int SSL_accept(SSL *ssl) {
char buf[1024];
int rc;
#if(_debug_)
syslog(LOG_DEBUG, "MatrixSSL_accept()");
#endif
readMore:
rc = _ssl_read(ssl, buf, sizeof(buf));
if (rc == 0) {
if (ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
return -1;
}
if (matrixSslHandshakeIsComplete(ssl->ssl) == 0) {
goto readMore;
}
} else if (rc > 0) {
return 0;
} else {
return -1;
}
return 1;
}
int SSL_accept2(SSL *ssl) {
char buf[1024];
int rc;
#if(_debug_)
syslog(LOG_DEBUG, "MatrixSSL_accept2()");
#endif
rc = _ssl_read(ssl, buf, sizeof(buf));
if (rc == 0) {
if (ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
syslog(LOG_DEBUG, "EOF or Closed");
return -1;
}
return 0;
} else if (rc > 0) {
syslog(LOG_DEBUG, "Accept2() returning %d", rc);
return rc;
} else {
if (ssl->status == EAGAIN || ssl->status == EWOULDBLOCK)
return 0;
syslog(LOG_WARNING, "%d Error rc %d", ssl->status, rc);
return -1;
}
return 1;
}
int SSL_accept2(SSL *ssl) {
char buf[1024];
int rc;
#if(_debug_)
log_dbg("MatrixSSL_accept2()");
#endif
rc = _ssl_read(ssl, buf, sizeof(buf));
if (rc == 0) {
if (ssl->status == SSL_SOCKET_EOF || ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
log_dbg("EOF or Closed");
return -1;
}
return 0;
} else if (rc > 0) {
log_dbg("Accept2() returning %d", rc);
return rc;
} else {
if (ssl->status == EAGAIN || ssl->status == EWOULDBLOCK)
return 0;
log_warn(ssl->status, "Error rc %d", rc);
return -1;
}
return 1;
}
/*
Construct the initial HELLO message to send to the server and initiate
the SSL handshake. Can be used in the re-handshake scenario as well.
*/
int _ssl_doHandshake(SSL *ssl) {
char buf[1024];
int err, rc;
/*
MatrixSSL doesn't provide buffers for data internally. Define them
here to support buffered reading and writing for non-blocking sockets.
Although it causes quite a bit more work, we support dynamically growing
the buffers as needed. Alternately, we could define 16K buffers here
and not worry about growing them.
*/
short cipherSuite = 0;
err = matrixSslEncodeClientHello(ssl->ssl, &(ssl->outsock), cipherSuite);
if (err < 0) {
socketAssert(err < 0);
return -1;
}
/*
Send the hello with a blocking write
*/
err = _psSocketWrite(ssl->fd, &(ssl->outsock));
if (err < 0) {
fprintf(stdout, "Error in socketWrite\n");
return -1;
}
ssl->outsock.start = ssl->outsock.end = ssl->outsock.buf;
/*
Call _ssl_read to work through the handshake. Not actually expecting
data back, so the finished case is simply when the handshake is
complete.
*/
readMore:
rc = _ssl_read(ssl, buf, 1024);
/*
Reading handshake records should always return 0 bytes, we aren't
expecting any data yet.
*/
if(rc > 0 || (rc == 0 && matrixSslHandshakeIsComplete(ssl->ssl) == 0))
{
goto readMore;
}
if(rc < 0)
{
return -1;
}
return 0;
}
int SSL_read(SSL *ssl, char *buf, int len) {
int rc;
readMore:
rc = _ssl_read(ssl, buf, len);
syslog(LOG_DEBUG, "SSL_read(%d) = %d", len, rc);
if (rc <= 0) {
if (rc < 0 || ssl->status == SSL_SOCKET_EOF ||
ssl->status == SSL_SOCKET_CLOSE_NOTIFY) {
_ssl_closeSocket(ssl->fd);
return rc;
}
goto readMore;
}
return rc;
}
int tcp_recv(nsp_state *N, TCP_SOCKET *socket, char *buffer, int max, int flags)
{
#define __FN__ __FILE__ ":tcp_recv()"
int rc;
#ifndef WIN32
// retry :
#endif
if (socket->socket == -1) return -1;
if (socket->want_close) {
tcp_close(N, socket, 1);
return -1;
}
if (max > MAX_TCP_READ_SIZE) max = MAX_TCP_READ_SIZE;
if (socket->use_ssl) {
#ifdef HAVE_SSL
rc = _ssl_read(N, socket, buffer, max);
if (rc == 0) rc = -1;
#else
rc = -1;
#endif
}
else {
rc = recv(socket->socket, buffer, max, flags);
}
if (rc < 0) {
#ifdef WIN32
//int ecode = 0;
//int elen = sizeof(int);
//int x2 = getsockopt(socket->socket, SOL_SOCKET, SO_ERROR, (void *)&ecode, &elen);
//n_warn(N, __FN__, "[%s:%d] a %d", socket->RemoteAddr, socket->RemotePort, x2);
int ec = WSAGetLastError();
switch (ec) {
case WSAETIMEDOUT:
return 0;
default:
n_warn(N, __FN__, "[%s:%d] WSAGetLastError()=%d", socket->RemoteAddr, socket->RemotePort, ec);
break;
}
return -1;
#else
switch (errno) {
case EWOULDBLOCK:
return 0;
case ECONNRESET:
n_warn(N, __FN__, "ECONNRESET[%s:%d] %.100s", socket->RemoteAddr, socket->RemotePort, strerror(errno));
tcp_close(N, socket, 1); errno = 0; break;
default:
if (N->debug) n_warn(N, __FN__, "[%s:%d] %.100s", socket->RemoteAddr, socket->RemotePort, strerror(errno));
//n_warn(N, __FN__, "[%s:%d] %.100s", socket->RemoteAddr, socket->RemotePort, strerror(errno));
errno = 0;
}
return -1;
#endif
//} else if (rc==0) {
// msleep(MAXWAIT);
// goto retry;
}
else {
socket->mtime = time(NULL);
socket->bytes_in += rc;
}
if (N->debug) n_warn(N, __FN__, "[%s:%d] %d bytes of data", socket->RemoteAddr, socket->RemotePort, rc);
return rc;
#undef __FN__
}