- int res = 0, fd;
- BIO_get_fd (con->rbio, &fd);
- /* `write' may write less than LEN bytes, thus the outward loop
- keeps trying it until all was written, or an error occurred. The
- inner loop is reserved for the usual EINTR f*kage, and the
- innermost loop deals with the same during select(). */
- while (len > 0)
- {
-#ifdef HAVE_SELECT
- if (opt.read_timeout)
- if (select_fd (fd, opt.read_timeout, WAIT_WRITE) <= 0)
- return -1;
-#endif
- do
- res = SSL_write (con, buf, len);
- while (res == -1 && errno == EINTR);
- if (res <= 0)
- break;
- buf += res;
- len -= res;
- }
- return res;
+ SSL *ssl = SSL_new (ctx);
+ if (!ssl)
+ goto err;
+ if (!SSL_set_fd (ssl, fd))
+ goto err;
+ SSL_set_connect_state (ssl);
+ if (SSL_connect (ssl) <= 0 || ssl->state != SSL_ST_OK)
+ goto err;
+
+ /* Register the FD to use our functions for read, write, etc. That
+ way the rest of Wget can keep using xread, xwrite, and
+ friends. */
+ register_extended (fd, ssl_read, ssl_write, ssl_poll, ssl_close, ssl);
+ DEBUGP (("Connected %d to SSL 0x%0lx\n", fd, (unsigned long) ssl));
+ return ssl;
+
+ err:
+ ssl_printerrors ();
+ if (ssl)
+ SSL_free (ssl);
+ return NULL;
+}
+
+void
+free_ssl_ctx (SSL_CTX * ctx)
+{
+ SSL_CTX_free (ctx);