#include <datum.h>
#include <mbuffers.h>
-/* This is a temporary function to be used before the generate_*
- internal API is changed to use mbuffers. For now we don't avoid the
- extra alloc + memcpy. */
-static int
-send_handshake(gnutls_session_t session, uint8_t * data, size_t size,
- gnutls_handshake_description_t type)
-{
- mbuffer_st *bufel;
-
- if (data == NULL && size == 0)
- return _gnutls_send_handshake(session, NULL, type);
-
- if (data == NULL && size > 0) {
- gnutls_assert();
- return GNUTLS_E_INVALID_REQUEST;
- }
-
- bufel = _gnutls_handshake_alloc(session, size);
- if (bufel == NULL) {
- gnutls_assert();
- return GNUTLS_E_MEMORY_ERROR;
- }
-
- _mbuffer_set_udata(bufel, data, size);
-
- return _gnutls_send_handshake(session, bufel, type);
-}
-
-
/* This file contains important thing for the TLS handshake procedure.
*/
return ret;
}
-
/* This is called when we want to receive the key exchange message of the
* server. It does nothing if this type of message is not required
* by the selected ciphersuite.
*/
int _gnutls_send_server_kx_message(gnutls_session_t session, int again)
{
- gnutls_buffer_st data;
+ gnutls_buffer_st buf;
int ret = 0;
+ mbuffer_st *bufel = NULL;
if (session->internals.auth_struct->gnutls_generate_server_kx ==
NULL)
return 0;
- _gnutls_buffer_init(&data);
if (again == 0) {
+ ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
ret =
session->internals.auth_struct->
- gnutls_generate_server_kx(session, &data);
+ gnutls_generate_server_kx(session, &buf);
if (ret == GNUTLS_E_INT_RET_0) {
gnutls_assert();
gnutls_assert();
goto cleanup;
}
- }
- ret = send_handshake(session, data.data, data.length,
- GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE);
- if (ret < 0) {
- gnutls_assert();
+ bufel = _gnutls_buffer_to_mbuffer(&buf);
}
- cleanup:
- _gnutls_buffer_clear(&data);
+ return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_SERVER_KEY_EXCHANGE);
+
+ cleanup:
+ _gnutls_buffer_clear(&buf);
return ret;
}
*/
int _gnutls_send_server_crt_request(gnutls_session_t session, int again)
{
- gnutls_buffer_st data;
+ gnutls_buffer_st buf;
int ret = 0;
+ mbuffer_st *bufel = NULL;
if (session->internals.auth_struct->
gnutls_generate_server_crt_request == NULL)
if (session->internals.send_cert_req <= 0)
return 0;
- _gnutls_buffer_init(&data);
if (again == 0) {
+ ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
ret =
session->internals.auth_struct->
- gnutls_generate_server_crt_request(session, &data);
+ gnutls_generate_server_crt_request(session, &buf);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
- }
- ret = send_handshake(session, data.data, data.length,
- GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST);
- if (ret < 0) {
- gnutls_assert();
+ bufel = _gnutls_buffer_to_mbuffer(&buf);
}
- cleanup:
- _gnutls_buffer_clear(&data);
+ return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_REQUEST);
+
+ cleanup:
+ _gnutls_buffer_clear(&buf);
return ret;
}
*/
int _gnutls_send_client_kx_message(gnutls_session_t session, int again)
{
- gnutls_buffer_st data;
+ gnutls_buffer_st buf;
int ret = 0;
+ mbuffer_st *bufel = NULL;
if (session->internals.auth_struct->gnutls_generate_client_kx ==
NULL)
return 0;
- _gnutls_buffer_init(&data);
-
if (again == 0) {
+ ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
ret =
session->internals.auth_struct->
- gnutls_generate_client_kx(session, &data);
+ gnutls_generate_client_kx(session, &buf);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
- }
- ret = send_handshake(session, data.data, data.length,
- GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE);
- if (ret < 0) {
- gnutls_assert();
+
+ bufel = _gnutls_buffer_to_mbuffer(&buf);
}
- cleanup:
- _gnutls_buffer_clear(&data);
+ return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CLIENT_KEY_EXCHANGE);
+
+ cleanup:
+ _gnutls_buffer_clear(&buf);
return ret;
}
int
_gnutls_send_client_certificate_verify(gnutls_session_t session, int again)
{
- gnutls_buffer_st data;
+ gnutls_buffer_st buf;
int ret = 0;
+ mbuffer_st *bufel = NULL;
/* This is a packet that is only sent by the client
*/
*/
}
- _gnutls_buffer_init(&data);
-
if (again == 0) {
+ ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
ret =
session->internals.auth_struct->
- gnutls_generate_client_crt_vrfy(session, &data);
+ gnutls_generate_client_crt_vrfy(session, &buf);
if (ret < 0) {
gnutls_assert();
goto cleanup;
if (ret == 0)
goto cleanup;
- }
- ret = send_handshake(session, data.data, data.length,
- GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY);
- if (ret < 0) {
- gnutls_assert();
+ bufel = _gnutls_buffer_to_mbuffer(&buf);
}
- cleanup:
- _gnutls_buffer_clear(&data);
+ return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY);
+
+ cleanup:
+ _gnutls_buffer_clear(&buf);
return ret;
}
*/
int _gnutls_send_client_certificate(gnutls_session_t session, int again)
{
- gnutls_buffer_st data;
+ gnutls_buffer_st buf;
int ret = 0;
-
+ mbuffer_st *bufel = NULL;
if (session->internals.crt_requested == 0)
return 0;
gnutls_generate_client_certificate == NULL)
return 0;
- _gnutls_buffer_init(&data);
-
if (again == 0) {
+ ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
#ifdef ENABLE_SSL3
if (get_num_version(session) != GNUTLS_SSL3 ||
session->internals.selected_cert_list_length > 0)
ret =
session->internals.auth_struct->
gnutls_generate_client_certificate(session,
- &data);
+ &buf);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
}
+
+ bufel = _gnutls_buffer_to_mbuffer(&buf);
}
#ifdef ENABLE_SSL3
*/
if (get_num_version(session) == GNUTLS_SSL3 &&
session->internals.selected_cert_list_length == 0) {
- ret =
+ _mbuffer_xfree(&bufel);
+ return
gnutls_alert_send(session, GNUTLS_AL_WARNING,
GNUTLS_A_SSL3_NO_CERTIFICATE);
} else /* TLS 1.0 or SSL 3.0 with a valid certificate
*/
#endif
- ret = send_handshake(session, data.data, data.length,
- GNUTLS_HANDSHAKE_CERTIFICATE_PKT);
+ return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_PKT);
- cleanup:
- _gnutls_buffer_clear(&data);
+ cleanup:
+ _gnutls_buffer_clear(&buf);
return ret;
}
*/
int _gnutls_send_server_certificate(gnutls_session_t session, int again)
{
- gnutls_buffer_st data;
+ gnutls_buffer_st buf;
int ret = 0;
-
+ mbuffer_st *bufel = NULL;
if (session->internals.auth_struct->
gnutls_generate_server_certificate == NULL)
return 0;
- _gnutls_buffer_init(&data);
-
if (again == 0) {
+ ret = _gnutls_buffer_init_handshake_mbuffer(&buf);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
ret =
session->internals.auth_struct->
- gnutls_generate_server_certificate(session, &data);
+ gnutls_generate_server_certificate(session, &buf);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
- }
- ret = send_handshake(session, data.data, data.length,
- GNUTLS_HANDSHAKE_CERTIFICATE_PKT);
- if (ret < 0) {
- gnutls_assert();
+
+ bufel = _gnutls_buffer_to_mbuffer(&buf);
}
- cleanup:
- _gnutls_buffer_clear(&data);
+ return _gnutls_send_handshake(session, bufel, GNUTLS_HANDSHAKE_CERTIFICATE_PKT);
+
+ cleanup:
+ _gnutls_buffer_clear(&buf);
return ret;
}
projects / thirdparty / gnutls.git / commitdiff
