summaryrefslogtreecommitdiff
path: root/src/libtls
diff options
context:
space:
mode:
Diffstat (limited to 'src/libtls')
-rw-r--r--src/libtls/Makefile.in9
-rw-r--r--src/libtls/tls.h4
-rw-r--r--src/libtls/tls_crypto.c19
-rw-r--r--src/libtls/tls_eap.c11
-rw-r--r--src/libtls/tls_reader.c24
-rw-r--r--src/libtls/tls_writer.c4
6 files changed, 71 insertions, 0 deletions
diff --git a/src/libtls/Makefile.in b/src/libtls/Makefile.in
index 93e8b4a9b..8eeed98b3 100644
--- a/src/libtls/Makefile.in
+++ b/src/libtls/Makefile.in
@@ -195,7 +195,13 @@ includedir = @includedir@
infodir = @infodir@
install_sh = @install_sh@
ipsecdir = @ipsecdir@
+<<<<<<< HEAD
+ipsecgid = @ipsecgid@
ipsecgroup = @ipsecgroup@
+ipsecuid = @ipsecuid@
+=======
+ipsecgroup = @ipsecgroup@
+>>>>>>> upstream/4.5.1
ipsecuser = @ipsecuser@
libcharon_plugins = @libcharon_plugins@
libdir = @libdir@
@@ -234,8 +240,11 @@ sbindir = @sbindir@
scepclient_plugins = @scepclient_plugins@
scripts_plugins = @scripts_plugins@
sharedstatedir = @sharedstatedir@
+<<<<<<< HEAD
+=======
soup_CFLAGS = @soup_CFLAGS@
soup_LIBS = @soup_LIBS@
+>>>>>>> upstream/4.5.1
srcdir = @srcdir@
strongswan_conf = @strongswan_conf@
sysconfdir = @sysconfdir@
diff --git a/src/libtls/tls.h b/src/libtls/tls.h
index e2c377ad3..f929f43fc 100644
--- a/src/libtls/tls.h
+++ b/src/libtls/tls.h
@@ -202,7 +202,11 @@ struct tls_t {
/**
* Check if TLS negotiation completed successfully.
*
+<<<<<<< HEAD
+ * @return TRUE if TLS negotation and authentication complete
+=======
* @return TRUE if TLS negotiation and authentication complete
+>>>>>>> upstream/4.5.1
*/
bool (*is_complete)(tls_t *this);
diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c
index b4eaf4d79..14eb270a2 100644
--- a/src/libtls/tls_crypto.c
+++ b/src/libtls/tls_crypto.c
@@ -626,6 +626,17 @@ static void filter_suite(private_tls_crypto_t *this,
suite_algs_t suites[], int *count, int offset,
enumerator_t*(*create_enumerator)(crypto_factory_t*))
{
+<<<<<<< HEAD
+ suite_algs_t current;
+ int i, remaining = 0;
+ enumerator_t *enumerator;
+
+ memset(&current, 0, sizeof(current));
+ for (i = 0; i < *count; i++)
+ {
+ enumerator = create_enumerator(lib->crypto);
+ while (enumerator->enumerate(enumerator, ((char*)&current) + offset))
+=======
const char *plugin_name;
suite_algs_t current;
int *current_alg, i, remaining = 0;
@@ -638,6 +649,7 @@ static void filter_suite(private_tls_crypto_t *this,
{
enumerator = create_enumerator(lib->crypto);
while (enumerator->enumerate(enumerator, current_alg, &plugin_name))
+>>>>>>> upstream/4.5.1
{
if ((suites[i].encr == ENCR_NULL ||
!current.encr || current.encr == suites[i].encr) &&
@@ -1063,11 +1075,18 @@ METHOD(tls_crypto_t, get_signature_algorithms, void,
enumerator_t *enumerator;
hash_algorithm_t alg;
tls_hash_algorithm_t hash;
+<<<<<<< HEAD
+
+ supported = tls_writer_create(32);
+ enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
+ while (enumerator->enumerate(enumerator, &alg))
+=======
const char *plugin_name;
supported = tls_writer_create(32);
enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
while (enumerator->enumerate(enumerator, &alg, &plugin_name))
+>>>>>>> upstream/4.5.1
{
switch (alg)
{
diff --git a/src/libtls/tls_eap.c b/src/libtls/tls_eap.c
index 8204a3441..2f3627485 100644
--- a/src/libtls/tls_eap.c
+++ b/src/libtls/tls_eap.c
@@ -303,13 +303,23 @@ METHOD(tls_eap_t, process, status_t,
DBG2(DBG_TLS, "received %N acknowledgement packet",
eap_type_names, this->type);
status = build_pkt(this, pkt->identifier, out);
+<<<<<<< HEAD
+ if (status == INVALID_STATE &&
+ this->tls->is_complete(this->tls))
+=======
if (status == INVALID_STATE && this->tls->is_complete(this->tls))
+>>>>>>> upstream/4.5.1
{
return SUCCESS;
}
return status;
}
status = process_pkt(this, pkt);
+<<<<<<< HEAD
+ if (status != NEED_MORE)
+ {
+ return status;
+=======
switch (status)
{
case NEED_MORE:
@@ -318,6 +328,7 @@ METHOD(tls_eap_t, process, status_t,
return this->tls->is_complete(this->tls) ? SUCCESS : FAILED;
default:
return status;
+>>>>>>> upstream/4.5.1
}
}
status = build_pkt(this, pkt->identifier, out);
diff --git a/src/libtls/tls_reader.c b/src/libtls/tls_reader.c
index 2b3cd8cac..f13cdc931 100644
--- a/src/libtls/tls_reader.c
+++ b/src/libtls/tls_reader.c
@@ -52,8 +52,13 @@ METHOD(tls_reader_t, read_uint8, bool,
{
if (this->buf.len < 1)
{
+<<<<<<< HEAD
+ DBG1(DBG_TLS, "%d bytes insufficient to parse uint%d TLS data",
+ this->buf.len, 8);
+=======
DBG1(DBG_TLS, "%d bytes insufficient to parse u_int8 data",
this->buf.len);
+>>>>>>> upstream/4.5.1
return FALSE;
}
*res = this->buf.ptr[0];
@@ -66,8 +71,13 @@ METHOD(tls_reader_t, read_uint16, bool,
{
if (this->buf.len < 2)
{
+<<<<<<< HEAD
+ DBG1(DBG_TLS, "%d bytes insufficient to parse uint%d TLS data",
+ this->buf.len, 16);
+=======
DBG1(DBG_TLS, "%d bytes insufficient to parse u_int16 data",
this->buf.len);
+>>>>>>> upstream/4.5.1
return FALSE;
}
*res = untoh16(this->buf.ptr);
@@ -80,8 +90,13 @@ METHOD(tls_reader_t, read_uint24, bool,
{
if (this->buf.len < 3)
{
+<<<<<<< HEAD
+ DBG1(DBG_TLS, "%d bytes insufficient to parse uint%d TLS data",
+ this->buf.len, 24);
+=======
DBG1(DBG_TLS, "%d bytes insufficient to parse u_int24 data",
this->buf.len);
+>>>>>>> upstream/4.5.1
return FALSE;
}
*res = untoh32(this->buf.ptr) >> 8;
@@ -94,8 +109,13 @@ METHOD(tls_reader_t, read_uint32, bool,
{
if (this->buf.len < 4)
{
+<<<<<<< HEAD
+ DBG1(DBG_TLS, "%d bytes insufficient to parse uint%d TLS data",
+ this->buf.len, 32);
+=======
DBG1(DBG_TLS, "%d bytes insufficient to parse u_int32 data",
this->buf.len);
+>>>>>>> upstream/4.5.1
return FALSE;
}
*res = untoh32(this->buf.ptr);
@@ -108,7 +128,11 @@ METHOD(tls_reader_t, read_data, bool,
{
if (this->buf.len < len)
{
+<<<<<<< HEAD
+ DBG1(DBG_TLS, "%d bytes insufficient to parse %d bytes TLS data",
+=======
DBG1(DBG_TLS, "%d bytes insufficient to parse %d bytes of data",
+>>>>>>> upstream/4.5.1
this->buf.len, len);
return FALSE;
}
diff --git a/src/libtls/tls_writer.c b/src/libtls/tls_writer.c
index e87c2efea..d7382e3fd 100644
--- a/src/libtls/tls_writer.c
+++ b/src/libtls/tls_writer.c
@@ -226,7 +226,11 @@ tls_writer_t *tls_writer_create(u_int32_t bufsize)
.get_buf = _get_buf,
.destroy = _destroy,
},
+<<<<<<< HEAD
+ .increase = bufsize ?: 32,
+=======
.increase = bufsize ? max(bufsize, 4) : 32,
+>>>>>>> upstream/4.5.1
);
if (bufsize)
{
generated by cgit v1.2.3 (git 2.39.1) at 2026-01-30 05:16:39 +0000