diff options
Diffstat (limited to 'src/gnutls_io.c')
-rw-r--r-- | src/gnutls_io.c | 56 |
1 files changed, 28 insertions, 28 deletions
diff --git a/src/gnutls_io.c b/src/gnutls_io.c index 659effa..ec2d08c 100644 --- a/src/gnutls_io.c +++ b/src/gnutls_io.c | |||
@@ -224,14 +224,6 @@ static apr_status_t gnutls_io_input_read(mod_gnutls_handle_t * ctxt, | |||
224 | 224 | ||
225 | while (1) { | 225 | while (1) { |
226 | 226 | ||
227 | if (ctxt->status < 0) { | ||
228 | /* Ensure a non-zero error code is returned */ | ||
229 | if (ctxt->input_rc == APR_SUCCESS) { | ||
230 | ctxt->input_rc = APR_EGENERAL; | ||
231 | } | ||
232 | break; | ||
233 | } | ||
234 | |||
235 | rc = gnutls_record_recv(ctxt->session, buf + bytes, wanted - bytes); | 227 | rc = gnutls_record_recv(ctxt->session, buf + bytes, wanted - bytes); |
236 | 228 | ||
237 | if (rc > 0) { | 229 | if (rc > 0) { |
@@ -348,6 +340,7 @@ static void gnutls_do_handshake(mod_gnutls_handle_t * ctxt) | |||
348 | 340 | ||
349 | if (ctxt->status != 0) | 341 | if (ctxt->status != 0) |
350 | return; | 342 | return; |
343 | #if 0 | ||
351 | 344 | ||
352 | for (i = GNUTLS_HANDSHAKE_ATTEMPTS; i > 0; i--) { | 345 | for (i = GNUTLS_HANDSHAKE_ATTEMPTS; i > 0; i--) { |
353 | ret = gnutls_handshake(ctxt->session); | 346 | ret = gnutls_handshake(ctxt->session); |
@@ -364,14 +357,12 @@ static void gnutls_do_handshake(mod_gnutls_handle_t * ctxt) | |||
364 | gnutls_alert_get_name(ret)); | 357 | gnutls_alert_get_name(ret)); |
365 | } | 358 | } |
366 | 359 | ||
367 | if (gnutls_error_is_fatal(ret) != 0) { | 360 | gnutls_deinit(ctxt->session); |
368 | gnutls_deinit(ctxt->session); | 361 | ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server, |
369 | ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server, | ||
370 | "GnuTLS: Handshake Failed (%d) '%s'", ret, | 362 | "GnuTLS: Handshake Failed (%d) '%s'", ret, |
371 | gnutls_strerror(ret)); | 363 | gnutls_strerror(ret)); |
372 | ctxt->status = -1; | 364 | ctxt->status = -1; |
373 | return; | 365 | return; |
374 | } | ||
375 | } | 366 | } |
376 | else { | 367 | else { |
377 | ctxt->status = 1; | 368 | ctxt->status = 1; |
@@ -380,6 +371,30 @@ static void gnutls_do_handshake(mod_gnutls_handle_t * ctxt) | |||
380 | } | 371 | } |
381 | ctxt->status = -1; | 372 | ctxt->status = -1; |
382 | return; | 373 | return; |
374 | #else | ||
375 | ret = gnutls_handshake(ctxt->session); | ||
376 | if (ret < 0) { | ||
377 | if (ret == GNUTLS_E_WARNING_ALERT_RECEIVED | ||
378 | || ret == GNUTLS_E_FATAL_ALERT_RECEIVED) { | ||
379 | ret = gnutls_alert_get(ctxt->session); | ||
380 | ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server, | ||
381 | "GnuTLS: Hanshake Alert (%d) '%s'.\n", ret, | ||
382 | gnutls_alert_get_name(ret)); | ||
383 | } | ||
384 | |||
385 | gnutls_deinit(ctxt->session); | ||
386 | ap_log_error(APLOG_MARK, APLOG_ERR, 0, ctxt->c->base_server, | ||
387 | "GnuTLS: Handshake Failed (%d) '%s'", ret, | ||
388 | gnutls_strerror(ret)); | ||
389 | ctxt->status = -1; | ||
390 | return; | ||
391 | } | ||
392 | else { | ||
393 | ctxt->status = 1; | ||
394 | return; /* all done with the handshake */ | ||
395 | } | ||
396 | |||
397 | #endif | ||
383 | } | 398 | } |
384 | 399 | ||
385 | 400 | ||
@@ -404,7 +419,7 @@ apr_status_t mod_gnutls_filter_input(ap_filter_t * f, | |||
404 | } | 419 | } |
405 | 420 | ||
406 | if (ctxt->status < 0) { | 421 | if (ctxt->status < 0) { |
407 | return ap_get_brigade(f->next, bb, mode, block, readbytes); | 422 | // return ap_get_brigade(f->next, bb, mode, block, readbytes); |
408 | } | 423 | } |
409 | 424 | ||
410 | /* XXX: we don't currently support anything other than these modes. */ | 425 | /* XXX: we don't currently support anything other than these modes. */ |
@@ -643,19 +658,6 @@ ssize_t mod_gnutls_transport_write(gnutls_transport_ptr_t ptr, | |||
643 | { | 658 | { |
644 | mod_gnutls_handle_t *ctxt = ptr; | 659 | mod_gnutls_handle_t *ctxt = ptr; |
645 | 660 | ||
646 | if (!ctxt->output_length | ||
647 | && (len + ctxt->output_blen < sizeof(ctxt->output_buffer))) { | ||
648 | /* the first two SSL_writes (of 1024 and 261 bytes) | ||
649 | * need to be in the same packet (vec[0].iov_base) | ||
650 | */ | ||
651 | /* XXX: could use apr_brigade_write() to make code look cleaner | ||
652 | * but this way we avoid the malloc(APR_BUCKET_BUFF_SIZE) | ||
653 | * and free() of it later | ||
654 | */ | ||
655 | memcpy(&ctxt->output_buffer[ctxt->output_blen], buffer, len); | ||
656 | ctxt->output_blen += len; | ||
657 | } | ||
658 | else { | ||
659 | /* pass along the encrypted data | 661 | /* pass along the encrypted data |
660 | * need to flush since we're using SSL's malloc-ed buffer | 662 | * need to flush since we're using SSL's malloc-ed buffer |
661 | * which will be overwritten once we leave here | 663 | * which will be overwritten once we leave here |
@@ -670,7 +672,5 @@ ssize_t mod_gnutls_transport_write(gnutls_transport_ptr_t ptr, | |||
670 | if (write_flush(ctxt) < 0) { | 672 | if (write_flush(ctxt) < 0) { |
671 | return -1; | 673 | return -1; |
672 | } | 674 | } |
673 | } | ||
674 | |||
675 | return len; | 675 | return len; |
676 | } | 676 | } |