int
tls_accept_fds(struct tls *ctx, struct tls **cctx, int fd_read, int fd_write)
{
struct tls *conn_ctx = *cctx;
int ret, err;
if ((ctx->flags & TLS_SERVER) == 0) {
tls_set_error(ctx, "not a server context");
goto err;
}
if (conn_ctx == NULL) {
if ((conn_ctx = tls_server_conn(ctx)) == NULL) {
tls_set_error(ctx, "connection context failure");
goto err;
}
*cctx = conn_ctx;
if ((conn_ctx->ssl_conn = SSL_new(ctx->ssl_ctx)) == NULL) {
tls_set_error(ctx, "ssl failure");
goto err;
}
if (SSL_set_rfd(conn_ctx->ssl_conn, fd_read) != 1 ||
SSL_set_wfd(conn_ctx->ssl_conn, fd_write) != 1) {
tls_set_error(ctx, "ssl set fd failure");
goto err;
}
SSL_set_app_data(conn_ctx->ssl_conn, conn_ctx);
}
if ((ret = SSL_accept(conn_ctx->ssl_conn)) != 1) {
err = tls_ssl_error(ctx, conn_ctx->ssl_conn, ret, "accept");
if (err == TLS_READ_AGAIN || err == TLS_WRITE_AGAIN) {
return (err);
}
goto err;
}
return (0);
err:
return (-1);
}
int
tls_accept_fds(struct tls *ctx, struct tls **cctx, int fd_read, int fd_write)
{
struct tls *conn_ctx = NULL;
if ((ctx->flags & TLS_SERVER) == 0) {
tls_set_errorx(ctx, "not a server context");
goto err;
}
if ((conn_ctx = tls_server_conn(ctx)) == NULL) {
tls_set_errorx(ctx, "connection context failure");
goto err;
}
if ((conn_ctx->ssl_conn = SSL_new(ctx->ssl_ctx)) == NULL) {
tls_set_errorx(ctx, "ssl failure");
goto err;
}
if (SSL_set_app_data(conn_ctx->ssl_conn, conn_ctx) != 1) {
tls_set_errorx(ctx, "ssl application data failure");
goto err;
}
if (SSL_set_rfd(conn_ctx->ssl_conn, fd_read) != 1 ||
SSL_set_wfd(conn_ctx->ssl_conn, fd_write) != 1) {
tls_set_errorx(ctx, "ssl file descriptor failure");
goto err;
}
*cctx = conn_ctx;
return (0);
err:
tls_free(conn_ctx);
*cctx = NULL;
return (-1);
}
