ERR_raise(ERR_LIB_BIO, BIO_R_UNABLE_TO_CREATE_SOCKET);
return INVALID_SOCKET;
}
-# ifndef OPENSSL_NO_KTLS
- {
- /*
- * The new socket is created successfully regardless of ktls_enable.
- * ktls_enable doesn't change any functionality of the socket, except
- * changing the setsockopt to enable the processing of ktls_start.
- * Thus, it is not a problem to call it for non-TLS sockets.
- */
- ktls_enable(sock);
- }
-# endif
return sock;
}
}
return 0;
}
+# ifndef OPENSSL_NO_KTLS
+ /*
+ * The new socket is created successfully regardless of ktls_enable.
+ * ktls_enable doesn't change any functionality of the socket, except
+ * changing the setsockopt to enable the processing of ktls_start.
+ * Thus, it is not a problem to call it for non-TLS sockets.
+ */
+ ktls_enable(sock);
+# endif
return 1;
}
break;
case BIO_CONN_S_BLOCKED_CONNECT:
+ /* wait for socket being writable, before querying BIO_sock_error */
+ if (BIO_socket_wait(b->num, 0, time(NULL)) == 0)
+ break;
i = BIO_sock_error(b->num);
if (i != 0) {
BIO_clear_retry_flags(b);
ERR_raise(ERR_LIB_BIO, BIO_R_NBIO_CONNECT_ERROR);
ret = 0;
goto exit_loop;
- } else
+ } else {
c->state = BIO_CONN_S_OK;
+# ifndef OPENSSL_NO_KTLS
+ /*
+ * The new socket is created successfully regardless of ktls_enable.
+ * ktls_enable doesn't change any functionality of the socket, except
+ * changing the setsockopt to enable the processing of ktls_start.
+ * Thus, it is not a problem to call it for non-TLS sockets.
+ */
+ ktls_enable(b->num);
+# endif
+ }
break;
case BIO_CONN_S_CONNECT_ERROR:
#endif
fprintf(stderr, " -CApath arg - PEM format directory of CA's\n");
fprintf(stderr, " -CAfile arg - PEM format file of CA's\n");
- fprintf(stderr, " -cert arg - Server certificate file\n");
+ fprintf(stderr, " -s_cert arg - Server certificate file\n");
fprintf(stderr,
- " -key arg - Server key file (default: same as -cert)\n");
+ " -s_key arg - Server key file (default: same as -cert)\n");
fprintf(stderr, " -c_cert arg - Client certificate file\n");
fprintf(stderr,
" -c_key arg - Client key file (default: same as -c_cert)\n");
}
if (print_time) {
- if (bio_type != BIO_PAIR) {
+ if (bio_type == BIO_MEM) {
fprintf(stderr, "Using BIO pair (-bio_pair)\n");
bio_type = BIO_PAIR;
}
r = BIO_write(c_ssl_bio, cbuf, i);
if (r < 0) {
if (!BIO_should_retry(c_ssl_bio)) {
- fprintf(stderr, "ERROR in CLIENT\n");
+ fprintf(stderr, "ERROR in CLIENT (write)\n");
err_in_client = 1;
goto err;
}
r = BIO_read(c_ssl_bio, cbuf, sizeof(cbuf));
if (r < 0) {
if (!BIO_should_retry(c_ssl_bio)) {
- fprintf(stderr, "ERROR in CLIENT\n");
+ fprintf(stderr, "ERROR in CLIENT (read)\n");
err_in_client = 1;
goto err;
}
r = BIO_write(s_ssl_bio, sbuf, i);
if (r < 0) {
if (!BIO_should_retry(s_ssl_bio)) {
- fprintf(stderr, "ERROR in SERVER\n");
+ fprintf(stderr, "ERROR in SERVER (write)\n");
err_in_server = 1;
goto err;
}
r = BIO_read(s_ssl_bio, sbuf, sizeof(sbuf));
if (r < 0) {
if (!BIO_should_retry(s_ssl_bio)) {
- fprintf(stderr, "ERROR in SERVER\n");
+ fprintf(stderr, "ERROR in SERVER (read)\n");
err_in_server = 1;
goto err;
}
}
while (cw_num > 0 || cr_num > 0 || sw_num > 0 || sr_num > 0);
- if (verbose)
+ if (verbose) {
print_details(c_ssl, "DONE via TCP connect: ");
+
+ if (BIO_get_ktls_send(SSL_get_wbio(s_ssl))
+ && BIO_get_ktls_recv(SSL_get_rbio(s_ssl)))
+ BIO_printf(bio_stdout, "Server using Kernel TLS in both directions\n");
+ else if (BIO_get_ktls_send(SSL_get_wbio(s_ssl)))
+ BIO_printf(bio_stdout, "Server using Kernel TLS for sending\n");
+ else if (BIO_get_ktls_recv(SSL_get_rbio(s_ssl)))
+ BIO_printf(bio_stdout, "Server using Kernel TLS for receiving\n");
+
+ if (BIO_get_ktls_send(SSL_get_wbio(c_ssl))
+ && BIO_get_ktls_recv(SSL_get_rbio(c_ssl)))
+ BIO_printf(bio_stdout, "Client using Kernel TLS in both directions\n");
+ else if (BIO_get_ktls_send(SSL_get_wbio(c_ssl)))
+ BIO_printf(bio_stdout, "Client using Kernel TLS for sending\n");
+ else if (BIO_get_ktls_recv(SSL_get_rbio(c_ssl)))
+ BIO_printf(bio_stdout, "Client using Kernel TLS for receiving\n");
+ }
# ifndef OPENSSL_NO_NEXTPROTONEG
if (verify_npn(c_ssl, s_ssl) < 0)
goto end;