Fix CERTIFICATE STATUS processing when using non-blocking I/O

_gnutls_recv_server_certificate_status() must wait for the first full packet before setting priv->expect_cstatus = 0, or else CERTIFCATE STATUS packets won't be processed in subsequent calls at all, leaving them in the buffer and therefore causing later connection aborts.
author: Nils Maier <maierman@web.de> 2014-01-06 15:15:58 +0100
committer: Nikos Mavrogiannopoulos <nmav@redhat.com> 2014-01-07 09:23:09 +0100
commit: dd222f9d182421400c00ae7a4de1ac1f4401f5dd (patch)
tree: 54e8ff0156d9c8b745b837b23aeed6beac410f06
parent: 8db11f71137c9b8de26ca20b6c89c4225fc5d954 (diff)
download: gnutls-dd222f9d182421400c00ae7a4de1ac1f4401f5dd.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c
index ac512c2f90..267ba5d6a9 100644
--- a/lib/ext/status_request.c
+++ b/lib/ext/status_request.c
@@ -581,14 +581,14 @@ _gnutls_recv_server_certificate_status (gnutls_session_t session)
   if (!priv->expect_cstatus)
     return 0;
 
-  priv->expect_cstatus = 0;
-
   ret = _gnutls_recv_handshake (session, 
                                 GNUTLS_HANDSHAKE_CERTIFICATE_STATUS,
                                 0, &buf);
   if (ret < 0)
     return gnutls_assert_val_fatal(ret);
 
+  priv->expect_cstatus = 0;
+
   data = buf.data;
   data_size = buf.length;
author	Nils Maier <maierman@web.de>	2014-01-06 15:15:58 +0100
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>	2014-01-07 09:23:09 +0100
commit	dd222f9d182421400c00ae7a4de1ac1f4401f5dd (patch)
tree	54e8ff0156d9c8b745b837b23aeed6beac410f06
parent	8db11f71137c9b8de26ca20b6c89c4225fc5d954 (diff)
download	gnutls-dd222f9d182421400c00ae7a4de1ac1f4401f5dd.tar.gz