cmake_minimum_required(VERSION 2.6)
-INCLUDE(CheckIncludeFiles)
-
PROJECT(ustream-ssl C)
ADD_DEFINITIONS(-Os -Wall -Werror --std=gnu99 -g3 -Wmissing-declarations)
ADD_DEFINITIONS(-DHAVE_MBEDTLS)
SET(SSL_SRC ustream-mbedtls.c)
SET(SSL_LIB mbedtls mbedcrypto mbedx509 m)
-ELSEIF(CYASSL)
- CHECK_INCLUDE_FILES (cyassl/version.h HAVE_CYASSL_VERSION_H)
- SET(CMAKE_EXTRA_INCLUDE_FILES cyassl/ssl.h)
- IF (HAVE_CYASSL_VERSION_H)
- ADD_DEFINITIONS(-DHAVE_CYASSL_VERSION_H)
- ENDIF()
- ADD_DEFINITIONS(-DHAVE_CYASSL)
- SET(SSL_SRC ustream-io-cyassl.c ustream-openssl.c)
- SET(SSL_LIB cyassl m)
+ELSEIF(WOLFSSL)
+ ADD_DEFINITIONS(-DHAVE_WOLFSSL)
+ SET(SSL_SRC ustream-io-wolfssl.c ustream-openssl.c)
+ SET(SSL_LIB wolfssl m)
ELSE()
SET(SSL_SRC ustream-io-openssl.c ustream-openssl.c)
SET(SSL_LIB crypto ssl)
#if defined(HAVE_MBEDTLS)
#include "ustream-mbedtls.h"
#else
-#if defined(HAVE_CYASSL)
-#include <wolfssl/options.h>
-#endif
#include "ustream-openssl.h"
#endif
+++ /dev/null
-/*
- * ustream-ssl - library for SSL over ustream
- *
- * Copyright (C) 2012 Felix Fietkau <nbd@openwrt.org>
- *
- * Permission to use, copy, modify, and/or distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <string.h>
-
-#include <libubox/ustream.h>
-
-#include "ustream-ssl.h"
-#include "ustream-internal.h"
-
-#ifdef HAVE_CYASSL_VERSION_H
-#include <cyassl/version.h>
-#else
-#define LIBCYASSL_VERSION_HEX 0
-#endif
-
-static int s_ustream_read(char *buf, int len, void *ctx)
-{
- struct ustream *s = ctx;
- char *sbuf;
- int slen;
-
- if (s->eof)
- return -3;
-
- sbuf = ustream_get_read_buf(s, &slen);
- if (slen > len)
- slen = len;
-
- if (!slen)
- return -2;
-
- memcpy(buf, sbuf, slen);
- ustream_consume(s, slen);
-
- return slen;
-}
-
-static int s_ustream_write(char *buf, int len, void *ctx)
-{
- struct ustream *s = ctx;
-
- if (s->write_error)
- return len;
-
- return ustream_write(s, buf, len, false);
-}
-
-#if (LIBCYASSL_VERSION_HEX > 0)
-static int io_recv_cb(SSL* ssl, char *buf, int sz, void *ctx)
-{
- return s_ustream_read(buf, sz, ctx);
-}
-
-static int io_send_cb(SSL* ssl, char *buf, int sz, void *ctx)
-{
- return s_ustream_write(buf, sz, ctx);
-}
-#else
-/* not defined in the header file */
-typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx);
-typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx);
-
-void SetCallbackIORecv_Ctx(SSL_CTX*, CallbackIORecv);
-void SetCallbackIOSend_Ctx(SSL_CTX*, CallbackIOSend);
-void SetCallbackIO_ReadCtx(SSL* ssl, void *rctx);
-void SetCallbackIO_WriteCtx(SSL* ssl, void *wctx);
-
-#define CyaSSL_SetIOReadCtx SetCallbackIO_ReadCtx
-#define CyaSSL_SetIOWriteCtx SetCallbackIO_WriteCtx
-#define CyaSSL_SetIORecv SetCallbackIORecv_Ctx
-#define CyaSSL_SetIOSend SetCallbackIOSend_Ctx
-
-static int io_recv_cb(char *buf, int sz, void *ctx)
-{
- return s_ustream_read(buf, sz, ctx);
-}
-
-static int io_send_cb(char *buf, int sz, void *ctx)
-{
- return s_ustream_write(buf, sz, ctx);
-}
-#endif
-
-__hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn)
-{
- CyaSSL_SetIOReadCtx(ssl, conn);
- CyaSSL_SetIOWriteCtx(ssl, conn);
- CyaSSL_SetIORecv((void *) ctx, io_recv_cb);
- CyaSSL_SetIOSend((void *) ctx, io_send_cb);
-}
--- /dev/null
+/*
+ * ustream-ssl - library for SSL over ustream
+ *
+ * Copyright (C) 2012 Felix Fietkau <nbd@openwrt.org>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <string.h>
+
+#include <libubox/ustream.h>
+
+#include "ustream-ssl.h"
+#include "ustream-internal.h"
+
+static int s_ustream_read(char *buf, int len, void *ctx)
+{
+ struct ustream *s = ctx;
+ char *sbuf;
+ int slen;
+
+ if (s->eof)
+ return -3;
+
+ sbuf = ustream_get_read_buf(s, &slen);
+ if (slen > len)
+ slen = len;
+
+ if (!slen)
+ return -2;
+
+ memcpy(buf, sbuf, slen);
+ ustream_consume(s, slen);
+
+ return slen;
+}
+
+static int s_ustream_write(char *buf, int len, void *ctx)
+{
+ struct ustream *s = ctx;
+
+ if (s->write_error)
+ return len;
+
+ return ustream_write(s, buf, len, false);
+}
+
+static int io_recv_cb(SSL* ssl, char *buf, int sz, void *ctx)
+{
+ return s_ustream_read(buf, sz, ctx);
+}
+
+static int io_send_cb(SSL* ssl, char *buf, int sz, void *ctx)
+{
+ return s_ustream_write(buf, sz, ctx);
+}
+
+__hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn)
+{
+ wolfSSL_SetIOReadCtx(ssl, conn);
+ wolfSSL_SetIOWriteCtx(ssl, conn);
+ wolfSSL_SetIORecv((void *) ctx, io_recv_cb);
+ wolfSSL_SetIOSend((void *) ctx, io_send_cb);
+}
#include <string.h>
#include <ctype.h>
-#include <openssl/x509v3.h>
#include "ustream-ssl.h"
#include "ustream-internal.h"
+#include <openssl/x509v3.h>
/* Ciphersuite preference:
* - for server, no weak ciphers are used if you use an ECDSA key.
uloop_timeout_set(&us->error_timer, 0);
}
-#ifndef CYASSL_OPENSSL_H_
+#ifndef WOLFSSL_OPENSSL_H_
static bool ustream_ssl_verify_cn(struct ustream_ssl *us, X509 *cert)
{
r = SSL_connect(ssl);
if (r == 1) {
-#ifndef CYASSL_OPENSSL_H_
+#ifndef WOLFSSL_OPENSSL_H_
ustream_ssl_verify_cert(us);
#endif
return U_SSL_OK;
#ifndef __USTREAM_OPENSSL_H
#define __USTREAM_OPENSSL_H
+#if defined(HAVE_WOLFSSL)
+#include <wolfssl/options.h>
+#endif
+
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <stdbool.h>