1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
|
//
// SSLConnection.cc
//
// SSLConnection: This class forms a easy to use interface to the
// socket interface using SSL connection encryption.
//
// Part of the ht://Dig package <http://www.htdig.org/>
// Copyright (c) 1999-2004 The ht://Dig Group
// For copyright details, see the file COPYING in your distribution
// or the GNU Library General Public License (LGPL) version 2 or later
// <http://www.gnu.org/copyleft/lgpl.html>
//
// $Id: SSLConnection.cc,v 1.6 2004/05/28 13:15:23 lha Exp $
//
#ifdef HAVE_CONFIG_H
#include "htconfig.h"
#endif /* HAVE_CONFIG_H */
#ifdef HAVE_SSL_H
#include "SSLConnection.h"
#ifdef HAVE_STD
#include <iostream>
#ifdef HAVE_NAMESPACES
using namespace std;
#endif
#else
#include <iostream.h>
#endif /* HAVE_STD */
// Global needed only once in HtDig
//
SSL_CTX *SSLConnection::ctx = NULL;
SSLConnection::SSLConnection()
{
InitSSL();
}
SSLConnection::SSLConnection(int socket)
{
InitSSL();
}
void SSLConnection::InitSSL()
{
if( ctx == NULL )
{
// Add in the OpenSSL algorithms ??
//
OpenSSL_add_ssl_algorithms();
// Load the error strings ... openssl says so
//
SSL_load_error_strings();
// New CTX, either v3 but can default to v2
//
ctx = SSL_CTX_new (SSLv23_client_method());
if( ctx == NULL )
{
cout << "ctx NULL" << endl;
exit(1);
}
}
}
SSLConnection::~SSLConnection()
{
if( ctx != NULL )
SSL_CTX_free (ctx);
ctx = NULL;
}
int SSLConnection::Connect()
{
// Run the standard connect
//
int ret = Connection::Connect();
if( ret != OK )
return ret;
// Now start SSL negotiation
//
ssl = SSL_new (ctx);
// Attach ssl to socket
//
SSL_set_fd (ssl, sock);
int err = SSL_connect (ssl);
if( err == -1)
{
// cout << "SSL_connect failed!" << endl;
// Close the socket
//
Connection::Close();
return NOTOK;
}
return OK;
}
int SSLConnection::Close()
{
// First kill the SSL stuff
//
SSL_shutdown (ssl); /* send SSL/TLS close_notify */
/* Clean up. */
// Now call the Connection Close
//
int ret = Connection::Close();
if( ret == OK )
{
SSL_free (ssl);
}
return ret;
}
int SSLConnection::Read_Partial(char *buffer, int maxlength)
{
int count;
need_io_stop = 0;
do
{
errno = 0;
if (timeout_value > 0) {
FD_SET_T fds;
FD_ZERO(&fds);
FD_SET(sock, &fds);
timeval tv;
tv.tv_sec = timeout_value;
tv.tv_usec = 0;
int selected = select(sock+1, &fds, 0, 0, &tv);
if (selected <= 0)
need_io_stop++;
}
if (!need_io_stop)
count = SSL_read(ssl, buffer, maxlength);
else
count = -1; // Input timed out
}
while (count <= 0 && errno == EINTR && !need_io_stop);
need_io_stop = 0;
return count;
}
//*************************************************************************
// int Connection::Write_Partial(char *buffer, int maxlength)
//
int SSLConnection::Write_Partial(char *buffer, int maxlength)
{
int count;
do
{
count = SSL_write(ssl, buffer, maxlength);
}
while (count < 0 && errno == EINTR && !need_io_stop);
need_io_stop = 0;
return count;
}
#endif
|
