diff options
author | Julian Andres Klode <jak@debian.org> | 2017-06-30 13:51:32 +0200 |
---|---|---|
committer | Julian Andres Klode <jak@debian.org> | 2017-06-30 14:57:54 +0200 |
commit | 4b1d19fe5619ef46c952ca84531759a981741482 (patch) | |
tree | 81bf3d79c74ee31496e804aff218acb189dc2131 /methods/connect.cc | |
parent | d3a70c3e5ae68a0e5a3d4667dd1d0fc0887e6263 (diff) |
Allow running the TLS stack on any lower connection
This is especially needed if we use an HTTPS proxy to CONNECT
to an HTTPS URI, as we run TLS-inside-TLS then.
Diffstat (limited to 'methods/connect.cc')
-rw-r--r-- | methods/connect.cc | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/methods/connect.cc b/methods/connect.cc index fd37d19f7..f58a67db3 100644 --- a/methods/connect.cc +++ b/methods/connect.cc @@ -656,7 +656,25 @@ bool UnwrapTLS(std::string Host, std::unique_ptr<MethodFd> &Fd, tlsFd->UnderlyingFd = MethodFd::FromFd(-1); // For now gnutls_init(&tlsFd->session, GNUTLS_CLIENT | GNUTLS_NONBLOCK); - gnutls_transport_set_int(tlsFd->session, dynamic_cast<FdFd *>(Fd.get())->fd); + + FdFd *fdfd = dynamic_cast<FdFd *>(Fd.get()); + if (fdfd != nullptr) + { + gnutls_transport_set_int(tlsFd->session, fdfd->fd); + } + else + { + gnutls_transport_set_ptr(tlsFd->session, Fd.get()); + gnutls_transport_set_pull_function(tlsFd->session, + [](gnutls_transport_ptr_t p, void *buf, size_t size) -> ssize_t { + return reinterpret_cast<MethodFd *>(p)->Read(buf, size); + }); + gnutls_transport_set_push_function(tlsFd->session, + [](gnutls_transport_ptr_t p, const void *buf, size_t size) -> ssize_t { + return reinterpret_cast<MethodFd *>(p)->Write((void *)buf, size); + }); + } + gnutls_certificate_allocate_credentials(&tlsFd->credentials); // Credential setup |