int lws_tls_server_conn_alpn(struct lws *wsi) { #if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \ OPENSSL_VERSION_NUMBER >= 0x10002000L) const unsigned char *name = NULL; char cstr[10]; unsigned len; SSL_get0_alpn_selected(wsi->tls.ssl, &name, &len); if (!len) { lwsl_info("no ALPN upgrade\n"); return 0; } if (len > sizeof(cstr) - 1) len = sizeof(cstr) - 1; memcpy(cstr, name, len); cstr[len] = '\0'; lwsl_info("negotiated '%s' using ALPN\n", cstr); wsi->tls.use_ssl |= LCCSCF_USE_SSL; return lws_role_call_alpn_negotiated(wsi, (const char *)cstr); #endif // OPENSSL_VERSION_NUMBER >= 0x10002000L return 0; }
enum lws_ssl_capable_status lws_tls_client_connect(struct lws *wsi) { int m, n = SSL_connect(wsi->tls.ssl); const unsigned char *prot; unsigned int len; if (n == 1) { SSL_get0_alpn_selected(wsi->tls.ssl, &prot, &len); lws_role_call_alpn_negotiated(wsi, (const char *)prot); lwsl_info("client connect OK\n"); return LWS_SSL_CAPABLE_DONE; } m = SSL_get_error(wsi->tls.ssl, n); if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) return LWS_SSL_CAPABLE_MORE_SERVICE_READ; if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE; if (!n) /* we don't know what he wants, but he says to retry */ return LWS_SSL_CAPABLE_MORE_SERVICE; return LWS_SSL_CAPABLE_ERROR; }