Added a generic SSL handshake mechanism.

src/core/netevent.c

@@ -265,7 +265,7 @@ void net_on_accept(int server_fd, short ev, void *arg)
 		}
 
 #ifdef SSL_SUPPORT
-		net_con_ssl_accept(&user->net.connection);
+		net_con_ssl_handshake(&user->net.connection, NET_CON_SSL_MODE_SERVER);
 #endif
 	}
 }

src/network/connection.c

@@ -109,11 +109,6 @@ void net_con_initialize(struct net_connection* con, int sd, struct ip_addr_encap
 #ifdef SSL_SUPPORT
 	con->ssl = NULL;
 	con->write_len = 0;
-
-	con->ssl = SSL_new(g_hub->ssl_ctx);
-        LOG_DUMP("SSL_new");
-        SSL_set_fd(con->ssl, con->sd);
-        LOG_DUMP("SSL_set_fd");
 #endif
 }
 
@@ -319,6 +314,22 @@ ssize_t net_con_ssl_connect(struct net_connection* con)
 	}
 	return ret;
 }
+
+ssize_t net_con_ssl_handshake(struct net_connection* con, int ssl_mode)
+{
+	if (ssl_mode == NET_CON_SSL_MODE_SERVER)
+	{
+		con->ssl = SSL_new(g_hub->ssl_ctx);
+		SSL_set_fd(con->ssl, con->sd);
+		return net_con_ssl_accept(con);
+	}
+	else
+	{
+		con->ssl = SSL_new(SSL_CTX_new(TLSv1_method()));
+		SSL_set_fd(con->ssl, con->sd);
+		return net_con_ssl_connect(con);
+	}
+}
 #endif /* SSL_SUPPORT */
 
 

src/network/connection.h

@@ -33,7 +33,6 @@ struct net_connection
 	time_t               last_send; /** Timestamp for last send() */
 #ifdef SSL_SUPPORT
 	SSL*                 ssl;       /** SSL handle */
-	SSL_CTX*             ctx;       /** FIXME: Should have a global one instead */
 	size_t               write_len; /** Length of last SSL_write(), only used if flags is NET_WANT_SSL_READ. */
 #endif /*  SSL_SUPPORT */
 };
@@ -70,6 +69,11 @@ extern ssize_t net_con_ssl_accept(struct net_connection*);
  * Start SSL_connect()
  */
 extern ssize_t net_con_ssl_connect(struct net_connection*);
+
+#define NET_CON_SSL_MODE_SERVER 1
+#define NET_CON_SSL_MODE_CLIENT 2
+extern ssize_t net_con_ssl_handshake(struct net_connection* con, int ssl_mode);
+
 #endif /* SSL_SUPPORT */
 
 #endif /* HAVE_UHUB_NETWORK_CONNECTION_H */