mirror of
https://github.com/3proxy/3proxy.git
synced 2026-01-10 15:12:26 +08:00
Use SSL_connect / SSL_accept in non-blocking mode
Some checks are pending
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Waiting to run
Some checks are pending
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Waiting to run
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Waiting to run
This commit is contained in:
Vladimir Dubrovin
parent
730fd96fb0
commit
d014bb1149
@ -196,14 +196,6 @@ SSL_CONN ssl_handshake_to_server(SOCKET s, char * hostname, SSL_CONFIG *config,
|
|||||||
|
|
||||||
*errSSL = NULL;
|
*errSSL = NULL;
|
||||||
|
|
||||||
/*FIXME: support SSL_ERROR_WANT_(READ|WRITE) */
|
|
||||||
#ifdef _WIN32
|
|
||||||
ul = 0;
|
|
||||||
ioctlsocket(s, FIONBIO, &ul);
|
|
||||||
#else
|
|
||||||
fcntl(s,F_SETFL,0);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
conn = (ssl_conn *)malloc(sizeof(ssl_conn));
|
conn = (ssl_conn *)malloc(sizeof(ssl_conn));
|
||||||
if ( conn == NULL ){
|
if ( conn == NULL ){
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -227,8 +219,28 @@ SSL_CONN ssl_handshake_to_server(SOCKET s, char * hostname, SSL_CONFIG *config,
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
if(hostname && *hostname)SSL_set_tlsext_host_name(conn->ssl, hostname);
|
if(hostname && *hostname)SSL_set_tlsext_host_name(conn->ssl, hostname);
|
||||||
|
|
||||||
|
|
||||||
|
do {
|
||||||
|
struct pollfd fds[1] = {{}};
|
||||||
|
int sslerr;
|
||||||
|
|
||||||
err = SSL_connect(conn->ssl);
|
err = SSL_connect(conn->ssl);
|
||||||
if ( err == -1 ) {
|
if (err != -1) break;
|
||||||
|
sslerr = SSL_get_error(conn->ssl, err);
|
||||||
|
if(sslerr == SSL_ERROR_WANT_READ){
|
||||||
|
fds[0].fd = s;
|
||||||
|
fds[0].events = POLLIN;
|
||||||
|
}
|
||||||
|
else if(sslerr == SSL_ERROR_WANT_WRITE){
|
||||||
|
fds[0].fd = s;
|
||||||
|
fds[0].events = POLLOUT;
|
||||||
|
}
|
||||||
|
else break;
|
||||||
|
if(sso._poll(sso.state, fds, 1, CONNECT_TO*1000) <= 0 || !(fds[0].revents & (POLLOUT|POLLIN))) break;
|
||||||
|
} while (err == -1);
|
||||||
|
|
||||||
|
if ( err != 1 ) {
|
||||||
*errSSL = getSSLErr();
|
*errSSL = getSSLErr();
|
||||||
ssl_conn_free(conn);
|
ssl_conn_free(conn);
|
||||||
return NULL;
|
return NULL;
|
||||||
@ -245,12 +257,6 @@ SSL_CONN ssl_handshake_to_server(SOCKET s, char * hostname, SSL_CONFIG *config,
|
|||||||
*server_cert = cert;
|
*server_cert = cert;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef _WIN32
|
|
||||||
ul = 1;
|
|
||||||
ioctlsocket(s, FIONBIO, &ul);
|
|
||||||
#else
|
|
||||||
fcntl(s,F_SETFL,O_NONBLOCK);
|
|
||||||
#endif
|
|
||||||
return conn;
|
return conn;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -261,15 +267,6 @@ SSL_CONN ssl_handshake_to_client(SOCKET s, SSL_CONFIG *config, X509 *server_cert
|
|||||||
ssl_conn *conn;
|
ssl_conn *conn;
|
||||||
unsigned long ul;
|
unsigned long ul;
|
||||||
|
|
||||||
/*FIXME: support SSL_ERROR_WANT_(READ|WRITE)*/
|
|
||||||
|
|
||||||
#ifdef _WIN32
|
|
||||||
ul = 0;
|
|
||||||
ioctlsocket(s, FIONBIO, &ul);
|
|
||||||
#else
|
|
||||||
fcntl(s,F_SETFL,0);
|
|
||||||
#endif
|
|
||||||
|
|
||||||
|
|
||||||
*errSSL = NULL;
|
*errSSL = NULL;
|
||||||
|
|
||||||
@ -296,28 +293,38 @@ SSL_CONN ssl_handshake_to_client(SOCKET s, SSL_CONFIG *config, X509 *server_cert
|
|||||||
}
|
}
|
||||||
|
|
||||||
SSL_set_fd(conn->ssl, s);
|
SSL_set_fd(conn->ssl, s);
|
||||||
|
|
||||||
|
do {
|
||||||
|
struct pollfd fds[1] = {{}};
|
||||||
|
int sslerr;
|
||||||
|
|
||||||
err = SSL_accept(conn->ssl);
|
err = SSL_accept(conn->ssl);
|
||||||
if ( err <= 0 ) {
|
if (err != -1) break;
|
||||||
|
sslerr = SSL_get_error(conn->ssl, err);
|
||||||
|
if(sslerr == SSL_ERROR_WANT_READ){
|
||||||
|
fds[0].fd = s;
|
||||||
|
fds[0].events = POLLIN;
|
||||||
|
}
|
||||||
|
else if(sslerr == SSL_ERROR_WANT_WRITE){
|
||||||
|
fds[0].fd = s;
|
||||||
|
fds[0].events = POLLOUT;
|
||||||
|
}
|
||||||
|
else break;
|
||||||
|
if(sso._poll(sso.state, fds, 1, CONNECT_TO*1000) <= 0 || !(fds[0].revents & (POLLOUT|POLLIN))) break;
|
||||||
|
} while (err == -1);
|
||||||
|
|
||||||
|
|
||||||
|
if ( err != 1 ) {
|
||||||
*errSSL = getSSLErr();
|
*errSSL = getSSLErr();
|
||||||
ssl_conn_free(conn);
|
ssl_conn_free(conn);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
|
||||||
// client certificate
|
|
||||||
// TODO: is it required?
|
|
||||||
//
|
|
||||||
cert = SSL_get_peer_certificate(conn->ssl);
|
cert = SSL_get_peer_certificate(conn->ssl);
|
||||||
|
|
||||||
if ( cert != NULL )
|
if ( cert != NULL )
|
||||||
X509_free(cert);
|
X509_free(cert);
|
||||||
|
|
||||||
#ifdef _WIN32
|
|
||||||
ul = 1;
|
|
||||||
ioctlsocket(s, FIONBIO, &ul);
|
|
||||||
#else
|
|
||||||
fcntl(s,F_SETFL,O_NONBLOCK);
|
|
||||||
#endif
|
|
||||||
return conn;
|
return conn;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -77,5 +77,5 @@ void _ssl_cert_free(SSL_CERT cert);
|
|||||||
void ssl_init(void);
|
void ssl_init(void);
|
||||||
char * getSSLErr(void);
|
char * getSSLErr(void);
|
||||||
|
|
||||||
|
extern struct sockfuncs sso;
|
||||||
#endif // __my_ssl_h__
|
#endif // __my_ssl_h__
|
||||||
Loading…
Reference in New Issue
Block a user