From: Rémi Bernon rbernon@codeweavers.com
Even if input buffer is empty, as this is often the case. --- dlls/secur32/schannel.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 8d446af8fe1..74c84ec33cb 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -66,6 +66,7 @@ struct schan_context enum control_token control_token; unsigned int alert_type; unsigned int alert_number; + BOOL rehandshake_requested; };
static struct schan_handle *schan_handle_table; @@ -877,7 +878,7 @@ static SECURITY_STATUS establish_context( buffer = &pInput->pBuffers[idx]; ptr = buffer->pvBuffer;
- if (buffer->cbBuffer < ctx->header_size) + if (buffer->cbBuffer < ctx->header_size && !ctx->rehandshake_requested) { TRACE("Expected at least %Iu bytes, but buffer only contains %lu bytes.\n", ctx->header_size, buffer->cbBuffer); @@ -894,7 +895,7 @@ static SECURITY_STATUS establish_context( ptr += record_size; }
- if (!expected_size) + if (!expected_size && !ctx->rehandshake_requested) { TRACE("Expected at least %Iu bytes, but buffer only contains %lu bytes.\n", max(ctx->header_size, record_size), buffer->cbBuffer); @@ -946,6 +947,7 @@ static SECURITY_STATUS establish_context( params.alert_type = ctx->alert_type; params.alert_number = ctx->alert_number; ctx->control_token = CONTROL_TOKEN_NONE; + ctx->rehandshake_requested = FALSE; ret = GNUTLS_CALL( handshake, ¶ms );
if (output_buffer_idx != -1) @@ -1567,6 +1569,7 @@ static SECURITY_STATUS SEC_ENTRY schan_DecryptMessage(PCtxtHandle context_handle buffer->BufferType = SECBUFFER_STREAM_HEADER; buffer->cbBuffer = ctx->header_size;
+ if (status == SEC_I_RENEGOTIATE) ctx->rehandshake_requested = TRUE; return status; }