-/*
- * Copyright (C) 2006-2009 Stig Venaas <venaas@uninett.no>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- */
+/* Copyright (c) 2007-2009, UNINETT AS
+ * Copyright (c) 2012, NORDUnet A/S */
+/* See LICENSE for licensing information. */
#include <signal.h>
#include <sys/socket.h>
/* returns 0 on timeout, -1 on error and num if ok */
int sslreadtimeout(SSL *ssl, unsigned char *buf, int num, int timeout) {
int s, ndesc, cnt, len;
- fd_set readfds, writefds;
+ fd_set readfds;
struct timeval timer;
s = SSL_get_fd(ssl);
return -1;
/* make socket non-blocking? */
for (len = 0; len < num; len += cnt) {
- FD_ZERO(&readfds);
- FD_SET(s, &readfds);
- writefds = readfds;
- if (timeout) {
- timer.tv_sec = timeout;
- timer.tv_usec = 0;
+ if (SSL_pending(ssl) == 0) {
+ FD_ZERO(&readfds);
+ FD_SET(s, &readfds);
+ if (timeout) {
+ timer.tv_sec = timeout;
+ timer.tv_usec = 0;
+ }
+ ndesc = select(s + 1, &readfds, NULL, NULL, timeout ? &timer : NULL);
+ if (ndesc < 1)
+ return ndesc;
}
- ndesc = select(s + 1, &readfds, &writefds, NULL, timeout ? &timer : NULL);
- if (ndesc < 1)
- return ndesc;
cnt = SSL_read(ssl, buf + len, num - len);
if (cnt <= 0)
}
}
}
+ debug(DBG_INFO, "tlsclientrd: exiting for %s", server->conf->name);
ERR_remove_state(0);
+ SSL_shutdown(server->ssl);
+ shutdown(server->sock, SHUT_RDWR);
+ close(server->sock);
+
+ /* Wake up clientwr(). */
server->clientrdgone = 1;
+ pthread_mutex_lock(&server->newrq_mutex);
+ pthread_cond_signal(&server->newrq_cond);
+ pthread_mutex_unlock(&server->newrq_mutex);
return NULL;
}
debug(DBG_DBG, "tlsserverrd: starting for %s", addr2string(client->addr));
- if (pthread_create(&tlsserverwrth, NULL, tlsserverwr, (void *)client)) {
+ if (pthread_create(&tlsserverwrth, &pthread_attr, tlsserverwr, (void *)client)) {
debug(DBG_ERR, "tlsserverrd: pthread_create failed");
return;
}
for (;;) {
- buf = radtlsget(client->ssl, 0);
+ buf = radtlsget(client->ssl, IDLE_TIMEOUT * 3);
if (!buf) {
debug(DBG_ERR, "tlsserverrd: connection from %s lost", addr2string(client->addr));
break;
debug(DBG_WARN, "accept failed");
continue;
}
- if (pthread_create(&tlsserverth, NULL, tlsservernew, (void *)&s)) {
+ if (pthread_create(&tlsserverth, &pthread_attr, tlsservernew, (void *)&s)) {
debug(DBG_ERR, "tlslistener: pthread_create failed");
shutdown(s, SHUT_RDWR);
close(s);