mirror of
https://github.com/curl/curl.git
synced 2026-04-14 18:31:42 +03:00
schannel: increase renegotiation timeout to 60 seconds
Prior to this change the timeout was 7 seconds but that is too short for enhanced-security users that have to fill out an interactive prompt on Schannel renegotiation (PIN, smart card, etc). Reported-by: Tim Omta Fixes https://github.com/curl/curl/issues/21270 Closes https://github.com/curl/curl/pull/21291
This commit is contained in:
Jay Satiro
parent
3b68c67be2
commit
70bb0db767
1 changed files with 7 additions and 1 deletions
|
|
@ -1757,7 +1757,13 @@ enum schannel_renegotiate_caller_t {
|
|||
SCH_RENEG_CALLER_IS_SEND
|
||||
};
|
||||
|
||||
#define MAX_RENEG_BLOCK_TIME (7 * 1000) /* 7 seconds in milliseconds */
|
||||
/* The maximum time we allow for Schannel renegotiation which may in some
|
||||
rare cases block either due to libcurl (waiting on the socket) or Windows
|
||||
(waiting on an interactive security prompt). Note Schannel "renegotiation"
|
||||
is not necessarily literal TLS renegotiation, but means DecryptMessage
|
||||
returned SEC_I_RENEGOTIATE which means at least the security context needs
|
||||
to be re-established. */
|
||||
#define MAX_RENEG_BLOCK_TIME (60 * 1000) /* 60 seconds in milliseconds */
|
||||
|
||||
/* This function renegotiates the connection due to a server request received
|
||||
by schannel_recv. This function returns CURLE_AGAIN if the renegotiation is
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue