romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-30 17:17:33 +03:00
Code Issues Projects Releases Packages Wiki Activity

gnutls: fix re-handshake comments

Browse source 
With GnuTLS, a GNUTLS_E_REHANDSHAKE can be a renegotiate in TLSv1.2 or a
key update in TLSv1.3. This had been made non-blocking in
a1850ad7de but the comment warning about a
blocking call was not updated.

Closes #19187
This commit is contained in:
Stefan Eissing 2025-10-22 10:39:58 +02:00 committed by Daniel Stenberg
parent 9c313b61b4
commit fcae0733a7
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
1 changed files with 6 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

13
lib/vtls/gtls.c
View file

@ -239,8 +239,8 @@ static void unload_file(gnutls_datum_t data)
/* this function does an SSL/TLS (re-)handshake */
static CURLcode handshake(struct Curl_cfilter *cf,
struct Curl_easy *data)
static CURLcode cf_gtls_handshake(struct Curl_cfilter *cf,
struct Curl_easy *data)
{
struct ssl_connect_data *connssl = cf->ctx;
struct gtls_ssl_backend_data *backend =
@ -2005,7 +2005,7 @@ static CURLcode gtls_connect_common(struct Curl_cfilter *cf,
DEBUGASSERT((connssl->earlydata_state == ssl_earlydata_none) ||
(connssl->earlydata_state == ssl_earlydata_sent));
#endif
result = handshake(cf, data);
result = cf_gtls_handshake(cf, data);
if(result)
goto out;
connssl->connecting_state = ssl_connect_3;
@ -2265,11 +2265,10 @@ static CURLcode gtls_recv(struct Curl_cfilter *cf,
goto out;
}
else if(nread == GNUTLS_E_REHANDSHAKE) {
/* BLOCKING call, this is bad but a work-around for now. Fixing this "the
proper way" takes a whole lot of work. */
result = handshake(cf, data);
/* Either TLSv1.2 renegotiate or a TLSv1.3 session key update. */
result = cf_gtls_handshake(cf, data);
if(!result)
result = CURLE_AGAIN; /* then return as if this was a wouldblock */
result = CURLE_AGAIN; /* make us get called again. */
goto out;
}
else {