From: Daniel Stenberg <daniel@haxx.se>
Date: Sun, 14 Nov 2010 11:42:29 +0000 (+0100)
Subject: gnutls->handshake: improved timeout handling
X-Git-Tag: curl-7_21_3~58
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=cbf4961bf3e;p=thirdparty%2Fcurl.git

gnutls->handshake: improved timeout handling

When no timeout is set, we call the socket_ready function with a timeout
value of 0 during handshake, which makes it loop too much/fast in this
function. It also made this function return CURLE_OPERATION_TIMEDOUT
wrongly on a slow handshake.

However, the particular bug report that highlighted this problem is not
solved by this fix, as this fix only makes the more proper error get
reported instead.

Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594150
Reported by: Johannes Ernst
---

diff --git a/lib/gtls.c b/lib/gtls.c
index fca2a7e7d5..84410eda81 100644
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -216,19 +216,18 @@ static CURLcode handshake(struct connectdata *conn,
         connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
 
       what = Curl_socket_ready(readfd, writefd,
-                               nonblocking?0:(int)timeout_ms);
+                               nonblocking?0:(int)timeout_ms?1000:timeout_ms);
       if(what < 0) {
         /* fatal error */
         failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
         return CURLE_SSL_CONNECT_ERROR;
       }
       else if(0 == what) {
-        if(nonblocking) {
+        if(nonblocking)
           return CURLE_OK;
-        }
-        else {
+        else if(timeout_ms) {
           /* timeout */
-          failf(data, "SSL connection timeout");
+          failf(data, "SSL connection timeout at %ld", timeout_ms);
           return CURLE_OPERATION_TIMEDOUT;
         }
       }
@@ -241,12 +240,14 @@ static CURLcode handshake(struct connectdata *conn,
       connssl->connecting_state =
         gnutls_record_get_direction(session)?
         ssl_connect_2_writing:ssl_connect_2_reading;
-      if(nonblocking) {
+      if(nonblocking)
         return CURLE_OK;
-      }
-    } else if (rc < 0) {
+    }
+    else if (rc < 0) {
       failf(data, "gnutls_handshake() failed: %s", gnutls_strerror(rc));
-    } else {
+      return CURLE_SSL_CONNECT_ERROR;
+    }
+    else {
       /* Reset our connect state machine */
       connssl->connecting_state = ssl_connect_1;
       return CURLE_OK;