static int shutdown_ssl() { if (server.conn.sslcon) { openssl_shutdown(server.conn.sslcon, 2); openssl_free(server.conn.sslcon); } close(server.conn.sock); server.conn.sock = 0; server.conn.connected = 0; return 0; }
int conn_close(struct conn_t *conn) { if (conn->sock) close(conn->sock); #ifdef HAVE_SSL if (conn->sslcon) { openssl_shutdown(conn->sslcon, 2); openssl_free(conn->sslcon); conn->sslcon = 0; } #endif conn->sock = 0; return 0; }
int openssl_error(openssl_con *con, int ret, char *func) { #ifdef HAVE_OPENSSL int err = -1; if (con->con) { err = SSL_get_error(con->con, ret); #if(_debug_ > 1) syslog(LOG_DEBUG, "%s(%d): SSL: (%s()) %s", __FUNCTION__, __LINE__, func, err == SSL_ERROR_NONE ? "None": err == SSL_ERROR_ZERO_RETURN ? "Return!": err == SSL_ERROR_WANT_READ ? "Read (continue)": err == SSL_ERROR_WANT_WRITE ? "Write (continue)": err == SSL_ERROR_WANT_X509_LOOKUP ? "Lookup (continue)": err == SSL_ERROR_SYSCALL ? "Syscall error, abort!": err == SSL_ERROR_SSL ? "SSL error, abort!": "Error"); #endif switch (err) { case SSL_ERROR_NONE: return 0; case SSL_ERROR_WANT_READ: return 1; case SSL_ERROR_WANT_WRITE: return 2; case SSL_ERROR_SYSCALL: /* * This is a protocol violation, but we got * an EOF (remote connection did a shutdown(fd, 1). * We will treat it as a zero value. */ if (ret == 0) return 0; /* If some other error, fall through */ case SSL_ERROR_ZERO_RETURN: openssl_shutdown(con, 0); case SSL_ERROR_SSL: return -1; default: break; } return 1; } return err; #else syslog(LOG_ERR, "%s: ssl error in %s", strerror(errno), func); return 0; #endif }
int main(int argc, char **argv) { ARGS arg; #define PROG_NAME_SIZE 39 char pname[PROG_NAME_SIZE + 1]; FUNCTION f, *fp; const char *prompt; char buf[1024]; char *to_free = NULL; int n, i, ret = 0; char *p; LHASH_OF(FUNCTION) * prog = NULL; long errline; arg.data = NULL; arg.count = 0; if (pledge("stdio cpath wpath rpath inet dns proc flock tty", NULL) == -1) { fprintf(stderr, "openssl: pledge: %s\n", strerror(errno)); exit(1); } bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); if (bio_err == NULL) { fprintf(stderr, "openssl: failed to initialise bio_err\n"); exit(1); } if (BIO_sock_init() != 1) { BIO_printf(bio_err, "BIO_sock_init failed\n"); exit(1); } CRYPTO_set_locking_callback(lock_dbg_cb); openssl_startup(); /* Lets load up our environment a little */ p = getenv("OPENSSL_CONF"); if (p == NULL) { p = to_free = make_config_name(); if (p == NULL) { BIO_printf(bio_err, "error making config file name\n"); goto end; } } default_config_file = p; config = NCONF_new(NULL); i = NCONF_load(config, p, &errline); if (i == 0) { if (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE) { BIO_printf(bio_err, "WARNING: can't open config file: %s\n", p); ERR_clear_error(); NCONF_free(config); config = NULL; } else { ERR_print_errors(bio_err); NCONF_free(config); exit(1); } } if (!load_config(bio_err, NULL)) { BIO_printf(bio_err, "failed to load configuration\n"); goto end; } prog = prog_init(); /* first check the program name */ program_name(argv[0], pname, sizeof pname); f.name = pname; fp = lh_FUNCTION_retrieve(prog, &f); if (fp != NULL) { argv[0] = pname; single_execution = 1; ret = fp->func(argc, argv); goto end; } /* * ok, now check that there are not arguments, if there are, run with * them, shifting the ssleay off the front */ if (argc != 1) { argc--; argv++; single_execution = 1; ret = do_cmd(prog, argc, argv); if (ret < 0) ret = 0; goto end; } /* ok, lets enter the old 'OpenSSL>' mode */ for (;;) { ret = 0; p = buf; n = sizeof buf; i = 0; for (;;) { p[0] = '\0'; if (i++) prompt = ">"; else prompt = "OpenSSL> "; fputs(prompt, stdout); fflush(stdout); if (!fgets(p, n, stdin)) goto end; if (p[0] == '\0') goto end; i = strlen(p); if (i <= 1) break; if (p[i - 2] != '\\') break; i -= 2; p += i; n -= i; } if (!chopup_args(&arg, buf, &argc, &argv)) break; ret = do_cmd(prog, argc, argv); if (ret < 0) { ret = 0; goto end; } if (ret != 0) BIO_printf(bio_err, "error in %s\n", argv[0]); (void) BIO_flush(bio_err); } BIO_printf(bio_err, "bad exit\n"); ret = 1; end: free(to_free); if (config != NULL) { NCONF_free(config); config = NULL; } if (prog != NULL) lh_FUNCTION_free(prog); free(arg.data); openssl_shutdown(); if (bio_err != NULL) { BIO_free(bio_err); bio_err = NULL; } return (ret); }