Commit 16f7a4296839e63b977729b6e0732d63c598178f
1 parent
ca9bad61
checked SSL support, the only thing that was really broken was the error handlin…
…g while reading data... well maybe writing has also bugs, but it works.
Showing
4 changed files
with
63 additions
and
34 deletions
... | ... | @@ -60,14 +60,14 @@ serverRun(Server this) |
60 | 60 | } |
61 | 61 | } |
62 | 62 | |
63 | - // /** | |
64 | - // * handle accept SSL | |
65 | - // */ | |
66 | - // if (0 != ((this->fds)[1].revents & POLLIN)) { | |
67 | - // if (-1 == serverHandleAccept(this, 1)) { | |
68 | - // events--; | |
69 | - // } | |
70 | - // } | |
63 | + /** | |
64 | + * handle accept SSL | |
65 | + */ | |
66 | + if (0 != ((this->fds)[1].revents & POLLIN)) { | |
67 | + if (-1 == serverHandleAccept(this, 1)) { | |
68 | + events--; | |
69 | + } | |
70 | + } | |
71 | 71 | |
72 | 72 | for (i=2; i < this->nfds; i++) { |
73 | 73 | /** | ... | ... |
... | ... | @@ -74,30 +74,30 @@ serverCtor(void * _this, va_list * params) |
74 | 74 | flags = fcntl(this->sock->handle, F_GETFL, 0); |
75 | 75 | fcntl(this->sock->handle, F_SETFL, flags | O_NONBLOCK); |
76 | 76 | |
77 | - // this->sockSSL = new(Sock, this->logger, port+1); | |
78 | - // flags = fcntl(this->sockSSL->handle, F_GETFL, 0); | |
79 | - // fcntl(this->sockSSL->handle, F_SETFL, flags | O_NONBLOCK); | |
80 | - | |
81 | - // SSL_library_init(); | |
82 | - // SSL_load_error_strings(); | |
83 | - // this->ctx = SSL_CTX_new(SSLv23_server_method()); | |
84 | - // SSL_CTX_use_certificate_file( | |
85 | - // this->ctx, | |
86 | - // "./certs/server.crt", | |
87 | - // SSL_FILETYPE_PEM); | |
88 | - | |
89 | - // SSL_CTX_use_RSAPrivateKey_file( | |
90 | - // this->ctx, | |
91 | - // "./certs/server.key", | |
92 | - // SSL_FILETYPE_PEM); | |
77 | + this->sockSSL = new(Sock, this->logger, port+1); | |
78 | + flags = fcntl(this->sockSSL->handle, F_GETFL, 0); | |
79 | + fcntl(this->sockSSL->handle, F_SETFL, flags | O_NONBLOCK); | |
80 | + | |
81 | + SSL_library_init(); | |
82 | + SSL_load_error_strings(); | |
83 | + this->ctx = SSL_CTX_new(SSLv23_server_method()); | |
84 | + SSL_CTX_use_certificate_file( | |
85 | + this->ctx, | |
86 | + "./certs/server.crt", | |
87 | + SSL_FILETYPE_PEM); | |
88 | + | |
89 | + SSL_CTX_use_RSAPrivateKey_file( | |
90 | + this->ctx, | |
91 | + "./certs/server.key", | |
92 | + SSL_FILETYPE_PEM); | |
93 | 93 | |
94 | 94 | socketListen(this->sock, backlog); |
95 | - // socketListen(this->sockSSL, backlog); | |
95 | + socketListen(this->sockSSL, backlog); | |
96 | 96 | |
97 | 97 | (this->fds)[0].fd = this->sock->handle; |
98 | 98 | (this->fds)[0].events = POLLIN; |
99 | - // (this->fds)[1].fd = this->sockSSL->handle; | |
100 | - // (this->fds)[1].events = POLLIN; | |
99 | + (this->fds)[1].fd = this->sockSSL->handle; | |
100 | + (this->fds)[1].events = POLLIN; | |
101 | 101 | this->nfds = 2; |
102 | 102 | |
103 | 103 | return 0; |
... | ... | @@ -111,9 +111,8 @@ serverDtor(void * _this) |
111 | 111 | int i; |
112 | 112 | |
113 | 113 | for (i=0; i<this->nfds; i++) { |
114 | - //if (this->sock->handle != (this->fds)[i].fd && | |
115 | - // this->sockSSL->handle != (this->fds)[i].fd) { | |
116 | - if (this->sock->handle != (this->fds)[i].fd) { | |
114 | + if (this->sock->handle != (this->fds)[i].fd && | |
115 | + this->sockSSL->handle != (this->fds)[i].fd) { | |
117 | 116 | serverCloseConn(this, i); |
118 | 117 | } |
119 | 118 | } |
... | ... | @@ -122,10 +121,10 @@ serverDtor(void * _this) |
122 | 121 | MEM_FREE(this->conns); |
123 | 122 | |
124 | 123 | delete(this->sock); |
125 | - // delete(this->sockSSL); | |
124 | + delete(this->sockSSL); | |
126 | 125 | |
127 | - // SSL_CTX_free(this->ctx); | |
128 | - // ERR_free_strings(); | |
126 | + SSL_CTX_free(this->ctx); | |
127 | + ERR_free_strings(); | |
129 | 128 | } |
130 | 129 | |
131 | 130 | INIT_IFACE(Class, serverCtor, serverDtor, NULL); | ... | ... |
... | ... | @@ -24,7 +24,13 @@ |
24 | 24 | #include <unistd.h> |
25 | 25 | #include <errno.h> |
26 | 26 | |
27 | +#include <openssl/err.h> | |
28 | + | |
27 | 29 | #include "stream.h" |
30 | +#include "logger.h" | |
31 | + | |
32 | +extern Logger logger; | |
33 | + | |
28 | 34 | |
29 | 35 | ssize_t |
30 | 36 | streamRead(Stream this, void * buf, size_t count) |
... | ... | @@ -60,6 +66,29 @@ streamRead(Stream this, void * buf, size_t count) |
60 | 66 | |
61 | 67 | case STREAM_SSL: |
62 | 68 | done = SSL_read((this->handle).ssl, buf, count); |
69 | + | |
70 | + if (0 > done) { | |
71 | + switch (SSL_get_error((this->handle).ssl, done)) { | |
72 | + case SSL_ERROR_SSL: | |
73 | + case SSL_ERROR_SYSCALL: | |
74 | + { | |
75 | + unsigned long err; | |
76 | + | |
77 | + while (0 != (err = ERR_get_error())) { | |
78 | + loggerLog( | |
79 | + logger, | |
80 | + LOGGER_DEBUG, | |
81 | + ERR_error_string(err, NULL)); | |
82 | + } | |
83 | + } | |
84 | + // DROP THROUGH | |
85 | + | |
86 | + case SSL_ERROR_ZERO_RETURN: | |
87 | + done = -2; | |
88 | + break; | |
89 | + } | |
90 | + } | |
91 | + | |
63 | 92 | break; |
64 | 93 | |
65 | 94 | default: | ... | ... |
... | ... | @@ -56,6 +56,8 @@ void nullhandler() {} |
56 | 56 | |
57 | 57 | void daemonize(void); |
58 | 58 | |
59 | +Logger logger; | |
60 | + | |
59 | 61 | int |
60 | 62 | main() |
61 | 63 | { |
... | ... | @@ -132,7 +134,6 @@ main() |
132 | 134 | |
133 | 135 | default: |
134 | 136 | { |
135 | - Logger logger; | |
136 | 137 | AuthLdap auth; |
137 | 138 | HttpWorker worker; |
138 | 139 | Server server; | ... | ... |
Please
register
or
login
to post a comment