From: Werner Koch <wk@gnupg.org>
Date: Fri, 17 Mar 2017 11:46:09 +0000 (+0100)
Subject: dirmngr: Ignore warning alerts in the GNUTLS handshake.
X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ian/git?a=commitdiff_plain;h=3aedd3b22980f6fdfe59a42d76ac6cfabfceca1e;p=gnupg2.git

dirmngr: Ignore warning alerts in the GNUTLS handshake.

* dirmngr/http.c (send_request) [GNUTLS]: Don't bail out on warning
alerts.
--

GnuPG-bug-id: 2833
Signed-off-by: Werner Koch <wk@gnupg.org>
(cherry picked from commit 69c521df422a6c9a6b0a93e45c9373a8b6ceb28e)

Gbp-Pq: Name 0051-dirmngr-Ignore-warning-alerts-in-the-GNUTLS-handshak.patch
---

diff --git a/dirmngr/http.c b/dirmngr/http.c
index fe9c3c7..c9c16df 100644
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -1847,6 +1847,7 @@ send_request (http_t hd, const char *httphost, const char *auth,
       gnutls_transport_set_push_function (hd->session->tls_session,
                                           my_gnutls_write);
 
+    handshake_again:
       do
         {
           rc = gnutls_handshake (hd->session->tls_session);
@@ -1862,10 +1863,15 @@ send_request (http_t hd, const char *httphost, const char *auth,
 
               alertno = gnutls_alert_get (hd->session->tls_session);
               alertstr = gnutls_alert_get_name (alertno);
-              log_info ("TLS handshake failed: %s (alert %d)\n",
+              log_info ("TLS handshake %s: %s (alert %d)\n",
+                        rc == GNUTLS_E_WARNING_ALERT_RECEIVED
+                        ? "warning" : "failed",
                         alertstr, (int)alertno);
               if (alertno == GNUTLS_A_UNRECOGNIZED_NAME && server)
                 log_info ("  (sent server name '%s')\n", server);
+
+              if (rc == GNUTLS_E_WARNING_ALERT_RECEIVED)
+                goto handshake_again;
             }
           else
             log_info ("TLS handshake failed: %s\n", gnutls_strerror (rc));