Home Explore Help
Sign In
cpp
/
panda3d
mirror of https://github.com/panda3d/panda3d
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

defer reading of certificates until the first SSL connection

David Rose 23 years ago
parent
b12571edd9
commit
e926155c82
3 changed files with 24 additions and 13 deletions
Split View Show Diff Stats
  1. 3 2
      panda/src/downloader/httpChannel.cxx
  2. 18 10
      panda/src/downloader/httpClient.cxx
  3. 3 1
      panda/src/downloader/httpClient.h

+ 3 - 2
panda/src/downloader/httpChannel.cxx
View File 

@@ -670,7 +670,7 @@ run_proxy_reading_header() {
 
 ////////////////////////////////////////////////////////////////////
 
 bool HTTPChannel::
 
 run_setup_ssl() {
 
-  _sbio = BIO_new_ssl(_client->_ssl_ctx, true);
 
+  _sbio = BIO_new_ssl(_client->get_ssl_ctx(), true);
 
   BIO_push(_sbio, *_bio);
 
 
   if (downloader_cat.is_debug()) {
 
@@ -2120,8 +2120,9 @@ show_send(const string &message) {
 
   size_t start = 0;
 
   size_t newline = message.find('\n', start);
 
   while (newline != string::npos) {
 
+    // Assume every \n is preceded by a \r.
 
     downloader_cat.spam()
 
-      << "send: " << message.substr(start, newline - start + 1);
 
+      << "send: " << message.substr(start, newline - start - 1) << "\n";
 
     start = newline + 1;
 
     newline = message.find('\n', start);
 
   }

+ 18 - 10
panda/src/downloader/httpClient.cxx
View File 

@@ -53,7 +53,13 @@ HTTPClient::
 
 HTTPClient() {
 
   _http_version = HV_11;
 
   _verify_ssl = verify_ssl ? VS_normal : VS_no_verify;
 
-  make_ctx();
 
+  _ssl_ctx = (SSL_CTX *)NULL;
 
+
 
+  // The first time we create an HTTPClient, we must initialize the
 
+  // OpenSSL library.
 
+  if (!_ssl_initialized) {
 
+    initialize_ssl();
 
+  }
 
 }
 
 
 ////////////////////////////////////////////////////////////////////
 
@@ -67,7 +73,7 @@ HTTPClient(const HTTPClient &copy) {
 
   // function will copy them in a second.
 
   _http_version = HV_11;
 
   _verify_ssl = verify_ssl ? VS_normal : VS_no_verify;
 
-  make_ctx();
 
+  _ssl_ctx = (SSL_CTX *)NULL;
 
 
   (*this) = copy;
 
 }
 
@@ -356,15 +362,15 @@ get_header(const URLSpec &url) {
 
 
 
 ////////////////////////////////////////////////////////////////////
 
-//     Function: HTTPClient::make_ctx
 
-//       Access: Private
 
-//  Description: Creates the OpenSSL context object.  This is only
 
-//               called by the constructor.
 
+//     Function: HTTPClient::get_ssl_ctx
 
+//       Access: Public
 
+//  Description: Returns the OpenSSL context object, creating it first
 
+//               if needed.
 
 ////////////////////////////////////////////////////////////////////
 
-void HTTPClient::
 
-make_ctx() {
 
-  if (!_ssl_initialized) {
 
-    initialize_ssl();
 
+SSL_CTX *HTTPClient::
 
+get_ssl_ctx() {
 
+  if (_ssl_ctx != (SSL_CTX *)NULL) {
 
+    return _ssl_ctx;
 
   }
 
 
   _ssl_ctx = SSL_CTX_new(SSLv23_client_method());
 
@@ -428,6 +434,8 @@ make_ctx() {
 
       }
 
     }
 
   }
 
+
 
+  return _ssl_ctx;
 
 }
 
 
 ////////////////////////////////////////////////////////////////////

+ 3 - 1
panda/src/downloader/httpClient.h
View File 

@@ -95,8 +95,10 @@ PUBLISHED:
 
                                 const string &body = string());
 
   PT(HTTPChannel) get_header(const URLSpec &url);
 
 
+public:
 
+  SSL_CTX *get_ssl_ctx();
 
+
 
 private:
 
-  void make_ctx();
 
   static void initialize_ssl();
 
   static int load_verify_locations(SSL_CTX *ctx, const Filename &ca_file);