Skip to content

Commit

Permalink
fix: Add compatibility with Mbed TLS 3.0.0
Browse files Browse the repository at this point in the history
sync github.com/zhaojh329/ssl

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
  • Loading branch information
zhaojh329 committed May 4, 2024
1 parent 69fbd88 commit 870a075
Show file tree
Hide file tree
Showing 4 changed files with 21 additions and 16 deletions.
12 changes: 6 additions & 6 deletions src/http.c
Original file line number Diff line number Diff line change
Expand Up @@ -87,11 +87,11 @@ static int ssl_negotiated(struct http_connection *conn)
int ret;

ret = ssl_connect(conn->ssl, NULL, NULL);
if (ret == SSL_PENDING)
if (ret == SSL_WANT_READ || ret == SSL_WANT_WRITE)
return 0;

if (ret == SSL_ERROR) {
log_err("ssl connect error: %s\n", ssl_last_error_string(err_buf, sizeof(err_buf)));
log_err("ssl connect error: %s\n", ssl_last_error_string(conn->ssl, err_buf, sizeof(err_buf)));
return -1;
}

Expand Down Expand Up @@ -121,10 +121,10 @@ static void on_net_read(struct ev_loop *loop, struct ev_io *w, int revents)

ret = ssl_read(conn->ssl, buf, sizeof(buf));
if (ret == SSL_ERROR) {
log_err("ssl_read: %s\n", ssl_last_error_string(err_buf, sizeof(err_buf)));
log_err("ssl_read: %s\n", ssl_last_error_string(conn->ssl, err_buf, sizeof(err_buf)));
goto done;
}
if (ret == SSL_PENDING)
if (ret == SSL_WANT_READ || ret == SSL_WANT_WRITE)
return;

} else {
Expand Down Expand Up @@ -164,11 +164,11 @@ static void on_net_write(struct ev_loop *loop, struct ev_io *w, int revents)

ret = ssl_write(conn->ssl, buffer_data(b), buffer_length(b));
if (ret == SSL_ERROR) {
log_err("ssl_write: %s\n", ssl_last_error_string(err_buf, sizeof(err_buf)));
log_err("ssl_write: %s\n", ssl_last_error_string(conn->ssl, err_buf, sizeof(err_buf)));
goto err;
}

if (ret == SSL_PENDING)
if (ret == SSL_WANT_READ || ret == SSL_WANT_WRITE)
return;

buffer_pull(b, NULL, ret);
Expand Down
6 changes: 3 additions & 3 deletions src/main.c
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ static void load_default_ca_cert(struct ssl_context *ctx)
glob("/etc/ssl/certs/*.crt", 0, NULL, &gl);

for (i = 0; i < gl.gl_pathc; i++)
ssl_load_ca_crt_file(ctx, gl.gl_pathv[i]);
ssl_load_ca_cert_file(ctx, gl.gl_pathv[i]);

globfree(&gl);
}
Expand Down Expand Up @@ -163,7 +163,7 @@ int main(int argc, char **argv)
rtty.ssl_on = true;
break;
case 'C':
if (ssl_load_ca_crt_file(rtty.ssl_ctx, optarg)) {
if (ssl_load_ca_cert_file(rtty.ssl_ctx, optarg)) {
log_err("load ca certificate file fail\n");
return -1;
}
Expand All @@ -174,7 +174,7 @@ int main(int argc, char **argv)
ssl_set_require_validation(rtty.ssl_ctx, false);
break;
case 'c':
if (ssl_load_crt_file(rtty.ssl_ctx, optarg)) {
if (ssl_load_cert_file(rtty.ssl_ctx, optarg)) {
log_err("load certificate file fail\n");
return -1;
}
Expand Down
17 changes: 11 additions & 6 deletions src/rtty.c
Original file line number Diff line number Diff line change
Expand Up @@ -480,11 +480,16 @@ static int ssl_negotiated(struct rtty *rtty)
int ret;

ret = ssl_connect(rtty->ssl, on_ssl_verify_error, &valid_cert);
if (ret == SSL_PENDING)
if (ret == SSL_WANT_READ)
return 0;

if (ret == SSL_WANT_WRITE) {
ev_io_start(rtty->loop, &rtty->iow);
return 0;
}

if (ret == SSL_ERROR) {
log_err("ssl connect error: %s\n", ssl_last_error_string(err_buf, sizeof(err_buf)));
log_err("ssl connect error: %s\n", ssl_last_error_string(rtty->ssl, err_buf, sizeof(err_buf)));
return -1;
}

Expand All @@ -504,11 +509,11 @@ static int rtty_ssl_read(int fd, void *buf, size_t count, void *arg)

ret = ssl_read(rtty->ssl, buf, count);
if (ret == SSL_ERROR) {
log_err("ssl_read: %s\n", ssl_last_error_string(err_buf, sizeof(err_buf)));
log_err("ssl_read: %s\n", ssl_last_error_string(rtty->ssl, err_buf, sizeof(err_buf)));
return P_FD_ERR;
}

if (ret == SSL_PENDING)
if (ret == SSL_WANT_READ || ret == SSL_WANT_WRITE)
return P_FD_PENDING;

return ret;
Expand Down Expand Up @@ -580,11 +585,11 @@ static void on_net_write(struct ev_loop *loop, struct ev_io *w, int revents)

ret = ssl_write(rtty->ssl, buffer_data(b), buffer_length(b));
if (ret == SSL_ERROR) {
log_err("ssl_write: %s\n", ssl_last_error_string(err_buf, sizeof(err_buf)));
log_err("ssl_write: %s\n", ssl_last_error_string(rtty->ssl, err_buf, sizeof(err_buf)));
goto err;
}

if (ret == SSL_PENDING)
if (ret == SSL_WANT_READ || ret == SSL_WANT_WRITE)
return;

buffer_pull(b, NULL, ret);
Expand Down
2 changes: 1 addition & 1 deletion src/ssl
Submodule ssl updated 9 files
+2 βˆ’4 CMakeLists.txt
+32 βˆ’26 example-client.c
+35 βˆ’28 example-server.c
+21 βˆ’0 example.crt
+91 βˆ’0 example.h
+28 βˆ’0 example.key
+73 βˆ’111 mbedtls.c
+82 βˆ’91 openssl.c
+19 βˆ’32 ssl.h

0 comments on commit 870a075

Please sign in to comment.