On Monday 28 September 2015 15:30:33 Giuseppe Scrivano wrote: > Tim Ruehsen <tim.rueh...@gmx.de> writes: > > Please review / test this patch. > > > > BTW, I am not sure if contributors.debian.org is configured correctly. > > The rehandshake occurs right after the HTTP request and it has a pretty > > heavy impact on download duration. > > > > Regards, Tim > > > > On Sunday 27 September 2015 20:03:54 Tim Ruehsen wrote: > >> Follow-up Comment #2, bug #46061 (project wget): > >> > >> Wget is not reacting on GNUTLS_E_REHANDSHAKE. Should be straight > >> forward... > >> > >> _______________________________________________________ > >> > >> Reply to this item at: > >> <http://savannah.gnu.org/bugs/?46061> > >> > >> _______________________________________________ > >> > >> Nachricht gesendet von/durch Savannah > >> http://savannah.gnu.org/ > > > > From cbec5b0c780f9d1fc343fabf22e8ee7c7cb3222d Mon Sep 17 00:00:00 2001 > > From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.rueh...@gmx.de> > > Date: Mon, 28 Sep 2015 12:00:33 +0200 > > Subject: [PATCH] Handle TLS rehandshakes in GnuTLS code > > > > * src/gnutls.c: New static function _do_handshake() > > * src/gnutls.c (wgnutls_read_timeout): Handle rehandshake > > * src/gnutls.c (wgnutls_write): Handle rehandshake > > * src/gnutls.c (ssl_connect_wget): Move handshake code into > > _do_handshake() > > > > Fixes #46061 > > --- > > > > src/gnutls.c | 179 > > ++++++++++++++++++++++++++++++++++------------------------- 1 file > > changed, 102 insertions(+), 77 deletions(-) > > > > diff --git a/src/gnutls.c b/src/gnutls.c > > index a38301a..2f53592 100644 > > --- a/src/gnutls.c > > +++ b/src/gnutls.c > > @@ -57,6 +57,9 @@ as that of the covered work. */ > > > > #include "host.h" > > > > static int > > > > +_do_handshake(gnutls_session_t session, int fd, double timeout); > > + > > +static int > > > > key_type_to_gnutls_type (enum keyfile_type type) > > { > > > > switch (type) > > > > @@ -277,6 +280,12 @@ wgnutls_read_timeout (int fd, char *buf, int bufsize, > > void *arg, double timeout)> > > { > > > > ret = gnutls_record_recv (ctx->session, buf, bufsize); > > timed_out = timeout && ptimer_measure (timer) >= timeout; > > > > + if (!timed_out && ret == GNUTLS_E_REHANDSHAKE) > > + { > > + DEBUGP (("GnuTLS: *** REHANDSHAKE while reading\n")); > > + if ((ret = _do_handshake(ctx->session, fd, timeout)) == 0) > > + ret = GNUTLS_E_AGAIN; /* restart reading */ > > + } > > > > } > > > > } > > > > while (ret == GNUTLS_E_INTERRUPTED || (ret == GNUTLS_E_AGAIN && > > !timed_out));> > > @@ -332,7 +341,15 @@ wgnutls_write (int fd _GL_UNUSED, char *buf, int > > bufsize, void *arg)> > > int ret; > > struct wgnutls_transport_context *ctx = arg; > > do > > > > - ret = gnutls_record_send (ctx->session, buf, bufsize); > > + { > > + ret = gnutls_record_send (ctx->session, buf, bufsize); > > + if (ret == GNUTLS_E_REHANDSHAKE) > > + { > > + DEBUGP (("GnuTLS: *** REHANDSHAKE while writing\n")); > > + if ((ret = _do_handshake(ctx->session, fd, 0)) == 0) > > one thing: timeout here should be the remaining time instead of 0?
wgnutls_write is called without timeout. So, what can we do here ? But maybe we don't have to check for GNUTLS_E_REHANDSHAKE at this point at all. Regarding http://www.gnutls.org/manual/html_node/Re_002dauthentication.html, only gnutls_record_recv() returns GNUTLS_E_REHANDSHAKE. If you don't mind, I'll remove the rehandshake code from wgnutls_write(). Tim
