Package: elinks
Version: 0.12~pre6-10
Severity: normal
Hi!
I've been playing a bit with the new Debian SSO setup, and when trying
elinks, it could not even connect to the sites before authenticating:
<https://nm.debian.org>
<https://contributors.debian.org>
<https://tracker.debian.org>
<https://paste.debian.net>
It gives the following error message:
,---
Unable to retrieve https://tracker.debian.org/:
Resource temporarily unavailable
`---
When tracking this down, it appears one of the problems is due to not
handling SSL rehandshakes at all. When trying to fix that with the
attached patch, it started complaining about being unable to rehandshake
with:
,---
elinks: SSL rehandshake error: No or insufficient priorities were set.
`---
And, here I've run out of time. Hope at least this serves as a
starting point for someone else.
Thanks,
Guillem
diff --git a/src/network/ssl/socket.c b/src/network/ssl/socket.c
index 2ecdd71..f763ebd 100644
--- a/src/network/ssl/socket.c
+++ b/src/network/ssl/socket.c
@@ -246,8 +246,18 @@ ssl_read(struct socket *socket, unsigned char *data, int len)
#endif
#ifdef CONFIG_GNUTLS
- if (err == GNUTLS_E_REHANDSHAKE)
- return -1;
+ if (err == GNUTLS_E_REHANDSHAKE) {
+ err = gnutls_handshake(socket->ssl);
+ if (err < 0) {
+ fprintf(stderr, "elinks: SSL rehandshake error: %s\n", gnutls_strerror(err));
+ errno = S_SSL_ERROR;
+ return SOCKET_INTERNAL_ERROR;
+ }
+ rd = gnutls_record_recv(socket->ssl, data, len);
+ if (rd > 0)
+ return rd;
+ err = rd;
+ }
#endif
if (err == SSL_ERROR_WANT_READ ||
