Changes in / [ec3e411:1d2e3c2]

Files:

• doc/README (modified) (1 diff)
• protocols/ssl_openssl.c (modified) (8 diffs)

doc/README

@@ -50 +50 @@
 
 These days, MSN Messenger clients have to connect to the MS Passport servers
-through HTTPS. BitlBee can use several SSL libraries for this: GnuTLS, NSS
+through HTTPS. BitlBee can use serveral SSL libraries for this: GnuTLS, NSS
 (which comes with Mozilla) and OpenSSL. OpenSSL is not GPL-compatible in some
 situations, so using GnuTLS or NSS is preferred. However, especially on *BSD,

protocols/ssl_openssl.c

@@ -5 +5 @@
   \********************************************************************/
 
-/* SSL module - OpenTLS version                                          */
+/* SSL module - GnuTLS version                                          */
 
 /*
@@ -41 +41 @@
 struct scd
 {
-        SslInputFunction func;
+        ssl_input_function func;
         gpointer data;
         int fd;
         gboolean established;
         
+        int inpa;
+        int lasterr;            /* Necessary for SSL_get_error */
         SSL *ssl;
         SSL_CTX *ssl_ctx;
@@ -54 +56 @@
 
 
-void *ssl_connect( char *host, int port, SslInputFunction func, gpointer data )
+void *ssl_connect( char *host, int port, ssl_input_function func, gpointer data )
 {
         struct scd *conn = g_new0( struct scd, 1 );
@@ -93 +95 @@
 }
 
+static void ssl_handshake( gpointer data, gint source, GaimInputCondition cond );
+
 static void ssl_connected( gpointer data, gint source, GaimInputCondition cond )
 {
@@ -98 +102 @@
         
         if( source == -1 )
-                goto ssl_connected_failure;
-        
+                return ssl_handshake( data, -1, cond );
+        
+        /* Make it non-blocking at least during the handshake... */
+        sock_make_nonblocking( conn->fd );
         SSL_set_fd( conn->ssl, conn->fd );
         
-        if( SSL_connect( conn->ssl ) < 0 )
-                goto ssl_connected_failure;
+        return ssl_handshake( data, source, cond );
+}       
+
+static void ssl_handshake( gpointer data, gint source, GaimInputCondition cond )
+{
+        struct scd *conn = data;
+        int st;
+        
+        if( conn->inpa != -1 )
+        {
+                gaim_input_remove( conn->inpa );
+                conn->inpa = -1;
+        }
+        
+        if( ( st = SSL_connect( conn->ssl ) ) < 0 )
+        {
+                conn->lasterr = SSL_get_error( conn->ssl, st );
+                if( conn->lasterr != SSL_ERROR_WANT_READ && conn->lasterr != SSL_ERROR_WANT_WRITE )
+                        goto ssl_connected_failure;
+                
+                conn->inpa = gaim_input_add( conn->fd, ssl_getdirection( conn ), ssl_handshake, data );
+                return;
+        }
         
         conn->established = TRUE;
+        sock_make_blocking( conn->fd );         /* For now... */
         conn->func( conn->data, conn, cond );
         return;
@@ -127 +155 @@
 int ssl_read( void *conn, char *buf, int len )
 {
+        int st;
+        
         if( !((struct scd*)conn)->established )
-                return( 0 );
-        
-        return( SSL_read( ((struct scd*)conn)->ssl, buf, len ) );
+        {
+                ssl_errno = SSL_NOHANDSHAKE;
+                return -1;
+        }
+        
+        st = SSL_read( ((struct scd*)conn)->ssl, buf, len );
+        
+        ssl_errno = SSL_OK;
+        if( st <= 0 )
+        {
+                ((struct scd*)conn)->lasterr = SSL_get_error( ((struct scd*)conn)->ssl, st );
+                if( ((struct scd*)conn)->lasterr == SSL_ERROR_WANT_READ || ((struct scd*)conn)->lasterr == SSL_ERROR_WANT_WRITE )
+                        ssl_errno = SSL_AGAIN;
+        }
+        
+        return st;
 }
 
 int ssl_write( void *conn, const char *buf, int len )
 {
+        int st;
+        
         if( !((struct scd*)conn)->established )
-                return( 0 );
-        
-        return( SSL_write( ((struct scd*)conn)->ssl, buf, len ) );
+        {
+                ssl_errno = SSL_NOHANDSHAKE;
+                return -1;
+        }
+        
+        st = SSL_write( ((struct scd*)conn)->ssl, buf, len );
+        
+        ssl_errno = SSL_OK;
+        if( st <= 0 )
+        {
+                ((struct scd*)conn)->lasterr = SSL_get_error( ((struct scd*)conn)->ssl, st );
+                if( ((struct scd*)conn)->lasterr == SSL_ERROR_WANT_READ || ((struct scd*)conn)->lasterr == SSL_ERROR_WANT_WRITE )
+                        ssl_errno = SSL_AGAIN;
+        }
+        
+        return st;
 }
 
@@ -144 +202 @@
 {
         struct scd *conn = conn_;
+        
+        if( conn->inpa != -1 )
+                gaim_input_remove( conn->inpa );
         
         if( conn->established )
@@ -159 +220 @@
         return( ((struct scd*)conn)->fd );
 }
+
+GaimInputCondition ssl_getdirection( void *conn )
+{
+        return( ((struct scd*)conn)->lasterr == SSL_ERROR_WANT_WRITE ? GAIM_INPUT_WRITE : GAIM_INPUT_READ );
+}