Add wrappers for cryptlib functions

If anything that should send/receive data returns CRYPT_ERROR_COMPLETE tell the I/O threads to temrinate so conn_connected() will return false Another attempt at bug 174.

Add wrappers for cryptlib functions
9dd5381b · Deucе · 3f7bf074 · 9dd5381b · 9dd5381b
Commit 9dd5381b authored 3 months ago by Deucе
--- a/src/syncterm/ssh.c
+++ b/src/syncterm/ssh.c
@@ -62,7 +62,30 @@ init_crypt(void)
 static int
 FlushData(CRYPT_SESSION sess)
 {
-	return cryptFlushData(sess);
+	int ret = cryptFlushData(sess);
+	if (ret == CRYPT_ERROR_COMPLETE)
+		ssh_complete = true;
+	return ret;
+}
+
+static int
+PopData(CRYPT_HANDLE e, void *buf, int len, int *copied)
+{
+	cryptSetAttribute(ssh_session, CRYPT_OPTION_NET_READTIMEOUT, 0);
+	int ret = cryptPopData(e, buf, len, copied);
+	cryptSetAttribute(ssh_session, CRYPT_OPTION_NET_READTIMEOUT, 30);
+	if (ret == CRYPT_ERROR_COMPLETE)
+		ssh_complete = true;
+	return ret;
+}
+
+static int
+PushData(CRYPT_HANDLE e, void *buf, int len, int *copied)
+{
+	int ret = cryptPushData(e, buf, len, copied);
+	if (ret == CRYPT_ERROR_COMPLETE)
+		ssh_complete = true;
+	return ret;
 }

 void
@@ -229,7 +252,7 @@ ssh_input_thread(void *args)
 		}

 		cryptSetAttribute(ssh_session, CRYPT_OPTION_NET_READTIMEOUT, 0);
-		popstatus = cryptPopData(ssh_session, conn_api.rd_buf, conn_api.rd_buf_size, &rd);
+		popstatus = PopData(ssh_session, conn_api.rd_buf, conn_api.rd_buf_size, &rd);
 		cryptSetAttribute(ssh_session, CRYPT_OPTION_NET_READTIMEOUT, 30);
 		if (cryptStatusOK(popstatus)) {
 			gchstatus = cryptGetAttribute(ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, &chan);
@@ -341,7 +364,7 @@ ssh_output_thread(void *args)
 				FlushData(ssh_session);
 				status = cryptSetAttribute(ssh_session, CRYPT_SESSINFO_SSH_CHANNEL, ssh_channel);
 				if (cryptStatusOK(status)) {
-					status = cryptPushData(ssh_session, conn_api.wr_buf + sent, wr - sent, &ret);
+					status = PushData(ssh_session, conn_api.wr_buf + sent, wr - sent, &ret);
 					if (cryptStatusOK(status))
 						FlushData(ssh_session);
 				}
@@ -387,7 +410,7 @@ sftp_send(uint8_t *buf, size_t sz, void *cb_data)
 			active = 0;
 			status = cryptGetAttribute(ssh_session, CRYPT_SESSINFO_SSH_CHANNEL_OPEN, &active);
 			if (cryptStatusOK(status) && active)
-				status = cryptPushData(ssh_session, buf + sent, sz - sent, &ret);
+				status = PushData(ssh_session, buf + sent, sz - sent, &ret);
 		}
 		pthread_mutex_unlock(&ssh_mutex);
 		if (cryptStatusError(status)) {

--- a/src/syncterm/telnets.c
+++ b/src/syncterm/telnets.c
@@ -28,6 +28,33 @@ static CRYPT_SESSION telnets_session;
 static atomic_bool telnets_active = false;
 static pthread_mutex_t telnets_mutex;

+static int
+FlushData(CRYPT_SESSION sess)
+{
+	int ret = cryptFlushData(sess);
+	if (ret == CRYPT_ERROR_COMPLETE)
+		telnets_active = false;
+	return ret;
+}
+
+static int
+PopData(CRYPT_HANDLE e, void *buf, int len, int *copied)
+{
+	int ret = cryptPopData(e, buf, len, copied);
+	if (ret == CRYPT_ERROR_COMPLETE)
+		telnets_active = false;
+	return ret;
+}
+
+static int
+PushData(CRYPT_HANDLE e, void *buf, int len, int *copied)
+{
+	int ret = cryptPushData(e, buf, len, copied);
+	if (ret == CRYPT_ERROR_COMPLETE)
+		telnets_active = false;
+	return ret;
+}
+
 void
 telnets_input_thread(void *args)
 {
@@ -41,8 +68,8 @@ telnets_input_thread(void *args)
 		if (!socket_readable(telnets_sock, 100))
 			continue;
 		pthread_mutex_lock(&telnets_mutex);
-		IGNORE_RESULT(cryptFlushData(telnets_session));
-		status = cryptPopData(telnets_session, conn_api.rd_buf, conn_api.rd_buf_size, &rd);
+		FlushData(telnets_session);
+		status = PopData(telnets_session, conn_api.rd_buf, conn_api.rd_buf_size, &rd);
 		pthread_mutex_unlock(&telnets_mutex);
                // Handle case where there was socket activity without readable data (ie: rekey)
 		if (status == CRYPT_ERROR_TIMEOUT)
@@ -86,7 +113,7 @@ telnets_output_thread(void *args)
 			sent = 0;
 			while (telnets_active && sent < wr) {
 				pthread_mutex_lock(&telnets_mutex);
-				status = cryptPushData(telnets_session, conn_api.wr_buf + sent, wr - sent, &ret);
+				status = PushData(telnets_session, conn_api.wr_buf + sent, wr - sent, &ret);
 				pthread_mutex_unlock(&telnets_mutex);
 				if (cryptStatusError(status)) {
 					if (status == CRYPT_ERROR_COMPLETE) { /* connection closed */
@@ -101,7 +128,7 @@ telnets_output_thread(void *args)
 			}
 			if (sent) {
 				pthread_mutex_lock(&telnets_mutex);
-				IGNORE_RESULT(cryptFlushData(telnets_session));
+				FlushData(telnets_session);
 				pthread_mutex_unlock(&telnets_mutex);
 			}
 		}