Mercurial > hg > freeDiameter
changeset 803:d5a4b5e175c2
Add timeout in gnutls_handshake for version 3.1.x
author | Sebastien Decugis <sdecugis@nict.go.jp> |
---|---|
date | Wed, 22 Aug 2012 00:18:15 +0200 |
parents | 6dde862ba119 |
children | c5b7d4a2cc77 |
files | extensions/app_diameap/diameap_tls.c libfdcore/cnxctx.c libfdcore/sctps.c |
diffstat | 3 files changed, 22 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/extensions/app_diameap/diameap_tls.c Wed Aug 22 00:16:25 2012 +0200 +++ b/extensions/app_diameap/diameap_tls.c Wed Aug 22 00:18:15 2012 +0200 @@ -455,6 +455,10 @@ int ret; data->p_length = data->tlsResp.datalength; + #ifdef GNUTLS_VERSION_310 + gnutls_handshake_set_timeout( data->session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT); + #endif /* GNUTLS_VERSION_310 */ + ret = gnutls_handshake(data->session); if (ret < 0)
--- a/libfdcore/cnxctx.c Wed Aug 22 00:16:25 2012 +0200 +++ b/libfdcore/cnxctx.c Wed Aug 22 00:18:15 2012 +0200 @@ -841,7 +841,10 @@ { switch (ret) { case GNUTLS_E_REHANDSHAKE: - if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING)) + if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING)) { + #ifdef GNUTLS_VERSION_310 + GNUTLS_TRACE( gnutls_handshake_set_timeout( session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT)); + #endif /* GNUTLS_VERSION_310 */ CHECK_GNUTLS_DO( ret = gnutls_handshake(session), { if (TRACE_BOOL(INFO)) { @@ -849,6 +852,7 @@ } goto end; } ); + } case GNUTLS_E_AGAIN: case GNUTLS_E_INTERRUPTED: @@ -885,7 +889,11 @@ { switch (ret) { case GNUTLS_E_REHANDSHAKE: - if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING)) + if (!fd_cnx_teststate(conn, CC_STATUS_CLOSING)) { + #ifdef GNUTLS_VERSION_310 + GNUTLS_TRACE( gnutls_handshake_set_timeout( session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT)); + #endif /* GNUTLS_VERSION_310 */ + CHECK_GNUTLS_DO( ret = gnutls_handshake(session), { if (TRACE_BOOL(INFO)) { @@ -893,6 +901,7 @@ } goto end; } ); + } case GNUTLS_E_AGAIN: case GNUTLS_E_INTERRUPTED: @@ -1286,7 +1295,10 @@ /* Handshake master session */ { int ret; - + #ifdef GNUTLS_VERSION_310 + GNUTLS_TRACE( gnutls_handshake_set_timeout( conn->cc_tls_para.session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT)); + #endif /* GNUTLS_VERSION_310 */ + /* When gnutls 2.10.1 is around, we should use gnutls_certificate_set_verify_function and fd_tls_verify_credentials, so that handshake fails directly. */ CHECK_GNUTLS_DO( ret = gnutls_handshake(conn->cc_tls_para.session),
--- a/libfdcore/sctps.c Wed Aug 22 00:16:25 2012 +0200 +++ b/libfdcore/sctps.c Wed Aug 22 00:18:15 2012 +0200 @@ -462,6 +462,9 @@ } TRACE_DEBUG(FULL, "Starting TLS resumed handshake on stream %hu", ctx->strid); +#ifdef GNUTLS_VERSION_310 + GNUTLS_TRACE( gnutls_handshake_set_timeout( ctx->session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT)); +#endif /* GNUTLS_VERSION_310 */ CHECK_GNUTLS_DO( gnutls_handshake( ctx->session ), return NULL); GNUTLS_TRACE( resumed = gnutls_session_is_resumed(ctx->session) );