rpms / gnutls

Clone
Source Code
GIT

Files

  1.   873a72c7757a2e5444b4713a02ba3ef7adaf2dd7
  2.   SOURCES
  3.   gnutls-3.3.8-handshake-reset.patch
Blob Blame History Raw 
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 53f1ef1..759c67e 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -2491,7 +2491,8 @@ static int _gnutls_recv_supplemental(gnutls_session_t session)
  * full handshake will be performed.
  *
  * The non-fatal errors expected by this function are:
- * %GNUTLS_E_INTERRUPTED, %GNUTLS_E_AGAIN, and %GNUTLS_E_WARNING_ALERT_RECEIVED.
+ * %GNUTLS_E_INTERRUPTED, %GNUTLS_E_AGAIN, 
+ * %GNUTLS_E_LARGE_PACKET and %GNUTLS_E_WARNING_ALERT_RECEIVED.
  * The former two interrupt the handshake procedure due to the lower
  * layer being interrupted, and the latter because of an alert that
  * may be sent by a server (it is always a good idea to check any
@@ -2600,12 +2601,15 @@ gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms)
 #define IMED_RET( str, ret, allow_alert) do { \
 	if (ret < 0) { \
 		/* EAGAIN and INTERRUPTED are always non-fatal */ \
-		if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) \
+		if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_LARGE_PACKET) \
 			return ret; \
                 /* a warning alert might interrupt handshake */ \
 		if (allow_alert != 0 && ret==GNUTLS_E_WARNING_ALERT_RECEIVED) return ret; \
 		gnutls_assert(); \
 		ERR( str, ret); \
+		/* do not allow non-fatal errors at this point */ \
+		if (gnutls_error_is_fatal(ret) == 0) ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); \
+		session_invalidate(session); \
 		_gnutls_handshake_hash_buffers_clear(session); \
 		return ret; \
 	} } while (0)
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index e2a492d..157d12a 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -349,12 +349,6 @@ int gnutls_bye(gnutls_session_t session, gnutls_close_request_t how)
 	return 0;
 }
 
-inline static void session_invalidate(gnutls_session_t session)
-{
-	session->internals.invalid_connection = 1;
-}
-
-
 inline static void session_unresumable(gnutls_session_t session)
 {
 	session->internals.resumable = RESUME_FALSE;
diff --git a/lib/gnutls_record.h b/lib/gnutls_record.h
index 50ff08d..cb0320c 100644
--- a/lib/gnutls_record.h
+++ b/lib/gnutls_record.h
@@ -101,4 +101,9 @@ unsigned int get_total_headers2(gnutls_session_t session, record_parameters_st *
 	return total + _gnutls_cipher_get_explicit_iv_size(params->cipher);
 }
 
+inline static void session_invalidate(gnutls_session_t session)
+{
+	session->internals.invalid_connection = 1;
+}
+
 #endif

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation