Loading lib/axtls.c +26 −16 Original line number Diff line number Diff line Loading @@ -131,7 +131,6 @@ static CURLcode map_error_to_curl(int axtls_err) return CURLE_SSL_CONNECT_ERROR; break; } return CURLE_SSL_CONNECT_ERROR; /* catch-all for non-easily-mapped errors */ } static Curl_recv axtls_recv; Loading Loading @@ -339,6 +338,8 @@ static ssize_t axtls_send(struct connectdata *conn, must be at least 120 bytes long. */ int rc = ssl_write(conn->ssl[sockindex].ssl, mem, (int)len); infof(conn->data, " axtls_send\n"); if(rc < 0 ) { *err = map_error_to_curl(rc); rc = -1; /* generic error code for send failure */ Loading @@ -351,12 +352,14 @@ static ssize_t axtls_send(struct connectdata *conn, void Curl_axtls_close_all(struct SessionHandle *data) { (void)data; infof(data, " Curl_axtls_close_all\n"); } void Curl_axtls_close(struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; infof(conn->data, " Curl_axtls_close\n"); if(connssl->ssl) { /* line from ssluse.c: (void)SSL_shutdown(connssl->ssl); axTLS compat layer does nothing for SSL_shutdown */ Loading Loading @@ -390,6 +393,8 @@ int Curl_axtls_shutdown(struct connectdata *conn, int sockindex) to be at least 120 bytes long. */ ssize_t nread; infof(conn->data, " Curl_axtls_shutdown\n"); /* This has only been tested on the proftpd server, and the mod_tls code sends a close notify alert without waiting for a close notify alert in response. Thus we wait for a close notify alert from the server, but Loading Loading @@ -430,34 +435,38 @@ int Curl_axtls_shutdown(struct connectdata *conn, int sockindex) return retval; } /* * If the read would block we return -1 and set 'wouldblock' to TRUE. * Otherwise we return the amount of data read. Other errors should return -1 * and set 'wouldblock' to FALSE. */ static ssize_t axtls_recv(struct connectdata *conn, /* connection data */ int num, /* socketindex */ char *buf, /* store read data here */ size_t buffersize, /* max amount to read */ CURLcode *err) { ssize_t ret = (ssize_t)SSL_read(conn->ssl[num].ssl, buf, (int)buffersize); struct ssl_connect_data *connssl = &conn->ssl[num]; ssize_t ret = 0; infof(conn->data, " axtls_recv\n"); if(connssl){ ret = (ssize_t)SSL_read(conn->ssl[num].ssl, buf, (int)buffersize); /* axTLS isn't terribly generous about error reporting */ if(ret < 0) { /* With patched axTLS, SSL_CLOSE_NOTIFY=-3. Hard-coding until axTLS team approves proposed fix. */ if(ret == -3 ){ Curl_axtls_close(conn, num); } else if(ret < 0) { failf(conn->data, "axTLS recv error (%d)", (int)ret); *err = map_error_to_curl(ret); return -1; } } *err = CURLE_OK; return ret; } /* * This function uses SSL_peek to determine connection status. * * Return codes: * 1 means the connection is still in place * 0 means the connection has been closed Loading @@ -469,6 +478,7 @@ int Curl_axtls_check_cxn(struct connectdata *conn) axTLS compat layer always returns the last argument, so connection is always alive? */ infof(conn->data, " Curl_axtls_check_cxn\n"); return 1; /* connection still in place */ } Loading tests/runtests.pl +1 −1 Original line number Diff line number Diff line Loading @@ -2559,7 +2559,6 @@ sub singletest { if($curl_debug) { unlink($memdump); } $cmd = "-1 ".$cmd if(exists $feature{"SSL"} && $has_axtls == 1); # create a (possibly-empty) file before starting the test my @inputfile=getpart("client", "file"); Loading Loading @@ -2619,6 +2618,7 @@ sub singletest { } elsif(!$tool) { # run curl, add --verbose for debug information output $cmd = "-1 ".$cmd if(exists $feature{"SSL"} && $has_axtls == 1); $cmdargs ="$out --include --verbose --trace-time $cmd"; } else { Loading Loading
lib/axtls.c +26 −16 Original line number Diff line number Diff line Loading @@ -131,7 +131,6 @@ static CURLcode map_error_to_curl(int axtls_err) return CURLE_SSL_CONNECT_ERROR; break; } return CURLE_SSL_CONNECT_ERROR; /* catch-all for non-easily-mapped errors */ } static Curl_recv axtls_recv; Loading Loading @@ -339,6 +338,8 @@ static ssize_t axtls_send(struct connectdata *conn, must be at least 120 bytes long. */ int rc = ssl_write(conn->ssl[sockindex].ssl, mem, (int)len); infof(conn->data, " axtls_send\n"); if(rc < 0 ) { *err = map_error_to_curl(rc); rc = -1; /* generic error code for send failure */ Loading @@ -351,12 +352,14 @@ static ssize_t axtls_send(struct connectdata *conn, void Curl_axtls_close_all(struct SessionHandle *data) { (void)data; infof(data, " Curl_axtls_close_all\n"); } void Curl_axtls_close(struct connectdata *conn, int sockindex) { struct ssl_connect_data *connssl = &conn->ssl[sockindex]; infof(conn->data, " Curl_axtls_close\n"); if(connssl->ssl) { /* line from ssluse.c: (void)SSL_shutdown(connssl->ssl); axTLS compat layer does nothing for SSL_shutdown */ Loading Loading @@ -390,6 +393,8 @@ int Curl_axtls_shutdown(struct connectdata *conn, int sockindex) to be at least 120 bytes long. */ ssize_t nread; infof(conn->data, " Curl_axtls_shutdown\n"); /* This has only been tested on the proftpd server, and the mod_tls code sends a close notify alert without waiting for a close notify alert in response. Thus we wait for a close notify alert from the server, but Loading Loading @@ -430,34 +435,38 @@ int Curl_axtls_shutdown(struct connectdata *conn, int sockindex) return retval; } /* * If the read would block we return -1 and set 'wouldblock' to TRUE. * Otherwise we return the amount of data read. Other errors should return -1 * and set 'wouldblock' to FALSE. */ static ssize_t axtls_recv(struct connectdata *conn, /* connection data */ int num, /* socketindex */ char *buf, /* store read data here */ size_t buffersize, /* max amount to read */ CURLcode *err) { ssize_t ret = (ssize_t)SSL_read(conn->ssl[num].ssl, buf, (int)buffersize); struct ssl_connect_data *connssl = &conn->ssl[num]; ssize_t ret = 0; infof(conn->data, " axtls_recv\n"); if(connssl){ ret = (ssize_t)SSL_read(conn->ssl[num].ssl, buf, (int)buffersize); /* axTLS isn't terribly generous about error reporting */ if(ret < 0) { /* With patched axTLS, SSL_CLOSE_NOTIFY=-3. Hard-coding until axTLS team approves proposed fix. */ if(ret == -3 ){ Curl_axtls_close(conn, num); } else if(ret < 0) { failf(conn->data, "axTLS recv error (%d)", (int)ret); *err = map_error_to_curl(ret); return -1; } } *err = CURLE_OK; return ret; } /* * This function uses SSL_peek to determine connection status. * * Return codes: * 1 means the connection is still in place * 0 means the connection has been closed Loading @@ -469,6 +478,7 @@ int Curl_axtls_check_cxn(struct connectdata *conn) axTLS compat layer always returns the last argument, so connection is always alive? */ infof(conn->data, " Curl_axtls_check_cxn\n"); return 1; /* connection still in place */ } Loading
tests/runtests.pl +1 −1 Original line number Diff line number Diff line Loading @@ -2559,7 +2559,6 @@ sub singletest { if($curl_debug) { unlink($memdump); } $cmd = "-1 ".$cmd if(exists $feature{"SSL"} && $has_axtls == 1); # create a (possibly-empty) file before starting the test my @inputfile=getpart("client", "file"); Loading Loading @@ -2619,6 +2618,7 @@ sub singletest { } elsif(!$tool) { # run curl, add --verbose for debug information output $cmd = "-1 ".$cmd if(exists $feature{"SSL"} && $has_axtls == 1); $cmdargs ="$out --include --verbose --trace-time $cmd"; } else { Loading
