diff options
-rw-r--r-- | lib/gnutls_handshake.c | 11 | ||||
-rw-r--r-- | lib/gnutls_record.c | 2 |
2 files changed, 9 insertions, 4 deletions
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 40d399c167..e904f2e29d 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -2492,7 +2492,9 @@ static int _gnutls_recv_supplemental(gnutls_session_t session) * * The non-fatal errors expected by this function are: * %GNUTLS_E_INTERRUPTED, %GNUTLS_E_AGAIN, - * and %GNUTLS_E_WARNING_ALERT_RECEIVED. + * %GNUTLS_E_WARNING_ALERT_RECEIVED, and %GNUTLS_GOT_APPLICATION_DATA, + * the latter only in a case of rehandshake. + * * The former two interrupt the handshake procedure due to the lower * layer being interrupted, and the latter because of an alert that * may be sent by a server (it is always a good idea to check any @@ -2507,8 +2509,9 @@ static int _gnutls_recv_supplemental(gnutls_session_t session) * %GNUTLS_E_WARNING_ALERT_RECEIVED may be returned. Note that these * are non fatal errors, only in the specific case of a rehandshake. * Their meaning is that the client rejected the rehandshake request or - * in the case of %GNUTLS_E_GOT_APPLICATION_DATA it might also mean that - * some data were pending. + * in the case of %GNUTLS_E_GOT_APPLICATION_DATA it could also mean that + * some data were pending. A client may receive that error code if + * it initiates the handshake and the server doesn't agreed. * * Returns: %GNUTLS_E_SUCCESS on success, otherwise a negative error code. **/ @@ -2607,6 +2610,8 @@ gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms) /* EAGAIN and INTERRUPTED are always non-fatal */ \ if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) \ return ret; \ + if (ret == GNUTLS_E_GOT_APPLICATION_DATA && session->internals.initial_negotiation_completed != 0) \ + return ret; \ if (ret == GNUTLS_E_LARGE_PACKET && session->internals.handshake_large_loops < 16) { \ session->internals.handshake_large_loops++; \ return ret; \ diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c index 157d12a773..40c20fe5d4 100644 --- a/lib/gnutls_record.c +++ b/lib/gnutls_record.c @@ -837,7 +837,7 @@ record_add_to_buffers(gnutls_session_t session, * reasons). Otherwise it is an unexpected packet */ if (type == GNUTLS_ALERT - || (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO + || ((htype == GNUTLS_HANDSHAKE_SERVER_HELLO || htype == GNUTLS_HANDSHAKE_CLIENT_HELLO) && type == GNUTLS_HANDSHAKE)) { /* even if data is unexpected put it into the buffer */ _gnutls_record_buffer_put(session, recv->type, |