diff options
author | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2016-12-14 17:51:56 +0300 |
---|---|---|
committer | Dmitry Eremin-Solenikov <dbaryshkov@gmail.com> | 2016-12-14 19:48:39 +0300 |
commit | a59c0ce7fb1ee34bf05e0936fd46d306d86b71f1 (patch) | |
tree | 5c8ceba8863d93670a78958e402a088b583b6245 /lib/constate.c | |
parent | 90e82f8c37a5cc8ff1647bb088642ab50a89f936 (diff) | |
download | gnutls-a59c0ce7fb1ee34bf05e0936fd46d306d86b71f1.tar.gz |
Rework setting next cipher suite
Only update cipher_suite if all internal check succeed and next epoch
will use this ciphe suite. Also while we are at at, actually check for
_gnutls_set_cipher_suite() return value.
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Diffstat (limited to 'lib/constate.c')
-rw-r--r-- | lib/constate.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/constate.c b/lib/constate.c index 07140c8748..41071eaa69 100644 --- a/lib/constate.c +++ b/lib/constate.c @@ -231,8 +231,8 @@ _gnutls_init_record_state(record_parameters_st * params, } int -_gnutls_epoch_set_cipher_suite(gnutls_session_t session, - int epoch_rel, const uint8_t suite[2]) +_gnutls_set_cipher_suite(gnutls_session_t session, + const uint8_t suite[2]) { const cipher_entry_st *cipher_algo; const mac_entry_st *mac_algo; @@ -240,7 +240,7 @@ _gnutls_epoch_set_cipher_suite(gnutls_session_t session, const gnutls_cipher_suite_entry_st *cs; int ret; - ret = _gnutls_epoch_get(session, epoch_rel, ¶ms); + ret = _gnutls_epoch_get(session, EPOCH_NEXT, ¶ms); if (ret < 0) return gnutls_assert_val(ret); @@ -274,6 +274,7 @@ _gnutls_epoch_set_cipher_suite(gnutls_session_t session, session->security_parameters.prf_mac = GNUTLS_MAC_MD5_SHA1; } + memcpy(session->security_parameters.cipher_suite, suite, 2); params->cipher = cipher_algo; params->mac = mac_algo; |