summaryrefslogtreecommitdiff
path: root/lib/buffers.c
Commit message (Collapse)AuthorAgeFilesLines
* Removed all FIXME comments in code [ci skip]Nikos Mavrogiannopoulos2019-03-161-1/+1
| | | | | | | | We expand informational comments on limitations, but with removing FIXME (keyword didn't help fixing these), and remove completely unhelpful comments, obsolete ones, or comments about ideas. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* Use https:// for www.gnu.org and www.example.comTim Rühsen2019-03-131-1/+1
| | | | Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
* system: provide a means to replace gettime implementationDaiki Ueno2018-10-261-4/+4
| | | | | | | | | While gettime() is extensively used in the code, the library previously hadn't provided a way to replace it for testing. This adds a new internal function _gnutls_global_set_gettime_function and makes use of it through virt-time.h. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* buffers: handle very short fragmentation of handshake messagesDaiki Ueno2018-08-061-3/+31
| | | | | | | | | | | | If the received record doesn't even complete the handshake header (i.e., the record size < 4), keep it in a temporary buffer and let the caller receive more records. Once enough amount of data is received, move the already received records back to record_buffer and proceed to the normal processing. Fixes: #272 Signed-off-by: Daiki Ueno <dueno@redhat.com>
* _gnutls_parse_record_buffered_msgs: eliminate local variable usageDaiki Ueno2018-08-061-11/+5
| | | | | | | | | If `remain > 0` is true, `recv_buf[0].length > 0` always holds. Combine those conditions and remove the `remain` utilizing MIN(). This is to make the incomplete header handling case easier. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* buffers: avoid confusion in fragment length calculationDaiki Ueno2018-08-061-14/+13
| | | | | | | | Previously, to calculate the fragment length, it added/subtracted one to the ending offset back and forth; that was not easier to read and couldn't handle empty payload messages in TLS. Signed-off-by: Daiki Ueno <dueno@redhat.com>
* _gnutls13_recv_async_handshake: process multiple and split handshake messagestmp-fix-multi-async-msgNikos Mavrogiannopoulos2018-07-121-0/+3
| | | | | | | | | | | | | | It is permitted to concatenate multiple async handshake messages in a single record message as well as split large messages (NST) into multiple records. Modified _gnutls13_recv_async_handshake() to process them correctly, instead of assuming that they are formatted as one message per record. Resolves #510 Resolves #504 Relates #511 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* buffers: remove redundant assignmentDaiki Ueno2018-06-121-1/+0
| | | | Signed-off-by: Daiki Ueno <dueno@redhat.com>
* handshake: described the epoch reference counting [ci skip]Nikos Mavrogiannopoulos2018-04-161-0/+4
| | | | | | | | | It is used only in DTLS where multiple handshake states may be active. Resolves #421 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Hello retry request matches server helloNikos Mavrogiannopoulos2018-03-091-3/+12
| | | | | | | | | That also distinguishes between them by using the special random value, and implements the version check as in draft-ietf-tls-tls13-24. Resolves #391 #390 #392 Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* cmp_hsk_types: fixed check for SSLv2 helloNikos Mavrogiannopoulos2017-10-151-4/+4
| | | | | | | Previously, if SSLv2 hello support was disabled, the check for the expected TLS message was incorrect. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* parse_handshake_header: removed duplicate checkNikos Mavrogiannopoulos2017-09-191-5/+0
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* parse_handshake_header: allow 1-byte sized fragmentsNikos Mavrogiannopoulos2017-09-191-2/+3
| | | | Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* pull/push backends: ECONNRESET is translated to GNUTLS_E_PREMATURE_TERMINATIONNikos Mavrogiannopoulos2017-08-201-0/+2
| | | | | | | This returns a more reasonable error code on platforms where this errno is set. Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
* record: more precise calculation of max recv sizeNikos Mavrogiannopoulos2017-07-131-2/+2
| | | | | | | | Previously we were using a rough calculation of the max recv size based on maximum values. Now we calculate the exact maximum value once the epoch is initialized and enforce it throughout the session. Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
* Rename uint64 to gnutls_uint64 to avoid conflict with macOSDavid Caldwell2017-04-061-1/+1
| | | | Signed-off-by: David Caldwell <david@porkrind.org>
* several spacing fixes to keep syntax-check happyNikos Mavrogiannopoulos2016-09-111-3/+3
|
* Support TCP Fast OpenTim Ruehsen2016-07-261-2/+1
| | | | | | | This introduces a new function gnutls_transport_set_fastopen(). Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com> Signed-off-by: Tim Ruehsen <tim.ruehsen@gmx.de>
* dtls: corrected reconstruction of handshake packets received out of orderNikos Mavrogiannopoulos2016-06-161-4/+4
| | | | | | That is, when the handshake packet is split into multiple different chunks and received out of order, make sure that reconstruction occurs properly. Reported by Guillaume Roguez.
* Allow for conditional compilation of SSL 2.0 client hello supportNikos Mavrogiannopoulos2016-05-201-2/+8
| | | | | | | This allows to completely remove SSL 2.0 support by calling configure with the '--disable-ssl2-support' option. Relates #97
* Introduced GNUTLS_INDEFINITE_TIMEOUTNikos Mavrogiannopoulos2015-10-121-1/+1
| | | | | | | This allows to specify an indefinite timeout to gnutls_record_set_timeout(). In addition this flag is accepted by gnutls_handshake_set_timeout() and cancels out a previously set timeout. Resolves #41
* Removed the 'gnutls_' prefix from files to simplify file namingNikos Mavrogiannopoulos2015-08-231-0/+1424
View Lorry Controller Status