1
2
3
4
5
6
7
8
9
10
11
12
13
|
/*
* Copyright (C) 1997-2000 Matt Newman <[email protected]>
* Copyright (C) 2000 Ajuba Solutions
*
* $Header: /home/rkeene/tmp/cvs2fossil/../tcltls/tls/tls/tlsIO.c,v 1.19 2015/06/06 09:07:08 apnadkarni Exp $
*
* TLS (aka SSL) Channel - can be layered on any bi-directional
* Tcl_Channel (Note: Requires Trf Core Patch)
*
* This was built from scratch based upon observation of OpenSSL 0.9.2B
*
* Addition credit is due for Andreas Kupries ([email protected]), for
* providing the Tcl_ReplaceChannel mechanism and working closely with me
|
<
<
|
1
2
3
4
5
6
7
8
9
10
11
|
/*
* Copyright (C) 1997-2000 Matt Newman <[email protected]>
* Copyright (C) 2000 Ajuba Solutions
*
* TLS (aka SSL) Channel - can be layered on any bi-directional
* Tcl_Channel (Note: Requires Trf Core Patch)
*
* This was built from scratch based upon observation of OpenSSL 0.9.2B
*
* Addition credit is due for Andreas Kupries ([email protected]), for
* providing the Tcl_ReplaceChannel mechanism and working closely with me
|
︙ | | | ︙ | |
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
|
*/
static int
TlsCloseProc(ClientData instanceData, /* The socket to close. */
Tcl_Interp *interp) /* For error reporting - unused. */
{
State *statePtr = (State *) instanceData;
dprintf(stderr,"\nTlsCloseProc(0x%x)", (unsigned int) statePtr);
if (channelTypeVersion == TLS_CHANNEL_VERSION_1) {
/*
* Remove event handler to underlying channel, this could
* be because we are closing for real, or being "unstacked".
*/
|
|
|
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
|
*/
static int
TlsCloseProc(ClientData instanceData, /* The socket to close. */
Tcl_Interp *interp) /* For error reporting - unused. */
{
State *statePtr = (State *) instanceData;
dprintf(stderr,"\nTlsCloseProc(%p)", (void *) statePtr);
if (channelTypeVersion == TLS_CHANNEL_VERSION_1) {
/*
* Remove event handler to underlying channel, this could
* be because we are closing for real, or being "unstacked".
*/
|
︙ | | | ︙ | |
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
|
int *errorCodePtr) /* Where to store error code. */
{
State *statePtr = (State *) instanceData;
int written, err;
*errorCodePtr = 0;
dprintf(stderr,"\nBIO_write(0x%x, %d)", (unsigned int) statePtr, toWrite);
if (statePtr->flags & TLS_TCL_CALLBACK) {
/* don't process any bytes while verify callback is running */
written = -1;
*errorCodePtr = EAGAIN;
goto output;
}
|
|
|
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
|
int *errorCodePtr) /* Where to store error code. */
{
State *statePtr = (State *) instanceData;
int written, err;
*errorCodePtr = 0;
dprintf(stderr,"\nBIO_write(%p, %d)", (void *) statePtr, toWrite);
if (statePtr->flags & TLS_TCL_CALLBACK) {
/* don't process any bytes while verify callback is running */
written = -1;
*errorCodePtr = EAGAIN;
goto output;
}
|
︙ | | | ︙ | |
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
|
* Alternatively, we may want to handle the <0 return codes from
* BIO_write specially (as advised in the RSA docs). TLS's lower level
* BIO functions play with the retry flags though, and this seems to
* work correctly. Similar fix in TlsInputProc. - hobbs
*/
ERR_clear_error();
written = BIO_write(statePtr->bio, buf, toWrite);
dprintf(stderr,"\nBIO_write(0x%x, %d) -> [%d]",
(unsigned int) statePtr, toWrite, written);
}
if (written <= 0) {
switch ((err = SSL_get_error(statePtr->ssl, written))) {
case SSL_ERROR_NONE:
if (written < 0) {
written = 0;
}
|
|
|
|
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
|
* Alternatively, we may want to handle the <0 return codes from
* BIO_write specially (as advised in the RSA docs). TLS's lower level
* BIO functions play with the retry flags though, and this seems to
* work correctly. Similar fix in TlsInputProc. - hobbs
*/
ERR_clear_error();
written = BIO_write(statePtr->bio, buf, toWrite);
dprintf(stderr,"\nBIO_write(%p, %d) -> [%d]",
(void *) statePtr, toWrite, written);
}
if (written <= 0) {
switch ((err = SSL_get_error(statePtr->ssl, written))) {
case SSL_ERROR_NONE:
if (written < 0) {
written = 0;
}
|
︙ | | | ︙ | |
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
|
int
Tls_WaitForConnect( statePtr, errorCodePtr)
State *statePtr;
int *errorCodePtr; /* Where to store error code. */
{
int err;
dprintf(stderr,"\nWaitForConnect(0x%x)", (unsigned int) statePtr);
if (statePtr->flags & TLS_TCL_HANDSHAKE_FAILED) {
/*
* We choose ECONNRESET over ECONNABORTED here because some server
* side code, on the wiki for example, sets up a read handler that
* does a read and if eof closes the channel. There is no catch/try
* around the reads so exceptions will result in potentially many
|
|
|
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
|
int
Tls_WaitForConnect( statePtr, errorCodePtr)
State *statePtr;
int *errorCodePtr; /* Where to store error code. */
{
int err;
dprintf(stderr,"\nWaitForConnect(%p)", (void *) statePtr);
if (statePtr->flags & TLS_TCL_HANDSHAKE_FAILED) {
/*
* We choose ECONNRESET over ECONNABORTED here because some server
* side code, on the wiki for example, sets up a read handler that
* does a read and if eof closes the channel. There is no catch/try
* around the reads so exceptions will result in potentially many
|
︙ | | | ︙ | |