summaryrefslogtreecommitdiff
path: root/src/modules/extra/m_ssl_openssl.cpp
diff options
context:
space:
mode:
authorAttila Molnar <attilamolnar@hush.com>2015-03-05 17:35:17 +0100
committerAttila Molnar <attilamolnar@hush.com>2015-03-05 17:35:17 +0100
commit06eb88c10cb7a57ea800e0204b48277de9cb02ca (patch)
treef5152defe3f55bc224953cba193589f71519989e /src/modules/extra/m_ssl_openssl.cpp
parenta881ff7a322aa8307dc8152206f27c4fd29281cd (diff)
m_ssl_openssl Specify TLS client/server role on session creation, switch to SSL_do_handshake()
Diffstat (limited to 'src/modules/extra/m_ssl_openssl.cpp')
-rw-r--r--src/modules/extra/m_ssl_openssl.cpp25
1 files changed, 14 insertions, 11 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 8540ab41f..debc17953 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -196,9 +196,18 @@ namespace OpenSSL
return SSL_CTX_clear_options(ctx, clearoptions);
}
- SSL* CreateSession()
+ SSL* CreateServerSession()
{
- return SSL_new(ctx);
+ SSL* sess = SSL_new(ctx);
+ SSL_set_accept_state(sess); // Act as server
+ return sess;
+ }
+
+ SSL* CreateClientSession()
+ {
+ SSL* sess = SSL_new(ctx);
+ SSL_set_connect_state(sess); // Act as client
+ return sess;
}
};
@@ -324,8 +333,8 @@ namespace OpenSSL
}
const std::string& GetName() const { return name; }
- SSL* CreateServerSession() { return ctx.CreateSession(); }
- SSL* CreateClientSession() { return clictx.CreateSession(); }
+ SSL* CreateServerSession() { return ctx.CreateServerSession(); }
+ SSL* CreateClientSession() { return clictx.CreateClientSession(); }
const EVP_MD* GetDigest() { return digest; }
bool AllowRenegotiation() const { return allowrenego; }
};
@@ -357,14 +366,8 @@ class OpenSSLIOHook : public SSLIOHook
// Returns 1 if handshake succeeded, 0 if it is still in progress, -1 if it failed
int Handshake(StreamSocket* user)
{
- int ret;
-
ERR_clear_error();
- if (outbound)
- ret = SSL_connect(sess);
- else
- ret = SSL_accept(sess);
-
+ int ret = SSL_do_handshake(sess);
if (ret < 0)
{
int err = SSL_get_error(sess, ret);