diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-08-07 21:38:05 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-08-07 21:50:32 +0200 |
commit | 65b14abc24f27840efedb75a6213287a9b53a467 (patch) | |
tree | 3d0c678ae820241e5199e7e9c6ee3a7d9605057b | |
parent | 5cd6ecd192636509a4dd66bdd295ebe19fc67b6c (diff) | |
download | gnutls-65b14abc24f27840efedb75a6213287a9b53a467.tar.gz |
gnutls_handshake_timeout() -> gnutls_handshake_set_timeout()
-rw-r--r-- | NEWS | 2 | ||||
-rw-r--r-- | doc/Makefile.am | 4 | ||||
-rw-r--r-- | doc/cha-gtls-app.texi | 2 | ||||
-rw-r--r-- | doc/examples/ex-client-anon.c | 3 | ||||
-rw-r--r-- | doc/examples/ex-client-dtls.c | 3 | ||||
-rw-r--r-- | doc/examples/ex-client-psk.c | 3 | ||||
-rw-r--r-- | doc/examples/ex-client-resume.c | 3 | ||||
-rw-r--r-- | doc/examples/ex-client-srp.c | 3 | ||||
-rw-r--r-- | doc/examples/ex-client-x509.c | 3 | ||||
-rw-r--r-- | lib/gnutls_handshake.c | 43 | ||||
-rw-r--r-- | lib/gnutls_int.h | 1 | ||||
-rw-r--r-- | lib/includes/gnutls/gnutls.h.in | 4 | ||||
-rw-r--r-- | lib/libgnutls.map | 2 | ||||
-rw-r--r-- | src/cli.c | 3 |
14 files changed, 43 insertions, 36 deletions
@@ -84,7 +84,7 @@ gnutls_x509_trust_list_add_system_trust: Added gnutls_x509_trust_list_add_trust_file: Added gnutls_x509_trust_list_add_trust_mem: Added gnutls_pk_to_sign: Added -gnutls_handshake_timeout: Added +gnutls_handshake_set_timeout: Added gnutls_pubkey_verify_hash: Deprecated (use gnutls_pubkey_verify_hash2) gnutls_pubkey_verify_data: Deprecated (use gnutls_pubkey_verify_data2) diff --git a/doc/Makefile.am b/doc/Makefile.am index a8dfa6e9f9..7f1fde9090 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -766,8 +766,8 @@ FUNCS += functions/gnutls_bye FUNCS += functions/gnutls_bye.short FUNCS += functions/gnutls_handshake FUNCS += functions/gnutls_handshake.short -FUNCS += functions/gnutls_handshake_timeout -FUNCS += functions/gnutls_handshake_timeout.short +FUNCS += functions/gnutls_handshake_set_timeout +FUNCS += functions/gnutls_handshake_set_timeout.short FUNCS += functions/gnutls_rehandshake FUNCS += functions/gnutls_rehandshake.short FUNCS += functions/gnutls_alert_get diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 45d4ef02d8..7c16279d23 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -733,7 +733,7 @@ exchange. @showfuncdesc{gnutls_handshake} -@showfuncdesc{gnutls_handshake_timeout} +@showfuncdesc{gnutls_handshake_set_timeout} The handshake process doesn't ensure the verification of the peer's identity. When certificates are in use, diff --git a/doc/examples/ex-client-anon.c b/doc/examples/ex-client-anon.c index b4befa88e0..6a1106b9d2 100644 --- a/doc/examples/ex-client-anon.c +++ b/doc/examples/ex-client-anon.c @@ -52,12 +52,13 @@ main (void) sd = tcp_connect (); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); + gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); /* Perform the TLS handshake */ do { - ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); + ret = gnutls_handshake (session); } while (ret < 0 && gnutls_error_is_fatal (ret) == 0); diff --git a/doc/examples/ex-client-dtls.c b/doc/examples/ex-client-dtls.c index 6b97ba619b..412e149be1 100644 --- a/doc/examples/ex-client-dtls.c +++ b/doc/examples/ex-client-dtls.c @@ -69,11 +69,12 @@ main (void) /* set the connection MTU */ gnutls_dtls_set_mtu (session, 1000); + gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); /* Perform the TLS handshake */ do { - ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); + ret = gnutls_handshake (session); } while (ret < 0 && gnutls_error_is_fatal (ret) == 0); diff --git a/doc/examples/ex-client-psk.c b/doc/examples/ex-client-psk.c index f77e3a3cfa..a456f6cf4c 100644 --- a/doc/examples/ex-client-psk.c +++ b/doc/examples/ex-client-psk.c @@ -62,12 +62,13 @@ main (void) sd = tcp_connect (); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); + gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); /* Perform the TLS handshake */ do { - ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); + ret = gnutls_handshake (session); } while (ret < 0 && gnutls_error_is_fatal (ret) == 0); diff --git a/doc/examples/ex-client-resume.c b/doc/examples/ex-client-resume.c index 13b42e488f..0fe2a8860e 100644 --- a/doc/examples/ex-client-resume.c +++ b/doc/examples/ex-client-resume.c @@ -60,12 +60,13 @@ main (void) } gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); + gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); /* Perform the TLS handshake */ do { - ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); + ret = gnutls_handshake (session); } while (ret < 0 && gnutls_error_is_fatal (ret) == 0); diff --git a/doc/examples/ex-client-srp.c b/doc/examples/ex-client-srp.c index afc6c09432..112e9f0476 100644 --- a/doc/examples/ex-client-srp.c +++ b/doc/examples/ex-client-srp.c @@ -59,12 +59,13 @@ main (void) gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cert_cred); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); + gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); /* Perform the TLS handshake */ do { - ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); + ret = gnutls_handshake (session); } while (ret < 0 && gnutls_error_is_fatal (ret) == 0); diff --git a/doc/examples/ex-client-x509.c b/doc/examples/ex-client-x509.c index 2535230472..dc4be2709b 100644 --- a/doc/examples/ex-client-x509.c +++ b/doc/examples/ex-client-x509.c @@ -77,12 +77,13 @@ int main (void) sd = tcp_connect (); gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); + gnutls_handshake_set_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); /* Perform the TLS handshake */ do { - ret = gnutls_handshake_timeout (session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); + ret = gnutls_handshake (session); } while (ret < 0 && gnutls_error_is_fatal (ret) == 0); diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 3f30e52d39..60272e0682 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -2364,36 +2364,18 @@ cleanup: int gnutls_handshake (gnutls_session_t session) { - return gnutls_handshake_timeout( session, 0); -} - -/** - * gnutls_handshake_timeout: - * @session: is a #gnutls_session_t structure. - * @sec: is a timeout value in seconds - * - * This function is identical to the gnutls_handshake() but - * it also ensures that the handshake is completed within - * the provided timeout value. - * - * Returns: %GNUTLS_E_SUCCESS on success, %GNUTLS_E_TIMED_OUT on timeout, otherwise a negative error code. - **/ -int -gnutls_handshake_timeout (gnutls_session_t session, unsigned int sec) -{ int ret; record_parameters_st *params; - if (sec > 0) - session->internals.handshake_endtime = gnutls_time(0) + sec; - else - session->internals.handshake_endtime = 0; - /* sanity check. Verify that there are priorities setup. */ if (session->internals.priorities.protocol.algorithms == 0) return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET); + if (session->internals.handshake_timeout_ms) + session->internals.handshake_endtime = gnutls_time(0) + + session->internals.handshake_timeout_ms / 1000; + ret = _gnutls_epoch_get (session, session->security_parameters.epoch_next, ¶ms); if (ret < 0) @@ -2456,6 +2438,23 @@ gnutls_handshake_timeout (gnutls_session_t session, unsigned int sec) return 0; } +/** + * gnutls_handshake_set_timeout: + * @session: is a #gnutls_session_t structure. + * @ms: is a timeout value in milliseconds + * + * This function sets the timeout for the handshake process + * to the provided value. + * + **/ +void +gnutls_handshake_set_timeout (gnutls_session_t session, unsigned int ms) +{ + if (ms == GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT) + ms = 40*1000; + session->internals.handshake_timeout_ms = ms; +} + #define IMED_RET( str, ret, allow_alert) do { \ if (ret < 0) { \ diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index e0b324bfdc..edb160ab2f 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -878,6 +878,7 @@ typedef struct unsigned char cb_tls_unique[MAX_VERIFY_DATA_SIZE]; unsigned int handshake_endtime; /* end time in seconds */ + unsigned int handshake_timeout_ms; /* timeout in milliseconds */ /* If you add anything here, check _gnutls_handshake_internal_state_clear(). */ diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 823f1d7bde..0156fc4f8d 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -752,8 +752,8 @@ typedef enum int gnutls_handshake (gnutls_session_t session); -#define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT 60 - int gnutls_handshake_timeout (gnutls_session_t session, unsigned int sec); +#define GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT ((unsigned int)-1) + void gnutls_handshake_set_timeout (gnutls_session_t session, unsigned int sec); int gnutls_rehandshake (gnutls_session_t session); gnutls_alert_description_t gnutls_alert_get (gnutls_session_t session); diff --git a/lib/libgnutls.map b/lib/libgnutls.map index 801c6357ac..3199bc642b 100644 --- a/lib/libgnutls.map +++ b/lib/libgnutls.map @@ -825,7 +825,7 @@ GNUTLS_3_1_0 { gnutls_pkcs11_privkey_set_pin_function; gnutls_certificate_set_pin_function; gnutls_x509_crt_set_pin_function; - gnutls_handshake_timeout; + gnutls_handshake_set_timeout; } GNUTLS_3_0_0; GNUTLS_PRIVATE { @@ -1183,7 +1183,8 @@ do_handshake (socket_st * socket) gl_fd_to_handle (socket->fd)); do { - ret = gnutls_handshake_timeout (socket->session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); + gnutls_handshake_set_timeout( socket->session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); + ret = gnutls_handshake (socket->session); if (ret < 0) { |