Schannel: retain extra data after renegotiation is requested

I realized this is a potential scenario where we will have leftover
data, but it wasn't covered.

Change-Id: Ibaf1015bf2aee120e4a4d98888925b88ecb6ddfd
Reviewed-by: Jesus Fernandez <jsfdez@gmail.com>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>

1 files changed, 12 insertions, 0 deletions

diff --git a/src/network/ssl/qsslsocket_schannel.cpp b/src/network/ssl/qsslsocket_schannel.cpp
index c5ba823832..88f66ac4ea 100644
--- a/src/network/ssl/qsslsocket_schannel.cpp
+++ b/src/network/ssl/qsslsocket_schannel.cpp
@@ -1360,6 +1360,18 @@ void QSslSocketBackendPrivate::transmit()
 #endif
                 schannelState = SchannelState::Renegotiate;
                 renegotiating = true;
+
+                if (dataBuffer[3].BufferType == SECBUFFER_EXTRA) {
+                    // https://docs.microsoft.com/en-us/windows/desktop/secauthn/extra-buffers-returned-by-schannel
+                    // dataBuffer[3].cbBuffer indicates the amount of bytes _NOT_ processed,
+                    // the rest need to be stored.
+#ifdef QSSLSOCKET_DEBUG
+                    qCDebug(lcSsl) << "We've got excess data, moving it to the intermediate buffer:"
+                                   << dataBuffer[3].cbBuffer << "bytes";
+#endif
+                    intermediateBuffer = ciphertext.right(int(dataBuffer[3].cbBuffer));
+                }
+
                 // We need to call 'continueHandshake' or else there's no guarantee it ever gets called
                 continueHandshake();
                 break;