Bug#797931: elinks: Does not support SSL rehandshakes

2018-08-28 Thread أحمد المحمودي 
On Sat, Nov 18, 2017 at 02:39:14AM +0100, أحمد المحمودي wrote:
> This commit https://github.com/rkd77/felinks/commit/4c4717b82ae5eae 
> fixed GnuTLS rehandshake issue for me.
> Anyways I applied your GnuTLS client cert patch over it, and I still 
> can't get it to work.
---end quoted text---

SSL auth. using client cert. finally worked for me using your patch on 
Witold's felinks fork[1]. I just had to concatenate crt & key files to a 
pem file and use that in elinks

[1] https://github.com/rkd77/felinks


-- 
‎أحمد المحمودي (Ahmed El-Mahmoudy)
 Digital design engineer
GPG KeyIDs: 4096R/A7EF5671 2048R/EDDDA1B7
GPG Fingerprints:
 6E2E E4BB 72E2 F417 D066  6ABF 7B30 B496 A7EF 5761
 8206 A196 2084 7E6D 0DF8  B176 BC19 6A94 EDDD A1B7


signature.asc
Description: PGP signature

Bug#797931: elinks: Does not support SSL rehandshakes

2017-11-13 Thread أحمد المحمودي 
On Thu, Sep 03, 2015 at 09:31:45PM +0200, Guillem Jover wrote:
> I've been playing a bit with the new Debian SSO setup, and when trying
> elinks, it could not even connect to the sites before authenticating:
> 
>   
>   
>   
>   
> 
> It gives the following error message:
> 
> ,---
>   Unable to retrieve https://tracker.debian.org/:
> 
>   Resource temporarily unavailable
> `---
> 
> When tracking this down, it appears one of the problems is due to not
> handling SSL rehandshakes at all. When trying to fix that with the
> attached patch, it started complaining about being unable to rehandshake
> with:
> 
> ,---
> elinks: SSL rehandshake error: No or insufficient priorities were set.
> `---
> 
> And, here I've run out of time. Hope at least this serves as a
> starting point for someone else.
---end quoted text---

There is a hacky patch on: 
http://lists.linuxfromscratch.org/pipermail/elinks-dev/2017-November/002135.html
which worked for me, Maybe your patch can use something feom it ?

-- 
‎أحمد المحمودي (Ahmed El-Mahmoudy)
 Digital design engineer
GPG KeyIDs: 4096R/A7EF5671 2048R/EDDDA1B7
GPG Fingerprints:
 6E2E E4BB 72E2 F417 D066  6ABF 7B30 B496 A7EF 5761
 8206 A196 2084 7E6D 0DF8  B176 BC19 6A94 EDDD A1B7


signature.asc
Description: PGP signature

Bug#797931: elinks: Does not support SSL rehandshakes

2015-09-03 Thread Guillem Jover 
Package: elinks
Version: 0.12~pre6-10
Severity: normal

Hi!

I've been playing a bit with the new Debian SSO setup, and when trying
elinks, it could not even connect to the sites before authenticating:

  
  
  
  

It gives the following error message:

,---
  Unable to retrieve https://tracker.debian.org/:

  Resource temporarily unavailable
`---

When tracking this down, it appears one of the problems is due to not
handling SSL rehandshakes at all. When trying to fix that with the
attached patch, it started complaining about being unable to rehandshake
with:

,---
elinks: SSL rehandshake error: No or insufficient priorities were set.
`---

And, here I've run out of time. Hope at least this serves as a
starting point for someone else.

Thanks,
Guillem
diff --git a/src/network/ssl/socket.c b/src/network/ssl/socket.c
index 2ecdd71..f763ebd 100644
--- a/src/network/ssl/socket.c
+++ b/src/network/ssl/socket.c
@@ -246,8 +246,18 @@ ssl_read(struct socket *socket, unsigned char *data, int len)
 #endif
 
 #ifdef CONFIG_GNUTLS
-		if (err == GNUTLS_E_REHANDSHAKE)
-			return -1;
+		if (err == GNUTLS_E_REHANDSHAKE) {
+			err = gnutls_handshake(socket->ssl);
+			if (err < 0) {
+fprintf(stderr, "elinks: SSL rehandshake error: %s\n", gnutls_strerror(err));
+errno = S_SSL_ERROR;
+return SOCKET_INTERNAL_ERROR;
+			}
+			rd = gnutls_record_recv(socket->ssl, data, len);
+			if (rd > 0)
+return rd;
+			err = rd;
+		}
 #endif
 
 		if (err == SSL_ERROR_WANT_READ ||