Changeset 80acb6d


Ignore:
Timestamp:
2011-11-14T10:43:03Z (12 years ago)
Author:
Wilmer van der Gaast <wilmer@…>
Branches:
master
Children:
5dd725d
Parents:
03a8f8e
Message:

GnuTLS now also needs ssl_pending() implemented. Bug #860.

Location:
lib
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • lib/http_client.c

    r03a8f8e r80acb6d  
    240240                                 http_incoming_data, req );
    241241       
    242         return FALSE;
     242        if( ssl_pending( req->ssl ) )
     243                return http_incoming_data( data, source, cond );
     244        else
     245                return FALSE;
    243246
    244247got_reply:
  • lib/ssl_client.h

    r03a8f8e r80acb6d  
    6363G_MODULE_EXPORT int ssl_write( void *conn, const char *buf, int len );
    6464
    65 /* See ssl_openssl.c for an explanation. */
     65/* Now needed by most SSL libs. See for more info:
     66   http://www.gnu.org/software/gnutls/manual/gnutls.html#index-gnutls_005frecord_005fcheck_005fpending-209
     67   http://www.openssl.org/docs/ssl/SSL_pending.html
     68   
     69   Required because OpenSSL empties the TCP buffer completely but doesn't
     70   necessarily give us all the unencrypted data. Or maybe you didn't ask
     71   for all of it because your buffer is too small.
     72   
     73   Returns 0 if there's nothing left, 1 if there's more data. */
    6674G_MODULE_EXPORT int ssl_pending( void *conn );
    6775
  • lib/ssl_gnutls.c

    r03a8f8e r80acb6d  
    135135        gnutls_certificate_allocate_credentials( &conn->xcred );
    136136        gnutls_init( &conn->session, GNUTLS_CLIENT );
    137         gnutls_transport_set_lowat( conn->session, 1 );
     137#if GNUTLS_VERSION_NUMBER < 0x020c00
     138        gnutls_transport_set_lowat( conn->session, 0 );
     139#endif
    138140        gnutls_set_default_priority( conn->session );
    139141        gnutls_credentials_set( conn->session, GNUTLS_CRD_CERTIFICATE, conn->xcred );
     
    187189        {
    188190                ssl_errno = SSL_NOHANDSHAKE;
    189                 return( -1 );
     191                return -1;
    190192        }
    191193       
     
    208210        {
    209211                ssl_errno = SSL_NOHANDSHAKE;
    210                 return( -1 );
     212                return -1;
    211213        }
    212214       
     
    222224}
    223225
    224 /* See ssl_openssl.c for an explanation. */
    225226int ssl_pending( void *conn )
    226227{
    227         return 0;
     228        if( conn == NULL )
     229                return 0;
     230       
     231        if( !((struct scd*)conn)->established )
     232        {
     233                ssl_errno = SSL_NOHANDSHAKE;
     234                return 0;
     235        }
     236       
     237        return gnutls_record_check_pending( ((struct scd*)conn)->session ) != 0;
    228238}
    229239
  • lib/ssl_nss.c

    r03a8f8e r80acb6d  
    207207}
    208208
    209 /* See ssl_openssl.c for an explanation. */
    210209int ssl_pending( void *conn )
    211210{
  • lib/ssl_openssl.c

    r03a8f8e r80acb6d  
    241241}
    242242
    243 /* Only OpenSSL *really* needs this (and well, maybe NSS). See for more info:
    244    http://www.gnu.org/software/gnutls/manual/gnutls.html#index-gnutls_005frecord_005fcheck_005fpending-209
    245    http://www.openssl.org/docs/ssl/SSL_pending.html
    246    
    247    Required because OpenSSL empties the TCP buffer completely but doesn't
    248    necessarily give us all the unencrypted data.
    249    
    250    Returns 0 if there's nothing left or if we don't have to care (GnuTLS),
    251    1 if there's more data. */
    252243int ssl_pending( void *conn )
    253244{
Note: See TracChangeset for help on using the changeset viewer.