[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, gnutls_2_10_x, updated. gnutls_2_10_1-5-g1dca51
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, gnutls_2_10_x, updated. gnutls_2_10_1-5-g1dca51d |
Date: |
Wed, 01 Sep 2010 17:16:42 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=1dca51d7c333578957c5247e613198f232557158
The branch, gnutls_2_10_x has been updated
via 1dca51d7c333578957c5247e613198f232557158 (commit)
from eea9201f6cab946bf7cf941222d20b18a561c9b0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1dca51d7c333578957c5247e613198f232557158
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Wed Sep 1 18:56:54 2010 +0200
When the %COMPAT flag is specified, larger records that would otherwise
violate the TLS spec, are accepted.
-----------------------------------------------------------------------
Summary of changes:
NEWS | 3 +++
lib/gnutls_int.h | 1 +
lib/gnutls_priority.c | 5 +++--
lib/gnutls_record.c | 3 ++-
4 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/NEWS b/NEWS
index 5bac44b..36bcd3c 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,9 @@ See the end for copying conditions.
cipher. This prevented the usage of the TLS ciphersuites with NULL
cipher.
+** libgnutls: The %COMPAT flag now allows larger records that violate the
+TLS spec.
+
** API and ABI modifications:
No changes since last version.
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index 273bb07..8114a94 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -473,6 +473,7 @@ struct gnutls_priority_st
/* to disable record padding */
int no_padding:1;
safe_renegotiation_t safe_renegotiation;
+ int allow_large_records:1;
int ssl3_record_version;
int additional_verify_flags;
};
diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c
index 09eb5ec..27bb30e 100644
--- a/lib/gnutls_priority.c
+++ b/lib/gnutls_priority.c
@@ -722,9 +722,10 @@ gnutls_priority_init (gnutls_priority_t * priority_cache,
}
else if (broken_list[i][0] == '%')
{
- if (strcasecmp (&broken_list[i][1], "COMPAT") == 0)
+ if (strcasecmp (&broken_list[i][1], "COMPAT") == 0) {
(*priority_cache)->no_padding = 1;
- else if (strcasecmp (&broken_list[i][1],
+ (*priority_cache)->allow_large_records = 1;
+ } else if (strcasecmp (&broken_list[i][1],
"VERIFY_ALLOW_SIGN_RSA_MD5") == 0)
{
prio_add (&(*priority_cache)->sign_algo, GNUTLS_SIGN_RSA_MD5);
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index f78a91f..be11ed6 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -801,7 +801,8 @@ get_temp_recv_buffer (gnutls_session_t session,
gnutls_datum_t * tmp)
{
size_t max_record_size;
- if (gnutls_compression_get (session) != GNUTLS_COMP_NULL)
+ if (gnutls_compression_get (session) != GNUTLS_COMP_NULL ||
+ session->internals.priorities.allow_large_records != 0)
max_record_size = MAX_RECORD_RECV_SIZE + EXTRA_COMP_SIZE;
else
max_record_size = MAX_RECORD_RECV_SIZE;
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, gnutls_2_10_x, updated. gnutls_2_10_1-5-g1dca51d,
Nikos Mavrogiannopoulos <=