1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
/* This is essentially taken from Eric Vermeulen's TLS patch */
#include "select.h"
#include "error.h"
#include "ndelay.h"
#include "now.h"
#include "logmsg.h"
#include "ucspissl.h"
#include "tls_timeoutio.h"
int tls_timeoutio(int (*fun)(),
int t, int rfd, int wfd, SSL *ssl, char *buf, int len)
{
int n;
const datetime_sec end = (datetime_sec)t + now();
do {
fd_set fds;
struct timeval tv;
const int r = buf ? fun(ssl,buf,len) : fun(ssl);
if (r > 0) return r;
t = end - now();
if (t < 0) break;
tv.tv_sec = (time_t)t; tv.tv_usec = 0;
FD_ZERO(&fds);
switch (SSL_get_error(ssl,r)) {
default: return r; /* some other error */
case SSL_ERROR_WANT_READ:
FD_SET(rfd,&fds); n = select(rfd + 1,&fds,NULL,NULL,&tv);
break;
case SSL_ERROR_WANT_WRITE:
FD_SET(wfd,&fds); n = select(wfd + 1,NULL,&fds,NULL,&tv);
break;
}
/* n is the number of descriptors that changed status */
} while (n > 0);
if (n != -1) errno = ETIMEDOUT;
return -1;
}
int tls_timeoutaccept(int t,int rfd,int wfd,SSL *ssl)
{
int r;
/* if connection is established, keep NDELAY */
if (ndelay_on(rfd) == -1 || ndelay_on(wfd) == -1) return -1;
r = tls_timeoutio(SSL_accept,t,rfd,wfd,ssl,NULL,0);
if (r <= 0) { ndelay_off(rfd); ndelay_off(wfd); }
else SSL_set_mode(ssl,SSL_MODE_ENABLE_PARTIAL_WRITE);
return r;
}
int tls_timeoutconn(int t,int rfd,int wfd,SSL *ssl)
{
int r;
/* if connection is established, keep NDELAY */
if (ndelay_on(rfd) == -1 || ndelay_on(wfd) == -1) return -1;
r = tls_timeoutio(SSL_connect,t,rfd,wfd,ssl,NULL,0);
if (r <= 0) { ndelay_off(rfd); ndelay_off(wfd); }
else SSL_set_mode(ssl,SSL_MODE_ENABLE_PARTIAL_WRITE);
return r;
}
int tls_timeoutrehandshake(int t,int rfd,int wfd,SSL *ssl)
{
int r;
SSL_renegotiate(ssl);
r = tls_timeoutio(SSL_do_handshake,t,rfd,wfd,ssl,NULL,0);
if (r <= 0) return r;
if (SSL_get_state(ssl) & SSL_ST_CONNECT) return -2; /* now a macro in ssl.h */
/* this is for the client only */
SSL_set_connect_state(ssl);
return tls_timeoutio(SSL_do_handshake,t,rfd,wfd,ssl,NULL,0);
}
int tls_timeoutread(int t,int rfd,int wfd,SSL *ssl,char *buf,int len)
{
if (!buf) return 0;
if (SSL_pending(ssl)) return SSL_read(ssl,buf,len);
return tls_timeoutio(SSL_read,t,rfd,wfd,ssl,buf,len);
}
int tls_timeoutwrite(int t,int rfd,int wfd,SSL *ssl,char *buf,int len)
{
if (!buf) return 0;
return tls_timeoutio(SSL_write,t,rfd,wfd,ssl,buf,len);
}
|
