arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-06-13 13:01:55 +03:00
Code Activity

added aborts to malloc and other system calls

Browse Source 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@62 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich
2007-02-17 00:42:57 +00:00
parent 00fe6bca27
commit 61fd249441
34 changed files with 381 additions and 183 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
ssl/Config.in
View File

@ -210,18 +210,18 @@ config CONFIG_SSL_MAX_CERTS
The default is to allow one certificate + 1 certificate in the chain
(which may be the certificate authority certificate).
config CONFIG_SSLCTX_MUTEXING
bool "Enable SSLCTX mutexing"
config CONFIG_SSL_CTX_MUTEXING
bool "Enable SSL_CTX mutexing"
default n
help
Normally mutexing is not required - each SSLCTX object can deal with
many SSL objects (as long as each SSLCTX object is using a single
Normally mutexing is not required - each SSL_CTX object can deal with
many SSL objects (as long as each SSL_CTX object is using a single
thread).
If the SSLCTX object is not thread safe e.g. the case where a
If the SSL_CTX object is not thread safe e.g. the case where a
new thread is created for each SSL object, then mutexing is required.
Select y when a mutex on the SSLCTX object is required.
Select y when a mutex on the SSL_CTX object is required.
config CONFIG_USE_DEV_URANDOM
bool "Use /dev/urandom"

5
ssl/Makefile
View File

@ -54,6 +54,7 @@ OBJ=\
bigint.o \
crypto_misc.o \
hmac.o \
os_port.o \
loader.o \
md5.o \
p12.o \
@ -64,10 +65,6 @@ OBJ=\
tls1_svr.o \
tls1_clnt.o
ifdef CONFIG_PLATFORM_WIN32
OBJ+=os_port.o
endif
include ../config/makefile.post
ifndef CONFIG_PLATFORM_WIN32 # Linux/Unix/Cygwin

4
ssl/asn1.c
View File

@ -270,9 +270,9 @@ static int asn1_get_printable_str(const uint8_t *buf, int *offset, char **str)
(*offset)++;
len = get_asn1_length(buf, offset);
*str = (char *)malloc(len+1); /* allow for null */
*str = (char *)malloc(len+1); /* allow for null */
memcpy(*str, &buf[*offset], len);
(*str)[len] = 0; /* null terminate */
(*str)[len] = 0; /* null terminate */
*offset += len;
end_pnt_str:
return len;

5
ssl/bigint.c
View File

@ -77,8 +77,9 @@ static void check(const bigint *bi);
*/
BI_CTX *bi_initialize(void)
{
BI_CTX *ctx = (BI_CTX *)calloc(1, sizeof(BI_CTX));
BI_CTX *ctx;
ctx = (BI_CTX *)calloc(1, sizeof(BI_CTX));
ctx->active_list = NULL;
ctx->active_count = 0;
ctx->free_list = NULL;

19
ssl/loader.c
View File

@ -32,17 +32,17 @@
#include "ssl.h"
static int do_obj(SSLCTX *ssl_ctx, int obj_type,
static int do_obj(SSL_CTX *ssl_ctx, int obj_type,
SSLObjLoader *ssl_obj, const char *password);
#ifdef CONFIG_SSL_HAS_PEM
static int ssl_obj_PEM_load(SSLCTX *ssl_ctx, int obj_type,
static int ssl_obj_PEM_load(SSL_CTX *ssl_ctx, int obj_type,
SSLObjLoader *ssl_obj, const char *password);
#endif
/*
* Load a file into memory that is in binary DER (or ascii PEM) format.
*/
EXP_FUNC int STDCALL ssl_obj_load(SSLCTX *ssl_ctx, int obj_type,
EXP_FUNC int STDCALL ssl_obj_load(SSL_CTX *ssl_ctx, int obj_type,
const char *filename, const char *password)
{
#ifndef CONFIG_SSL_SKELETON_MODE
@ -57,6 +57,7 @@ EXP_FUNC int STDCALL ssl_obj_load(SSLCTX *ssl_ctx, int obj_type,
}
ssl_obj = (SSLObjLoader *)calloc(1, sizeof(SSLObjLoader));
ssl_obj->len = get_file(filename, &ssl_obj->buf);
if (ssl_obj->len <= 0)
@ -90,12 +91,13 @@ error:
/*
* Transfer binary data into the object loader.
*/
EXP_FUNC int STDCALL ssl_obj_memory_load(SSLCTX *ssl_ctx, int mem_type,
EXP_FUNC int STDCALL ssl_obj_memory_load(SSL_CTX *ssl_ctx, int mem_type,
const uint8_t *data, int len, const char *password)
{
int ret;
SSLObjLoader *ssl_obj = (SSLObjLoader *)calloc(1, sizeof(SSLObjLoader));
SSLObjLoader *ssl_obj;
ssl_obj = (SSLObjLoader *)calloc(1, sizeof(SSLObjLoader));
ssl_obj->buf = (uint8_t *)malloc(len);
memcpy(ssl_obj->buf, data, len);
ssl_obj->len = len;
@ -107,7 +109,7 @@ EXP_FUNC int STDCALL ssl_obj_memory_load(SSLCTX *ssl_ctx, int mem_type,
/*
* Actually work out what we are doing
*/
static int do_obj(SSLCTX *ssl_ctx, int obj_type,
static int do_obj(SSL_CTX *ssl_ctx, int obj_type,
SSLObjLoader *ssl_obj, const char *password)
{
int ret = SSL_OK;
@ -277,7 +279,7 @@ error:
/**
* Take a base64 blob of data and turn it into its proper ASN.1 form.
*/
static int new_pem_obj(SSLCTX *ssl_ctx, int is_cacert, uint8_t *where,
static int new_pem_obj(SSL_CTX *ssl_ctx, int is_cacert, uint8_t *where,
int remain, const char *password)
{
int ret = SSL_OK;
@ -293,6 +295,7 @@ static int new_pem_obj(SSLCTX *ssl_ctx, int is_cacert, uint8_t *where,
remain -= (int)(end-start);
start += strlen(begins[i]);
pem_size = (int)(end-start);
ssl_obj = (SSLObjLoader *)calloc(1, sizeof(SSLObjLoader));
/* 4/3 bigger than what we need but so what */
@ -357,7 +360,7 @@ error:
/*
* Load a file into memory that is in ASCII PEM format.
*/
static int ssl_obj_PEM_load(SSLCTX *ssl_ctx, int obj_type,
static int ssl_obj_PEM_load(SSL_CTX *ssl_ctx, int obj_type,
SSLObjLoader *ssl_obj, const char *password)
{
uint8_t *start;

66
ssl/os_port.c
View File

@ -21,15 +21,15 @@
*
* OS specific functions.
*/
#ifdef WIN32
#include <time.h>
#include <stdlib.h>
#include "os_port.h"
#ifdef WIN32
/**
* gettimeofday() not in Win32
*/
EXP_FUNC void gettimeofday(struct timeval* t, void* timezone)
EXP_FUNC void STDCALL gettimeofday(struct timeval* t, void* timezone)
{
#if defined(_WIN32_WCE)
t->tv_sec = time(NULL);
@ -45,7 +45,7 @@ EXP_FUNC void gettimeofday(struct timeval* t, void* timezone)
/**
* strcasecmp() not in Win32
*/
EXP_FUNC int strcasecmp(const char *s1, const char *s2)
EXP_FUNC int STDCALL strcasecmp(const char *s1, const char *s2)
{
while (tolower(*s1) == tolower(*s2++))
{
@ -59,3 +59,61 @@ EXP_FUNC int strcasecmp(const char *s1, const char *s2)
}
#endif
#undef malloc
#undef realloc
#undef calloc
#undef open
#undef fopen
/* some functions that call abort() on failure */
EXP_FUNC void * STDCALL ax_malloc(size_t s)
{
void *x;
if ((x = malloc(s)) == NULL)
abort();
return x;
}
EXP_FUNC void * STDCALL ax_realloc(void *y, size_t s)
{
void *x;
if ((x = realloc(y, s)) == NULL)
abort();
return x;
}
EXP_FUNC void * STDCALL ax_calloc(size_t n, size_t s)
{
void *x;
if ((x = calloc(n, s)) == NULL)
abort();
return x;
}
EXP_FUNC FILE * STDCALL ax_fopen(const char *name, const char *type)
{
FILE *f;
if ((f = fopen(name, type)) == NULL)
abort();
return f;
}
EXP_FUNC int STDCALL ax_open(const char *pathname, int flags)
{
int x;
if ((x = open(pathname, flags)) < 0)
abort();
return x;
}

43
ssl/os_port.h
View File

@ -29,6 +29,8 @@
extern "C" {
#endif
#include <stdio.h>
#if defined(WIN32) || defined(CONFIG_PLATFORM_CYGWIN)
#define STDCALL __stdcall
#define EXP_FUNC __declspec(dllexport)
@ -72,7 +74,7 @@ extern "C" {
#define random() rand()
#define getpid() _getpid()
#define snprintf _snprintf
#define open(A,B) _open(A,B)
//#define open(A,B) _open(A,B)
#define dup2(A,B) _dup2(A,B)
#define unlink(A) _unlink(A)
#define close(A) _close(A)
@ -80,9 +82,11 @@ extern "C" {
#define write(A,B,C) _write(A,B,C)
#define sleep(A) Sleep(A*1000)
#define usleep(A) Sleep(A/1000)
#define lseek(A,B,C) _lseek(A,B,C)
#define strdup(A) _strdup(A)
#define chroot(A) _chdir(A)
#ifndef lseek
#define lseek(A,B,C) _lseek(A,B,C)
#endif
/* This fix gets around a problem where a win32 application on a cygwin xterm
doesn't display regular output (until a certain buffer limit) - but it works
@ -99,19 +103,17 @@ extern "C" {
#pragma comment(lib, "AdvAPI32.lib")
#endif
#define uint8_t unsigned char
#define uint16_t unsigned short
#ifndef INT16
typedef signed short INT16;
#endif
typedef UINT8 uint8_t;
typedef INT8 int8_t;
typedef UINT16 uint16_t;
typedef INT16 int16_t;
typedef UINT32 uint32_t;
typedef INT32 int32_t;
typedef UINT64 uint64_t;
typedef INT64 int64_t;
#define int16_t INT16
#define uint32_t UINT32
#define uint64_t UINT64
#define int64_t INT64
extern EXP_FUNC void gettimeofday(struct timeval* t,void* timezone);
extern EXP_FUNC int strcasecmp(const char *s1, const char *s2);
EXP_FUNC void STDCALL gettimeofday(struct timeval* t,void* timezone);
EXP_FUNC int STDCALL strcasecmp(const char *s1, const char *s2);
#else /* Not Win32 */
@ -140,6 +142,19 @@ extern EXP_FUNC int strcasecmp(const char *s1, const char *s2);
#endif /* Not Win32 */
/* some functions to mutate the way these work */
#define malloc(A) ax_malloc(A)
#define realloc(A,B) ax_realloc(A,B)
#define calloc(A,B) ax_calloc(A,B)
#define fopen(A,B) ax_fopen(A,B)
#define open(A,B) ax_open(A,B)
EXP_FUNC void * STDCALL ax_malloc(size_t s);
EXP_FUNC void * STDCALL ax_realloc(void *y, size_t s);
EXP_FUNC void * STDCALL ax_calloc(size_t n, size_t s);
EXP_FUNC FILE * STDCALL fopen(const char *name, const char *type);
EXP_FUNC int STDCALL open(const char *pathname, int flags);
#ifdef __cplusplus
}
#endif

9
ssl/p12.c
View File

@ -65,14 +65,14 @@ static char *make_uni_pass(const char *password, int *uni_pass_len);
static int p8_decrypt(const char *uni_pass, int uni_pass_len,
const uint8_t *salt, int iter,
uint8_t *priv_key, int priv_key_len, int id);
static int p8_add_key(SSLCTX *ssl_ctx, uint8_t *priv_key);
static int p8_add_key(SSL_CTX *ssl_ctx, uint8_t *priv_key);
static int get_pbe_params(uint8_t *buf, int *offset,
const uint8_t **salt, int *iterations);
/*
* Take a raw pkcs8 block and then decrypt it and turn it into a normal key.
*/
int pkcs8_decode(SSLCTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password)
int pkcs8_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password)
{
uint8_t *buf = ssl_obj->buf;
int len, offset = 0;
@ -120,7 +120,7 @@ error:
/*
* Take the unencrypted pkcs8 and turn it into a private key
*/
static int p8_add_key(SSLCTX *ssl_ctx, uint8_t *priv_key)
static int p8_add_key(SSL_CTX *ssl_ctx, uint8_t *priv_key)
{
uint8_t *buf = priv_key;
int len, offset = 0;
@ -218,7 +218,7 @@ static int p8_decrypt(const char *uni_pass, int uni_pass_len,
* Take a raw pkcs12 block and the decrypt it and turn it into a certificate(s)
* and keys.
*/
int pkcs12_decode(SSLCTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password)
int pkcs12_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password)
{
uint8_t *buf = ssl_obj->buf;
int all_ok = 0, len, iterations, auth_safes_start,
@ -273,6 +273,7 @@ int pkcs12_decode(SSLCTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password)
auth_safes_len = auth_safes_end - auth_safes_start;
auth_safes = malloc(auth_safes_len);
memcpy(auth_safes, &buf[auth_safes_start], auth_safes_len);
if (asn1_next_obj(buf, &offset, ASN1_SEQUENCE) < 0 ||

6
ssl/rsa.c
View File

@ -72,7 +72,7 @@ void RSA_pub_key_new(RSA_CTX **ctx,
{
RSA_CTX *rsa_ctx;
BI_CTX *bi_ctx = bi_initialize();
*ctx = (RSA_CTX *)calloc(1, sizeof(RSA_CTX)); /* reset to all 0 */
*ctx = (RSA_CTX *)calloc(1, sizeof(RSA_CTX));
rsa_ctx = *ctx;
rsa_ctx->bi_ctx = bi_ctx;
rsa_ctx->num_octets = (mod_len & 0xFFF0);
@ -290,11 +290,13 @@ int RSA_encrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint16_t in_len,
bigint *RSA_sign_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len,
bigint *modulus, bigint *pub_exp)
{
uint8_t *block = (uint8_t *)malloc(sig_len);
uint8_t *block;
int i, size;
bigint *decrypted_bi, *dat_bi;
bigint *bir = NULL;
block = (uint8_t *)malloc(sig_len);
/* decrypt */
dat_bi = bi_import(ctx, sig, sig_len);
ctx->mod_offset = BIGINT_M_OFFSET;

20
ssl/ssl.h
View File

@ -156,10 +156,10 @@ extern "C" {
* different context needs to be be used.
*
* There are two threading models supported - a single thread with one
* SSLCTX can support any number of SSL connections - and multiple threads can
* support one SSLCTX object each (the default). But if a single SSLCTX
* SSL_CTX can support any number of SSL connections - and multiple threads can
* support one SSL_CTX object each (the default). But if a single SSL_CTX
* object uses many SSL objects in individual threads, then the
* CONFIG_SSLCTX_MUTEXING option needs to be configured.
* CONFIG_SSL_CTX_MUTEXING option needs to be configured.
*
* @param options [in] Any particular options. At present the options
* supported are:
@ -185,7 +185,7 @@ extern "C" {
* is not used in skeleton mode.
* @return A client/server context.
*/
EXP_FUNC SSLCTX * STDCALL ssl_ctx_new(uint32_t options, int num_sessions);
EXP_FUNC SSL_CTX * STDCALL ssl_ctx_new(uint32_t options, int num_sessions);
/**
* @brief Remove a client/server context.
@ -194,7 +194,7 @@ EXP_FUNC SSLCTX * STDCALL ssl_ctx_new(uint32_t options, int num_sessions);
* sent a "Close Notify" alert (if possible).
* @param ssl_ctx [in] The client/server context.
*/
EXP_FUNC void STDCALL ssl_ctx_free(SSLCTX *ssl_ctx);
EXP_FUNC void STDCALL ssl_ctx_free(SSL_CTX *ssl_ctx);
/**
* @brief (server only) Establish a new SSL connection to an SSL client.
@ -205,7 +205,7 @@ EXP_FUNC void STDCALL ssl_ctx_free(SSLCTX *ssl_ctx);
* @param client_fd [in] The client's file descriptor.
* @return An SSL object reference.
*/
EXP_FUNC SSL * STDCALL ssl_server_new(SSLCTX *ssl_ctx, int client_fd);
EXP_FUNC SSL * STDCALL ssl_server_new(SSL_CTX *ssl_ctx, int client_fd);
/**
* @brief (client only) Establish a new SSL connection to an SSL server.
@ -223,7 +223,7 @@ EXP_FUNC SSL * STDCALL ssl_server_new(SSLCTX *ssl_ctx, int client_fd);
* @return An SSL object reference. Use ssl_handshake_status() to check
* if a handshake succeeded.
*/
EXP_FUNC SSL * STDCALL ssl_client_new(SSLCTX *ssl_ctx, int client_fd, const uint8_t *session_id);
EXP_FUNC SSL * STDCALL ssl_client_new(SSL_CTX *ssl_ctx, int client_fd, const uint8_t *session_id);
/**
* @brief Free any used resources on this connection.
@ -272,7 +272,7 @@ EXP_FUNC int STDCALL ssl_write(SSL *ssl, const uint8_t *out_data, int out_len);
* @return A reference to the SSL object. Returns null if the object could not
* be found.
*/
EXP_FUNC SSL * STDCALL ssl_find(SSLCTX *ssl_ctx, int client_fd);
EXP_FUNC SSL * STDCALL ssl_find(SSL_CTX *ssl_ctx, int client_fd);
/**
* @brief Get the session id for a handshake.
@ -395,7 +395,7 @@ EXP_FUNC int STDCALL ssl_renegotiate(SSL *ssl);
* @return SSL_OK if all ok
* @note Not available in skeleton build mode.
*/
EXP_FUNC int STDCALL ssl_obj_load(SSLCTX *ssl_ctx, int obj_type, const char *filename, const char *password);
EXP_FUNC int STDCALL ssl_obj_load(SSL_CTX *ssl_ctx, int obj_type, const char *filename, const char *password);
/**
* @brief Process binary data.
@ -410,7 +410,7 @@ EXP_FUNC int STDCALL ssl_obj_load(SSLCTX *ssl_ctx, int obj_type, const char *fil
* @return SSL_OK if all ok
* @see ssl_obj_load for more details on obj_type.
*/
EXP_FUNC int STDCALL ssl_obj_memory_load(SSLCTX *ssl_ctx, int obj_type, const uint8_t *data, int len, const char *password);
EXP_FUNC int STDCALL ssl_obj_memory_load(SSL_CTX *ssl_ctx, int obj_type, const uint8_t *data, int len, const char *password);
/**
* @brief Return the axTLS library version as a string.

18
ssl/test/ssltest.c
View File

@ -528,7 +528,7 @@ static int cert_tests(void)
{
int res = -1, len;
X509_CTX *x509_ctx;
SSLCTX *ssl_ctx;
SSL_CTX *ssl_ctx;
uint8_t *buf;
/* check a bunch of 3rd party certificates */
@ -728,7 +728,7 @@ static int SSL_server_test(
int axolotls_option)
{
int server_fd, ret = 0;
SSLCTX *ssl_ctx = NULL;
SSL_CTX *ssl_ctx = NULL;
struct sockaddr_in client_addr;
uint8_t *read_buf;
int clnt_len = sizeof(client_addr);
@ -1151,7 +1151,7 @@ static void do_server(server_t *svr)
static int SSL_client_test(
const char *test,
SSLCTX **ssl_ctx,
SSL_CTX **ssl_ctx,
const char *openssl_option,
CLNT_SESSION_RESUME_CTX *sess_resume,
uint32_t client_options,
@ -1332,7 +1332,7 @@ client_test_exit:
int SSL_client_tests(void)
{
int ret = -1;
SSLCTX *ssl_ctx = NULL;
SSL_CTX *ssl_ctx = NULL;
CLNT_SESSION_RESUME_CTX sess_resume;
memset(&sess_resume, 0, sizeof(CLNT_SESSION_RESUME_CTX));
@ -1455,7 +1455,7 @@ static void do_basic(void)
{
int client_fd;
SSL *ssl_clnt;
SSLCTX *ssl_clnt_ctx = ssl_ctx_new(
SSL_CTX *ssl_clnt_ctx = ssl_ctx_new(
DEFAULT_CLNT_OPTION, SSL_DEFAULT_CLNT_SESS);
usleep(200000); /* allow server to start */
@ -1489,7 +1489,7 @@ error:
static int SSL_basic_test(void)
{
int server_fd, client_fd, ret = 0, size = 0, offset = 0;
SSLCTX *ssl_svr_ctx = NULL;
SSL_CTX *ssl_svr_ctx = NULL;
struct sockaddr_in client_addr;
uint8_t *read_buf;
int clnt_len = sizeof(client_addr);
@ -1570,7 +1570,7 @@ error:
typedef struct
{
SSLCTX *ssl_clnt_ctx;
SSL_CTX *ssl_clnt_ctx;
int port;
int thread_id;
} multi_t;
@ -1645,8 +1645,8 @@ error:
int multi_thread_test(void)
{
int server_fd;
SSLCTX *ssl_server_ctx;
SSLCTX *ssl_clnt_ctx;
SSL_CTX *ssl_server_ctx;
SSL_CTX *ssl_clnt_ctx;
pthread_t clnt_threads[NUM_THREADS];
pthread_t svr_threads[NUM_THREADS];
int i, res = 0;

20
ssl/tls1.c
View File

@ -157,9 +157,9 @@ void DISPLAY_BYTES(SSL *ssl, const char *format,
/**
* Establish a new client/server context.
*/
EXP_FUNC SSLCTX *STDCALL ssl_ctx_new(uint32_t options, int num_sessions)
EXP_FUNC SSL_CTX *STDCALL ssl_ctx_new(uint32_t options, int num_sessions)
{
SSLCTX *ssl_ctx = (SSLCTX *)calloc(1, sizeof (SSLCTX));
SSL_CTX *ssl_ctx = (SSL_CTX *)calloc(1, sizeof (SSL_CTX));
ssl_ctx->options = options;
#ifndef CONFIG_SSL_SKELETON_MODE
ssl_ctx->num_sessions = num_sessions;
@ -195,7 +195,7 @@ EXP_FUNC SSLCTX *STDCALL ssl_ctx_new(uint32_t options, int num_sessions)
/*
* Remove a client/server context.
*/
EXP_FUNC void STDCALL ssl_ctx_free(SSLCTX *ssl_ctx)
EXP_FUNC void STDCALL ssl_ctx_free(SSL_CTX *ssl_ctx)
{
SSL *ssl;
int i;
@ -243,7 +243,7 @@ EXP_FUNC void STDCALL ssl_ctx_free(SSLCTX *ssl_ctx)
*/
EXP_FUNC void STDCALL ssl_free(SSL *ssl)
{
SSLCTX *ssl_ctx;
SSL_CTX *ssl_ctx;
if (ssl == NULL) /* just ignore null pointers */
return;
@ -338,7 +338,7 @@ EXP_FUNC int STDCALL ssl_write(SSL *ssl, const uint8_t *out_data, int out_len)
/**
* Add a certificate to the certificate chain.
*/
int add_cert(SSLCTX *ssl_ctx, const uint8_t *buf, int len)
int add_cert(SSL_CTX *ssl_ctx, const uint8_t *buf, int len)
{
int ret = SSL_ERROR_NO_CERT_DEFINED, i = 0;
SSL_CERT *ssl_cert;
@ -383,7 +383,7 @@ error:
/**
* Add a certificate authority.
*/
int add_cert_auth(SSLCTX *ssl_ctx, const uint8_t *buf, int len)
int add_cert_auth(SSL_CTX *ssl_ctx, const uint8_t *buf, int len)
{
int ret = SSL_ERROR_NO_CERT_DEFINED;
int i = 0;
@ -464,7 +464,7 @@ EXP_FUNC const char * STDCALL ssl_get_cert_dn(SSL *ssl, int component)
/*
* Find an ssl object based on the client's file descriptor.
*/
EXP_FUNC SSL * STDCALL ssl_find(SSLCTX *ssl_ctx, int client_fd)
EXP_FUNC SSL * STDCALL ssl_find(SSL_CTX *ssl_ctx, int client_fd)
{
SSL *ssl;
@ -535,7 +535,7 @@ static const cipher_info_t *get_cipher_info(uint8_t cipher)
/*
* Get a new ssl context for a new connection.
*/
SSL *ssl_new(SSLCTX *ssl_ctx, int client_fd)
SSL *ssl_new(SSL_CTX *ssl_ctx, int client_fd)
{
SSL *ssl = (SSL *)calloc(1, sizeof(SSL));
ssl->ssl_ctx = ssl_ctx;
@ -573,7 +573,7 @@ SSL *ssl_new(SSLCTX *ssl_ctx, int client_fd)
/*
* Add a private key to a context.
*/
int add_private_key(SSLCTX *ssl_ctx, SSLObjLoader *ssl_obj)
int add_private_key(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj)
{
int ret = SSL_OK;
@ -2014,7 +2014,7 @@ EXP_FUNC void STDCALL ssl_display_error(int error_code) {}
#ifdef CONFIG_BINDINGS
#if !defined(CONFIG_SSL_ENABLE_CLIENT)
EXP_FUNC SSL * STDCALL ssl_client_new(SSLCTX *ssl_ctx,
EXP_FUNC SSL * STDCALL ssl_client_new(SSL_CTX *ssl_ctx,
int client_fd, const uint8_t *session_id)
{
printf(unsupported_str);

25
ssl/tls1.h
View File

@ -31,7 +31,7 @@ extern "C" {
#include "version.h"
/* Mutexing definitions */
#if defined(CONFIG_SSLCTX_MUTEXING)
#if defined(CONFIG_SSL_CTX_MUTEXING)
#if defined(WIN32)
#define SSL_CTX_MUTEX_TYPE HANDLE
#define SSL_CTX_MUTEX_INIT(A) A=CreateMutex(0, FALSE, 0)
@ -172,7 +172,7 @@ struct _SSL
struct _SSL *next; /* doubly linked list */
struct _SSL *prev;
SSL_CERT *certs;
struct _SSLCTX *ssl_ctx; /* back reference to a clnt/svr ctx */
struct _SSL_CTX *ssl_ctx; /* back reference to a clnt/svr ctx */
#ifndef CONFIG_SSL_SKELETON_MODE
uint16_t session_index;
SSL_SESS *session;
@ -194,7 +194,7 @@ struct _SSL
typedef struct _SSL SSL;
struct _SSLCTX
struct _SSL_CTX
{
uint32_t options;
uint8_t chain_length;
@ -209,16 +209,19 @@ struct _SSLCTX
uint16_t num_sessions;
SSL_SESS **ssl_sessions;
#endif
#ifdef CONFIG_SSLCTX_MUTEXING
#ifdef CONFIG_SSL_CTX_MUTEXING
SSL_CTX_MUTEX_TYPE mutex;
#endif
};
typedef struct _SSLCTX SSLCTX;
typedef struct _SSL_CTX SSL_CTX;
/* backwards compatibility */
typedef struct _SSL_CTX SSLCTX;
extern const uint8_t ssl_prot_prefs[NUM_PROTOCOLS];
SSL *ssl_new(SSLCTX *ssl_ctx, int client_fd);
SSL *ssl_new(SSL_CTX *ssl_ctx, int client_fd);
int send_packet(SSL *ssl, uint8_t protocol,
const uint8_t *in, int length);
int do_svr_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len);
@ -233,13 +236,13 @@ int send_change_cipher_spec(SSL *ssl);
void finished_digest(SSL *ssl, const char *label, uint8_t *digest);
void generate_master_secret(SSL *ssl, const uint8_t *premaster_secret);
void add_packet(SSL *ssl, const uint8_t *pkt, int len);
int add_cert(SSLCTX *ssl_ctx, const uint8_t *buf, int len);
int add_private_key(SSLCTX *ssl_ctx, SSLObjLoader *ssl_obj);
int add_cert(SSL_CTX *ssl_ctx, const uint8_t *buf, int len);
int add_private_key(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj);
void ssl_obj_free(SSLObjLoader *ssl_obj);
int pkcs8_decode(SSLCTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password);
int pkcs12_decode(SSLCTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password);
int pkcs8_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password);
int pkcs12_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password);
#ifdef CONFIG_SSL_CERT_VERIFICATION
int add_cert_auth(SSLCTX *ssl_ctx, const uint8_t *buf, int len);
int add_cert_auth(SSL_CTX *ssl_ctx, const uint8_t *buf, int len);
void remove_ca_certs(CA_CERT_CTX *ca_cert_ctx);
#endif
#ifdef CONFIG_SSL_ENABLE_CLIENT

2
ssl/tls1_clnt.c
View File

@ -35,7 +35,7 @@ static int send_cert_verify(SSL *ssl);
/*
* Establish a new SSL connection to an SSL server.
*/
EXP_FUNC SSL * STDCALL ssl_client_new(SSLCTX *ssl_ctx, int client_fd, const uint8_t *session_id)
EXP_FUNC SSL * STDCALL ssl_client_new(SSL_CTX *ssl_ctx, int client_fd, const uint8_t *session_id)
{
int ret;
SSL *ssl = ssl_new(ssl_ctx, client_fd);

2
ssl/tls1_svr.c
View File

@ -37,7 +37,7 @@ static int process_cert_verify(SSL *ssl);
/*
* Establish a new SSL connection to an SSL client.
*/
EXP_FUNC SSL * STDCALL ssl_server_new(SSLCTX *ssl_ctx, int client_fd)
EXP_FUNC SSL * STDCALL ssl_server_new(SSL_CTX *ssl_ctx, int client_fd)
{
SSL *ssl = ssl_new(ssl_ctx, client_fd);
ssl->next_state = HS_CLIENT_HELLO;