projects
/
yaz-moved-to-github.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
e8687e3
)
GNU TLS operational. Issues with non-blocked I/O left.
author
Adam Dickmeiss
<adam@indexdata.dk>
Wed, 4 Jun 2008 23:35:40 +0000
(
01:35
+0200)
committer
Adam Dickmeiss
<adam@indexdata.dk>
Wed, 4 Jun 2008 23:35:40 +0000
(
01:35
+0200)
src/tcpip.c
patch
|
blob
|
history
diff --git
a/src/tcpip.c
b/src/tcpip.c
index
24e205a
..
5402527
100644
(file)
--- a/
src/tcpip.c
+++ b/
src/tcpip.c
@@
-545,7
+545,8
@@
int tcpip_rcvconnect(COMSTACK h)
sp->ssl = SSL_new (sp->ctx);
SSL_set_fd (sp->ssl, h->iofile);
}
sp->ssl = SSL_new (sp->ctx);
SSL_set_fd (sp->ssl, h->iofile);
}
- res = SSL_connect (sp->ssl);
+ res = SSL_connect(sp->ssl);
+#if HAVE_OPENSSL_SSL_H
if (res <= 0)
{
int err = SSL_get_error(sp->ssl, res);
if (res <= 0)
{
int err = SSL_get_error(sp->ssl, res);
@@
-562,6
+563,20
@@
int tcpip_rcvconnect(COMSTACK h)
h->cerrno = CSERRORSSL;
return -1;
}
h->cerrno = CSERRORSSL;
return -1;
}
+#else
+ TRC(fprintf(stderr, "SSL_connect res=%d last_error=%d\n",
+ res, sp->ssl->last_error));
+ if (res == 0 && sp->ssl->last_error == GNUTLS_E_AGAIN)
+ {
+ h->io_pending = CS_WANT_READ;
+ return 1;
+ }
+ else if (res <= 0)
+ {
+ h->cerrno = CSERRORSSL;
+ return -1;
+ }
+#endif
}
#endif
h->event = CS_DATA;
}
#endif
h->event = CS_DATA;
@@
-856,8
+871,10
@@
COMSTACK tcpip_accept(COMSTACK h)
tcpip_state *state = (tcpip_state *)h->cprivate;
if (state->ctx)
{
tcpip_state *state = (tcpip_state *)h->cprivate;
if (state->ctx)
{
- int res = SSL_accept (state->ssl);
+ int res;
TRC(fprintf(stderr, "SSL_accept\n"));
TRC(fprintf(stderr, "SSL_accept\n"));
+ res = SSL_accept (state->ssl);
+#if HAVE_OPENSSL_SSL_H
if (res <= 0)
{
int err = SSL_get_error(state->ssl, res);
if (res <= 0)
{
int err = SSL_get_error(state->ssl, res);
@@
-874,6
+891,20
@@
COMSTACK tcpip_accept(COMSTACK h)
cs_close (h);
return 0;
}
cs_close (h);
return 0;
}
+#else
+ TRC(fprintf(stderr, "SSL_accept res=%d last_error=%d\n",
+ res, state->ssl->last_error));
+ if (res == 0 && state->ssl->last_error == GNUTLS_E_AGAIN)
+ {
+ h->io_pending = CS_WANT_READ;
+ return h;
+ }
+ else if (res <= 0) /* assume real error */
+ {
+ cs_close(h);
+ return 0;
+ }
+#endif
}
#endif
}
}
#endif
}
@@
-1394,8
+1425,8
@@
int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len)
SSL *ssl = (SSL *) cs_get_ssl(cs);
if (ssl)
{
SSL *ssl = (SSL *) cs_get_ssl(cs);
if (ssl)
{
- X509 *server_cert = SSL_get_peer_certificate (ssl);
#if HAVE_OPENSSL_SSL_H
#if HAVE_OPENSSL_SSL_H
+ X509 *server_cert = SSL_get_peer_certificate (ssl);
if (server_cert)
{
BIO *bio = BIO_new(BIO_s_mem());
if (server_cert)
{
BIO *bio = BIO_new(BIO_s_mem());