Merge branch 'master+sslcleanup'

[user/henk/code/inspircd.git] / src / modules / extra / m_ssl_openssl.cpp

diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 8540ab41f3d87ab8028de00199c9f3840484fc31..0fd4608be21702e28abf82807e6e735ba646e37d 100644 (file)
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -196,9 +196,18 @@ namespace OpenSSL
                        return SSL_CTX_clear_options(ctx, clearoptions);
                }
 
-               SSL* CreateSession()
+               SSL* CreateServerSession()
                {
-                       return SSL_new(ctx);
+                       SSL* sess = SSL_new(ctx);
+                       SSL_set_accept_state(sess); // Act as server
+                       return sess;
+               }
+
+               SSL* CreateClientSession()
+               {
+                       SSL* sess = SSL_new(ctx);
+                       SSL_set_connect_state(sess); // Act as client
+                       return sess;
                }
        };
 
@@ -324,8 +333,8 @@ namespace OpenSSL
                }
 
                const std::string& GetName() const { return name; }
-               SSL* CreateServerSession() { return ctx.CreateSession(); }
-               SSL* CreateClientSession() { return clictx.CreateSession(); }
+               SSL* CreateServerSession() { return ctx.CreateServerSession(); }
+               SSL* CreateClientSession() { return clictx.CreateClientSession(); }
                const EVP_MD* GetDigest() { return digest; }
                bool AllowRenegotiation() const { return allowrenego; }
        };
@@ -350,21 +359,14 @@ class OpenSSLIOHook : public SSLIOHook
  private:
        SSL* sess;
        issl_status status;
-       const bool outbound;
        bool data_to_write;
        reference<OpenSSL::Profile> profile;
 
        // Returns 1 if handshake succeeded, 0 if it is still in progress, -1 if it failed
        int Handshake(StreamSocket* user)
        {
-               int ret;
-
                ERR_clear_error();
-               if (outbound)
-                       ret = SSL_connect(sess);
-               else
-                       ret = SSL_accept(sess);
-
+               int ret = SSL_do_handshake(sess);
                if (ret < 0)
                {
                        int err = SSL_get_error(sess, ret);
@@ -521,11 +523,10 @@ class OpenSSLIOHook : public SSLIOHook
        friend void StaticSSLInfoCallback(const SSL* ssl, int where, int rc);
 
  public:
-       OpenSSLIOHook(IOHookProvider* hookprov, StreamSocket* sock, bool is_outbound, SSL* session, const reference<OpenSSL::Profile>& sslprofile)
+       OpenSSLIOHook(IOHookProvider* hookprov, StreamSocket* sock, SSL* session, const reference<OpenSSL::Profile>& sslprofile)
                : SSLIOHook(hookprov)
                , sess(session)
                , status(ISSL_NONE)
-               , outbound(is_outbound)
                , data_to_write(false)
                , profile(sslprofile)
        {
@@ -708,12 +709,12 @@ class OpenSSLIOHookProvider : public refcountbase, public IOHookProvider
 
        void OnAccept(StreamSocket* sock, irc::sockets::sockaddrs* client, irc::sockets::sockaddrs* server) CXX11_OVERRIDE
        {
-               new OpenSSLIOHook(this, sock, false, profile->CreateServerSession(), profile);
+               new OpenSSLIOHook(this, sock, profile->CreateServerSession(), profile);
        }
 
        void OnConnect(StreamSocket* sock) CXX11_OVERRIDE
        {
-               new OpenSSLIOHook(this, sock, true, profile->CreateClientSession(), profile);
+               new OpenSSLIOHook(this, sock, profile->CreateClientSession(), profile);
        }
 };