diff --git a/Changes b/Changes index f74847641..5469adfdd 100644 --- a/Changes +++ b/Changes @@ -1404,3 +1404,5 @@ seen. gmtime warning still there - Removed mutex.c - Credits changes, various tweaks mzp ftq Gzdqmx qhqdk dqxqmeq oapq otmxxqzsq. Tmbbk tgzfuzs. - Fixed some ./configure errors +- Added ircd/safe_SSL_read/write from bahamut+inet6/azzuranet. This can be done much nicer + when newio is done. diff --git a/include/ssl.h b/include/ssl.h index 96c5e59a0..18a47dcd9 100644 --- a/include/ssl.h +++ b/include/ssl.h @@ -8,3 +8,5 @@ extern SSL_METHOD *meth; extern void init_ssl(); extern int ssl_handshake(aClient *); /* Handshake the accpeted con.*/ extern int ssl_client_handshake(aClient *, ConfigItem_link *); /* and the initiated con.*/ +extern int ircd_SSL_read(aClient *acptr, void *buf, int sz); +extern int ircd_SSL_write(aClient *acptr, const void *buf, int sz); \ No newline at end of file diff --git a/src/s_bsd.c b/src/s_bsd.c index ac46649d1..253f2b836 100644 --- a/src/s_bsd.c +++ b/src/s_bsd.c @@ -1310,7 +1310,7 @@ static int read_packet(aClient *cptr, fd_set *rfd) SET_ERRNO(0); #ifdef USE_SSL if (cptr->flags & FLAGS_SSL) - length = SSL_read((SSL *)cptr->ssl, readbuf, sizeof(readbuf)); + length = ircd_SSL_read(cptr, readbuf, sizeof(readbuf)); else #endif length = recv(cptr->fd, readbuf, sizeof(readbuf), 0); @@ -1473,7 +1473,7 @@ static int read_packet(aClient *cptr) #ifdef USE_SSL if (cptr->flags & FLAGS_SSL) - length = SSL_read((SSL *)cptr->ssl, readbuf, sizeof(readbuf)); + length = ircd_SSL_read((SSL *)cptr->ssl, readbuf, sizeof(readbuf)); else #endif length = recv(cptr->fd, readbuf, sizeof(readbuf), 0); diff --git a/src/socket.c b/src/socket.c index fa604b49b..e827a87ec 100644 --- a/src/socket.c +++ b/src/socket.c @@ -84,7 +84,7 @@ int deliver_it(aClient *cptr, char *str, int len) #ifdef USE_SSL if (cptr->flags & FLAGS_SSL) - retval = SSL_write((SSL *)cptr->ssl, str, len); + retval = ircd_SSL_write(cptr, str, len); else #endif retval = send(cptr->fd, str, len, 0); diff --git a/src/ssl.c b/src/ssl.c index fba340e59..64c186408 100644 --- a/src/ssl.c +++ b/src/ssl.c @@ -20,8 +20,9 @@ #include "config.h" #ifdef USE_SSL - +#include "common.h" #include "struct.h" +#include "sys.h" #ifdef _WIN32 #include @@ -321,5 +322,55 @@ char *ssl_get_cipher(SSL *ssl) return (buf); } +int ircd_SSL_read(aClient *acptr, void *buf, int sz) +{ + int len, ssl_err; + len = SSL_read((SSL *)acptr->ssl, buf, sz); + if (len <= 0) + { + switch(ssl_err = SSL_get_error((SSL *)acptr->ssl, len)) { + case SSL_ERROR_SYSCALL: + if (errno == EWOULDBLOCK || errno == EAGAIN || + errno == EINTR) { + case SSL_ERROR_WANT_READ: + errno = EWOULDBLOCK; + return 0; + } + case SSL_ERROR_SSL: + if(errno == EAGAIN) + return 0; + default: + return 0; + } + } + return len; +} +int ircd_SSL_write(aClient *acptr, const void *buf, int sz) +{ + int len, ssl_err; + len = SSL_write((SSL *)acptr->ssl, buf, sz); + if (len <= 0) + { + switch(ssl_err = SSL_get_error((SSL *)acptr->ssl, len)) { + case SSL_ERROR_SYSCALL: + if (errno == EWOULDBLOCK || errno == EAGAIN || + errno == EINTR) + { + errno = EWOULDBLOCK; + return 0; + } + return 0; + case SSL_ERROR_WANT_WRITE: + errno = EWOULDBLOCK; + return 0; + case SSL_ERROR_SSL: + if(errno == EAGAIN) + return 0; + default: + return 0; + } + } + return len; +} #endif