Changeset 853067a71a061cf7ab27ee767ecdea65d9ddc9cf

Show
Ignore:
Timestamp:
11/05/09 21:11:10 (4 years ago)
Author:
Theo Schlossnagle <jesus@omniti.com>
git-committer:
Theo Schlossnagle <jesus@omniti.com> 1257455470 +0000
git-parent:

[dd613303e7fcb7aea0050752121978b23b6ea735]

git-author:
Theo Schlossnagle <jesus@omniti.com> 1257455470 +0000
Message:

quick fix for #212

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved
  • src/eventer/eventer_SSL_fd_opset.c

    r72c5b0b r853067a  
    5656  eventer_ssl_verify_func_t verify_cb; 
    5757  void    *verify_cb_closure; 
     58  unsigned no_more_negotiations:1; 
     59  unsigned renegotiated:1; 
    5860}; 
    5961 
    6062/* Static function prototypes */ 
    6163static void SSL_set_eventer_ssl_ctx(SSL *ssl, eventer_ssl_ctx_t *ctx); 
    62 static eventer_ssl_ctx_t *SSL_get_eventer_ssl_ctx(SSL *ssl); 
     64static eventer_ssl_ctx_t *SSL_get_eventer_ssl_ctx(const SSL *ssl); 
    6365static void _eventer_ssl_error(); 
    6466static RSA *tmp_rsa_cb(SSL *ssl, int export, int keylen); 
     
    239241  if(ctx->cert_error) free(ctx->cert_error); 
    240242  free(ctx); 
     243} 
     244 
     245static void 
     246eventer_SSL_server_info_callback(const SSL *ssl, int type, int val) { 
     247  eventer_ssl_ctx_t *ctx; 
     248 
     249  if (ssl->state != SSL3_ST_SR_CLNT_HELLO_A && 
     250      ssl->state != SSL23_ST_SR_CLNT_HELLO_A) 
     251    return; 
     252 
     253  ctx = SSL_get_eventer_ssl_ctx(ssl); 
     254  if(ctx->no_more_negotiations) { 
     255    noitL(eventer_err, "eventer_SSL_server_info_callback ... reneg is bad\n"); 
     256    ctx->renegotiated = 1; 
     257  } 
    241258} 
    242259 
     
    281298  ctx->ssl = SSL_new(ctx->ssl_ctx); 
    282299  if(!ctx->ssl) goto bail; 
     300  SSL_set_info_callback(ctx->ssl, eventer_SSL_server_info_callback); 
    283301  SSL_set_eventer_ssl_ctx(ctx->ssl, ctx); 
    284302  return ctx; 
     
    307325 
    308326static eventer_ssl_ctx_t * 
    309 SSL_get_eventer_ssl_ctx(SSL *ssl) { 
     327SSL_get_eventer_ssl_ctx(const SSL *ssl) { 
    310328  INIT_DATAID; 
    311329  return SSL_get_ex_data(ssl, SSL_eventer_ssl_ctx_dataid); 
     
    313331 
    314332eventer_ssl_ctx_t * 
    315 eventer_get_eventer_ssl_ctx(eventer_t e) { 
     333eventer_get_eventer_ssl_ctx(const eventer_t e) { 
    316334  return (e->opset == eventer_SSL_fd_opset) ? e->opset_ctx : NULL; 
    317335} 
     
    400418          return -1; 
    401419        } 
     420        ctx->no_more_negotiations = 1; 
    402421        return rv; 
    403422      } 
     
    406425    default: 
    407426      abort(); 
     427  } 
     428 
     429  if(ctx->renegotiated) { 
     430    noitL(eventer_err, "SSL renogotiation attempted on %d\n", fd); 
     431    errno = EIO; 
     432    return -1; 
    408433  } 
    409434 
     
    427452 
    428453int 
     454eventer_SSL_renegotiate(eventer_t e) { 
     455  eventer_ssl_ctx_t *ctx; 
     456  ctx = eventer_get_eventer_ssl_ctx(e); 
     457  SSL_renegotiate(ctx->ssl); 
     458  return 0; 
     459} 
     460 
     461int 
    429462eventer_SSL_accept(eventer_t e, int *mask) { 
    430463  return eventer_SSL_rw(SSL_OP_ACCEPT, e->fd, NULL, 0, mask, e); 
  • src/eventer/eventer_SSL_fd_opset.h

    r72c5b0b r853067a  
    7070 
    7171API_EXPORT(eventer_ssl_ctx_t *) 
    72   eventer_get_eventer_ssl_ctx(eventer_t e); 
     72  eventer_get_eventer_ssl_ctx(const eventer_t e); 
    7373 
    7474API_EXPORT(void) 
     
    8585 * strings being pulled from the outside. 
    8686 */ 
     87API_EXPORT(int) eventer_SSL_renegotiate(eventer_t e); 
    8788API_EXPORT(int) eventer_SSL_accept(eventer_t e, int *mask); 
    8889API_EXPORT(int) eventer_SSL_connect(eventer_t e, int *mask);