diff options
author | Martin Willi <martin@revosec.ch> | 2011-12-30 18:29:11 +0100 |
---|---|---|
committer | Martin Willi <martin@revosec.ch> | 2011-12-31 13:14:49 +0100 |
commit | 4caa380625e583c9bad5b9333e65ef1f9486bb2a (patch) | |
tree | a2c1506149b99baae89b590f5f6fc4eab0d28948 /src/libtls/tls_peer.c | |
parent | 7c0c2349a9e0e64a96695c369bccdb244c1b9344 (diff) | |
download | strongswan-4caa380625e583c9bad5b9333e65ef1f9486bb2a.tar.bz2 strongswan-4caa380625e583c9bad5b9333e65ef1f9486bb2a.tar.xz |
Separated cipherspec checking and switching, allowing us to defer the second
Diffstat (limited to 'src/libtls/tls_peer.c')
-rw-r--r-- | src/libtls/tls_peer.c | 32 |
1 files changed, 19 insertions, 13 deletions
diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c index d3b5ff0aa..de878c0a5 100644 --- a/src/libtls/tls_peer.c +++ b/src/libtls/tls_peer.c @@ -1042,28 +1042,34 @@ METHOD(tls_handshake_t, build, status_t, } METHOD(tls_handshake_t, cipherspec_changed, bool, - private_tls_peer_t *this) + private_tls_peer_t *this, bool inbound) { - if ((this->peer && this->state == STATE_VERIFY_SENT) || - (!this->peer && this->state == STATE_KEY_EXCHANGE_SENT)) + if (inbound) { - this->crypto->change_cipher(this->crypto, FALSE); - this->state = STATE_CIPHERSPEC_CHANGED_OUT; - return TRUE; + return this->state == STATE_FINISHED_SENT; + } + else + { + if (this->peer) + { + return this->state == STATE_VERIFY_SENT; + } + return this->state == STATE_KEY_EXCHANGE_SENT; } - return FALSE; } -METHOD(tls_handshake_t, change_cipherspec, bool, - private_tls_peer_t *this) +METHOD(tls_handshake_t, change_cipherspec, void, + private_tls_peer_t *this, bool inbound) { - if (this->state == STATE_FINISHED_SENT) + this->crypto->change_cipher(this->crypto, inbound); + if (inbound) { - this->crypto->change_cipher(this->crypto, TRUE); this->state = STATE_CIPHERSPEC_CHANGED_IN; - return TRUE; } - return FALSE; + else + { + this->state = STATE_CIPHERSPEC_CHANGED_OUT; + } } METHOD(tls_handshake_t, finished, bool, |