1
0
mirror of https://github.com/rkd77/elinks.git synced 2024-11-02 08:57:19 -04:00

Repeat gnutls_handshake until success

It's blocking, but better than SSL errors.
This commit is contained in:
Witold Filipczyk 2017-11-15 01:01:36 +01:00
parent 91beac7ee3
commit 4c4717b82a

View File

@ -63,7 +63,6 @@
#elif defined(CONFIG_GNUTLS) #elif defined(CONFIG_GNUTLS)
#define ssl_do_connect(conn) gnutls_handshake(*((ssl_t *) socket->ssl))
#define ssl_do_write(socket, data, len) gnutls_record_send(*((ssl_t *) socket->ssl), data, len) #define ssl_do_write(socket, data, len) gnutls_record_send(*((ssl_t *) socket->ssl), data, len)
#define ssl_do_read(socket, data, len) gnutls_record_recv(*((ssl_t *) socket->ssl), data, len) #define ssl_do_read(socket, data, len) gnutls_record_recv(*((ssl_t *) socket->ssl), data, len)
/* We probably don't handle this entirely correctly.. */ /* We probably don't handle this entirely correctly.. */
@ -365,6 +364,22 @@ verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
#endif /* USE_OPENSSL */ #endif /* USE_OPENSSL */
#if defined(CONFIG_GNUTLS)
static int
ssl_do_connect(struct socket *socket)
{
int ret;
gnutls_handshake_set_timeout(*(ssl_t *)(socket->ssl), GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
do {
ret = gnutls_handshake(*(ssl_t *)socket->ssl);
} while (ret < 0 && !gnutls_error_is_fatal(ret));
return ret;
}
#endif
static void static void
ssl_want_read(struct socket *socket) ssl_want_read(struct socket *socket)
{ {
@ -553,8 +568,12 @@ ssl_read(struct socket *socket, unsigned char *data, int len)
#endif #endif
#ifdef CONFIG_GNUTLS #ifdef CONFIG_GNUTLS
if (err == GNUTLS_E_REHANDSHAKE) if (err == GNUTLS_E_REHANDSHAKE) {
return -1; err = ssl_do_connect(socket);
if (err == 0) {
return SOCKET_SSL_WANT_READ;
}
}
#endif #endif
if (err == SSL_ERROR_WANT_READ || if (err == SSL_ERROR_WANT_READ ||