security params: store PRF when packing session

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

diff --git a/lib/constate.c b/lib/constate.c
index 0f5c4f97d6d1e7dd5070b1bfbf33f631c4af0156..cfc30b3c396d1b3fc11d185eff6be8d735658588 100644 (file)
--- a/lib/constate.c
+++ b/lib/constate.c
@@ -328,6 +328,7 @@ int _gnutls_epoch_set_keys(gnutls_session_t session, uint16_t epoch)
 #define CPY_COMMON dst->entity = src->entity; \
        dst->cs = src->cs; \
        dst->grp = src->grp; \
+       dst->prf = src->prf; \
        memcpy( dst->master_secret, src->master_secret, GNUTLS_MASTER_SIZE); \
        memcpy( dst->client_random, src->client_random, GNUTLS_RANDOM_SIZE); \
        memcpy( dst->server_random, src->server_random, GNUTLS_RANDOM_SIZE); \

diff --git a/lib/session_pack.c b/lib/session_pack.c
index d20601a831bec56793564db7527b06ad7f04bf2d..6cc5d15c7bff2ff6951f9e315dd131f862a2956c 100644 (file)
--- a/lib/session_pack.c
+++ b/lib/session_pack.c
@@ -700,6 +700,7 @@ unpack_psk_auth_info(gnutls_session_t session, gnutls_buffer_st * ps)
  *      1 byte the protocol version
  *
  *      2 bytes the cipher suite
+ *      4 bytes the PRF ID
  *
  *      48 bytes the master secret
  *
@@ -744,6 +745,8 @@ pack_security_parameters(gnutls_session_t session, gnutls_buffer_st * ps)
 
        BUFFER_APPEND_NUM(ps, session->security_parameters.entity);
        BUFFER_APPEND(ps, session->security_parameters.cs->id, 2);
+       BUFFER_APPEND_NUM(ps, session->security_parameters.prf->id);
+
        BUFFER_APPEND_NUM(ps, session->security_parameters.cert_type);
        BUFFER_APPEND_NUM(ps, session->security_parameters.pversion->id);
 
@@ -820,6 +823,11 @@ unpack_security_parameters(gnutls_session_t session, gnutls_buffer_st * ps)
        if (session->internals.resumed_security_parameters.cs == NULL)
                return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
 
+       BUFFER_POP_NUM(ps, version);
+       session->internals.resumed_security_parameters.prf = mac_to_entry(version);
+       if (session->internals.resumed_security_parameters.prf == NULL)
+               return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
        BUFFER_POP_NUM(ps,
                       session->internals.resumed_security_parameters.
                       cert_type);
@@ -950,6 +958,13 @@ gnutls_session_set_premaster(gnutls_session_t session, unsigned int entity,
        session->internals.resumed_security_parameters.pversion =
            version_to_entry(version);
 
+       if (session->internals.resumed_security_parameters.pversion->selectable_prf)
+               session->internals.resumed_security_parameters.prf = mac_to_entry(session->internals.resumed_security_parameters.cs->prf);
+       else
+               session->internals.resumed_security_parameters.prf = mac_to_entry(GNUTLS_MAC_MD5_SHA1);
+       if (session->internals.resumed_security_parameters.prf == NULL)
+               return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
        if (session->internals.resumed_security_parameters.pversion ==
            NULL)
                return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);