diff options
author | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2007-01-28 16:42:30 +0000 |
---|---|---|
committer | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2007-01-28 16:42:30 +0000 |
commit | 8703e1b36af0167a8141e7071e386e4bbbfd0331 (patch) | |
tree | 4003f3859b966636bca1546a58c6d84f325c94b6 /src | |
parent | b9de69b2dfff8796614e0ff9a2b49612989f73a3 (diff) |
Fix this so that it works with outbound connects again.
Also fix it to cope with EAGAIN properly in handshake negotiation without returning 1 from Write() (when nothing was actually written at the upper layer of the transport!)
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@6451 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src')
-rw-r--r-- | src/modules/extra/m_ssl_gnutls.cpp | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index 48648425d..4ccf197cc 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -356,10 +356,12 @@ class ModuleSSLGnuTLS : public Module session->inbuf = new char[inbufsize]; session->inbufoffset = 0; - gnutls_init(&session->sess, GNUTLS_SERVER); + gnutls_init(&session->sess, GNUTLS_CLIENT); gnutls_set_default_priority(session->sess); // Avoid calling all the priority functions, defaults are adequate. gnutls_credentials_set(session->sess, GNUTLS_CRD_CERTIFICATE, x509_cred); + //TODO: Request server cert here. + //gnutls_certificate_request(session->sess, GNUTLS_CERT_REQUEST); // Request server certificate if any. gnutls_dh_set_prime_bits(session->sess, dh_bits); gnutls_transport_set_ptr(session->sess, (gnutls_transport_ptr_t) fd); // Give gnutls the fd for the socket. @@ -476,25 +478,29 @@ class ModuleSSLGnuTLS : public Module issl_session* session = &sessions[fd]; const char* sendbuffer = buffer; - if(!session->sess) + if (!session->sess) { CloseSession(session); return 1; } - + + session->outbuf.append(sendbuffer, count); + sendbuffer = session->outbuf.c_str(); + count = session->outbuf.size(); + if(session->status == ISSL_HANDSHAKING_WRITE) { // The handshake isn't finished, try to finish it. Handshake(session); + errno = EAGAIN; + return 0; } - session->outbuf.append(sendbuffer, count); - sendbuffer = session->outbuf.c_str(); - count = session->outbuf.size(); + int ret = 0; if(session->status == ISSL_HANDSHAKEN) { - int ret = gnutls_record_send(session->sess, sendbuffer, count); + ret = gnutls_record_send(session->sess, sendbuffer, count); if(ret == 0) CloseSession(session); @@ -509,7 +515,10 @@ class ModuleSSLGnuTLS : public Module } } - return 1; + /* Who's smart idea was it to return 1 when we havent written anything? + * This fucks the buffer up in InspSocket :p + */ + return ret < 1 ? 0 : ret; } // :kenny.chatspike.net 320 Om Epy|AFK :is a Secure Connection @@ -555,7 +564,7 @@ class ModuleSSLGnuTLS : public Module { int ret = gnutls_handshake(session->sess); - if(ret < 0) + if (ret < 0) { if(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) { |