Blame SOURCES/gnutls-3.3.8-handshake-reset.patch

873a72
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
873a72
index 53f1ef1..759c67e 100644
873a72
--- a/lib/gnutls_handshake.c
873a72
+++ b/lib/gnutls_handshake.c
873a72
@@ -2491,7 +2491,8 @@ static int _gnutls_recv_supplemental(gnutls_session_t session)
873a72
  * full handshake will be performed.
873a72
  *
873a72
  * The non-fatal errors expected by this function are:
873a72
- * %GNUTLS_E_INTERRUPTED, %GNUTLS_E_AGAIN, and %GNUTLS_E_WARNING_ALERT_RECEIVED.
873a72
+ * %GNUTLS_E_INTERRUPTED, %GNUTLS_E_AGAIN, 
873a72
+ * %GNUTLS_E_LARGE_PACKET and %GNUTLS_E_WARNING_ALERT_RECEIVED.
873a72
  * The former two interrupt the handshake procedure due to the lower
873a72
  * layer being interrupted, and the latter because of an alert that
873a72
  * may be sent by a server (it is always a good idea to check any
873a72
@@ -2600,12 +2601,15 @@ gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms)
873a72
 #define IMED_RET( str, ret, allow_alert) do { \
873a72
 	if (ret < 0) { \
873a72
 		/* EAGAIN and INTERRUPTED are always non-fatal */ \
873a72
-		if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) \
873a72
+		if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_LARGE_PACKET) \
873a72
 			return ret; \
873a72
                 /* a warning alert might interrupt handshake */ \
873a72
 		if (allow_alert != 0 && ret==GNUTLS_E_WARNING_ALERT_RECEIVED) return ret; \
873a72
 		gnutls_assert(); \
873a72
 		ERR( str, ret); \
873a72
+		/* do not allow non-fatal errors at this point */ \
873a72
+		if (gnutls_error_is_fatal(ret) == 0) ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); \
873a72
+		session_invalidate(session); \
873a72
 		_gnutls_handshake_hash_buffers_clear(session); \
873a72
 		return ret; \
873a72
 	} } while (0)
873a72
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
873a72
index e2a492d..157d12a 100644
873a72
--- a/lib/gnutls_record.c
873a72
+++ b/lib/gnutls_record.c
873a72
@@ -349,12 +349,6 @@ int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how)
873a72
 	return 0;
873a72
 }
873a72
 
873a72
-inline static void session_invalidate(gnutls_session_t session)
873a72
-{
873a72
-	session->internals.invalid_connection = 1;
873a72
-}
873a72
-
873a72
-
873a72
 inline static void session_unresumable(gnutls_session_t session)
873a72
 {
873a72
 	session->internals.resumable = RESUME_FALSE;
873a72
diff --git a/lib/gnutls_record.h b/lib/gnutls_record.h
873a72
index 50ff08d..cb0320c 100644
873a72
--- a/lib/gnutls_record.h
873a72
+++ b/lib/gnutls_record.h
873a72
@@ -101,4 +101,9 @@ unsigned int get_total_headers2(gnutls_session_t session, record_parameters_st *
873a72
 	return total + _gnutls_cipher_get_explicit_iv_size(params->cipher);
873a72
 }
873a72
 
873a72
+inline static void session_invalidate(gnutls_session_t session)
873a72
+{
873a72
+	session->internals.invalid_connection = 1;
873a72
+}
873a72
+
873a72
 #endif