From 0e3c6ed5696ff82b4b7cb1279ed66b7b978238e6 Mon Sep 17 00:00:00 2001 From: hniksic Date: Mon, 11 Apr 2005 07:33:36 -0700 Subject: [PATCH] [svn] Clean up prototypes and definitions of ssl_init and ssl_connect. Don't include SSL headers in retr.c. --- src/ChangeLog | 14 ++++++++++++++ src/gen_sslfunc.c | 24 ++++++++++++++---------- src/gen_sslfunc.h | 4 +--- src/retr.c | 4 ---- 4 files changed, 29 insertions(+), 17 deletions(-) diff --git a/src/ChangeLog b/src/ChangeLog index 63385a94..e11914e9 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,17 @@ +2005-04-11 Hrvoje Niksic + + * gen_sslfunc.c (ssl_print_errors): Made static. + (ssl_print_errors): Eliminate potentially dangerous fixed-size + error buffer. Passing NULL to ERR_error_string causes it to use + its own static buffer, which is fine for our purposes. + + * gen_sslfunc.c: Include gen_sslfunc.h. Make the declarations of + ssl_init and ssl_conect match the actual definitions. + (ssl_connect): Simply return a boolean, the SSL context is no + longer useful as a return value. + + * retr.c: Don't include SSL headers; we don't need them. + 2005-04-11 Hrvoje Niksic * config-post.h: Don't define _VA_LIST under Solaris; it breaks diff --git a/src/gen_sslfunc.c b/src/gen_sslfunc.c index 98e75a1d..5b13f992 100644 --- a/src/gen_sslfunc.c +++ b/src/gen_sslfunc.c @@ -53,6 +53,7 @@ so, delete this exception statement from your version. */ #include "utils.h" #include "connect.h" #include "url.h" +#include "gen_sslfunc.h" #ifndef errno extern int errno; @@ -138,15 +139,12 @@ verify_callback (int ok, X509_STORE_CTX *ctx) /* Print SSL errors. */ -void +static void ssl_print_errors (void) { unsigned long curerr = 0; - char errbuff[1024]; - xzero (errbuff); while ((curerr = ERR_get_error ()) != 0) - logprintf (LOG_NOTQUIET, "OpenSSL: %s\n", - ERR_error_string (curerr, errbuff)); + logprintf (LOG_NOTQUIET, "OpenSSL: %s\n", ERR_error_string (curerr, NULL)); } /* Creates a SSL Context and sets some defaults for it */ @@ -329,9 +327,14 @@ ssl_close (int fd, void *ctx) DEBUGP (("Closed %d/SSL 0x%0lx\n", fd, (unsigned long) ssl)); } -/* Sets up a SSL structure and performs the handshake on fd. */ +/* Sets up a SSL structure and performs the handshake on fd. The + resulting SSL structure is registered with the file descriptor FD + using fd_register_transport. That way subsequent calls to xread, + xwrite, etc., will use the appropriate SSL functions. -SSL * + Returns 1 on success, 0 on failure. */ + +int ssl_connect (int fd) { SSL *ssl; @@ -352,12 +355,13 @@ ssl_connect (int fd) friends and not care what happens underneath. */ fd_register_transport (fd, ssl_read, ssl_write, ssl_poll, ssl_peek, ssl_close, ssl); - DEBUGP (("Connected %d to SSL 0x%0lx\n", fd, (unsigned long) ssl)); - return ssl; + DEBUGP (("Connected %d to SSL 0x%0*lx\n", fd, 2 * sizeof (void *), + (unsigned long) ssl)); + return 1; err: ssl_print_errors (); if (ssl) SSL_free (ssl); - return NULL; + return 0; } diff --git a/src/gen_sslfunc.h b/src/gen_sslfunc.h index a3650d09..14e65f05 100644 --- a/src/gen_sslfunc.h +++ b/src/gen_sslfunc.h @@ -31,9 +31,7 @@ so, delete this exception statement from your version. */ #ifndef GEN_SSLFUNC_H #define GEN_SSLFUNC_H -int ssl_init PARAMS ((void)); - +uerr_t ssl_init PARAMS ((void)); int ssl_connect PARAMS ((int)); -int ssl_print_error PARAMS ((void)); #endif /* GEN_SSLFUNC_H */ diff --git a/src/retr.c b/src/retr.c index 59a1af38..842eaaae 100644 --- a/src/retr.c +++ b/src/retr.c @@ -56,10 +56,6 @@ so, delete this exception statement from your version. */ #include "convert.h" #include "ptimer.h" -#ifdef HAVE_SSL -# include "gen_sslfunc.h" /* for ssl_iread */ -#endif - #ifndef errno extern int errno; #endif