diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-02-24 00:19:21 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2019-03-02 21:15:26 +0100 |
| commit | 04e19415815cbd867894117c9ae3e2c0ee97d01d (patch) | |
| tree | e1d2815a3900f270d0418498e67bcf628a401d29 /lib/record.c | |
| parent | 1a84f73d69a00dda1b29968579fe2841207b51cc (diff) | |
| download | gnutls-04e19415815cbd867894117c9ae3e2c0ee97d01d.tar.gz | |
Make false start and early start multi-thread recv/send safe
An application that is sending and receiving from different threads
after handshake is complete cannot take advantage of false start because
gnutls_record_send2() detects operations during the handshake process
as invalid.
Because in early start and false start the remaining handshake process needs
only to receive data, and the sending side is already set-up, this error
detection is bogus. With this patch we remove it.
Resolves: #713
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'lib/record.c')
| -rw-r--r-- | lib/record.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/record.c b/lib/record.c index 08aad540db..272ac431b7 100644 --- a/lib/record.c +++ b/lib/record.c @@ -1694,8 +1694,7 @@ check_session_status(gnutls_session_t session, unsigned ms) !(session->internals.flags & GNUTLS_ENABLE_FALSE_START)) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - /* Attempt to complete handshake */ - + /* Attempt to complete handshake - we only need to receive */ session->internals.recv_state = RECV_STATE_FALSE_START_HANDLING; ret = gnutls_handshake(session); if (ret < 0) { @@ -1714,7 +1713,7 @@ check_session_status(gnutls_session_t session, unsigned ms) !(session->internals.flags & GNUTLS_ENABLE_EARLY_START)) return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - /* Attempt to complete handshake */ + /* Attempt to complete handshake - we only need to receive */ session->internals.recv_state = RECV_STATE_EARLY_START_HANDLING; ret = gnutls_handshake(session); if (ret < 0) { @@ -1990,7 +1989,9 @@ gnutls_record_send2(gnutls_session_t session, const void *data, * data. We allow sending however, if we are in false start handshake * state. */ if (session->internals.recv_state != RECV_STATE_FALSE_START && + session->internals.recv_state != RECV_STATE_FALSE_START_HANDLING && session->internals.recv_state != RECV_STATE_EARLY_START && + session->internals.recv_state != RECV_STATE_EARLY_START_HANDLING && !(session->internals.hsk_flags & HSK_EARLY_DATA_IN_FLIGHT)) return gnutls_assert_val(GNUTLS_E_UNAVAILABLE_DURING_HANDSHAKE); } |