From 117f79aa199642522c24d72cf9706f34293a10d4 Mon Sep 17 00:00:00 2001 From: Connor McAdams Date: Thu, 27 Jan 2022 11:11:26 +0100 Subject: [PATCH] secur32: Add support for setting DTLS timeouts. Add support for setting the DTLS timeout values, and set the retransmission timeout value to 0 to allow for retransmission on each call to schan_InitializeSecurityContext. Signed-off-by: Connor McAdams Signed-off-by: Hans Leidekker Signed-off-by: Alexandre Julliard --- dlls/secur32/schannel.c | 6 ++++++ dlls/secur32/schannel_gnutls.c | 22 ++++++++++++++++++++++ dlls/secur32/secur32_priv.h | 8 ++++++++ 3 files changed, 36 insertions(+) diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 141a191c7c6..f1b47a78d21 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -808,6 +808,12 @@ static SECURITY_STATUS SEC_ENTRY schan_InitializeSecurityContextW( else WARN("invalid buffer size %u\n", buffer->cbBuffer); } + if (is_dtls_context(ctx)) + { + struct set_dtls_timeouts_params params = { ctx->transport.session, 0, 60000 }; + GNUTLS_CALL( set_dtls_timeouts, ¶ms ); + } + phNewContext->dwLower = handle; phNewContext->dwUpper = 0; } diff --git a/dlls/secur32/schannel_gnutls.c b/dlls/secur32/schannel_gnutls.c index 31fdb769677..ac51cbb5d9f 100644 --- a/dlls/secur32/schannel_gnutls.c +++ b/dlls/secur32/schannel_gnutls.c @@ -60,6 +60,7 @@ static int (*pgnutls_cipher_get_block_size)(gnutls_cipher_algorithm_t); static void (*pgnutls_transport_set_pull_timeout_function)(gnutls_session_t, int (*)(gnutls_transport_ptr_t, unsigned int)); static void (*pgnutls_dtls_set_mtu)(gnutls_session_t, unsigned int); +static void (*pgnutls_dtls_set_timeouts)(gnutls_session_t, unsigned int, unsigned int); /* Not present in gnutls version < 3.2.0. */ static int (*pgnutls_alpn_get_selected_protocol)(gnutls_session_t, gnutls_datum_t *); @@ -198,6 +199,12 @@ static void compat_gnutls_dtls_set_mtu(gnutls_session_t session, unsigned int mt FIXME("\n"); } +static void compat_gnutls_dtls_set_timeouts(gnutls_session_t session, unsigned int retrans_timeout, + unsigned int total_timeout) +{ + FIXME("\n"); +} + static void init_schan_buffers(struct schan_buffers *s, const PSecBufferDesc desc, int (*get_next_buffer)(const struct schan_transport *, struct schan_buffers *)) { @@ -989,6 +996,15 @@ static NTSTATUS schan_set_dtls_mtu( void *args ) return SEC_E_OK; } +static NTSTATUS schan_set_dtls_timeouts( void *args ) +{ + const struct set_dtls_timeouts_params *params = args; + gnutls_session_t s = (gnutls_session_t)params->session; + + pgnutls_dtls_set_timeouts(s, params->retrans_timeout, params->total_timeout); + return SEC_E_OK; +} + static inline void reverse_bytes(BYTE *buf, ULONG len) { BYTE tmp; @@ -1245,6 +1261,11 @@ static NTSTATUS process_attach( void *args ) WARN("gnutls_dtls_set_mtu not found\n"); pgnutls_dtls_set_mtu = compat_gnutls_dtls_set_mtu; } + if (!(pgnutls_dtls_set_timeouts = dlsym(libgnutls_handle, "gnutls_dtls_set_timeouts"))) + { + WARN("gnutls_dtls_set_timeouts not found\n"); + pgnutls_dtls_set_timeouts = compat_gnutls_dtls_set_timeouts; + } if (!(pgnutls_privkey_export_x509 = dlsym(libgnutls_handle, "gnutls_privkey_export_x509"))) { WARN("gnutls_privkey_export_x509 not found\n"); @@ -1308,6 +1329,7 @@ const unixlib_entry_t __wine_unix_call_funcs[] = schan_set_application_protocols, schan_set_dtls_mtu, schan_set_session_target, + schan_set_dtls_timeouts, }; #endif /* SONAME_LIBGNUTLS */ diff --git a/dlls/secur32/secur32_priv.h b/dlls/secur32/secur32_priv.h index c17adc96dc6..64edc0581d6 100644 --- a/dlls/secur32/secur32_priv.h +++ b/dlls/secur32/secur32_priv.h @@ -203,6 +203,13 @@ struct set_session_target_params const char *target; }; +struct set_dtls_timeouts_params +{ + schan_session session; + unsigned int retrans_timeout; + unsigned int total_timeout; +}; + enum schan_funcs { unix_process_attach, @@ -225,6 +232,7 @@ enum schan_funcs unix_set_application_protocols, unix_set_dtls_mtu, unix_set_session_target, + unix_set_dtls_timeouts, }; #endif /* __SECUR32_PRIV_H__ */