Commit 632b6f1b authored by Sebastien Decugis's avatar Sebastien Decugis
Browse files

Add timeout in gnutls_handshake for version 3.1.x

parent ca008917
......@@ -455,6 +455,10 @@ int diameap_tls_process_receive(struct tls_data * data)
int ret;
data->p_length = data->tlsResp.datalength;
#ifdef GNUTLS_VERSION_310
gnutls_handshake_set_timeout( data->session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
#endif /* GNUTLS_VERSION_310 */
ret = gnutls_handshake(data->session);
if (ret < 0)
......
......@@ -841,7 +841,10 @@ again:
{
switch (ret) {
case GNUTLS_E_REHANDSHAKE:
if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING))
if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING)) {
#ifdef GNUTLS_VERSION_310
GNUTLS_TRACE( gnutls_handshake_set_timeout( session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT));
#endif /* GNUTLS_VERSION_310 */
CHECK_GNUTLS_DO( ret = gnutls_handshake(session),
{
if (TRACE_BOOL(INFO)) {
......@@ -849,6 +852,7 @@ again:
}
goto end;
} );
}
case GNUTLS_E_AGAIN:
case GNUTLS_E_INTERRUPTED:
......@@ -885,7 +889,11 @@ again:
{
switch (ret) {
case GNUTLS_E_REHANDSHAKE:
if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING))
if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING)) {
#ifdef GNUTLS_VERSION_310
GNUTLS_TRACE( gnutls_handshake_set_timeout( session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT));
#endif /* GNUTLS_VERSION_310 */
CHECK_GNUTLS_DO( ret = gnutls_handshake(session),
{
if (TRACE_BOOL(INFO)) {
......@@ -893,6 +901,7 @@ again:
}
goto end;
} );
}
case GNUTLS_E_AGAIN:
case GNUTLS_E_INTERRUPTED:
......@@ -1286,6 +1295,9 @@ int fd_cnx_handshake(struct cnxctx * conn, int mode, char * priority, void * alt
/* Handshake master session */
{
int ret;
#ifdef GNUTLS_VERSION_310
GNUTLS_TRACE( gnutls_handshake_set_timeout( conn->cc_tls_para.session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT));
#endif /* GNUTLS_VERSION_310 */
/* When gnutls 2.10.1 is around, we should use gnutls_certificate_set_verify_function and fd_tls_verify_credentials, so that handshake fails directly. */
......
......@@ -462,6 +462,9 @@ static void * handshake_resume_th(void * arg)
}
TRACE_DEBUG(FULL, "Starting TLS resumed handshake on stream %hu", ctx->strid);
#ifdef GNUTLS_VERSION_310
GNUTLS_TRACE( gnutls_handshake_set_timeout( ctx->session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT));
#endif /* GNUTLS_VERSION_310 */
CHECK_GNUTLS_DO( gnutls_handshake( ctx->session ), return NULL);
GNUTLS_TRACE( resumed = gnutls_session_is_resumed(ctx->session) );
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment