[openssl-commits] [openssl] master update
Dr. Stephen Henson
steve at openssl.org
Sun Sep 20 13:20:38 UTC 2015
The branch master has been updated
via 4e7e623012e1604d985e2ef362c2957d464f3f01 (commit)
via f1c412c9e63f7c9cac2c723bff09cce563dda1b0 (commit)
from 01a4e8764d756e50e8903d53fd4f863aa9646d5f (commit)
- Log -----------------------------------------------------------------
commit 4e7e623012e1604d985e2ef362c2957d464f3f01
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Sat Sep 12 02:37:48 2015 +0100
Make SRP work with -www
PR#3817
Reviewed-by: Rich Salz <rsalz at openssl.org>
commit f1c412c9e63f7c9cac2c723bff09cce563dda1b0
Author: Dr. Stephen Henson <steve at openssl.org>
Date: Sun Sep 13 19:04:58 2015 +0100
Handle SSL_ERROR_WANT_X509_LOOKUP
Reviewed-by: Rich Salz <rsalz at openssl.org>
-----------------------------------------------------------------------
Summary of changes:
apps/s_server.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
ssl/bio_ssl.c | 4 ++++
2 files changed, 49 insertions(+)
diff --git a/apps/s_server.c b/apps/s_server.c
index 8e15f5b..bd38373 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2601,6 +2601,21 @@ static int www_body(char *hostname, int s, int stype, unsigned char *context)
goto err;
} else {
BIO_printf(bio_s_out, "read R BLOCK\n");
+#ifndef OPENSSL_NO_SRP
+ if (BIO_should_io_special(io)
+ && BIO_get_retry_reason(io) == BIO_RR_SSL_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP renego during read\n");
+ srp_callback_parm.user =
+ SRP_VBASE_get_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ continue;
+ }
+#endif
#if defined(OPENSSL_SYS_NETWARE)
delay(1000);
#elif !defined(OPENSSL_SYS_MSDOS)
@@ -2941,6 +2956,21 @@ static int rev_body(char *hostname, int s, int stype, unsigned char *context)
ERR_print_errors(bio_err);
goto end;
}
+#ifndef OPENSSL_NO_SRP
+ if (BIO_should_io_special(io)
+ && BIO_get_retry_reason(io) == BIO_RR_SSL_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP renego during accept\n");
+ srp_callback_parm.user =
+ SRP_VBASE_get_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ continue;
+ }
+#endif
}
BIO_printf(bio_err, "CONNECTION ESTABLISHED\n");
print_ssl_summary(con);
@@ -2954,6 +2984,21 @@ static int rev_body(char *hostname, int s, int stype, unsigned char *context)
goto err;
} else {
BIO_printf(bio_s_out, "read R BLOCK\n");
+#ifndef OPENSSL_NO_SRP
+ if (BIO_should_io_special(io)
+ && BIO_get_retry_reason(io) == BIO_RR_SSL_X509_LOOKUP) {
+ BIO_printf(bio_s_out, "LOOKUP renego during read\n");
+ srp_callback_parm.user =
+ SRP_VBASE_get_by_user(srp_callback_parm.vb,
+ srp_callback_parm.login);
+ if (srp_callback_parm.user)
+ BIO_printf(bio_s_out, "LOOKUP done %s\n",
+ srp_callback_parm.user->info);
+ else
+ BIO_printf(bio_s_out, "LOOKUP not successful\n");
+ continue;
+ }
+#endif
#if defined(OPENSSL_SYS_NETWARE)
delay(1000);
#elif !defined(OPENSSL_SYS_MSDOS)
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
index 639b105..a8260c9 100644
--- a/ssl/bio_ssl.c
+++ b/ssl/bio_ssl.c
@@ -407,6 +407,10 @@ static long ssl_ctrl(BIO *b, int cmd, long num, void *ptr)
BIO_set_flags(b, BIO_FLAGS_IO_SPECIAL | BIO_FLAGS_SHOULD_RETRY);
b->retry_reason = b->next_bio->retry_reason;
break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_set_retry_special(b);
+ b->retry_reason = BIO_RR_SSL_X509_LOOKUP;
+ break;
default:
break;
}
More information about the openssl-commits
mailing list