gnutls_handshake_timeout() -> gnutls_handshake_set_timeout()

14 files changed, 43 insertions, 36 deletions

diff --git a/NEWS b/NEWS
index 2abf67e9f8..002a31f45d 100644
--- a/NEWS
+++ b/NEWS
@@ -84,7 +84,7 @@ gnutls_x509_trust_list_add_system_trust: Added
 gnutls_x509_trust_list_add_trust_file: Added
 gnutls_x509_trust_list_add_trust_mem: Added
 gnutls_pk_to_sign: Added
-gnutls_handshake_timeout: Added
+gnutls_handshake_set_timeout: Added
 gnutls_pubkey_verify_hash: Deprecated (use gnutls_pubkey_verify_hash2)
 gnutls_pubkey_verify_data: Deprecated (use gnutls_pubkey_verify_data2)
 
diff --git a/doc/Makefile.am b/doc/Makefile.am
index a8dfa6e9f9..7f1fde9090 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -766,8 +766,8 @@ FUNCS += functions/gnutls_bye
 FUNCS += functions/gnutls_bye.short
 FUNCS += functions/gnutls_handshake
 FUNCS += functions/gnutls_handshake.short
-FUNCS += functions/gnutls_handshake_timeout
-FUNCS += functions/gnutls_handshake_timeout.short
+FUNCS += functions/gnutls_handshake_set_timeout
+FUNCS += functions/gnutls_handshake_set_timeout.short
 FUNCS += functions/gnutls_rehandshake
 FUNCS += functions/gnutls_rehandshake.short
 FUNCS += functions/gnutls_alert_get
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi
index 45d4ef02d8..7c16279d23 100644
--- a/doc/cha-gtls-app.texi
+++ b/doc/cha-gtls-app.texi
@@ -733,7 +733,7 @@ exchange.
 
 @showfuncdesc{gnutls_handshake}
 
-@showfuncdesc{gnutls_handshake_timeout}
+@showfuncdesc{gnutls_handshake_set_timeout}
 
 The handshake process doesn't ensure the verification
 of the peer's identity. When certificates are in use,
diff --git a/doc/examples/ex-client-anon.c b/doc/examples/ex-client-anon.c
index b4befa88e0..6a1106b9d2 100644
--- a/doc/examples/ex-client-anon.c
+++ b/doc/examples/ex-client-anon.c
@@ -52,12 +52,13 @@ main (void)
   sd = tcp_connect ();
 
   gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
+  gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
 
   /* Perform the TLS handshake
    */
   do
     {
-      ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+      ret = gnutls_handshake (session);
     }
   while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
 
diff --git a/doc/examples/ex-client-dtls.c b/doc/examples/ex-client-dtls.c
index 6b97ba619b..412e149be1 100644
--- a/doc/examples/ex-client-dtls.c
+++ b/doc/examples/ex-client-dtls.c
@@ -69,11 +69,12 @@ main (void)
 
   /* set the connection MTU */
   gnutls_dtls_set_mtu (session, 1000);
+  gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
 
   /* Perform the TLS handshake */
   do
     {
-      ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+      ret = gnutls_handshake (session);
     }
   while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
 
diff --git a/doc/examples/ex-client-psk.c b/doc/examples/ex-client-psk.c
index f77e3a3cfa..a456f6cf4c 100644
--- a/doc/examples/ex-client-psk.c
+++ b/doc/examples/ex-client-psk.c
@@ -62,12 +62,13 @@ main (void)
   sd = tcp_connect ();
 
   gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
+  gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
 
   /* Perform the TLS handshake
    */
   do
     {
-      ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+      ret = gnutls_handshake (session);
     }
   while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
 
diff --git a/doc/examples/ex-client-resume.c b/doc/examples/ex-client-resume.c
index 13b42e488f..0fe2a8860e 100644
--- a/doc/examples/ex-client-resume.c
+++ b/doc/examples/ex-client-resume.c
@@ -60,12 +60,13 @@ main (void)
         }
 
       gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
+      gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
 
       /* Perform the TLS handshake
        */
       do
         {
-          ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+          ret = gnutls_handshake (session);
         }
       while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
 
diff --git a/doc/examples/ex-client-srp.c b/doc/examples/ex-client-srp.c
index afc6c09432..112e9f0476 100644
--- a/doc/examples/ex-client-srp.c
+++ b/doc/examples/ex-client-srp.c
@@ -59,12 +59,13 @@ main (void)
   gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cert_cred);
 
   gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
+  gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
 
   /* Perform the TLS handshake
    */
   do
     {
-      ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+      ret = gnutls_handshake (session);
     }
   while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
 
diff --git a/doc/examples/ex-client-x509.c b/doc/examples/ex-client-x509.c
index 2535230472..dc4be2709b 100644
--- a/doc/examples/ex-client-x509.c
+++ b/doc/examples/ex-client-x509.c
@@ -77,12 +77,13 @@ int main (void)
   sd = tcp_connect ();
 
   gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd);
+  gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
 
   /* Perform the TLS handshake
    */
   do
     {
-      ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+      ret = gnutls_handshake (session);
     }
   while (ret < 0 && gnutls_error_is_fatal (ret) == 0);
 
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 3f30e52d39..60272e0682 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -2364,36 +2364,18 @@ cleanup:
 int
 gnutls_handshake (gnutls_session_t session)
 {
-  return gnutls_handshake_timeout( session, 0);
-}
-
-/**
- * gnutls_handshake_timeout:
- * @session: is a #gnutls_session_t structure.
- * @sec: is a timeout value in seconds
- *
- * This function is identical to the gnutls_handshake() but
- * it also ensures that the handshake is completed within
- * the provided timeout value.
- *
- * Returns: %GNUTLS_E_SUCCESS on success, %GNUTLS_E_TIMED_OUT on timeout, otherwise a negative error code.
- **/
-int
-gnutls_handshake_timeout (gnutls_session_t session, unsigned int sec)
-{
   int ret;
   record_parameters_st *params;
   
-  if (sec > 0)
-    session->internals.handshake_endtime = gnutls_time(0) + sec;
-  else
-    session->internals.handshake_endtime = 0;
-  
   /* sanity check. Verify that there are priorities setup.
    */
   if (session->internals.priorities.protocol.algorithms == 0)
     return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
 
+  if (session->internals.handshake_timeout_ms)
+    session->internals.handshake_endtime = gnutls_time(0) + 
+      session->internals.handshake_timeout_ms / 1000;
+
   ret = _gnutls_epoch_get (session, session->security_parameters.epoch_next,
                            &params);
   if (ret < 0)
@@ -2456,6 +2438,23 @@ gnutls_handshake_timeout (gnutls_session_t session, unsigned int sec)
   return 0;
 }
 
+/**
+ * gnutls_handshake_set_timeout:
+ * @session: is a #gnutls_session_t structure.
+ * @ms: is a timeout value in milliseconds
+ *
+ * This function sets the timeout for the handshake process
+ * to the provided value.
+ *
+ **/
+void
+gnutls_handshake_set_timeout (gnutls_session_t session, unsigned int ms)
+{
+  if (ms == GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT)
+    ms = 40*1000;
+  session->internals.handshake_timeout_ms = ms;
+}
+
 
 #define IMED_RET( str, ret, allow_alert) do { \
 	if (ret < 0) { \
diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
index e0b324bfdc..edb160ab2f 100644
--- a/lib/gnutls_int.h
+++ b/lib/gnutls_int.h
@@ -878,6 +878,7 @@ typedef struct
   unsigned char cb_tls_unique[MAX_VERIFY_DATA_SIZE];
   
   unsigned int handshake_endtime; /* end time in seconds */
+  unsigned int handshake_timeout_ms; /* timeout in milliseconds */
 
   /* If you add anything here, check _gnutls_handshake_internal_state_clear().
    */
diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 823f1d7bde..0156fc4f8d 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -752,8 +752,8 @@ typedef enum
 
   int gnutls_handshake (gnutls_session_t session);
 
-#define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT 60
-  int gnutls_handshake_timeout (gnutls_session_t session, unsigned int sec);
+#define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1)
+  void gnutls_handshake_set_timeout (gnutls_session_t session, unsigned int sec);
   int gnutls_rehandshake (gnutls_session_t session);
 
   gnutls_alert_description_t gnutls_alert_get (gnutls_session_t session);
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 801c6357ac..3199bc642b 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -825,7 +825,7 @@ GNUTLS_3_1_0 {
 	gnutls_pkcs11_privkey_set_pin_function;
 	gnutls_certificate_set_pin_function;
 	gnutls_x509_crt_set_pin_function;
-	gnutls_handshake_timeout;
+	gnutls_handshake_set_timeout;
 } GNUTLS_3_0_0;
 
 GNUTLS_PRIVATE {
diff --git a/src/cli.c b/src/cli.c
index 755ca1fde6..47f6d09bc9 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -1183,7 +1183,8 @@ do_handshake (socket_st * socket)
                             gl_fd_to_handle (socket->fd));
   do
     {
-      ret = gnutls_handshake_timeout (socket->session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+      gnutls_handshake_set_timeout( socket->session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
+      ret = gnutls_handshake (socket->session);
 
       if (ret < 0)
         {