Added a generic SSL handshake mechanism.

This commit is contained in:
Jan Vidar Krey 2009-08-03 20:21:59 +02:00
parent a297c08bba
commit 4a5993ccc2
3 changed files with 22 additions and 7 deletions

View File

@ -265,7 +265,7 @@ void net_on_accept(int server_fd, short ev, void *arg)
} }
#ifdef SSL_SUPPORT #ifdef SSL_SUPPORT
net_con_ssl_accept(&user->net.connection); net_con_ssl_handshake(&user->net.connection, NET_CON_SSL_MODE_SERVER);
#endif #endif
} }
} }

View File

@ -109,11 +109,6 @@ void net_con_initialize(struct net_connection* con, int sd, struct ip_addr_encap
#ifdef SSL_SUPPORT #ifdef SSL_SUPPORT
con->ssl = NULL; con->ssl = NULL;
con->write_len = 0; con->write_len = 0;
con->ssl = SSL_new(g_hub->ssl_ctx);
LOG_DUMP("SSL_new");
SSL_set_fd(con->ssl, con->sd);
LOG_DUMP("SSL_set_fd");
#endif #endif
} }
@ -319,6 +314,22 @@ ssize_t net_con_ssl_connect(struct net_connection* con)
} }
return ret; return ret;
} }
ssize_t net_con_ssl_handshake(struct net_connection* con, int ssl_mode)
{
if (ssl_mode == NET_CON_SSL_MODE_SERVER)
{
con->ssl = SSL_new(g_hub->ssl_ctx);
SSL_set_fd(con->ssl, con->sd);
return net_con_ssl_accept(con);
}
else
{
con->ssl = SSL_new(SSL_CTX_new(TLSv1_method()));
SSL_set_fd(con->ssl, con->sd);
return net_con_ssl_connect(con);
}
}
#endif /* SSL_SUPPORT */ #endif /* SSL_SUPPORT */

View File

@ -33,7 +33,6 @@ struct net_connection
time_t last_send; /** Timestamp for last send() */ time_t last_send; /** Timestamp for last send() */
#ifdef SSL_SUPPORT #ifdef SSL_SUPPORT
SSL* ssl; /** SSL handle */ SSL* ssl; /** SSL handle */
SSL_CTX* ctx; /** FIXME: Should have a global one instead */
size_t write_len; /** Length of last SSL_write(), only used if flags is NET_WANT_SSL_READ. */ size_t write_len; /** Length of last SSL_write(), only used if flags is NET_WANT_SSL_READ. */
#endif /* SSL_SUPPORT */ #endif /* SSL_SUPPORT */
}; };
@ -70,6 +69,11 @@ extern ssize_t net_con_ssl_accept(struct net_connection*);
* Start SSL_connect() * Start SSL_connect()
*/ */
extern ssize_t net_con_ssl_connect(struct net_connection*); extern ssize_t net_con_ssl_connect(struct net_connection*);
#define NET_CON_SSL_MODE_SERVER 1
#define NET_CON_SSL_MODE_CLIENT 2
extern ssize_t net_con_ssl_handshake(struct net_connection* con, int ssl_mode);
#endif /* SSL_SUPPORT */ #endif /* SSL_SUPPORT */
#endif /* HAVE_UHUB_NETWORK_CONNECTION_H */ #endif /* HAVE_UHUB_NETWORK_CONNECTION_H */