]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/extra/m_ssl_openssl.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
m_ssl_openssl Specify TLS client/server role on session creation, switch to SSL_do_ha...
[user/henk/code/inspircd.git] / src / modules / extra / m_ssl_openssl.cpp
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 8540ab41f3d87ab8028de00199c9f3840484fc31..debc179534551991f91cb8e0ce8b85978e6139e8 100644 (file)
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -196,9 +196,18 @@ namespace OpenSSL
                        return SSL_CTX_clear_options(ctx, clearoptions);
                }
 
-               SSL* CreateSession()
+               SSL* CreateServerSession()
                {
-                       return SSL_new(ctx);
+                       SSL* sess = SSL_new(ctx);
+                       SSL_set_accept_state(sess); // Act as server
+                       return sess;
+               }
+
+               SSL* CreateClientSession()
+               {
+                       SSL* sess = SSL_new(ctx);
+                       SSL_set_connect_state(sess); // Act as client
+                       return sess;
                }
        };
 
@@ -324,8 +333,8 @@ namespace OpenSSL
                }
 
                const std::string& GetName() const { return name; }
-               SSL* CreateServerSession() { return ctx.CreateSession(); }
-               SSL* CreateClientSession() { return clictx.CreateSession(); }
+               SSL* CreateServerSession() { return ctx.CreateServerSession(); }
+               SSL* CreateClientSession() { return clictx.CreateClientSession(); }
                const EVP_MD* GetDigest() { return digest; }
                bool AllowRenegotiation() const { return allowrenego; }
        };
@@ -357,14 +366,8 @@ class OpenSSLIOHook : public SSLIOHook
        // Returns 1 if handshake succeeded, 0 if it is still in progress, -1 if it failed
        int Handshake(StreamSocket* user)
        {
-               int ret;
-
                ERR_clear_error();
-               if (outbound)
-                       ret = SSL_connect(sess);
-               else
-                       ret = SSL_accept(sess);
-
+               int ret = SSL_do_handshake(sess);
                if (ret < 0)
                {
                        int err = SSL_get_error(sess, ret);