#include <libubox/usock.h>
#include "ustream-ssl.h"
-static void *ctx;
+static struct ustream_ssl_ctx *ctx;
static struct uloop_fd server;
static const char *port = "10000";
U_SSL_ERROR = -2,
};
-void ustream_set_io(void *ctx, void *ssl, struct ustream *s);
-void *__ustream_ssl_context_new(bool server);
-int __ustream_ssl_set_crt_file(void *ctx, const char *file);
-int __ustream_ssl_set_key_file(void *ctx, const char *file);
-void __ustream_ssl_context_free(void *ctx);
+void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *s);
+struct ustream_ssl_ctx *__ustream_ssl_context_new(bool server);
+int __ustream_ssl_set_crt_file(struct ustream_ssl_ctx *ctx, const char *file);
+int __ustream_ssl_set_key_file(struct ustream_ssl_ctx *ctx, const char *file);
+void __ustream_ssl_context_free(struct ustream_ssl_ctx *ctx);
enum ssl_conn_status __ustream_ssl_connect(struct ustream_ssl *us);
int __ustream_ssl_read(struct ustream_ssl *us, char *buf, int len);
int __ustream_ssl_write(struct ustream_ssl *us, const char *buf, int len);
return bio;
}
-__hidden void ustream_set_io(void *ctx, void *ssl, struct ustream *conn)
+__hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn)
{
BIO *bio = ustream_bio_new(conn);
SSL_set_bio(ssl, bio, bio);
#include "ustream-ssl.h"
#include "ustream-internal.h"
-__hidden void * __ustream_ssl_context_new(bool server)
+__hidden struct ustream_ssl_ctx *
+__ustream_ssl_context_new(bool server)
{
static bool _init = false;
const void *m;
if (server)
SSL_CTX_set_verify(c, SSL_VERIFY_NONE, NULL);
- return c;
+ return (void *) c;
}
-__hidden int __ustream_ssl_set_crt_file(void *ctx, const char *file)
+__hidden int __ustream_ssl_set_crt_file(struct ustream_ssl_ctx *ctx, const char *file)
{
int ret;
- ret = SSL_CTX_use_certificate_file(ctx, file, SSL_FILETYPE_PEM);
+ ret = SSL_CTX_use_certificate_file((void *) ctx, file, SSL_FILETYPE_PEM);
if (ret < 1)
- ret = SSL_CTX_use_certificate_file(ctx, file, SSL_FILETYPE_ASN1);
+ ret = SSL_CTX_use_certificate_file((void *) ctx, file, SSL_FILETYPE_ASN1);
if (ret < 1)
return -1;
return 0;
}
-__hidden int __ustream_ssl_set_key_file(void *ctx, const char *file)
+__hidden int __ustream_ssl_set_key_file(struct ustream_ssl_ctx *ctx, const char *file)
{
int ret;
- ret = SSL_CTX_use_PrivateKey_file(ctx, file, SSL_FILETYPE_PEM);
+ ret = SSL_CTX_use_PrivateKey_file((void *) ctx, file, SSL_FILETYPE_PEM);
if (ret < 1)
- ret = SSL_CTX_use_PrivateKey_file(ctx, file, SSL_FILETYPE_ASN1);
+ ret = SSL_CTX_use_PrivateKey_file((void *) ctx, file, SSL_FILETYPE_ASN1);
if (ret < 1)
return -1;
return 0;
}
-__hidden void __ustream_ssl_context_free(void *ctx)
+__hidden void __ustream_ssl_context_free(struct ustream_ssl_ctx *ctx)
{
- SSL_CTX_free(ctx);
+ SSL_CTX_free((void *) ctx);
}
static void ustream_ssl_error(struct ustream_ssl *us, int ret)
return ret;
}
-__hidden void ustream_set_io(void *ctx, void *ssl, struct ustream *conn)
+__hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn)
{
ssl_set_bio(ssl, s_ustream_read, conn, s_ustream_write, conn);
}
return 0;
}
-__hidden void * __ustream_ssl_context_new(bool server)
+__hidden struct ustream_ssl_ctx *
+__ustream_ssl_context_new(bool server)
{
- struct ustream_polarssl_ctx *uctx;
+ struct ustream_ssl_ctx *ctx;
if (!urandom_init())
return NULL;
- uctx = calloc(1, sizeof(*uctx));
- if (!uctx)
+ ctx = calloc(1, sizeof(*ctx));
+ if (!ctx)
return NULL;
- uctx->server = server;
+ ctx->server = server;
#ifdef USE_VERSION_1_3
- pk_init(&uctx->key);
+ pk_init(&ctx->key);
#else
- rsa_init(&uctx->key, RSA_PKCS_V15, 0);
+ rsa_init(&ctx->key, RSA_PKCS_V15, 0);
#endif
- return uctx;
+ return ctx;
}
-__hidden int __ustream_ssl_set_crt_file(void *ctx, const char *file)
+__hidden int __ustream_ssl_set_crt_file(struct ustream_ssl_ctx *ctx, const char *file)
{
- struct ustream_polarssl_ctx *uctx = ctx;
int ret;
#ifdef USE_VERSION_1_3
- ret = x509_crt_parse_file(&uctx->cert, file);
+ ret = x509_crt_parse_file(&ctx->cert, file);
#else
- ret = x509parse_crtfile(&uctx->cert, file);
+ ret = x509parse_crtfile(&ctx->cert, file);
#endif
if (ret)
return -1;
return 0;
}
-__hidden int __ustream_ssl_set_key_file(void *ctx, const char *file)
+__hidden int __ustream_ssl_set_key_file(struct ustream_ssl_ctx *ctx, const char *file)
{
- struct ustream_polarssl_ctx *uctx = ctx;
int ret;
#ifdef USE_VERSION_1_3
- ret = pk_parse_keyfile(&uctx->key, file, NULL);
+ ret = pk_parse_keyfile(&ctx->key, file, NULL);
#else
- ret = x509parse_keyfile(&uctx->key, file, NULL);
+ ret = x509parse_keyfile(&ctx->key, file, NULL);
#endif
if (ret)
return -1;
return 0;
}
-__hidden void __ustream_ssl_context_free(void *ctx)
+__hidden void __ustream_ssl_context_free(struct ustream_ssl_ctx *ctx)
{
- struct ustream_polarssl_ctx *uctx = ctx;
-
#ifdef USE_VERSION_1_3
- pk_free(&uctx->key);
- x509_crt_free(&uctx->cert);
+ pk_free(&ctx->key);
+ x509_crt_free(&ctx->cert);
#else
- rsa_free(&uctx->key);
- x509_free(&uctx->cert);
+ rsa_free(&ctx->key);
+ x509_free(&ctx->cert);
#endif
free(ctx);
}
0
};
-__hidden void *__ustream_ssl_session_new(void *ctx)
+__hidden void *__ustream_ssl_session_new(struct ustream_ssl_ctx *ctx)
{
- struct ustream_polarssl_ctx *uctx = ctx;
ssl_context *ssl;
int ep, auth;
return NULL;
}
- if (uctx->server) {
+ if (ctx->server) {
ep = SSL_IS_SERVER;
auth = SSL_VERIFY_NONE;
} else {
ssl_set_authmode(ssl, auth);
ssl_set_rng(ssl, _urandom, NULL);
- if (uctx->server) {
- if (uctx->cert.next)
- ssl_set_ca_chain(ssl, uctx->cert.next, NULL, NULL);
- ssl_set_own_cert(ssl, &uctx->cert, &uctx->key);
+ if (ctx->server) {
+ if (ctx->cert.next)
+ ssl_set_ca_chain(ssl, ctx->cert.next, NULL, NULL);
+ ssl_set_own_cert(ssl, &ctx->cert, &ctx->key);
}
ssl_session_reset(ssl);
#define x509_crt x509_cert
#endif
-struct ustream_polarssl_ctx {
+struct ustream_ssl_ctx {
#ifdef USE_VERSION_1_3
pk_context key;
#else
}
void __ustream_ssl_session_free(void *ssl);
-void *__ustream_ssl_session_new(void *ctx);
+void *__ustream_ssl_session_new(struct ustream_ssl_ctx *ctx);
#endif
ustream_init_defaults(s);
}
-static int _ustream_ssl_init(struct ustream_ssl *us, struct ustream *conn, void *ctx, bool server)
+static int _ustream_ssl_init(struct ustream_ssl *us, struct ustream *conn, struct ustream_ssl_ctx *ctx, bool server)
{
us->error_timer.cb = ustream_ssl_error_cb;
us->server = server;
void (*notify_connected)(struct ustream_ssl *us);
void (*notify_error)(struct ustream_ssl *us, int error, const char *str);
- void *ctx;
+ struct ustream_ssl_ctx *ctx;
void *ssl;
int error;
bool server;
};
+struct ustream_ssl_ctx;
+
struct ustream_ssl_ops {
- void *(*context_new)(bool server);
- int (*context_set_crt_file)(void *ctx, const char *file);
- int (*context_set_key_file)(void *ctx, const char *file);
- void (*context_free)(void *ctx);
- int (*init)(struct ustream_ssl *us, struct ustream *conn, void *ctx, bool server);
+ struct ustream_ssl_ctx *(*context_new)(bool server);
+ int (*context_set_crt_file)(struct ustream_ssl_ctx *ctx, const char *file);
+ int (*context_set_key_file)(struct ustream_ssl_ctx *ctx, const char *file);
+ void (*context_free)(struct ustream_ssl_ctx *ctx);
+
+ int (*init)(struct ustream_ssl *us, struct ustream *conn, struct ustream_ssl_ctx *ctx, bool server);
};
extern const struct ustream_ssl_ops ustream_ssl_ops;