- int res = 0, fd;
- BIO_get_fd (con->rbio, &fd);
- /* `write' may write less than LEN bytes, thus the outward loop
- keeps trying it until all was written, or an error occurred. The
- inner loop is reserved for the usual EINTR f*kage, and the
- innermost loop deals with the same during select(). */
- while (len > 0)
- {
-#ifdef HAVE_SELECT
- if (opt.read_timeout)
- if (select_fd (fd, opt.read_timeout, 1) <= 0)
- return -1;
-#endif
- do
- res = SSL_write (con, buf, len);
- while (res == -1 && errno == EINTR);
- if (res <= 0)
- break;
- buf += res;
- len -= res;
- }
- return res;
+ SSL *ssl;
+
+ assert (ssl_ctx != NULL);
+ ssl = SSL_new (ssl_ctx);
+ if (!ssl)
+ goto err;
+ if (!SSL_set_fd (ssl, fd))
+ goto err;
+ SSL_set_connect_state (ssl);
+ if (SSL_connect (ssl) <= 0 || ssl->state != SSL_ST_OK)
+ goto err;
+
+ /* Register FD with Wget's transport layer, i.e. arrange that
+ SSL-enabled functions are used for reading, writing, and polling.
+ That way the rest of Wget can keep using xread, xwrite, and
+ friends and not care what happens underneath. */
+ fd_register_transport (fd, ssl_read, ssl_write, ssl_poll, ssl_peek,
+ ssl_close, ssl);
+ DEBUGP (("Connected %d to SSL 0x%0lx\n", fd, (unsigned long) ssl));
+ return ssl;
+
+ err:
+ ssl_print_errors ();
+ if (ssl)
+ SSL_free (ssl);
+ return NULL;