Bug Summary

File:lib/gnutls_session_pack.c
Location:line 635, column 3
Description:Dereference of null pointer

Annotated Source Code

1/*
2 * Copyright (C) 2000, 2004-2005, 2007-2010, 2012 Free Software
3 * Foundation, Inc.
4 *
5 * Author: Nikos Mavrogiannopoulos
6 *
7 * This file is part of GnuTLS.
8 *
9 * The GnuTLS is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU Lesser General Public License
11 * as published by the Free Software Foundation; either version 3 of
12 * the License, or (at your option) any later version.
13 *
14 * This library is distributed in the hope that it will be useful, but
15 * WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 * Lesser General Public License for more details.
18 *
19 * You should have received a copy of the GNU Lesser General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>
21 *
22 */
23
24/* Contains functions that are supposed to pack and unpack session data,
25 * before and after they are sent to the database backend.
26 */
27
28#include <gnutls_int.h>
29#ifdef ENABLE_SRP1
30#include <auth/srp.h>
31#endif
32#ifdef ENABLE_PSK1
33#include <auth/psk.h>
34#endif
35#include <auth/anon.h>
36#include <auth/cert.h>
37#include <gnutls_errors.h>
38#include <gnutls_auth.h>
39#include <gnutls_session_pack.h>
40#include <gnutls_datumgnutls_datum_t.h>
41#include <gnutls_num.h>
42#include <gnutls_extensions.h>
43#include <gnutls_constate.h>
44
45static int pack_certificate_auth_info (gnutls_session_t,
46 gnutls_buffer_st * packed_session);
47static int unpack_certificate_auth_info (gnutls_session_t,
48 gnutls_buffer_st * packed_session);
49
50static int unpack_srp_auth_info (gnutls_session_t session,
51 gnutls_buffer_st * packed_session);
52static int pack_srp_auth_info (gnutls_session_t session,
53 gnutls_buffer_st * packed_session);
54
55static int unpack_psk_auth_info (gnutls_session_t session,
56 gnutls_buffer_st * packed_session);
57static int pack_psk_auth_info (gnutls_session_t session,
58 gnutls_buffer_st * packed_session);
59
60static int unpack_anon_auth_info (gnutls_session_t session,
61 gnutls_buffer_st * packed_session);
62static int pack_anon_auth_info (gnutls_session_t session,
63 gnutls_buffer_st * packed_session);
64
65static int unpack_security_parameters (gnutls_session_t session,
66 gnutls_buffer_st * packed_session);
67static int pack_security_parameters (gnutls_session_t session,
68 gnutls_buffer_st * packed_session);
69
70
71/* Since auth_info structures contain malloced data, this function
72 * is required in order to pack these structures in a vector in
73 * order to store them to the DB.
74 *
75 * packed_session will contain the session data.
76 *
77 * The data will be in a platform independent format.
78 */
79int
80_gnutls_session_pack (gnutls_session_t session,
81 gnutls_datum_t * packed_session)
82{
83 int ret;
84 gnutls_buffer_st sb;
85 opaque id;
86
87 if (packed_session == NULL((void*)0))
88 {
89 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",89); } while(
0);;
90 return GNUTLS_E_INTERNAL_ERROR-59;
91 }
92
93 _gnutls_buffer_init (&sb);
94
95 id = gnutls_auth_get_type (session);
96 BUFFER_APPEND (&sb, &id, 1){ ret = _gnutls_buffer_append_data(&sb, &id, 1); if (
ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,96); } while(0);; return ret; } };
97
98 switch (id)
99 {
100#ifdef ENABLE_SRP1
101 case GNUTLS_CRD_SRP:
102 ret = pack_srp_auth_info (session, &sb);
103 if (ret < 0)
104 {
105 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",105); } while
(0);;
106 return ret;
107 }
108 break;
109#endif
110#ifdef ENABLE_PSK1
111 case GNUTLS_CRD_PSK:
112 ret = pack_psk_auth_info (session, &sb);
113 if (ret < 0)
114 {
115 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",115); } while
(0);;
116 return ret;
117 }
118 break;
119#endif
120#ifdef ENABLE_ANON1
121 case GNUTLS_CRD_ANON:
122 ret = pack_anon_auth_info (session, &sb);
123 if (ret < 0)
124 {
125 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",125); } while
(0);;
126 return ret;
127 }
128 break;
129#endif
130 case GNUTLS_CRD_CERTIFICATE:
131 ret = pack_certificate_auth_info (session, &sb);
132 if (ret < 0)
133 {
134 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",134); } while
(0);;
135 return ret;
136 }
137 break;
138 default:
139 return GNUTLS_E_INTERNAL_ERROR-59;
140
141 }
142
143 /* Auth_info structures copied. Now copy security_parameters_st.
144 * packed_session must have allocated space for the security parameters.
145 */
146 ret = pack_security_parameters (session, &sb);
147 if (ret < 0)
148 {
149 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",149); } while
(0);;
150 _gnutls_buffer_clear (&sb);
151 return ret;
152 }
153
154 ret = _gnutls_ext_pack (session, &sb);
155 if (ret < 0)
156 {
157 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",157); } while
(0);;
158 _gnutls_buffer_clear (&sb);
159 return ret;
160 }
161
162 ret = _gnutls_buffer_to_datum (&sb, packed_session);
163
164 return ret;
165}
166
167
168/* Load session data from a buffer.
169 */
170int
171_gnutls_session_unpack (gnutls_session_t session,
172 const gnutls_datum_t * packed_session)
173{
174 int ret;
175 gnutls_buffer_st sb;
176 opaque id;
177
178 _gnutls_buffer_init (&sb);
179
180 if (packed_session == NULL((void*)0) || packed_session->size == 0)
181 {
182 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",182); } while
(0);;
183 return GNUTLS_E_INTERNAL_ERROR-59;
184 }
185
186 ret =
187 _gnutls_buffer_append_data (&sb, packed_session->data,
188 packed_session->size);
189 if (ret < 0)
190 {
191 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",191); } while
(0);;
192 return ret;
193 }
194
195 if (_gnutls_get_auth_info (session) != NULL((void*)0))
196 {
197 _gnutls_free_auth_info (session);
198 }
199
200 BUFFER_POP (&sb, &id, 1){ size_t is = 1; _gnutls_buffer_pop_data(&sb, &id, &
is); if (is != 1) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,200); } while(0);; goto error; } };
201
202 switch (id)
203 {
204#ifdef ENABLE_SRP1
205 case GNUTLS_CRD_SRP:
206 ret = unpack_srp_auth_info (session, &sb);
207 if (ret < 0)
208 {
209 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",209); } while
(0);;
210 goto error;
211 }
212 break;
213#endif
214#ifdef ENABLE_PSK1
215 case GNUTLS_CRD_PSK:
216 ret = unpack_psk_auth_info (session, &sb);
217 if (ret < 0)
218 {
219 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",219); } while
(0);;
220 goto error;
221 }
222 break;
223#endif
224#ifdef ENABLE_ANON1
225 case GNUTLS_CRD_ANON:
226 ret = unpack_anon_auth_info (session, &sb);
227 if (ret < 0)
228 {
229 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",229); } while
(0);;
230 return ret;
231 }
232 break;
233#endif
234 case GNUTLS_CRD_CERTIFICATE:
235 ret = unpack_certificate_auth_info (session, &sb);
236 if (ret < 0)
237 {
238 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",238); } while
(0);;
239 goto error;
240 }
241 break;
242 default:
243 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",243); } while
(0);;
244 ret = GNUTLS_E_INTERNAL_ERROR-59;
245 goto error;
246
247 }
248
249 /* Auth_info structures copied. Now copy security_parameters_st.
250 * packed_session must have allocated space for the security parameters.
251 */
252 ret = unpack_security_parameters (session, &sb);
253 if (ret < 0)
254 {
255 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",255); } while
(0);;
256 goto error;
257 }
258
259 ret = _gnutls_ext_unpack (session, &sb);
260 if (ret < 0)
261 {
262 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",262); } while
(0);;
263 goto error;
264 }
265
266 ret = 0;
267
268error:
269 _gnutls_buffer_clear (&sb);
270
271 return ret;
272}
273
274
275
276/* Format:
277 * 1 byte the credentials type
278 * 4 bytes the size of the whole structure
279 * DH stuff
280 * 2 bytes the size of secret key in bits
281 * 4 bytes the size of the prime
282 * x bytes the prime
283 * 4 bytes the size of the generator
284 * x bytes the generator
285 * 4 bytes the size of the public key
286 * x bytes the public key
287 * RSA stuff
288 * 4 bytes the size of the modulus
289 * x bytes the modulus
290 * 4 bytes the size of the exponent
291 * x bytes the exponent
292 * CERTIFICATES
293 * 4 bytes the length of the certificate list
294 * 4 bytes the size of first certificate
295 * x bytes the certificate
296 * and so on...
297 */
298static int
299pack_certificate_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
300{
301 unsigned int i;
302 int cur_size, ret;
303 cert_auth_info_t info = _gnutls_get_auth_info (session);
304 int size_offset;
305
306 size_offset = ps->length;
307 BUFFER_APPEND_NUM (ps, 0){ ret = _gnutls_buffer_append_prefix(ps, 32, 0); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,307); } while(0);; return ret; } };
308 cur_size = ps->length;
309
310 if (info)
311 {
312
313 BUFFER_APPEND_NUM (ps, info->dh.secret_bits){ ret = _gnutls_buffer_append_prefix(ps, 32, info->dh.secret_bits
); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,313); } while(0);; return ret; } };
314 BUFFER_APPEND_PFX (ps, info->dh.prime.data, info->dh.prime.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.prime.data, info->dh.prime.size); if (ret < 0) { do { if
(__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",314); } while
(0);; return ret; } };
315 BUFFER_APPEND_PFX (ps, info->dh.generator.data,{ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.generator.data, info->dh.generator.size); if (ret < 0)
{ do { if (__builtin_expect((_gnutls_log_level >= 2), 0))
_gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",316
); } while(0);; return ret; } }
316 info->dh.generator.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.generator.data, info->dh.generator.size); if (ret < 0)
{ do { if (__builtin_expect((_gnutls_log_level >= 2), 0))
_gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",316
); } while(0);; return ret; } };
317 BUFFER_APPEND_PFX (ps, info->dh.public_key.data,{ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.public_key.data, info->dh.public_key.size); if (ret < 0
) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0)
) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",
318); } while(0);; return ret; } }
318 info->dh.public_key.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.public_key.data, info->dh.public_key.size); if (ret < 0
) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0)
) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",
318); } while(0);; return ret; } };
319 BUFFER_APPEND_PFX (ps, info->rsa_export.modulus.data,{ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->rsa_export
.modulus.data, info->rsa_export.modulus.size); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,320); } while(0);; return ret; } }
320 info->rsa_export.modulus.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->rsa_export
.modulus.data, info->rsa_export.modulus.size); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,320); } while(0);; return ret; } };
321 BUFFER_APPEND_PFX (ps, info->rsa_export.exponent.data,{ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->rsa_export
.exponent.data, info->rsa_export.exponent.size); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,322); } while(0);; return ret; } }
322 info->rsa_export.exponent.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->rsa_export
.exponent.data, info->rsa_export.exponent.size); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,322); } while(0);; return ret; } };
323
324 BUFFER_APPEND_NUM (ps, info->ncerts){ ret = _gnutls_buffer_append_prefix(ps, 32, info->ncerts)
; if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,324); } while(0);; return ret; } };
325
326 for (i = 0; i < info->ncerts; i++)
327 BUFFER_APPEND_PFX (ps, info->raw_certificate_list[i].data,{ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->raw_certificate_list
[i].data, info->raw_certificate_list[i].size); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,328); } while(0);; return ret; } }
328 info->raw_certificate_list[i].size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->raw_certificate_list
[i].data, info->raw_certificate_list[i].size); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,328); } while(0);; return ret; } };
329 }
330
331 /* write the real size */
332 _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
333
334 return 0;
335}
336
337
338/* Upack certificate info.
339 */
340static int
341unpack_certificate_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
342{
343 int ret;
344 unsigned int i = 0, j = 0;
345 size_t pack_size;
346 cert_auth_info_t info = NULL((void*)0);
347
348 BUFFER_POP_NUM (ps, pack_size){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,348); } while(0);; goto error; } pack_size = s; };
349
350 if (pack_size == 0)
351 return 0; /* nothing to be done */
352
353 /* client and server have the same auth_info here
354 */
355 ret =
356 _gnutls_auth_info_set (session, GNUTLS_CRD_CERTIFICATE,
357 sizeof (cert_auth_info_st), 1);
358 if (ret < 0)
359 {
360 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",360); } while
(0);;
361 return ret;
362 }
363
364 info = _gnutls_get_auth_info (session);
365 if (info == NULL((void*)0))
366 {
367 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",367); } while
(0);;
368 return GNUTLS_E_INTERNAL_ERROR-59;
369 }
370
371 BUFFER_POP_NUM (ps, info->dh.secret_bits){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,371); } while(0);; goto error; } info->dh.secret_bits = s
; };
372
373 BUFFER_POP_DATUM (ps, &info->dh.prime){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->dh.prime,d.data,d.size, gnutls_malloc); if (ret < 0) {
do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",373); } while
(0);; goto error; } };
374 BUFFER_POP_DATUM (ps, &info->dh.generator){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->dh.generator,d.data,d.size, gnutls_malloc); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,374); } while(0);; goto error; } };
375 BUFFER_POP_DATUM (ps, &info->dh.public_key){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->dh.public_key,d.data,d.size, gnutls_malloc); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,375); } while(0);; goto error; } };
376 BUFFER_POP_DATUM (ps, &info->rsa_export.modulus){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->rsa_export.modulus,d.data,d.size, gnutls_malloc); if (ret
< 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,376); } while(0);; goto error; } };
377 BUFFER_POP_DATUM (ps, &info->rsa_export.exponent){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->rsa_export.exponent,d.data,d.size, gnutls_malloc); if (ret
< 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,377); } while(0);; goto error; } };
378
379 BUFFER_POP_NUM (ps, info->ncerts){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,379); } while(0);; goto error; } info->ncerts = s; };
380
381 if (info->ncerts > 0)
382 {
383 info->raw_certificate_list =
384 gnutls_calloc (info->ncerts, sizeof (gnutls_datum_t));
385 if (info->raw_certificate_list == NULL((void*)0))
386 {
387 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",387); } while
(0);;
388 ret = GNUTLS_E_MEMORY_ERROR-25;
389 goto error;
390 }
391 }
392
393 for (i = 0; i < info->ncerts; i++)
394 {
395 BUFFER_POP_DATUM (ps, &info->raw_certificate_list[i]){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->raw_certificate_list[i],d.data,d.size, gnutls_malloc); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,395); } while(0);; goto error; } };
396 }
397
398 return 0;
399
400error:
401 if (info)
402 {
403 _gnutls_free_datum (&info->dh.prime)_gnutls_free_datum_m(&info->dh.prime, gnutls_free);
404 _gnutls_free_datum (&info->dh.generator)_gnutls_free_datum_m(&info->dh.generator, gnutls_free);
405 _gnutls_free_datum (&info->dh.public_key)_gnutls_free_datum_m(&info->dh.public_key, gnutls_free
);
406
407 _gnutls_free_datum (&info->rsa_export.modulus)_gnutls_free_datum_m(&info->rsa_export.modulus, gnutls_free
);
408 _gnutls_free_datum (&info->rsa_export.exponent)_gnutls_free_datum_m(&info->rsa_export.exponent, gnutls_free
);
409
410 for (j = 0; j < i; j++)
411 _gnutls_free_datum (&info->raw_certificate_list[j])_gnutls_free_datum_m(&info->raw_certificate_list[j], gnutls_free
);
412
413 gnutls_free (info->raw_certificate_list);
414 }
415
416 return ret;
417
418}
419
420#ifdef ENABLE_SRP1
421/* Packs the SRP session authentication data.
422 */
423
424/* Format:
425 * 1 byte the credentials type
426 * 4 bytes the size of the SRP username (x)
427 * x bytes the SRP username
428 */
429static int
430pack_srp_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
431{
432 srp_server_auth_info_t info = _gnutls_get_auth_info (session);
433 int len, ret;
434 int size_offset;
435 size_t cur_size;
436
437 if (info && info->username)
438 len = strlen (info->username) + 1; /* include the terminating null */
439 else
440 len = 0;
441
442 size_offset = ps->length;
443 BUFFER_APPEND_NUM (ps, 0){ ret = _gnutls_buffer_append_prefix(ps, 32, 0); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,443); } while(0);; return ret; } };
444 cur_size = ps->length;
445
446 BUFFER_APPEND_PFX (ps, info->username, len){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->username
, len); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,446); } while(0);; return ret; } };
447
448 /* write the real size */
449 _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
450
451 return 0;
452}
453
454
455static int
456unpack_srp_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
457{
458 size_t username_size;
459 int ret;
460 srp_server_auth_info_t info;
461
462 BUFFER_POP_NUM (ps, username_size){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,462); } while(0);; goto error; } username_size = s; };
463 if (username_size > sizeof (info->username))
464 {
465 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",465); } while
(0);;
466 return GNUTLS_E_INTERNAL_ERROR-59;
467 }
468
469
470 ret =
471 _gnutls_auth_info_set (session, GNUTLS_CRD_SRP,
472 sizeof (srp_server_auth_info_st), 1);
473 if (ret < 0)
474 {
475 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",475); } while
(0);;
476 return ret;
477 }
478
479 info = _gnutls_get_auth_info (session);
480 if (info == NULL((void*)0))
481 {
482 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",482); } while
(0);;
483 return GNUTLS_E_INTERNAL_ERROR-59;
484 }
485
486 BUFFER_POP (ps, info->username, username_size){ size_t is = username_size; _gnutls_buffer_pop_data(ps, info
->username, &is); if (is != username_size) { ret = -302
; do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",486); } while
(0);; goto error; } };
487
488 ret = 0;
489
490error:
491 return ret;
492}
493#endif
494
495
496#ifdef ENABLE_ANON1
497/* Packs the ANON session authentication data.
498 */
499
500/* Format:
501 * 1 byte the credentials type
502 * 4 bytes the size of the whole structure
503 * 2 bytes the size of secret key in bits
504 * 4 bytes the size of the prime
505 * x bytes the prime
506 * 4 bytes the size of the generator
507 * x bytes the generator
508 * 4 bytes the size of the public key
509 * x bytes the public key
510 */
511static int
512pack_anon_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
513{
514 int cur_size, ret;
515 anon_auth_info_t info = _gnutls_get_auth_info (session);
516 int size_offset;
517
518 size_offset = ps->length;
519 BUFFER_APPEND_NUM (ps, 0){ ret = _gnutls_buffer_append_prefix(ps, 32, 0); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,519); } while(0);; return ret; } };
520 cur_size = ps->length;
521
522 if (info)
523 {
524 BUFFER_APPEND_NUM (ps, info->dh.secret_bits){ ret = _gnutls_buffer_append_prefix(ps, 32, info->dh.secret_bits
); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,524); } while(0);; return ret; } };
525 BUFFER_APPEND_PFX (ps, info->dh.prime.data, info->dh.prime.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.prime.data, info->dh.prime.size); if (ret < 0) { do { if
(__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",525); } while
(0);; return ret; } };
526 BUFFER_APPEND_PFX (ps, info->dh.generator.data,{ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.generator.data, info->dh.generator.size); if (ret < 0)
{ do { if (__builtin_expect((_gnutls_log_level >= 2), 0))
_gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",527
); } while(0);; return ret; } }
527 info->dh.generator.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.generator.data, info->dh.generator.size); if (ret < 0)
{ do { if (__builtin_expect((_gnutls_log_level >= 2), 0))
_gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",527
); } while(0);; return ret; } };
528 BUFFER_APPEND_PFX (ps, info->dh.public_key.data,{ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.public_key.data, info->dh.public_key.size); if (ret < 0
) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0)
) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",
529); } while(0);; return ret; } }
529 info->dh.public_key.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.public_key.data, info->dh.public_key.size); if (ret < 0
) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0)
) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",
529); } while(0);; return ret; } };
530 }
531
532 /* write the real size */
533 _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
534
535 return 0;
536}
537
538
539static int
540unpack_anon_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
541{
542 int ret;
543 size_t pack_size;
544 anon_auth_info_t info = NULL((void*)0);
545
546 BUFFER_POP_NUM (ps, pack_size){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,546); } while(0);; goto error; } pack_size = s; };
547
548 if (pack_size == 0)
549 return 0; /* nothing to be done */
550
551 /* client and server have the same auth_info here
552 */
553 ret =
554 _gnutls_auth_info_set (session, GNUTLS_CRD_ANON,
555 sizeof (anon_auth_info_st), 1);
556 if (ret < 0)
557 {
558 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",558); } while
(0);;
559 return ret;
560 }
561
562 info = _gnutls_get_auth_info (session);
563 if (info == NULL((void*)0))
564 {
565 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",565); } while
(0);;
566 return GNUTLS_E_INTERNAL_ERROR-59;
567 }
568
569 BUFFER_POP_NUM (ps, info->dh.secret_bits){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,569); } while(0);; goto error; } info->dh.secret_bits = s
; };
570
571 BUFFER_POP_DATUM (ps, &info->dh.prime){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->dh.prime,d.data,d.size, gnutls_malloc); if (ret < 0) {
do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",571); } while
(0);; goto error; } };
572 BUFFER_POP_DATUM (ps, &info->dh.generator){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->dh.generator,d.data,d.size, gnutls_malloc); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,572); } while(0);; goto error; } };
573 BUFFER_POP_DATUM (ps, &info->dh.public_key){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->dh.public_key,d.data,d.size, gnutls_malloc); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,573); } while(0);; goto error; } };
574
575 return 0;
576
577error:
578 if (info)
579 {
580 _gnutls_free_datum (&info->dh.prime)_gnutls_free_datum_m(&info->dh.prime, gnutls_free);
581 _gnutls_free_datum (&info->dh.generator)_gnutls_free_datum_m(&info->dh.generator, gnutls_free);
582 _gnutls_free_datum (&info->dh.public_key)_gnutls_free_datum_m(&info->dh.public_key, gnutls_free
);
583 }
584
585 return ret;
586}
587#endif /* ANON */
588
589#ifdef ENABLE_PSK1
590/* Packs the PSK session authentication data.
591 */
592
593/* Format:
594 * 1 byte the credentials type
595 * 4 bytes the size of the whole structure
596 *
597 * 4 bytes the size of the PSK username (x)
598 * x bytes the PSK username
599 * 2 bytes the size of secret key in bits
600 * 4 bytes the size of the prime
601 * x bytes the prime
602 * 4 bytes the size of the generator
603 * x bytes the generator
604 * 4 bytes the size of the public key
605 * x bytes the public key
606 */
607static int
608pack_psk_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
609{
610 psk_auth_info_t info;
611 int username_len;
612 int hint_len, ret;
613 int size_offset;
614 size_t cur_size;
615
616 info = _gnutls_get_auth_info (session);
617
618 if (info && info->username)
1
Taking false branch
619 username_len = strlen (info->username) + 1; /* include the terminating null */
620 else
621 username_len = 0;
622
623 if (info && info->hint)
2
Taking false branch
624 hint_len = strlen (info->hint) + 1; /* include the terminating null */
625 else
626 hint_len = 0;
627
628 size_offset = ps->length;
629 BUFFER_APPEND_NUM (ps, 0){ ret = _gnutls_buffer_append_prefix(ps, 32, 0); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,629); } while(0);; return ret; } };
630 cur_size = ps->length;
631
632 BUFFER_APPEND_PFX (ps, info->username, username_len){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->username
, username_len); if (ret < 0) { do { if (__builtin_expect(
(_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",632); } while(0);; return ret; } };
633 BUFFER_APPEND_PFX (ps, info->hint, hint_len){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->hint
, hint_len); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,633); } while(0);; return ret; } };
634
635 BUFFER_APPEND_NUM (ps, info->dh.secret_bits){ ret = _gnutls_buffer_append_prefix(ps, 32, info->dh.secret_bits
); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,635); } while(0);; return ret; } };
3
Within the expansion of the macro 'BUFFER_APPEND_NUM':
a
Dereference of null pointer
636 BUFFER_APPEND_PFX (ps, info->dh.prime.data, info->dh.prime.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.prime.data, info->dh.prime.size); if (ret < 0) { do { if
(__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",636); } while
(0);; return ret; } };
637 BUFFER_APPEND_PFX (ps, info->dh.generator.data, info->dh.generator.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.generator.data, info->dh.generator.size); if (ret < 0)
{ do { if (__builtin_expect((_gnutls_log_level >= 2), 0))
_gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",637
); } while(0);; return ret; } };
638 BUFFER_APPEND_PFX (ps, info->dh.public_key.data, info->dh.public_key.size){ ret = _gnutls_buffer_append_data_prefix(ps, 32, info->dh
.public_key.data, info->dh.public_key.size); if (ret < 0
) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0)
) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",
638); } while(0);; return ret; } };
639
640 /* write the real size */
641 _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
642
643 return 0;
644}
645
646static int
647unpack_psk_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
648{
649 size_t username_size, hint_size;
650 int ret;
651 psk_auth_info_t info;
652
653 ret =
654 _gnutls_auth_info_set (session, GNUTLS_CRD_PSK,
655 sizeof (psk_auth_info_st), 1);
656 if (ret < 0)
657 {
658 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",658); } while
(0);;
659 return ret;
660 }
661
662 info = _gnutls_get_auth_info (session);
663 if (info == NULL((void*)0))
664 {
665 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",665); } while
(0);;
666 return GNUTLS_E_INTERNAL_ERROR-59;
667 }
668
669 BUFFER_POP_NUM (ps, username_size){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,669); } while(0);; goto error; } username_size = s; };
670 if (username_size > sizeof (info->username))
671 {
672 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",672); } while
(0);;
673 return GNUTLS_E_INTERNAL_ERROR-59;
674 }
675
676 BUFFER_POP (ps, info->username, username_size){ size_t is = username_size; _gnutls_buffer_pop_data(ps, info
->username, &is); if (is != username_size) { ret = -302
; do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",676); } while
(0);; goto error; } };
677
678 BUFFER_POP_NUM (ps, hint_size){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,678); } while(0);; goto error; } hint_size = s; };
679 if (hint_size > sizeof (info->hint))
680 {
681 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",681); } while
(0);;
682 return GNUTLS_E_INTERNAL_ERROR-59;
683 }
684 BUFFER_POP (ps, info->hint, hint_size){ size_t is = hint_size; _gnutls_buffer_pop_data(ps, info->
hint, &is); if (is != hint_size) { ret = -302; do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",684); } while(0);; goto error; } };
685
686 BUFFER_POP_NUM (ps, info->dh.secret_bits){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,686); } while(0);; goto error; } info->dh.secret_bits = s
; };
687
688 BUFFER_POP_DATUM (ps, &info->dh.prime){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->dh.prime,d.data,d.size, gnutls_malloc); if (ret < 0) {
do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",688); } while
(0);; goto error; } };
689 BUFFER_POP_DATUM (ps, &info->dh.generator){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->dh.generator,d.data,d.size, gnutls_malloc); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,689); } while(0);; goto error; } };
690 BUFFER_POP_DATUM (ps, &info->dh.public_key){ gnutls_datum_t d; ret = _gnutls_buffer_pop_datum_prefix(ps,
&d); if (ret >= 0) ret = _gnutls_set_datum_m(&info
->dh.public_key,d.data,d.size, gnutls_malloc); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,690); } while(0);; goto error; } };
691
692 ret = 0;
693
694error:
695 _gnutls_free_datum (&info->dh.prime)_gnutls_free_datum_m(&info->dh.prime, gnutls_free);
696 _gnutls_free_datum (&info->dh.generator)_gnutls_free_datum_m(&info->dh.generator, gnutls_free);
697 _gnutls_free_datum (&info->dh.public_key)_gnutls_free_datum_m(&info->dh.public_key, gnutls_free
);
698
699 return ret;
700}
701#endif
702
703
704/* Packs the security parameters.
705 */
706
707/* Format:
708 * 4 bytes the total security data size
709 * 1 byte the entity type (client/server)
710 * 1 byte the key exchange algorithm used
711 * 1 byte the read cipher algorithm
712 * 1 byte the read mac algorithm
713 * 1 byte the read compression algorithm
714 *
715 * 1 byte the write cipher algorithm
716 * 1 byte the write mac algorithm
717 * 1 byte the write compression algorithm
718 *
719 * 1 byte the certificate type
720 * 1 byte the protocol version
721 *
722 * 2 bytes the cipher suite
723 *
724 * 48 bytes the master secret
725 *
726 * 32 bytes the client random
727 * 32 bytes the server random
728 *
729 * 1 byte the session ID size
730 * x bytes the session ID (32 bytes max)
731 *
732 * 4 bytes a timestamp
733 * 4 bytes the ECC curve
734 * -------------------
735 * MAX: 169 bytes
736 *
737 */
738static int
739pack_security_parameters (gnutls_session_t session, gnutls_buffer_st * ps)
740{
741
742 int ret;
743 int size_offset;
744 size_t cur_size;
745 record_parameters_st *params;
746
747 if (session->security_parameters.epoch_read
748 != session->security_parameters.epoch_write)
749 {
750 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",750); } while
(0);;
751 return GNUTLS_E_INVALID_REQUEST-50;
752 }
753
754 ret = _gnutls_epoch_get (session, EPOCH_READ_CURRENT70000, &params);
755 if (ret < 0)
756 {
757 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",757); } while
(0);;
758 return ret;
759 }
760
761 /* move after the auth info stuff.
762 */
763 size_offset = ps->length;
764 BUFFER_APPEND_NUM (ps, 0){ ret = _gnutls_buffer_append_prefix(ps, 32, 0); if (ret <
0) { do { if (__builtin_expect((_gnutls_log_level >= 2), 0
)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,764); } while(0);; return ret; } };
765 cur_size = ps->length;
766
767
768 BUFFER_APPEND_NUM (ps, session->security_parameters.entity){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.entity); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,768); } while(0);; return ret; } };
769 BUFFER_APPEND_NUM (ps, session->security_parameters.kx_algorithm){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.kx_algorithm); if (ret < 0) { do { if (__builtin_expect((
_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",769); } while(0);; return ret; } };
770 BUFFER_APPEND (ps,{ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.cipher_suite, 2); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",771); } while(0);; return ret; } }
771 session->security_parameters.cipher_suite, 2){ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.cipher_suite, 2); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",771); } while(0);; return ret; } };
772 BUFFER_APPEND_NUM (ps, session->security_parameters.compression_method){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.compression_method); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",772); } while(0);; return ret; } };
773 BUFFER_APPEND_NUM (ps, session->security_parameters.cert_type){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.cert_type); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,773); } while(0);; return ret; } };
774 BUFFER_APPEND_NUM (ps, session->security_parameters.version){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.version); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,774); } while(0);; return ret; } };
775
776 BUFFER_APPEND (ps, session->security_parameters.master_secret,{ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.master_secret, 48); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",777); } while(0);; return ret; } }
777 GNUTLS_MASTER_SIZE){ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.master_secret, 48); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",777); } while(0);; return ret; } };
778 BUFFER_APPEND (ps, session->security_parameters.client_random,{ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.client_random, 32); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",779); } while(0);; return ret; } }
779 GNUTLS_RANDOM_SIZE){ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.client_random, 32); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",779); } while(0);; return ret; } };
780 BUFFER_APPEND (ps, session->security_parameters.server_random,{ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.server_random, 32); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",781); } while(0);; return ret; } }
781 GNUTLS_RANDOM_SIZE){ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.server_random, 32); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",781); } while(0);; return ret; } };
782
783 BUFFER_APPEND_NUM (ps, session->security_parameters.session_id_size){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.session_id_size); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",783); } while(0);; return ret; } };
784 BUFFER_APPEND (ps, session->security_parameters.session_id,{ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.session_id, session->security_parameters.session_id_size)
; if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,785); } while(0);; return ret; } }
785 session->security_parameters.session_id_size){ ret = _gnutls_buffer_append_data(ps, session->security_parameters
.session_id, session->security_parameters.session_id_size)
; if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,785); } while(0);; return ret; } };
786
787 BUFFER_APPEND_NUM (ps, session->security_parameters.max_record_send_size){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.max_record_send_size); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",787); } while(0);; return ret; } };
788 BUFFER_APPEND_NUM (ps, session->security_parameters.max_record_recv_size){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.max_record_recv_size); if (ret < 0) { do { if (__builtin_expect
((_gnutls_log_level >= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n"
, "gnutls_session_pack.c",788); } while(0);; return ret; } };
789 BUFFER_APPEND_NUM (ps, session->security_parameters.timestamp){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.timestamp); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,789); } while(0);; return ret; } };
790 BUFFER_APPEND_NUM (ps, session->security_parameters.ecc_curve){ ret = _gnutls_buffer_append_prefix(ps, 32, session->security_parameters
.ecc_curve); if (ret < 0) { do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,790); } while(0);; return ret; } };
791
792 _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
793
794 return 0;
795}
796
797static int
798unpack_security_parameters (gnutls_session_t session, gnutls_buffer_st * ps)
799{
800 size_t pack_size;
801 int ret;
802 time_t timestamp = gnutls_time (0);
803
804 BUFFER_POP_NUM (ps, pack_size){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,804); } while(0);; goto error; } pack_size = s; };
805
806 if (pack_size == 0)
807 return GNUTLS_E_INVALID_REQUEST-50;
808
809 memset (&session->internals.resumed_security_parameters, 0,
810 sizeof (session->internals.resumed_security_parameters));
811
812 BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.entity){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,812); } while(0);; goto error; } session->internals.resumed_security_parameters
.entity = s; };
813 BUFFER_POP_NUM (ps,{ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,814); } while(0);; goto error; } session->internals.resumed_security_parameters
.kx_algorithm = s; }
814 session->internals.resumed_security_parameters.kx_algorithm){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,814); } while(0);; goto error; } session->internals.resumed_security_parameters
.kx_algorithm = s; };
815 BUFFER_POP (ps,{ size_t is = 2; _gnutls_buffer_pop_data(ps, session->internals
. resumed_security_parameters.cipher_suite, &is); if (is !=
2) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,817); } while(0);; goto error; } }
816 session->internals.{ size_t is = 2; _gnutls_buffer_pop_data(ps, session->internals
. resumed_security_parameters.cipher_suite, &is); if (is !=
2) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,817); } while(0);; goto error; } }
817 resumed_security_parameters.cipher_suite, 2){ size_t is = 2; _gnutls_buffer_pop_data(ps, session->internals
. resumed_security_parameters.cipher_suite, &is); if (is !=
2) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,817); } while(0);; goto error; } };
818 BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.compression_method){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,818); } while(0);; goto error; } session->internals.resumed_security_parameters
.compression_method = s; };
819 BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.cert_type){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,819); } while(0);; goto error; } session->internals.resumed_security_parameters
.cert_type = s; };
820 BUFFER_POP_NUM (ps, session->internals.resumed_security_parameters.version){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,820); } while(0);; goto error; } session->internals.resumed_security_parameters
.version = s; };
821
822 BUFFER_POP (ps,{ size_t is = 48; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.master_secret, &is)
; if (is != 48) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,824); } while(0);; goto error; } }
823 &session->internals.resumed_security_parameters.master_secret,{ size_t is = 48; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.master_secret, &is)
; if (is != 48) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,824); } while(0);; goto error; } }
824 GNUTLS_MASTER_SIZE){ size_t is = 48; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.master_secret, &is)
; if (is != 48) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,824); } while(0);; goto error; } };
825
826 BUFFER_POP (ps,{ size_t is = 32; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.client_random, &is)
; if (is != 32) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,828); } while(0);; goto error; } }
827 &session->internals.resumed_security_parameters.client_random,{ size_t is = 32; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.client_random, &is)
; if (is != 32) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,828); } while(0);; goto error; } }
828 GNUTLS_RANDOM_SIZE){ size_t is = 32; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.client_random, &is)
; if (is != 32) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,828); } while(0);; goto error; } };
829 BUFFER_POP (ps,{ size_t is = 32; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.server_random, &is)
; if (is != 32) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,831); } while(0);; goto error; } }
830 &session->internals.resumed_security_parameters.server_random,{ size_t is = 32; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.server_random, &is)
; if (is != 32) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,831); } while(0);; goto error; } }
831 GNUTLS_RANDOM_SIZE){ size_t is = 32; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.server_random, &is)
; if (is != 32) { ret = -302; do { if (__builtin_expect((_gnutls_log_level
>= 2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,831); } while(0);; goto error; } };
832 BUFFER_POP_NUM (ps,{ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,834); } while(0);; goto error; } session->internals. resumed_security_parameters
.session_id_size = s; }
833 session->internals.{ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,834); } while(0);; goto error; } session->internals. resumed_security_parameters
.session_id_size = s; }
834 resumed_security_parameters.session_id_size){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,834); } while(0);; goto error; } session->internals. resumed_security_parameters
.session_id_size = s; };
835
836 BUFFER_POP (ps, &session->internals.resumed_security_parameters.session_id,{ size_t is = session->internals.resumed_security_parameters
.session_id_size; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.session_id, &is); if
(is != session->internals.resumed_security_parameters.session_id_size
) { ret = -302; do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,837); } while(0);; goto error; } }
837 session->internals.resumed_security_parameters.session_id_size){ size_t is = session->internals.resumed_security_parameters
.session_id_size; _gnutls_buffer_pop_data(ps, &session->
internals.resumed_security_parameters.session_id, &is); if
(is != session->internals.resumed_security_parameters.session_id_size
) { ret = -302; do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,837); } while(0);; goto error; } };
838
839 BUFFER_POP_NUM (ps,{ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,841); } while(0);; goto error; } session->internals. resumed_security_parameters
.max_record_send_size = s; }
840 session->internals.{ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,841); } while(0);; goto error; } session->internals. resumed_security_parameters
.max_record_send_size = s; }
841 resumed_security_parameters.max_record_send_size){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,841); } while(0);; goto error; } session->internals. resumed_security_parameters
.max_record_send_size = s; };
842 BUFFER_POP_NUM (ps,{ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,844); } while(0);; goto error; } session->internals. resumed_security_parameters
.max_record_recv_size = s; }
843 session->internals.{ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,844); } while(0);; goto error; } session->internals. resumed_security_parameters
.max_record_recv_size = s; }
844 resumed_security_parameters.max_record_recv_size){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,844); } while(0);; goto error; } session->internals. resumed_security_parameters
.max_record_recv_size = s; };
845 BUFFER_POP_NUM (ps,{ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,846); } while(0);; goto error; } session->internals.resumed_security_parameters
.timestamp = s; }
846 session->internals.resumed_security_parameters.timestamp){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,846); } while(0);; goto error; } session->internals.resumed_security_parameters
.timestamp = s; };
847
848 BUFFER_POP_NUM (ps,{ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,849); } while(0);; goto error; } session->internals.resumed_security_parameters
.ecc_curve = s; }
849 session->internals.resumed_security_parameters.ecc_curve){ size_t s; ret = _gnutls_buffer_pop_prefix(ps, &s, 0); if
(ret < 0) { do { if (__builtin_expect((_gnutls_log_level >=
2), 0)) _gnutls_log( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c"
,849); } while(0);; goto error; } session->internals.resumed_security_parameters
.ecc_curve = s; };
850
851 if (timestamp - session->internals.resumed_security_parameters.timestamp >
852 session->internals.expire_time
853 || session->internals.resumed_security_parameters.timestamp > timestamp)
854 {
855 gnutls_assert ()do { if (__builtin_expect((_gnutls_log_level >= 2), 0)) _gnutls_log
( 2, "ASSERT: %s:%d\n", "gnutls_session_pack.c",855); } while
(0);;
856 return GNUTLS_E_EXPIRED-29;
857 }
858
859 ret = 0;
860
861error:
862 return ret;
863}