[gnutls-devel] GnuTLS | Implement new tls channel biding types (!1422)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Mon May 3 11:04:44 CEST 2021
Merge request https://gitlab.com/gnutls/gnutls/-/merge_requests/1422 was reviewed by Daiki Ueno
--
Daiki Ueno started a new discussion on lib/state.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1422#note_565796530
> +
> + /* preallocate 512 bits buffer as maximum supported digest */
> + rlen = 64;
Let's use `MAX_HASH_SIZE`.
--
Daiki Ueno started a new discussion on lib/state.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1422#note_565796531
> + &rlen);
> + if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
> + cb->data = gnutls_realloc (cb->data, cb->size);
Use `gnutls_realloc_fast` or temporary variable to avoid potential memleak:
https://redhat-crypto.gitlab.io/defensive-coding-guide/#sect-Defensive_Coding-C-Allocators
--
Daiki Ueno started a new discussion on tests/tls-channel-binding.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1422#note_565796534
> +}
> +
> +void doit(void)
This is great, thank you for adding the tests!
--
Daiki Ueno started a new discussion on lib/state.c: https://gitlab.com/gnutls/gnutls/-/merge_requests/1422#note_565796537
> + if (cbtype == GNUTLS_CB_TLS_UNIQUE) {
> + if (get_num_version(session) == GNUTLS_TLS1_3)
> + return GNUTLS_E_UNIMPLEMENTED_FEATURE;
```suggestion:-1+0
const version_entry_st *ver = get_version(session);
if (unlikely(ver == NULL || ver->tls13_sem)) {
return GNUTLS_E_INVALID_REQUEST;
}
```
might be a little more future-proof?
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/1422
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20210503/49cf6c4c/attachment.html>
More information about the Gnutls-devel
mailing list