diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-06-16 13:40:56 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-06-16 13:45:31 +0200 |
| commit | 8af2a5d24a3e28b579211a8706a056f85ca4e0fa (patch) | |
| tree | 00b4f6956e340320171ff3277dc3b95ad2b51244 | |
| parent | 877f892af4a3139ebd58de8aa61b518ed2e91152 (diff) | |
| download | gnutls-8af2a5d24a3e28b579211a8706a056f85ca4e0fa.tar.gz | |
treat the _gnutls_user_hello_func() output the same on resumed sessions.
| -rw-r--r-- | lib/gnutls_handshake.c | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index e5a67cd97a..ab819f2498 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -429,18 +429,28 @@ _gnutls_negotiate_version(gnutls_session_t session, return ret; } +/* This function returns: + * - zero on success + * - GNUTLS_E_INT_RET_0 if GNUTLS_E_AGAIN || GNUTLS_E_INTERRUPTED were returned by the callback + * - a negative error code on other error + */ int _gnutls_user_hello_func(gnutls_session_t session, gnutls_protocol_t adv_version) { - int ret; + int ret, sret = 0; if (session->internals.user_hello_func != NULL) { ret = session->internals.user_hello_func(session); - if (ret < 0) { + + if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) { + gnutls_assert(); + sret = GNUTLS_E_INT_RET_0; + } else if (ret < 0) { gnutls_assert(); return ret; } + /* Here we need to renegotiate the version since the callee might * have disabled some TLS versions. */ @@ -450,7 +460,7 @@ _gnutls_user_hello_func(gnutls_session_t session, return ret; } } - return 0; + return sret; } /* Read a client hello packet. @@ -606,14 +616,11 @@ read_client_hello(gnutls_session_t session, uint8_t * data, return ret; } - ret = _gnutls_user_hello_func(session, adv_version); - if (ret < 0) { - if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) { - sret = GNUTLS_E_INT_RET_0; - } else { - gnutls_assert(); - return ret; - } + /* we cache this error code */ + sret = _gnutls_user_hello_func(session, adv_version); + if (sret < 0 && sret != GNUTLS_E_INT_RET_0) { + gnutls_assert(); + return sret; } ret = _gnutls_parse_extensions(session, GNUTLS_EXT_MANDATORY, |