Changes in lib/ssl_openssl.c [59c03bd:def3650]
- File:
-
- 1 edited
-
lib/ssl_openssl.c (modified) (12 diffs)
Legend:
- Unmodified
- Added
- Removed
-
lib/ssl_openssl.c
r59c03bd rdef3650 2 2 * BitlBee -- An IRC to other IM-networks gateway * 3 3 * * 4 * Copyright 2002-20 04Wilmer van der Gaast and others *4 * Copyright 2002-2012 Wilmer van der Gaast and others * 5 5 \********************************************************************/ 6 6 … … 47 47 gboolean established; 48 48 gboolean verify; 49 char *hostname; 49 50 50 51 int inpa; 51 52 int lasterr; /* Necessary for SSL_get_error */ 52 53 SSL *ssl; 53 SSL_CTX *ssl_ctx;54 54 }; 55 55 56 static SSL_CTX *ssl_ctx; 57 58 static void ssl_conn_free( struct scd *conn ); 56 59 static gboolean ssl_connected( gpointer data, gint source, b_input_condition cond ); 57 60 static gboolean ssl_starttls_real( gpointer data, gint source, b_input_condition cond ); … … 61 64 void ssl_init( void ) 62 65 { 66 const SSL_METHOD *meth; 67 68 SSL_library_init(); 69 70 meth = TLSv1_client_method(); 71 ssl_ctx = SSL_CTX_new( meth ); 72 63 73 initialized = TRUE; 64 SSL_library_init();65 // SSLeay_add_ssl_algorithms();66 74 } 67 75 … … 73 81 if( conn->fd < 0 ) 74 82 { 75 g_free( conn );83 ssl_conn_free( conn ); 76 84 return NULL; 77 85 } … … 80 88 conn->data = data; 81 89 conn->inpa = -1; 90 conn->hostname = g_strdup( host ); 82 91 83 92 return conn; … … 93 102 conn->inpa = -1; 94 103 conn->verify = verify && global.conf->cafile; 104 conn->hostname = g_strdup( hostname ); 95 105 96 106 /* This function should be called via a (short) timeout instead of … … 118 128 { 119 129 struct scd *conn = data; 120 const SSL_METHOD *meth; 121 122 /* Right now we don't have any verification functionality for OpenSSL. */ 123 130 124 131 if( conn->verify ) 125 132 { 133 /* Right now we don't have any verification functionality for OpenSSL. */ 126 134 conn->func( conn->data, 1, NULL, cond ); 127 135 if( source >= 0 ) closesocket( source ); 128 g_free( conn );136 ssl_conn_free( conn ); 129 137 130 138 return FALSE; … … 139 147 } 140 148 141 meth = TLSv1_client_method(); 142 conn->ssl_ctx = SSL_CTX_new( meth ); 143 if( conn->ssl_ctx == NULL ) 149 150 if( ssl_ctx == NULL ) 144 151 goto ssl_connected_failure; 145 152 146 conn->ssl = SSL_new( conn->ssl_ctx );153 conn->ssl = SSL_new( ssl_ctx ); 147 154 if( conn->ssl == NULL ) 148 155 goto ssl_connected_failure; … … 152 159 SSL_set_fd( conn->ssl, conn->fd ); 153 160 161 if( conn->hostname && !isdigit( conn->hostname[0] ) ) 162 SSL_set_tlsext_host_name( conn->ssl, conn->hostname ); 163 154 164 return ssl_handshake( data, source, cond ); 155 165 156 166 ssl_connected_failure: 157 167 conn->func( conn->data, 0, NULL, cond ); 158 159 if( conn->ssl ) 160 { 161 SSL_shutdown( conn->ssl ); 162 SSL_free( conn->ssl ); 163 } 164 if( conn->ssl_ctx ) 165 { 166 SSL_CTX_free( conn->ssl_ctx ); 167 } 168 if( source >= 0 ) closesocket( source ); 169 g_free( conn ); 170 168 ssl_disconnect( conn ); 171 169 return FALSE; 172 170 … … 184 182 { 185 183 conn->func( conn->data, 0, NULL, cond ); 186 187 SSL_shutdown( conn->ssl ); 188 SSL_free( conn->ssl ); 189 SSL_CTX_free( conn->ssl_ctx ); 190 191 if( source >= 0 ) closesocket( source ); 192 g_free( conn ); 193 184 ssl_disconnect( conn ); 194 185 return FALSE; 195 186 } … … 261 252 } 262 253 254 static void ssl_conn_free( struct scd *conn ) 255 { 256 SSL_free( conn->ssl ); 257 g_free( conn->hostname ); 258 g_free( conn ); 259 260 } 261 263 262 void ssl_disconnect( void *conn_ ) 264 263 { … … 273 272 closesocket( conn->fd ); 274 273 275 SSL_free( conn->ssl ); 276 SSL_CTX_free( conn->ssl_ctx ); 277 g_free( conn ); 274 ssl_conn_free( conn ); 278 275 } 279 276
Note: See TracChangeset
for help on using the changeset viewer.
