Fossil SCM

Now actually works.

drh 2021-12-26 21:27 ssl-server

Commit 977fa519d365f7700c9714a1bec92c5e9bd9f674926b282116c37b9b78a3d183

Parent ed4a96d8ece2793…

2 files changed +7 -6 +2 -1

M src/http_ssl.c

+7 -6

		--- src/http_ssl.c
		+++ src/http_ssl.c
		@@ -638,10 +638,11 @@
638	638	SSL_set_fd(pServer->ssl, readFd);
639	639	}else{
640	640	SSL_set_rfd(pServer->ssl, readFd);
641	641	SSL_set_wfd(pServer->ssl, writeFd);
642	642	}
	643	+ SSL_accept(pServer->ssl);
643	644	return (void*)pServer;
644	645	}
645	646
646	647	/*
647	648	** Close a server-side code previously returned from ssl_new_server().
		@@ -684,17 +685,17 @@
684	685	int n = 0;
685	686	int i;
686	687	SslServerConn pServer = (SslServerConn)pServerArg;
687	688
688	689	if( pServer->atEof ) return 0;
689		- n = SSL_peek(pServer->ssl, zBuf, nBuf-1);
690		- if( n==0 ){
691		- pServer->atEof = 1;
692		- return 0;
	690	+ for(i=0; i<nBuf-1; i++){
	691	+ n = SSL_read(pServer->ssl, &zBuf[i], 1);
	692	+ if( n<=0 ){
	693	+ return 0;
	694	+ }
	695	+ if( zBuf[i]=='\n' ) break;
693	696	}
694		- for(i=0; i<n && zBuf[i]!='\n'; i++){}
695		- SSL_read(pServer->ssl, zBuf, i);
696	697	zBuf[i+1] = 0;
697	698	return zBuf;
698	699	}
699	700
700	701
701	702

	--- src/http_ssl.c
	+++ src/http_ssl.c
	@@ -638,10 +638,11 @@
638	SSL_set_fd(pServer->ssl, readFd);
639	}else{
640	SSL_set_rfd(pServer->ssl, readFd);
641	SSL_set_wfd(pServer->ssl, writeFd);
642	}

643	return (void*)pServer;
644	}
645
646	/*
647	** Close a server-side code previously returned from ssl_new_server().
	@@ -684,17 +685,17 @@
684	int n = 0;
685	int i;
686	SslServerConn pServer = (SslServerConn)pServerArg;
687
688	if( pServer->atEof ) return 0;
689	n = SSL_peek(pServer->ssl, zBuf, nBuf-1);
690	if( n==0 ){
691	pServer->atEof = 1;
692	return 0;


693	}
694	for(i=0; i<n && zBuf[i]!='\n'; i++){}
695	SSL_read(pServer->ssl, zBuf, i);
696	zBuf[i+1] = 0;
697	return zBuf;
698	}
699
700
701

	--- src/http_ssl.c
	+++ src/http_ssl.c
	@@ -638,10 +638,11 @@
638	SSL_set_fd(pServer->ssl, readFd);
639	}else{
640	SSL_set_rfd(pServer->ssl, readFd);
641	SSL_set_wfd(pServer->ssl, writeFd);
642	}
643	SSL_accept(pServer->ssl);
644	return (void*)pServer;
645	}
646
647	/*
648	** Close a server-side code previously returned from ssl_new_server().
	@@ -684,17 +685,17 @@
685	int n = 0;
686	int i;
687	SslServerConn pServer = (SslServerConn)pServerArg;
688
689	if( pServer->atEof ) return 0;
690	for(i=0; i<nBuf-1; i++){
691	n = SSL_read(pServer->ssl, &zBuf[i], 1);
692	if( n<=0 ){
693	return 0;
694	}
695	if( zBuf[i]=='\n' ) break;
696	}


697	zBuf[i+1] = 0;
698	return zBuf;
699	}
700
701
702

M src/main.c

+2 -1

		--- src/main.c
		+++ src/main.c
		@@ -3044,10 +3044,11 @@
3044	3044	** very first incoming TCP/IP connection to be processed. Used for
3045	3045	** debugging, since debugging across a fork() can be tricky
3046	3046	*/
3047	3047	if( find_option("debug-nofork",0,0)!=0 ){
3048	3048	flags \|= HTTP_SERVER_NOFORK;
	3049	+ zTimeout = "100000000";
3049	3050	}
3050	3051	/* We should be done with options.. */
3051	3052	verify_all_options();
3052	3053
3053	3054	if( g.argc!=2 && g.argc!=3 ) usage("?REPOSITORY?");
		@@ -3214,11 +3215,11 @@
3214	3215	}
3215	3216	}
3216	3217	if( flags & HTTP_SERVER_SCGI ){
3217	3218	cgi_handle_scgi_request();
3218	3219	}else if( g.httpUseSSL ){
3219		- g.httpSSLConn = ssl_new_server(fileno(stdin),fileno(stdout));
	3220	+ g.httpSSLConn = ssl_new_server(0,-1);
3220	3221	cgi_handle_http_request(0);
3221	3222	}else{
3222	3223	cgi_handle_http_request(0);
3223	3224	}
3224	3225	process_one_web_page(zNotFound, glob_create(zFileGlob), allowRepoList);
3225	3226

	--- src/main.c
	+++ src/main.c
	@@ -3044,10 +3044,11 @@
3044	** very first incoming TCP/IP connection to be processed. Used for
3045	** debugging, since debugging across a fork() can be tricky
3046	*/
3047	if( find_option("debug-nofork",0,0)!=0 ){
3048	flags \|= HTTP_SERVER_NOFORK;

3049	}
3050	/* We should be done with options.. */
3051	verify_all_options();
3052
3053	if( g.argc!=2 && g.argc!=3 ) usage("?REPOSITORY?");
	@@ -3214,11 +3215,11 @@
3214	}
3215	}
3216	if( flags & HTTP_SERVER_SCGI ){
3217	cgi_handle_scgi_request();
3218	}else if( g.httpUseSSL ){
3219	g.httpSSLConn = ssl_new_server(fileno(stdin),fileno(stdout));
3220	cgi_handle_http_request(0);
3221	}else{
3222	cgi_handle_http_request(0);
3223	}
3224	process_one_web_page(zNotFound, glob_create(zFileGlob), allowRepoList);
3225

	--- src/main.c
	+++ src/main.c
	@@ -3044,10 +3044,11 @@
3044	** very first incoming TCP/IP connection to be processed. Used for
3045	** debugging, since debugging across a fork() can be tricky
3046	*/
3047	if( find_option("debug-nofork",0,0)!=0 ){
3048	flags \|= HTTP_SERVER_NOFORK;
3049	zTimeout = "100000000";
3050	}
3051	/* We should be done with options.. */
3052	verify_all_options();
3053
3054	if( g.argc!=2 && g.argc!=3 ) usage("?REPOSITORY?");
	@@ -3214,11 +3215,11 @@
3215	}
3216	}
3217	if( flags & HTTP_SERVER_SCGI ){
3218	cgi_handle_scgi_request();
3219	}else if( g.httpUseSSL ){
3220	g.httpSSLConn = ssl_new_server(0,-1);
3221	cgi_handle_http_request(0);
3222	}else{
3223	cgi_handle_http_request(0);
3224	}
3225	process_one_web_page(zNotFound, glob_create(zFileGlob), allowRepoList);
3226