aboutsummaryrefslogtreecommitdiff
path: root/src/daemon/https
diff options
context:
space:
mode:
Diffstat (limited to 'src/daemon/https')
-rw-r--r--src/daemon/https/tls/auth_rsa.c4
-rw-r--r--src/daemon/https/tls/ext_cert_type.c8
-rw-r--r--src/daemon/https/tls/ext_max_record.c4
-rw-r--r--src/daemon/https/tls/ext_server_name.c24
-rw-r--r--src/daemon/https/tls/gnutls_algorithms.c4
-rw-r--r--src/daemon/https/tls/gnutls_auth.c5
-rw-r--r--src/daemon/https/tls/gnutls_buffers.c25
-rw-r--r--src/daemon/https/tls/gnutls_cipher.c41
-rw-r--r--src/daemon/https/tls/gnutls_constate.c75
-rw-r--r--src/daemon/https/tls/gnutls_extensions.c5
-rw-r--r--src/daemon/https/tls/gnutls_handshake.c63
-rw-r--r--src/daemon/https/tls/gnutls_kx.c66
-rw-r--r--src/daemon/https/tls/gnutls_pk.c2
-rw-r--r--src/daemon/https/tls/gnutls_record.c16
-rw-r--r--src/daemon/https/tls/gnutls_sig.c24
-rw-r--r--src/daemon/https/tls/gnutls_state.c4
-rw-r--r--src/daemon/https/tls/gnutls_x509.c4
-rw-r--r--src/daemon/https/tls/memmem.c9
-rw-r--r--src/daemon/https/tls/str-two-way.h370
19 files changed, 369 insertions, 384 deletions
diff --git a/src/daemon/https/tls/auth_rsa.c b/src/daemon/https/tls/auth_rsa.c
index 1b461951..9548a8f1 100644
--- a/src/daemon/https/tls/auth_rsa.c
+++ b/src/daemon/https/tls/auth_rsa.c
@@ -168,8 +168,8 @@ MHD__gnutls_get_private_rsa_params (MHD_gtls_session_t session,
168 } 168 }
169 169
170 bits = 170 bits =
171 MHD__gnutls_mpi_get_nbits (session->internals. 171 MHD__gnutls_mpi_get_nbits (session->internals.selected_cert_list[0].
172 selected_cert_list[0].params[0]); 172 params[0]);
173 173
174 if (MHD_gtls_cipher_suite_get_kx_algo 174 if (MHD_gtls_cipher_suite_get_kx_algo
175 (&session->security_parameters.current_cipher_suite) 175 (&session->security_parameters.current_cipher_suite)
diff --git a/src/daemon/https/tls/ext_cert_type.c b/src/daemon/https/tls/ext_cert_type.c
index 5fc53167..1e7966f4 100644
--- a/src/daemon/https/tls/ext_cert_type.c
+++ b/src/daemon/https/tls/ext_cert_type.c
@@ -183,8 +183,8 @@ MHD_gtls_cert_type_send_params (MHD_gtls_session_t session, opaque * data,
183 for (i = 0; i < len; i++) 183 for (i = 0; i < len; i++)
184 { 184 {
185 data[i + 1] = 185 data[i + 1] =
186 MHD__gnutls_cert_type2num (session->internals.priorities. 186 MHD__gnutls_cert_type2num (session->internals.
187 cert_type.priority[i]); 187 priorities.cert_type.priority[i]);
188 } 188 }
189 return len + 1; 189 return len + 1;
190 } 190 }
@@ -203,8 +203,8 @@ MHD_gtls_cert_type_send_params (MHD_gtls_session_t session, opaque * data,
203 } 203 }
204 204
205 data[0] = 205 data[0] =
206 MHD__gnutls_cert_type2num (session->security_parameters. 206 MHD__gnutls_cert_type2num (session->
207 cert_type); 207 security_parameters.cert_type);
208 return len; 208 return len;
209 } 209 }
210 210
diff --git a/src/daemon/https/tls/ext_max_record.c b/src/daemon/https/tls/ext_max_record.c
index 5dcf2225..421a1739 100644
--- a/src/daemon/https/tls/ext_max_record.c
+++ b/src/daemon/https/tls/ext_max_record.c
@@ -121,8 +121,8 @@ MHD_gtls_max_record_send_params (MHD_gtls_session_t session, opaque * data,
121 } 121 }
122 122
123 data[0] = 123 data[0] =
124 (uint8_t) MHD_gtls_mre_record2num (session-> 124 (uint8_t) MHD_gtls_mre_record2num (session->internals.
125 internals.proposed_record_size); 125 proposed_record_size);
126 return len; 126 return len;
127 } 127 }
128 128
diff --git a/src/daemon/https/tls/ext_server_name.c b/src/daemon/https/tls/ext_server_name.c
index 1441f692..911bd530 100644
--- a/src/daemon/https/tls/ext_server_name.c
+++ b/src/daemon/https/tls/ext_server_name.c
@@ -118,10 +118,10 @@ MHD_gtls_server_name_recv_params (MHD_gtls_session_t session,
118 case 0: /* NAME_DNS */ 118 case 0: /* NAME_DNS */
119 if (len <= MAX_SERVER_NAME_SIZE) 119 if (len <= MAX_SERVER_NAME_SIZE)
120 { 120 {
121 memcpy (session->security_parameters.extensions.server_names[i]. 121 memcpy (session->security_parameters.extensions.
122 name, p, len); 122 server_names[i].name, p, len);
123 session->security_parameters.extensions. 123 session->security_parameters.extensions.server_names[i].
124 server_names[i].name_length = len; 124 name_length = len;
125 session->security_parameters.extensions.server_names[i].type = 125 session->security_parameters.extensions.server_names[i].type =
126 GNUTLS_NAME_DNS; 126 GNUTLS_NAME_DNS;
127 break; 127 break;
@@ -163,8 +163,8 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session,
163 /* count the total size 163 /* count the total size
164 */ 164 */
165 len = 165 len =
166 session->security_parameters.extensions. 166 session->security_parameters.extensions.server_names[i].
167 server_names[i].name_length; 167 name_length;
168 168
169 /* uint8_t + uint16_t + size 169 /* uint8_t + uint16_t + size
170 */ 170 */
@@ -183,14 +183,14 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session,
183 i < session->security_parameters.extensions.server_names_size; i++) 183 i < session->security_parameters.extensions.server_names_size; i++)
184 { 184 {
185 185
186 switch (session->security_parameters.extensions.server_names[i]. 186 switch (session->security_parameters.extensions.
187 type) 187 server_names[i].type)
188 { 188 {
189 case GNUTLS_NAME_DNS: 189 case GNUTLS_NAME_DNS:
190 190
191 len = 191 len =
192 session->security_parameters.extensions.server_names[i]. 192 session->security_parameters.extensions.
193 name_length; 193 server_names[i].name_length;
194 if (len == 0) 194 if (len == 0)
195 break; 195 break;
196 196
@@ -208,8 +208,8 @@ MHD_gtls_server_name_send_params (MHD_gtls_session_t session,
208 p += 2; 208 p += 2;
209 209
210 memcpy (p, 210 memcpy (p,
211 session->security_parameters.extensions.server_names[0]. 211 session->security_parameters.extensions.
212 name, len); 212 server_names[0].name, len);
213 p += len; 213 p += len;
214 break; 214 break;
215 default: 215 default:
diff --git a/src/daemon/https/tls/gnutls_algorithms.c b/src/daemon/https/tls/gnutls_algorithms.c
index 55b4ecbf..f65ccbac 100644
--- a/src/daemon/https/tls/gnutls_algorithms.c
+++ b/src/daemon/https/tls/gnutls_algorithms.c
@@ -1188,8 +1188,8 @@ MHD_gtls_supported_compression_methods (MHD_gtls_session_t session,
1188 for (i = j = 0; i < SUPPORTED_COMPRESSION_METHODS; i++) 1188 for (i = j = 0; i < SUPPORTED_COMPRESSION_METHODS; i++)
1189 { 1189 {
1190 int tmp = 1190 int tmp =
1191 MHD_gtls_compression_get_num (session->internals. 1191 MHD_gtls_compression_get_num (session->internals.priorities.
1192 priorities.compression.priority[i]); 1192 compression.priority[i]);
1193 1193
1194 /* remove private compression algorithms, if requested. 1194 /* remove private compression algorithms, if requested.
1195 */ 1195 */
diff --git a/src/daemon/https/tls/gnutls_auth.c b/src/daemon/https/tls/gnutls_auth.c
index df978ef9..7c820c4e 100644
--- a/src/daemon/https/tls/gnutls_auth.c
+++ b/src/daemon/https/tls/gnutls_auth.c
@@ -166,9 +166,8 @@ MHD_gtls_auth_get_type (MHD_gtls_session_t session)
166 166
167 return 167 return
168 MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo 168 MHD_gtls_map_kx_get_cred (MHD_gtls_cipher_suite_get_kx_algo
169 (&session-> 169 (&session->security_parameters.
170 security_parameters.current_cipher_suite), 170 current_cipher_suite), server);
171 server);
172} 171}
173 172
174/* 173/*
diff --git a/src/daemon/https/tls/gnutls_buffers.c b/src/daemon/https/tls/gnutls_buffers.c
index 167fd760..fa41f28e 100644
--- a/src/daemon/https/tls/gnutls_buffers.c
+++ b/src/daemon/https/tls/gnutls_buffers.c
@@ -734,9 +734,9 @@ MHD_gtls_io_write_buffered (MHD_gtls_session_t session,
734 session->internals.record_send_buffer_prev_size += n - left; 734 session->internals.record_send_buffer_prev_size += n - left;
735 735
736 retval = 736 retval =
737 MHD__gnutls_buffer_insert (&session->internals. 737 MHD__gnutls_buffer_insert (&session->
738 record_send_buffer, &ptr[n - left], 738 internals.record_send_buffer,
739 left); 739 &ptr[n - left], left);
740 if (retval < 0) 740 if (retval < 0)
741 { 741 {
742 MHD_gnutls_assert (); 742 MHD_gnutls_assert ();
@@ -944,8 +944,8 @@ MHD_gtls_handshake_io_send_int (MHD_gtls_session_t session,
944 MHD_gnutls_assert (); 944 MHD_gnutls_assert ();
945 945
946 retval = 946 retval =
947 MHD__gnutls_buffer_insert (&session-> 947 MHD__gnutls_buffer_insert (&session->internals.
948 internals.handshake_send_buffer, 948 handshake_send_buffer,
949 &ptr[n - left], left); 949 &ptr[n - left], left);
950 if (retval < 0) 950 if (retval < 0)
951 { 951 {
@@ -1047,9 +1047,8 @@ MHD_gtls_handshake_io_recv_int (MHD_gtls_session_t session,
1047 1047
1048 session->internals.handshake_recv_buffer.data 1048 session->internals.handshake_recv_buffer.data
1049 = 1049 =
1050 MHD_gtls_realloc_fast (session-> 1050 MHD_gtls_realloc_fast (session->internals.
1051 internals.handshake_recv_buffer.data, 1051 handshake_recv_buffer.data, dsize);
1052 dsize);
1053 if (session->internals.handshake_recv_buffer.data == NULL) 1052 if (session->internals.handshake_recv_buffer.data == NULL)
1054 { 1053 {
1055 MHD_gnutls_assert (); 1054 MHD_gnutls_assert ();
@@ -1100,9 +1099,13 @@ MHD_gtls_handshake_buffer_put (MHD_gtls_session_t session, opaque * data,
1100 1099
1101 if ((session->internals.max_handshake_data_buffer_size > 0) && ((length 1100 if ((session->internals.max_handshake_data_buffer_size > 0) && ((length
1102 + 1101 +
1103 session->internals.handshake_hash_buffer.length) 1102 session->
1104 > 1103 internals.
1105 session->internals.max_handshake_data_buffer_size)) 1104 handshake_hash_buffer.
1105 length) >
1106 session->
1107 internals.
1108 max_handshake_data_buffer_size))
1106 { 1109 {
1107 MHD_gnutls_assert (); 1110 MHD_gnutls_assert ();
1108 return GNUTLS_E_MEMORY_ERROR; 1111 return GNUTLS_E_MEMORY_ERROR;
diff --git a/src/daemon/https/tls/gnutls_cipher.c b/src/daemon/https/tls/gnutls_cipher.c
index b919aea0..6edc0efe 100644
--- a/src/daemon/https/tls/gnutls_cipher.c
+++ b/src/daemon/https/tls/gnutls_cipher.c
@@ -212,15 +212,15 @@ MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session,
212 uint8_t type = _type; 212 uint8_t type = _type;
213 uint8_t major, minor; 213 uint8_t major, minor;
214 int hash_size = 214 int hash_size =
215 MHD_gnutls_hash_get_algo_len (session-> 215 MHD_gnutls_hash_get_algo_len (session->security_parameters.
216 security_parameters.write_mac_algorithm); 216 write_mac_algorithm);
217 enum MHD_GNUTLS_Protocol ver; 217 enum MHD_GNUTLS_Protocol ver;
218 int blocksize = 218 int blocksize =
219 MHD_gtls_cipher_get_block_size (session-> 219 MHD_gtls_cipher_get_block_size (session->security_parameters.
220 security_parameters.write_bulk_cipher_algorithm); 220 write_bulk_cipher_algorithm);
221 cipher_type_t block_algo = 221 cipher_type_t block_algo =
222 MHD_gtls_cipher_is_block (session-> 222 MHD_gtls_cipher_is_block (session->security_parameters.
223 security_parameters.write_bulk_cipher_algorithm); 223 write_bulk_cipher_algorithm);
224 opaque *data_ptr; 224 opaque *data_ptr;
225 225
226 226
@@ -247,9 +247,8 @@ MHD_gtls_compressed2ciphertext (MHD_gtls_session_t session,
247 if (td != GNUTLS_MAC_FAILED) 247 if (td != GNUTLS_MAC_FAILED)
248 { /* actually when the algorithm in not the NULL one */ 248 { /* actually when the algorithm in not the NULL one */
249 MHD_gnutls_hash (td, 249 MHD_gnutls_hash (td,
250 UINT64DATA (session-> 250 UINT64DATA (session->connection_state.
251 connection_state.write_sequence_number), 251 write_sequence_number), 8);
252 8);
253 252
254 MHD_gnutls_hash (td, &type, 1); 253 MHD_gnutls_hash (td, &type, 1);
255 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0) 254 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
@@ -343,16 +342,16 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session,
343 uint8_t major, minor; 342 uint8_t major, minor;
344 enum MHD_GNUTLS_Protocol ver; 343 enum MHD_GNUTLS_Protocol ver;
345 int hash_size = 344 int hash_size =
346 MHD_gnutls_hash_get_algo_len (session-> 345 MHD_gnutls_hash_get_algo_len (session->security_parameters.
347 security_parameters.read_mac_algorithm); 346 read_mac_algorithm);
348 347
349 ver = MHD__gnutls_protocol_get_version (session); 348 ver = MHD__gnutls_protocol_get_version (session);
350 minor = MHD_gtls_version_get_minor (ver); 349 minor = MHD_gtls_version_get_minor (ver);
351 major = MHD_gtls_version_get_major (ver); 350 major = MHD_gtls_version_get_major (ver);
352 351
353 blocksize = 352 blocksize =
354 MHD_gtls_cipher_get_block_size (session-> 353 MHD_gtls_cipher_get_block_size (session->security_parameters.
355 security_parameters.read_bulk_cipher_algorithm); 354 read_bulk_cipher_algorithm);
356 355
357 /* initialize MAC 356 /* initialize MAC
358 */ 357 */
@@ -376,9 +375,9 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session,
376 { 375 {
377 case CIPHER_STREAM: 376 case CIPHER_STREAM:
378 if ((ret = 377 if ((ret =
379 MHD_gtls_cipher_decrypt (session-> 378 MHD_gtls_cipher_decrypt (session->connection_state.
380 connection_state.read_cipher_state, 379 read_cipher_state, ciphertext.data,
381 ciphertext.data, ciphertext.size)) < 0) 380 ciphertext.size)) < 0)
382 { 381 {
383 MHD_gnutls_assert (); 382 MHD_gnutls_assert ();
384 return ret; 383 return ret;
@@ -395,9 +394,9 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session,
395 } 394 }
396 395
397 if ((ret = 396 if ((ret =
398 MHD_gtls_cipher_decrypt (session-> 397 MHD_gtls_cipher_decrypt (session->connection_state.
399 connection_state.read_cipher_state, 398 read_cipher_state, ciphertext.data,
400 ciphertext.data, ciphertext.size)) < 0) 399 ciphertext.size)) < 0)
401 { 400 {
402 MHD_gnutls_assert (); 401 MHD_gnutls_assert ();
403 return ret; 402 return ret;
@@ -455,8 +454,8 @@ MHD_gtls_ciphertext2compressed (MHD_gtls_session_t session,
455 if (td != GNUTLS_MAC_FAILED) 454 if (td != GNUTLS_MAC_FAILED)
456 { 455 {
457 MHD_gnutls_hash (td, 456 MHD_gnutls_hash (td,
458 UINT64DATA (session-> 457 UINT64DATA (session->connection_state.
459 connection_state.read_sequence_number), 8); 458 read_sequence_number), 8);
460 459
461 MHD_gnutls_hash (td, &type, 1); 460 MHD_gnutls_hash (td, &type, 1);
462 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0) 461 if (ver >= MHD_GNUTLS_PROTOCOL_TLS1_0)
diff --git a/src/daemon/https/tls/gnutls_constate.c b/src/daemon/https/tls/gnutls_constate.c
index 41167f79..845abfe9 100644
--- a/src/daemon/https/tls/gnutls_constate.c
+++ b/src/daemon/https/tls/gnutls_constate.c
@@ -105,9 +105,10 @@ MHD__gnutls_set_keys (MHD_gtls_session_t session, int hash_size, int IV_size,
105 { /* TLS 1.0 */ 105 { /* TLS 1.0 */
106 ret = 106 ret =
107 MHD_gtls_PRF (session, 107 MHD_gtls_PRF (session,
108 (const unsigned char *) session->security_parameters. 108 (const unsigned char *) session->
109 master_secret, TLS_MASTER_SIZE, keyexp, keyexp_length, 109 security_parameters.master_secret, TLS_MASTER_SIZE,
110 rnd, 2 * TLS_RANDOM_SIZE, block_size, key_block); 110 keyexp, keyexp_length, rnd, 2 * TLS_RANDOM_SIZE,
111 block_size, key_block);
111 } 112 }
112 113
113 if (ret < 0) 114 if (ret < 0)
@@ -506,35 +507,35 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
506 { 507 {
507 rc = MHD_gtls_set_read_cipher (session, 508 rc = MHD_gtls_set_read_cipher (session,
508 MHD_gtls_cipher_suite_get_cipher_algo 509 MHD_gtls_cipher_suite_get_cipher_algo
509 (&session-> 510 (&session->security_parameters.
510 security_parameters.current_cipher_suite)); 511 current_cipher_suite));
511 if (rc < 0) 512 if (rc < 0)
512 return rc; 513 return rc;
513 rc = MHD_gtls_set_read_mac (session, 514 rc = MHD_gtls_set_read_mac (session,
514 MHD_gtls_cipher_suite_get_mac_algo 515 MHD_gtls_cipher_suite_get_mac_algo
515 (&session-> 516 (&session->security_parameters.
516 security_parameters.current_cipher_suite)); 517 current_cipher_suite));
517 if (rc < 0) 518 if (rc < 0)
518 return rc; 519 return rc;
519 520
520 rc = MHD_gtls_set_kx (session, 521 rc = MHD_gtls_set_kx (session,
521 MHD_gtls_cipher_suite_get_kx_algo 522 MHD_gtls_cipher_suite_get_kx_algo
522 (&session-> 523 (&session->security_parameters.
523 security_parameters.current_cipher_suite)); 524 current_cipher_suite));
524 if (rc < 0) 525 if (rc < 0)
525 return rc; 526 return rc;
526 527
527 rc = MHD_gtls_set_read_compression (session, 528 rc = MHD_gtls_set_read_compression (session,
528 session-> 529 session->internals.
529 internals.compression_method); 530 compression_method);
530 if (rc < 0) 531 if (rc < 0)
531 return rc; 532 return rc;
532 } 533 }
533 else 534 else
534 { /* RESUME_TRUE */ 535 { /* RESUME_TRUE */
535 MHD__gnutls_cpy_read_security_parameters (&session->security_parameters, 536 MHD__gnutls_cpy_read_security_parameters (&session->security_parameters,
536 &session-> 537 &session->internals.
537 internals.resumed_security_parameters); 538 resumed_security_parameters);
538 } 539 }
539 540
540 541
@@ -545,8 +546,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
545 MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", 546 MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n",
546 session, 547 session,
547 MHD_gtls_cipher_suite_get_name 548 MHD_gtls_cipher_suite_get_name
548 (&session-> 549 (&session->security_parameters.
549 security_parameters.current_cipher_suite)); 550 current_cipher_suite));
550 551
551 if (MHD_gtls_compression_is_ok 552 if (MHD_gtls_compression_is_ok
552 (session->security_parameters.read_compression_algorithm) != 0) 553 (session->security_parameters.read_compression_algorithm) != 0)
@@ -571,8 +572,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
571 MHD_gnutls_cipher_deinit (session->connection_state.read_cipher_state); 572 MHD_gnutls_cipher_deinit (session->connection_state.read_cipher_state);
572 573
573 mac_size = 574 mac_size =
574 MHD_gnutls_hash_get_algo_len (session-> 575 MHD_gnutls_hash_get_algo_len (session->security_parameters.
575 security_parameters.read_mac_algorithm); 576 read_mac_algorithm);
576 577
577 MHD__gnutls_handshake_log 578 MHD__gnutls_handshake_log
578 ("HSK[%x]: Initializing internal [read] cipher sessions\n", session); 579 ("HSK[%x]: Initializing internal [read] cipher sessions\n", session);
@@ -583,8 +584,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
583 /* initialize cipher session 584 /* initialize cipher session
584 */ 585 */
585 session->connection_state.read_cipher_state = 586 session->connection_state.read_cipher_state =
586 MHD_gtls_cipher_init (session-> 587 MHD_gtls_cipher_init (session->security_parameters.
587 security_parameters.read_bulk_cipher_algorithm, 588 read_bulk_cipher_algorithm,
588 &session->cipher_specs.client_write_key, 589 &session->cipher_specs.client_write_key,
589 &session->cipher_specs.client_write_IV); 590 &session->cipher_specs.client_write_IV);
590 if (session->connection_state.read_cipher_state == GNUTLS_CIPHER_FAILED 591 if (session->connection_state.read_cipher_state == GNUTLS_CIPHER_FAILED
@@ -615,8 +616,8 @@ MHD_gtls_read_connection_state_init (MHD_gtls_session_t session)
615#if MHD_DEBUG_TLS 616#if MHD_DEBUG_TLS
616 case GNUTLS_CLIENT: 617 case GNUTLS_CLIENT:
617 session->connection_state.read_cipher_state = 618 session->connection_state.read_cipher_state =
618 MHD_gtls_cipher_init (session-> 619 MHD_gtls_cipher_init (session->security_parameters.
619 security_parameters.read_bulk_cipher_algorithm, 620 read_bulk_cipher_algorithm,
620 &session->cipher_specs.server_write_key, 621 &session->cipher_specs.server_write_key,
621 &session->cipher_specs.server_write_IV); 622 &session->cipher_specs.server_write_IV);
622 623
@@ -674,27 +675,27 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
674 { 675 {
675 rc = MHD_gtls_set_write_cipher (session, 676 rc = MHD_gtls_set_write_cipher (session,
676 MHD_gtls_cipher_suite_get_cipher_algo 677 MHD_gtls_cipher_suite_get_cipher_algo
677 (&session-> 678 (&session->security_parameters.
678 security_parameters.current_cipher_suite)); 679 current_cipher_suite));
679 if (rc < 0) 680 if (rc < 0)
680 return rc; 681 return rc;
681 rc = MHD_gtls_set_write_mac (session, 682 rc = MHD_gtls_set_write_mac (session,
682 MHD_gtls_cipher_suite_get_mac_algo 683 MHD_gtls_cipher_suite_get_mac_algo
683 (&session-> 684 (&session->security_parameters.
684 security_parameters.current_cipher_suite)); 685 current_cipher_suite));
685 if (rc < 0) 686 if (rc < 0)
686 return rc; 687 return rc;
687 688
688 rc = MHD_gtls_set_kx (session, 689 rc = MHD_gtls_set_kx (session,
689 MHD_gtls_cipher_suite_get_kx_algo 690 MHD_gtls_cipher_suite_get_kx_algo
690 (&session-> 691 (&session->security_parameters.
691 security_parameters.current_cipher_suite)); 692 current_cipher_suite));
692 if (rc < 0) 693 if (rc < 0)
693 return rc; 694 return rc;
694 695
695 rc = MHD_gtls_set_write_compression (session, 696 rc = MHD_gtls_set_write_compression (session,
696 session-> 697 session->internals.
697 internals.compression_method); 698 compression_method);
698 if (rc < 0) 699 if (rc < 0)
699 return rc; 700 return rc;
700 } 701 }
@@ -711,8 +712,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
711 712
712 MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", session, 713 MHD__gnutls_handshake_log ("HSK[%x]: Cipher Suite: %s\n", session,
713 MHD_gtls_cipher_suite_get_name 714 MHD_gtls_cipher_suite_get_name
714 (&session-> 715 (&session->security_parameters.
715 security_parameters.current_cipher_suite)); 716 current_cipher_suite));
716 717
717 if (MHD_gtls_compression_is_ok 718 if (MHD_gtls_compression_is_ok
718 (session->security_parameters.write_compression_algorithm) != 0) 719 (session->security_parameters.write_compression_algorithm) != 0)
@@ -739,8 +740,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
739 MHD_gnutls_cipher_deinit (session->connection_state.write_cipher_state); 740 MHD_gnutls_cipher_deinit (session->connection_state.write_cipher_state);
740 741
741 mac_size = 742 mac_size =
742 MHD_gnutls_hash_get_algo_len (session-> 743 MHD_gnutls_hash_get_algo_len (session->security_parameters.
743 security_parameters.write_mac_algorithm); 744 write_mac_algorithm);
744 745
745 MHD__gnutls_handshake_log 746 MHD__gnutls_handshake_log
746 ("HSK[%x]: Initializing internal [write] cipher sessions\n", session); 747 ("HSK[%x]: Initializing internal [write] cipher sessions\n", session);
@@ -751,8 +752,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
751 /* initialize cipher session 752 /* initialize cipher session
752 */ 753 */
753 session->connection_state.write_cipher_state = 754 session->connection_state.write_cipher_state =
754 MHD_gtls_cipher_init (session-> 755 MHD_gtls_cipher_init (session->security_parameters.
755 security_parameters.write_bulk_cipher_algorithm, 756 write_bulk_cipher_algorithm,
756 &session->cipher_specs.server_write_key, 757 &session->cipher_specs.server_write_key,
757 &session->cipher_specs.server_write_IV); 758 &session->cipher_specs.server_write_IV);
758 759
@@ -787,8 +788,8 @@ MHD_gtls_write_connection_state_init (MHD_gtls_session_t session)
787#if MHD_DEBUG_TLS 788#if MHD_DEBUG_TLS
788 case GNUTLS_CLIENT: 789 case GNUTLS_CLIENT:
789 session->connection_state.write_cipher_state = 790 session->connection_state.write_cipher_state =
790 MHD_gtls_cipher_init (session-> 791 MHD_gtls_cipher_init (session->security_parameters.
791 security_parameters.write_bulk_cipher_algorithm, 792 write_bulk_cipher_algorithm,
792 &session->cipher_specs.client_write_key, 793 &session->cipher_specs.client_write_key,
793 &session->cipher_specs.client_write_IV); 794 &session->cipher_specs.client_write_IV);
794 795
diff --git a/src/daemon/https/tls/gnutls_extensions.c b/src/daemon/https/tls/gnutls_extensions.c
index a46ef838..8ee96c65 100644
--- a/src/daemon/https/tls/gnutls_extensions.c
+++ b/src/daemon/https/tls/gnutls_extensions.c
@@ -204,9 +204,8 @@ MHD__gnutls_extension_list_add (MHD_gtls_session_t session, uint16_t type)
204 { 204 {
205 if (session->internals.extensions_sent_size < MAX_EXT_TYPES) 205 if (session->internals.extensions_sent_size < MAX_EXT_TYPES)
206 { 206 {
207 session->internals.extensions_sent[session-> 207 session->internals.extensions_sent[session->internals.
208 internals.extensions_sent_size] = 208 extensions_sent_size] = type;
209 type;
210 session->internals.extensions_sent_size++; 209 session->internals.extensions_sent_size++;
211 } 210 }
212 else 211 else
diff --git a/src/daemon/https/tls/gnutls_handshake.c b/src/daemon/https/tls/gnutls_handshake.c
index 980afacd..906350e2 100644
--- a/src/daemon/https/tls/gnutls_handshake.c
+++ b/src/daemon/https/tls/gnutls_handshake.c
@@ -171,13 +171,11 @@ MHD__gnutls_ssl3_finished (MHD_gtls_session_t session, int type, opaque * ret)
171 MHD_gnutls_hash (td_sha, mesg, siz); 171 MHD_gnutls_hash (td_sha, mesg, siz);
172 172
173 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, ret, 173 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, ret,
174 session-> 174 session->security_parameters.
175 security_parameters.master_secret, 175 master_secret, TLS_MASTER_SIZE);
176 TLS_MASTER_SIZE);
177 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &ret[16], 176 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &ret[16],
178 session-> 177 session->security_parameters.
179 security_parameters.master_secret, 178 master_secret, TLS_MASTER_SIZE);
180 TLS_MASTER_SIZE);
181 179
182 return 0; 180 return 0;
183} 181}
@@ -359,9 +357,9 @@ MHD__gnutls_read_client_hello (MHD_gtls_session_t session, opaque * data,
359 pos += session_id_len; 357 pos += session_id_len;
360 358
361 MHD_gtls_generate_session_id (session->security_parameters.session_id, 359 MHD_gtls_generate_session_id (session->security_parameters.session_id,
362 &session-> 360 &session->security_parameters.
363 security_parameters.session_id_size); 361 session_id_size);
364 362
365 session->internals.resumed = RESUME_FALSE; 363 session->internals.resumed = RESUME_FALSE;
366 /* Remember ciphersuites for later 364 /* Remember ciphersuites for later
367 */ 365 */
@@ -708,9 +706,9 @@ finish:
708 */ 706 */
709 if (MHD_gtls_get_kx_cred 707 if (MHD_gtls_get_kx_cred
710 (session, 708 (session,
711 MHD_gtls_cipher_suite_get_kx_algo (&session-> 709 MHD_gtls_cipher_suite_get_kx_algo (&session->security_parameters.
712 security_parameters.current_cipher_suite), 710 current_cipher_suite), &err) == NULL
713 &err) == NULL && err != 0) 711 && err != 0)
714 { 712 {
715 MHD_gnutls_assert (); 713 MHD_gnutls_assert ();
716 return GNUTLS_E_INSUFFICIENT_CREDENTIALS; 714 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
@@ -723,8 +721,8 @@ finish:
723 */ 721 */
724 session->internals.auth_struct = 722 session->internals.auth_struct =
725 MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo 723 MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo
726 (&session-> 724 (&session->security_parameters.
727 security_parameters.current_cipher_suite)); 725 current_cipher_suite));
728 if (session->internals.auth_struct == NULL) 726 if (session->internals.auth_struct == NULL)
729 { 727 {
730 728
@@ -931,8 +929,8 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session,
931 if (session->internals.handshake_header_buffer.header_size == 929 if (session->internals.handshake_header_buffer.header_size ==
932 handshake_header_size || (session->internals.v2_hello != 0 930 handshake_header_size || (session->internals.v2_hello != 0
933 && type == GNUTLS_HANDSHAKE_CLIENT_HELLO 931 && type == GNUTLS_HANDSHAKE_CLIENT_HELLO
934 && session->internals.handshake_header_buffer. 932 && session->internals.
935 packet_length > 0)) 933 handshake_header_buffer.packet_length > 0))
936 { 934 {
937 935
938 *recv_type = session->internals.handshake_header_buffer.recv_type; 936 *recv_type = session->internals.handshake_header_buffer.recv_type;
@@ -975,13 +973,11 @@ MHD__gnutls_recv_handshake_header (MHD_gtls_session_t session,
975 MHD_gtls_handshake_io_recv_int (session, GNUTLS_HANDSHAKE, 973 MHD_gtls_handshake_io_recv_int (session, GNUTLS_HANDSHAKE,
976 type, 974 type,
977 &dataptr 975 &dataptr
978 [session-> 976 [session->internals.
979 internals.handshake_header_buffer. 977 handshake_header_buffer.header_size],
980 header_size],
981 HANDSHAKE_HEADER_SIZE - 978 HANDSHAKE_HEADER_SIZE -
982 session-> 979 session->internals.
983 internals.handshake_header_buffer. 980 handshake_header_buffer.header_size);
984 header_size);
985 if (ret <= 0) 981 if (ret <= 0)
986 { 982 {
987 MHD_gnutls_assert (); 983 MHD_gnutls_assert ();
@@ -1164,12 +1160,11 @@ MHD_gtls_recv_handshake (MHD_gtls_session_t session, uint8_t ** data,
1164 1160
1165 1161
1166 ret = MHD__gnutls_handshake_hash_add_recvd (session, recv_type, 1162 ret = MHD__gnutls_handshake_hash_add_recvd (session, recv_type,
1167 session-> 1163 session->internals.
1168 internals.handshake_header_buffer. 1164 handshake_header_buffer.header,
1169 header, 1165 session->internals.
1170 session-> 1166 handshake_header_buffer.header_size,
1171 internals.handshake_header_buffer. 1167 dataptr, length32);
1172 header_size, dataptr, length32);
1173 if (ret < 0) 1168 if (ret < 0)
1174 { 1169 {
1175 MHD_gnutls_assert (); 1170 MHD_gnutls_assert ();
@@ -1263,8 +1258,8 @@ MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session,
1263 1258
1264 MHD__gnutls_handshake_log ("HSK[%x]: Selected cipher suite: %s\n", session, 1259 MHD__gnutls_handshake_log ("HSK[%x]: Selected cipher suite: %s\n", session,
1265 MHD_gtls_cipher_suite_get_name 1260 MHD_gtls_cipher_suite_get_name
1266 (&session-> 1261 (&session->security_parameters.
1267 security_parameters.current_cipher_suite)); 1262 current_cipher_suite));
1268 1263
1269 1264
1270 /* check if the credentials (username, public key etc.) are ok. 1265 /* check if the credentials (username, public key etc.) are ok.
@@ -1287,8 +1282,8 @@ MHD__gnutls_client_set_ciphersuite (MHD_gtls_session_t session,
1287 */ 1282 */
1288 session->internals.auth_struct = 1283 session->internals.auth_struct =
1289 MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo 1284 MHD_gtls_kx_auth_struct (MHD_gtls_cipher_suite_get_kx_algo
1290 (&session-> 1285 (&session->security_parameters.
1291 security_parameters.current_cipher_suite)); 1286 current_cipher_suite));
1292 1287
1293 if (session->internals.auth_struct == NULL) 1288 if (session->internals.auth_struct == NULL)
1294 { 1289 {
@@ -1862,8 +1857,8 @@ MHD__gnutls_send_server_hello (MHD_gtls_session_t session, int again)
1862 pos += 2; 1857 pos += 2;
1863 1858
1864 comp = 1859 comp =
1865 (uint8_t) MHD_gtls_compression_get_num (session->internals. 1860 (uint8_t) MHD_gtls_compression_get_num (session->
1866 compression_method); 1861 internals.compression_method);
1867 data[pos++] = comp; 1862 data[pos++] = comp;
1868 1863
1869 1864
diff --git a/src/daemon/https/tls/gnutls_kx.c b/src/daemon/https/tls/gnutls_kx.c
index f1824f03..a4041e39 100644
--- a/src/daemon/https/tls/gnutls_kx.c
+++ b/src/daemon/https/tls/gnutls_kx.c
@@ -65,13 +65,13 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster)
65 MHD_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf, 65 MHD_gtls_bin2hex (PREMASTER.data, PREMASTER.size, buf,
66 sizeof (buf))); 66 sizeof (buf)));
67 MHD__gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32, 67 MHD__gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32,
68 MHD_gtls_bin2hex (session-> 68 MHD_gtls_bin2hex (session->security_parameters.
69 security_parameters.client_random, 69 client_random, 32, buf,
70 32, buf, sizeof (buf))); 70 sizeof (buf)));
71 MHD__gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32, 71 MHD__gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32,
72 MHD_gtls_bin2hex (session-> 72 MHD_gtls_bin2hex (session->security_parameters.
73 security_parameters.server_random, 73 server_random, 32, buf,
74 32, buf, sizeof (buf))); 74 sizeof (buf)));
75 75
76 if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3) 76 if (MHD__gnutls_protocol_get_version (session) == MHD_GNUTLS_PROTOCOL_SSL3)
77 { 77 {
@@ -86,8 +86,8 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster)
86 MHD_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size, 86 MHD_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size,
87 rnd, 2 * TLS_RANDOM_SIZE, 87 rnd, 2 * TLS_RANDOM_SIZE,
88 TLS_MASTER_SIZE, 88 TLS_MASTER_SIZE,
89 session-> 89 session->security_parameters.
90 security_parameters.master_secret); 90 master_secret);
91 91
92 } 92 }
93 else 93 else
@@ -117,9 +117,8 @@ generate_normal_master (MHD_gtls_session_t session, int keep_premaster)
117 return ret; 117 return ret;
118 118
119 MHD__gnutls_hard_log ("INT: MASTER SECRET: %s\n", 119 MHD__gnutls_hard_log ("INT: MASTER SECRET: %s\n",
120 MHD_gtls_bin2hex (session-> 120 MHD_gtls_bin2hex (session->security_parameters.
121 security_parameters.master_secret, 121 master_secret, TLS_MASTER_SIZE, buf,
122 TLS_MASTER_SIZE, buf,
123 sizeof (buf))); 122 sizeof (buf)));
124 123
125 return ret; 124 return ret;
@@ -186,8 +185,8 @@ MHD_gtls_send_server_certificate_request (MHD_gtls_session_t session,
186 int data_size = 0; 185 int data_size = 0;
187 int ret = 0; 186 int ret = 0;
188 187
189 if (session->internals. 188 if (session->internals.auth_struct->
190 auth_struct->MHD_gtls_gen_server_certificate_request == NULL) 189 MHD_gtls_gen_server_certificate_request == NULL)
191 return 0; 190 return 0;
192 191
193 if (session->internals.send_cert_req <= 0) 192 if (session->internals.send_cert_req <= 0)
@@ -199,8 +198,8 @@ MHD_gtls_send_server_certificate_request (MHD_gtls_session_t session,
199 if (again == 0) 198 if (again == 0)
200 { 199 {
201 data_size = 200 data_size =
202 session->internals. 201 session->internals.auth_struct->
203 auth_struct->MHD_gtls_gen_server_certificate_request (session, &data); 202 MHD_gtls_gen_server_certificate_request (session, &data);
204 203
205 if (data_size < 0) 204 if (data_size < 0)
206 { 205 {
@@ -299,8 +298,8 @@ MHD_gtls_send_client_certificate_verify (MHD_gtls_session_t session,
299 if (again == 0) 298 if (again == 0)
300 { 299 {
301 data_size = 300 data_size =
302 session->internals. 301 session->internals.auth_struct->
303 auth_struct->MHD_gtls_gen_client_cert_vrfy (session, &data); 302 MHD_gtls_gen_client_cert_vrfy (session, &data);
304 if (data_size < 0) 303 if (data_size < 0)
305 { 304 {
306 MHD_gnutls_assert (); 305 MHD_gnutls_assert ();
@@ -372,8 +371,8 @@ MHD_gtls_recv_server_certificate_request (MHD_gtls_session_t session)
372 int datasize; 371 int datasize;
373 int ret = 0; 372 int ret = 0;
374 373
375 if (session->internals. 374 if (session->internals.auth_struct->
376 auth_struct->MHD_gtls_process_server_certificate_request != NULL) 375 MHD_gtls_process_server_certificate_request != NULL)
377 { 376 {
378 377
379 ret = 378 ret =
@@ -388,10 +387,8 @@ MHD_gtls_recv_server_certificate_request (MHD_gtls_session_t session)
388 return 0; /* ignored */ 387 return 0; /* ignored */
389 388
390 ret = 389 ret =
391 session->internals. 390 session->internals.auth_struct->
392 auth_struct->MHD_gtls_process_server_certificate_request (session, 391 MHD_gtls_process_server_certificate_request (session, data, datasize);
393 data,
394 datasize);
395 MHD_gnutls_free (data); 392 MHD_gnutls_free (data);
396 if (ret < 0) 393 if (ret < 0)
397 return ret; 394 return ret;
@@ -462,8 +459,8 @@ MHD_gtls_send_client_certificate (MHD_gtls_session_t session, int again)
462 /* TLS 1.0 or SSL 3.0 with a valid certificate 459 /* TLS 1.0 or SSL 3.0 with a valid certificate
463 */ 460 */
464 data_size = 461 data_size =
465 session->internals. 462 session->internals.auth_struct->
466 auth_struct->MHD_gtls_gen_client_certificate (session, &data); 463 MHD_gtls_gen_client_certificate (session, &data);
467 464
468 if (data_size < 0) 465 if (data_size < 0)
469 { 466 {
@@ -523,8 +520,8 @@ MHD_gtls_send_server_certificate (MHD_gtls_session_t session, int again)
523 if (again == 0) 520 if (again == 0)
524 { 521 {
525 data_size = 522 data_size =
526 session->internals. 523 session->internals.auth_struct->
527 auth_struct->MHD_gtls_gen_server_certificate (session, &data); 524 MHD_gtls_gen_server_certificate (session, &data);
528 525
529 if (data_size < 0) 526 if (data_size < 0)
530 { 527 {
@@ -620,9 +617,8 @@ MHD_gtls_recv_client_certificate (MHD_gtls_session_t session)
620 return 0; 617 return 0;
621 } 618 }
622 ret = 619 ret =
623 session->internals. 620 session->internals.auth_struct->
624 auth_struct->MHD_gtls_process_client_certificate (session, data, 621 MHD_gtls_process_client_certificate (session, data, datasize);
625 datasize);
626 622
627 MHD_gnutls_free (data); 623 MHD_gnutls_free (data);
628 if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND) 624 if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND)
@@ -666,9 +662,8 @@ MHD_gtls_recv_server_certificate (MHD_gtls_session_t session)
666 } 662 }
667 663
668 ret = 664 ret =
669 session->internals. 665 session->internals.auth_struct->
670 auth_struct->MHD_gtls_process_server_certificate (session, data, 666 MHD_gtls_process_server_certificate (session, data, datasize);
671 datasize);
672 MHD_gnutls_free (data); 667 MHD_gnutls_free (data);
673 if (ret < 0) 668 if (ret < 0)
674 { 669 {
@@ -719,9 +714,8 @@ MHD_gtls_recv_client_certificate_verify_message (MHD_gtls_session_t session)
719 } 714 }
720 715
721 ret = 716 ret =
722 session->internals. 717 session->internals.auth_struct->
723 auth_struct->MHD_gtls_process_client_cert_vrfy (session, data, 718 MHD_gtls_process_client_cert_vrfy (session, data, datasize);
724 datasize);
725 MHD_gnutls_free (data); 719 MHD_gnutls_free (data);
726 if (ret < 0) 720 if (ret < 0)
727 return ret; 721 return ret;
diff --git a/src/daemon/https/tls/gnutls_pk.c b/src/daemon/https/tls/gnutls_pk.c
index 0d3126a7..f8514cae 100644
--- a/src/daemon/https/tls/gnutls_pk.c
+++ b/src/daemon/https/tls/gnutls_pk.c
@@ -634,5 +634,3 @@ MHD__gnutls_pk_sign (int algo, mpi_t * data, mpi_t hash, mpi_t * pkey,
634 gcry_sexp_release (s_sig); 634 gcry_sexp_release (s_sig);
635 return 0; 635 return 0;
636} 636}
637
638
diff --git a/src/daemon/https/tls/gnutls_record.c b/src/daemon/https/tls/gnutls_record.c
index 075ad97d..07a7b46c 100644
--- a/src/daemon/https/tls/gnutls_record.c
+++ b/src/daemon/https/tls/gnutls_record.c
@@ -293,8 +293,8 @@ MHD_gtls_send_int (MHD_gtls_session_t session,
293 293
294 MHD__gnutls_record_log 294 MHD__gnutls_record_log
295 ("REC[%x]: Sending Packet[%d] %s(%d) with length: %d\n", session, 295 ("REC[%x]: Sending Packet[%d] %s(%d) with length: %d\n", session,
296 (int) MHD_gtls_uint64touint32 (&session-> 296 (int) MHD_gtls_uint64touint32 (&session->connection_state.
297 connection_state.write_sequence_number), 297 write_sequence_number),
298 MHD__gnutls_packet2str (type), type, sizeofdata); 298 MHD__gnutls_packet2str (type), type, sizeofdata);
299 299
300 if (sizeofdata > MAX_RECORD_SEND_SIZE) 300 if (sizeofdata > MAX_RECORD_SEND_SIZE)
@@ -856,13 +856,13 @@ begin:
856 856
857 MHD__gnutls_record_log 857 MHD__gnutls_record_log
858 ("REC[%x]: Expected Packet[%d] %s(%d) with length: %d\n", session, 858 ("REC[%x]: Expected Packet[%d] %s(%d) with length: %d\n", session,
859 (int) MHD_gtls_uint64touint32 (&session-> 859 (int) MHD_gtls_uint64touint32 (&session->connection_state.
860 connection_state.read_sequence_number), 860 read_sequence_number),
861 MHD__gnutls_packet2str (type), type, sizeofdata); 861 MHD__gnutls_packet2str (type), type, sizeofdata);
862 MHD__gnutls_record_log 862 MHD__gnutls_record_log
863 ("REC[%x]: Received Packet[%d] %s(%d) with length: %d\n", session, 863 ("REC[%x]: Received Packet[%d] %s(%d) with length: %d\n", session,
864 (int) MHD_gtls_uint64touint32 (&session-> 864 (int) MHD_gtls_uint64touint32 (&session->connection_state.
865 connection_state.read_sequence_number), 865 read_sequence_number),
866 MHD__gnutls_packet2str (recv_type), recv_type, length); 866 MHD__gnutls_packet2str (recv_type), recv_type, length);
867 867
868 if (length > MAX_RECV_SIZE) 868 if (length > MAX_RECV_SIZE)
@@ -938,8 +938,8 @@ begin:
938 938
939 MHD__gnutls_record_log 939 MHD__gnutls_record_log
940 ("REC[%x]: Decrypted Packet[%d] %s(%d) with length: %d\n", session, 940 ("REC[%x]: Decrypted Packet[%d] %s(%d) with length: %d\n", session,
941 (int) MHD_gtls_uint64touint32 (&session-> 941 (int) MHD_gtls_uint64touint32 (&session->connection_state.
942 connection_state.read_sequence_number), 942 read_sequence_number),
943 MHD__gnutls_packet2str (recv_type), recv_type, decrypted_length); 943 MHD__gnutls_packet2str (recv_type), recv_type, decrypted_length);
944 944
945 /* increase sequence number 945 /* increase sequence number
diff --git a/src/daemon/https/tls/gnutls_sig.c b/src/daemon/https/tls/gnutls_sig.c
index ec757999..e27c4684 100644
--- a/src/daemon/https/tls/gnutls_sig.c
+++ b/src/daemon/https/tls/gnutls_sig.c
@@ -75,9 +75,8 @@ MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session,
75 } 75 }
76 76
77 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16], 77 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16],
78 session-> 78 session->security_parameters.
79 security_parameters.master_secret, 79 master_secret, TLS_MASTER_SIZE);
80 TLS_MASTER_SIZE);
81 } 80 }
82 else 81 else
83 MHD_gnutls_hash_deinit (td_sha, &concat[16]); 82 MHD_gnutls_hash_deinit (td_sha, &concat[16]);
@@ -95,9 +94,8 @@ MHD_gtls_tls_sign_hdata (MHD_gtls_session_t session,
95 94
96 if (ver == MHD_GNUTLS_PROTOCOL_SSL3) 95 if (ver == MHD_GNUTLS_PROTOCOL_SSL3)
97 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat, 96 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat,
98 session-> 97 session->security_parameters.
99 security_parameters.master_secret, 98 master_secret, TLS_MASTER_SIZE);
100 TLS_MASTER_SIZE);
101 else 99 else
102 MHD_gnutls_hash_deinit (td_md5, concat); 100 MHD_gnutls_hash_deinit (td_md5, concat);
103 101
@@ -267,8 +265,8 @@ MHD__gnutls_tls_sign (MHD_gtls_session_t session,
267 return GNUTLS_E_INSUFFICIENT_CREDENTIALS; 265 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
268 266
269 return (*session->internals.sign_func) (session, 267 return (*session->internals.sign_func) (session,
270 session-> 268 session->internals.
271 internals.sign_func_userdata, 269 sign_func_userdata,
272 cert->cert_type, &cert->raw, 270 cert->cert_type, &cert->raw,
273 hash_concat, signature); 271 hash_concat, signature);
274 } 272 }
@@ -367,13 +365,11 @@ MHD_gtls_verify_sig_hdata (MHD_gtls_session_t session,
367 } 365 }
368 366
369 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat, 367 MHD_gnutls_mac_deinit_ssl3_handshake (td_md5, concat,
370 session-> 368 session->security_parameters.
371 security_parameters.master_secret, 369 master_secret, TLS_MASTER_SIZE);
372 TLS_MASTER_SIZE);
373 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16], 370 MHD_gnutls_mac_deinit_ssl3_handshake (td_sha, &concat[16],
374 session-> 371 session->security_parameters.
375 security_parameters.master_secret, 372 master_secret, TLS_MASTER_SIZE);
376 TLS_MASTER_SIZE);
377 } 373 }
378 else 374 else
379 { 375 {
diff --git a/src/daemon/https/tls/gnutls_state.c b/src/daemon/https/tls/gnutls_state.c
index f70ec66d..01f51abc 100644
--- a/src/daemon/https/tls/gnutls_state.c
+++ b/src/daemon/https/tls/gnutls_state.c
@@ -771,8 +771,8 @@ MHD_gtls_session_is_export (MHD_gtls_session_t session)
771 enum MHD_GNUTLS_CipherAlgorithm cipher; 771 enum MHD_GNUTLS_CipherAlgorithm cipher;
772 772
773 cipher = 773 cipher =
774 MHD_gtls_cipher_suite_get_cipher_algo (&session-> 774 MHD_gtls_cipher_suite_get_cipher_algo (&session->security_parameters.
775 security_parameters.current_cipher_suite); 775 current_cipher_suite);
776 776
777 if (MHD_gtls_cipher_get_export_flag (cipher) != 0) 777 if (MHD_gtls_cipher_get_export_flag (cipher) != 0)
778 return 1; 778 return 1;
diff --git a/src/daemon/https/tls/gnutls_x509.c b/src/daemon/https/tls/gnutls_x509.c
index 19475656..685c9642 100644
--- a/src/daemon/https/tls/gnutls_x509.c
+++ b/src/daemon/https/tls/gnutls_x509.c
@@ -113,8 +113,8 @@ MHD__gnutls_check_key_cert_match (MHD_gtls_cert_credentials_t res)
113 1].params_size, &kid); 113 1].params_size, &kid);
114 114
115 115
116 MHD__gnutls_x509_write_rsa_params (res->cert_list[res->ncerts - 1][0]. 116 MHD__gnutls_x509_write_rsa_params (res->
117 params, 117 cert_list[res->ncerts - 1][0].params,
118 res->cert_list[res->ncerts - 118 res->cert_list[res->ncerts -
119 1][0].params_size, &cid); 119 1][0].params_size, &cid);
120 120
diff --git a/src/daemon/https/tls/memmem.c b/src/daemon/https/tls/memmem.c
index 5585fa37..77143a7e 100644
--- a/src/daemon/https/tls/memmem.c
+++ b/src/daemon/https/tls/memmem.c
@@ -37,7 +37,7 @@
37 HAYSTACK. */ 37 HAYSTACK. */
38void * 38void *
39memmem (const void *haystack_start, size_t haystack_len, 39memmem (const void *haystack_start, size_t haystack_len,
40 const void *needle_start, size_t needle_len) 40 const void *needle_start, size_t needle_len)
41{ 41{
42 /* Abstract memory is considered to be an array of 'unsigned char' values, 42 /* Abstract memory is considered to be an array of 'unsigned char' values,
43 not an array of 'char' values. See ISO C 99 section 6.2.6.1. */ 43 not an array of 'char' values. See ISO C 99 section 6.2.6.1. */
@@ -62,11 +62,12 @@ memmem (const void *haystack_start, size_t haystack_len,
62 { 62 {
63 haystack = memchr (haystack, *needle, haystack_len); 63 haystack = memchr (haystack, *needle, haystack_len);
64 if (!haystack || __builtin_expect (needle_len == 1, 0)) 64 if (!haystack || __builtin_expect (needle_len == 1, 0))
65 return (void *) haystack; 65 return (void *) haystack;
66 haystack_len -= haystack - (const unsigned char *) haystack_start; 66 haystack_len -= haystack - (const unsigned char *) haystack_start;
67 if (haystack_len < needle_len) 67 if (haystack_len < needle_len)
68 return NULL; 68 return NULL;
69 return two_way_short_needle (haystack, haystack_len, needle, needle_len); 69 return two_way_short_needle (haystack, haystack_len, needle,
70 needle_len);
70 } 71 }
71 else 72 else
72 return two_way_long_needle (haystack, haystack_len, needle, needle_len); 73 return two_way_long_needle (haystack, haystack_len, needle, needle_len);
diff --git a/src/daemon/https/tls/str-two-way.h b/src/daemon/https/tls/str-two-way.h
index 69580736..29bb09f6 100644
--- a/src/daemon/https/tls/str-two-way.h
+++ b/src/daemon/https/tls/str-two-way.h
@@ -103,14 +103,14 @@
103 periodicity. */ 103 periodicity. */
104static size_t 104static size_t
105critical_factorization (const unsigned char *needle, size_t needle_len, 105critical_factorization (const unsigned char *needle, size_t needle_len,
106 size_t *period) 106 size_t * period)
107{ 107{
108 /* Index of last byte of left half, or SIZE_MAX. */ 108 /* Index of last byte of left half, or SIZE_MAX. */
109 size_t max_suffix, max_suffix_rev; 109 size_t max_suffix, max_suffix_rev;
110 size_t j; /* Index into NEEDLE for current candidate suffix. */ 110 size_t j; /* Index into NEEDLE for current candidate suffix. */
111 size_t k; /* Offset into current period. */ 111 size_t k; /* Offset into current period. */
112 size_t p; /* Intermediate period. */ 112 size_t p; /* Intermediate period. */
113 unsigned char a, b; /* Current comparison bytes. */ 113 unsigned char a, b; /* Current comparison bytes. */
114 114
115 /* Invariants: 115 /* Invariants:
116 0 <= j < NEEDLE_LEN - 1 116 0 <= j < NEEDLE_LEN - 1
@@ -119,7 +119,7 @@ critical_factorization (const unsigned char *needle, size_t needle_len,
119 1 <= p <= global period of NEEDLE 119 1 <= p <= global period of NEEDLE
120 p == global period of the substring NEEDLE[max_suffix{,_rev}+1...j] 120 p == global period of the substring NEEDLE[max_suffix{,_rev}+1...j]
121 1 <= k <= p 121 1 <= k <= p
122 */ 122 */
123 123
124 /* Perform lexicographic search. */ 124 /* Perform lexicographic search. */
125 max_suffix = SIZE_MAX; 125 max_suffix = SIZE_MAX;
@@ -130,29 +130,29 @@ critical_factorization (const unsigned char *needle, size_t needle_len,
130 a = CANON_ELEMENT (needle[j + k]); 130 a = CANON_ELEMENT (needle[j + k]);
131 b = CANON_ELEMENT (needle[max_suffix + k]); 131 b = CANON_ELEMENT (needle[max_suffix + k]);
132 if (a < b) 132 if (a < b)
133 { 133 {
134 /* Suffix is smaller, period is entire prefix so far. */ 134 /* Suffix is smaller, period is entire prefix so far. */
135 j += k; 135 j += k;
136 k = 1; 136 k = 1;
137 p = j - max_suffix; 137 p = j - max_suffix;
138 } 138 }
139 else if (a == b) 139 else if (a == b)
140 { 140 {
141 /* Advance through repetition of the current period. */ 141 /* Advance through repetition of the current period. */
142 if (k != p) 142 if (k != p)
143 ++k; 143 ++k;
144 else 144 else
145 { 145 {
146 j += p; 146 j += p;
147 k = 1; 147 k = 1;
148 } 148 }
149 } 149 }
150 else /* b < a */ 150 else /* b < a */
151 { 151 {
152 /* Suffix is larger, start over from current location. */ 152 /* Suffix is larger, start over from current location. */
153 max_suffix = j++; 153 max_suffix = j++;
154 k = p = 1; 154 k = p = 1;
155 } 155 }
156 } 156 }
157 *period = p; 157 *period = p;
158 158
@@ -165,29 +165,29 @@ critical_factorization (const unsigned char *needle, size_t needle_len,
165 a = CANON_ELEMENT (needle[j + k]); 165 a = CANON_ELEMENT (needle[j + k]);
166 b = CANON_ELEMENT (needle[max_suffix_rev + k]); 166 b = CANON_ELEMENT (needle[max_suffix_rev + k]);
167 if (b < a) 167 if (b < a)
168 { 168 {
169 /* Suffix is smaller, period is entire prefix so far. */ 169 /* Suffix is smaller, period is entire prefix so far. */
170 j += k; 170 j += k;
171 k = 1; 171 k = 1;
172 p = j - max_suffix_rev; 172 p = j - max_suffix_rev;
173 } 173 }
174 else if (a == b) 174 else if (a == b)
175 { 175 {
176 /* Advance through repetition of the current period. */ 176 /* Advance through repetition of the current period. */
177 if (k != p) 177 if (k != p)
178 ++k; 178 ++k;
179 else 179 else
180 { 180 {
181 j += p; 181 j += p;
182 k = 1; 182 k = 1;
183 } 183 }
184 } 184 }
185 else /* a < b */ 185 else /* a < b */
186 { 186 {
187 /* Suffix is larger, start over from current location. */ 187 /* Suffix is larger, start over from current location. */
188 max_suffix_rev = j++; 188 max_suffix_rev = j++;
189 k = p = 1; 189 k = p = 1;
190 } 190 }
191 } 191 }
192 192
193 /* Choose the longer suffix. Return the first byte of the right 193 /* Choose the longer suffix. Return the first byte of the right
@@ -210,12 +210,12 @@ critical_factorization (const unsigned char *needle, size_t needle_len,
210 HAYSTACK_LEN - NEEDLE_LEN comparisons occur in searching. */ 210 HAYSTACK_LEN - NEEDLE_LEN comparisons occur in searching. */
211static RETURN_TYPE 211static RETURN_TYPE
212two_way_short_needle (const unsigned char *haystack, size_t haystack_len, 212two_way_short_needle (const unsigned char *haystack, size_t haystack_len,
213 const unsigned char *needle, size_t needle_len) 213 const unsigned char *needle, size_t needle_len)
214{ 214{
215 size_t i; /* Index into current byte of NEEDLE. */ 215 size_t i; /* Index into current byte of NEEDLE. */
216 size_t j; /* Index into current window of HAYSTACK. */ 216 size_t j; /* Index into current window of HAYSTACK. */
217 size_t period; /* The period of the right half of needle. */ 217 size_t period; /* The period of the right half of needle. */
218 size_t suffix; /* The index of the right half of needle. */ 218 size_t suffix; /* The index of the right half of needle. */
219 219
220 /* Factor the needle into two halves, such that the left half is 220 /* Factor the needle into two halves, such that the left half is
221 smaller than the global period, and the right half is 221 smaller than the global period, and the right half is
@@ -227,65 +227,65 @@ two_way_short_needle (const unsigned char *haystack, size_t haystack_len,
227 if (CMP_FUNC (needle, needle + period, suffix) == 0) 227 if (CMP_FUNC (needle, needle + period, suffix) == 0)
228 { 228 {
229 /* Entire needle is periodic; a mismatch can only advance by the 229 /* Entire needle is periodic; a mismatch can only advance by the
230 period, so use memory to avoid rescanning known occurrences 230 period, so use memory to avoid rescanning known occurrences
231 of the period. */ 231 of the period. */
232 size_t memory = 0; 232 size_t memory = 0;
233 j = 0; 233 j = 0;
234 while (AVAILABLE (haystack, haystack_len, j, needle_len)) 234 while (AVAILABLE (haystack, haystack_len, j, needle_len))
235 { 235 {
236 /* Scan for matches in right half. */ 236 /* Scan for matches in right half. */
237 i = MAX (suffix, memory); 237 i = MAX (suffix, memory);
238 while (i < needle_len && (CANON_ELEMENT (needle[i]) 238 while (i < needle_len && (CANON_ELEMENT (needle[i])
239 == CANON_ELEMENT (haystack[i + j]))) 239 == CANON_ELEMENT (haystack[i + j])))
240 ++i; 240 ++i;
241 if (needle_len <= i) 241 if (needle_len <= i)
242 { 242 {
243 /* Scan for matches in left half. */ 243 /* Scan for matches in left half. */
244 i = suffix - 1; 244 i = suffix - 1;
245 while (memory < i + 1 && (CANON_ELEMENT (needle[i]) 245 while (memory < i + 1 && (CANON_ELEMENT (needle[i])
246 == CANON_ELEMENT (haystack[i + j]))) 246 == CANON_ELEMENT (haystack[i + j])))
247 --i; 247 --i;
248 if (i + 1 < memory + 1) 248 if (i + 1 < memory + 1)
249 return (RETURN_TYPE) (haystack + j); 249 return (RETURN_TYPE) (haystack + j);
250 /* No match, so remember how many repetitions of period 250 /* No match, so remember how many repetitions of period
251 on the right half were scanned. */ 251 on the right half were scanned. */
252 j += period; 252 j += period;
253 memory = needle_len - period; 253 memory = needle_len - period;
254 } 254 }
255 else 255 else
256 { 256 {
257 j += i - suffix + 1; 257 j += i - suffix + 1;
258 memory = 0; 258 memory = 0;
259 } 259 }
260 } 260 }
261 } 261 }
262 else 262 else
263 { 263 {
264 /* The two halves of needle are distinct; no extra memory is 264 /* The two halves of needle are distinct; no extra memory is
265 required, and any mismatch results in a maximal shift. */ 265 required, and any mismatch results in a maximal shift. */
266 period = MAX (suffix, needle_len - suffix) + 1; 266 period = MAX (suffix, needle_len - suffix) + 1;
267 j = 0; 267 j = 0;
268 while (AVAILABLE (haystack, haystack_len, j, needle_len)) 268 while (AVAILABLE (haystack, haystack_len, j, needle_len))
269 { 269 {
270 /* Scan for matches in right half. */ 270 /* Scan for matches in right half. */
271 i = suffix; 271 i = suffix;
272 while (i < needle_len && (CANON_ELEMENT (needle[i]) 272 while (i < needle_len && (CANON_ELEMENT (needle[i])
273 == CANON_ELEMENT (haystack[i + j]))) 273 == CANON_ELEMENT (haystack[i + j])))
274 ++i; 274 ++i;
275 if (needle_len <= i) 275 if (needle_len <= i)
276 { 276 {
277 /* Scan for matches in left half. */ 277 /* Scan for matches in left half. */
278 i = suffix - 1; 278 i = suffix - 1;
279 while (i != SIZE_MAX && (CANON_ELEMENT (needle[i]) 279 while (i != SIZE_MAX && (CANON_ELEMENT (needle[i])
280 == CANON_ELEMENT (haystack[i + j]))) 280 == CANON_ELEMENT (haystack[i + j])))
281 --i; 281 --i;
282 if (i == SIZE_MAX) 282 if (i == SIZE_MAX)
283 return (RETURN_TYPE) (haystack + j); 283 return (RETURN_TYPE) (haystack + j);
284 j += period; 284 j += period;
285 } 285 }
286 else 286 else
287 j += i - suffix + 1; 287 j += i - suffix + 1;
288 } 288 }
289 } 289 }
290 return NULL; 290 return NULL;
291} 291}
@@ -304,13 +304,13 @@ two_way_short_needle (const unsigned char *haystack, size_t haystack_len,
304 sublinear performance is not possible. */ 304 sublinear performance is not possible. */
305static RETURN_TYPE 305static RETURN_TYPE
306two_way_long_needle (const unsigned char *haystack, size_t haystack_len, 306two_way_long_needle (const unsigned char *haystack, size_t haystack_len,
307 const unsigned char *needle, size_t needle_len) 307 const unsigned char *needle, size_t needle_len)
308{ 308{
309 size_t i; /* Index into current byte of NEEDLE. */ 309 size_t i; /* Index into current byte of NEEDLE. */
310 size_t j; /* Index into current window of HAYSTACK. */ 310 size_t j; /* Index into current window of HAYSTACK. */
311 size_t period; /* The period of the right half of needle. */ 311 size_t period; /* The period of the right half of needle. */
312 size_t suffix; /* The index of the right half of needle. */ 312 size_t suffix; /* The index of the right half of needle. */
313 size_t shift_table[1U << CHAR_BIT]; /* See below. */ 313 size_t shift_table[1U << CHAR_BIT]; /* See below. */
314 314
315 /* Factor the needle into two halves, such that the left half is 315 /* Factor the needle into two halves, such that the left half is
316 smaller than the global period, and the right half is 316 smaller than the global period, and the right half is
@@ -331,93 +331,93 @@ two_way_long_needle (const unsigned char *haystack, size_t haystack_len,
331 if (CMP_FUNC (needle, needle + period, suffix) == 0) 331 if (CMP_FUNC (needle, needle + period, suffix) == 0)
332 { 332 {
333 /* Entire needle is periodic; a mismatch can only advance by the 333 /* Entire needle is periodic; a mismatch can only advance by the
334 period, so use memory to avoid rescanning known occurrences 334 period, so use memory to avoid rescanning known occurrences
335 of the period. */ 335 of the period. */
336 size_t memory = 0; 336 size_t memory = 0;
337 size_t shift; 337 size_t shift;
338 j = 0; 338 j = 0;
339 while (AVAILABLE (haystack, haystack_len, j, needle_len)) 339 while (AVAILABLE (haystack, haystack_len, j, needle_len))
340 { 340 {
341 /* Check the last byte first; if it does not match, then 341 /* Check the last byte first; if it does not match, then
342 shift to the next possible match location. */ 342 shift to the next possible match location. */
343 shift = shift_table[CANON_ELEMENT (haystack[j + needle_len - 1])]; 343 shift = shift_table[CANON_ELEMENT (haystack[j + needle_len - 1])];
344 if (0 < shift) 344 if (0 < shift)
345 { 345 {
346 if (memory && shift < period) 346 if (memory && shift < period)
347 { 347 {
348 /* Since needle is periodic, but the last period has 348 /* Since needle is periodic, but the last period has
349 a byte out of place, there can be no match until 349 a byte out of place, there can be no match until
350 after the mismatch. */ 350 after the mismatch. */
351 shift = needle_len - period; 351 shift = needle_len - period;
352 memory = 0; 352 memory = 0;
353 } 353 }
354 j += shift; 354 j += shift;
355 continue; 355 continue;
356 } 356 }
357 /* Scan for matches in right half. The last byte has 357 /* Scan for matches in right half. The last byte has
358 already been matched, by virtue of the shift table. */ 358 already been matched, by virtue of the shift table. */
359 i = MAX (suffix, memory); 359 i = MAX (suffix, memory);
360 while (i < needle_len - 1 && (CANON_ELEMENT (needle[i]) 360 while (i < needle_len - 1 && (CANON_ELEMENT (needle[i])
361 == CANON_ELEMENT (haystack[i + j]))) 361 == CANON_ELEMENT (haystack[i + j])))
362 ++i; 362 ++i;
363 if (needle_len - 1 <= i) 363 if (needle_len - 1 <= i)
364 { 364 {
365 /* Scan for matches in left half. */ 365 /* Scan for matches in left half. */
366 i = suffix - 1; 366 i = suffix - 1;
367 while (memory < i + 1 && (CANON_ELEMENT (needle[i]) 367 while (memory < i + 1 && (CANON_ELEMENT (needle[i])
368 == CANON_ELEMENT (haystack[i + j]))) 368 == CANON_ELEMENT (haystack[i + j])))
369 --i; 369 --i;
370 if (i + 1 < memory + 1) 370 if (i + 1 < memory + 1)
371 return (RETURN_TYPE) (haystack + j); 371 return (RETURN_TYPE) (haystack + j);
372 /* No match, so remember how many repetitions of period 372 /* No match, so remember how many repetitions of period
373 on the right half were scanned. */ 373 on the right half were scanned. */
374 j += period; 374 j += period;
375 memory = needle_len - period; 375 memory = needle_len - period;
376 } 376 }
377 else 377 else
378 { 378 {
379 j += i - suffix + 1; 379 j += i - suffix + 1;
380 memory = 0; 380 memory = 0;
381 } 381 }
382 } 382 }
383 } 383 }
384 else 384 else
385 { 385 {
386 /* The two halves of needle are distinct; no extra memory is 386 /* The two halves of needle are distinct; no extra memory is
387 required, and any mismatch results in a maximal shift. */ 387 required, and any mismatch results in a maximal shift. */
388 size_t shift; 388 size_t shift;
389 period = MAX (suffix, needle_len - suffix) + 1; 389 period = MAX (suffix, needle_len - suffix) + 1;
390 j = 0; 390 j = 0;
391 while (AVAILABLE (haystack, haystack_len, j, needle_len)) 391 while (AVAILABLE (haystack, haystack_len, j, needle_len))
392 { 392 {
393 /* Check the last byte first; if it does not match, then 393 /* Check the last byte first; if it does not match, then
394 shift to the next possible match location. */ 394 shift to the next possible match location. */
395 shift = shift_table[CANON_ELEMENT (haystack[j + needle_len - 1])]; 395 shift = shift_table[CANON_ELEMENT (haystack[j + needle_len - 1])];
396 if (0 < shift) 396 if (0 < shift)
397 { 397 {
398 j += shift; 398 j += shift;
399 continue; 399 continue;
400 } 400 }
401 /* Scan for matches in right half. The last byte has 401 /* Scan for matches in right half. The last byte has
402 already been matched, by virtue of the shift table. */ 402 already been matched, by virtue of the shift table. */
403 i = suffix; 403 i = suffix;
404 while (i < needle_len - 1 && (CANON_ELEMENT (needle[i]) 404 while (i < needle_len - 1 && (CANON_ELEMENT (needle[i])
405 == CANON_ELEMENT (haystack[i + j]))) 405 == CANON_ELEMENT (haystack[i + j])))
406 ++i; 406 ++i;
407 if (needle_len - 1 <= i) 407 if (needle_len - 1 <= i)
408 { 408 {
409 /* Scan for matches in left half. */ 409 /* Scan for matches in left half. */
410 i = suffix - 1; 410 i = suffix - 1;
411 while (i != SIZE_MAX && (CANON_ELEMENT (needle[i]) 411 while (i != SIZE_MAX && (CANON_ELEMENT (needle[i])
412 == CANON_ELEMENT (haystack[i + j]))) 412 == CANON_ELEMENT (haystack[i + j])))
413 --i; 413 --i;
414 if (i == SIZE_MAX) 414 if (i == SIZE_MAX)
415 return (RETURN_TYPE) (haystack + j); 415 return (RETURN_TYPE) (haystack + j);
416 j += period; 416 j += period;
417 } 417 }
418 else 418 else
419 j += i - suffix + 1; 419 j += i - suffix + 1;
420 } 420 }
421 } 421 }
422 return NULL; 422 return NULL;
423} 423}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-18 04:52:53 +0000