aboutsummaryrefslogtreecommitdiffstats
path: root/camel/camel-tcp-stream-openssl.c
diff options
context:
space:
mode:
Diffstat (limited to 'camel/camel-tcp-stream-openssl.c')
-rw-r--r--camel/camel-tcp-stream-openssl.c32
1 files changed, 22 insertions, 10 deletions
diff --git a/camel/camel-tcp-stream-openssl.c b/camel/camel-tcp-stream-openssl.c
index 214269a433..8923c31425 100644
--- a/camel/camel-tcp-stream-openssl.c
+++ b/camel/camel-tcp-stream-openssl.c
@@ -402,12 +402,15 @@ socket_connect (struct hostent *h, int port)
static int
ssl_verify (int ok, X509_STORE_CTX *ctx)
{
+ SSL *ssl;
CamelTcpStreamOpenSSL *stream;
X509 *cert;
int err;
+
+ ssl = X509_STORE_CTX_get_ex_data (ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
OPENSSL_TABLE_LOCK ();
- stream = CAMEL_TCP_STREAM_OPENSSL (g_hash_table_lookup (openssl_table, ctx));
+ stream = CAMEL_TCP_STREAM_OPENSSL (g_hash_table_lookup (openssl_table, ssl->ctx));
OPENSSL_TABLE_UNLOCK ();
cert = X509_STORE_CTX_get_current_cert (ctx);
@@ -437,12 +440,15 @@ ssl_verify (int ok, X509_STORE_CTX *ctx)
}
static SSL *
-open_ssl_connection (CamelService *service, int sockfd)
+open_ssl_connection (CamelService *service, int sockfd, CamelTcpStreamOpenSSL *openssl)
{
SSL_CTX *ssl_ctx = NULL;
SSL *ssl = NULL;
int n;
+ SSLeay_add_ssl_algorithms();
+ SSL_load_error_strings();
+
/* SSLv23_client_method will negotiate with SSL v2, v3, or TLS v1 */
ssl_ctx = SSL_CTX_new (SSLv23_client_method ());
g_return_val_if_fail (ssl_ctx != NULL, NULL);
@@ -450,9 +456,22 @@ open_ssl_connection (CamelService *service, int sockfd)
SSL_CTX_set_verify (ssl_ctx, SSL_VERIFY_PEER, &ssl_verify);
ssl = SSL_new (ssl_ctx);
SSL_set_fd (ssl, sockfd);
+
+ OPENSSL_TABLE_LOCK ();
+ if (!openssl_table)
+ openssl_table = g_hash_table_new (g_direct_hash, g_direct_equal);
+
+ g_hash_table_insert (openssl_table, ssl->ctx, openssl);
+ OPENSSL_TABLE_UNLOCK ();
+
n = SSL_connect (ssl);
if (n != 1) {
+
+ OPENSSL_TABLE_LOCK ();
+ g_hash_table_remove (openssl_table, ssl->ctx);
+ OPENSSL_TABLE_UNLOCK ();
+
SSL_shutdown (ssl);
if (ssl->ctx)
@@ -478,20 +497,13 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port)
if (fd == -1)
return -1;
- ssl = open_ssl_connection (openssl->priv->service, fd);
+ ssl = open_ssl_connection (openssl->priv->service, fd, openssl);
if (!ssl)
return -1;
openssl->priv->sockfd = fd;
openssl->priv->ssl = ssl;
- OPENSSL_TABLE_LOCK ();
- if (!openssl_table)
- openssl_table = g_hash_table_new (g_direct_hash, g_direct_equal);
-
- g_hash_table_insert (openssl_table, ssl->ctx, openssl);
- OPENSSL_TABLE_UNLOCK ();
-
return 0;
}