Commit 16f7a4296839e63b977729b6e0732d63c598178f
1 parent
ca9bad61
checked SSL support, the only thing that was really broken was the error handlin…
…g while reading data... well maybe writing has also bugs, but it works.
Showing
4 changed files
with
63 additions
and
34 deletions
| ... | ... | @@ -60,14 +60,14 @@ serverRun(Server this) |
| 60 | 60 | } |
| 61 | 61 | } |
| 62 | 62 | |
| 63 | - // /** | |
| 64 | - // * handle accept SSL | |
| 65 | - // */ | |
| 66 | - // if (0 != ((this->fds)[1].revents & POLLIN)) { | |
| 67 | - // if (-1 == serverHandleAccept(this, 1)) { | |
| 68 | - // events--; | |
| 69 | - // } | |
| 70 | - // } | |
| 63 | + /** | |
| 64 | + * handle accept SSL | |
| 65 | + */ | |
| 66 | + if (0 != ((this->fds)[1].revents & POLLIN)) { | |
| 67 | + if (-1 == serverHandleAccept(this, 1)) { | |
| 68 | + events--; | |
| 69 | + } | |
| 70 | + } | |
| 71 | 71 | |
| 72 | 72 | for (i=2; i < this->nfds; i++) { |
| 73 | 73 | /** | ... | ... |
| ... | ... | @@ -74,30 +74,30 @@ serverCtor(void * _this, va_list * params) |
| 74 | 74 | flags = fcntl(this->sock->handle, F_GETFL, 0); |
| 75 | 75 | fcntl(this->sock->handle, F_SETFL, flags | O_NONBLOCK); |
| 76 | 76 | |
| 77 | - // this->sockSSL = new(Sock, this->logger, port+1); | |
| 78 | - // flags = fcntl(this->sockSSL->handle, F_GETFL, 0); | |
| 79 | - // fcntl(this->sockSSL->handle, F_SETFL, flags | O_NONBLOCK); | |
| 80 | - | |
| 81 | - // SSL_library_init(); | |
| 82 | - // SSL_load_error_strings(); | |
| 83 | - // this->ctx = SSL_CTX_new(SSLv23_server_method()); | |
| 84 | - // SSL_CTX_use_certificate_file( | |
| 85 | - // this->ctx, | |
| 86 | - // "./certs/server.crt", | |
| 87 | - // SSL_FILETYPE_PEM); | |
| 88 | - | |
| 89 | - // SSL_CTX_use_RSAPrivateKey_file( | |
| 90 | - // this->ctx, | |
| 91 | - // "./certs/server.key", | |
| 92 | - // SSL_FILETYPE_PEM); | |
| 77 | + this->sockSSL = new(Sock, this->logger, port+1); | |
| 78 | + flags = fcntl(this->sockSSL->handle, F_GETFL, 0); | |
| 79 | + fcntl(this->sockSSL->handle, F_SETFL, flags | O_NONBLOCK); | |
| 80 | + | |
| 81 | + SSL_library_init(); | |
| 82 | + SSL_load_error_strings(); | |
| 83 | + this->ctx = SSL_CTX_new(SSLv23_server_method()); | |
| 84 | + SSL_CTX_use_certificate_file( | |
| 85 | + this->ctx, | |
| 86 | + "./certs/server.crt", | |
| 87 | + SSL_FILETYPE_PEM); | |
| 88 | + | |
| 89 | + SSL_CTX_use_RSAPrivateKey_file( | |
| 90 | + this->ctx, | |
| 91 | + "./certs/server.key", | |
| 92 | + SSL_FILETYPE_PEM); | |
| 93 | 93 | |
| 94 | 94 | socketListen(this->sock, backlog); |
| 95 | - // socketListen(this->sockSSL, backlog); | |
| 95 | + socketListen(this->sockSSL, backlog); | |
| 96 | 96 | |
| 97 | 97 | (this->fds)[0].fd = this->sock->handle; |
| 98 | 98 | (this->fds)[0].events = POLLIN; |
| 99 | - // (this->fds)[1].fd = this->sockSSL->handle; | |
| 100 | - // (this->fds)[1].events = POLLIN; | |
| 99 | + (this->fds)[1].fd = this->sockSSL->handle; | |
| 100 | + (this->fds)[1].events = POLLIN; | |
| 101 | 101 | this->nfds = 2; |
| 102 | 102 | |
| 103 | 103 | return 0; |
| ... | ... | @@ -111,9 +111,8 @@ serverDtor(void * _this) |
| 111 | 111 | int i; |
| 112 | 112 | |
| 113 | 113 | for (i=0; i<this->nfds; i++) { |
| 114 | - //if (this->sock->handle != (this->fds)[i].fd && | |
| 115 | - // this->sockSSL->handle != (this->fds)[i].fd) { | |
| 116 | - if (this->sock->handle != (this->fds)[i].fd) { | |
| 114 | + if (this->sock->handle != (this->fds)[i].fd && | |
| 115 | + this->sockSSL->handle != (this->fds)[i].fd) { | |
| 117 | 116 | serverCloseConn(this, i); |
| 118 | 117 | } |
| 119 | 118 | } |
| ... | ... | @@ -122,10 +121,10 @@ serverDtor(void * _this) |
| 122 | 121 | MEM_FREE(this->conns); |
| 123 | 122 | |
| 124 | 123 | delete(this->sock); |
| 125 | - // delete(this->sockSSL); | |
| 124 | + delete(this->sockSSL); | |
| 126 | 125 | |
| 127 | - // SSL_CTX_free(this->ctx); | |
| 128 | - // ERR_free_strings(); | |
| 126 | + SSL_CTX_free(this->ctx); | |
| 127 | + ERR_free_strings(); | |
| 129 | 128 | } |
| 130 | 129 | |
| 131 | 130 | INIT_IFACE(Class, serverCtor, serverDtor, NULL); | ... | ... |
| ... | ... | @@ -24,7 +24,13 @@ |
| 24 | 24 | #include <unistd.h> |
| 25 | 25 | #include <errno.h> |
| 26 | 26 | |
| 27 | +#include <openssl/err.h> | |
| 28 | + | |
| 27 | 29 | #include "stream.h" |
| 30 | +#include "logger.h" | |
| 31 | + | |
| 32 | +extern Logger logger; | |
| 33 | + | |
| 28 | 34 | |
| 29 | 35 | ssize_t |
| 30 | 36 | streamRead(Stream this, void * buf, size_t count) |
| ... | ... | @@ -60,6 +66,29 @@ streamRead(Stream this, void * buf, size_t count) |
| 60 | 66 | |
| 61 | 67 | case STREAM_SSL: |
| 62 | 68 | done = SSL_read((this->handle).ssl, buf, count); |
| 69 | + | |
| 70 | + if (0 > done) { | |
| 71 | + switch (SSL_get_error((this->handle).ssl, done)) { | |
| 72 | + case SSL_ERROR_SSL: | |
| 73 | + case SSL_ERROR_SYSCALL: | |
| 74 | + { | |
| 75 | + unsigned long err; | |
| 76 | + | |
| 77 | + while (0 != (err = ERR_get_error())) { | |
| 78 | + loggerLog( | |
| 79 | + logger, | |
| 80 | + LOGGER_DEBUG, | |
| 81 | + ERR_error_string(err, NULL)); | |
| 82 | + } | |
| 83 | + } | |
| 84 | + // DROP THROUGH | |
| 85 | + | |
| 86 | + case SSL_ERROR_ZERO_RETURN: | |
| 87 | + done = -2; | |
| 88 | + break; | |
| 89 | + } | |
| 90 | + } | |
| 91 | + | |
| 63 | 92 | break; |
| 64 | 93 | |
| 65 | 94 | default: | ... | ... |
| ... | ... | @@ -56,6 +56,8 @@ void nullhandler() {} |
| 56 | 56 | |
| 57 | 57 | void daemonize(void); |
| 58 | 58 | |
| 59 | +Logger logger; | |
| 60 | + | |
| 59 | 61 | int |
| 60 | 62 | main() |
| 61 | 63 | { |
| ... | ... | @@ -132,7 +134,6 @@ main() |
| 132 | 134 | |
| 133 | 135 | default: |
| 134 | 136 | { |
| 135 | - Logger logger; | |
| 136 | 137 | AuthLdap auth; |
| 137 | 138 | HttpWorker worker; |
| 138 | 139 | Server server; | ... | ... |
Please
register
or
login
to post a comment