diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-01-10 14:21:42 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-01-11 00:26:51 +0100 |
commit | 1a338cbaaeec11d958de8da4d1ae036979fccf3e (patch) | |
tree | 5f5341d38761f3acc5167ad38983023033b4a0e5 /src | |
parent | 581718c927838474200c305587241ae15511cb82 (diff) | |
download | gnutls-1a338cbaaeec11d958de8da4d1ae036979fccf3e.tar.gz |
Added safe renegotiation patch from Steve Dispensa, modified to suit gnutls
code style and error checking. Modified to conform to draft-ietf-tls-renegotiation-03.txt.
gnutls-cli will search input for **RENEGOTIATION** to perform a renegotiation
and gnutls-serv will perform one if requested.
Diffstat (limited to 'src')
-rw-r--r-- | src/cli.c | 11 | ||||
-rw-r--r-- | src/serv.c | 24 |
2 files changed, 28 insertions, 7 deletions
@@ -826,6 +826,17 @@ after_handshake: continue; } + if (strstr(buffer, "**REHANDSHAKE**") != NULL) { + fprintf (stderr, "*** Starting TLS rehandshake\n"); + ret = do_handshake (&hd); + if (ret < 0) + { + fprintf (stderr, "*** Rehandshake has failed\n"); + user_term = 1; + retval = 1; + break; + } + } if (crlf != 0) { char *b = strchr (buffer, '\n'); diff --git a/src/serv.c b/src/serv.c index 12c5ec7d76..f8c78a6be8 100644 --- a/src/serv.c +++ b/src/serv.c @@ -1240,14 +1240,24 @@ main (int argc, char **argv) } else if (r <= 0) { - j->http_state = HTTP_STATE_CLOSING; - if (r < 0 && r != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) + if (r == GNUTLS_E_REHANDSHAKE) { - check_alert (j->tls_session, r); - fprintf (stderr, "Error while receiving data\n"); - GERR (r); - } - + do + { + r = gnutls_handshake (j->tls_session); + } + while (r == GNUTLS_E_INTERRUPTED || r == GNUTLS_E_AGAIN); + } + else + { + j->http_state = HTTP_STATE_CLOSING; + if (r < 0 && r != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) + { + check_alert (j->tls_session, r); + fprintf (stderr, "Error while receiving data\n"); + GERR (r); + } + } } else { |