dirmngr: Ignore warning alerts in the GNUTLS handshake.

author Werner Koch <wk@gnupg.org>

Fri, 17 Mar 2017 11:46:09 +0000 (12:46 +0100)

committer Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Mon, 18 Sep 2017 20:41:12 +0000 (21:41 +0100)
author Werner Koch <wk@gnupg.org>
Fri, 17 Mar 2017 11:46:09 +0000 (12:46 +0100)
committer Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Mon, 18 Sep 2017 20:41:12 +0000 (21:41 +0100)
diff --git a/dirmngr/http.c b/dirmngr/http.c

index fe9c3c73425f087cd3d1055a52b39d591be915cf..c9c16dfac1d8436a40cb378d163e9a413c0bbea5 100644 (file)
--- a/dirmngr/http.c
+++ b/dirmngr/http.c
@@ -1847,6 +1847,7 @@ send_request (http_t hd, const char *httphost, const char *auth,
        gnutls_transport_set_push_function (hd->session->tls_session,
                                            my_gnutls_write);
  
+    handshake_again:
        do
          {
            rc = gnutls_handshake (hd->session->tls_session);
@@ -1862,10 +1863,15 @@ send_request (http_t hd, const char *httphost, const char *auth,
  
                alertno = gnutls_alert_get (hd->session->tls_session);
                alertstr = gnutls_alert_get_name (alertno);
-              log_info ("TLS handshake failed: %s (alert %d)\n",
+              log_info ("TLS handshake %s: %s (alert %d)\n",
+                        rc == GNUTLS_E_WARNING_ALERT_RECEIVED
+                        ? "warning" : "failed",
                          alertstr, (int)alertno);
                if (alertno == GNUTLS_A_UNRECOGNIZED_NAME && server)
                  log_info ("  (sent server name '%s')\n", server);
+
+              if (rc == GNUTLS_E_WARNING_ALERT_RECEIVED)
+                goto handshake_again;
              }
            else
              log_info ("TLS handshake failed: %s\n", gnutls_strerror (rc));
author	Werner Koch <wk@gnupg.org>
	Fri, 17 Mar 2017 11:46:09 +0000 (12:46 +0100)
committer	Daniel Kahn Gillmor <dkg@fifthhorseman.net>
	Mon, 18 Sep 2017 20:41:12 +0000 (21:41 +0100)