summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@redhat.com>2016-08-22 08:46:04 +0200
committerNikos Mavrogiannopoulos <nmav@redhat.com>2016-08-22 11:27:37 +0200
commit3ce7bc7b7d0a0daded5bd5a338b8361e5ac755f5 (patch)
tree34c4c54e15d6daec2af2447f49ad3de4e2249114
parent39cdaed454b12c7be9881d550ec2ea89c649c707 (diff)
downloadgnutls-3ce7bc7b7d0a0daded5bd5a338b8361e5ac755f5.tar.gz
gnutls-cli: fixed the behavior when --starttls or --starttls-proto is given
The change of moving the handshake process as part of the socket establishment broke the starttls functionality in gnutls-cli. This change fixes that functionality. Reported by Andreas Metzler.
Diffstat
-rw-r--r--src/cli.c16
-rw-r--r--src/socket.c25
-rw-r--r--src/socket.h1
3 files changed, 27 insertions, 15 deletions
diff --git a/src/cli.c b/src/cli.c
index 0913898f8b..61be2cae7e 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -1212,19 +1212,25 @@ int main(int argc, char **argv)
socket_flags |= SOCKET_FLAG_UDP;
if (fastopen)
socket_flags |= SOCKET_FLAG_FASTOPEN;
+ if (verbose)
+ socket_flags |= SOCKET_FLAG_VERBOSE;
if (starttls)
+ socket_flags |= SOCKET_FLAG_RAW;
+ else if (HAVE_OPT(STARTTLS_PROTO))
socket_flags |= SOCKET_FLAG_STARTTLS;
socket_open(&hd, hostname, service, OPT_ARG(STARTTLS_PROTO), socket_flags, CONNECT_MSG, NULL);
hd.verbose = verbose;
- printf("- Handshake was completed\n");
+ if (hd.secure) {
+ printf("- Handshake was completed\n");
- if (resume != 0)
- if (try_resume(&hd))
- return 1;
+ if (resume != 0)
+ if (try_resume(&hd))
+ return 1;
- print_other_info(hd.session);
+ print_other_info(hd.session);
+ }
/* Warning! Do not touch this text string, it is used by external
programs to search for when gnutls-cli has reached this point. */
diff --git a/src/socket.c b/src/socket.c
index 5507c71499..05ca7ff7b0 100644
--- a/src/socket.c
+++ b/src/socket.c
@@ -368,6 +368,9 @@ socket_open(socket_st * hd, const char *hostname, const char *service,
memset(hd, 0, sizeof(*hd));
+ if (flags & SOCKET_FLAG_VERBOSE)
+ hd->verbose = 1;
+
if (rdata) {
hd->rdata.data = rdata->data;
hd->rdata.size = rdata->size;
@@ -443,19 +446,21 @@ socket_open(socket_st * hd, const char *hostname, const char *service,
continue;
}
- if (!(flags & SOCKET_FLAG_RAW)) {
- if (flags & SOCKET_FLAG_STARTTLS) {
- socket_starttls(hd);
- }
+ hd->fd = sd;
+ if (flags & SOCKET_FLAG_STARTTLS) {
+ hd->app_proto = app_proto;
+ socket_starttls(hd);
+ hd->app_proto = NULL;
+ }
- hd->session = init_tls_session(hostname);
- if (hd->rdata.data) {
- gnutls_session_set_data(hd->session, hd->rdata.data, hd->rdata.size);
- }
+ hd->session = init_tls_session(hostname);
+ if (hd->rdata.data) {
+ gnutls_session_set_data(hd->session, hd->rdata.data, hd->rdata.size);
+ }
- hd->fd = sd;
- gnutls_transport_set_int(hd->session, sd);
+ gnutls_transport_set_int(hd->session, sd);
+ if (!(flags & SOCKET_FLAG_RAW)) {
err = do_handshake(hd);
if (err == GNUTLS_E_PUSH_ERROR) { /* failed connecting */
gnutls_deinit(hd->session);
diff --git a/src/socket.h b/src/socket.h
index 55e7230300..fb7d2b12bc 100644
--- a/src/socket.h
+++ b/src/socket.h
@@ -5,6 +5,7 @@
#define SOCKET_FLAG_FASTOPEN (1<<1)
#define SOCKET_FLAG_STARTTLS (1<<2)
#define SOCKET_FLAG_RAW (1<<3) /* unencrypted */
+#define SOCKET_FLAG_VERBOSE (1<<4)
typedef struct {
View Lorry Controller Status