summaryrefslogtreecommitdiff
path: root/src/modules
diff options
context:
space:
mode:
authorbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2007-01-28 16:42:30 +0000
committerbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2007-01-28 16:42:30 +0000
commit8703e1b36af0167a8141e7071e386e4bbbfd0331 (patch)
tree4003f3859b966636bca1546a58c6d84f325c94b6 /src/modules
parentb9de69b2dfff8796614e0ff9a2b49612989f73a3 (diff)
Fix this so that it works with outbound connects again.
Also fix it to cope with EAGAIN properly in handshake negotiation without returning 1 from Write() (when nothing was actually written at the upper layer of the transport!) git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@6451 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src/modules')
-rw-r--r--src/modules/extra/m_ssl_gnutls.cpp27
1 files changed, 18 insertions, 9 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 48648425d..4ccf197cc 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -356,10 +356,12 @@ class ModuleSSLGnuTLS : public Module
session->inbuf = new char[inbufsize];
session->inbufoffset = 0;
- gnutls_init(&session->sess, GNUTLS_SERVER);
+ gnutls_init(&session->sess, GNUTLS_CLIENT);
gnutls_set_default_priority(session->sess); // Avoid calling all the priority functions, defaults are adequate.
gnutls_credentials_set(session->sess, GNUTLS_CRD_CERTIFICATE, x509_cred);
+ //TODO: Request server cert here.
+ //gnutls_certificate_request(session->sess, GNUTLS_CERT_REQUEST); // Request server certificate if any.
gnutls_dh_set_prime_bits(session->sess, dh_bits);
gnutls_transport_set_ptr(session->sess, (gnutls_transport_ptr_t) fd); // Give gnutls the fd for the socket.
@@ -476,25 +478,29 @@ class ModuleSSLGnuTLS : public Module
issl_session* session = &sessions[fd];
const char* sendbuffer = buffer;
- if(!session->sess)
+ if (!session->sess)
{
CloseSession(session);
return 1;
}
-
+
+ session->outbuf.append(sendbuffer, count);
+ sendbuffer = session->outbuf.c_str();
+ count = session->outbuf.size();
+
if(session->status == ISSL_HANDSHAKING_WRITE)
{
// The handshake isn't finished, try to finish it.
Handshake(session);
+ errno = EAGAIN;
+ return 0;
}
- session->outbuf.append(sendbuffer, count);
- sendbuffer = session->outbuf.c_str();
- count = session->outbuf.size();
+ int ret = 0;
if(session->status == ISSL_HANDSHAKEN)
{
- int ret = gnutls_record_send(session->sess, sendbuffer, count);
+ ret = gnutls_record_send(session->sess, sendbuffer, count);
if(ret == 0)
CloseSession(session);
@@ -509,7 +515,10 @@ class ModuleSSLGnuTLS : public Module
}
}
- return 1;
+ /* Who's smart idea was it to return 1 when we havent written anything?
+ * This fucks the buffer up in InspSocket :p
+ */
+ return ret < 1 ? 0 : ret;
}
// :kenny.chatspike.net 320 Om Epy|AFK :is a Secure Connection
@@ -555,7 +564,7 @@ class ModuleSSLGnuTLS : public Module
{
int ret = gnutls_handshake(session->sess);
- if(ret < 0)
+ if (ret < 0)
{
if(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)
{