Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Cherrypicked [5fd1ca6f] (was checked in to wrong branch). |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
8d456a5b772edadd2adefaad8da9d6c0 |
| User & Date: | stephan 2022-01-15 13:58:01 |
Context
|
2022-01-16
| ||
| 01:34 | Show the value of SERVER_SOFTWARE on the /test_env page. ... (check-in: f1729c47 user: drh tags: trunk) | |
|
2022-01-15
| ||
| 13:58 | Cherrypicked [5fd1ca6f] (was checked in to wrong branch). ... (check-in: 8d456a5b user: stephan tags: trunk) | |
| 13:54 | In standalone TLS mode, SSL_read() must be performed in a loop to avoid truncated POST data. Discussed in althttpd forum post 11c263b822fde80d. ... (check-in: 5fd1ca6f user: stephan tags: markdown-tagrefs) | |
| 07:15 | fix formatting style as per https://fossil-scm.org/forum/forumpost/a711fb4fa0 ... (check-in: 9769c4f7 user: rdb tags: trunk) | |
Changes
Changes to src/http_ssl.c.
| ︙ | ︙ | |||
748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 |
}
}
typedef struct SslServerConn {
SSL *ssl; /* The SSL codec */
int atEof; /* True when EOF reached. */
int iSocket; /* The socket */
} SslServerConn;
/*
** Create a new server-side codec. The argument is the socket's file
** descriptor from which the codec reads and writes. The returned
** memory must eventually be passed to ssl_close_server().
*/
void *ssl_new_server(int iSocket){
SslServerConn *pServer = fossil_malloc_zero(sizeof(*pServer));
BIO *b = BIO_new_socket(iSocket, 0);
pServer->ssl = SSL_new(sslCtx);
pServer->atEof = 0;
pServer->iSocket = iSocket;
SSL_set_bio(pServer->ssl, b, b);
SSL_accept(pServer->ssl);
return (void*)pServer;
}
/*
** Close a server-side code previously returned from ssl_new_server().
| > > | 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 |
}
}
typedef struct SslServerConn {
SSL *ssl; /* The SSL codec */
int atEof; /* True when EOF reached. */
int iSocket; /* The socket */
BIO *bio; /* BIO object. Needed for EOF detection. */
} SslServerConn;
/*
** Create a new server-side codec. The argument is the socket's file
** descriptor from which the codec reads and writes. The returned
** memory must eventually be passed to ssl_close_server().
*/
void *ssl_new_server(int iSocket){
SslServerConn *pServer = fossil_malloc_zero(sizeof(*pServer));
BIO *b = BIO_new_socket(iSocket, 0);
pServer->ssl = SSL_new(sslCtx);
pServer->atEof = 0;
pServer->iSocket = iSocket;
pServer->bio = b;
SSL_set_bio(pServer->ssl, b, b);
SSL_accept(pServer->ssl);
return (void*)pServer;
}
/*
** Close a server-side code previously returned from ssl_new_server().
|
| ︙ | ︙ | |||
789 790 791 792 793 794 795 |
}
/*
** Read cleartext bytes that have been received from the client and
** decrypted by the SSL server codec.
*/
size_t ssl_read_server(void *pServerArg, char *zBuf, size_t nBuf){
| | > < > | > | > > > > > > > > | | 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 |
}
/*
** Read cleartext bytes that have been received from the client and
** decrypted by the SSL server codec.
*/
size_t ssl_read_server(void *pServerArg, char *zBuf, size_t nBuf){
int n, err = 0;
size_t rc = 0;
SslServerConn *pServer = (SslServerConn*)pServerArg;
if( nBuf>0x7fffffff ){ fossil_fatal("SSL read too big"); }
while( 0==err && nBuf!=rc && 0==pServer->atEof ){
n = SSL_read(pServer->ssl, zBuf + rc, (int)(nBuf - rc));
if( n==0 ){
pServer->atEof = 1;
break;
}
err = SSL_get_error(pServer->ssl, n);
if(0==err){
rc += n;
pServer->atEof = BIO_eof(pServer->bio);
}
}
return rc;
}
/*
** Read a single line of text from the client.
*/
char *ssl_gets(void *pServerArg, char *zBuf, int nBuf){
int n = 0;
|
| ︙ | ︙ |