From: Nikos Mavrogiannopoulos Date: Sat, 28 May 2011 21:44:58 +0000 (+0200) Subject: Correctly set compression method when resuming sessions. X-Git-Tag: gnutls_2_99_3~88 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e522469ded7d5efe183b10de66447aeeea177bce;p=thirdparty%2Fgnutls.git Correctly set compression method when resuming sessions. Reported by Dash Shendy. --- diff --git a/lib/gnutls_constate.c b/lib/gnutls_constate.c index 83a7793459..e700a447fa 100644 --- a/lib/gnutls_constate.c +++ b/lib/gnutls_constate.c @@ -459,6 +459,7 @@ _gnutls_epoch_set_keys (gnutls_session_t session, uint16_t epoch) memcpy( dst->session_id, src->session_id, TLS_MAX_SESSION_ID_SIZE); \ dst->session_id_size = src->session_id_size; \ dst->cert_type = src->cert_type; \ + dst->compression_method = src->compression_method; \ dst->timestamp = src->timestamp; \ dst->max_record_recv_size = src->max_record_recv_size; \ dst->max_record_send_size = src->max_record_send_size; \ diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index f8934cf451..02467b46ec 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -134,13 +134,14 @@ resume_copy_required_values (gnutls_session_t session) memcpy (session->security_parameters.current_cipher_suite.suite, session->internals.resumed_security_parameters.current_cipher_suite. suite, 2); + session->security_parameters.compression_method = session->internals.resumed_security_parameters.compression_method; _gnutls_epoch_set_cipher_suite (session, EPOCH_NEXT, &session-> internals.resumed_security_parameters.current_cipher_suite); _gnutls_epoch_set_compression (session, EPOCH_NEXT, session-> - internals.resumed_compression_method); + internals.resumed_security_parameters.compression_method); /* or write_compression_algorithm * they are the same @@ -1072,6 +1073,7 @@ _gnutls_server_select_comp_method (gnutls_session_t session, gnutls_free (comps); _gnutls_epoch_set_compression (session, EPOCH_NEXT, method); + session->security_parameters.compression_method = method; _gnutls_handshake_log ("HSK[%p]: Selected Compression Method: %s\n", session, @@ -1537,8 +1539,12 @@ _gnutls_client_set_comp_method (gnutls_session_t session, opaque comp_method) { int comp_methods_num; uint8_t *compression_methods; + int id = _gnutls_compression_get_id(comp_method); int i; + _gnutls_handshake_log ("HSK[%p]: Selected compression method: %s (%d)\n", session, + gnutls_compression_get_name(id), (int)comp_method); + comp_methods_num = _gnutls_supported_compression_methods (session, &compression_methods); if (comp_methods_num < 0) @@ -1564,7 +1570,8 @@ _gnutls_client_set_comp_method (gnutls_session_t session, opaque comp_method) return GNUTLS_E_UNKNOWN_COMPRESSION_ALGORITHM; } - _gnutls_epoch_set_compression (session, EPOCH_NEXT, _gnutls_compression_get_id(comp_method)); + session->security_parameters.compression_method = id; + _gnutls_epoch_set_compression (session, EPOCH_NEXT, id); return 0; } @@ -1604,7 +1611,7 @@ _gnutls_client_check_if_resuming (gnutls_session_t session, resumed_security_parameters.current_cipher_suite); _gnutls_epoch_set_compression (session, EPOCH_NEXT, session-> - internals.resumed_compression_method); + internals.resumed_security_parameters.compression_method); session->internals.resumed = RESUME_TRUE; /* we are resuming */ @@ -2152,9 +2159,7 @@ _gnutls_send_server_hello (gnutls_session_t session, int again) session->security_parameters.current_cipher_suite.suite, 2); pos += 2; - comp = - (uint8_t) _gnutls_compression_get_num ( - _gnutls_epoch_get_compression (session, session->security_parameters.epoch_next)); + comp = _gnutls_compression_get_num ( session->security_parameters.compression_method); data[pos++] = comp; if (extdata.length > 0) diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 88f83a53b2..104492a578 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -464,6 +464,7 @@ typedef struct * on resume; */ cipher_suite_st current_cipher_suite; + gnutls_compression_method_t compression_method; opaque master_secret[GNUTLS_MASTER_SIZE]; opaque client_random[GNUTLS_RANDOM_SIZE]; opaque server_random[GNUTLS_RANDOM_SIZE]; @@ -682,7 +683,6 @@ typedef struct /* resumed session */ int resumed:1; /* RESUME_TRUE or FALSE - if we are resuming a session */ security_parameters_st resumed_security_parameters; - gnutls_compression_method_t resumed_compression_method; /* These buffers are used in the handshake * protocol only. freed using _gnutls_handshake_io_buffer_clear(); diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c index 6f92c4bb39..c39cfbd064 100644 --- a/lib/gnutls_session_pack.c +++ b/lib/gnutls_session_pack.c @@ -774,7 +774,7 @@ pack_security_parameters (gnutls_session_t session, gnutls_buffer_st * ps) BUFFER_APPEND (ps, &session->security_parameters.current_cipher_suite.suite[1], 1); - BUFFER_APPEND_NUM (ps, params->compression_algorithm); + BUFFER_APPEND_NUM (ps, session->security_parameters.compression_method); BUFFER_APPEND_NUM (ps, session->security_parameters.cert_type); BUFFER_APPEND_NUM (ps, session->security_parameters.version); @@ -822,7 +822,7 @@ unpack_security_parameters (gnutls_session_t session, gnutls_buffer_st * ps) BUFFER_POP (ps, &session->internals.resumed_security_parameters. current_cipher_suite.suite[1], 1); - BUFFER_POP_NUM (ps, session->internals.resumed_compression_method); + BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.compression_method); BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.cert_type); BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.version); diff --git a/lib/gnutls_v2_compat.c b/lib/gnutls_v2_compat.c index 1492ad1934..c2af9f54d1 100644 --- a/lib/gnutls_v2_compat.c +++ b/lib/gnutls_v2_compat.c @@ -251,6 +251,7 @@ _gnutls_read_client_hello_v2 (gnutls_session_t session, opaque * data, } _gnutls_epoch_set_compression (session, EPOCH_NEXT, GNUTLS_COMP_NULL); + session->security_parameters.compression_method = GNUTLS_COMP_NULL; return 0; }