[Dovecot] Re: 1.0-test1 released
Timo Sirainen
tss at iki.fi
Fri Apr 30 23:32:35 EEST 2004
On 30.4.2004, at 23:19, Jaldhar H. Vyas wrote:
>> Looks like it's read/write/handshake functions were changed (fixed?)
>> to
>> work very much like OpenSSL's, ie. read/write can return that
>> handshake
>> renegoatiation is needed, and read can fail because if needs to write
>> and vice versa. The ssl-proxy-openssl.c code should just be
>> copy&pasted
>> to gnutls version and the function calls changed.
>>
>> Any volunteers? :)
>>
>
> Well here is an attempt. I asked around and gnutls10 is supposed to be
> basically compatible with gnutls7, they've just changed some API names
> and
> prototypes.
>
> I haven't really been able to test this much but fwiw, it compiles
> cleanly
> and doesn't make dovecot crash (at least so far :-)
It still doesn't check gnutls_record_recv/send return values, so if the
record can't be fully read/written the connection might get stuck.. The
current code only tries to re-read if gnutls_record_recv fails, but it
might need to re-send or re-handshake instead which it doesn't attempt,
the same for gnutls_record_send..
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20040430/919dafe3/attachment-0001.bin>
More information about the dovecot
mailing list