Added a dcb_connect_SSL function which starts a client SSL connection.

2015-06-02 09:15:08 +03:00 · 2015-06-02 09:15:08 +03:00 · fc8918b1f2
commit fc8918b1f2
parent 08e0a31826
2 changed files with 67 additions and 0 deletions
--- a/server/core/dcb.c
+++ b/server/core/dcb.c
@ -2843,5 +2843,71 @@ int dcb_accept_SSL(DCB* dcb)
 	break;
    }

+    return rval;
+}
+
+/**
+ * Initiate an SSL client connection to a server
+ *
+ * This functions starts an SSL client connection to a server which is expecting
+ * an SSL handshake. The DCB should already have a TCP connection to the server and
+ * this connection should be in a state that expects an SSL handshake.
+ * @param dcb DCB to connect
+ * @return 1 on success, -1 on error and 0 if the SSL handshake is still ongoing
+ */
+int dcb_connect_SSL(DCB* dcb)
+{
+    int rval,errnum;
+
+    rval = SSL_connect(dcb->ssl);
+
+    switch(rval)
+    {
+    case 0:
+	errnum = SSL_get_error(dcb->ssl,rval);
+	LOGIF(LD,(skygw_log_write_flush(LD,"SSL_connect shutdown for %s@%s",
+			 dcb->user,
+			 dcb->remote)));
+	return -1;
+	break;
+    case 1:
+	rval = 1;
+	LOGIF(LD,(skygw_log_write_flush(LD,"SSL_connect done for %s@%s",
+			 dcb->user,
+			 dcb->remote)));
+	break;
+
+    case -1:
+	errnum = SSL_get_error(dcb->ssl,rval);
+
+	if(errnum == SSL_ERROR_WANT_READ || errnum == SSL_ERROR_WANT_WRITE ||
+	 errnum == SSL_ERROR_WANT_X509_LOOKUP)
+	{
+	    /** Not all of the data has been read. Go back to the poll
+	     queue and wait for more.*/
+
+	    rval = 0;
+	    LOGIF(LD,(skygw_log_write_flush(LD,"SSL_connect ongoing for %s@%s",
+			     dcb->user,
+			     dcb->remote)));
+	}
+	else
+	{
+	    rval = -1;
+	    skygw_log_write_flush(LE,
+			     "Error: Fatal error in SSL_connect for %s@%s: %s",
+			     dcb->user,
+			     dcb->remote,
+			     ERR_error_string(errnum,NULL));
+	}
+	break;
+
+    default:
+	skygw_log_write_flush(LE,
+			 "Error: Fatal error in SSL_connect, returned value was %d.",
+			 rval);
+	break;
+    }
+
    return rval;
 }
--- a/server/include/dcb.h
+++ b/server/include/dcb.h
@ -343,6 +343,7 @@ size_t dcb_get_session_id(DCB* dcb);
 bool   dcb_get_ses_log_info(DCB* dcb, size_t* sesid, int* enabled_logs);
 int dcb_create_SSL(DCB* dcb);
 int dcb_accept_SSL(DCB* dcb);
+int dcb_connect_SSL(DCB* dcb);
 int gw_write_SSL(SSL* ssl, const void *buf, size_t nbytes);
 int dcb_write_SSL(DCB *dcb,GWBUF *queue);
 int dcb_read_SSL(DCB   *dcb,GWBUF **head);