/* This file is part of the YAZ toolkit.
- * Copyright (C) 1995-2010 Index Data
+ * Copyright (C) 1995-2012 Index Data
* See the file LICENSE for details.
*/
/**
* \file tcpip.c
* \brief Implements TCP/IP + SSL COMSTACK.
*/
+#if HAVE_CONFIG_H
+#include <config.h>
+#endif
#include <stdio.h>
#include <string.h>
if (!strcmp("@", host))
{
hints.ai_flags = AI_PASSIVE;
+ hints.ai_family = AF_INET;
+ error = getaddrinfo(0, port, &hints, &res);
+ }
+ else if (!strcmp("@6", host))
+ {
+ hints.ai_flags = AI_PASSIVE;
+ hints.ai_family = AF_INET6;
error = getaddrinfo(0, port, &hints, &res);
}
else
const char *port = "210";
struct addrinfo *ai = 0;
if (h->protocol == PROTO_HTTP)
- port = "80";
+ {
+ if (h->type == ssl_type)
+ port = "443";
+ else
+ port = "80";
+ }
if (!tcpip_init())
return 0;
if (sp->ai && h->state == CS_ST_UNBND)
{
int s = -1;
- /* try to make IPV6 socket first */
for (ai = sp->ai; ai; ai = ai->ai_next)
{
- if (ai->ai_family == AF_INET6)
- {
- s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (s != -1)
- break;
- }
- }
- if (s == -1)
- {
- /* no IPV6 could be made.. Try them all */
- for (ai = sp->ai; ai; ai = ai->ai_next)
- {
- s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
- if (s != -1)
- break;
- }
+ s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
+ if (s != -1)
+ break;
}
if (s == -1)
return 0;
tcpip_state *sp = (tcpip_state *)h->cprivate;
int port = 210;
if (h->protocol == PROTO_HTTP)
- port = 80;
+ {
+ if (h->type == ssl_type)
+ port = 443;
+ else
+ port = 80;
+ }
if (!tcpip_init())
return 0;
#if HAVE_GNUTLS_H
res = gnutls_record_recv(sp->session, *buf + hasread,
CS_TCPIP_BUFCHUNK);
- if (res < 0)
+ if (res == 0)
+ {
+ TRC(fprintf(stderr, "gnutls_record_recv returned 0\n"));
+ return 0;
+ }
+ else if (res < 0)
{
if (ssl_check_error(h, sp, res))
break;
void *cs_get_ssl(COMSTACK cs)
{
#if HAVE_OPENSSL_SSL_H
- struct tcpip_state *sp;
- if (!cs || cs->type != ssl_type)
- return 0;
- sp = (struct tcpip_state *) cs->cprivate;
- return sp->ssl;
-#else
- return 0;
+ if (cs && cs->type == ssl_type)
+ {
+ struct tcpip_state *sp = (struct tcpip_state *) cs->cprivate;
+ return sp->ssl;
+ }
#endif
+ return 0;
}
int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
{
#if ENABLE_SSL
- struct tcpip_state *sp;
- if (!cs || cs->type != ssl_type)
- return 0;
- sp = (struct tcpip_state *) cs->cprivate;
+ if (cs && cs->type == ssl_type)
+ {
#if HAVE_OPENSSL_SSL_H
- if (sp->ctx_alloc)
- return 0;
- sp->ctx = (SSL_CTX *) ctx;
+ struct tcpip_state *sp = (struct tcpip_state *) cs->cprivate;
+ if (sp->ctx_alloc)
+ return 0;
+ sp->ctx = (SSL_CTX *) ctx;
#endif
- return 1;
-#else
- return 0;
+ return 1;
+ }
#endif
+ return 0;
}
int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname)
{
#if ENABLE_SSL
- struct tcpip_state *sp;
- if (!cs || cs->type != ssl_type)
- return 0;
- sp = (struct tcpip_state *) cs->cprivate;
- strncpy(sp->cert_fname, fname, sizeof(sp->cert_fname)-1);
- sp->cert_fname[sizeof(sp->cert_fname)-1] = '\0';
- return 1;
-#else
- return 0;
+ if (cs && cs->type == ssl_type)
+ {
+ struct tcpip_state *sp = (struct tcpip_state *) cs->cprivate;
+ strncpy(sp->cert_fname, fname, sizeof(sp->cert_fname)-1);
+ sp->cert_fname[sizeof(sp->cert_fname)-1] = '\0';
+ return 1;
+ }
#endif
+ return 0;
}
int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len)