From 27c665639811574e9d0e737938e1688fd171c1cf Mon Sep 17 00:00:00 2001
From: Sergey Lyubka <valenok@gmail.com>
Date: Tue, 4 Mar 2014 13:23:40 +0000
Subject: [PATCH] SSL_accept fixes
---
mongoose.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/mongoose.c b/mongoose.c
index 1293719db..96227ac41 100644
--- a/mongoose.c
+++ b/mongoose.c
@@ -658,7 +658,7 @@ static void ns_read_from_socket(struct ns_connection *conn) {
int ssl_err = SSL_get_error(conn->ssl, res);
DBG(("%p res %d %d", conn, res, ssl_err));
if (res == 1) {
- conn->flags |= NSF_SSL_HANDSHAKE_DONE;
+ conn->flags = NSF_SSL_HANDSHAKE_DONE;
} else if (res == 0 || ssl_err == 2 || ssl_err == 3) {
return; // Call us again
} else {
@@ -680,8 +680,15 @@ static void ns_read_from_socket(struct ns_connection *conn) {
if (conn->flags & NSF_SSL_HANDSHAKE_DONE) {
n = SSL_read(conn->ssl, buf, sizeof(buf));
} else {
- if (SSL_accept(conn->ssl) == 1) {
+ int res = SSL_accept(conn->ssl);
+ int ssl_err = SSL_get_error(conn->ssl, res);
+ DBG(("%p res %d %d", conn, res, ssl_err));
+ if (res == 1) {
conn->flags |= NSF_SSL_HANDSHAKE_DONE;
+ } else if (res == 0 || ssl_err == 2 || ssl_err == 3) {
+ return; // Call us again
+ } else {
+ conn->flags |= NSF_CLOSE_IMMEDIATELY;
}
return;
}
@@ -842,10 +849,6 @@ struct ns_connection *ns_connect(struct ns_server *server, const char *host,
struct ns_connection *conn = NULL;
int connect_ret_val;
-#ifndef NS_ENABLE_SSL
- if (use_ssl) return 0;
-#endif
-
if (host == NULL || (he = gethostbyname(host)) == NULL ||
(sock = socket(AF_INET, SOCK_STREAM, 0)) == INVALID_SOCKET) {
DBG(("gethostbyname(%s) failed: %s", host, strerror(errno)));
@@ -859,6 +862,7 @@ struct ns_connection *ns_connect(struct ns_server *server, const char *host,
connect_ret_val = connect(sock, (struct sockaddr *) &sin, sizeof(sin));
if (ns_is_error(connect_ret_val)) {
+ closesocket(sock);
return NULL;
} else if ((conn = (struct ns_connection *)
NS_MALLOC(sizeof(*conn))) == NULL) {
--
GitLab