mirror of
https://github.com/moparisthebest/wget
synced 2024-07-03 16:38:41 -04:00
gnutls: do not abort on non-fatal alerts during handshake
Signed-off-by: mancha <mancha1@hush.com>
This commit is contained in:
parent
277785fa2a
commit
ae80fd2ec7
@ -1,3 +1,9 @@
|
|||||||
|
2013-05-05 mancha <mancha1@hush.com> (tiny change)
|
||||||
|
|
||||||
|
* gnutls.c (ssl_connect_wget): Don't abort on non-fatal alerts
|
||||||
|
received during handshake. For example, when connecting to servers
|
||||||
|
using TSL-SNI that send warning-level unrecognized_name alerts.
|
||||||
|
|
||||||
2013-05-04 Darshit Shah <darnir@gmail.com>
|
2013-05-04 Darshit Shah <darnir@gmail.com>
|
||||||
|
|
||||||
* init.c (cmd_string_uppercase): Fix issue that cased invalid headers
|
* init.c (cmd_string_uppercase): Fix issue that cased invalid headers
|
||||||
|
21
src/gnutls.c
21
src/gnutls.c
@ -376,8 +376,9 @@ ssl_connect_wget (int fd, const char *hostname)
|
|||||||
{
|
{
|
||||||
struct wgnutls_transport_context *ctx;
|
struct wgnutls_transport_context *ctx;
|
||||||
gnutls_session_t session;
|
gnutls_session_t session;
|
||||||
int err;
|
int err,alert;
|
||||||
gnutls_init (&session, GNUTLS_CLIENT);
|
gnutls_init (&session, GNUTLS_CLIENT);
|
||||||
|
const char *str;
|
||||||
|
|
||||||
/* We set the server name but only if it's not an IP address. */
|
/* We set the server name but only if it's not an IP address. */
|
||||||
if (! is_valid_ip_address (hostname))
|
if (! is_valid_ip_address (hostname))
|
||||||
@ -440,10 +441,28 @@ ssl_connect_wget (int fd, const char *hostname)
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* We don't stop the handshake process for non-fatal errors */
|
||||||
|
do
|
||||||
|
{
|
||||||
err = gnutls_handshake (session);
|
err = gnutls_handshake (session);
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
{
|
{
|
||||||
logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));
|
logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));
|
||||||
|
if (err == GNUTLS_E_WARNING_ALERT_RECEIVED ||
|
||||||
|
err == GNUTLS_E_FATAL_ALERT_RECEIVED)
|
||||||
|
{
|
||||||
|
alert = gnutls_alert_get (session);
|
||||||
|
str = gnutls_alert_get_name (alert);
|
||||||
|
if (str == NULL)
|
||||||
|
str = "(unknown)";
|
||||||
|
logprintf (LOG_NOTQUIET, "GnuTLS: received alert [%d]: %s\n", alert, str);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
while (err == GNUTLS_E_WARNING_ALERT_RECEIVED && gnutls_error_is_fatal (err) == 0);
|
||||||
|
|
||||||
|
if (err < 0)
|
||||||
|
{
|
||||||
gnutls_deinit (session);
|
gnutls_deinit (session);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user