Merge remote-tracking branch 'tr/master'

12 years ago · 0b04e26bde
5 changed files with 63 additions and 36 deletions
--- a/README.md
+++ b/README.md
@ -65,8 +65,6 @@ Currently this will stay in the foreground and does logging via syslog.
 The server will listen on port 11212 for HTTP requests and on port 11213
 for SSL requerst.

-Currently SSL request are broken and disabled completely.
-
 You can use telnet or simply start a browser and connect on localhost:11212.

 This should show up a very simplistic page.
--- a/src/server/run.c
+++ b/src/server/run.c
@ -60,14 +60,14 @@ serverRun(Server this)
 			}
 		}

-		// /**
-		//  * handle accept SSL
-		//  */
-		// if (0 != ((this->fds)[1].revents & POLLIN)) {
-		// 	if (-1 == serverHandleAccept(this, 1)) {
-		// 		events--;
-		// 	}
-		// }
+		/**
+		 * handle accept SSL
+		 */
+		if (0 != ((this->fds)[1].revents & POLLIN)) {
+			if (-1 == serverHandleAccept(this, 1)) {
+				events--;
+			}
+		}

 		for (i=2; i < this->nfds; i++) {
 			/**
--- a/src/server/server.c
+++ b/src/server/server.c
@ -74,30 +74,30 @@ serverCtor(void * _this, va_list * params)
 	flags      = fcntl(this->sock->handle, F_GETFL, 0);
 	fcntl(this->sock->handle, F_SETFL, flags | O_NONBLOCK);

-	// this->sockSSL = new(Sock, this->logger, port+1);
-	// flags         = fcntl(this->sockSSL->handle, F_GETFL, 0);
-	// fcntl(this->sockSSL->handle, F_SETFL, flags | O_NONBLOCK);
-
-	// SSL_library_init();
-	// SSL_load_error_strings();
-	// this->ctx = SSL_CTX_new(SSLv23_server_method());
-	// SSL_CTX_use_certificate_file(
-	// 		this->ctx,
-	// 		"./certs/server.crt",
-	// 		SSL_FILETYPE_PEM);
-
-	// SSL_CTX_use_RSAPrivateKey_file(
-	// 		this->ctx,
-	// 		"./certs/server.key",
-	// 		SSL_FILETYPE_PEM);
+	this->sockSSL = new(Sock, this->logger, port+1);
+	flags         = fcntl(this->sockSSL->handle, F_GETFL, 0);
+	fcntl(this->sockSSL->handle, F_SETFL, flags | O_NONBLOCK);
+
+	SSL_library_init();
+	SSL_load_error_strings();
+	this->ctx = SSL_CTX_new(SSLv23_server_method());
+	SSL_CTX_use_certificate_file(
+			this->ctx,
+			"./certs/server.crt",
+			SSL_FILETYPE_PEM);
+
+	SSL_CTX_use_RSAPrivateKey_file(
+			this->ctx,
+			"./certs/server.key",
+			SSL_FILETYPE_PEM);

 	socketListen(this->sock, backlog);
-	// socketListen(this->sockSSL, backlog);
+	socketListen(this->sockSSL, backlog);

 	(this->fds)[0].fd     = this->sock->handle;
 	(this->fds)[0].events = POLLIN;
-	// (this->fds)[1].fd     = this->sockSSL->handle;
-	// (this->fds)[1].events = POLLIN;
+	(this->fds)[1].fd     = this->sockSSL->handle;
+	(this->fds)[1].events = POLLIN;
 	this->nfds = 2;

 	return 0;
@ -111,9 +111,8 @@ serverDtor(void * _this)
    int    i;

    for (i=0; i<this->nfds; i++) {
-		//if (this->sock->handle != (this->fds)[i].fd &&
-		//		this->sockSSL->handle != (this->fds)[i].fd) {
-		if (this->sock->handle != (this->fds)[i].fd) {
+		if (this->sock->handle != (this->fds)[i].fd &&
+				this->sockSSL->handle != (this->fds)[i].fd) {
 			serverCloseConn(this, i);
 		}
    }
@ -122,10 +121,10 @@ serverDtor(void * _this)
 	MEM_FREE(this->conns);

 	delete(this->sock);
-	// delete(this->sockSSL);
+	delete(this->sockSSL);

-	// SSL_CTX_free(this->ctx);
-	// ERR_free_strings();
+	SSL_CTX_free(this->ctx);
+	ERR_free_strings();
 }

 INIT_IFACE(Class, serverCtor, serverDtor, NULL);
--- a/src/stream/read.c
+++ b/src/stream/read.c
@ -24,7 +24,13 @@
 #include <unistd.h>
 #include <errno.h>

+#include <openssl/err.h>
+
 #include "stream.h"
+#include "logger.h"
+
+extern Logger logger;
+

 ssize_t
 streamRead(Stream this, void * buf, size_t count)
@ -60,6 +66,29 @@ streamRead(Stream this, void * buf, size_t count)

 		case STREAM_SSL:
 			done = SSL_read((this->handle).ssl, buf, count);
+
+			if (0 > done) {
+				switch (SSL_get_error((this->handle).ssl, done)) {
+					case SSL_ERROR_SSL:
+					case SSL_ERROR_SYSCALL:
+						{
+							unsigned long err;
+
+							while (0 != (err = ERR_get_error())) {
+								loggerLog(
+										logger,
+										LOGGER_DEBUG,
+										ERR_error_string(err, NULL));
+							}
+						}
+						// DROP THROUGH
+
+					case SSL_ERROR_ZERO_RETURN:
+						done = -2;
+						break;
+				}
+			}
+
 			break;

 		default:
--- a/src/taskrambler.c
+++ b/src/taskrambler.c
@ -56,6 +56,8 @@ void nullhandler() {}

 void daemonize(void);

+Logger logger;
+
 int
 main()
 {
@ -132,7 +134,6 @@ main()

 		default:
 			{
-				Logger     logger;
 				AuthLdap   auth;
 				HttpWorker worker;
 				Server     server;