projects
/
yaz-moved-to-github.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Update comstack example a bit
[yaz-moved-to-github.git]
/
src
/
tcpip.c
diff --git
a/src/tcpip.c
b/src/tcpip.c
index
0fde196
..
ac0001e
100644
(file)
--- a/
src/tcpip.c
+++ b/
src/tcpip.c
@@
-60,7
+60,6
@@
#if HAVE_GNUTLS_H
#include <gnutls/x509.h>
#include <gnutls/gnutls.h>
#if HAVE_GNUTLS_H
#include <gnutls/x509.h>
#include <gnutls/gnutls.h>
-#define ENABLE_SSL 1
#endif
#include <yaz/comstack.h>
#endif
#include <yaz/comstack.h>
@@
-81,7
+80,7
@@
static int tcpip_listen(COMSTACK h, char *raddr, int *addrlen,
void *cd);
static int tcpip_set_blocking(COMSTACK p, int blocking);
void *cd);
static int tcpip_set_blocking(COMSTACK p, int blocking);
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
static int ssl_get(COMSTACK h, char **buf, int *bufsize);
static int ssl_put(COMSTACK h, char *buf, int size);
#endif
static int ssl_get(COMSTACK h, char **buf, int *bufsize);
static int ssl_put(COMSTACK h, char *buf, int size);
#endif
@@
-119,7
+118,7
@@
typedef struct tcpip_state
int (*complete)(const char *buf, int len); /* length/complete. */
#if HAVE_GETADDRINFO
struct addrinfo *ai;
int (*complete)(const char *buf, int len); /* length/complete. */
#if HAVE_GETADDRINFO
struct addrinfo *ai;
- struct addrinfo *ai_this;
+ struct addrinfo *ai_connect;
#else
struct sockaddr_in addr; /* returned by cs_straddr */
#endif
#else
struct sockaddr_in addr; /* returned by cs_straddr */
#endif
@@
-207,6
+206,7
@@
COMSTACK tcpip_type(int s, int flags, int protocol, void *vp)
#if HAVE_GETADDRINFO
sp->ai = 0;
#if HAVE_GETADDRINFO
sp->ai = 0;
+ sp->ai_connect = 0;
#endif
sp->altbuf = 0;
sp->altsize = sp->altlen = 0;
#endif
sp->altbuf = 0;
sp->altsize = sp->altlen = 0;
@@
-256,9
+256,7
@@
static void tcpip_create_cred(COMSTACK cs)
COMSTACK ssl_type(int s, int flags, int protocol, void *vp)
{
COMSTACK ssl_type(int s, int flags, int protocol, void *vp)
{
-#if !ENABLE_SSL
- return 0;
-#else
+#if HAVE_GNUTLS_H
tcpip_state *sp;
COMSTACK p;
tcpip_state *sp;
COMSTACK p;
@@
-270,18
+268,17
@@
COMSTACK ssl_type(int s, int flags, int protocol, void *vp)
p->type = ssl_type;
sp = (tcpip_state *) p->cprivate;
p->type = ssl_type;
sp = (tcpip_state *) p->cprivate;
-#if HAVE_GNUTLS_H
sp->session = (gnutls_session_t) vp;
sp->session = (gnutls_session_t) vp;
-#endif
/* note: we don't handle already opened socket in SSL mode - yet */
return p;
/* note: we don't handle already opened socket in SSL mode - yet */
return p;
+#else
+ return 0;
#endif
}
#endif
}
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
static int ssl_check_error(COMSTACK h, tcpip_state *sp, int res)
{
static int ssl_check_error(COMSTACK h, tcpip_state *sp, int res)
{
-#if HAVE_GNUTLS_H
TRC(fprintf(stderr, "ssl_check_error error=%d fatal=%d msg=%s\n",
res,
gnutls_error_is_fatal(res),
TRC(fprintf(stderr, "ssl_check_error error=%d fatal=%d msg=%s\n",
res,
gnutls_error_is_fatal(res),
@@
-293,7
+290,6
@@
static int ssl_check_error(COMSTACK h, tcpip_state *sp, int res)
h->io_pending = dir ? CS_WANT_WRITE : CS_WANT_READ;
return 1;
}
h->io_pending = dir ? CS_WANT_WRITE : CS_WANT_READ;
return 1;
}
-#endif
h->cerrno = CSERRORSSL;
return 0;
}
h->cerrno = CSERRORSSL;
return 0;
}
@@
-447,8
+443,7
@@
void *tcpip_straddr(COMSTACK h, const char *str)
}
if (s == -1)
return 0;
}
if (s == -1)
return 0;
- fprintf(stderr, "First socket fd=%d\n", s);
- sp->ai_this = ai;
+ TRC(fprintf(stderr, "First socket fd=%d\n", s));
assert(ai);
h->iofile = s;
if (ai->ai_family == AF_INET6 && ipv6_only >= 0 &&
assert(ai);
h->iofile = s;
if (ai->ai_family == AF_INET6 && ipv6_only >= 0 &&
@@
-504,22
+499,29
@@
static int cont_connect(COMSTACK h)
{
#if HAVE_GETADDRINFO
tcpip_state *sp = (tcpip_state *)h->cprivate;
{
#if HAVE_GETADDRINFO
tcpip_state *sp = (tcpip_state *)h->cprivate;
- struct addrinfo *ai = sp->ai_this;
+ struct addrinfo *ai = sp->ai_connect;
while (ai && (ai = ai->ai_next))
{
int s;
s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (s != -1)
{
while (ai && (ai = ai->ai_next))
{
int s;
s = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (s != -1)
{
+#if HAVE_GNUTLS_H
+ if (h->type == ssl_type && sp->session)
+ {
+ gnutls_bye(sp->session, GNUTLS_SHUT_WR);
+ gnutls_deinit(sp->session);
+ sp->session = 0;
+ }
+#endif
#ifdef WIN32
closesocket(h->iofile);
#else
close(h->iofile);
#endif
#ifdef WIN32
closesocket(h->iofile);
#else
close(h->iofile);
#endif
- fprintf(stderr, "Other socket call fd=%d\n", s);
+ TRC(fprintf(stderr, "Other socket call fd=%d\n", s));
h->state = CS_ST_UNBND;
h->iofile = s;
h->state = CS_ST_UNBND;
h->iofile = s;
- sp->ai_this = ai;
tcpip_set_blocking(h, h->flags);
return tcpip_connect(h, ai);
}
tcpip_set_blocking(h, h->flags);
return tcpip_connect(h, ai);
}
@@
-539,6
+541,7
@@
int tcpip_connect(COMSTACK h, void *address)
{
#if HAVE_GETADDRINFO
struct addrinfo *ai = (struct addrinfo *) address;
{
#if HAVE_GETADDRINFO
struct addrinfo *ai = (struct addrinfo *) address;
+ tcpip_state *sp = (tcpip_state *)h->cprivate;
#else
struct sockaddr_in *add = (struct sockaddr_in *) address;
#endif
#else
struct sockaddr_in *add = (struct sockaddr_in *) address;
#endif
@@
-552,6
+555,7
@@
int tcpip_connect(COMSTACK h, void *address)
}
#if HAVE_GETADDRINFO
r = connect(h->iofile, ai->ai_addr, ai->ai_addrlen);
}
#if HAVE_GETADDRINFO
r = connect(h->iofile, ai->ai_addr, ai->ai_addrlen);
+ sp->ai_connect = ai;
#else
r = connect(h->iofile, (struct sockaddr *) add, sizeof(*add));
#endif
#else
r = connect(h->iofile, (struct sockaddr *) add, sizeof(*add));
#endif
@@
-568,7
+572,7
@@
int tcpip_connect(COMSTACK h, void *address)
#else
if (yaz_errno() == EINPROGRESS)
{
#else
if (yaz_errno() == EINPROGRESS)
{
- fprintf(stderr, "Pending fd=%d\n", h->iofile);
+ TRC(fprintf(stderr, "Pending fd=%d\n", h->iofile));
h->event = CS_CONNECT;
h->state = CS_ST_CONNECTING;
h->io_pending = CS_WANT_WRITE|CS_WANT_READ;
h->event = CS_CONNECT;
h->state = CS_ST_CONNECTING;
h->io_pending = CS_WANT_WRITE|CS_WANT_READ;
@@
-588,7
+592,7
@@
int tcpip_connect(COMSTACK h, void *address)
*/
int tcpip_rcvconnect(COMSTACK h)
{
*/
int tcpip_rcvconnect(COMSTACK h)
{
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
tcpip_state *sp = (tcpip_state *)h->cprivate;
#endif
TRC(fprintf(stderr, "tcpip_rcvconnect\n"));
tcpip_state *sp = (tcpip_state *)h->cprivate;
#endif
TRC(fprintf(stderr, "tcpip_rcvconnect\n"));
@@
-620,7
+624,7
@@
int tcpip_rcvconnect(COMSTACK h)
{
if (ssl_check_error(h, sp, res))
return 1;
{
if (ssl_check_error(h, sp, res))
return 1;
- return -1;
+ return cont_connect(h);
}
}
#endif
}
}
#endif
@@
-651,16
+655,14
@@
static int tcpip_bind(COMSTACK h, void *address, int mode)
if (h->type == ssl_type && !sp->session)
{
int res;
if (h->type == ssl_type && !sp->session)
{
int res;
- gnutls_global_init();
-
tcpip_create_cred(h);
tcpip_create_cred(h);
-
res = gnutls_certificate_set_x509_key_file(sp->cred_ptr->xcred,
sp->cert_fname,
sp->cert_fname,
GNUTLS_X509_FMT_PEM);
if (res != GNUTLS_E_SUCCESS)
{
res = gnutls_certificate_set_x509_key_file(sp->cred_ptr->xcred,
sp->cert_fname,
sp->cert_fname,
GNUTLS_X509_FMT_PEM);
if (res != GNUTLS_E_SUCCESS)
{
+ fprintf(stderr, "Error 1\n");
h->cerrno = CSERRORSSL;
return -1;
}
h->cerrno = CSERRORSSL;
return -1;
}
@@
-1047,7
+1049,7
@@
int tcpip_get(COMSTACK h, char **buf, int *bufsize)
}
}
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
/*
* Return: -1 error, >1 good, len of buffer, ==1 incomplete buffer,
* 0=connection closed.
/*
* Return: -1 error, >1 good, len of buffer, ==1 incomplete buffer,
* 0=connection closed.
@@
-1084,7
+1086,6
@@
int ssl_get(COMSTACK h, char **buf, int *bufsize)
else if (*bufsize - hasread < CS_TCPIP_BUFCHUNK)
if (!(*buf =(char *)xrealloc(*buf, *bufsize *= 2)))
return -1;
else if (*bufsize - hasread < CS_TCPIP_BUFCHUNK)
if (!(*buf =(char *)xrealloc(*buf, *bufsize *= 2)))
return -1;
-#if HAVE_GNUTLS_H
res = gnutls_record_recv(sp->session, *buf + hasread,
CS_TCPIP_BUFCHUNK);
if (res == 0)
res = gnutls_record_recv(sp->session, *buf + hasread,
CS_TCPIP_BUFCHUNK);
if (res == 0)
@@
-1098,16
+1099,6
@@
int ssl_get(COMSTACK h, char **buf, int *bufsize)
break;
return -1;
}
break;
return -1;
}
-#else
- res = SSL_read(sp->ssl, *buf + hasread, CS_TCPIP_BUFCHUNK);
- TRC(fprintf(stderr, " SSL_read res=%d, hasread=%d\n", res, hasread));
- if (res <= 0)
- {
- if (ssl_check_error(h, sp, res))
- break;
- return -1;
- }
-#endif
hasread += res;
}
TRC (fprintf (stderr, " Out of read loop with hasread=%d, berlen=%d\n",
hasread += res;
}
TRC (fprintf (stderr, " Out of read loop with hasread=%d, berlen=%d\n",
@@
-1204,7
+1195,7
@@
int tcpip_put(COMSTACK h, char *buf, int size)
}
}
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
/*
* Returns 1, 0 or -1
* In nonblocking mode, you must call again with same buffer while
/*
* Returns 1, 0 or -1
* In nonblocking mode, you must call again with same buffer while
@@
-1230,7
+1221,6
@@
int ssl_put(COMSTACK h, char *buf, int size)
}
while (state->towrite > state->written)
{
}
while (state->towrite > state->written)
{
-#if HAVE_GNUTLS_H
res = gnutls_record_send(state->session, buf + state->written,
size - state->written);
if (res <= 0)
res = gnutls_record_send(state->session, buf + state->written,
size - state->written);
if (res <= 0)
@@
-1239,16
+1229,6
@@
int ssl_put(COMSTACK h, char *buf, int size)
return 1;
return -1;
}
return 1;
return -1;
}
-#else
- res = SSL_write(state->ssl, buf + state->written,
- size - state->written);
- if (res <= 0)
- {
- if (ssl_check_error(h, state, res))
- return 1;
- return -1;
- }
-#endif
state->written += res;
TRC(fprintf(stderr, " Wrote %d, written=%d, nbytes=%d\n",
res, state->written, size));
state->written += res;
TRC(fprintf(stderr, " Wrote %d, written=%d, nbytes=%d\n",
res, state->written, size));
@@
-1513,7
+1493,7
@@
void *cs_get_ssl(COMSTACK cs)
int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
{
int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
{
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
if (cs && cs->type == ssl_type)
{
/* doesn't do anything for GNUTLS */
if (cs && cs->type == ssl_type)
{
/* doesn't do anything for GNUTLS */
@@
-1525,7
+1505,7
@@
int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname)
{
int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname)
{
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
if (cs && cs->type == ssl_type)
{
struct tcpip_state *sp = (struct tcpip_state *) cs->cprivate;
if (cs && cs->type == ssl_type)
{
struct tcpip_state *sp = (struct tcpip_state *) cs->cprivate;