Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:GA
csync2.19006
0002-repeat-gnutls_handshake-call-in-case-of-wa...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0002-repeat-gnutls_handshake-call-in-case-of-warnings.patch of Package csync2.19006
From c0faaf9dda0c8301d46c2145a0bbaccf3de8bb14 Mon Sep 17 00:00:00 2001 From: Malte Kraus <malte.kraus@suse.com> Date: Tue, 13 Aug 2019 13:36:26 +0200 Subject: [PATCH 2/3] repeat gnutls_handshake() call in case of warnings that's what the semantics of this call require --- conn.c | 71 ++++++++++++++++++++++++++++++++-------------------------- 1 file changed, 39 insertions(+), 32 deletions(-) diff --git a/conn.c b/conn.c index be26f72..c013860 100644 --- a/conn.c +++ b/conn.c @@ -276,6 +276,7 @@ int conn_activate_ssl(int server_role) char *ssl_keyfile; char *ssl_certfile; int err; + int handshake_repeat = 0; if (csync_conn_usessl) return 0; @@ -333,40 +334,46 @@ int conn_activate_ssl(int server_role) (gnutls_transport_ptr_t)(long)conn_fd_out ); - err = gnutls_handshake(conn_tls_session); - switch(err) { - case GNUTLS_E_SUCCESS: - break; - - case GNUTLS_E_WARNING_ALERT_RECEIVED: - alrt = gnutls_alert_get(conn_tls_session); - fprintf( - csync_debug_out, - "SSL: warning alert received from peer: %d (%s).\n", - alrt, gnutls_alert_get_name(alrt) - ); - break; - - case GNUTLS_E_FATAL_ALERT_RECEIVED: - alrt = gnutls_alert_get(conn_tls_session); - fprintf( - csync_debug_out, - "SSL: fatal alert received from peer: %d (%s).\n", - alrt, gnutls_alert_get_name(alrt) - ); - default: - gnutls_bye(conn_tls_session, GNUTLS_SHUT_RDWR); - gnutls_deinit(conn_tls_session); - gnutls_certificate_free_credentials(conn_x509_cred); - gnutls_global_deinit(); + do { + handshake_repeat = 0; + err = gnutls_handshake(conn_tls_session); + switch(err) { + case GNUTLS_E_SUCCESS: + break; - csync_fatal( - "SSL: handshake failed: %s (%s)\n", - gnutls_strerror(err), - gnutls_strerror_name(err) - ); - } + case GNUTLS_E_WARNING_ALERT_RECEIVED: + alrt = gnutls_alert_get(conn_tls_session); + fprintf( + csync_debug_out, + "SSL: warning alert received from peer: %d (%s).\n", + alrt, gnutls_alert_get_name(alrt) + ); + handshake_repeat = 1; + break; + + case GNUTLS_E_FATAL_ALERT_RECEIVED: + alrt = gnutls_alert_get(conn_tls_session); + fprintf( + csync_debug_out, + "SSL: fatal alert received from peer: %d (%s).\n", + alrt, gnutls_alert_get_name(alrt) + ); + // fall-through! + + default: + gnutls_bye(conn_tls_session, GNUTLS_SHUT_RDWR); + gnutls_deinit(conn_tls_session); + gnutls_certificate_free_credentials(conn_x509_cred); + gnutls_global_deinit(); + + csync_fatal( + "SSL: handshake failed: %s (%s)\n", + gnutls_strerror(err), + gnutls_strerror_name(err) + ); + } + } while (handshake_repeat); csync_conn_usessl = 1; -- 2.26.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor