Hi!
i try to make a nonblocking BIO_do_handshake in accept state,
but it doesn't work. The first call to BIO_do_handshake or
BIO_do_accept blocks,although i call BIO_set_nbio(p_s_ctrl->p_out,1).
What i want is : one nonblocking socket for accept (listen), and
getting nonblocking connected sockets for the sessions.
Any hints? Similar to the source code below, the client (connect
state) works fine.
Thanks for helping me.
Dirk
Source:
{
get_host(&p_ctrl->v_path_name,host);
printf("HOST:[%s]\n",host);
/* malloc, because we have a lot of sessions */
p_s_ctrl = (ssl_ctrl_stru*)malloc(sizeof(ssl_ctrl_stru));
memset(p_s_ctrl, 0x00, sizeof(ssl_ctrl_stru));
p_ssl_ctx=SSL_CTX_new(SSLv2_method());
/* workaround for many bugs */
SSL_CTX_set_options(p_ssl_ctx,SSL_OP_ALL);
/* Lets make a SSL structure */
p_s_ctrl->p_ssl=SSL_new(p_ssl_ctx);
SSL_set_accept_state(p_s_ctrl->p_ssl);
/* Use it inside an SSL BIO */
p_ssl_bio=BIO_new(BIO_f_ssl());
BIO_set_ssl(p_ssl_bio,p_s_ctrl->p_ssl,BIO_CLOSE);
/* which port is it? */
p_s_ctrl->p_out=BIO_new_accept(host);
/* nonblocking */
BIO_set_nbio(p_s_ctrl->p_out,1);
p_s_ctrl->p_out=BIO_push(p_ssl_bio,p_s_ctrl->p_out);
/* save Session for future use */
p_ctrl->U_BUFFER = (long) p_s_ctrl;
}
/* Now we get the actual session */
if (p_ctrl->U_BUFFER != NULL)
p_s_ctrl = (ssl_ctrl_stru*)p_ctrl->U_BUFFER;
/* do the handshake */
ec = BIO_do_handshake(p_s_ctrl->p_out);
or
ec = BIO_do_accept(p_s_ctrl->p_out);
OK: I have to split in accept socket and connected socket!
if (ec <= 0)
{
printf("Waiting in SSL_accept - %s\n",
SSL_state_string_long(p_s_ctrl->p_ssl));
if (BIO_should_retry(p_s_ctrl->p_out))
{
if (BIO_should_read(p_s_ctrl->p_out))
{ /* set select(2) flags accordingly */
printf("should read...\n");
p_ctrl->U_STATUS = U_INCON;
}
else if (BIO_should_write(p_s_ctrl->p_out))
{ /* set select(2) flags accordingly */
printf("should write...\n");
p_ctrl->U_STATUS = U_OUTCON;
}
else if (BIO_should_io_special(p_s_ctrl->p_out))
{
j=BIO_get_retry_reason(p_s_ctrl->p_out);
/* not for accept state */
if (j == BIO_RR_CONNECT)
{
/* non-blocking connect, this
* is currently the only 'special'
* retry reason */
printf("should connect...\n");
p_ctrl->U_STATUS = U_OUTCON;
}
else
return(ECONNREFUSED);
}
BIO_get_fd(p_s_ctrl->p_out,&fd);
p_ctrl->port_id = fd;
printf("socket %d\n",p_ctrl->port_id);
return(EWOULDBLOCK);
}
}
printf(" SSL_accept - %s\n",
SSL_state_string_long(p_s_ctrl->p_ssl));
ciph=SSL_get_current_cipher(p_s_ctrl->p_ssl);
SSL_CIPHER_get_bits(ciph,&bit);
fprintf(stdout,"Protocol %s, cipher %s, %s, bits %d\n",
SSL_get_version(p_s_ctrl->p_ssl),
SSL_CIPHER_get_version(ciph),
SSL_CIPHER_get_name(ciph),
bit);
p_ctrl->U_STATUS = 0;
Important: New telephone number, since May 11th.
[EMAIL PROTECTED] | http://www.ikossvan.de
Software Developer, ETA | IKOSS VAN GmbH, Germany
Tel.:+49 (2408) 148 125 | Business Unit Networks
Fax :+49 (2408) 148 204 | Pascalstr.19, 52076 Aachen
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
