tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bugfixes for the TLS client.

This commit is contained in:
Gunnar Beutner 2012-06-21 12:22:16 +02:00
parent db4fde9554
commit 33c37f4a27
2 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
base/tlsclient.cpp
View File

@ -118,7 +118,9 @@ void TlsClient::ReadableEventHandler(void)
rc = SSL_read(m_SSL.get(), buffer, bufferSize); rc = SSL_read(m_SSL.get(), buffer, bufferSize);
if (rc <= 0) { if (rc <= 0) {
switch (SSL_get_error(m_SSL.get(), rc)) { int error = SSL_get_error(m_SSL.get(), rc);
switch (error) {
case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_WRITE:
m_BlockRead = true; m_BlockRead = true;
/* fall through */ /* fall through */
@ -129,7 +131,7 @@ void TlsClient::ReadableEventHandler(void)
return; return;
default: default:
HandleSocketError(OpenSSLException( HandleSocketError(OpenSSLException(
"SSL_read failed", ERR_get_error())); "SSL_read failed", error));
return; return;
} }
} }
@ -152,7 +154,8 @@ void TlsClient::WritableEventHandler(void)
rc = SSL_write(m_SSL.get(), (const char *)GetSendQueue()->GetReadBuffer(), GetSendQueue()->GetSize()); rc = SSL_write(m_SSL.get(), (const char *)GetSendQueue()->GetReadBuffer(), GetSendQueue()->GetSize());
if (rc <= 0) { if (rc <= 0) {
switch (SSL_get_error(m_SSL.get(), rc)) { int error = SSL_get_error(m_SSL.get(), rc);
switch (error) {
case SSL_ERROR_WANT_READ: case SSL_ERROR_WANT_READ:
m_BlockWrite = true; m_BlockWrite = true;
/* fall through */ /* fall through */
@ -163,7 +166,7 @@ void TlsClient::WritableEventHandler(void)
return; return;
default: default:
HandleSocketError(OpenSSLException( HandleSocketError(OpenSSLException(
"SSL_write failed", ERR_get_error())); "SSL_write failed", error));
return; return;
} }
} }
@ -210,6 +213,7 @@ bool TlsClient::WantsToWrite(void) const
*/ */
void TlsClient::CloseInternal(bool from_dtor) void TlsClient::CloseInternal(bool from_dtor)
{ {
if (m_SSL)
SSL_shutdown(m_SSL.get()); SSL_shutdown(m_SSL.get());
TcpClient::CloseInternal(from_dtor); TcpClient::CloseInternal(from_dtor);
@ -242,9 +246,9 @@ int TlsClient::SSLVerifyCertificate(int ok, X509_STORE_CTX *x509Context)
if (client == NULL) if (client == NULL)
return 0; return 0;
bool valid = false; bool valid = (ok != 0);
shared_ptr<X509> x509Certificate = shared_ptr<X509>(x509Context->cert, &TlsClient::NullCertificateDeleter); shared_ptr<X509> x509Certificate = shared_ptr<X509>(x509Context->cert, &TlsClient::NullCertificateDeleter);
client->OnVerifyCertificate(client->GetSelf(), valid, x509Context, x509Certificate); client->OnVerifyCertificate(client->GetSelf(), &valid, x509Context, x509Certificate);
return valid ? 1 : 0; return valid ? 1 : 0;
} }

2
base/tlsclient.h
View File

@ -41,7 +41,7 @@ public:
virtual bool WantsToRead(void) const; virtual bool WantsToRead(void) const;
virtual bool WantsToWrite(void) const; virtual bool WantsToWrite(void) const;
boost::signal<void (const TlsClient::Ptr&, bool&, X509_STORE_CTX *, const shared_ptr<X509>&)> OnVerifyCertificate; boost::signal<void (const TlsClient::Ptr&, bool *, X509_STORE_CTX *, const shared_ptr<X509>&)> OnVerifyCertificate;
protected: protected:
void HandleSSLError(void); void HandleSSLError(void);