From: Felix Fietkau Date: Sat, 15 Mar 2014 13:23:49 +0000 (+0100) Subject: give the main context a type instead of making it void * X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=f19b2ec17f0c3d663a5f349de07b12af40016902;p=project%2Fustream-ssl.git give the main context a type instead of making it void * Signed-off-by: Felix Fietkau --- diff --git a/ustream-example-server.c b/ustream-example-server.c index f1c02cb..9f2ae80 100644 --- a/ustream-example-server.c +++ b/ustream-example-server.c @@ -31,7 +31,7 @@ #include #include "ustream-ssl.h" -static void *ctx; +static struct ustream_ssl_ctx *ctx; static struct uloop_fd server; static const char *port = "10000"; diff --git a/ustream-internal.h b/ustream-internal.h index f856d99..85d8b47 100644 --- a/ustream-internal.h +++ b/ustream-internal.h @@ -33,11 +33,11 @@ enum ssl_conn_status { U_SSL_ERROR = -2, }; -void ustream_set_io(void *ctx, void *ssl, struct ustream *s); -void *__ustream_ssl_context_new(bool server); -int __ustream_ssl_set_crt_file(void *ctx, const char *file); -int __ustream_ssl_set_key_file(void *ctx, const char *file); -void __ustream_ssl_context_free(void *ctx); +void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *s); +struct ustream_ssl_ctx *__ustream_ssl_context_new(bool server); +int __ustream_ssl_set_crt_file(struct ustream_ssl_ctx *ctx, const char *file); +int __ustream_ssl_set_key_file(struct ustream_ssl_ctx *ctx, const char *file); +void __ustream_ssl_context_free(struct ustream_ssl_ctx *ctx); enum ssl_conn_status __ustream_ssl_connect(struct ustream_ssl *us); int __ustream_ssl_read(struct ustream_ssl *us, char *buf, int len); int __ustream_ssl_write(struct ustream_ssl *us, const char *buf, int len); diff --git a/ustream-io-openssl.c b/ustream-io-openssl.c index 9a22ff0..6711055 100644 --- a/ustream-io-openssl.c +++ b/ustream-io-openssl.c @@ -138,7 +138,7 @@ static BIO *ustream_bio_new(struct ustream *s) return bio; } -__hidden void ustream_set_io(void *ctx, void *ssl, struct ustream *conn) +__hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn) { BIO *bio = ustream_bio_new(conn); SSL_set_bio(ssl, bio, bio); diff --git a/ustream-openssl.c b/ustream-openssl.c index 2d569f3..c826e4e 100644 --- a/ustream-openssl.c +++ b/ustream-openssl.c @@ -19,7 +19,8 @@ #include "ustream-ssl.h" #include "ustream-internal.h" -__hidden void * __ustream_ssl_context_new(bool server) +__hidden struct ustream_ssl_ctx * +__ustream_ssl_context_new(bool server) { static bool _init = false; const void *m; @@ -50,16 +51,16 @@ __hidden void * __ustream_ssl_context_new(bool server) if (server) SSL_CTX_set_verify(c, SSL_VERIFY_NONE, NULL); - return c; + return (void *) c; } -__hidden int __ustream_ssl_set_crt_file(void *ctx, const char *file) +__hidden int __ustream_ssl_set_crt_file(struct ustream_ssl_ctx *ctx, const char *file) { int ret; - ret = SSL_CTX_use_certificate_file(ctx, file, SSL_FILETYPE_PEM); + ret = SSL_CTX_use_certificate_file((void *) ctx, file, SSL_FILETYPE_PEM); if (ret < 1) - ret = SSL_CTX_use_certificate_file(ctx, file, SSL_FILETYPE_ASN1); + ret = SSL_CTX_use_certificate_file((void *) ctx, file, SSL_FILETYPE_ASN1); if (ret < 1) return -1; @@ -67,13 +68,13 @@ __hidden int __ustream_ssl_set_crt_file(void *ctx, const char *file) return 0; } -__hidden int __ustream_ssl_set_key_file(void *ctx, const char *file) +__hidden int __ustream_ssl_set_key_file(struct ustream_ssl_ctx *ctx, const char *file) { int ret; - ret = SSL_CTX_use_PrivateKey_file(ctx, file, SSL_FILETYPE_PEM); + ret = SSL_CTX_use_PrivateKey_file((void *) ctx, file, SSL_FILETYPE_PEM); if (ret < 1) - ret = SSL_CTX_use_PrivateKey_file(ctx, file, SSL_FILETYPE_ASN1); + ret = SSL_CTX_use_PrivateKey_file((void *) ctx, file, SSL_FILETYPE_ASN1); if (ret < 1) return -1; @@ -81,9 +82,9 @@ __hidden int __ustream_ssl_set_key_file(void *ctx, const char *file) return 0; } -__hidden void __ustream_ssl_context_free(void *ctx) +__hidden void __ustream_ssl_context_free(struct ustream_ssl_ctx *ctx) { - SSL_CTX_free(ctx); + SSL_CTX_free((void *) ctx); } static void ustream_ssl_error(struct ustream_ssl *us, int ret) diff --git a/ustream-polarssl.c b/ustream-polarssl.c index d55fe04..c0147ed 100644 --- a/ustream-polarssl.c +++ b/ustream-polarssl.c @@ -60,7 +60,7 @@ static int s_ustream_write(void *ctx, const unsigned char *buf, size_t len) return ret; } -__hidden void ustream_set_io(void *ctx, void *ssl, struct ustream *conn) +__hidden void ustream_set_io(struct ustream_ssl_ctx *ctx, void *ssl, struct ustream *conn) { ssl_set_bio(ssl, s_ustream_read, conn, s_ustream_write, conn); } @@ -83,36 +83,36 @@ static int _urandom(void *ctx, unsigned char *out, size_t len) return 0; } -__hidden void * __ustream_ssl_context_new(bool server) +__hidden struct ustream_ssl_ctx * +__ustream_ssl_context_new(bool server) { - struct ustream_polarssl_ctx *uctx; + struct ustream_ssl_ctx *ctx; if (!urandom_init()) return NULL; - uctx = calloc(1, sizeof(*uctx)); - if (!uctx) + ctx = calloc(1, sizeof(*ctx)); + if (!ctx) return NULL; - uctx->server = server; + ctx->server = server; #ifdef USE_VERSION_1_3 - pk_init(&uctx->key); + pk_init(&ctx->key); #else - rsa_init(&uctx->key, RSA_PKCS_V15, 0); + rsa_init(&ctx->key, RSA_PKCS_V15, 0); #endif - return uctx; + return ctx; } -__hidden int __ustream_ssl_set_crt_file(void *ctx, const char *file) +__hidden int __ustream_ssl_set_crt_file(struct ustream_ssl_ctx *ctx, const char *file) { - struct ustream_polarssl_ctx *uctx = ctx; int ret; #ifdef USE_VERSION_1_3 - ret = x509_crt_parse_file(&uctx->cert, file); + ret = x509_crt_parse_file(&ctx->cert, file); #else - ret = x509parse_crtfile(&uctx->cert, file); + ret = x509parse_crtfile(&ctx->cert, file); #endif if (ret) return -1; @@ -120,15 +120,14 @@ __hidden int __ustream_ssl_set_crt_file(void *ctx, const char *file) return 0; } -__hidden int __ustream_ssl_set_key_file(void *ctx, const char *file) +__hidden int __ustream_ssl_set_key_file(struct ustream_ssl_ctx *ctx, const char *file) { - struct ustream_polarssl_ctx *uctx = ctx; int ret; #ifdef USE_VERSION_1_3 - ret = pk_parse_keyfile(&uctx->key, file, NULL); + ret = pk_parse_keyfile(&ctx->key, file, NULL); #else - ret = x509parse_keyfile(&uctx->key, file, NULL); + ret = x509parse_keyfile(&ctx->key, file, NULL); #endif if (ret) return -1; @@ -136,16 +135,14 @@ __hidden int __ustream_ssl_set_key_file(void *ctx, const char *file) return 0; } -__hidden void __ustream_ssl_context_free(void *ctx) +__hidden void __ustream_ssl_context_free(struct ustream_ssl_ctx *ctx) { - struct ustream_polarssl_ctx *uctx = ctx; - #ifdef USE_VERSION_1_3 - pk_free(&uctx->key); - x509_crt_free(&uctx->cert); + pk_free(&ctx->key); + x509_crt_free(&ctx->cert); #else - rsa_free(&uctx->key); - x509_free(&uctx->cert); + rsa_free(&ctx->key); + x509_free(&ctx->cert); #endif free(ctx); } @@ -256,9 +253,8 @@ static const int default_ciphersuites[] = 0 }; -__hidden void *__ustream_ssl_session_new(void *ctx) +__hidden void *__ustream_ssl_session_new(struct ustream_ssl_ctx *ctx) { - struct ustream_polarssl_ctx *uctx = ctx; ssl_context *ssl; int ep, auth; @@ -271,7 +267,7 @@ __hidden void *__ustream_ssl_session_new(void *ctx) return NULL; } - if (uctx->server) { + if (ctx->server) { ep = SSL_IS_SERVER; auth = SSL_VERIFY_NONE; } else { @@ -284,10 +280,10 @@ __hidden void *__ustream_ssl_session_new(void *ctx) ssl_set_authmode(ssl, auth); ssl_set_rng(ssl, _urandom, NULL); - if (uctx->server) { - if (uctx->cert.next) - ssl_set_ca_chain(ssl, uctx->cert.next, NULL, NULL); - ssl_set_own_cert(ssl, &uctx->cert, &uctx->key); + if (ctx->server) { + if (ctx->cert.next) + ssl_set_ca_chain(ssl, ctx->cert.next, NULL, NULL); + ssl_set_own_cert(ssl, &ctx->cert, &ctx->key); } ssl_session_reset(ssl); diff --git a/ustream-polarssl.h b/ustream-polarssl.h index e7445f7..70e8b42 100644 --- a/ustream-polarssl.h +++ b/ustream-polarssl.h @@ -33,7 +33,7 @@ #define x509_crt x509_cert #endif -struct ustream_polarssl_ctx { +struct ustream_ssl_ctx { #ifdef USE_VERSION_1_3 pk_context key; #else @@ -50,6 +50,6 @@ static inline char *__ustream_ssl_strerror(int error, char *buffer, int len) } void __ustream_ssl_session_free(void *ssl); -void *__ustream_ssl_session_new(void *ctx); +void *__ustream_ssl_session_new(struct ustream_ssl_ctx *ctx); #endif diff --git a/ustream-ssl.c b/ustream-ssl.c index b182308..4526db0 100644 --- a/ustream-ssl.c +++ b/ustream-ssl.c @@ -164,7 +164,7 @@ static void ustream_ssl_stream_init(struct ustream_ssl *us) ustream_init_defaults(s); } -static int _ustream_ssl_init(struct ustream_ssl *us, struct ustream *conn, void *ctx, bool server) +static int _ustream_ssl_init(struct ustream_ssl *us, struct ustream *conn, struct ustream_ssl_ctx *ctx, bool server) { us->error_timer.cb = ustream_ssl_error_cb; us->server = server; diff --git a/ustream-ssl.h b/ustream-ssl.h index aa1ced5..d2cdb69 100644 --- a/ustream-ssl.h +++ b/ustream-ssl.h @@ -29,7 +29,7 @@ struct ustream_ssl { void (*notify_connected)(struct ustream_ssl *us); void (*notify_error)(struct ustream_ssl *us, int error, const char *str); - void *ctx; + struct ustream_ssl_ctx *ctx; void *ssl; int error; @@ -37,13 +37,16 @@ struct ustream_ssl { bool server; }; +struct ustream_ssl_ctx; + struct ustream_ssl_ops { - void *(*context_new)(bool server); - int (*context_set_crt_file)(void *ctx, const char *file); - int (*context_set_key_file)(void *ctx, const char *file); - void (*context_free)(void *ctx); - int (*init)(struct ustream_ssl *us, struct ustream *conn, void *ctx, bool server); + struct ustream_ssl_ctx *(*context_new)(bool server); + int (*context_set_crt_file)(struct ustream_ssl_ctx *ctx, const char *file); + int (*context_set_key_file)(struct ustream_ssl_ctx *ctx, const char *file); + void (*context_free)(struct ustream_ssl_ctx *ctx); + + int (*init)(struct ustream_ssl *us, struct ustream *conn, struct ustream_ssl_ctx *ctx, bool server); }; extern const struct ustream_ssl_ops ustream_ssl_ops;