aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/axtls.c42
-rwxr-xr-xtests/runtests.pl2
2 files changed, 27 insertions, 17 deletions
diff --git a/lib/axtls.c b/lib/axtls.c
index ff4ff2b15..82a0ddcc6 100644
--- a/lib/axtls.c
+++ b/lib/axtls.c
@@ -131,7 +131,6 @@ static CURLcode map_error_to_curl(int axtls_err)
return CURLE_SSL_CONNECT_ERROR;
break;
}
- return CURLE_SSL_CONNECT_ERROR; /* catch-all for non-easily-mapped errors */
}
static Curl_recv axtls_recv;
@@ -339,6 +338,8 @@ static ssize_t axtls_send(struct connectdata *conn,
must be at least 120 bytes long. */
int rc = ssl_write(conn->ssl[sockindex].ssl, mem, (int)len);
+ infof(conn->data, " axtls_send\n");
+
if(rc < 0 ) {
*err = map_error_to_curl(rc);
rc = -1; /* generic error code for send failure */
@@ -351,12 +352,14 @@ static ssize_t axtls_send(struct connectdata *conn,
void Curl_axtls_close_all(struct SessionHandle *data)
{
(void)data;
+ infof(data, " Curl_axtls_close_all\n");
}
void Curl_axtls_close(struct connectdata *conn, int sockindex)
{
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+ infof(conn->data, " Curl_axtls_close\n");
if(connssl->ssl) {
/* line from ssluse.c: (void)SSL_shutdown(connssl->ssl);
axTLS compat layer does nothing for SSL_shutdown */
@@ -390,6 +393,8 @@ int Curl_axtls_shutdown(struct connectdata *conn, int sockindex)
to be at least 120 bytes long. */
ssize_t nread;
+ infof(conn->data, " Curl_axtls_shutdown\n");
+
/* This has only been tested on the proftpd server, and the mod_tls code
sends a close notify alert without waiting for a close notify alert in
response. Thus we wait for a close notify alert from the server, but
@@ -430,25 +435,31 @@ int Curl_axtls_shutdown(struct connectdata *conn, int sockindex)
return retval;
}
-/*
- * If the read would block we return -1 and set 'wouldblock' to TRUE.
- * Otherwise we return the amount of data read. Other errors should return -1
- * and set 'wouldblock' to FALSE.
- */
static ssize_t axtls_recv(struct connectdata *conn, /* connection data */
int num, /* socketindex */
char *buf, /* store read data here */
size_t buffersize, /* max amount to read */
CURLcode *err)
{
- ssize_t ret = (ssize_t)SSL_read(conn->ssl[num].ssl, buf,
- (int)buffersize);
-
- /* axTLS isn't terribly generous about error reporting */
- if(ret < 0) {
- failf(conn->data, "axTLS recv error (%d)", (int)ret);
- *err = map_error_to_curl(ret);
- return -1;
+ struct ssl_connect_data *connssl = &conn->ssl[num];
+ ssize_t ret = 0;
+
+ infof(conn->data, " axtls_recv\n");
+
+ if(connssl){
+ ret = (ssize_t)SSL_read(conn->ssl[num].ssl, buf, (int)buffersize);
+
+ /* axTLS isn't terribly generous about error reporting */
+ /* With patched axTLS, SSL_CLOSE_NOTIFY=-3. Hard-coding until axTLS
+ team approves proposed fix. */
+ if(ret == -3 ){
+ Curl_axtls_close(conn, num);
+ }
+ else if(ret < 0) {
+ failf(conn->data, "axTLS recv error (%d)", (int)ret);
+ *err = map_error_to_curl(ret);
+ return -1;
+ }
}
*err = CURLE_OK;
@@ -456,8 +467,6 @@ static ssize_t axtls_recv(struct connectdata *conn, /* connection data */
}
/*
- * This function uses SSL_peek to determine connection status.
- *
* Return codes:
* 1 means the connection is still in place
* 0 means the connection has been closed
@@ -469,6 +478,7 @@ int Curl_axtls_check_cxn(struct connectdata *conn)
axTLS compat layer always returns the last argument, so connection is
always alive? */
+ infof(conn->data, " Curl_axtls_check_cxn\n");
return 1; /* connection still in place */
}
diff --git a/tests/runtests.pl b/tests/runtests.pl
index 743fb1f62..966eb0dd2 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -2559,7 +2559,6 @@ sub singletest {
if($curl_debug) {
unlink($memdump);
}
- $cmd = "-1 ".$cmd if(exists $feature{"SSL"} && $has_axtls == 1);
# create a (possibly-empty) file before starting the test
my @inputfile=getpart("client", "file");
@@ -2619,6 +2618,7 @@ sub singletest {
}
elsif(!$tool) {
# run curl, add --verbose for debug information output
+ $cmd = "-1 ".$cmd if(exists $feature{"SSL"} && $has_axtls == 1);
$cmdargs ="$out --include --verbose --trace-time $cmd";
}
else {