cmake_minimum_required(VERSION 2.6)
-INCLUDE(CheckSymbolExists)
-
PROJECT(ustream-ssl C)
ADD_DEFINITIONS(-Os -Wall -Werror --std=gnu99 -g3)
SET(SSL_SRC ustream-io-wolfssl.c ustream-openssl.c)
SET(SSL_LIB ${wolfssl_library} m)
SET(CMAKE_REQUIRED_LIBRARIES "${wolfssl_library} -lm")
- CHECK_SYMBOL_EXISTS (wolfSSL_SSLSetIORecv "wolfssl/ssl.h"
- HAVE_WOLFSSL_SSLSETIORECV)
- IF (NOT HAVE_WOLFSSL_SSLSETIORECV)
- ADD_DEFINITIONS(-DNO_WOLFSSL_SSLSETIO_SEND_RECV)
- ENDIF()
- CHECK_SYMBOL_EXISTS (wolfSSL_X509_check_host
- "wolfssl/options.h;wolfssl/ssl.h"
- HAVE_WOLFSSL_X509_CHECK_HOST)
- IF (NOT HAVE_WOLFSSL_X509_CHECK_HOST)
- ADD_DEFINITIONS(-DNO_X509_CHECK_HOST)
- ENDIF()
ELSE()
SET(SSL_SRC ustream-io-openssl.c ustream-openssl.c)
SET(SSL_LIB crypto ssl)
__hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn)
{
-#ifndef NO_WOLFSSL_SSLSETIO_SEND_RECV
wolfSSL_SSLSetIORecv(ssl, io_recv_cb);
wolfSSL_SSLSetIOSend(ssl, io_send_cb);
-#else
- wolfSSL_SetIORecv((void *) ctx, io_recv_cb);
- wolfSSL_SetIOSend((void *) ctx, io_send_cb);
- if (ssl == NULL)
- return;
-#endif
wolfSSL_SetIOReadCtx(ssl, conn);
wolfSSL_SetIOWriteCtx(ssl, conn);
}
uloop_timeout_set(&us->error_timer, 0);
}
-#ifndef NO_X509_CHECK_HOST
-
static bool ustream_ssl_verify_cn(struct ustream_ssl *us, X509 *cert)
{
int ret;
return ret == 1;
}
-#endif
-
static void ustream_ssl_verify_cert(struct ustream_ssl *us)
{
void *ssl = us->ssl;
return;
us->valid_cert = true;
-#ifndef NO_X509_CHECK_HOST
us->valid_cn = ustream_ssl_verify_cn(us, cert);
-#endif
+
X509_free(cert);
}
us->conn = conn;
us->ctx = ctx;
-#if defined(HAVE_WOLFSSL) && defined(NO_WOLFSSL_SSLSETIO_SEND_RECV)
- ustream_set_io(ctx, NULL, conn);
-#endif
us->ssl = __ustream_ssl_session_new(us->ctx);
if (!us->ssl)
return -ENOMEM;