]> git.ipfire.org Git - thirdparty/gnutls.git/commitdiff
the handshake function has a timeout value by default
authorNikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 2 Oct 2014 09:08:15 +0000 (11:08 +0200)
committerNikos Mavrogiannopoulos <nmav@redhat.com>
Thu, 2 Oct 2014 13:14:51 +0000 (15:14 +0200)
lib/gnutls_dtls.c
lib/gnutls_handshake.c
lib/gnutls_int.h
lib/gnutls_state.c

index ab02721a8d1a1d5b146506e7e3ee325e4000b1c4..c07f08f6eb694330bdc50a33be13d8cc7a786b63 100644 (file)
@@ -548,7 +548,7 @@ int _dtls_record_check(struct record_parameters_st *rp, uint64 * _seq)
  * handshake will be aborted with %GNUTLS_E_TIMEDOUT.
  *
  * The DTLS protocol recommends the values of 1 sec and 60 seconds
- * respectively.
+ * respectively, and these are the default values.
  *
  * If the retransmission timeout is zero then the handshake will operate
  * in a non-blocking way, i.e., return %GNUTLS_E_AGAIN.
index f1c525ad272d065cc29cb8d6d9c65202ddac16a7..28e4a7eafeb996d9d22bf9a68b60df6850f70b1b 100644 (file)
@@ -2525,6 +2525,16 @@ int gnutls_handshake(gnutls_session_t session)
                if (session->internals.priorities.protocol.algorithms == 0)
                        return gnutls_assert_val(GNUTLS_E_NO_PRIORITIES_WERE_SET);
 
+               /* if no pull timeout has not been set, and a handshake timeout
+                * is set, disable it */
+               if (unlikely((session->internals.pull_timeout_func == NULL || 
+                   (session->internals.pull_timeout_func == system_recv_timeout && 
+                     session->internals.pull_func != system_read)) && 
+                    session->internals.handshake_timeout_ms != 0)) {
+                       _gnutls_debug_log("Cannot enforce the handshake timeout; there is no pull_timeout function set.\n");
+            session->internals.handshake_timeout_ms = 0;
+               }
+
                gettime(&session->internals.dtls.handshake_start_time);
                if (session->internals.handshake_timeout_ms &&
                    session->internals.handshake_endtime == 0)
@@ -2584,10 +2594,14 @@ int gnutls_handshake(gnutls_session_t session)
  * @session: is a #gnutls_session_t structure.
  * @ms: is a timeout value in milliseconds
  *
- * This function sets the timeout for the handshake process
+ * This function sets the timeout for the TLS handshake process
  * to the provided value. Use an @ms value of zero to disable
  * timeout, or %GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT for a reasonable
- * default value.
+ * default value. For the DTLS protocol, the more detailed
+ * gnutls_dtls_set_timeouts() is provided.
+ *
+ * The TLS handshake process always has the default timeout value since 
+ * GnuTLS 3.4.0. To unset call this function with zero value.
  *
  * Since: 3.1.0
  **/
@@ -2595,7 +2609,7 @@ void
 gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms)
 {
        if (ms == GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT)
-               ms = 40 * 1000;
+               ms = DEFAULT_HANDSHAKE_TIMEOUT_MS;
        session->internals.handshake_timeout_ms = ms;
 }
 
index deca5fe7727fbbaaa08184274595fe4d93f0fa41..106cd73b2519e8ccea1059d78e42c87ac15c050e 100644 (file)
@@ -167,6 +167,7 @@ typedef enum {
 
 /* expire time for resuming sessions */
 #define DEFAULT_EXPIRE_TIME 3600
+#define DEFAULT_HANDSHAKE_TIMEOUT_MS 40*1000
 
 typedef enum transport_t {
        GNUTLS_STREAM,
index 61655312f10c62fc3b2e324fc7baef57a2fe0c65..fffe4a0584cf539d9c909ddc79cef6d8b0905262 100644 (file)
@@ -393,8 +393,10 @@ int gnutls_init(gnutls_session_t * session, unsigned int flags)
 
                (*session)->internals.dtls.retrans_timeout_ms = 1000;
                (*session)->internals.dtls.total_timeout_ms = 60000;
-       } else
+       } else {
+               (*session)->internals.handshake_timeout_ms = DEFAULT_HANDSHAKE_TIMEOUT_MS;
                (*session)->internals.transport = GNUTLS_STREAM;
+       }
 
        if (flags & GNUTLS_NONBLOCK)
                (*session)->internals.dtls.blocking = 0;