401 Connection *conn = malloc(sizeof(Connection)); |
401 Connection *conn = malloc(sizeof(Connection)); |
402 conn->address = ca; |
402 conn->address = ca; |
403 conn->fd = clientfd; |
403 conn->fd = clientfd; |
404 conn->listener = ls; |
404 conn->listener = ls; |
405 if(ls->ssl) { |
405 if(ls->ssl) { |
|
406 // SSL connections are always non-blocking |
|
407 // set socket non blocking |
|
408 int flags; |
|
409 if((flags = fcntl(conn->fd, F_GETFL, 0)) == -1) { |
|
410 flags = 0; |
|
411 } |
|
412 if(fcntl(conn->fd, F_SETFL, flags | O_NONBLOCK)) { |
|
413 perror("Error: acceptor_thread: fcntl"); |
|
414 // TODO: error |
|
415 } |
|
416 |
406 SSL *ssl = SSL_new(ls->ssl->sslctx); |
417 SSL *ssl = SSL_new(ls->ssl->sslctx); |
407 SSL_set_fd(ssl, clientfd); |
418 SSL_set_fd(ssl, clientfd); |
408 int ssl_ar = SSL_accept(ssl); |
419 |
409 if(ssl_ar <= 0) { |
420 conn->ssl = ssl; |
410 int error = SSL_get_error(ssl, ssl_ar); |
421 conn->read = connection_ssl_read; |
411 char *errstr; |
422 conn->write = connection_ssl_write; |
412 switch(error) { |
423 conn->close = connection_ssl_close; |
413 default: errstr = "unknown"; break; |
|
414 case SSL_ERROR_ZERO_RETURN: errstr = "SSL_ERROR_ZERO_RETURN"; break; |
|
415 case SSL_ERROR_WANT_READ: errstr = "SSL_ERROR_WANT_READ"; break; |
|
416 case SSL_ERROR_WANT_WRITE: errstr = "SSL_ERROR_WANT_WRITE"; break; |
|
417 case SSL_ERROR_WANT_CONNECT: errstr = "SSL_ERROR_WANT_CONNECT"; break; |
|
418 case SSL_ERROR_WANT_ACCEPT: errstr = "SSL_ERROR_WANT_ACCEPT"; break; |
|
419 case SSL_ERROR_WANT_X509_LOOKUP: errstr = "SSL_ERROR_WANT_X509_LOOKUP"; break; |
|
420 case SSL_ERROR_SYSCALL: errstr = "SSL_ERROR_SYSCALL"; break; |
|
421 case SSL_ERROR_SSL: errstr = "SSL_ERROR_SSL"; break; |
|
422 } |
|
423 log_ereport(LOG_VERBOSE, "SSL accept error[%d]: %s", error, errstr); |
|
424 free(conn); |
|
425 conn = NULL; |
|
426 system_close(clientfd); |
|
427 } else { |
|
428 conn->ssl = ssl; |
|
429 conn->read = connection_ssl_read; |
|
430 conn->write = connection_ssl_write; |
|
431 conn->close = connection_ssl_close; |
|
432 } |
|
433 } else { |
424 } else { |
434 conn->ssl = NULL; |
425 conn->ssl = NULL; |
435 conn->read = connection_read; |
426 conn->read = connection_read; |
436 conn->write = connection_write; |
427 conn->write = connection_write; |
437 conn->close = connection_close; |
428 conn->close = connection_close; |