int
ssl_connect(thread_t * thread, int new_req)
{
checker_t *checker = THREAD_ARG(thread);
http_checker_t *http_get_check = CHECKER_ARG(checker);
http_arg_t *http_arg = HTTP_ARG(http_get_check);
request_t *req = HTTP_REQ(http_arg);
int ret = 0;
int val = 0;
/* First round, create SSL context */
if (new_req) {
req->ssl = SSL_new(check_data->ssl->ctx);
req->bio = BIO_new_socket(thread->u.fd, BIO_NOCLOSE);
SSL_set_bio(req->ssl, req->bio, req->bio);
}
/* Set descriptor non blocking */
val = fcntl(thread->u.fd, F_GETFL, 0);
fcntl(thread->u.fd, F_SETFL, val | O_NONBLOCK);
ret = SSL_connect(req->ssl);
/* restore descriptor flags */
fcntl(thread->u.fd, F_SETFL, val);
return ret;
}
static void
free_http_get_check(void *data)
{
http_checker_t *http_get_chk = CHECKER_DATA(data);
http_t *http = HTTP_ARG(http_get_chk);
request_t *req = HTTP_REQ(http);
free_list(&http_get_chk->url);
free_http_request(req);
FREE(http);
FREE_PTR(http_get_chk);
FREE_PTR(CHECKER_CO(data));
FREE(data);
}
/* Asynchronous SSL stream reader */
int
ssl_read_thread(thread_t * thread)
{
checker_t *checker = THREAD_ARG(thread);
http_checker_t *http_get_check = CHECKER_ARG(checker);
http_arg_t *http_arg = HTTP_ARG(http_get_check);
request_t *req = HTTP_REQ(http_arg);
unsigned char digest[16];
int r = 0;
int val;
/* Handle read timeout */
if (thread->type == THREAD_READ_TIMEOUT && !req->extracted)
return timeout_epilog(thread, "=> SSL CHECK failed on service"
" : recevice data <=\n\n", "SSL read");
/* Set descriptor non blocking */
val = fcntl(thread->u.fd, F_GETFL, 0);
fcntl(thread->u.fd, F_SETFL, val | O_NONBLOCK);
/* read the SSL stream */
r = SSL_read(req->ssl, req->buffer + req->len,
MAX_BUFFER_LENGTH - req->len);
/* restore descriptor flags */
fcntl(thread->u.fd, F_SETFL, val);
req->error = SSL_get_error(req->ssl, r);
if (req->error == SSL_ERROR_WANT_READ) {
/* async read unfinished */
thread_add_read(thread->master, ssl_read_thread, checker,
thread->u.fd, http_get_check->connection_to);
} else if (r > 0 && req->error == 0) {
/* Handle response stream */
http_process_response(req, r);
/*
* Register next ssl stream reader.
* Register itself to not perturbe global I/O multiplexer.
*/
thread_add_read(thread->master, ssl_read_thread, checker,
thread->u.fd, http_get_check->connection_to);
} else if (req->error) {
/* All the SSL streal has been parsed */
MD5_Final(digest, &req->context);
SSL_set_quiet_shutdown(req->ssl, 1);
r = (req->error == SSL_ERROR_ZERO_RETURN) ? SSL_shutdown(req->ssl) : 0;
if (r && !req->extracted) {
/* check if server is currently alive */
if (svr_checker_up(checker->id, checker->rs)) {
smtp_alert(checker->rs, NULL, NULL,
"DOWN",
"=> SSL CHECK failed on service"
" : cannot receive data <=\n\n");
update_svr_checker_state(DOWN, checker->id
, checker->vs
, checker->rs);
}
return epilog(thread, 1, 0, 0);
}
/* Handle response stream */
http_handle_response(thread, digest, (!req->extracted) ? 1 : 0);
}
return 0;
}