diff -u -P --show-c-function ./crypto/bio/bss_sock.c.orig
./crypto/bio/bss_sock.c
--- ./crypto/bio/bss_sock.c.orig 2010-05-20 14:00:25.000000000 -0500
+++ ./crypto/bio/bss_sock.c 2010-05-20 14:21:54.000000000 -0500
@@ -198,6 +198,36 @@ static long sock_ctrl(BIO *b, int cmd, l
case BIO_CTRL_FLUSH:
ret=1;
break;
+ case BIO_C_NREAD0:
+ case BIO_C_NREAD:
+ {
+ int err ;
+ int retry = 10 ;
+
+ if (!b->init)
+ {
+ ret = -1 ;
+ break ;
+ }
+
+ do
+ {
+ errno = 0 ;
+ err = recv(b->num, ptr, num,
+ MSG_DONTWAIT | MSG_PEEK
+#if defined(MSG_NOSIGNAL)
+ | MSG_NOSIGNAL
+#endif
+ ) ;
+ }
+ while (err < 0 && errno == EAGAIN && retry--) ;
+
+ if (err < 0)
+ ret = 0 ; /* failed */
+ else
+ ret = err ; /* byte count */
+ }
+ break;
default:
ret=0;
break;
diff -u -P --show-c-function ./crypto/bio/bss_conn.c.orig
./crypto/bio/bss_conn.c
--- ./crypto/bio/bss_conn.c.orig 2010-05-20 09:42:23.000000000 -0500
+++ ./crypto/bio/bss_conn.c 2010-05-20 09:43:08.000000000 -0500
@@ -374,8 +374,8 @@ static void conn_close_socket(BIO *bio)
if (bio->num != INVALID_SOCKET)
{
/* Only do a shutdown if things were established */
- if (c->state == BIO_CONN_S_OK)
- shutdown(bio->num,2);
+ //if (c->state == BIO_CONN_S_OK)
+ // shutdown(bio->num,2);
closesocket(bio->num);
bio->num=INVALID_SOCKET;
}
diff -u -P --show-c-function ./crypto/bio/bss_acpt.c.orig
./crypto/bio/bss_acpt.c
--- ./crypto/bio/bss_acpt.c.orig 2010-05-19 10:01:36.000000000 -0500
+++ ./crypto/bio/bss_acpt.c 2010-05-19 10:01:44.000000000 -0500
@@ -172,7 +172,7 @@ static void acpt_close_socket(BIO *bio)
c=(BIO_ACCEPT *)bio->ptr;
if (c->accept_sock != INVALID_SOCKET)
{
- shutdown(c->accept_sock,2);
+ //shutdown(c->accept_sock,2);
closesocket(c->accept_sock);
c->accept_sock=INVALID_SOCKET;
bio->num=INVALID_SOCKET;
diff -u -P --show-c-function ./crypto/bio/bf_null.c.orig ./crypto/bio/bf_null.c
--- ./crypto/bio/bf_null.c.orig 2010-05-20 13:36:14.000000000 -0500
+++ ./crypto/bio/bf_null.c 2010-05-20 15:15:30.000000000 -0500
@@ -136,18 +136,28 @@ static long nullf_ctrl(BIO *b, int cmd,
{
long ret;
- if (b->next_bio == NULL) return(0);
switch(cmd)
{
case BIO_C_DO_STATE_MACHINE:
+ if (b->next_bio == NULL) return(0);
BIO_clear_retry_flags(b);
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
BIO_copy_next_retry(b);
break;
case BIO_CTRL_DUP:
- ret=0L;
+ {
+ /*
+ * ptr is the new bio.
+ * We need to set up dbio->ptr
+ */
+ BIO *dbio = ptr ;
+
+ dbio->ptr = NULL ;
+ ret = 1;
+ }
break;
default:
+ if (b->next_bio == NULL) return(0);
ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
}
return(ret);
diff -u -P --show-c-function ./e_os.h.orig ./e_os.h
--- ./e_os.h.orig 2010-05-20 10:17:10.000000000 -0500
+++ ./e_os.h 2010-05-20 10:17:35.000000000 -0500
@@ -618,8 +618,8 @@ static unsigned int _strlen31(const char
# define SSLeay_Read(a,b,c) read((a),(b),(c))
# define SSLeay_Write(a,b,c) write((a),(b),(c))
-# define SHUTDOWN(fd) { shutdown((fd),0); closesocket((fd)); }
-# define SHUTDOWN2(fd) { shutdown((fd),2); closesocket((fd)); }
+# define SHUTDOWN(fd) { /*shutdown((fd),0);*/ closesocket((fd)); }
+# define SHUTDOWN2(fd) { /*shutdown((fd),2);*/ closesocket((fd)); }
# ifndef INVALID_SOCKET
# define INVALID_SOCKET (-1)
# endif /* INVALID_SOCKET */Sorry about the general title. I have undertaken to make the SSL socket demo programs work properly. In order to do so I had to code them differently than what was given in the man pages and I had to fix a couple of things in openssl itself. I am attaching plain text for the openssl patches and also a tgz of the demo program sub-directory. The patches do the following -- all necessary to get the demos working. * bss_sock.c needs to be able to do nread (actually I ended up not needing this but is is good to have anyway). * bss_conn.c needs to avoid using shutdown() * bss_acpt.c needs to avoid using shutdown() * bf_null.c needs to know how to do a dup operation * e_os.h needs to not call shutdown. I only did this for the OS that I was using (Linux) but the same changes should be made for all, I think. There is a real problem with using shutdown() when closing sockets. The working demo programs are the traditional client/server model in which the server accepts incoming connections and then forks a child process to handle the data phase of the connection. If the parent closes the data socket and the child closes the accept socket, and if these operations call shutdown(), then the sockets become unusable for the other party. Close() is fine since it just decrements the use count in the underlying socket. But shutdown() renders it unusable for all parties who still have it open. There is a README in the tgz that explains some more and comments in the programs describe how they deviate from them man page examples, which don't work. -- Dave
|
Sorry about the general
title. I have undertaken to make the SSL socket demo programs work properly. In order to do so I had to code them differently than what was given in the man pages and I had to fix a couple of things in openssl itself. I am attaching plain text for the openssl patches and also a tgz of the demo program sub-directory. The patches do the following -- all necessary to get the demos working. * bss_sock.c needs to be able to do nread (actually I ended up not needing this but is is good to have anyway). * bss_conn.c needs to avoid using shutdown() * bss_acpt.c needs to avoid using shutdown() * bf_null.c needs to know how to do a dup operation * e_os.h needs to not call shutdown. I only did this for the OS that I was using (Linux) but the same changes should be made for all, I think. There is a real problem with using shutdown() when closing sockets. The working demo programs are the traditional client/server model in which the server accepts incoming connections and then forks a child process to handle the data phase of the connection. If the parent closes the data socket and the child closes the accept socket, and if these operations call shutdown(), then the sockets become unusable for the other party. Close() is fine since it just decrements the use count in the underlying socket. But shutdown() renders it unusable for all parties who still have it open. There is a README in the tgz that explains some more and comments in the programs describe how they deviate from them man page examples, which don't work. -- Dave |
ssl-test.tgz
Description: application/compressed
