[svn] Clean up prototypes and definitions of ssl_init and ssl_connect.

[wget] / src / gen_sslfunc.c

diff --git a/src/gen_sslfunc.c b/src/gen_sslfunc.c
index 4cbab6acc193a1f4fb12b1c8ba1a030eddf4c622..5b13f992a5831350f3208cdb386f1e6ef850db0a 100644 (file)
--- a/src/gen_sslfunc.c
+++ b/src/gen_sslfunc.c
@@ -53,6 +53,7 @@ so, delete this exception statement from your version.  */
 #include "utils.h"
 #include "connect.h"
 #include "url.h"
+#include "gen_sslfunc.h"
 
 #ifndef errno
 extern int errno;
@@ -138,15 +139,12 @@ verify_callback (int ok, X509_STORE_CTX *ctx)
 
 /* Print SSL errors. */
 
-void
+static void
 ssl_print_errors (void) 
 {
   unsigned long curerr = 0;
-  char errbuff[1024];
-  xzero (errbuff);
   while ((curerr = ERR_get_error ()) != 0)
-    logprintf (LOG_NOTQUIET, "OpenSSL: %s\n",
-              ERR_error_string (curerr, errbuff));
+    logprintf (LOG_NOTQUIET, "OpenSSL: %s\n", ERR_error_string (curerr, NULL));
 }
 
 /* Creates a SSL Context and sets some defaults for it */
@@ -300,6 +298,19 @@ ssl_poll (int fd, double timeout, int wait_for, void *ctx)
   return select_fd (fd, timeout, wait_for);
 }
 
+static int
+ssl_peek (int fd, char *buf, int bufsize, void *ctx)
+{
+  int ret;
+  SSL *ssl = (SSL *) ctx;
+  do
+    ret = SSL_peek (ssl, buf, bufsize);
+  while (ret == -1
+        && SSL_get_error (ssl, ret) == SSL_ERROR_SYSCALL
+        && errno == EINTR);
+  return ret;
+}
+
 static void
 ssl_close (int fd, void *ctx)
 {
@@ -316,9 +327,14 @@ ssl_close (int fd, void *ctx)
   DEBUGP (("Closed %d/SSL 0x%0lx\n", fd, (unsigned long) ssl));
 }
 
-/* Sets up a SSL structure and performs the handshake on fd. */
+/* Sets up a SSL structure and performs the handshake on fd.  The
+   resulting SSL structure is registered with the file descriptor FD
+   using fd_register_transport.  That way subsequent calls to xread,
+   xwrite, etc., will use the appropriate SSL functions.
+
+   Returns 1 on success, 0 on failure.  */
 
-SSL *
+int
 ssl_connect (int fd) 
 {
   SSL *ssl;
@@ -335,15 +351,17 @@ ssl_connect (int fd)
 
   /* Register FD with Wget's transport layer, i.e. arrange that
      SSL-enabled functions are used for reading, writing, and polling.
-     That way the rest of Wget can use fd_read, fd_write, and friends
-     and not care what happens underneath.  */
-  fd_register_transport (fd, ssl_read, ssl_write, ssl_poll, ssl_close, ssl);
-  DEBUGP (("Connected %d to SSL 0x%0lx\n", fd, (unsigned long) ssl));
-  return ssl;
+     That way the rest of Wget can keep using xread, xwrite, and
+     friends and not care what happens underneath.  */
+  fd_register_transport (fd, ssl_read, ssl_write, ssl_poll, ssl_peek,
+                        ssl_close, ssl);
+  DEBUGP (("Connected %d to SSL 0x%0*lx\n", fd, 2 * sizeof (void *),
+          (unsigned long) ssl));
+  return 1;
 
  err:
   ssl_print_errors ();
   if (ssl)
     SSL_free (ssl);
-  return NULL;
+  return 0;
 }