[JDEV] SSL on FreeBSD

Dirk-Willem van Gulik dirkx at covalent.net
Wed Oct 10 14:49:45 CDT 2001 

On Wed, 10 Oct 2001, Thomas Muldowney wrote:

> Is that against CVS or 1.4.1?

> > To get jabber 1.4.1 to do SSL on FreeBSD I needed to do what is below. It
> > seems that the exit code is more subtle than just ok/nok.

> > diff -c3 -r jabber-1.4.1/jabberd/mio_ssl.c

Source tar of 1.4.1

Dw.

> > jabber-1.4.1.new/jabberd/mio_ssl.c
> > *** jabber-1.4.1/jabberd/mio_ssl.c      Thu Feb  1 12:46:49 2001
> > --- jabber-1.4.1.new/jabberd/mio_ssl.c  Mon Oct  1 13:26:17 2001
> > ***************
> > *** 3,8 ****
> > --- 3,9 ----
> >   #ifdef HAVE_SSL
> >   HASHTABLE ssl__ctxs;
> >
> > + #include <openssl/err.h>
> >
> >   #ifndef NO_RSA
> >   /* This function will generate a temporary key for us */
> > ***************
> > *** 165,183 ****
> >       log_debug(ZONE, "SSL accepting socket with new session %x", ssl);
> >       SSL_set_fd(ssl, fd);
> >       SSL_set_accept_state(ssl);
> > !     if(SSL_accept(ssl) <= 0){
> >           unsigned long e;
> >           static char *buf;
> >
> >           e = ERR_get_error();
> >           buf = ERR_error_string(e, NULL);
> > !         log_debug(ZONE, "Error from SSL: %s", buf);
> >           log_debug(ZONE, "SSL Error in SSL_accept call");
> >           SSL_free(ssl);
> >           close(fd);
> >           return -1;
> >       }
> > !
> >       m->ssl = ssl;
> >
> >       log_debug(ZONE, "Accepted new SSL socket %d for %s", fd, m->ip);
> > --- 166,191 ----
> >       log_debug(ZONE, "SSL accepting socket with new session %x", ssl);
> >       SSL_set_fd(ssl, fd);
> >       SSL_set_accept_state(ssl);
> > ! redo:
> > ! {    int ex = SSL_accept(ssl);
> > !
> > !      if (ex < 0) {
> > !       /* not right - 0 is controlled shutdown; -1 can have more meanings
> > */
> >           unsigned long e;
> >           static char *buf;
> >
> >           e = ERR_get_error();
> > +       if ((e==0) || (e == SSL_ERROR_WANT_READ) || ( e ==
> > SSL_ERROR_WANT_WRITE))
> > +               goto redo;
> > +
> >           buf = ERR_error_string(e, NULL);
> > !         log_debug(ZONE, "Error %d/%d from SSL: %s", ex,e,buf);
> >           log_debug(ZONE, "SSL Error in SSL_accept call");
> >           SSL_free(ssl);
> >           close(fd);
> >           return -1;
> >       }
> > ! }
> >       m->ssl = ssl;
> >
> >       log_debug(ZONE, "Accepted new SSL socket %d for %s", fd, m->ip);
> >
> >
> > _______________________________________________
> > jdev mailing list
> > jdev at jabber.org
> > http://mailman.jabber.org/listinfo/jdev
>

More information about the JDev mailing list