Skip to content

Commit

Permalink
TLS: Introduced flag GWEN_SYNCIO_TLS_FLAGS_IGN_PREMATURE_CLOSE
Browse files Browse the repository at this point in the history 
If this flag is set the gnutls error GNUTLS_E_PREMATURE_TERMINATION is
ignored upon gnutls_recv() and just reported as EOF. This might be necessary
with some faulty servers which do not properly terminate an SSL connection.
  • Loading branch information
Martin Preuss committed Jul 13, 2016
1 parent 5f8c338 commit 160f436
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 13 deletions.
11 changes: 9 additions & 2 deletions src/sio/syncio_tls.c
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
/***************************************************************************
begin : Wed Apr 28 2010
copyright : (C) 2010 by Martin Preuss
copyright : (C) 2010, 2016 by Martin Preuss
email : martin@libchipcard.de
***************************************************************************
Expand Down Expand Up @@ -1327,7 +1327,14 @@ int GWENHYWFAR_CB GWEN_SyncIo_Tls_Read(GWEN_SYNCIO *sio,
GWEN_SyncIo_Disconnect(baseIo);
#ifdef GNUTLS_E_PREMATURE_TERMINATION
if (rv==GNUTLS_E_PREMATURE_TERMINATION) {
return GWEN_ERROR_SSL_PREMATURE_CLOSE;
if (GWEN_SyncIo_GetFlags(sio) & GWEN_SYNCIO_TLS_FLAGS_IGN_PREMATURE_CLOSE) {
DBG_ERROR(GWEN_LOGDOMAIN, "Detected premature disconnect by server (violates specs!), ignoring.");
return 0; /* report EOF */
}
else {
DBG_ERROR(GWEN_LOGDOMAIN, "Detected premature disconnect by server (violates specs!)");
return GWEN_ERROR_SSL_PREMATURE_CLOSE;
}
}
#endif
return GWEN_ERROR_SSL;
Expand Down
26 changes: 15 additions & 11 deletions src/sio/syncio_tls.h
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
/***************************************************************************
begin : Wed Apr 28 2010
copyright : (C) 2010 by Martin Preuss
copyright : (C) 2010, 2016 by Martin Preuss
email : martin@libchipcard.de
***************************************************************************
Expand Down Expand Up @@ -33,22 +33,26 @@
#define GWEN_SYNCIO_TLS_TYPE "tls"


#define GWEN_SYNCIO_TLS_FLAGS_REQUEST_CERT 0x00000001
#define GWEN_SYNCIO_TLS_FLAGS_REQUEST_CERT 0x00000001
#ifndef NO_DEPRECATED_SYMBOLS
#define GWEN_SYNCIO_TLS_FLAGS_FORCE_SSL_V3 0x00000002 /* deprecated, will be removed in a future release */
# define GWEN_SYNCIO_TLS_FLAGS_FORCE_SSL_V3 0x00000002 /* deprecated, will be removed in a future release */
#endif // ifndef NO_DEPRECATED_SYMBOLS
#define GWEN_SYNCIO_TLS_FLAGS_ALLOW_V1_CA_CRT 0x00000004
#define GWEN_SYNCIO_TLS_FLAGS_NEED_PEER_CERT 0x00000008
#define GWEN_SYNCIO_TLS_FLAGS_ADD_TRUSTED_CAS 0x00000010
#define GWEN_SYNCIO_TLS_FLAGS_SET_PASSV_HOST_NAME 0x00000020
#define GWEN_SYNCIO_TLS_FLAGS_SET_PASSV_HOST_IP 0x00000020

#define GWEN_SYNCIO_TLS_FLAGS_ALLOW_V1_CA_CRT 0x00000004
#define GWEN_SYNCIO_TLS_FLAGS_NEED_PEER_CERT 0x00000008
#define GWEN_SYNCIO_TLS_FLAGS_ADD_TRUSTED_CAS 0x00000010
#define GWEN_SYNCIO_TLS_FLAGS_SET_PASSV_HOST_NAME 0x00000020
#define GWEN_SYNCIO_TLS_FLAGS_SET_PASSV_HOST_IP 0x00000020

#ifndef NO_DEPRECATED_SYMBOLS
#define GWEN_SYNCIO_TLS_FLAGS_ONLY_SAFE_CIPHERS 0x00000080 /* deprecated, will be removed in a future release */
#define GWEN_SYNCIO_TLS_FLAGS_FORCE_UNSAFE_CIPHERS 0x00000100 /* deprecated, will be removed in a future release */
# define GWEN_SYNCIO_TLS_FLAGS_ONLY_SAFE_CIPHERS 0x00000080 /* deprecated, will be removed in a future release */
# define GWEN_SYNCIO_TLS_FLAGS_FORCE_UNSAFE_CIPHERS 0x00000100 /* deprecated, will be removed in a future release */
#endif // ifndef NO_DEPRECATED_SYMBOLS

#define GWEN_SYNCIO_TLS_FLAGS_SECURE 0x00008000
/** ignore error "GNUTLS_E_PREMATURE_TERMINATION" */
#define GWEN_SYNCIO_TLS_FLAGS_IGN_PREMATURE_CLOSE 0x00000200

#define GWEN_SYNCIO_TLS_FLAGS_SECURE 0x00008000



Expand Down

0 comments on commit 160f436

Please sign in to comment.