diff options
author | Nils Maier <maierman@web.de> | 2014-01-06 15:15:58 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-01-07 09:33:38 +0100 |
commit | 5f005258bf131cea0d7045369042e28e0044e037 (patch) | |
tree | 11c97b1e684957e09f769963e22a70c9a5adffe2 | |
parent | 26684e14800c83b65c28209db9353763363120b6 (diff) | |
download | gnutls-5f005258bf131cea0d7045369042e28e0044e037.tar.gz |
Fix CERTIFICATE STATUS processing when using non-blocking I/O
_gnutls_recv_server_certificate_status() must wait for the first full
packet before setting priv->expect_cstatus = 0, or else CERTIFCATE
STATUS packets won't be processed in subsequent calls at all, leaving
them in the buffer and therefore causing later connection aborts.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | lib/ext/status_request.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/ext/status_request.c b/lib/ext/status_request.c index d7009aab5b..7ba840bac4 100644 --- a/lib/ext/status_request.c +++ b/lib/ext/status_request.c @@ -578,14 +578,14 @@ int _gnutls_recv_server_certificate_status(gnutls_session_t session) if (!priv->expect_cstatus) return 0; - priv->expect_cstatus = 0; - ret = _gnutls_recv_handshake(session, GNUTLS_HANDSHAKE_CERTIFICATE_STATUS, 0, &buf); if (ret < 0) return gnutls_assert_val_fatal(ret); + priv->expect_cstatus = 0; + data = buf.data; data_size = buf.length; |