From 632f3d45178f0d2810df934c32828a00912900de Mon Sep 17 00:00:00 2001
From: Wilmer van der Gaast <wilmer@gaast.net>
Date: Tue, 10 Apr 2012 11:14:58 +0200
Subject: Work-around for what turned out to be a GnuTLS bug (#938). From
 3.0.13 until 3.0.18 gnutls_record_check_pending() returns non-0 even if the
 data read so far is an incomplete record and can not yet be read. This can
 get BitlBee's http_client stuck in a semi-infinite loop.

---
 lib/ssl_gnutls.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'lib/ssl_gnutls.c')

diff --git a/lib/ssl_gnutls.c b/lib/ssl_gnutls.c
index 62932e86..93601ba6 100644
--- a/lib/ssl_gnutls.c
+++ b/lib/ssl_gnutls.c
@@ -68,6 +68,11 @@ static gboolean ssl_handshake( gpointer data, gint source, b_input_condition con
 
 static void ssl_deinit( void );
 
+static void ssl_log( int level, const char *line )
+{
+	printf( "%d %s", level, line );
+}
+
 void ssl_init( void )
 {
 	if( initialized )
@@ -84,6 +89,11 @@ void ssl_init( void )
 	}
 	initialized = TRUE;
 	
+	gnutls_global_set_log_function( ssl_log );
+	/*
+	gnutls_global_set_log_level( 3 );
+	*/
+	
 	atexit( ssl_deinit );
 }
 
@@ -366,6 +376,11 @@ int ssl_pending( void *conn )
 		ssl_errno = SSL_NOHANDSHAKE;
 		return 0;
 	}
+
+#if GNUTLS_VERSION_NUMBER >= 0x03000d && GNUTLS_VERSION_NUMBER <= 0x030012
+	if( ssl_errno == SSL_AGAIN )
+		return 0;
+#endif
 	
 	return gnutls_record_check_pending( ((struct scd*)conn)->session ) != 0;
 }
-- 
cgit v1.2.3