Allow running the TLS stack on any lower connection

This is especially needed if we use an HTTPS proxy to CONNECT to an HTTPS URI, as we run TLS-inside-TLS then.
author: Julian Andres Klode <jak@debian.org> 2017-06-30 13:51:32 +0200
committer: Julian Andres Klode <jak@debian.org> 2017-06-30 14:57:54 +0200
commit: 4b1d19fe5619ef46c952ca84531759a981741482 (patch)
tree: 81bf3d79c74ee31496e804aff218acb189dc2131 /methods
parent: d3a70c3e5ae68a0e5a3d4667dd1d0fc0887e6263 (diff)
1 files changed, 19 insertions, 1 deletions
diff --git a/methods/connect.cc b/methods/connect.cc
index fd37d19f7..f58a67db3 100644
--- a/methods/connect.cc
+++ b/methods/connect.cc
@@ -656,7 +656,25 @@ bool UnwrapTLS(std::string Host, std::unique_ptr<MethodFd> &Fd,
    tlsFd->UnderlyingFd = MethodFd::FromFd(-1); // For now
 
    gnutls_init(&tlsFd->session, GNUTLS_CLIENT | GNUTLS_NONBLOCK);
-   gnutls_transport_set_int(tlsFd->session, dynamic_cast<FdFd *>(Fd.get())->fd);
+
+   FdFd *fdfd = dynamic_cast<FdFd *>(Fd.get());
+   if (fdfd != nullptr)
+   {
+      gnutls_transport_set_int(tlsFd->session, fdfd->fd);
+   }
+   else
+   {
+      gnutls_transport_set_ptr(tlsFd->session, Fd.get());
+      gnutls_transport_set_pull_function(tlsFd->session,
+					 [](gnutls_transport_ptr_t p, void *buf, size_t size) -> ssize_t {
+					    return reinterpret_cast<MethodFd *>(p)->Read(buf, size);
+					 });
+      gnutls_transport_set_push_function(tlsFd->session,
+					 [](gnutls_transport_ptr_t p, const void *buf, size_t size) -> ssize_t {
+					    return reinterpret_cast<MethodFd *>(p)->Write((void *)buf, size);
+					 });
+   }
+
    gnutls_certificate_allocate_credentials(&tlsFd->credentials);
 
    // Credential setup
author	Julian Andres Klode <jak@debian.org>	2017-06-30 13:51:32 +0200
committer	Julian Andres Klode <jak@debian.org>	2017-06-30 14:57:54 +0200
commit	4b1d19fe5619ef46c952ca84531759a981741482 (patch)
tree	81bf3d79c74ee31496e804aff218acb189dc2131 /methods
parent	d3a70c3e5ae68a0e5a3d4667dd1d0fc0887e6263 (diff)