Changes in lib/ssl_openssl.c [9730d72:8a2221a7]

File:

• lib/ssl_openssl.c (modified) (4 diffs)

lib/ssl_openssl.c

@@ -57 +57 @@
 
 
-void ssl_init( void )
-{
-        initialized = TRUE;
-        SSLeay_add_ssl_algorithms();
-}
-
 void *ssl_connect( char *host, int port, ssl_input_function func, gpointer data )
 {
@@ -68 +62 @@
         
         conn->fd = proxy_connect( host, port, ssl_connected, conn );
+        if( conn->fd < 0 )
+        {
+                g_free( conn );
+                return NULL;
+        }
+        
         conn->func = func;
         conn->data = data;
         conn->inpa = -1;
-        
-        if( conn->fd < 0 )
-        {
-                g_free( conn );
-                return NULL;
-        }
         
         return conn;
@@ -121 +115 @@
         if( !initialized )
         {
-                ssl_init();
+                initialized = TRUE;
+                SSLeay_add_ssl_algorithms();
         }
         
@@ -236 +231 @@
 }
 
+/* Only OpenSSL *really* needs this (and well, maybe NSS). See for more info:
+   http://www.gnu.org/software/gnutls/manual/gnutls.html#index-gnutls_005frecord_005fcheck_005fpending-209
+   http://www.openssl.org/docs/ssl/SSL_pending.html
+   
+   Required because OpenSSL empties the TCP buffer completely but doesn't
+   necessarily give us all the unencrypted data.
+   
+   Returns 0 if there's nothing left or if we don't have to care (GnuTLS),
+   1 if there's more data. */
+int ssl_pending( void *conn )
+{
+        return ( ((struct scd*)conn) && ((struct scd*)conn)->established ) ?
+               SSL_pending( ((struct scd*)conn)->ssl ) > 0 : 0;
+}
+
 void ssl_disconnect( void *conn_ )
 {