[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-186-g2277e84
From: |
Nikos Mavrogiannopoulos |
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-186-g2277e84 |
Date: |
Mon, 02 Jul 2012 17:46:52 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=2277e84484253cefb44b922d31f922971760a0e3
The branch, master has been updated
via 2277e84484253cefb44b922d31f922971760a0e3 (commit)
via 1fc1614eed1f0cfc1aeda1f41ee7ad6e705c0b78 (commit)
via a29d5a9c792440d48fd00171ac10264e32241a18 (commit)
via 8972f5e9304e3683a777570857c88e00e5df03e4 (commit)
from 4d36d74d99bfc0f12fcd34d093d3c035743e0038 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2277e84484253cefb44b922d31f922971760a0e3
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Jul 2 19:46:36 2012 +0200
Check for PEM headers before DEK-Info.
commit 1fc1614eed1f0cfc1aeda1f41ee7ad6e705c0b78
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Jul 2 13:35:12 2012 +0200
Handle EC DER keys.
commit a29d5a9c792440d48fd00171ac10264e32241a18
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Mon Jul 2 19:41:46 2012 +0200
Added test application that tests GNUTLS_E_LARGE_PACKET and modifies the
MTU size during handshake.
commit 8972f5e9304e3683a777570857c88e00e5df03e4
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Sat Jun 30 18:54:13 2012 +0200
added missing function
-----------------------------------------------------------------------
Summary of changes:
.gitignore | 1 +
doc/Makefile.am | 1 +
lib/x509/privkey.c | 7 ++-
lib/x509/privkey_openssl.c | 18 ++++++-
tests/Makefile.am | 3 +-
tests/eagain-common.h | 46 +++++++++++++++++
tests/{mini-eagain-dtls.c => mini-emsgsize-dtls.c} | 53 ++++++++++++++++++-
7 files changed, 122 insertions(+), 7 deletions(-)
copy tests/{mini-eagain-dtls.c => mini-emsgsize-dtls.c} (76%)
diff --git a/.gitignore b/.gitignore
index 855e338..622cd82 100644
--- a/.gitignore
+++ b/.gitignore
@@ -498,6 +498,7 @@ tests/key-id/Makefile.in
tests/libutils.la
tests/mini
tests/mini-loss
+tests/mini-emsgsize-dtls
tests/mini-deflate
tests/mini-eagain
tests/mini-eagain-dtls
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 174b624..685d387 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -588,6 +588,7 @@ FUNCS += functions/gnutls_dtls_set_timeouts
FUNCS += functions/gnutls_dtls_get_mtu
FUNCS += functions/gnutls_dtls_get_data_mtu
FUNCS += functions/gnutls_dtls_set_mtu
+FUNCS += functions/gnutls_dtls_set_data_mtu
FUNCS += functions/gnutls_dtls_get_timeout
FUNCS += functions/gnutls_dtls_cookie_send
FUNCS += functions/gnutls_dtls_cookie_verify
diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c
index 51981ee..8c68ef2 100644
--- a/lib/x509/privkey.c
+++ b/lib/x509/privkey.c
@@ -524,7 +524,12 @@ gnutls_x509_privkey_import (gnutls_x509_privkey_t key,
key->pk_algorithm = GNUTLS_PK_DSA;
key->key = decode_dsa_key (&_data, key);
if (key->key == NULL)
- gnutls_assert ();
+ {
+ key->pk_algorithm = GNUTLS_PK_EC;
+ key->key = _gnutls_privkey_decode_ecc_key (&_data, key);
+ if (key->key == NULL)
+ gnutls_assert ();
+ }
}
}
diff --git a/lib/x509/privkey_openssl.c b/lib/x509/privkey_openssl.c
index 1d95e5e..7db3cdd 100644
--- a/lib/x509/privkey_openssl.c
+++ b/lib/x509/privkey_openssl.c
@@ -130,16 +130,30 @@ gnutls_x509_privkey_import_openssl (gnutls_x509_privkey_t
key,
gnutls_datum_t salt, enc_key;
unsigned char *key_data;
const char *pem_header = (void*)data->data;
+ const char *pem_header_start = (void*)data->data;
+ ssize_t pem_header_size;
int ret, err;
unsigned int i, iv_size, l;
- pem_header = memmem(pem_header, data->size, "DEK-Info: ", 10);
+ pem_header_size = data->size;
+
+ pem_header = memmem(pem_header, pem_header_size, "PRIVATE KEY---", 14);
+ if (pem_header == NULL)
+ {
+ gnutls_assert();
+ return GNUTLS_E_PARSING_ERROR;
+ }
+
+ pem_header_size -= (ptrdiff_t)(pem_header-pem_header_start);
+
+ pem_header = memmem(pem_header, pem_header_size, "DEK-Info: ", 10);
if (pem_header == NULL)
{
gnutls_assert();
return GNUTLS_E_PARSING_ERROR;
}
+ pem_header_size = data->size - (ptrdiff_t)(pem_header-pem_header_start) - 10;
pem_header += 10;
for (i = 0; i < sizeof(pem_ciphers)/sizeof(pem_ciphers[0]); i++)
@@ -199,7 +213,7 @@ gnutls_x509_privkey_import_openssl (gnutls_x509_privkey_t
key,
while (*pem_header == '\n' || *pem_header == '\r')
pem_header++;
- ret = _gnutls_base64_decode((const void*)pem_header, data->size, &b64_data);
+ ret = _gnutls_base64_decode((const void*)pem_header, pem_header_size,
&b64_data);
if (ret < 0)
{
gnutls_assert();
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 70b343a..d997018 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -68,7 +68,8 @@ ctests = mini-deflate simple gc set_pkcs12_cred certder
certuniqueid \
mini-rehandshake rng-fork mini-eagain-dtls resume-dtls \
x509cert x509cert-tl infoaccess rsa-encrypt-decrypt \
mini-loss-time mini-tdb mini-dtls-rehandshake mini-record \
- mini-termination mini-x509-cas mini-x509-2 pkcs12_simple
+ mini-termination mini-x509-cas mini-x509-2 pkcs12_simple \
+ mini-emsgsize-dtls
if ENABLE_OCSP
ctests += ocsp
diff --git a/tests/eagain-common.h b/tests/eagain-common.h
index 7c21836..c9aa032 100644
--- a/tests/eagain-common.h
+++ b/tests/eagain-common.h
@@ -29,6 +29,46 @@ extern const char* side;
#define HANDSHAKE(c, s) \
HANDSHAKE_EXPECT(c,s,0,0)
+#define HANDSHAKE_DTLS_EXPECT(c, s, clierr, serverr) \
+ sret = cret = GNUTLS_E_LARGE_PACKET; \
+ do \
+ { \
+ if (cret == GNUTLS_E_LARGE_PACKET) \
+ { \
+ unsigned int mtu = gnutls_dtls_get_mtu(s); \
+ gnutls_dtls_set_mtu(s, mtu/2); \
+ } \
+ if (cret < 0 && gnutls_error_is_fatal(cret) == 0) \
+ { \
+ side = "client"; \
+ cret = gnutls_handshake (c); \
+ } \
+ if (sret == GNUTLS_E_LARGE_PACKET) \
+ { \
+ unsigned int mtu = gnutls_dtls_get_mtu(s); \
+ gnutls_dtls_set_mtu(s, mtu/2); \
+ } \
+ if (sret < 0 && gnutls_error_is_fatal(sret) == 0) \
+ { \
+ side = "server"; \
+ sret = gnutls_handshake (s); \
+ } \
+ } \
+ while (((gnutls_error_is_fatal(cret) == 0 && gnutls_error_is_fatal(sret) ==
0)) && (cret < 0 || sret < 0)); \
+ if (cret != clierr || sret != serverr) \
+ { \
+ fprintf(stderr, "client: %s\n", gnutls_strerror(cret)); \
+ fprintf(stderr, "server: %s\n", gnutls_strerror(sret)); \
+ fail("Handshake failed\n"); \
+ exit(1); \
+ }
+
+#define HANDSHAKE_DTLS(c, s) \
+ HANDSHAKE_DTLS_EXPECT(c,s,0,0)
+
+#define HANDSHAKE(c, s) \
+ HANDSHAKE_EXPECT(c,s,0,0)
+
#define TRANSFER(c, s, msg, msglen, buf, buflen) \
do \
{ \
@@ -119,6 +159,7 @@ static size_t to_client_len = 0;
#define RETURN_RND_EAGAIN(session)
#endif
+#ifndef IGNORE_PUSH
static ssize_t
client_push (gnutls_transport_ptr_t tr, const void *data, size_t len)
{
@@ -136,6 +177,8 @@ client_push (gnutls_transport_ptr_t tr, const void *data,
size_t len)
return len;
}
+#endif
+
static ssize_t
client_pull (gnutls_transport_ptr_t tr, void *data, size_t len)
{
@@ -189,6 +232,7 @@ server_pull (gnutls_transport_ptr_t tr, void *data, size_t
len)
return len;
}
+#ifndef IGNORE_PUSH
static ssize_t
server_push (gnutls_transport_ptr_t tr, const void *data, size_t len)
{
@@ -209,6 +253,8 @@ server_push (gnutls_transport_ptr_t tr, const void *data,
size_t len)
return len;
}
+#endif
+
/* inline is used to avoid a gcc warning if used in mini-eagain */
inline static int server_pull_timeout_func(gnutls_transport_ptr_t ptr,
unsigned int ms)
{
diff --git a/tests/mini-eagain-dtls.c b/tests/mini-emsgsize-dtls.c
similarity index 76%
copy from tests/mini-eagain-dtls.c
copy to tests/mini-emsgsize-dtls.c
index f6f65e9..b27f8c7 100644
--- a/tests/mini-eagain-dtls.c
+++ b/tests/mini-emsgsize-dtls.c
@@ -29,9 +29,11 @@
#include <string.h>
#include <errno.h>
#include <gnutls/gnutls.h>
+#include <gnutls/dtls.h>
#include <gnutls/crypto.h>
#include "utils.h"
#define RANDOMIZE
+#define IGNORE_PUSH
#include "eagain-common.h"
const char* side = "";
@@ -47,6 +49,51 @@ static int handshake = 0;
#define MAX_BUF 1024
#define MSG "Hello TLS, and hi and how are you and more data here... and
more... and even more and even more more data..."
+static ssize_t
+client_push_300 (gnutls_transport_ptr_t tr, const void *data, size_t len)
+{
+ size_t newlen;
+
+ if (len > 300)
+ {
+ gnutls_transport_set_errno ((gnutls_session_t)tr, EMSGSIZE);
+ return -1;
+ }
+
+ len = min(len, sizeof(to_server)-to_server_len);
+
+ newlen = to_server_len + len;
+ memcpy (to_server + to_server_len, data, len);
+ to_server_len = newlen;
+#ifdef EAGAIN_DEBUG
+ fprintf(stderr, "eagain: pushed %d bytes to server (avail: %d)\n", (int)len,
(int)to_server_len);
+#endif
+ return len;
+}
+
+static ssize_t
+server_push_300 (gnutls_transport_ptr_t tr, const void *data, size_t len)
+{
+ size_t newlen;
+
+ if (len > 300)
+ {
+ gnutls_transport_set_errno ((gnutls_session_t)tr, EMSGSIZE);
+ return -1;
+ }
+
+ len = min(len, sizeof(to_client)-to_client_len);
+
+ newlen = to_client_len + len;
+ memcpy (to_client + to_client_len, data, len);
+ to_client_len = newlen;
+#ifdef EAGAIN_DEBUG
+ fprintf(stderr, "eagain: pushed %d bytes to client (avail: %d)\n", (int)len,
(int)to_client_len);
+#endif
+
+ return len;
+}
+
void
doit (void)
{
@@ -81,7 +128,7 @@ doit (void)
exit(1);
gnutls_credentials_set (server, GNUTLS_CRD_ANON, s_anoncred);
gnutls_dh_set_prime_bits (server, 1024);
- gnutls_transport_set_push_function (server, server_push);
+ gnutls_transport_set_push_function (server, server_push_300);
gnutls_transport_set_pull_function (server, server_pull);
gnutls_transport_set_pull_timeout_function (server,
server_pull_timeout_func);
gnutls_transport_set_ptr (server, (gnutls_transport_ptr_t)server);
@@ -93,13 +140,13 @@ doit (void)
if (cret < 0)
exit(1);
gnutls_credentials_set (client, GNUTLS_CRD_ANON, c_anoncred);
- gnutls_transport_set_push_function (client, client_push);
+ gnutls_transport_set_push_function (client, client_push_300);
gnutls_transport_set_pull_function (client, client_pull);
gnutls_transport_set_pull_timeout_function (client,
client_pull_timeout_func);
gnutls_transport_set_ptr (client, (gnutls_transport_ptr_t)client);
handshake = 1;
- HANDSHAKE(client, server);
+ HANDSHAKE_DTLS(client, server);
handshake = 0;
if (debug)
hooks/post-receive
--
GNU gnutls
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_18-186-g2277e84,
Nikos Mavrogiannopoulos <=