/*
Send a close alert
*/
void sslWriteClosureAlert(sslConn_t *cp)
{
if (cp != NULL) {
cp->outsock.start = cp->outsock.end = cp->outsock.buf;
matrixSslEncodeClosureAlert(cp->ssl, &cp->outsock);
setSocketNonblock(cp->fd);
send(cp->fd, cp->outsock.start,
(int)(cp->outsock.end - cp->outsock.start), MSG_NOSIGNAL);
}
}
/*
Set the socket to non blocking mode and perform a few extra tricks
to make sure the socket closes down cross platform
*/
void socketShutdown(SOCKET sock)
{
char buf[32];
if (sock != INVALID_SOCKET) {
setSocketNonblock(sock);
if (shutdown(sock, 1) >= 0) {
while (recv(sock, buf, sizeof(buf), 0) > 0);
}
closesocket(sock);
}
}
/*
Send a close alert
*/
void sslWriteClosureAlert(sslConn_t *cp)
{
unsigned char *buf;
int len;
if (cp != NULL) {
if (matrixSslEncodeClosureAlert(cp->ssl) >= 0) {
if ((len = matrixSslGetOutdata(cp->ssl, &buf)) > 0) {
/* Non-blocking hail-mary alert */
setSocketNonblock(cp->fd);
if ((len = send(cp->fd, buf, len, MSG_DONTWAIT)) > 0) {
matrixSslSentData(cp->ssl, len);
}
}
}
}
}
/*
Server side. Accept an incomming SSL connection request.
'conn' will be filled in with information about the accepted ssl connection
return -1 on error, 0 on success, or WOULD_BLOCK for non-blocking sockets
*/
int sslAccept(sslConn_t **conn, SOCKET fd, sslKeys_t *keys, int32 resume,
int32 (*certValidator)(ssl_t *, psX509Cert_t *, int32))
{
sslConn_t *cp;
int rc;
if (resume == 0) {
/*
Associate a new ssl session with this socket. The session represents
the state of the ssl protocol over this socket. Session caching is
handled automatically by this api.
*/
cp = balloc(B_L, sizeof(sslConn_t));
memset(cp, 0x0, sizeof(sslConn_t));
cp->fd = fd;
if (matrixSslNewServerSession(&cp->ssl, keys, certValidator) < 0) {
sslFreeConnection(&cp);
return -1;
}
#ifdef USE_NONBLOCKING_SSL_SOCKETS
/* Set this ourselves, "just to make sure" */
setSocketNonblock(fd);
#endif
} else {
cp = *conn;
}
/*
This call will perform the SSL handshake
*/
rc = sslRead(cp, NULL, 0);
if (rc < 0) {
return -1;
}
*conn = cp;
return 0;
}
/*
An example socket sslRead implementation that handles the ssl handshake
transparently. Caller passes in allocated buf and length.
Return codes are as follows:
-1 return code is an error. If a socket level error, error code is
contained in status parameter. If using a non-blocking socket
implementation the caller should check for non-fatal errors such as
WOULD_BLOCK before closing the connection. A zero value
in status indicates an error with this routine.
A positive integer return code is the number of bytes successfully read
into the supplied buffer. User can call sslRead again on the updated
buffer is there is more to be read.
0 return code indicates the read was successful, but there was no data
to be returned. If status is set to zero, this is a case internal
to the sslAccept and sslConnect functions that a handshake
message has been exchanged. If status is set to SOCKET_EOF
the connection has been closed by the other side.
*/
int sslRead(sslConn_t *cp, char *buf, int len, int *status)
{
int bytes, rc, remaining;
unsigned char error, alertLevel, alertDescription, performRead;
*status = 0;
if (cp->ssl == NULL || len <= 0) {
return -1;
}
/*
If inbuf is valid, then we have previously decoded data that must be
returned, return as much as possible. Once all buffered data is
returned, free the inbuf.
*/
if (cp->inbuf.buf) {
if (cp->inbuf.start < cp->inbuf.end) {
remaining = (int)(cp->inbuf.end - cp->inbuf.start);
bytes = (int)min(len, remaining);
memcpy(buf, cp->inbuf.start, bytes);
cp->inbuf.start += bytes;
return bytes;
}
free(cp->inbuf.buf);
cp->inbuf.buf = NULL;
}
/*
Pack the buffered socket data (if any) so that start is at zero.
*/
if (cp->insock.buf < cp->insock.start) {
if (cp->insock.start == cp->insock.end) {
cp->insock.start = cp->insock.end = cp->insock.buf;
} else {
memmove(cp->insock.buf, cp->insock.start, cp->insock.end - cp->insock.start);
cp->insock.end -= (cp->insock.start - cp->insock.buf);
cp->insock.start = cp->insock.buf;
}
}
/*
Read up to as many bytes as there are remaining in the buffer. We could
Have encrypted data already cached in conn->insock, but might as well read more
if we can.
*/
performRead = 0;
readMore:
if (cp->insock.end == cp->insock.start || performRead) {
performRead = 1;
bytes = recv(cp->fd, (char *)cp->insock.end,
(int)((cp->insock.buf + cp->insock.size) - cp->insock.end), MSG_NOSIGNAL);
if (bytes == SOCKET_ERROR) {
*status = getSocketError();
return -1;
}
if (bytes == 0) {
*status = SSLSOCKET_EOF;
return 0;
}
cp->insock.end += bytes;
}
/*
Define a temporary sslBuf
*/
cp->inbuf.start = cp->inbuf.end = cp->inbuf.buf = malloc(len);
cp->inbuf.size = len;
/*
Decode the data we just read from the socket
*/
decodeMore:
error = 0;
alertLevel = 0;
alertDescription = 0;
rc = matrixSslDecode(cp->ssl, &cp->insock, &cp->inbuf, &error, &alertLevel,
&alertDescription);
switch (rc) {
/*
Successfully decoded a record that did not return data or require a response.
*/
case SSL_SUCCESS:
return 0;
/*
Successfully decoded an application data record, and placed in tmp buf
*/
case SSL_PROCESS_DATA:
/*
Copy as much as we can from the temp buffer into the caller's buffer
and leave the remainder in conn->inbuf until the next call to read
It is possible that len > data in buffer if the encoded record
was longer than len, but the decoded record isn't!
*/
rc = (int)(cp->inbuf.end - cp->inbuf.start);
rc = min(rc, len);
memcpy(buf, cp->inbuf.start, rc);
cp->inbuf.start += rc;
return rc;
/*
We've decoded a record that requires a response into tmp
If there is no data to be flushed in the out buffer, we can write out
the contents of the tmp buffer. Otherwise, we need to append the data
to the outgoing data buffer and flush it out.
*/
case SSL_SEND_RESPONSE:
bytes = send(cp->fd, (char *)cp->inbuf.start,
(int)(cp->inbuf.end - cp->inbuf.start), MSG_NOSIGNAL);
if (bytes == SOCKET_ERROR) {
*status = getSocketError();
if (*status != WOULD_BLOCK) {
fprintf(stdout, "Socket send error: %d\n", *status);
goto readError;
}
*status = 0;
}
cp->inbuf.start += bytes;
if (cp->inbuf.start < cp->inbuf.end) {
/*
This must be a non-blocking socket since it didn't all get sent
out and there was no error. We want to finish the send here
simply because we are likely in the SSL handshake.
*/
setSocketBlock(cp->fd);
bytes = send(cp->fd, (char *)cp->inbuf.start,
(int)(cp->inbuf.end - cp->inbuf.start), MSG_NOSIGNAL);
if (bytes == SOCKET_ERROR) {
*status = getSocketError();
goto readError;
}
cp->inbuf.start += bytes;
socketAssert(cp->inbuf.start == cp->inbuf.end);
/*
Can safely set back to non-blocking because we wouldn't
have got here if this socket wasn't non-blocking to begin with.
*/
setSocketNonblock(cp->fd);
}
cp->inbuf.start = cp->inbuf.end = cp->inbuf.buf;
return 0;
/*
There was an error decoding the data, or encoding the out buffer.
There may be a response data in the out buffer, so try to send.
We try a single hail-mary send of the data, and then close the socket.
Since we're closing on error, we don't worry too much about a clean flush.
*/
case SSL_ERROR:
fprintf(stderr, "SSL: Closing on protocol error %d\n", error);
if (cp->inbuf.start < cp->inbuf.end) {
setSocketNonblock(cp->fd);
bytes = send(cp->fd, (char *)cp->inbuf.start,
(int)(cp->inbuf.end - cp->inbuf.start), MSG_NOSIGNAL);
}
goto readError;
/*
We've decoded an alert. The level and description passed into
matrixSslDecode are filled in with the specifics.
*/
case SSL_ALERT:
if (alertDescription == SSL_ALERT_CLOSE_NOTIFY) {
*status = SSLSOCKET_CLOSE_NOTIFY;
goto readZero;
}
fprintf(stderr, "SSL: Closing on client alert %d: %d\n",
alertLevel, alertDescription);
goto readError;
/*
We have a partial record, we need to read more data off the socket.
If we have a completely full conn->insock buffer, we'll need to grow it
here so that we CAN read more data when called the next time.
*/
case SSL_PARTIAL:
if (cp->insock.start == cp->insock.buf && cp->insock.end ==
(cp->insock.buf + cp->insock.size)) {
if (cp->insock.size > SSL_MAX_BUF_SIZE) {
goto readError;
}
cp->insock.size *= 2;
cp->insock.start = cp->insock.buf =
(unsigned char *)realloc(cp->insock.buf, cp->insock.size);
cp->insock.end = cp->insock.buf + (cp->insock.size / 2);
}
if (!performRead) {
performRead = 1;
free(cp->inbuf.buf);
cp->inbuf.buf = NULL;
goto readMore;
} else {
goto readZero;
}
/*
The out buffer is too small to fit the decoded or response
data. Increase the size of the buffer and call decode again
*/
case SSL_FULL:
cp->inbuf.size *= 2;
if (cp->inbuf.buf != (unsigned char*)buf) {
free(cp->inbuf.buf);
cp->inbuf.buf = NULL;
}
cp->inbuf.start = cp->inbuf.end = cp->inbuf.buf =
(unsigned char *)malloc(cp->inbuf.size);
goto decodeMore;
}
/*
We consolidated some of the returns here because we must ensure
that conn->inbuf is cleared if pointing at caller's buffer, otherwise
it will be freed later on.
*/
readZero:
if (cp->inbuf.buf == (unsigned char*)buf) {
cp->inbuf.buf = NULL;
}
return 0;
readError:
if (cp->inbuf.buf == (unsigned char*)buf) {
cp->inbuf.buf = NULL;
}
return -1;
}
int main (int argc, char **argv)
{
char *ip = NULL, *dir = NULL;
int port = 0;
/// Обработка входных параметров программы
int opt = getopt( argc, argv, "h:p:d:" );
if( opt == -1 )
{
cout << "Usage:" << argv[0] << " -h <ip> -p <port> -d <server_directory>" << endl;
return EXIT_SUCCESS;
}
while( opt != -1 )
{
switch( opt )
{
case 'h':
ip = optarg;
break;
case 'p':
port = atoi(optarg);
break;
case 'd':
dir = optarg;
break;
case '?':
default:
cout << "Usage:" << argv[0] << " -h <ip> -p <port> -d <server_directory>" << endl;
return EXIT_FAILURE;
}
opt = getopt( argc, argv, "h:p:d:" );
}
if( (ip == NULL) || (dir == NULL) || (port <= 0) )
{
cout << "Usage:" << argv[0] << " -h <ip> -p <port> -d <server_directory>" << endl;
return EXIT_FAILURE;
}
/// Превращение программы в службу
openlog("web_server_daemon", LOG_PID, LOG_DAEMON);
/// Превращение программы в службу
if( daemon(0,0) == -1 )
{
syslog(LOG_CRIT, string("Create daemon error:" + string(strerror(errno))).c_str());
return EXIT_FAILURE;
}
/// Создание принимающего запросы сокета
int master_socket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if( master_socket == 1 )
{
syslog(LOG_CRIT, string("Create mastersocket error:" + string(strerror(errno))).c_str());
return EXIT_FAILURE;
}
struct sockaddr_in sockAddr;
sockAddr.sin_family = AF_INET;
sockAddr.sin_addr.s_addr = inet_addr(ip);
sockAddr.sin_port = htons(port);
if( bind(master_socket, (struct sockaddr *)(&sockAddr), sizeof(sockAddr)) == -1 )
{
syslog(LOG_CRIT, string("Bind error:" + string(strerror(errno))).c_str());
return EXIT_FAILURE;
}
/// Установка сокета в неблокирующий режим
if( setSocketNonblock(master_socket) )
{
syslog(LOG_CRIT, string("Set nonblock socket state error:" + string(strerror(errno))).c_str());
shutdown(master_socket, SHUT_RDWR);
return EXIT_FAILURE;
}
if( listen(master_socket, SOMAXCONN) == -1 )
{
syslog(LOG_CRIT, string("Set listen socket state error:" + string(strerror(errno))).c_str());
shutdown(master_socket, SHUT_RDWR);
return EXIT_FAILURE;
}
/// Создание epoll сокета для использования мультиплексирования
int e_poll = epoll_create1(0);
if( e_poll == -1 )
{
syslog(LOG_CRIT, string("Epoll create error:" + string(strerror(errno))).c_str());
shutdown(master_socket, SHUT_RDWR);
return EXIT_FAILURE;
}
struct epoll_event poll_event;
poll_event.data.fd = master_socket;
poll_event.events = EPOLLIN;
if( epoll_ctl(e_poll, EPOLL_CTL_ADD, master_socket, &poll_event) == -1 )
{
syslog(LOG_CRIT, string("Epoll control error:" + string(strerror(errno))).c_str());
shutdown(master_socket, SHUT_RDWR);
close(e_poll);
return EXIT_FAILURE;
}
syslog(LOG_INFO, "Web server start listening...");
for(;;)
{
struct epoll_event poll_events[MAX_POLL_EVENTS];
/// Ожидание событий
int poll_events_count = epoll_wait(e_poll, poll_events, MAX_POLL_EVENTS, -1);
if( poll_events_count == -1 )
{
syslog(LOG_ERR, string("Epoll wait error:" + string(strerror(errno))).c_str());
shutdown(master_socket, SHUT_RDWR);
close(e_poll);
return EXIT_FAILURE;
}
for( unsigned int i=0; i < poll_events_count; i++ )
{
if( poll_events[i].data.fd == master_socket )
{
int slave_socket = accept(master_socket, 0, 0);
if( setSocketNonblock(slave_socket) == -1 )
{
syslog(LOG_ERR, string("Set nonblock socket state error:" + string(strerror(errno))).c_str());
shutdown(master_socket, SHUT_RDWR);
close(e_poll);
return EXIT_FAILURE;
}
struct epoll_event poll_event;
poll_event.data.fd = slave_socket;
poll_event.events = EPOLLIN;
if( epoll_ctl(e_poll, EPOLL_CTL_ADD, slave_socket, &poll_event) == -1 )
{
syslog(LOG_ERR, string("Epoll control error:" + string(strerror(errno))).c_str());
shutdown(master_socket, SHUT_RDWR);
close(e_poll);
return EXIT_FAILURE;
}
} else {
pthread_t thread;
pthread_attr_t attr;
int ret_code = pthread_attr_init(&attr);
if( ret_code != 0 )
{
syslog(LOG_ERR, string("Init thread attr errorcode:" + numberToString(ret_code)).c_str());
shutdown(master_socket, SHUT_RDWR);
close(e_poll);
return EXIT_FAILURE;
}
/// Установка типа потока как отсоединённого
ret_code = pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED);
if( ret_code != 0 )
{
syslog(LOG_ERR, string("Set thread detach state errorcode:" +numberToString(ret_code)).c_str());
shutdown(master_socket, SHUT_RDWR);
close(e_poll);
return EXIT_FAILURE;
}
worker_params wp;
wp.poll_event = poll_events[i];
wp.dir = dir;
wp.epoll_sd = e_poll;
/// Создание отсоединённого потока для обработки клиентского запроса
ret_code = pthread_create(&thread, &attr, &workerProccess, &wp);
if( ret_code == EAGAIN )
{
syslog(LOG_ERR, "Not enough resources to create thread");
shutdown(master_socket, SHUT_RDWR);
close(e_poll);
return EXIT_FAILURE;
}
}
}
}
return EXIT_SUCCESS;
}
void
proxyAccept(int srv_fd, struct proxyConnection *ncp)
{
SOCKET src_fd, dst_fd;
// struct linger linger;
int status;
int res;
struct timeval tv;
int pc, sc;
int ccount=0;
ILOG("Accepting new connection.");
if ((src_fd = socketAccept(srv_fd, &status)) == INVALID_SOCKET) {
WLOG("Error accepting connection: %d", status);
return;
}
#ifdef USE_FORK
// fork here
fd_set rs, ws, es;
int fdmax;
int pid=fork();
switch(pid) {
case -1: /* error */
closesocket(ncp->plain);
closesocket(ncp->secure->fd);
break;
case 0: /* child */
#endif
ncp->inuse=1;
if (!isClient) {
DLOG("Trying to accept ssl connection");
if (sslAccept(&ncp->secure, src_fd, keys, cervalidator, 0)) {
WLOG("Error could not establish ssl connection");
socketShutdown(src_fd);
/* Gemtek add +++ */
#ifdef USE_FORK
quit=1;
#endif
/* Gemtek add --- */
return;
}
}
setSocketNonblock(src_fd);
/*
linger.l_onoff = 1;
linger.l_linger = 1;
setsockopt(src_fd, SOL_SOCKET, SO_LINGER, (char *) &linger,sizeof(linger));
*/
/* try to connect to remote end of tunnel */
DLOG("Trying to connect server %s:%d", dst_host, dst_port);
if ((dst_fd = socketConnect(dst_host, dst_port, &status)) == INVALID_SOCKET) {
WLOG("Error connecting to server %s:%d", dst_host, dst_port);
socketShutdown(src_fd);
/* Gemtek add +++ */
#ifdef USE_FORK
quit=1;
#endif
/* Gemtek add --- */
return;
}
if (isClient) {
DLOG("Trying to establish an ssl connection to server %s:%d", dst_host, dst_port);
if ((sslConnect(&ncp->secure, dst_fd, keys, ncp->sessionId, ncp->cipherSuite, cervalidator)) == INVALID_SOCKET) {
WLOG("Error connecting to ssl server %s:%d", dst_host, dst_port);
socketShutdown(src_fd);
return;
}
}
setSocketNonblock(dst_fd);
/*
linger.l_onoff = 1;
linger.l_linger = 1;
setsockopt(dst_fd, SOL_SOCKET, SO_LINGER, (char *) &linger,sizeof(linger));
*/
ncp->plain = isClient ? src_fd : dst_fd;
ncp->plain_up=1;
ncp->secure_up=1;
ILOG("Connection established. plain_fd:%d secure_fd:%d", ncp->plain, ncp->secure->fd);
// handle remaining bytes in buffer.
/*
res=proxyReadwrite(ncp,1);
if(res<0) {
ncp->error=1;
closeProxyConnection(ncp);
}
*/
// fork here
#ifdef USE_FORK
closesocket(srv_fd);
fdmax=ncp->plain > ncp->secure->fd ? ncp->plain : ncp->secure->fd;
while (!quit) {
FD_ZERO(&rs);
FD_ZERO(&ws);
FD_ZERO(&es);
FD_SET(ncp->plain,&rs);
FD_SET(ncp->plain,&ws);
FD_SET(ncp->plain,&es);
FD_SET(ncp->secure->fd,&rs);
FD_SET(ncp->secure->fd,&ws);
FD_SET(ncp->secure->fd,&es);
tv.tv_sec=10;
tv.tv_usec=0;
DLOG("select on %d open connections. fdmax: %d", ccount, fdmax);
res=select(fdmax+1,&rs,NULL,&es,&tv);
// DLOG("select returned: %d", res);
DLOG("proxyAccept->select returned: %d %s errno=%d", res , strerror(errno), errno );
if(res<0) {
perror("select");
continue;
}
/*
if(res==0)
continue;
*/
if(FD_ISSET(ncp->secure->fd,&es) || FD_ISSET(ncp->plain,&es)) {
ncp->error=1;
break;
}
sc=proxyReadwrite(ncp,1);
if(sc<0) break;
pc=proxyReadwrite(ncp,0);
if(pc<0) break;
if(ncp->done) {
quit=1;
break;
}
}
closeProxyConnection(ncp);
DLOG("done. exiting...");
exit(0);
break;
default:
closesocket(src_fd);
/* server */
break;
}
#endif
}
int sslRead(sslConn_t *cp, char *buf, int len, int *status)
{
int bytes, rc, remaining;
unsigned char error, alertLevel, alertDescription, performRead;
*status = 0;
if (cp->ssl == NULL || len <= 0) {
return -1;
}
if (cp->inbuf.buf) {
if (cp->inbuf.start < cp->inbuf.end) {
remaining = (int)(cp->inbuf.end - cp->inbuf.start);
bytes = (int)min(len, remaining);
memcpy(buf, cp->inbuf.start, bytes);
cp->inbuf.start += bytes;
return bytes;
}
free(cp->inbuf.buf);
cp->inbuf.buf = NULL;
}
if (cp->insock.buf < cp->insock.start) {
if (cp->insock.start == cp->insock.end) {
cp->insock.start = cp->insock.end = cp->insock.buf;
} else {
memmove(cp->insock.buf, cp->insock.start, cp->insock.end - cp->insock.start);
cp->insock.end -= (cp->insock.start - cp->insock.buf);
cp->insock.start = cp->insock.buf;
}
}
performRead = 0;
readMore:
if (cp->insock.end == cp->insock.start || performRead) {
performRead = 1;
bytes = recv(cp->fd, (char *)cp->insock.end,
(int)((cp->insock.buf + cp->insock.size) - cp->insock.end), MSG_NOSIGNAL);
if (bytes == SOCKET_ERROR) {
*status = getSocketError();
return -1;
}
if (bytes == 0) {
*status = SSLSOCKET_EOF;
return 0;
}
cp->insock.end += bytes;
}
cp->inbuf.start = cp->inbuf.end = cp->inbuf.buf = malloc(len);
cp->inbuf.size = len;
decodeMore:
error = 0;
alertLevel = 0;
alertDescription = 0;
rc = matrixSslDecode(cp->ssl, &cp->insock, &cp->inbuf, &error, &alertLevel,
&alertDescription);
switch (rc) {
case SSL_SUCCESS:
return 0;
case SSL_PROCESS_DATA:
rc = (int)(cp->inbuf.end - cp->inbuf.start);
rc = min(rc, len);
memcpy(buf, cp->inbuf.start, rc);
cp->inbuf.start += rc;
return rc;
case SSL_SEND_RESPONSE:
bytes = send(cp->fd, (char *)cp->inbuf.start,
(int)(cp->inbuf.end - cp->inbuf.start), MSG_NOSIGNAL);
if (bytes == SOCKET_ERROR) {
*status = getSocketError();
if (*status != WOULD_BLOCK) {
fprintf(stdout, "Socket send error: %d\n", *status);
goto readError;
}
*status = 0;
}
cp->inbuf.start += bytes;
if (cp->inbuf.start < cp->inbuf.end) {
setSocketBlock(cp->fd);
bytes = send(cp->fd, (char *)cp->inbuf.start,
(int)(cp->inbuf.end - cp->inbuf.start), MSG_NOSIGNAL);
if (bytes == SOCKET_ERROR) {
*status = getSocketError();
goto readError;
}
cp->inbuf.start += bytes;
socketAssert(cp->inbuf.start == cp->inbuf.end);
setSocketNonblock(cp->fd);
}
cp->inbuf.start = cp->inbuf.end = cp->inbuf.buf;
return 0;
case SSL_ERROR:
fprintf(stderr, "SSL: Closing on protocol error %d\n", error);
if (cp->inbuf.start < cp->inbuf.end) {
setSocketNonblock(cp->fd);
bytes = send(cp->fd, (char *)cp->inbuf.start,
(int)(cp->inbuf.end - cp->inbuf.start), MSG_NOSIGNAL);
}
goto readError;
case SSL_ALERT:
if (alertDescription == SSL_ALERT_CLOSE_NOTIFY) {
*status = SSLSOCKET_CLOSE_NOTIFY;
goto readZero;
}
fprintf(stderr, "SSL: Closing on client alert %d: %d\n",
alertLevel, alertDescription);
goto readError;
case SSL_PARTIAL:
if (cp->insock.start == cp->insock.buf && cp->insock.end ==
(cp->insock.buf + cp->insock.size)) {
if (cp->insock.size > SSL_MAX_BUF_SIZE) {
goto readError;
}
cp->insock.size *= 2;
cp->insock.start = cp->insock.buf =
(unsigned char *)realloc(cp->insock.buf, cp->insock.size);
cp->insock.end = cp->insock.buf + (cp->insock.size / 2);
}
if (!performRead) {
performRead = 1;
free(cp->inbuf.buf);
cp->inbuf.buf = NULL;
goto readMore;
} else {
goto readZero;
}
case SSL_FULL:
cp->inbuf.size *= 2;
if (cp->inbuf.buf != (unsigned char*)buf) {
free(cp->inbuf.buf);
cp->inbuf.buf = NULL;
}
cp->inbuf.start = cp->inbuf.end = cp->inbuf.buf =
(unsigned char *)malloc(cp->inbuf.size);
goto decodeMore;
}
readZero:
if (cp->inbuf.buf == (unsigned char*)buf) {
cp->inbuf.buf = NULL;
}
return 0;
readError:
if (cp->inbuf.buf == (unsigned char*)buf) {
cp->inbuf.buf = NULL;
}
return -1;
}
