_APPEND_NUM (ps, session->security_parameters.compression_method);
   BUFFER_APPEND_NUM (ps, session->security_parameters.cert_type);
   BUFFER_APPEND_NUM (ps, session->security_parameters.version);
 
@@ -822,7 +822,7 @@ unpack_security_parameters (gnutls_session_t session, gnutls_buffer_st * ps)
   BUFFER_POP (ps,
               &session->internals.resumed_security_parameters.
               current_cipher_suite.suite[1], 1);
-  BUFFER_POP_NUM (ps, session->internals.resumed_compression_method);
+  BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.compression_method);
   BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.cert_type);
   BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.version);
 
index 1492ad19346e860475f4e5dd8c796dffc778f9ab..c2af9f54d179d383f1a56da0812a0cbb7a3b534b 100644 (file)
@@ -251,6 +251,7 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data,
     }
 
   _gnutls_epoch_set_compression (session, EPOCH_NEXT, GNUTLS_COMP_NULL);
+  session->security_parameters.compression_method = GNUTLS_COMP_NULL;
 
   return 0;
 }