From 01049f9c00f0a903d4923a054769ef9f2187bd21 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Fri, 21 Nov 2014 20:18:08 +0100
Subject: [PATCH] treat GNUTLS_E_GOT_APPLICATION_DATA as non-fatal if initial
negotiation is complete
This corrects a regression introduced in b5a0de2e6da98866cafb770c3141b7353d030ab2
Reported by Dan Winship. https://savannah.gnu.org/support/?108690
---
lib/gnutls_handshake.c | 11 ++++++++---
lib/gnutls_record.c | 2 +-
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c
index 40d399c..e904f2e 100644
--- a/lib/gnutls_handshake.c
+++ b/lib/gnutls_handshake.c
@@ -2607,6 +2610,8 @@ gnutls_handshake_set_timeout(gnutls_session_t session, unsigned int ms)
/* EAGAIN and INTERRUPTED are always non-fatal */ \
if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) \
return ret; \
+ if (ret == GNUTLS_E_GOT_APPLICATION_DATA && session->internals.initial_negotiation_completed != 0) \
+ return ret; \
if (ret == GNUTLS_E_LARGE_PACKET && session->internals.handshake_large_loops < 16) { \
session->internals.handshake_large_loops++; \
return ret; \
diff --git a/lib/gnutls_record.c b/lib/gnutls_record.c
index 157d12a..40c20fe 100644
--- a/lib/gnutls_record.c
+++ b/lib/gnutls_record.c
@@ -837,7 +837,7 @@ record_add_to_buffers(gnutls_session_t session,
* reasons). Otherwise it is an unexpected packet
*/
if (type == GNUTLS_ALERT
- || (htype == GNUTLS_HANDSHAKE_CLIENT_HELLO
+ || ((htype == GNUTLS_HANDSHAKE_SERVER_HELLO || htype == GNUTLS_HANDSHAKE_CLIENT_HELLO)
&& type == GNUTLS_HANDSHAKE)) {
/* even if data is unexpected put it into the buffer */
_gnutls_record_buffer_put(session, recv->type,
--
2.1.0