On 04/09/2012 10:40 AM, Wilmer van der Gaast wrote: >> Since you received eagain, I think that the promise is kept, there was >> no blocking. However, this scenario should be improbable in normal TLS. > Okay, so I did add one interpretation here, which makes sense for normal > Unix sockets but possibly not for TLS: I'm assuming that EAGAIN here > means that the operation would've blocked if I didn't make the socket > non-blocking. (IIRC EWOULDBLOCK is an alias for EAGAIN so it seems like > a reasonable assumption to me?)
Hello Wilmer, By checking your log I believe you are right. I see that you receive a complete record packet split in many tcp segments and gnutls_record_check_pending() deceives you by including the incomplete packets to pending data. Would the attached patch solve the issue you notice? If it works for you it will be included in the next version. > So it looks like GnuTLS is indeed trying to read more data from the > socket even though we still have something buffered? Indeed this is not correct. The buffered data are not enough to form a complete record and thus it tries to read. The incomplete data shouldn't have been included there. regards, Nikos
>From 56df68691364f1bc0b0809710d575fa285210ece Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos <[email protected]> Date: Mon, 9 Apr 2012 13:17:01 +0200 Subject: [PATCH] gnutls_record_check_pending functionality was divided to gnutls_record_check_pending and gnutls_record_check_unprocessed. --- NEWS | 9 +++++++-- lib/gnutls_buffers.c | 18 +++++++++++++++++- lib/gnutls_handshake.c | 6 ++++-- lib/includes/gnutls/gnutls.h.in | 1 + 4 files changed, 29 insertions(+), 5 deletions(-) diff --git a/NEWS b/NEWS index dd64b59..13b787b 100644 --- a/NEWS +++ b/NEWS @@ -4,12 +4,17 @@ See the end for copying conditions. * Version 3.0.19 (unreleased) +** libgnutls: gnutls_record_check_pending() no longer +returns unprocessed data, and thus ensure the non-blocking +of the next call to gnutls_record_recv(). To compensate +for unprocessed data, the gnutls_record_check_unprocessed() +was added. + ** tests: Disabled floating point test, and corrections in pkcs12 decoding tests. ** API and ABI modifications: -No changes since last version. - +gnutls_record_check_unprocessed: Added * Version 3.0.18 (released 2012-04-02) diff --git a/lib/gnutls_buffers.c b/lib/gnutls_buffers.c index 2d4fdc3..a7c00ca 100644 --- a/lib/gnutls_buffers.c +++ b/lib/gnutls_buffers.c @@ -93,7 +93,23 @@ _gnutls_record_buffer_put (gnutls_session_t session, size_t gnutls_record_check_pending (gnutls_session_t session) { - return _gnutls_record_buffer_get_size (session) + session->internals.record_recv_buffer.byte_length; + return _gnutls_record_buffer_get_size (session); +} + +/** + * gnutls_record_check_unprocessed: + * @session: is a #gnutls_session_t structure. + * + * This function checks if there are unprocessed data + * in the gnutls record buffers. Those data might not + * be complete records. + * + * Returns: Returns the size of the data or zero. + **/ +size_t +gnutls_record_check_unprocessed (gnutls_session_t session) +{ + return session->internals.record_recv_buffer.byte_length; } int diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index f2331d0..8dc3264 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -2681,7 +2681,8 @@ _gnutls_recv_handshake_final (gnutls_session_t session, int init) * we have received it unless we notify him. So we * wait for a message and retransmit if needed. */ if (IS_DTLS(session) && !_dtls_is_async(session) && - gnutls_record_check_pending (session) == 0) + (gnutls_record_check_pending (session) + + gnutls_record_check_unprocessed (session)) == 0) { ret = _dtls_wait_and_retransmit(session); if (ret < 0) @@ -2718,7 +2719,8 @@ _gnutls_recv_handshake_final (gnutls_session_t session, int init) STATE = STATE31; if (IS_DTLS(session) && !_dtls_is_async(session) && - gnutls_record_check_pending( session) == 0) + (gnutls_record_check_pending( session) + + gnutls_record_check_unprocessed (session)) == 0) { ret = _dtls_wait_and_retransmit(session); if (ret < 0) diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index 035f638..be85dc9 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -857,6 +857,7 @@ gnutls_ecc_curve_t gnutls_ecc_curve_get(gnutls_session_t session); ssize_t gnutls_record_set_max_size (gnutls_session_t session, size_t size); size_t gnutls_record_check_pending (gnutls_session_t session); + size_t gnutls_record_check_unprocessed (gnutls_session_t session); int gnutls_prf (gnutls_session_t session, size_t label_size, const char *label, -- 1.7.9.5
_______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
