2 * Copyright (c) 2004-2005 Sergey Lyubka <valenok@gmail.com>
5 * "THE BEER-WARE LICENSE" (Revision 42):
6 * Sergey Lyubka wrote this file. As long as you retain this notice you
7 * can do whatever you want with this stuff. If we meet some day, and you think
8 * this stuff is worth it, you can buy me a beer in return.
14 struct ssl_func ssl_sw[] = {
20 {"SSL_get_error", {0}},
24 {"SSLv23_server_method", {0}},
25 {"SSL_library_init", {0}},
26 {"SSL_CTX_use_PrivateKey_file", {0}},
27 {"SSL_CTX_use_certificate_file",{0}},
32 ssl_handshake(struct stream *stream)
36 if ((n = SSL_accept(stream->chan.ssl.ssl)) == 0) {
37 n = SSL_get_error(stream->chan.ssl.ssl, n);
38 if (n != SSL_ERROR_WANT_READ && n != SSL_ERROR_WANT_WRITE)
39 stream->flags |= FLAG_CLOSED;
40 elog(E_LOG, stream->conn, "SSL_accept error %d", n);
42 DBG(("handshake: SSL accepted"));
43 stream->flags |= FLAG_SSL_ACCEPTED;
48 read_ssl(struct stream *stream, void *buf, size_t len)
52 assert(stream->chan.ssl.ssl != NULL);
54 if (!(stream->flags & FLAG_SSL_ACCEPTED))
55 ssl_handshake(stream);
57 if (stream->flags & FLAG_SSL_ACCEPTED)
58 nread = SSL_read(stream->chan.ssl.ssl, buf, len);
64 write_ssl(struct stream *stream, const void *buf, size_t len)
66 assert(stream->chan.ssl.ssl != NULL);
67 return (SSL_write(stream->chan.ssl.ssl, buf, len));
71 close_ssl(struct stream *stream)
73 assert(stream->chan.ssl.sock != -1);
74 assert(stream->chan.ssl.ssl != NULL);
75 (void) closesocket(stream->chan.ssl.sock);
76 SSL_free(stream->chan.ssl.ssl);
79 const struct io_class io_ssl = {