kore

An easy to use, scalable and secure web application framework for writing web APIs in C.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git

commit 96641d3caa05f350286dd9b9ea343382a0ed01a2
parent 0dcd6087cf3a7669ac49fbacdc2e4dbb3bab8833
Author: Joris Vink <joris@coders.se>
Date:   Mon, 18 Jan 2016 11:27:49 +0100

Merge branch 'master' of /opt/git/kore

Diffstat:
conf/kore.conf.example | 3+--
src/net.c | 30++++++++++++++++++++++++++++++
2 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/conf/kore.conf.example b/conf/kore.conf.example @@ -110,8 +110,7 @@ validator v_session function v_session_validate # Specify the TLS ciphers that will be used. #tls_cipher ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!kRSA:!kDSA -# If you wish to use EDH / ECDH specify a file containing -# a generated DH key (See OpenSSL dhparam). +# Required DH parameters for TLS. #tls_dhparam dh2048.pem # Authentication configuration diff --git a/src/net.c b/src/net.c @@ -286,6 +286,19 @@ net_write_ssl(struct connection *c, int len, int *written) c->snb->flags |= NETBUF_MUST_RESEND; c->flags &= ~CONN_WRITE_POSSIBLE; return (KORE_RESULT_OK); + case SSL_ERROR_SYSCALL: + switch (errno) { + case EINTR: + *written = 0; + return (KORE_RESULT_OK); + case EAGAIN: + c->snb->flags |= NETBUF_MUST_RESEND; + c->flags &= ~CONN_WRITE_POSSIBLE; + return (KORE_RESULT_OK); + default: + break; + } + /* FALLTHROUGH */ default: kore_debug("SSL_write(): %s", ssl_errno_s); return (KORE_RESULT_ERROR); @@ -314,6 +327,19 @@ net_read_ssl(struct connection *c, int *bytes) case SSL_ERROR_WANT_WRITE: c->flags &= ~CONN_READ_POSSIBLE; return (KORE_RESULT_OK); + case SSL_ERROR_SYSCALL: + switch (errno) { + case EINTR: + *bytes = 0; + return (KORE_RESULT_OK); + case EAGAIN: + c->snb->flags |= NETBUF_MUST_RESEND; + c->flags &= ~CONN_WRITE_POSSIBLE; + return (KORE_RESULT_OK); + default: + break; + } + /* FALLTHROUGH */ default: kore_debug("SSL_read(): %s", ssl_errno_s); return (KORE_RESULT_ERROR); @@ -334,6 +360,8 @@ net_write(struct connection *c, int len, int *written) if (r <= -1) { switch (errno) { case EINTR: + *written = 0; + return (KORE_RESULT_OK); case EAGAIN: c->flags &= ~CONN_WRITE_POSSIBLE; return (KORE_RESULT_OK); @@ -357,6 +385,8 @@ net_read(struct connection *c, int *bytes) if (r <= 0) { switch (errno) { case EINTR: + *bytes = 0; + return (KORE_RESULT_OK); case EAGAIN: c->flags &= ~CONN_READ_POSSIBLE; return (KORE_RESULT_OK);