gnutls: Honor read timeout.

[wget] / src / gnutls.c

diff --git a/src/gnutls.c b/src/gnutls.c
index 34d27ec34e43635ea85f5f8862c2a4136d366c04..47c3f5d1272eb27754f18da49bed4fbdd7561281 100644 (file)
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -45,6 +45,7 @@ as that of the covered work.  */
 #include "utils.h"
 #include "connect.h"
 #include "url.h"
+#include "ptimer.h"
 #include "ssl.h"
 
 #ifdef WIN32
@@ -125,7 +126,11 @@ struct wgnutls_transport_context
 static int
 wgnutls_read (int fd, char *buf, int bufsize, void *arg)
 {
+#ifdef F_GETFL
+  int flags = 0;
+#endif
   int ret = 0;
+  struct ptimer *timer;
   struct wgnutls_transport_context *ctx = arg;
 
   if (ctx->peeklen)
@@ -140,9 +145,50 @@ wgnutls_read (int fd, char *buf, int bufsize, void *arg)
       return copysize;
     }
 
+  if (opt.read_timeout)
+    {
+#ifdef F_GETFL
+      flags = fcntl (fd, F_GETFL, 0);
+      if (flags < 0)
+        return ret;
+
+      ret = fcntl (fd, F_SETFL, flags | O_NONBLOCK);
+      if (ret < 0)
+        return ret;
+#else
+      /* XXX: Assume it was blocking before.  */
+      const int one = 1;
+      ret = ioctl (fd, FIONBIO, &one);
+      if (ret < 0)
+        return ret;
+#endif
+      timer = ptimer_new ();
+      if (timer == 0)
+        return -1;
+    }
+
   do
-    ret = gnutls_record_recv (ctx->session, buf, bufsize);
-  while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
+    {
+      do
+        ret = gnutls_record_recv (ctx->session, buf, bufsize);
+      while (ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
+    }
+  while (opt.read_timeout == 0 || ptimer_measure (timer) < opt.read_timeout);
+
+  if (opt.read_timeout)
+    {
+      ptimer_destroy (timer);
+#ifdef F_GETFL
+      ret = fcntl (fd, F_SETFL, flags);
+      if (ret < 0)
+        return ret;
+#else
+      const int zero = 0;
+      ret = ioctl (fd, FIONBIO, &zero);
+      if (ret < 0)
+        return ret;
+#endif
+    }
 
   if (ret < 0)
     ctx->last_error = ret;
@@ -191,7 +237,7 @@ wgnutls_peek (int fd, char *buf, int bufsize, void *arg)
       else
         read = gnutls_record_recv (ctx->session, buf + offset,
                                    bufsize - offset);
-        
+
       if (read < 0)
         {
           if (offset)
@@ -240,15 +286,11 @@ static struct transport_implementation wgnutls_transport =
 bool
 ssl_connect_wget (int fd)
 {
-  static const int cert_type_priority[] = {
-    GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0
-  };
   struct wgnutls_transport_context *ctx;
   gnutls_session session;
   int err;
   gnutls_init (&session, GNUTLS_CLIENT);
   gnutls_set_default_priority (session);
-  gnutls_certificate_type_set_priority (session, cert_type_priority);
   gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, credentials);
 #ifndef FD_TO_SOCKET
 # define FD_TO_SOCKET(X) (X)
@@ -256,6 +298,7 @@ ssl_connect_wget (int fd)
   gnutls_transport_set_ptr (session, (gnutls_transport_ptr) FD_TO_SOCKET (fd));
 
   err = 0;
+#if HAVE_GNUTLS_PRIORITY_SET_DIRECT
   switch (opt.secure_protocol)
     {
     case secure_protocol_auto:
@@ -270,6 +313,30 @@ ssl_connect_wget (int fd)
     default:
       abort ();
     }
+#else
+  int allowed_protocols[4] = {0, 0, 0, 0};
+  switch (opt.secure_protocol)
+    {
+    case secure_protocol_auto:
+      break;
+    case secure_protocol_sslv2:
+    case secure_protocol_sslv3:
+      allowed_protocols[0] = GNUTLS_SSL3;
+      err = gnutls_protocol_set_priority (session, allowed_protocols);
+      break;
+
+    case secure_protocol_tlsv1:
+      allowed_protocols[0] = GNUTLS_TLS1_0;
+      allowed_protocols[1] = GNUTLS_TLS1_1;
+      allowed_protocols[2] = GNUTLS_TLS1_2;
+      err = gnutls_protocol_set_priority (session, allowed_protocols);
+      break;
+
+    default:
+      abort ();
+    }
+#endif
+
   if (err < 0)
     {
       logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));