eventmachine 0.4.5 → 0.5.1

data/ext/page.h

@@ -0,0 +1,58 @@
+/*****************************************************************************
+
+$Id: page.h 2421 2006-04-29 23:48:49Z francis $
+
+File:     page.h
+Date:     30Apr06
+
+Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
+Gmail: garbagecat20
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+*****************************************************************************/
+
+
+#ifndef __PageManager__H_
+#define __PageManager__H_
+
+
+/**************
+class PageList
+**************/
+
+class PageList
+{
+	struct Page {
+		Page (const char *b, size_t s): Buffer(b), Size(s) {}
+		const char *Buffer;
+		size_t Size;
+	};
+
+	public:
+		PageList();
+		virtual ~PageList();
+
+		void Push (const char*, int);
+		bool HasPages();
+		void Front (const char**, int*);
+		void PopFront();
+
+	private:
+		deque<Page> Pages;
+};
+
+
+#endif // __PageManager__H_

data/ext/project.h

@@ -1,6 +1,6 @@
 /*****************************************************************************
 
-$Id: project.h 2381 2006-04-24 13:33:03Z francis $
+$Id: project.h 2452 2006-05-05 03:57:39Z francis $
 
 File:     project.h
 Date:     06Apr06
@@ -29,6 +29,10 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 #define __Project__H_
 
 
+#ifdef OS_WIN32
+#pragma warning(disable:4786)
+#endif
+
 #include <iostream>
 #include <map>
 #include <vector>
@@ -36,6 +40,9 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 #include <string>
 #include <sstream>
 #include <stdexcept>
+
+
+#ifdef OS_UNIX
 #include <signal.h>
 #include <netdb.h>
 #include <sys/types.h>
@@ -47,14 +54,36 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 #include <netinet/in.h>
 #include <netinet/tcp.h>
 #include <arpa/inet.h>
+typedef int SOCKET;
+#define closesocket close
+#define INVALID_SOCKET -1
+#define SOCKET_ERROR -1
+#endif
+
+
+#ifdef OS_WIN32
+#define WIN32_LEAN_AND_MEAN
+#include <windows.h>
+#include <winsock.h>
+#include <rpc.h>
+#include <fcntl.h>
+#include <assert.h>
+typedef int socklen_t;
+#endif
+
+
 using namespace std;
 
+#include <openssl/ssl.h>
+#include <openssl/err.h>
 
 
 #include "binder.h"
 #include "em.h"
 #include "sigs.h"
 #include "ed.h"
+#include "page.h"
+#include "ssl.h"
 
 
 

data/ext/rubymain.cpp

@@ -1,6 +1,6 @@
 /*****************************************************************************
 
-$Id: libmain.cpp 2309 2006-04-15 15:37:53Z francis $
+$Id: rubymain.cpp 2416 2006-04-29 02:02:16Z francis $
 
 File:     libmain.cpp
 Date:     06Apr06
@@ -36,6 +36,8 @@ Statics
 
 static VALUE EmModule;
 static int SyncSockets [2];
+static int Pipe1[2];
+static int Pipe2[2];
 static bool UseThreads;
 
 static const char *A1;
@@ -52,10 +54,19 @@ t_event_callback
 static void event_callback (const char *a1, int a2, const char *a3, int a4)
 {
 	if (UseThreads) {
+		#ifdef OS_UNIX
 		A1 = a1; A2 = a2; A3 = a3; A4 = a4;
 		write (SyncSockets[1], "+", 1);
 		char g;
 		read (SyncSockets[1], &g, 1);
+		#endif
+
+		#ifdef OS_WIN32
+		A1 = a1; A2 = a2; A3 = a3; A4 = a4;
+		write (Pipe1[1], "+", 1);
+		char g;
+		read (Pipe2[0], &g, 1);
+		#endif
 	}
 	else {
 		rb_funcall (EmModule, rb_intern ("event_callback"), 3, rb_str_new2(a1), (a2 << 1) | 1, rb_str_new(a3,a4));
@@ -67,12 +78,24 @@ static void event_callback (const char *a1, int a2, const char *a3, int a4)
 TRunEvma
 ********/
 
+#ifdef OS_UNIX
 void *TRunEvma (void *v)
 {
 	evma_run_machine();
 	write (SyncSockets[1], "$", 1);
 	return NULL;
 }
+#endif
+
+#ifdef OS_WIN32
+unsigned int __stdcall TRunEvma (void *v)
+{
+	evma_run_machine();
+	write (Pipe1[1], "$", 1);
+	return NULL;
+}
+#endif
+
 
 
 /**************************
@@ -105,6 +128,7 @@ t_run_machine
 
 static VALUE t_run_machine (VALUE self)
 {
+	#ifdef OS_UNIX
 	UseThreads = true;
 
 	int sp = socketpair (AF_LOCAL, SOCK_STREAM, 0, SyncSockets);
@@ -135,7 +159,7 @@ static VALUE t_run_machine (VALUE self)
 		");
 
 		if (v == 3) {
-			rb_funcall (EmModule, rb_intern ("event_callback"), 3, rb_str_new2(A1), (A2 << 1) | 1, rb_str_new(A3,A4));
+			rb_funcall (EmModule, rb_intern ("event_callback"), 3, rb_str_new2(A1), INT2NUM(A2), rb_str_new(A3,A4));
 			write (SyncSockets[0], "", 1);
 		}
 		else if (v == 5) {
@@ -149,6 +173,57 @@ static VALUE t_run_machine (VALUE self)
 	close (SyncSockets[1]);
 
 	return Qnil;
+	#endif
+
+	#ifdef OS_WIN32
+	UseThreads = true;
+
+	int sp1 = _pipe (Pipe1, 4096, _O_BINARY);
+	int sp2 = _pipe (Pipe2, 4096, _O_BINARY);
+	if (sp1 || sp2)
+		throw std::runtime_error ("no socket pair");
+
+	char buf [100];
+	snprintf (buf, sizeof(buf), "@io________pipe = IO.new( %d, \"r\")", Pipe1[0]);
+	rb_eval_string (buf);
+
+	unsigned tid;
+	HANDLE h = (HANDLE) _beginthreadex (NULL, 0, TRunEvma, NULL, 0, &tid);
+	CloseHandle (h);
+
+	while (true) {
+		VALUE v = rb_eval_string ("\
+			if s=select([@io________pipe]) and s=s.shift and s=s.shift\n\
+				r = s.read(1)\n\
+				if r == '+'\n\
+					1\n\
+				elsif r == '$'\n\
+					2\n\
+				else\n\
+					0\n\
+				end\n\
+			else\n\
+				0\n\
+			end\n\
+		");
+
+		if (v == 3) {
+			rb_funcall (EmModule, rb_intern ("event_callback"), 3, rb_str_new2(A1), INT2NUM(A2), rb_str_new(A3,A4));
+			write (Pipe2[1], "", 1);
+		}
+		else if (v == 5) {
+			break;
+		}
+
+	}
+
+	close (Pipe1[0]);
+	close (Pipe1[1]);
+	close (Pipe2[0]);
+	close (Pipe2[1]);
+
+	return Qnil;
+	#endif
 }
 
 
@@ -190,6 +265,17 @@ static VALUE t_send_data (VALUE self, VALUE signature, VALUE data, VALUE data_le
 }
 
 
+/***********
+t_start_tls
+***********/
+
+static VALUE t_start_tls (VALUE self, VALUE signature)
+{
+	evma_start_tls (StringValuePtr (signature));
+	return Qnil;
+}
+
+
 /***************
 t_send_datagram
 ***************/
@@ -275,6 +361,7 @@ extern "C" void Init_rubyeventmachine()
 	rb_define_module_function (EmModule, "run_machine_without_threads", (VALUE(*)(...))t_run_machine_without_threads, 0);
 	rb_define_module_function (EmModule, "add_oneshot_timer", (VALUE(*)(...))t_add_oneshot_timer, 1);
 	rb_define_module_function (EmModule, "start_tcp_server", (VALUE(*)(...))t_start_server, 2);
+	rb_define_module_function (EmModule, "start_tls", (VALUE(*)(...))t_start_tls, 1);
 	rb_define_module_function (EmModule, "send_data", (VALUE(*)(...))t_send_data, 3);
 	rb_define_module_function (EmModule, "send_datagram", (VALUE(*)(...))t_send_datagram, 5);
 	rb_define_module_function (EmModule, "close_connection", (VALUE(*)(...))t_close_connection, 2);

data/ext/sigs.cpp

@@ -1,6 +1,6 @@
 /*****************************************************************************
 
-$Id: sigs.cpp 2291 2006-04-14 03:56:18Z francis $
+$Id: sigs.cpp 2456 2006-05-05 13:54:33Z francis $
 
 File:     sigs.cpp
 Date:     06Apr06
@@ -49,12 +49,48 @@ InstallSignalHandlers
 
 void InstallSignalHandlers()
 {
-  static bool bInstalled = false;
-  if (!bInstalled) {
-    bInstalled = true;
-	  signal (SIGINT, SigtermHandler);
-  	signal (SIGTERM, SigtermHandler);
-	  signal (SIGPIPE, SIG_IGN);
-  }
+	#ifdef OS_UNIX
+	static bool bInstalled = false;
+	if (!bInstalled) {
+		bInstalled = true;
+		signal (SIGINT, SigtermHandler);
+		signal (SIGTERM, SigtermHandler);
+		signal (SIGPIPE, SIG_IGN);
+	}
+	#endif
 }
 
+
+
+/*******************
+WintelSignalHandler
+*******************/
+
+#ifdef OS_WIN32
+BOOL WINAPI WintelSignalHandler (DWORD control)
+{
+	if (control == CTRL_C_EVENT)
+		gTerminateSignalReceived = true;
+	return TRUE;
+}
+#endif
+
+/************
+HookControlC
+************/
+
+#ifdef OS_WIN32
+void HookControlC (bool hook)
+{
+	if (hook) {
+		// INSTALL hook
+		SetConsoleCtrlHandler (WintelSignalHandler, TRUE);
+	}
+	else {
+		// UNINSTALL hook
+		SetConsoleCtrlHandler (WintelSignalHandler, FALSE);
+	}
+}
+#endif
+
+

data/ext/sigs.h

@@ -1,6 +1,6 @@
 /*****************************************************************************
 
-$Id: sigs.h 2291 2006-04-14 03:56:18Z francis $
+$Id: sigs.h 2456 2006-05-05 13:54:33Z francis $
 
 File:     sigs.h
 Date:     06Apr06
@@ -31,5 +31,9 @@ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 void InstallSignalHandlers();
 extern bool gTerminateSignalReceived;
 
+#ifdef OS_WIN32
+void HookControlC (bool);
+#endif
+
 #endif // __Signals__H_
 

data/ext/ssl.cpp

@@ -0,0 +1,377 @@
+/*****************************************************************************
+
+$Id: ssl.cpp 2458 2006-05-05 17:07:17Z francis $
+
+File:     ssl.cpp
+Date:     30Apr06
+
+Copyright (C) 2006 by Francis Cianfrocca. All Rights Reserved.
+Gmail: garbagecat20
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, write to the Free Software
+Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+
+*****************************************************************************/
+
+
+#include "project.h"
+
+
+bool SslContext_t::bLibraryInitialized = false;
+
+
+
+static void InitializeDefaultCredentials();
+static EVP_PKEY *DefaultPrivateKey = NULL;
+static X509 *DefaultCertificate = NULL;
+
+static char PrivateMaterials[] = {"\
+-----BEGIN RSA PRIVATE KEY-----\n\
+MIICXAIBAAKBgQDCYYhcw6cGRbhBVShKmbWm7UVsEoBnUf0cCh8AX+MKhMxwVDWV\n\
+Igdskntn3cSJjRtmgVJHIK0lpb/FYHQB93Ohpd9/Z18pDmovfFF9nDbFF0t39hJ/\n\
+AqSzFB3GiVPoFFZJEE1vJqh+3jzsSF5K56bZ6azz38VlZgXeSozNW5bXkQIDAQAB\n\
+AoGALA89gIFcr6BIBo8N5fL3aNHpZXjAICtGav+kTUpuxSiaym9cAeTHuAVv8Xgk\n\
+H2Wbq11uz+6JMLpkQJH/WZ7EV59DPOicXrp0Imr73F3EXBfR7t2EQDYHPMthOA1D\n\
+I9EtCzvV608Ze90hiJ7E3guGrGppZfJ+eUWCPgy8CZH1vRECQQDv67rwV/oU1aDo\n\
+6/+d5nqjeW6mWkGqTnUU96jXap8EIw6B+0cUKskwx6mHJv+tEMM2748ZY7b0yBlg\n\
+w4KDghbFAkEAz2h8PjSJG55LwqmXih1RONSgdN9hjB12LwXL1CaDh7/lkEhq0PlK\n\
+PCAUwQSdM17Sl0Xxm2CZiekTSlwmHrtqXQJAF3+8QJwtV2sRJp8u2zVe37IeH1cJ\n\
+xXeHyjTzqZ2803fnjN2iuZvzNr7noOA1/Kp+pFvUZUU5/0G2Ep8zolPUjQJAFA7k\n\
+xRdLkzIx3XeNQjwnmLlncyYPRv+qaE3FMpUu7zftuZBnVCJnvXzUxP3vPgKTlzGa\n\
+dg5XivDRfsV+okY5uQJBAMV4FesUuLQVEKb6lMs7rzZwpeGQhFDRfywJzfom2TLn\n\
+2RdJQQ3dcgnhdVDgt5o1qkmsqQh8uJrJ9SdyLIaZQIc=\n\
+-----END RSA PRIVATE KEY-----\n\
+-----BEGIN CERTIFICATE-----\n\
+MIID6TCCA1KgAwIBAgIJANm4W/Tzs+s+MA0GCSqGSIb3DQEBBQUAMIGqMQswCQYD\n\
+VQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRYw\n\
+FAYDVQQKEw1TdGVhbWhlYXQubmV0MRQwEgYDVQQLEwtFbmdpbmVlcmluZzEdMBsG\n\
+A1UEAxMUb3BlbmNhLnN0ZWFtaGVhdC5uZXQxKDAmBgkqhkiG9w0BCQEWGWVuZ2lu\n\
+ZWVyaW5nQHN0ZWFtaGVhdC5uZXQwHhcNMDYwNTA1MTcwNjAzWhcNMjQwMjIwMTcw\n\
+NjAzWjCBqjELMAkGA1UEBhMCVVMxETAPBgNVBAgTCE5ldyBZb3JrMREwDwYDVQQH\n\
+EwhOZXcgWW9yazEWMBQGA1UEChMNU3RlYW1oZWF0Lm5ldDEUMBIGA1UECxMLRW5n\n\
+aW5lZXJpbmcxHTAbBgNVBAMTFG9wZW5jYS5zdGVhbWhlYXQubmV0MSgwJgYJKoZI\n\
+hvcNAQkBFhllbmdpbmVlcmluZ0BzdGVhbWhlYXQubmV0MIGfMA0GCSqGSIb3DQEB\n\
+AQUAA4GNADCBiQKBgQDCYYhcw6cGRbhBVShKmbWm7UVsEoBnUf0cCh8AX+MKhMxw\n\
+VDWVIgdskntn3cSJjRtmgVJHIK0lpb/FYHQB93Ohpd9/Z18pDmovfFF9nDbFF0t3\n\
+9hJ/AqSzFB3GiVPoFFZJEE1vJqh+3jzsSF5K56bZ6azz38VlZgXeSozNW5bXkQID\n\
+AQABo4IBEzCCAQ8wHQYDVR0OBBYEFPJvPd1Fcmd8o/Tm88r+NjYPICCkMIHfBgNV\n\
+HSMEgdcwgdSAFPJvPd1Fcmd8o/Tm88r+NjYPICCkoYGwpIGtMIGqMQswCQYDVQQG\n\
+EwJVUzERMA8GA1UECBMITmV3IFlvcmsxETAPBgNVBAcTCE5ldyBZb3JrMRYwFAYD\n\
+VQQKEw1TdGVhbWhlYXQubmV0MRQwEgYDVQQLEwtFbmdpbmVlcmluZzEdMBsGA1UE\n\
+AxMUb3BlbmNhLnN0ZWFtaGVhdC5uZXQxKDAmBgkqhkiG9w0BCQEWGWVuZ2luZWVy\n\
+aW5nQHN0ZWFtaGVhdC5uZXSCCQDZuFv087PrPjAMBgNVHRMEBTADAQH/MA0GCSqG\n\
+SIb3DQEBBQUAA4GBAC1CXey/4UoLgJiwcEMDxOvW74plks23090iziFIlGgcIhk0\n\
+Df6hTAs7H3MWww62ddvR8l07AWfSzSP5L6mDsbvq7EmQsmPODwb6C+i2aF3EDL8j\n\
+uw73m4YIGI0Zw2XdBpiOGkx2H56Kya6mJJe/5XORZedh1wpI7zki01tHYbcy\n\
+-----END CERTIFICATE-----\n"};
+
+/* These private materials were made with:
+ * openssl req -new -x509 -keyout cakey.pem -out cacert.pem -nodes -days 6500
+ * TODO: We need a full-blown capability to work with user-supplied
+ * keypairs and properly-signed certificates.
+ */
+
+
+/*****************
+builtin_passwd_cb
+*****************/
+
+extern "C" static int builtin_passwd_cb (char *buf, int bufsize, int rwflag, void *userdata)
+{
+	strcpy (buf, "kittycat");
+	return 8;
+}
+
+/****************************
+InitializeDefaultCredentials
+****************************/
+
+static void InitializeDefaultCredentials()
+{
+	BIO *bio = BIO_new_mem_buf (PrivateMaterials, -1);
+	assert (bio);
+
+	if (DefaultPrivateKey) {
+		// we may come here in a restart.
+		EVP_PKEY_free (DefaultPrivateKey);
+		DefaultPrivateKey = NULL;
+	}
+	PEM_read_bio_PrivateKey (bio, &DefaultPrivateKey, builtin_passwd_cb, 0);
+
+	if (DefaultCertificate) {
+		// we may come here in a restart.
+		X509_free (DefaultCertificate);
+		DefaultCertificate = NULL;
+	}
+	PEM_read_bio_X509 (bio, &DefaultCertificate, NULL, 0);
+
+	BIO_free (bio);
+}
+
+
+
+/**************************
+SslContext_t::SslContext_t
+**************************/
+
+SslContext_t::SslContext_t (bool is_server):
+	pCtx (NULL),
+	PrivateKey (NULL),
+	Certificate (NULL)
+{
+	if (!bLibraryInitialized) {
+		bLibraryInitialized = true;
+		SSL_library_init();
+		OpenSSL_add_ssl_algorithms();
+	        OpenSSL_add_all_algorithms();
+		SSL_load_error_strings();
+		ERR_load_crypto_strings();
+
+		InitializeDefaultCredentials();
+	}
+
+	bIsServer = is_server;
+	pCtx = SSL_CTX_new (is_server ? SSLv23_server_method() : SSLv23_client_method());
+	if (!pCtx)
+		throw std::runtime_error ("no SSL context");
+
+	SSL_CTX_set_options (pCtx, SSL_OP_ALL);
+	//SSL_CTX_set_options (pCtx, (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3));
+
+	if (is_server) {
+		// The SSL_CTX calls here do NOT allocate memory.
+		int e;
+		e = SSL_CTX_use_PrivateKey (pCtx, DefaultPrivateKey);
+		assert (e > 0);
+		e = SSL_CTX_use_certificate (pCtx, DefaultCertificate);
+		assert (e > 0);
+	}
+
+	SSL_CTX_set_cipher_list (pCtx, "ALL:!ADH:!LOW:!EXP:!DES-CBC3-SHA:@STRENGTH");
+
+	if (is_server) {
+		SSL_CTX_sess_set_cache_size (pCtx, 128);
+		SSL_CTX_set_session_id_context (pCtx, (unsigned char*)"eventmachine", 12);
+	}
+
+}
+
+/***************************
+SslContext_t::~SslContext_t
+***************************/
+
+SslContext_t::~SslContext_t()
+{
+	if (pCtx)
+		SSL_CTX_free (pCtx);
+	if (PrivateKey)
+		EVP_PKEY_free (PrivateKey);
+	if (Certificate)
+		X509_free (Certificate);
+}
+
+
+
+/******************
+SslBox_t::SslBox_t
+******************/
+
+SslBox_t::SslBox_t (bool is_server):
+	bIsServer (is_server),
+	pSSL (NULL),
+	pbioRead (NULL),
+	pbioWrite (NULL)
+{
+	Context = new SslContext_t (bIsServer);
+	assert (Context);
+
+	pbioRead = BIO_new (BIO_s_mem());
+	assert (pbioRead);
+
+	pbioWrite = BIO_new (BIO_s_mem());
+	assert (pbioWrite);
+
+	pSSL = SSL_new (Context->pCtx);
+	assert (pSSL);
+	SSL_set_bio (pSSL, pbioRead, pbioWrite);
+
+	if (!bIsServer)
+		SSL_connect (pSSL);
+}
+
+
+
+/*******************
+SslBox_t::~SslBox_t
+*******************/
+
+SslBox_t::~SslBox_t()
+{
+	// Freeing pSSL will also free the associated BIOs, so DON'T free them separately.
+	if (pSSL) {
+		if (SSL_get_shutdown (pSSL) & SSL_RECEIVED_SHUTDOWN)
+			SSL_shutdown (pSSL);
+		else
+			SSL_clear (pSSL);
+		SSL_free (pSSL);
+	}
+
+	delete Context;
+}
+
+
+
+/***********************
+SslBox_t::PutCiphertext
+***********************/
+
+bool SslBox_t::PutCiphertext (const char *buf, int bufsize)
+{
+	assert (buf && (bufsize > 0));
+
+	assert (pbioRead);
+	int n = BIO_write (pbioRead, buf, bufsize);
+
+	return (n == bufsize) ? true : false;
+}
+
+
+/**********************
+SslBox_t::GetPlaintext
+**********************/
+
+int SslBox_t::GetPlaintext (char *buf, int bufsize)
+{
+	if (!SSL_is_init_finished (pSSL)) {
+		int e = bIsServer ? SSL_accept (pSSL) : SSL_connect (pSSL);
+		if (e < 0) {
+			int er = SSL_get_error (pSSL, e);
+			if (er != SSL_ERROR_WANT_READ) {
+				// Return -1 for a nonfatal error, -2 for an error that should force the connection down.
+				return (er == SSL_ERROR_SSL) ? (-2) : (-1);
+			}
+			else
+				return 0;
+		}
+		// If handshake finished, FALL THROUGH and return the available plaintext.
+	}
+
+	if (!SSL_is_init_finished (pSSL)) {
+		// We can get here if a browser abandons a handshake.
+		// The user can see a warning dialog and abort the connection.
+		cerr << "<SSL_incomp>";
+		return 0;
+	}
+
+	//cerr << "CIPH: " << SSL_get_cipher (pSSL) << endl;
+
+	int n = SSL_read (pSSL, buf, bufsize);
+	if (n >= 0) {
+		return n;
+	}
+	else {
+		if (SSL_get_error (pSSL, n) == SSL_ERROR_WANT_READ) {
+			return 0;
+		}
+		else {
+			return -1;
+		}
+	}
+
+	return 0;
+}
+
+
+
+/**************************
+SslBox_t::CanGetCiphertext
+**************************/
+
+bool SslBox_t::CanGetCiphertext()
+{
+	assert (pbioWrite);
+	return BIO_pending (pbioWrite) ? true : false;
+}
+
+
+
+/***********************
+SslBox_t::GetCiphertext
+***********************/
+
+int SslBox_t::GetCiphertext (char *buf, int bufsize)
+{
+	assert (pbioWrite);
+	assert (buf && (bufsize > 0));
+
+	return BIO_read (pbioWrite, buf, bufsize);
+}
+
+
+
+/**********************
+SslBox_t::PutPlaintext
+**********************/
+
+int SslBox_t::PutPlaintext (const char *buf, int bufsize)
+{
+	// The caller will interpret the return value as the number of bytes written.
+	// WARNING WARNING WARNING, are there any situations in which a 0 or -1 return
+	// from SSL_write means we should immediately retry? The socket-machine loop
+	// will probably wait for a time-out cycle (perhaps a second) before re-trying.
+	// THIS WOULD CAUSE A PERCEPTIBLE DELAY!
+
+	/* We internally queue any outbound plaintext that can't be dispatched
+	 * because we're in the middle of a handshake or something.
+	 * When we get called, try to send any queued data first, and then
+	 * send the caller's data (or queue it). We may get called with no outbound
+	 * data, which means we try to send the outbound queue and that's all.
+	 *
+	 * Return >0 if we wrote any data, 0 if we didn't, and <0 for a fatal error.
+	 * Note that if we return 0, the connection is still considered live
+	 * and we are signalling that we have accepted the outbound data (if any).
+	 */
+
+	OutboundQ.Push (buf, bufsize);
+
+	bool fatal = false;
+	bool did_work = false;
+
+	while (OutboundQ.HasPages()) {
+		const char *page;
+		int length;
+		OutboundQ.Front (&page, &length);
+		assert (page && (length > 0));
+		int n = SSL_write (pSSL, page, length);
+		if (n > 0) {
+			did_work = true;
+			OutboundQ.PopFront();
+		}
+		else {
+			int er = SSL_get_error (pSSL, n);
+			if ((er != SSL_ERROR_WANT_READ) && (er != SSL_ERROR_WANT_WRITE))
+				fatal = true;
+			break;
+		}
+	}
+
+
+	if (did_work)
+		return 1;
+	else if (fatal)
+		return -1;
+	else
+		return 0;
+}
+