diff options
author | Nils Maier <maierman@web.de> | 2014-01-06 15:15:58 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-01-07 09:23:09 +0100 |
commit | dd222f9d182421400c00ae7a4de1ac1f4401f5dd (patch) | |
tree | 54e8ff0156d9c8b745b837b23aeed6beac410f06 | |
parent | 8db11f71137c9b8de26ca20b6c89c4225fc5d954 (diff) | |
download | gnutls-dd222f9d182421400c00ae7a4de1ac1f4401f5dd.tar.gz |
Fix CERTIFICATE STATUS processing when using non-blocking I/O
_gnutls_recv_server_certificate_status() must wait for the first full
packet before setting priv->expect_cstatus = 0, or else CERTIFCATE
STATUS packets won't be processed in subsequent calls at all, leaving
them in the buffer and therefore causing later connection aborts.
-rw-r--r-- | lib/ext/status_request.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c index ac512c2f90..267ba5d6a9 100644 --- a/lib/ext/status_request.c +++ b/lib/ext/status_request.c @@ -581,14 +581,14 @@ _gnutls_recv_server_certificate_status (gnutls_session_t session) if (!priv->expect_cstatus) return 0; - priv->expect_cstatus = 0; - ret = _gnutls_recv_handshake (session, GNUTLS_HANDSHAKE_CERTIFICATE_STATUS, 0, &buf); if (ret < 0) return gnutls_assert_val_fatal(ret); + priv->expect_cstatus = 0; + data = buf.data; data_size = buf.length; |