Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Replaced the "manual" TLS EOF tracking with BIO_eof(), analog to how is done in althttpd. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
06e300e5bd325792a9a1995a8c6a8feb |
User & Date: | stephan 2022-01-24 06:54:00 |
Context
2022-01-24
| ||
08:23 | Preliminary workaround for Windows-specific SSL_read() behavior described in forum post 2f818850abb72719. Patch tested by Florian (Windows) and myself (Linux). ... (check-in: b890451c user: stephan tags: trunk) | |
06:54 | Replaced the "manual" TLS EOF tracking with BIO_eof(), analog to how is done in althttpd. ... (check-in: 06e300e5 user: stephan tags: trunk) | |
2022-01-23
| ||
20:11 | Diff algorithm is slightly faster and does a better job of dealing with indentation changes in code. See forum thread 7631656a2823338a. ... (check-in: 1cb182ac user: drh tags: trunk) | |
Changes
Changes to src/http_ssl.c.
︙ | ︙ | |||
768 769 770 771 772 773 774 | }else{ assert( sslIsInit==2 ); } } typedef struct SslServerConn { SSL *ssl; /* The SSL codec */ | < < | 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 | }else{ assert( sslIsInit==2 ); } } typedef struct SslServerConn { SSL *ssl; /* The SSL codec */ int iSocket; /* The socket */ BIO *bio; /* BIO object. Needed for EOF detection. */ } SslServerConn; /* ** Create a new server-side codec. The argument is the socket's file ** descriptor from which the codec reads and writes. The returned ** memory must eventually be passed to ssl_close_server(). */ void *ssl_new_server(int iSocket){ SslServerConn *pServer = fossil_malloc_zero(sizeof(*pServer)); BIO *b = BIO_new_socket(iSocket, 0); pServer->ssl = SSL_new(sslCtx); pServer->iSocket = iSocket; pServer->bio = b; SSL_set_bio(pServer->ssl, b, b); SSL_accept(pServer->ssl); return (void*)pServer; } |
︙ | ︙ | |||
805 806 807 808 809 810 811 | /* ** Return TRUE if there are no more bytes available to be read from ** the client. */ int ssl_eof(void *pServerArg){ SslServerConn *pServer = (SslServerConn*)pServerArg; | | > | < < | | | 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 | /* ** Return TRUE if there are no more bytes available to be read from ** the client. */ int ssl_eof(void *pServerArg){ SslServerConn *pServer = (SslServerConn*)pServerArg; return BIO_eof(pServer->bio); } /* ** Read cleartext bytes that have been received from the client and ** decrypted by the SSL server codec. */ size_t ssl_read_server(void *pServerArg, char *zBuf, size_t nBuf){ int n, err = 0; size_t rc = 0; SslServerConn *pServer = (SslServerConn*)pServerArg; if( nBuf>0x7fffffff ){ fossil_fatal("SSL read too big"); } else if( BIO_eof(pServer->bio) ) return 0; while( 0==err && nBuf!=rc ){ n = SSL_read(pServer->ssl, zBuf + rc, (int)(nBuf - rc)); if( n==0 ){ break; } err = SSL_get_error(pServer->ssl, n); if(0==err){ rc += n; }else{ fossil_fatal("SSL read error."); } } return rc; } /* ** Read a single line of text from the client. */ char *ssl_gets(void *pServerArg, char *zBuf, int nBuf){ int n = 0; int i; SslServerConn *pServer = (SslServerConn*)pServerArg; if( BIO_eof(pServer->bio) ) return 0; for(i=0; i<nBuf-1; i++){ n = SSL_read(pServer->ssl, &zBuf[i], 1); if( n<=0 ){ return 0; } if( zBuf[i]=='\n' ) break; } |
︙ | ︙ |