/*

 * Copyright (C) 2000-2012 Free Software Foundation, Inc.

 *

 * Author: Nikos Mavrogiannopoulos

 *

 * This file is part of GnuTLS.

 *

 * The GnuTLS is free software; you can redistribute it and/or

 * modify it under the terms of the GNU Lesser General Public License

 * as published by the Free Software Foundation; either version 2.1 of

 * the License, or (at your option) any later version.

 *

 * This library is distributed in the hope that it will be useful, but

 * WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

 * Lesser General Public License for more details.

 *

 * You should have received a copy of the GNU Lesser General Public License

 * along with this program.  If not, see <https://www.gnu.org/licenses/>

 *

 */

/*

 * This file holds all the buffering code used in gnutls.

 * The buffering code works as:

 *

 * RECORD LAYER:

 *  1. uses a buffer to hold data (application/handshake),

 *    we got but they were not requested, yet.

 *  (see gnutls_record_buffer_put(), gnutls_record_buffer_get_size() etc.)

 *

 *  2. uses a buffer to hold data that were incomplete (ie the read/write

 *    was interrupted)

 *  (see _gnutls_io_read_buffered(), _gnutls_io_write_buffered() etc.)

 *

 * HANDSHAKE LAYER:

 *  1. Uses buffer to hold the last received handshake message.

 *  (see _gnutls_handshake_hash_buffer_put() etc.)

 *

 */

#include "gnutls_int.h"

#include "errors.h"

#include <num.h>

#include <record.h>

#include <buffers.h>

#include <mbuffers.h>

#include <state.h>

#include <dtls.h>

#include <system.h>

#include <constate.h>	/* gnutls_epoch_get */

#include <handshake.h>	/* remaining_time() */

#include <errno.h>

#include <system.h>

#include "debug.h"

#ifndef EAGAIN

#define EAGAIN EWOULDBLOCK

#endif

/* this is the maximum number of messages allowed to queue.

 */

#define MAX_QUEUE 32

/* Buffers received packets of type APPLICATION DATA,

 * HANDSHAKE DATA and HEARTBEAT.

 */

void

_gnutls_record_buffer_put(gnutls_session_t session,

			  content_type_t type, uint64_t seq,

			  mbuffer_st * bufel)

{

	bufel->type = type;

	bufel->record_sequence = seq;

	_mbuffer_enqueue(&session->internals.record_buffer, bufel);

	_gnutls_buffers_log("BUF[REC]: Inserted %d bytes of Data(%d)\n",

			    (int) bufel->msg.size, (int) type);

	return;

}

/**

 * gnutls_record_check_pending:

 * @session: is a #gnutls_session_t type.

 *

 * This function checks if there are unread data

 * in the gnutls buffers. If the return value is

 * non-zero the next call to gnutls_record_recv()

 * is guaranteed not to block.

 *

 * Returns: Returns the size of the data or zero.

 **/

size_t gnutls_record_check_pending(gnutls_session_t session)

{

	return _gnutls_record_buffer_get_size(session);

}

/**

 * gnutls_record_check_corked:

 * @session: is a #gnutls_session_t type.

 *

 * This function checks if there pending corked

 * data in the gnutls buffers --see gnutls_record_cork().

 *

 * Returns: Returns the size of the corked data or zero.

 *

 * Since: 3.2.8

 **/

size_t gnutls_record_check_corked(gnutls_session_t session)

{

	return session->internals.record_presend_buffer.length;

}

int

_gnutls_record_buffer_get(content_type_t type,

			  gnutls_session_t session, uint8_t * data,

			  size_t length, uint8_t seq[8])

{

	gnutls_datum_t msg;

	mbuffer_st *bufel;

	if (length == 0 || data == NULL) {

		gnutls_assert();

		return GNUTLS_E_INVALID_REQUEST;

	}

	bufel =

	    _mbuffer_head_get_first(&session->internals.record_buffer,

				    &msg;;

	if (bufel == NULL)

		return

		    gnutls_assert_val

		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);

	if (type != bufel->type) {

		if (IS_DTLS(session))

			_gnutls_audit_log(session,

					  "Discarded unexpected %s (%d) packet (expecting: %s (%d))\n",

					  _gnutls_packet2str(bufel->type),

					  (int) bufel->type,

					  _gnutls_packet2str(type),

					  (int) type);

		else

			_gnutls_debug_log("received unexpected packet: %s(%d)\n",

						_gnutls_packet2str(bufel->type), (int)bufel->type);

		_mbuffer_head_remove_bytes(&session->internals.

					   record_buffer, msg.size);

		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);

	}

	if (msg.size <= length)

		length = msg.size;

	if (seq)

		_gnutls_write_uint64(bufel->record_sequence, seq);

	memcpy(data, msg.data, length);

	_mbuffer_head_remove_bytes(&session->internals.record_buffer,

				   length);

	return length;

}

int

_gnutls_record_buffer_get_packet(content_type_t type, gnutls_session_t session, gnutls_packet_t *packet)

{

	mbuffer_st *bufel;

	bufel =

	    _mbuffer_head_pop_first(&session->internals.record_buffer);

	if (bufel == NULL)

		return

		    gnutls_assert_val

		    (GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);

	if (type != bufel->type) {

		if (IS_DTLS(session))

			_gnutls_audit_log(session,

					  "Discarded unexpected %s (%d) packet (expecting: %s)\n",

					  _gnutls_packet2str(bufel->type),

					  (int) bufel->type,

					  _gnutls_packet2str(type));

		_mbuffer_head_remove_bytes(&session->internals.

					   record_buffer, bufel->msg.size);

		return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET);

	}

	*packet = bufel;

	return bufel->msg.size - bufel->mark;

}

inline static void reset_errno(gnutls_session_t session)

{

	session->internals.errnum = 0;

}

inline static int get_errno(gnutls_session_t session)

{

	int ret;

	if (session->internals.errnum != 0)

		ret = session->internals.errnum;

	else

		ret =

		    session->internals.errno_func(session->internals.

						  transport_recv_ptr);

	return ret;

}

inline static

int errno_to_gerr(int err, unsigned dtls)

{

	switch (err) {

	case EAGAIN:

		return GNUTLS_E_AGAIN;

	case EINTR:

		return GNUTLS_E_INTERRUPTED;

	case EMSGSIZE:

		if (dtls != 0)

			return GNUTLS_E_LARGE_PACKET;

		else

			return GNUTLS_E_PUSH_ERROR;

	case ECONNRESET:

		return GNUTLS_E_PREMATURE_TERMINATION;

	default:

		gnutls_assert();

		return GNUTLS_E_PUSH_ERROR;

	}

}

static ssize_t

_gnutls_dgram_read(gnutls_session_t session, mbuffer_st ** bufel,

		   gnutls_pull_func pull_func, unsigned int *ms)

{

	ssize_t i, ret;

	uint8_t *ptr;

	struct timespec t1, t2;

	size_t max_size, recv_size;

	gnutls_transport_ptr_t fd = session->internals.transport_recv_ptr;

	unsigned int diff;

	max_size = max_record_recv_size(session);

	recv_size = max_size;

	session->internals.direction = 0;

	if (ms && *ms > 0) {

		ret = _gnutls_io_check_recv(session, *ms);

		if (ret < 0)

			return gnutls_assert_val(ret);

		gnutls_gettime(&t1;;

	}

	*bufel = _mbuffer_alloc_align16(max_size, get_total_headers(session));

	if (*bufel == NULL)

		return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);

	ptr = (*bufel)->msg.data;

	reset_errno(session);

	i = pull_func(fd, ptr, recv_size);

	if (i < 0) {

		int err = get_errno(session);

		_gnutls_read_log("READ: %d returned from %p, errno=%d\n",

				 (int) i, fd, err);

		ret = errno_to_gerr(err, 1);

		goto cleanup;

	} else {

		_gnutls_read_log("READ: Got %d bytes from %p\n", (int) i,

				 fd);

		if (i == 0) {

			/* If we get here, we likely have a stream socket.

			 * That assumption may not work on DCCP. */

			gnutls_assert();

			ret = 0;

			goto cleanup;

		}

		_mbuffer_set_udata_size(*bufel, i);

	}

	if (ms && *ms > 0) {

		gnutls_gettime(&t2;;

		diff = timespec_sub_ms(&t2, &t1;;

		if (diff < *ms)

			*ms -= diff;

		else {

			ret = gnutls_assert_val(GNUTLS_E_TIMEDOUT);

			goto cleanup;

		}

	}

	_gnutls_read_log("READ: read %d bytes from %p\n", (int) i, fd);

	return i;

      cleanup:

	_mbuffer_xfree(bufel);

	return ret;

}

static ssize_t

_gnutls_stream_read(gnutls_session_t session, mbuffer_st ** bufel,

		    size_t size, gnutls_pull_func pull_func,

		    unsigned int *ms)

{

	size_t left;

	ssize_t i = 0;

	size_t max_size = max_record_recv_size(session);

	uint8_t *ptr;

	gnutls_transport_ptr_t fd = session->internals.transport_recv_ptr;

	int ret;

	struct timespec t1, t2;

	unsigned int diff;

	session->internals.direction = 0;

	*bufel = _mbuffer_alloc_align16(MAX(max_size, size), get_total_headers(session));

	if (!*bufel) {

		gnutls_assert();

		return GNUTLS_E_MEMORY_ERROR;

	}

	ptr = (*bufel)->msg.data;

	left = size;

	while (left > 0) {

		if (ms && *ms > 0) {

			ret = _gnutls_io_check_recv(session, *ms);

			if (ret < 0) {

				gnutls_assert();

				goto cleanup;

			}

			gnutls_gettime(&t1;;

		}

		reset_errno(session);

		i = pull_func(fd, &ptr[size - left], left);

		if (i < 0) {

			int err = get_errno(session);

			_gnutls_read_log

			    ("READ: %d returned from %p, errno=%d gerrno=%d\n",

			     (int) i, fd, errno,

			     session->internals.errnum);

			if (err == EAGAIN || err == EINTR) {

				if (size - left > 0) {

					_gnutls_read_log

					    ("READ: returning %d bytes from %p\n",

					     (int) (size - left), fd);

					goto finish;

				}

				ret = errno_to_gerr(err, 0);

				goto cleanup;

			} else {

				gnutls_assert();

				ret = GNUTLS_E_PULL_ERROR;

				goto cleanup;

			}

		} else {

			_gnutls_read_log("READ: Got %d bytes from %p\n",

					 (int) i, fd);

			if (i == 0)

				break;	/* EOF */

		}

		left -= i;

		(*bufel)->msg.size += i;

		if (ms && *ms > 0 && *ms != GNUTLS_INDEFINITE_TIMEOUT) {

			gnutls_gettime(&t2;;

			diff = timespec_sub_ms(&t2, &t1;;

			if (diff < *ms)

				*ms -= diff;

			else {

				ret = gnutls_assert_val(GNUTLS_E_TIMEDOUT);

				goto cleanup;

			}

		}

	}

      finish:

	_gnutls_read_log("READ: read %d bytes from %p\n",

			 (int) (size - left), fd);

	if (size - left == 0)

		_mbuffer_xfree(bufel);

	return (size - left);

      cleanup:

	_mbuffer_xfree(bufel);

	return ret;

}

/* This function is like read. But it does not return -1 on error.

 * It does return gnutls_errno instead.

 *

 * Flags are only used if the default recv() function is being used.

 */

static ssize_t

_gnutls_read(gnutls_session_t session, mbuffer_st ** bufel,

	     size_t size, gnutls_pull_func pull_func, unsigned int *ms)

{

	if (IS_DTLS(session))

		/* Size is not passed, since a whole datagram will be read. */

		return _gnutls_dgram_read(session, bufel, pull_func, ms);

	else

		return _gnutls_stream_read(session, bufel, size, pull_func,

					   ms);

}

/* @vec: if non-zero then the vector function will be used to

 *       push the data.

 */

static ssize_t

_gnutls_writev_emu(gnutls_session_t session, gnutls_transport_ptr_t fd,

		   const giovec_t * giovec, unsigned int giovec_cnt, unsigned vec)

{

	unsigned int j = 0;

	size_t total = 0;

	ssize_t ret = 0;

	for (j = 0; j < giovec_cnt; j++) {

		if (vec) {

			ret = session->internals.vec_push_func(fd, &giovec[j], 1);

		} else {

			size_t sent = 0;

			ssize_t left = giovec[j].iov_len;

			char *p = giovec[j].iov_base;

			do {

				ret =

				    session->internals.push_func(fd, p,

								 left);

				if (ret > 0) {

					sent += ret;

					left -= ret;

					p += ret;

				}

			} while(ret > 0 && left > 0);

			if (sent > 0)

				ret = sent;

		}

		if (ret == -1) {

			gnutls_assert();

			break;

		}

		total += ret;

		if ((size_t) ret != giovec[j].iov_len)

			break;

	}

	if (total > 0)

		return total;

	return ret;

}

/* @total: The sum of the data in giovec

 */

static ssize_t

_gnutls_writev(gnutls_session_t session, const giovec_t * giovec,

	       unsigned giovec_cnt, unsigned total)

{

	int i;

	bool is_dtls = IS_DTLS(session);

	unsigned no_writev = 0;

	gnutls_transport_ptr_t fd = session->internals.transport_send_ptr;

	reset_errno(session);

	if (session->internals.vec_push_func != NULL) {

		if (is_dtls && giovec_cnt > 1) {

			if (total > session->internals.dtls.mtu) {

				no_writev = 1;

			}

		}

		if (no_writev == 0) {

			i = session->internals.vec_push_func(fd, giovec, giovec_cnt);

		} else {

			i = _gnutls_writev_emu(session, fd, giovec, giovec_cnt, 1);

		}

	} else if (session->internals.push_func != NULL) {

		i = _gnutls_writev_emu(session, fd, giovec, giovec_cnt, 0);

	} else

		return gnutls_assert_val(GNUTLS_E_PUSH_ERROR);

	if (i == -1) {

		int err = get_errno(session);

		_gnutls_debug_log("WRITE: %d returned from %p, errno: %d\n",

				  i, fd, err);

		return errno_to_gerr(err, is_dtls);

	}

	return i;

}

/*

 * @ms: a pointer to the number of milliseconds to wait for data. Use zero or NULL for indefinite.

 *

 * This function is like recv(with MSG_PEEK). But it does not return -1 on error.

 * It does return gnutls_errno instead.

 * This function reads data from the socket and keeps them in a buffer, of up to

 * max_record_recv_size.

 *

 * This is not a general purpose function. It returns EXACTLY the data requested,

 * which are stored in a local (in the session) buffer.

 *

 * If the @ms parameter is non zero then this function will return before

 * the given amount of milliseconds or return GNUTLS_E_TIMEDOUT.

 *

 */

ssize_t

_gnutls_io_read_buffered(gnutls_session_t session, size_t total,

			 content_type_t recv_type, unsigned int *ms)

{

	ssize_t ret;

	size_t min;

	mbuffer_st *bufel = NULL;

	size_t recvdata, readsize;

	if (total > max_record_recv_size(session) || total == 0) {

		gnutls_assert();

		return GNUTLS_E_RECORD_OVERFLOW;

	}

	/* calculate the actual size, ie. get the minimum of the

	 * buffered data and the requested data.

	 */

	min =

	    MIN(session->internals.record_recv_buffer.byte_length, total);

	if (min > 0) {

		/* if we have enough buffered data

		 * then just return them.

		 */

		if (min == total) {

			return min;

		}

	}

	/* min is over zero. recvdata is the data we must

	 * receive in order to return the requested data.

	 */

	recvdata = total - min;

	readsize = recvdata;

	/* Check if the previously read data plus the new data to

	 * receive are longer than the maximum receive buffer size.

	 */

	if ((session->internals.record_recv_buffer.byte_length +

	     recvdata) > max_record_recv_size(session)) {

		gnutls_assert();	/* internal error */

		return GNUTLS_E_INVALID_REQUEST;

	}

	/* READ DATA

	 */

	if (readsize > 0) {

		ret =

		    _gnutls_read(session, &bufel, readsize,

				 session->internals.pull_func, ms);

		/* return immediately if we got an interrupt or eagain

		 * error.

		 */

		if (ret < 0) {

			return gnutls_assert_val(ret);

		}

		if (ret == 0)	/* EOF */

			return gnutls_assert_val(0);

		/* copy fresh data to our buffer.

		 */

		_gnutls_read_log

		    ("RB: Have %d bytes into buffer. Adding %d bytes.\n",

		     (int) session->internals.record_recv_buffer.

		     byte_length, (int) ret);

		_gnutls_read_log("RB: Requested %d bytes\n", (int) total);

		_mbuffer_enqueue(&session->internals.record_recv_buffer,

				 bufel);

		if (IS_DTLS(session))

			ret =

			    MIN(total,

				session->internals.record_recv_buffer.

				byte_length);

		else

			ret =

			    session->internals.record_recv_buffer.

			    byte_length;

		if ((ret > 0) && ((size_t) ret < total))	/* Short Read */

			return gnutls_assert_val(GNUTLS_E_AGAIN);

		else

			return ret;

	} else

		return gnutls_assert_val(0);

}

/* This function is like write. But it does not return -1 on error.

 * It does return gnutls_errno instead.

 *

 * This function takes full responsibility of freeing msg->data.

 *

 * In case of E_AGAIN and E_INTERRUPTED errors, you must call

 * gnutls_write_flush(), until it returns ok (0).

 *

 * We need to push exactly the data in msg->size, since we cannot send

 * less data. In TLS the peer must receive the whole packet in order

 * to decrypt and verify the integrity.

 *

 */

ssize_t

_gnutls_io_write_buffered(gnutls_session_t session,

			  mbuffer_st * bufel, unsigned int mflag)

{

	mbuffer_head_st *const send_buffer =

	    &session->internals.record_send_buffer;

	/* to know where the procedure was interrupted.

	 */

	session->internals.direction = 1;

	_mbuffer_enqueue(send_buffer, bufel);

	_gnutls_write_log

	    ("WRITE: enqueued %d bytes for %p. Total %d bytes.\n",

	     (int) bufel->msg.size, session->internals.transport_recv_ptr,

	     (int) send_buffer->byte_length);

	if (mflag == MBUFFER_FLUSH)

		return _gnutls_io_write_flush(session);

	else

		return bufel->msg.size;

}

typedef ssize_t(*send_func) (gnutls_session_t, const giovec_t *, int);

/* This function writes the data that are left in the

 * TLS write buffer (ie. because the previous write was

 * interrupted.

 */

ssize_t _gnutls_io_write_flush(gnutls_session_t session)

{

	gnutls_datum_t msg;

	mbuffer_head_st *send_buffer =

	    &session->internals.record_send_buffer;

	int ret;

	ssize_t sent = 0, tosend = 0;

	giovec_t iovec[MAX_QUEUE];

	int i = 0;

	mbuffer_st *cur;

	session->internals.direction = 1;

	_gnutls_write_log("WRITE FLUSH: %d bytes in buffer.\n",

			  (int) send_buffer->byte_length);

	for (cur = _mbuffer_head_get_first(send_buffer, &msg;;

	     cur != NULL; cur = _mbuffer_head_get_next(cur, &msg)) {

		iovec[i].iov_base = msg.data;

		iovec[i++].iov_len = msg.size;

		tosend += msg.size;

		/* we buffer up to MAX_QUEUE messages */

		if (i >= MAX_QUEUE) {

			gnutls_assert();

			return GNUTLS_E_INTERNAL_ERROR;

		}

	}

	if (tosend == 0) {

		gnutls_assert();

		return 0;

	}

	ret = _gnutls_writev(session, iovec, i, tosend);

	if (ret >= 0) {

		_mbuffer_head_remove_bytes(send_buffer, ret);

		_gnutls_write_log

		    ("WRITE: wrote %d bytes, %d bytes left.\n", ret,

		     (int) send_buffer->byte_length);

		sent += ret;

	} else if (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN) {

		_gnutls_write_log("WRITE interrupted: %d bytes left.\n",

				  (int) send_buffer->byte_length);

		return ret;

	} else if (ret == GNUTLS_E_LARGE_PACKET) {

		_mbuffer_head_remove_bytes(send_buffer, tosend);

		_gnutls_write_log

		    ("WRITE cannot send large packet (%u bytes).\n",

		     (unsigned int) tosend);

		return ret;

	} else {

		_gnutls_write_log("WRITE error: code %d, %d bytes left.\n",

				  ret, (int) send_buffer->byte_length);

		gnutls_assert();

		return ret;

	}

	if (sent < tosend) {

		return gnutls_assert_val(GNUTLS_E_AGAIN);

	}

	return sent;

}

/* Checks whether there are received data within

 * a timeframe.

 *

 * Returns 0 if data were received, GNUTLS_E_TIMEDOUT

 * on timeout and a negative error code on error.

 */

int _gnutls_io_check_recv(gnutls_session_t session, unsigned int ms)

{

	gnutls_transport_ptr_t fd = session->internals.transport_recv_ptr;

	int ret = 0, err;

	if (NO_TIMEOUT_FUNC_SET(session)) {

		_gnutls_debug_log("The pull function has been replaced but not the pull timeout.\n");

		return gnutls_assert_val(GNUTLS_E_PULL_ERROR);

	}

	reset_errno(session);

	ret = session->internals.pull_timeout_func(fd, ms);

	if (ret == -1) {

		err = get_errno(session);

		_gnutls_read_log

		    ("READ_TIMEOUT: %d returned from %p, errno=%d (timeout: %u)\n",

		     (int) ret, fd, err, ms);

		return errno_to_gerr(err, IS_DTLS(session));

	}

	if (ret > 0)

		return 0;

	else

		return GNUTLS_E_TIMEDOUT;

}

/* HANDSHAKE buffers part

 */

/* This function writes the data that are left in the

 * Handshake write buffer (ie. because the previous write was

 * interrupted.

 *

 */

ssize_t _gnutls_handshake_io_write_flush(gnutls_session_t session)

{

	mbuffer_head_st *const send_buffer =

	    &session->internals.handshake_send_buffer;

	gnutls_datum_t msg;

	int ret;

	uint16_t epoch;

	ssize_t total = 0;

	mbuffer_st *cur;

	_gnutls_write_log("HWRITE FLUSH: %d bytes in buffer.\n",

			  (int) send_buffer->byte_length);

	if (IS_DTLS(session))

		return _dtls_transmit(session);

	for (cur = _mbuffer_head_get_first(send_buffer, &msg;;

	     cur != NULL; cur = _mbuffer_head_get_first(send_buffer, &msg))

	{

		epoch = cur->epoch;

		ret = _gnutls_send_int(session, cur->type,

				       cur->htype,

				       epoch, msg.data, msg.size, 0);

		if (ret >= 0) {

			total += ret;

			ret = _mbuffer_head_remove_bytes(send_buffer, ret);

			/* for each queued message we send, ensure that

			 * we drop the epoch refcount set in _gnutls_handshake_io_cache_int(). */

			if (ret == 1)

				_gnutls_epoch_refcount_dec(session, epoch);

			_gnutls_write_log

			    ("HWRITE: wrote %d bytes, %d bytes left.\n",

			     ret, (int) send_buffer->byte_length);

		} else {

			_gnutls_write_log

			    ("HWRITE error: code %d, %d bytes left.\n",

			     ret, (int) send_buffer->byte_length);

			gnutls_assert();

			return ret;

		}

	}

	return _gnutls_io_write_flush(session);

}

/* This is a send function for the gnutls handshake

 * protocol. Just makes sure that all data have been sent.

 *

 */

int

_gnutls_handshake_io_cache_int(gnutls_session_t session,

			       gnutls_handshake_description_t htype,

			       mbuffer_st * bufel)

{

	mbuffer_head_st *send_buffer;

	if (IS_DTLS(session)) {

		bufel->handshake_sequence =

		    session->internals.dtls.hsk_write_seq - 1;

	}

	send_buffer = &session->internals.handshake_send_buffer;

	/* ensure that our epoch does not get garbage collected

	 * before we send all queued messages with it */

	bufel->epoch =

	    (uint16_t) _gnutls_epoch_refcount_inc(session,

						  EPOCH_WRITE_CURRENT);

	bufel->htype = htype;

	if (bufel->htype == GNUTLS_HANDSHAKE_CHANGE_CIPHER_SPEC)

		bufel->type = GNUTLS_CHANGE_CIPHER_SPEC;

	else

		bufel->type = GNUTLS_HANDSHAKE;

	_mbuffer_enqueue(send_buffer, bufel);

	_gnutls_write_log

	    ("HWRITE: enqueued [%s] %d. Total %d bytes.\n",

	     _gnutls_handshake2str(bufel->htype), (int) bufel->msg.size,

	     (int) send_buffer->byte_length);

	return 0;

}

static int handshake_compare(const void *_e1, const void *_e2)

{

	const handshake_buffer_st *e1 = _e1;

	const handshake_buffer_st *e2 = _e2;

	if (e1->sequence <= e2->sequence)

		return 1;

	else

		return -1;

}

#define SSL2_HEADERS 1

static int

parse_handshake_header(gnutls_session_t session, mbuffer_st * bufel,

		       handshake_buffer_st * hsk)

{