Added a generic SSL handshake mechanism.
This commit is contained in:
parent
a297c08bba
commit
4a5993ccc2
@ -265,7 +265,7 @@ void net_on_accept(int server_fd, short ev, void *arg)
|
|||||||
}
|
}
|
||||||
|
|
||||||
#ifdef SSL_SUPPORT
|
#ifdef SSL_SUPPORT
|
||||||
net_con_ssl_accept(&user->net.connection);
|
net_con_ssl_handshake(&user->net.connection, NET_CON_SSL_MODE_SERVER);
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -109,11 +109,6 @@ void net_con_initialize(struct net_connection* con, int sd, struct ip_addr_encap
|
|||||||
#ifdef SSL_SUPPORT
|
#ifdef SSL_SUPPORT
|
||||||
con->ssl = NULL;
|
con->ssl = NULL;
|
||||||
con->write_len = 0;
|
con->write_len = 0;
|
||||||
|
|
||||||
con->ssl = SSL_new(g_hub->ssl_ctx);
|
|
||||||
LOG_DUMP("SSL_new");
|
|
||||||
SSL_set_fd(con->ssl, con->sd);
|
|
||||||
LOG_DUMP("SSL_set_fd");
|
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -319,6 +314,22 @@ ssize_t net_con_ssl_connect(struct net_connection* con)
|
|||||||
}
|
}
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ssize_t net_con_ssl_handshake(struct net_connection* con, int ssl_mode)
|
||||||
|
{
|
||||||
|
if (ssl_mode == NET_CON_SSL_MODE_SERVER)
|
||||||
|
{
|
||||||
|
con->ssl = SSL_new(g_hub->ssl_ctx);
|
||||||
|
SSL_set_fd(con->ssl, con->sd);
|
||||||
|
return net_con_ssl_accept(con);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
con->ssl = SSL_new(SSL_CTX_new(TLSv1_method()));
|
||||||
|
SSL_set_fd(con->ssl, con->sd);
|
||||||
|
return net_con_ssl_connect(con);
|
||||||
|
}
|
||||||
|
}
|
||||||
#endif /* SSL_SUPPORT */
|
#endif /* SSL_SUPPORT */
|
||||||
|
|
||||||
|
|
||||||
|
@ -33,7 +33,6 @@ struct net_connection
|
|||||||
time_t last_send; /** Timestamp for last send() */
|
time_t last_send; /** Timestamp for last send() */
|
||||||
#ifdef SSL_SUPPORT
|
#ifdef SSL_SUPPORT
|
||||||
SSL* ssl; /** SSL handle */
|
SSL* ssl; /** SSL handle */
|
||||||
SSL_CTX* ctx; /** FIXME: Should have a global one instead */
|
|
||||||
size_t write_len; /** Length of last SSL_write(), only used if flags is NET_WANT_SSL_READ. */
|
size_t write_len; /** Length of last SSL_write(), only used if flags is NET_WANT_SSL_READ. */
|
||||||
#endif /* SSL_SUPPORT */
|
#endif /* SSL_SUPPORT */
|
||||||
};
|
};
|
||||||
@ -70,6 +69,11 @@ extern ssize_t net_con_ssl_accept(struct net_connection*);
|
|||||||
* Start SSL_connect()
|
* Start SSL_connect()
|
||||||
*/
|
*/
|
||||||
extern ssize_t net_con_ssl_connect(struct net_connection*);
|
extern ssize_t net_con_ssl_connect(struct net_connection*);
|
||||||
|
|
||||||
|
#define NET_CON_SSL_MODE_SERVER 1
|
||||||
|
#define NET_CON_SSL_MODE_CLIENT 2
|
||||||
|
extern ssize_t net_con_ssl_handshake(struct net_connection* con, int ssl_mode);
|
||||||
|
|
||||||
#endif /* SSL_SUPPORT */
|
#endif /* SSL_SUPPORT */
|
||||||
|
|
||||||
#endif /* HAVE_UHUB_NETWORK_CONNECTION_H */
|
#endif /* HAVE_UHUB_NETWORK_CONNECTION_H */
|
||||||
|
Loading…
Reference in New Issue
Block a user