Re: Bug#797059: Info received (lynx cannot connect to https://contributors.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
tags 797059 + patch
severity 797059 important
thanks
Hello,
please see the attached patch, which adds support for rehandshaking.
This now allows access to http:/contributors.debian.org
Bye,
Simon
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJV5WWRAAoJEBy08PeN7K/pxVwP/0J868l7afU3xV/ULrOBwyak
CLZZTAaDqVwGVzkVppZ86Y8/sVHtygJx6Fo7qXfnSUJMqTlZYK6T1bNgfiRffN+q
zfEb+FeERTDCI0EniVn57tyWi2VIprK5bnAy/a+cyCzqYvRDEjkKW7tcVYGzhomq
hnch4CIq/wDIpUrnBbCx0kSbZu0q/4KUBTFnTDCzkST09QJcxR/HzxiA5qT2Bp8g
sPOkt9DYM2BpMQQD6szjiEbHTCiHxjc3ikatOn1gxsNySFDNbn/k0H/HDkYDDtYU
XWZU5BL9jARlxRZ9L5jHvXXaMvYMtwVb6B4zmt3ZmCkQjxQ5AM3qo7DEObLQpq+E
8hrHmCKNI2kYmd8+qIHH3Cw66AnMNPzaSrgeQZ+NDK3HmgiFOHZbbEVsZ/dtFpol
ZG6XIMf0u2/oecx24aDLYB2tB3Mze8v02uwj8My+HkFrDCEaWQB7TZbsnJKuMPuf
IIxa8vS0U3SXLw4cDHBwELbdgUAZJcsZOjw6PSGpzZxJiqSjELJSIsgoU3aCSR2Y
SStNHrz6JIPcpE46jf8z4gwAkrqUxm04rN690KHeZgnihLPHk67Fy+5ciGNZWyvt
XBoggJV9G8nCXknTcttuY7HmQ/5Y5rFihA4jlHBkNkku5OZa6XnrD3fwFg38fsbJ
b2ILOxMQRZI+r/kUvRp+
=LHQ1
-----END PGP SIGNATURE-----
Description: Add support for GNUTLS rehandshake
Author: Simon Kainz <skainz@debian.org>
Bug-Debian: https://bugs.debian.org/797059
---
Origin: other
Bug-Debian: https://bugs.debian.org/797059
Forwarded: no
--- lynx-cur-2.8.9dev6.orig/WWW/Library/Implementation/tidy_tls.h
+++ lynx-cur-2.8.9dev6/WWW/Library/Implementation/tidy_tls.h
@@ -98,6 +98,9 @@ struct _SSL {
gnutls_transport_ptr_t rfd;
gnutls_transport_ptr_t wfd;
+
+ void *sendbuffer;
+ int bytes_sent;
};
/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
--- lynx-cur-2.8.9dev6.orig/src/tidy_tls.c
+++ lynx-cur-2.8.9dev6/src/tidy_tls.c
@@ -530,7 +530,6 @@ SSL *SSL_new(SSL_CTX * ctx)
{
SSL *ssl;
int rc;
-
if ((ssl = typeCalloc(SSL)) != 0) {
rc = gnutls_certificate_allocate_credentials(&ssl->gnutls_cred);
@@ -564,6 +563,9 @@ SSL *SSL_new(SSL_CTX * ctx)
ssl->wfd = (gnutls_transport_ptr_t) (-1);
}
}
+ ssl->bytes_sent=0;
+ ssl->sendbuffer=0;
+
return ssl;
}
@@ -576,13 +578,22 @@ int SSL_read(SSL * ssl, void *buffer, in
int rc;
rc = gnutls_record_recv(ssl->gnutls_state, buffer, length);
- ssl->last_error = rc;
+ if ( rc <0 && gnutls_error_is_fatal(rc) == 0) {
+ if (rc == GNUTLS_E_REHANDSHAKE ) {
+ rc=gnutls_handshake(ssl->gnutls_state);
+ gnutls_record_send(ssl->gnutls_state,ssl->sendbuffer,ssl->bytes_sent);
+ rc = gnutls_record_recv(ssl->gnutls_state, buffer, length);
+ }
+ }
+
+ ssl->last_error = rc;
+
if (rc < 0) {
- last_error = rc;
- rc = 0;
+ last_error = rc;
+ rc = 0;
}
-
+
return rc;
}
@@ -611,6 +622,15 @@ int SSL_write(SSL * ssl, const void *buf
last_error = rc;
rc = 0;
}
+ else {
+ if (ssl->sendbuffer)
+ {
+ free(ssl->sendbuffer);
+ }
+ ssl->sendbuffer=malloc(rc);
+ ssl->bytes_sent=rc;
+ }
+
return rc;
}
Reply to: