summaryrefslogtreecommitdiff
path: root/src/lib/libtls/tls_server.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libtls/tls_server.c')
-rw-r--r--src/lib/libtls/tls_server.c60
1 files changed, 50 insertions, 10 deletions
diff --git a/src/lib/libtls/tls_server.c b/src/lib/libtls/tls_server.c
index 044678c705..01f9ed3b7f 100644
--- a/src/lib/libtls/tls_server.c
+++ b/src/lib/libtls/tls_server.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: tls_server.c,v 1.25 2016/08/22 14:51:37 jsing Exp $ */ 1/* $OpenBSD: tls_server.c,v 1.26 2016/09/04 12:26:43 bcook Exp $ */
2/* 2/*
3 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> 3 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4 * 4 *
@@ -279,14 +279,8 @@ tls_configure_server(struct tls *ctx)
279 return (-1); 279 return (-1);
280} 280}
281 281
282int 282static struct tls *
283tls_accept_socket(struct tls *ctx, struct tls **cctx, int socket) 283accept_common(struct tls *ctx)
284{
285 return (tls_accept_fds(ctx, cctx, socket, socket));
286}
287
288int
289tls_accept_fds(struct tls *ctx, struct tls **cctx, int fd_read, int fd_write)
290{ 284{
291 struct tls *conn_ctx = NULL; 285 struct tls *conn_ctx = NULL;
292 286
@@ -304,10 +298,34 @@ tls_accept_fds(struct tls *ctx, struct tls **cctx, int fd_read, int fd_write)
304 tls_set_errorx(ctx, "ssl failure"); 298 tls_set_errorx(ctx, "ssl failure");
305 goto err; 299 goto err;
306 } 300 }
301
307 if (SSL_set_app_data(conn_ctx->ssl_conn, conn_ctx) != 1) { 302 if (SSL_set_app_data(conn_ctx->ssl_conn, conn_ctx) != 1) {
308 tls_set_errorx(ctx, "ssl application data failure"); 303 tls_set_errorx(ctx, "ssl application data failure");
309 goto err; 304 goto err;
310 } 305 }
306
307 return conn_ctx;
308
309 err:
310 tls_free(conn_ctx);
311
312 return (NULL);
313}
314
315int
316tls_accept_socket(struct tls *ctx, struct tls **cctx, int socket)
317{
318 return (tls_accept_fds(ctx, cctx, socket, socket));
319}
320
321int
322tls_accept_fds(struct tls *ctx, struct tls **cctx, int fd_read, int fd_write)
323{
324 struct tls *conn_ctx;
325
326 if ((conn_ctx = accept_common(ctx)) == NULL)
327 goto err;
328
311 if (SSL_set_rfd(conn_ctx->ssl_conn, fd_read) != 1 || 329 if (SSL_set_rfd(conn_ctx->ssl_conn, fd_read) != 1 ||
312 SSL_set_wfd(conn_ctx->ssl_conn, fd_write) != 1) { 330 SSL_set_wfd(conn_ctx->ssl_conn, fd_write) != 1) {
313 tls_set_errorx(ctx, "ssl file descriptor failure"); 331 tls_set_errorx(ctx, "ssl file descriptor failure");
@@ -317,10 +335,32 @@ tls_accept_fds(struct tls *ctx, struct tls **cctx, int fd_read, int fd_write)
317 *cctx = conn_ctx; 335 *cctx = conn_ctx;
318 336
319 return (0); 337 return (0);
320
321 err: 338 err:
322 tls_free(conn_ctx); 339 tls_free(conn_ctx);
340 *cctx = NULL;
341
342 return (-1);
343}
344
345int
346tls_accept_cbs(struct tls *ctx, struct tls **cctx,
347 tls_read_cb read_cb, tls_write_cb write_cb, void *cb_arg)
348{
349 struct tls *conn_ctx;
350
351 if ((conn_ctx = accept_common(ctx)) == NULL)
352 goto err;
353
354 if (tls_set_cbs(ctx, read_cb, write_cb, cb_arg) != 0) {
355 tls_set_errorx(ctx, "callback registration failure");
356 goto err;
357 }
358
359 *cctx = conn_ctx;
323 360
361 return (0);
362 err:
363 tls_free(conn_ctx);
324 *cctx = NULL; 364 *cctx = NULL;
325 365
326 return (-1); 366 return (-1);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 14:06:43 +0000