Merge branch 'master' of github.com:cyassl/cyassl

2014-10-03 13:27:22 -07:00 · 2014-10-03 13:27:22 -07:00 · b95b2a8463
commit b95b2a8463
parent 80a474ebad 24bfade874
3 changed files with 24 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -2,6 +2,7 @@
 *.lo
 *.la
 *.o
+*.patch
 *.deps
 *.libs
 *.cache
--- a/configure.ac
+++ b/configure.ac
@ -1342,6 +1342,10 @@ AC_ARG_ENABLE([secure-renegotiation],

 if test "x$ENABLED_SECURE_RENEGOTIATION" = "xyes"
 then
+    if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes"
+    then
+        AC_MSG_ERROR([cannot enable renegotiation-indication and secure-renegotiation.])
+    fi
    AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SECURE_RENEGOTIATION"
 fi

--- a/src/internal.c
+++ b/src/internal.c
@ -63,6 +63,10 @@
 CYASSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS
 #endif

+#if defined(HAVE_SECURE_RENEGOTIATION) && defined(HAVE_RENEGOTIATION_INDICATION)
+    #error Cannot use both secure-renegotiation and renegotiation-indication
+#endif
+
 static int BuildMessage(CYASSL* ssl, byte* output, int outSz,
                        const byte* input, int inSz, int type);

@ -2986,6 +2990,12 @@ int GrowInputBuffer(CYASSL* ssl, int size, int usedLength)
 /* check available size into output buffer, make room if needed */
 int CheckAvailableSize(CYASSL *ssl, int size)
 {
+
+    if (size < 0) {
+        CYASSL_MSG("CheckAvailableSize() called with negative number");
+        return BAD_FUNC_ARG;
+    }
+
    if (ssl->buffers.outputBuffer.bufferSize - ssl->buffers.outputBuffer.length
                                             < (word32)size) {
        if (GrowOutputBuffer(ssl, size) < 0)
@ -7148,6 +7158,11 @@ int SendData(CYASSL* ssl, const void* data, int sz)
            /* advance sent to previous sent + plain size just sent */
            sent = ssl->buffers.prevSent + ssl->buffers.plainSz;
            CYASSL_MSG("sent write buffered data");
+
+            if (sent > sz) {
+                CYASSL_MSG("error: write() after WANT_WRITE with short size");
+                return ssl->error = BAD_FUNC_ARG;
+            }
        }
    }

@ -10469,6 +10484,10 @@ int DoSessionTicket(CYASSL* ssl,
        ssl->session.ticketLen = 0;
    }

+    if (ssl->keys.encryptionOn) {
+        *inOutIdx += ssl->keys.padSz;
+    }
+
    return BuildFinished(ssl, &ssl->verifyHashes, server);
 }
 #endif /* HAVE_SESSION_TICKET */