generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

schannel.c: Improve code path and readability

Browse Source
This commit is contained in:
Marc Hoersken 2015-05-02 20:14:53 +02:00
parent d93619ca5d
commit ae8387b91c
1 changed files with 26 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
lib/vtls/schannel.c
View File

@ -993,31 +993,32 @@ schannel_recv(struct connectdata *conn, int sockindex,
/* reset encrypted buffer offset, because there is no data remaining */ /* reset encrypted buffer offset, because there is no data remaining */
connssl->encdata_offset = 0; connssl->encdata_offset = 0;
} }
} /* check if something went wrong and we need to return an error */
/* check if server wants to renegotiate the connection context */
if(sspi_status == SEC_I_RENEGOTIATE) {
infof(data, "schannel: remote party requests renegotiation\n");
/* begin renegotiation */
infof(data, "schannel: renegotiating SSL/TLS connection\n");
connssl->state = ssl_connection_negotiating;
connssl->connecting_state = ssl_connect_2_writing;
result = schannel_connect_common(conn, sockindex, FALSE, &done);
if(result)
*err = result;
else {
infof(data, "schannel: SSL/TLS connection renegotiated\n");
/* now retry receiving data */
return schannel_recv(conn, sockindex, buf, len, err);
}
}
}
else { else {
/* something went wrong and we need to return an error */
infof(data, "schannel: failed to read data from server: %s\n", infof(data, "schannel: failed to read data from server: %s\n",
Curl_sspi_strerror(conn, sspi_status)); Curl_sspi_strerror(conn, sspi_status));
*err = CURLE_RECV_ERROR; *err = CURLE_RECV_ERROR;
return -1; return -1;
} }
/* check if server wants to renegotiate the connection context */
if(sspi_status == SEC_I_RENEGOTIATE) {
infof(data, "schannel: remote party requests SSL/TLS renegotiation\n");
/* begin renegotiation */
infof(data, "schannel: renegotiating SSL/TLS connection\n");
connssl->state = ssl_connection_negotiating;
connssl->connecting_state = ssl_connect_2_writing;
result = schannel_connect_common(conn, sockindex, FALSE, &done);
if(result)
*err = result;
else {
infof(data, "schannel: SSL/TLS connection renegotiated\n");
/* now retry receiving data */
return schannel_recv(conn, sockindex, buf, len, err);
}
}
} }
infof(data, "schannel: decrypted data buffer: offset %zu length %zu\n", infof(data, "schannel: decrypted data buffer: offset %zu length %zu\n",
@ -1036,12 +1037,12 @@ schannel_recv(struct connectdata *conn, int sockindex,
infof(data, "schannel: decrypted data returned %zd\n", size); infof(data, "schannel: decrypted data returned %zd\n", size);
infof(data, "schannel: decrypted data buffer: offset %zu length %zu\n", infof(data, "schannel: decrypted data buffer: offset %zu length %zu\n",
connssl->decdata_offset, connssl->decdata_length); connssl->decdata_offset, connssl->decdata_length);
} /* check if the server closed the connection */ }
else if(sspi_status == SEC_I_CONTEXT_EXPIRED || /* check if the server closed the connection, */
/* special check for Windows 2000 Professional */ /* including special check for Windows 2000 Professional */
(sspi_status == SEC_E_OK && connssl->encdata_offset > 0 && else if(sspi_status == SEC_I_CONTEXT_EXPIRED || (sspi_status == SEC_E_OK &&
connssl->encdata_buffer[0] == 0x15)) { connssl->encdata_offset && connssl->encdata_buffer[0] == 0x15)) {
infof(data, "schannel: server closed the conunection\n"); infof(data, "schannel: server closed the connection\n");
*err = CURLE_OK; *err = CURLE_OK;
} }