mturk 2005/06/11 11:25:23 Modified: jni/native/src sslnetwork.c Log: Add needed callbacks for server mode, and fix the handshake. Revision Changes Path 1.8 +37 -24 jakarta-tomcat-connectors/jni/native/src/sslnetwork.c Index: sslnetwork.c =================================================================== RCS file: /home/cvs/jakarta-tomcat-connectors/jni/native/src/sslnetwork.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- sslnetwork.c 11 Jun 2005 07:02:56 -0000 1.7 +++ sslnetwork.c 11 Jun 2005 18:25:23 -0000 1.8 @@ -147,7 +147,19 @@ apr_pool_cleanup_register(pool, (const void *)con, ssl_socket_cleanup, apr_pool_cleanup_null); - SSL_set_app_data2(ssl, (void *)con); + SSL_set_app_data(ssl, (void *)con); + + if (ctx->mode) { + /* + * Configure callbacks for SSL connection + */ + SSL_set_tmp_rsa_callback(ssl, SSL_callback_tmp_RSA); + SSL_set_tmp_dh_callback(ssl, SSL_callback_tmp_DH); + SSL_set_session_id_context(ssl, &(ctx->context_id[0]), + MD5_DIGEST_LENGTH); + } + SSL_set_verify_result(ssl, X509_V_OK); + #ifdef TCN_DO_STATISTICS ssl_created++; @@ -156,16 +168,14 @@ } static apr_status_t wait_for_io_or_timeout(tcn_ssl_conn_t *con, - apr_interval_time_t t, int for_what) { - apr_interval_time_t timeout = t; + apr_interval_time_t timeout; apr_pollfd_t pfd; int type = for_what == SSL_ERROR_WANT_WRITE ? APR_POLLOUT : APR_POLLIN; apr_status_t status; - if (timeout < 0) - apr_socket_timeout_get(con->sock, &timeout); + apr_socket_timeout_get(con->sock, &timeout); pfd.desc_type = APR_POLL_SOCKET; pfd.desc.s = con->sock; pfd.reqevents = type; @@ -418,25 +428,28 @@ TCN_ASSERT(sock != 0); for (;;) { - if ((s = SSL_do_handshake(con->ssl)) != 0) { - i = SSL_get_error(con->ssl, s); - switch (i) { - case SSL_ERROR_NONE: - return APR_SUCCESS; - break; - case SSL_ERROR_WANT_READ: - case SSL_ERROR_WANT_WRITE: - if ((rv = wait_for_io_or_timeout(con, -1, i)) != APR_SUCCESS) { - return rv; - } - break; - default: - return SSL_TO_APR_ERROR(i); - break; - } - } - else + s = SSL_do_handshake(con->ssl); + i = SSL_get_error(con->ssl, s); + switch (i) { + case SSL_ERROR_NONE: + return APR_SUCCESS; break; + case SSL_ERROR_WANT_READ: + case SSL_ERROR_WANT_WRITE: + if ((rv = wait_for_io_or_timeout(con, i)) != APR_SUCCESS) { + return rv; + } + break; + case SSL_ERROR_SYSCALL: + s = apr_get_netos_error(); + if (!APR_STATUS_IS_EAGAIN(s) && + !APR_STATUS_IS_EINTR(s)) + return s; + break; + default: + return SSL_TO_APR_ERROR(i); + break; + } } return APR_SUCCESS; }
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]