checked SSL support, the only thing that was really broken was the error handling while reading data... well maybe writing has also bugs, but it works.

src/server/run.c

@@ -60,14 +60,14 @@ serverRun(Server this)
 			}
 		}
 
-		// /**
-		//  * handle accept SSL
-		//  */
-		// if (0 != ((this->fds)[1].revents & POLLIN)) {
-		// 	if (-1 == serverHandleAccept(this, 1)) {
-		// 		events--;
-		// 	}
-		// }
+		/**
+		 * handle accept SSL
+		 */
+		if (0 != ((this->fds)[1].revents & POLLIN)) {
+			if (-1 == serverHandleAccept(this, 1)) {
+				events--;
+			}
+		}
 
 		for (i=2; i < this->nfds; i++) {
 			/**

src/server/server.c

@@ -74,30 +74,30 @@ serverCtor(void * _this, va_list * params)
 	flags      = fcntl(this->sock->handle, F_GETFL, 0);
 	fcntl(this->sock->handle, F_SETFL, flags | O_NONBLOCK);
 
-	// this->sockSSL = new(Sock, this->logger, port+1);
-	// flags         = fcntl(this->sockSSL->handle, F_GETFL, 0);
-	// fcntl(this->sockSSL->handle, F_SETFL, flags | O_NONBLOCK);
-
-	// SSL_library_init();
-	// SSL_load_error_strings();
-	// this->ctx = SSL_CTX_new(SSLv23_server_method());
-	// SSL_CTX_use_certificate_file(
-	// 		this->ctx,
-	// 		"./certs/server.crt",
-	// 		SSL_FILETYPE_PEM);
-
-	// SSL_CTX_use_RSAPrivateKey_file(
-	// 		this->ctx,
-	// 		"./certs/server.key",
-	// 		SSL_FILETYPE_PEM);
+	this->sockSSL = new(Sock, this->logger, port+1);
+	flags         = fcntl(this->sockSSL->handle, F_GETFL, 0);
+	fcntl(this->sockSSL->handle, F_SETFL, flags | O_NONBLOCK);
+
+	SSL_library_init();
+	SSL_load_error_strings();
+	this->ctx = SSL_CTX_new(SSLv23_server_method());
+	SSL_CTX_use_certificate_file(
+			this->ctx,
+			"./certs/server.crt",
+			SSL_FILETYPE_PEM);
+
+	SSL_CTX_use_RSAPrivateKey_file(
+			this->ctx,
+			"./certs/server.key",
+			SSL_FILETYPE_PEM);
 
 	socketListen(this->sock, backlog);
-	// socketListen(this->sockSSL, backlog);
+	socketListen(this->sockSSL, backlog);
 
 	(this->fds)[0].fd     = this->sock->handle;
 	(this->fds)[0].events = POLLIN;
-	// (this->fds)[1].fd     = this->sockSSL->handle;
-	// (this->fds)[1].events = POLLIN;
+	(this->fds)[1].fd     = this->sockSSL->handle;
+	(this->fds)[1].events = POLLIN;
 	this->nfds = 2;
 
 	return 0;
@@ -111,9 +111,8 @@ serverDtor(void * _this)
     int    i;
 
     for (i=0; i<this->nfds; i++) {
-		//if (this->sock->handle != (this->fds)[i].fd &&
-		//		this->sockSSL->handle != (this->fds)[i].fd) {
-		if (this->sock->handle != (this->fds)[i].fd) {
+		if (this->sock->handle != (this->fds)[i].fd &&
+				this->sockSSL->handle != (this->fds)[i].fd) {
 			serverCloseConn(this, i);
 		}
     }
@@ -122,10 +121,10 @@ serverDtor(void * _this)
 	MEM_FREE(this->conns);
 
 	delete(this->sock);
-	// delete(this->sockSSL);
+	delete(this->sockSSL);
 
-	// SSL_CTX_free(this->ctx);
-	// ERR_free_strings();
+	SSL_CTX_free(this->ctx);
+	ERR_free_strings();
 }
 
 INIT_IFACE(Class, serverCtor, serverDtor, NULL);

src/stream/read.c

@@ -24,7 +24,13 @@
 #include <unistd.h>
 #include <errno.h>
 
+#include <openssl/err.h>
+
 #include "stream.h"
+#include "logger.h"
+
+extern Logger logger;
+
 
 ssize_t
 streamRead(Stream this, void * buf, size_t count)
@@ -60,6 +66,29 @@ streamRead(Stream this, void * buf, size_t count)
 
 		case STREAM_SSL:
 			done = SSL_read((this->handle).ssl, buf, count);
+
+			if (0 > done) {
+				switch (SSL_get_error((this->handle).ssl, done)) {
+					case SSL_ERROR_SSL:
+					case SSL_ERROR_SYSCALL:
+						{
+							unsigned long err;
+
+							while (0 != (err = ERR_get_error())) {
+								loggerLog(
+										logger,
+										LOGGER_DEBUG,
+										ERR_error_string(err, NULL));
+							}
+						}
+						// DROP THROUGH
+
+					case SSL_ERROR_ZERO_RETURN:
+						done = -2;
+						break;
+				}
+			}
+
 			break;
 
 		default:

src/taskrambler.c

@@ -56,6 +56,8 @@ void nullhandler() {}
 
 void daemonize(void);
 
+Logger logger;
+
 int
 main()
 {
@@ -132,7 +134,6 @@ main()
 
 		default:
 			{
-				Logger     logger;
 				AuthLdap   auth;
 				HttpWorker worker;
 				Server     server;