34
static int _gnutls_inner_application_recv_params (gnutls_session_t session,
37
static int _gnutls_inner_application_send_params (gnutls_session_t session,
38
opaque * data, size_t);
39
static int ia_unpack (gnutls_buffer_st * ps, extension_priv_data_t * _priv);
40
static int ia_pack (extension_priv_data_t _priv, gnutls_buffer_st * ps);
41
static void ia_deinit_data (extension_priv_data_t priv);
43
extension_entry_st ext_mod_ia = {
44
.name = "INNER APPLICATION",
45
.type = GNUTLS_EXTENSION_INNER_APPLICATION,
46
.parse_type = GNUTLS_EXT_TLS,
48
.recv_func = _gnutls_inner_application_recv_params,
49
.send_func = _gnutls_inner_application_send_params,
51
.unpack_func = ia_unpack,
52
.deinit_func = ia_deinit_data,
35
56
_gnutls_inner_application_recv_params (gnutls_session_t session,
36
const opaque * data, size_t data_size)
57
const opaque * data, size_t data_size)
38
tls_ext_st *ext = &session->security_parameters.extensions;
59
extension_priv_data_t epriv;
40
63
if (data_size != 1)
43
66
return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
46
ext->gnutls_ia_peer_enable = 1;
47
ext->gnutls_ia_peer_allowskip = 0;
70
_gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_INNER_APPLICATION,
74
priv = gnutls_calloc (1, sizeof (*priv));
78
return GNUTLS_E_MEMORY_ERROR;
82
_gnutls_ext_set_session_data (session,
83
GNUTLS_EXTENSION_INNER_APPLICATION,
89
priv->flags |= IA_PEER_ENABLE;
90
priv->flags &= ~IA_PEER_ALLOW_SKIP;
49
92
switch ((unsigned char) *data)
51
case NO: /* Peer's ia_on_resume == no */
52
ext->gnutls_ia_peer_allowskip = 1;
94
case NO: /* Peer's ia_on_resume == no */
95
priv->flags |= IA_PEER_ALLOW_SKIP;
66
110
/* returns data_size or a negative number on failure
69
113
_gnutls_inner_application_send_params (gnutls_session_t session,
70
opaque * data, size_t data_size)
114
opaque * data, size_t data_size)
72
tls_ext_st *ext = &session->security_parameters.extensions;
116
extension_priv_data_t epriv;
117
ia_ext_st *priv = NULL;
121
_gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_INNER_APPLICATION,
125
priv = gnutls_calloc (1, sizeof (*priv));
129
return GNUTLS_E_MEMORY_ERROR;
133
_gnutls_ext_set_session_data (session,
134
GNUTLS_EXTENSION_INNER_APPLICATION,
74
140
/* Set ext->gnutls_ia_enable depending on whether we have a TLS/IA
75
141
credential in the session. */
77
143
if (session->security_parameters.entity == GNUTLS_CLIENT)
79
145
gnutls_ia_client_credentials_t cred = (gnutls_ia_client_credentials_t)
80
_gnutls_get_cred (session->key, GNUTLS_CRD_IA, NULL);
146
_gnutls_get_cred (session->key, GNUTLS_CRD_IA, NULL);
83
ext->gnutls_ia_enable = 1;
149
priv->flags |= IA_ENABLE;
87
gnutls_ia_server_credentials_t cred = (gnutls_ia_server_credentials_t)
88
_gnutls_get_cred (session->key, GNUTLS_CRD_IA, NULL);
153
gnutls_ia_server_credentials_t cred;
155
cred = (gnutls_ia_server_credentials_t)
156
_gnutls_get_cred (session->key, GNUTLS_CRD_IA, NULL);
91
ext->gnutls_ia_enable = 1;
159
priv->flags |= IA_PEER_ENABLE;
94
162
/* If we don't want gnutls_ia locally, or we are a server and the
95
163
* client doesn't want it, don't advertise TLS/IA support at all, as
98
if (!ext->gnutls_ia_enable)
166
if (!(priv->flags & IA_ENABLE))
101
169
if (session->security_parameters.entity == GNUTLS_SERVER &&
102
!ext->gnutls_ia_peer_enable)
170
!(priv->flags & IA_PEER_ENABLE))
105
173
/* We'll advertise. Check if there's room in the hello buffer. */
137
205
* always skip IA on resumption, because recv_ext isn't even called
138
206
* to record the peer's support for IA at all. Simon? */
140
if (ext->gnutls_ia_allowskip &&
141
ext->gnutls_ia_peer_allowskip &&
142
session->internals.resumed == RESUME_TRUE)
208
if ((priv->flags & IA_ALLOW_SKIP) &&
209
(priv->flags & IA_PEER_ALLOW_SKIP) &&
210
session->internals.resumed == RESUME_TRUE)
218
ia_deinit_data (extension_priv_data_t priv)
220
gnutls_free (priv.ptr);
224
ia_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps)
226
ia_ext_st *priv = epriv.ptr;
229
BUFFER_APPEND_NUM (ps, priv->flags);
230
BUFFER_APPEND_PFX (ps, priv->inner_secret, GNUTLS_MASTER_SIZE);
236
ia_unpack (gnutls_buffer_st * ps, extension_priv_data_t * _priv)
240
extension_priv_data_t epriv;
242
priv = gnutls_calloc (1, sizeof (*priv));
246
return GNUTLS_E_MEMORY_ERROR;
249
BUFFER_POP_NUM (ps, priv->flags);
250
BUFFER_POP_NUM (ps, size);
251
if (size != GNUTLS_MASTER_SIZE)
254
return GNUTLS_E_PARSING_ERROR;
256
BUFFER_POP (ps, priv->inner_secret, GNUTLS_MASTER_SIZE);