projects
/
yaz-moved-to-github.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Implement cs_set_ssl_ctx which sets SSL_CTX for SSL comstack.
[yaz-moved-to-github.git]
/
src
/
tcpip.c
diff --git
a/src/tcpip.c
b/src/tcpip.c
index
8dacfe5
..
bcee219
100644
(file)
--- a/
src/tcpip.c
+++ b/
src/tcpip.c
@@
-2,7
+2,7
@@
* Copyright (c) 1995-2004, Index Data
* See the file LICENSE for details.
*
* Copyright (c) 1995-2004, Index Data
* See the file LICENSE for details.
*
- * $Id: tcpip.c,v 1.4 2004-04-29 08:55:17 adam Exp $
+ * $Id: tcpip.c,v 1.5 2004-04-29 21:19:23 adam Exp $
*/
#include <stdio.h>
*/
#include <stdio.h>
@@
-76,8
+76,8
@@
typedef struct tcpip_state
struct sockaddr_in addr; /* returned by cs_straddr */
char buf[128]; /* returned by cs_addrstr */
#if HAVE_OPENSSL_SSL_H
struct sockaddr_in addr; /* returned by cs_straddr */
char buf[128]; /* returned by cs_addrstr */
#if HAVE_OPENSSL_SSL_H
- SSL_CTX *ctx;
- SSL_CTX *ctx_alloc;
+ SSL_CTX *ctx; /* current CTX. */
+ SSL_CTX *ctx_alloc; /* If =ctx it is owned by CS. If 0 it is not owned */
SSL *ssl;
#endif
} tcpip_state;
SSL *ssl;
#endif
} tcpip_state;
@@
-204,20
+204,9
@@
COMSTACK ssl_type(int s, int blocking, int protocol, void *vp)
p->f_put = ssl_put;
p->type = ssl_type;
state = (tcpip_state *) p->cprivate;
p->f_put = ssl_put;
p->type = ssl_type;
state = (tcpip_state *) p->cprivate;
- if (vp)
- state->ctx = vp;
- else
- {
- SSL_load_error_strings();
- SSLeay_add_all_algorithms();
- state->ctx = state->ctx_alloc = SSL_CTX_new (SSLv23_method());
- if (!state->ctx)
- {
- tcpip_close(p);
- return 0;
- }
- }
+ state->ctx = vp; /* may be NULL */
+
/* note: we don't handle already opened socket in SSL mode - yet */
return p;
}
/* note: we don't handle already opened socket in SSL mode - yet */
return p;
}
@@
-295,9
+284,6
@@
int tcpip_more(COMSTACK h)
int tcpip_connect(COMSTACK h, void *address)
{
struct sockaddr_in *add = (struct sockaddr_in *)address;
int tcpip_connect(COMSTACK h, void *address)
{
struct sockaddr_in *add = (struct sockaddr_in *)address;
-#if HAVE_OPENSSL_SSL_H
- tcpip_state *sp = (tcpip_state *)h->cprivate;
-#endif
int r;
#ifdef __sun__
int recbuflen;
int r;
#ifdef __sun__
int recbuflen;
@@
-383,6
+369,18
@@
int tcpip_rcvconnect(COMSTACK h)
return -1;
}
#if HAVE_OPENSSL_SSL_H
return -1;
}
#if HAVE_OPENSSL_SSL_H
+ if (h->type == ssl_type && !sp->ctx)
+ {
+ SSL_load_error_strings();
+ SSLeay_add_all_algorithms();
+
+ sp->ctx = sp->ctx_alloc = SSL_CTX_new (SSLv23_method());
+ if (!sp->ctx)
+ {
+ h->cerrno = CSERRORSSL;
+ return -1;
+ }
+ }
if (sp->ctx)
{
int res;
if (sp->ctx)
{
int res;
@@
-451,6
+449,18
@@
static int tcpip_bind(COMSTACK h, void *address, int mode)
#if HAVE_OPENSSL_SSL_H
tcpip_state *sp = (tcpip_state *)h->cprivate;
#if HAVE_OPENSSL_SSL_H
tcpip_state *sp = (tcpip_state *)h->cprivate;
+ if (h->type == ssl_type && !sp->ctx)
+ {
+ SSL_load_error_strings();
+ SSLeay_add_all_algorithms();
+
+ sp->ctx = sp->ctx_alloc = SSL_CTX_new (SSLv23_method());
+ if (!sp->ctx)
+ {
+ h->cerrno = CSERRORSSL;
+ return -1;
+ }
+ }
if (sp->ctx)
{
if (sp->ctx_alloc)
if (sp->ctx)
{
if (sp->ctx_alloc)
@@
-1098,6
+1108,18
@@
int static tcpip_set_blocking(COMSTACK p, int blocking)
}
#if HAVE_OPENSSL_SSL_H
}
#if HAVE_OPENSSL_SSL_H
+int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
+{
+ struct tcpip_state *state;
+ if (!cs || cs->type != ssl_type)
+ return 0;
+ state = (struct tcpip_state *) cs->cprivate;
+ if (state->ctx_alloc)
+ return 0;
+ state->ctx = ctx;
+ return 1;
+}
+
void *cs_get_ssl(COMSTACK cs)
{
struct tcpip_state *state;
void *cs_get_ssl(COMSTACK cs)
{
struct tcpip_state *state;
@@
-1129,6
+1151,11
@@
int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len)
return 0;
}
#else
return 0;
}
#else
+int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
+{
+ return 0;
+}
+
void *cs_get_ssl(COMSTACK cs)
{
return 0;
void *cs_get_ssl(COMSTACK cs)
{
return 0;