X-Git-Url: https://git.pterodactylus.net/?a=blobdiff_plain;f=libs%2Fshttpd%2Fio_ssl.c;fp=libs%2Fshttpd%2Fio_ssl.c;h=753257fd8d8e5af4c3a80481ab9cedc2c8396ba2;hb=d8ccfe2b3944adf07d35534459cdda19d15217c8;hp=0000000000000000000000000000000000000000;hpb=21f835f30b4e092c847bf4569a00995774f7330e;p=fms.git diff --git a/libs/shttpd/io_ssl.c b/libs/shttpd/io_ssl.c new file mode 100644 index 0000000..753257f --- /dev/null +++ b/libs/shttpd/io_ssl.c @@ -0,0 +1,85 @@ +/* + * Copyright (c) 2004-2005 Sergey Lyubka + * All rights reserved + * + * "THE BEER-WARE LICENSE" (Revision 42): + * Sergey Lyubka wrote this file. As long as you retain this notice you + * can do whatever you want with this stuff. If we meet some day, and you think + * this stuff is worth it, you can buy me a beer in return. + */ + +#include "defs.h" + +#if !defined(NO_SSL) +struct ssl_func ssl_sw[] = { + {"SSL_free", {0}}, + {"SSL_accept", {0}}, + {"SSL_connect", {0}}, + {"SSL_read", {0}}, + {"SSL_write", {0}}, + {"SSL_get_error", {0}}, + {"SSL_set_fd", {0}}, + {"SSL_new", {0}}, + {"SSL_CTX_new", {0}}, + {"SSLv23_server_method", {0}}, + {"SSL_library_init", {0}}, + {"SSL_CTX_use_PrivateKey_file", {0}}, + {"SSL_CTX_use_certificate_file",{0}}, + {NULL, {0}} +}; + +void +ssl_handshake(struct stream *stream) +{ + int n; + + if ((n = SSL_accept(stream->chan.ssl.ssl)) == 0) { + n = SSL_get_error(stream->chan.ssl.ssl, n); + if (n != SSL_ERROR_WANT_READ && n != SSL_ERROR_WANT_WRITE) + stream->flags |= FLAG_CLOSED; + elog(E_LOG, stream->conn, "SSL_accept error %d", n); + } else { + DBG(("handshake: SSL accepted")); + stream->flags |= FLAG_SSL_ACCEPTED; + } +} + +static int +read_ssl(struct stream *stream, void *buf, size_t len) +{ + int nread = 0; + + assert(stream->chan.ssl.ssl != NULL); + + if (!(stream->flags & FLAG_SSL_ACCEPTED)) + ssl_handshake(stream); + + if (stream->flags & FLAG_SSL_ACCEPTED) + nread = SSL_read(stream->chan.ssl.ssl, buf, len); + + return (nread); +} + +static int +write_ssl(struct stream *stream, const void *buf, size_t len) +{ + assert(stream->chan.ssl.ssl != NULL); + return (SSL_write(stream->chan.ssl.ssl, buf, len)); +} + +static void +close_ssl(struct stream *stream) +{ + assert(stream->chan.ssl.sock != -1); + assert(stream->chan.ssl.ssl != NULL); + (void) closesocket(stream->chan.ssl.sock); + SSL_free(stream->chan.ssl.ssl); +} + +const struct io_class io_ssl = { + "ssl", + read_ssl, + write_ssl, + close_ssl +}; +#endif /* !NO_SSL */