From: Adam Dickmeiss <adam@indexdata.dk>
Date: Tue, 25 Feb 2014 07:33:57 +0000 (+0100)
Subject: Merge branch 'master' into yaz-743
X-Git-Tag: v5.0.16~2
X-Git-Url: http://git.indexdata.com/?p=yaz-moved-to-github.git;a=commitdiff_plain;h=afb64586ca7d3f97d06d867dd4ca0fe2297a1bf5;hp=63b0249c36ae686af992c1426749ebfb14ad2a03

Merge branch 'master' into yaz-743
---

diff --git a/src/comstack.c b/src/comstack.c
index dfab102..d364f05 100644
--- a/src/comstack.c
+++ b/src/comstack.c
@@ -21,10 +21,6 @@
 #include <yaz/odr.h>
 #include <yaz/matchstr.h>
 
-#if HAVE_GNUTLS_H
-#define ENABLE_SSL 1
-#endif
-
 static const char *cs_errlist[] =
 {
     "No error or unspecified error",
@@ -135,7 +131,7 @@ int cs_parse_host(const char *uri, const char **host,
     }
     else if (strncmp (uri, "ssl:", 4) == 0)
     {
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
         *t = ssl_type;
         *host = uri + 4;
         *proto = PROTO_Z3950;
@@ -154,7 +150,7 @@ int cs_parse_host(const char *uri, const char **host,
     }
     else if (strncmp(uri, "https:", 6) == 0)
     {
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
         *t = ssl_type;
         *host = uri + 6;
         while (**host == '/')
diff --git a/src/tcpip.c b/src/tcpip.c
index 0fde196..60e3606 100644
--- a/src/tcpip.c
+++ b/src/tcpip.c
@@ -60,7 +60,6 @@
 #if HAVE_GNUTLS_H
 #include <gnutls/x509.h>
 #include <gnutls/gnutls.h>
-#define ENABLE_SSL 1
 #endif
 
 #include <yaz/comstack.h>
@@ -81,7 +80,7 @@ static int tcpip_listen(COMSTACK h, char *raddr, int *addrlen,
                  void *cd);
 static int tcpip_set_blocking(COMSTACK p, int blocking);
 
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
 static int ssl_get(COMSTACK h, char **buf, int *bufsize);
 static int ssl_put(COMSTACK h, char *buf, int size);
 #endif
@@ -256,9 +255,7 @@ static void tcpip_create_cred(COMSTACK cs)
 
 COMSTACK ssl_type(int s, int flags, int protocol, void *vp)
 {
-#if !ENABLE_SSL
-    return 0;
-#else
+#if HAVE_GNUTLS_H
     tcpip_state *sp;
     COMSTACK p;
 
@@ -270,18 +267,17 @@ COMSTACK ssl_type(int s, int flags, int protocol, void *vp)
     p->type = ssl_type;
     sp = (tcpip_state *) p->cprivate;
 
-#if HAVE_GNUTLS_H
     sp->session = (gnutls_session_t) vp;
-#endif
     /* note: we don't handle already opened socket in SSL mode - yet */
     return p;
+#else
+    return 0;
 #endif
 }
 
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
 static int ssl_check_error(COMSTACK h, tcpip_state *sp, int res)
 {
-#if HAVE_GNUTLS_H
     TRC(fprintf(stderr, "ssl_check_error error=%d fatal=%d msg=%s\n",
                 res,
                 gnutls_error_is_fatal(res),
@@ -293,7 +289,6 @@ static int ssl_check_error(COMSTACK h, tcpip_state *sp, int res)
         h->io_pending = dir ? CS_WANT_WRITE : CS_WANT_READ;
         return 1;
     }
-#endif
     h->cerrno = CSERRORSSL;
     return 0;
 }
@@ -588,7 +583,7 @@ int tcpip_connect(COMSTACK h, void *address)
  */
 int tcpip_rcvconnect(COMSTACK h)
 {
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
     tcpip_state *sp = (tcpip_state *)h->cprivate;
 #endif
     TRC(fprintf(stderr, "tcpip_rcvconnect\n"));
@@ -661,6 +656,7 @@ static int tcpip_bind(COMSTACK h, void *address, int mode)
                                                    GNUTLS_X509_FMT_PEM);
         if (res != GNUTLS_E_SUCCESS)
         {
+            fprintf(stderr, "Error 1\n");
             h->cerrno = CSERRORSSL;
             return -1;
         }
@@ -1047,7 +1043,7 @@ int tcpip_get(COMSTACK h, char **buf, int *bufsize)
 }
 
 
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
 /*
  * Return: -1 error, >1 good, len of buffer, ==1 incomplete buffer,
  * 0=connection closed.
@@ -1084,7 +1080,6 @@ int ssl_get(COMSTACK h, char **buf, int *bufsize)
         else if (*bufsize - hasread < CS_TCPIP_BUFCHUNK)
             if (!(*buf =(char *)xrealloc(*buf, *bufsize *= 2)))
                 return -1;
-#if HAVE_GNUTLS_H
         res = gnutls_record_recv(sp->session, *buf + hasread,
                                  CS_TCPIP_BUFCHUNK);
         if (res == 0)
@@ -1098,16 +1093,6 @@ int ssl_get(COMSTACK h, char **buf, int *bufsize)
                 break;
             return -1;
         }
-#else
-        res = SSL_read(sp->ssl, *buf + hasread, CS_TCPIP_BUFCHUNK);
-        TRC(fprintf(stderr, "  SSL_read res=%d, hasread=%d\n", res, hasread));
-        if (res <= 0)
-        {
-            if (ssl_check_error(h, sp, res))
-                break;
-            return -1;
-        }
-#endif
         hasread += res;
     }
     TRC (fprintf (stderr, "  Out of read loop with hasread=%d, berlen=%d\n",
@@ -1204,7 +1189,7 @@ int tcpip_put(COMSTACK h, char *buf, int size)
 }
 
 
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
 /*
  * Returns 1, 0 or -1
  * In nonblocking mode, you must call again with same buffer while
@@ -1230,7 +1215,6 @@ int ssl_put(COMSTACK h, char *buf, int size)
     }
     while (state->towrite > state->written)
     {
-#if HAVE_GNUTLS_H
         res = gnutls_record_send(state->session, buf + state->written,
                                  size - state->written);
         if (res <= 0)
@@ -1239,16 +1223,6 @@ int ssl_put(COMSTACK h, char *buf, int size)
                 return 1;
             return -1;
         }
-#else
-        res = SSL_write(state->ssl, buf + state->written,
-                        size - state->written);
-        if (res <= 0)
-        {
-            if (ssl_check_error(h, state, res))
-                return 1;
-            return -1;
-        }
-#endif
         state->written += res;
         TRC(fprintf(stderr, "  Wrote %d, written=%d, nbytes=%d\n",
                     res, state->written, size));
@@ -1513,7 +1487,7 @@ void *cs_get_ssl(COMSTACK cs)
 
 int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
 {
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
     if (cs && cs->type == ssl_type)
     {
         /* doesn't do anything for GNUTLS */
@@ -1525,7 +1499,7 @@ int cs_set_ssl_ctx(COMSTACK cs, void *ctx)
 
 int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname)
 {
-#if ENABLE_SSL
+#if HAVE_GNUTLS_H
     if (cs && cs->type == ssl_type)
     {
         struct tcpip_state *sp = (struct tcpip_state *) cs->cprivate;