Migrating OpenSSL support into its dedicated module
This commit is contained in:
parent
c488b89414
commit
68e062ff80
|
|
@ -39,7 +39,7 @@ udp_LDFLAGS = $(LDFLAGSF) $(LDFLAGS)
|
|||
udp.so: $(udp_OBJS)
|
||||
$(CCSHARED) -o udp.so $(udp_OBJS) $(udp_LDFLAGS)
|
||||
|
||||
openssl.o: openssl.c
|
||||
openssl.o: openssl.c ../../config.h
|
||||
$(CC) $(openssl_CFLAGS) -c openssl.c
|
||||
|
||||
tcp.o: tcp.c
|
||||
|
|
|
|||
|
|
@ -15,8 +15,19 @@
|
|||
|
||||
|
||||
|
||||
#include <unistd.h>
|
||||
#include <System.h>
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
#include "App/apptransport.h"
|
||||
#include "../../config.h"
|
||||
|
||||
#ifndef PREFIX
|
||||
# define PREFIX "/usr/local"
|
||||
#endif
|
||||
#ifndef SYSCONFDIR
|
||||
# define SYSCONFDIR PREFIX "/etc"
|
||||
#endif
|
||||
|
||||
|
||||
/* OpenSSL */
|
||||
|
|
@ -28,6 +39,7 @@ struct _AppTransportPlugin
|
|||
{
|
||||
AppTransportPluginHelper * helper;
|
||||
int fd;
|
||||
SSL_CTX * ssl_ctx;
|
||||
};
|
||||
|
||||
|
||||
|
|
@ -39,6 +51,11 @@ static OpenSSL * _openssl_init(AppTransportPluginHelper * helper,
|
|||
static void _openssl_destroy(OpenSSL * openssl);
|
||||
|
||||
|
||||
/* private */
|
||||
/* prototypes */
|
||||
static void _openssl_error(void);
|
||||
|
||||
|
||||
/* public */
|
||||
/* constants */
|
||||
/* plug-in */
|
||||
|
|
@ -56,6 +73,8 @@ AppTransportPluginDefinition definition =
|
|||
/* functions */
|
||||
/* plug-in */
|
||||
/* openssl_init */
|
||||
static void _init_server(OpenSSL * openssl, char const * name);
|
||||
|
||||
static OpenSSL * _openssl_init(AppTransportPluginHelper * helper,
|
||||
AppTransportMode mode, char const * name)
|
||||
{
|
||||
|
|
@ -65,14 +84,62 @@ static OpenSSL * _openssl_init(AppTransportPluginHelper * helper,
|
|||
return NULL;
|
||||
openssl->helper = helper;
|
||||
openssl->fd = -1;
|
||||
/* FIXME really implement */
|
||||
openssl->ssl_ctx = NULL;
|
||||
switch(mode)
|
||||
{
|
||||
case ATM_SERVER:
|
||||
_init_server(openssl, name);
|
||||
break;
|
||||
/* FIXME implement the rest */
|
||||
}
|
||||
/* check for errors */
|
||||
if(openssl->ssl_ctx == NULL)
|
||||
{
|
||||
_openssl_destroy(openssl);
|
||||
return NULL;
|
||||
}
|
||||
return openssl;
|
||||
}
|
||||
|
||||
static void _init_server(OpenSSL * openssl, char const * name)
|
||||
{
|
||||
String * crt;
|
||||
|
||||
if((crt = string_new_append(SYSCONFDIR, "/AppServer/", name, ".crt"))
|
||||
== NULL)
|
||||
return;
|
||||
if((openssl->ssl_ctx = SSL_CTX_new(SSLv3_server_method())) == NULL
|
||||
|| SSL_CTX_set_cipher_list(openssl->ssl_ctx,
|
||||
SSL_DEFAULT_CIPHER_LIST) != 1
|
||||
|| SSL_CTX_use_certificate_file(openssl->ssl_ctx, crt,
|
||||
SSL_FILETYPE_PEM) == 0
|
||||
|| SSL_CTX_use_PrivateKey_file(openssl->ssl_ctx, crt,
|
||||
SSL_FILETYPE_PEM) == 0)
|
||||
{
|
||||
_openssl_error();
|
||||
string_delete(crt);
|
||||
if(openssl->ssl_ctx != NULL)
|
||||
SSL_CTX_free(openssl->ssl_ctx);
|
||||
openssl->ssl_ctx = NULL;
|
||||
}
|
||||
string_delete(crt);
|
||||
}
|
||||
|
||||
/* openssl_destroy */
|
||||
static void _openssl_destroy(OpenSSL * openssl)
|
||||
{
|
||||
/* FIXME really implement */
|
||||
if(openssl->fd != -1)
|
||||
close(openssl->fd);
|
||||
if(openssl->ssl_ctx != NULL)
|
||||
SSL_CTX_free(openssl->ssl_ctx);
|
||||
object_delete(openssl);
|
||||
}
|
||||
|
||||
|
||||
/* private */
|
||||
/* functions */
|
||||
/* openssl_error */
|
||||
static void _openssl_error(void)
|
||||
{
|
||||
error_set("%s", ERR_error_string(ERR_get_error(), NULL));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,6 +8,9 @@ type=plugin
|
|||
sources=openssl.c
|
||||
install=$(LIBDIR)/App/transport
|
||||
|
||||
[openssl.c]
|
||||
depends=../../config.h
|
||||
|
||||
[tcp]
|
||||
type=plugin
|
||||
sources=tcp.c
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user