Skip to content

Commit 98a0ca4

Browse files
zdohnalzdohnal
committed
tls-gnutls.c: Handle rehandshake error in _httpTLSRead
Per GNUTLS manual, `gnutls_record_recv()` can get GNUTLS_E_REHANDSHAKE and if it is HTTP client, we should not close the connection and ignore the error. The server can terminate the connection as before.
1 parent 56d1242 commit 98a0ca4

1 file changed

Lines changed: 44 additions & 34 deletions

File tree

cups/tls-gnutls.c

Lines changed: 44 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -1613,25 +1613,37 @@ _httpTLSRead(http_t *http, // I - Connection to server
16131613

16141614
result = gnutls_record_recv(http->tls, buf, (size_t)len);
16151615

1616-
if (result < 0)
1616+
if (result >= 0)
1617+
return (result);
1618+
1619+
// Convert GNU TLS error to errno value...
1620+
switch (result)
16171621
{
1618-
// Convert GNU TLS error to errno value...
1619-
switch (result)
1620-
{
1621-
case GNUTLS_E_INTERRUPTED :
1622-
errno = EINTR;
1623-
break;
1622+
case GNUTLS_E_INTERRUPTED :
1623+
errno = EINTR;
1624+
break;
16241625

1625-
case GNUTLS_E_AGAIN :
1626-
errno = EAGAIN;
1627-
break;
1626+
case GNUTLS_E_AGAIN :
1627+
errno = EAGAIN;
1628+
break;
16281629

1629-
default :
1630-
errno = EPIPE;
1631-
break;
1632-
}
1630+
case GNUTLS_E_REHANDSHAKE :
1631+
// if used in client, ignore the error
1632+
if (http->mode = _HTTP_MODE_CLIENT)
1633+
{
1634+
errno = 0;
1635+
result = 0;
1636+
}
1637+
else
1638+
{
1639+
// terminate the session as server
1640+
errno = EPIPE;
1641+
}
1642+
break;
16331643

1634-
result = -1;
1644+
default :
1645+
errno = EPIPE;
1646+
break;
16351647
}
16361648

16371649
return ((int)result);
@@ -2022,30 +2034,28 @@ _httpTLSWrite(http_t *http, // I - Connection to server
20222034

20232035
result = gnutls_record_send(http->tls, buf, (size_t)len);
20242036

2025-
if (result < 0)
2026-
{
2027-
// Convert GNU TLS error to errno value...
2028-
switch (result)
2029-
{
2030-
case GNUTLS_E_INTERRUPTED :
2031-
errno = EINTR;
2032-
break;
2037+
DEBUG_printf("5_httpTLSWrite: gnutls_record_send returns %d.", (int)result);
20332038

2034-
case GNUTLS_E_AGAIN :
2035-
errno = EAGAIN;
2036-
break;
2039+
if (result >= 0)
2040+
return (result);
20372041

2038-
default :
2039-
errno = EPIPE;
2040-
break;
2041-
}
2042+
// Convert GNU TLS error to errno value...
2043+
switch (result)
2044+
{
2045+
case GNUTLS_E_INTERRUPTED :
2046+
errno = EINTR;
2047+
break;
20422048

2043-
result = -1;
2044-
}
2049+
case GNUTLS_E_AGAIN :
2050+
errno = EAGAIN;
2051+
break;
20452052

2046-
DEBUG_printf("5_httpTLSWrite: Returning %d.", (int)result);
2053+
default :
2054+
errno = EPIPE;
2055+
break;
2056+
}
20472057

2048-
return ((int)result);
2058+
return (-1);
20492059
}
20502060

20512061

0 commit comments

Comments
 (0)