Migrating OpenSSL support into its dedicated module

src/transport/Makefile

@@ -39,7 +39,7 @@ udp_LDFLAGS = $(LDFLAGSF) $(LDFLAGS)
 udp.so: $(udp_OBJS)
 	$(CCSHARED) -o udp.so $(udp_OBJS) $(udp_LDFLAGS)
 
-openssl.o: openssl.c
+openssl.o: openssl.c ../../config.h
 	$(CC) $(openssl_CFLAGS) -c openssl.c
 
 tcp.o: tcp.c

src/transport/openssl.c

@@ -15,8 +15,19 @@
 
 
 
+#include <unistd.h>
 #include <System.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
 #include "App/apptransport.h"
+#include "../../config.h"
+
+#ifndef PREFIX
+# define PREFIX		"/usr/local"
+#endif
+#ifndef SYSCONFDIR
+# define SYSCONFDIR	PREFIX "/etc"
+#endif
 
 
 /* OpenSSL */
@@ -28,6 +39,7 @@ struct _AppTransportPlugin
 {
 	AppTransportPluginHelper * helper;
 	int fd;
+	SSL_CTX * ssl_ctx;
 };
 
 
@@ -39,6 +51,11 @@ static OpenSSL * _openssl_init(AppTransportPluginHelper * helper,
 static void _openssl_destroy(OpenSSL * openssl);
 
 
+/* private */
+/* prototypes */
+static void _openssl_error(void);
+
+
 /* public */
 /* constants */
 /* plug-in */
@@ -56,6 +73,8 @@ AppTransportPluginDefinition definition =
 /* functions */
 /* plug-in */
 /* openssl_init */
+static void _init_server(OpenSSL * openssl, char const * name);
+
 static OpenSSL * _openssl_init(AppTransportPluginHelper * helper,
 		AppTransportMode mode, char const * name)
 {
@@ -65,14 +84,62 @@ static OpenSSL * _openssl_init(AppTransportPluginHelper * helper,
 		return NULL;
 	openssl->helper = helper;
 	openssl->fd = -1;
-	/* FIXME really implement */
+	openssl->ssl_ctx = NULL;
+	switch(mode)
+	{
+		case ATM_SERVER:
+			_init_server(openssl, name);
+			break;
+			/* FIXME implement the rest */
+	}
+	/* check for errors */
+	if(openssl->ssl_ctx == NULL)
+	{
+		_openssl_destroy(openssl);
+		return NULL;
+	}
 	return openssl;
 }
 
+static void _init_server(OpenSSL * openssl, char const * name)
+{
+	String * crt;
+
+	if((crt = string_new_append(SYSCONFDIR, "/AppServer/", name, ".crt"))
+			== NULL)
+		return;
+	if((openssl->ssl_ctx = SSL_CTX_new(SSLv3_server_method())) == NULL
+			|| SSL_CTX_set_cipher_list(openssl->ssl_ctx,
+				SSL_DEFAULT_CIPHER_LIST) != 1
+			|| SSL_CTX_use_certificate_file(openssl->ssl_ctx, crt,
+				SSL_FILETYPE_PEM) == 0
+			|| SSL_CTX_use_PrivateKey_file(openssl->ssl_ctx, crt,
+				SSL_FILETYPE_PEM) == 0)
+	{
+		_openssl_error();
+		string_delete(crt);
+		if(openssl->ssl_ctx != NULL)
+			SSL_CTX_free(openssl->ssl_ctx);
+		openssl->ssl_ctx = NULL;
+	}
+	string_delete(crt);
+}
 
 /* openssl_destroy */
 static void _openssl_destroy(OpenSSL * openssl)
 {
-	/* FIXME really implement */
+	if(openssl->fd != -1)
+		close(openssl->fd);
+	if(openssl->ssl_ctx != NULL)
+		SSL_CTX_free(openssl->ssl_ctx);
 	object_delete(openssl);
 }
+
+
+/* private */
+/* functions */
+/* openssl_error */
+static void _openssl_error(void)
+{
+	error_set("%s", ERR_error_string(ERR_get_error(), NULL));
+}

src/transport/project.conf

@@ -8,6 +8,9 @@ type=plugin
 sources=openssl.c
 install=$(LIBDIR)/App/transport
 
+[openssl.c]
+depends=../../config.h
+
 [tcp]
 type=plugin
 sources=tcp.c