external
/
uhub
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Wrapped everything OpenSSL related in a SSL_USE_OPENSSL check macro.

This commit is contained in:
Jan Vidar Krey 2012-10-02 23:59:11 +02:00
parent 69603ff70f
commit f20c42d05f
11 changed files with 96 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CMakeLists.txt
View File

@ -17,13 +17,21 @@ set (PROJECT_SOURCE_DIR "${CMAKE_SOURCE_DIR}/src")
option(RELEASE "Release build, debug build if disabled" ON)
option(LINK_SUPPORT "Allow hub linking" OFF)
option(SSL_SUPPORT "Enable SSL support" ON)
option(USE_OPENSSL "Use OpenSSL's SSL support" OFF)
option(SQLITE_SUPPORT "Enable SQLite support" ON)
option(ADC_STRESS "Enable the stress tester client" OFF)
find_package(Git)
if (SSL_SUPPORT)
find_package(OpenSSL REQUIRED)
if (USE_OPENSSL)
find_package(OpenSSL)
else()
find_package(GnuTLS)
endif()
if (NOT GNUTLS_FOUND AND NOT OPENSSL_FOUND)
message(FATAL_ERROR "Neither OpenSSL nor GnuTLS are not found!")
endif()
endif()
if (MSVC)
@ -156,16 +164,26 @@ else()
endif()
if(OPENSSL_FOUND)
add_definitions(-DSSL_SUPPORT=1)
set(SSL_LIBS ${OPENSSL_LIBRARIES})
add_definitions(-DSSL_SUPPORT=1 -DSSL_USE_OPENSSL=1)
include_directories(${OPENSSL_INCLUDE_DIR})
target_link_libraries(uhub ${OPENSSL_LIBRARIES})
endif()
if (GNUTLS_FOUND)
set(SSL_LIBS ${GNUTLS_LIBRARIES})
add_definitions(-DSSL_SUPPORT=1 -DSSL_USE_GNUTLS=1 ${GNUTLS_DEFINITIONS})
include_directories(${GNUTLS_INCLUDE_DIR})
endif()
if(SSL_SUPPORT)
target_link_libraries(uhub ${SSL_LIBS})
if(UNIX)
target_link_libraries(uhub-admin ${OPENSSL_LIBRARIES})
target_link_libraries(uhub-admin ${SSL_LIBS})
endif()
target_link_libraries(mod_welcome ${OPENSSL_LIBRARIES})
target_link_libraries(mod_logging ${OPENSSL_LIBRARIES})
target_link_libraries(mod_welcome ${SSL_LIBS})
target_link_libraries(mod_logging ${SSL_LIBS})
if (ADC_STRESS)
target_link_libraries(adcrush ${OPENSSL_LIBRARIES})
target_link_libraries(adcrush ${SSL_LIBS})
endif()
endif()

6
src/core/hub.c
View File

@ -731,6 +731,7 @@ static int load_ssl_certificates(struct hub_info* hub, struct hub_config* config
{
if (config->tls_enable)
{
#ifdef SSL_USE_OPENSSL
hub->ssl_method = (SSL_METHOD*) SSLv23_method(); /* TLSv1_method() */
hub->ssl_ctx = SSL_CTX_new(hub->ssl_method);
@ -754,18 +755,21 @@ static int load_ssl_certificates(struct hub_info* hub, struct hub_config* config
return 0;
}
LOG_INFO("Enabling TLS, using certificate: %s, private key: %s", config->tls_certificate, config->tls_private_key);
#endif /* SSL_USE_OPENSSL */
}
return 1;
}
static void unload_ssl_certificates(struct hub_info* hub)
{
#ifdef SSL_USE_OPENSSL
if (hub->ssl_ctx)
{
SSL_CTX_free(hub->ssl_ctx);
}
#endif /* SSL_USE_OPENSSL */
}
#endif
#endif /* SSL_SUPPORT */
struct hub_info* hub_start_service(struct hub_config* config)
{

2
src/core/hub.h
View File

@ -116,8 +116,10 @@ struct hub_info
struct uhub_plugins* plugins; /* Plug-ins loaded for this hub instance. */
#ifdef SSL_SUPPORT
#ifdef SSL_USE_OPENSSL
SSL_METHOD* ssl_method;
SSL_CTX* ssl_ctx;
#endif // SSL_USE_OPENSSL
#endif /* SSL_SUPPORT */
};

2
src/core/probe.c
View File

@ -85,7 +85,9 @@ static void probe_net_event(struct net_connection* con, int events, void *arg)
{
probe->connection = 0;
}
#ifdef SSL_USE_OPENSSL
net_con_ssl_handshake(con, net_con_ssl_mode_server, probe->hub->ssl_ctx);
#endif /* SSL_USE_OPENSSL */
}
else
{

4
src/network/backend.c
View File

@ -180,12 +180,14 @@ void net_con_close(struct net_connection* con)
g_backend->handler.con_del(g_backend->data, con);
#ifdef SSL_SUPPORT
#ifdef SSL_USE_OPENSSL
if (con->ssl)
{
SSL_shutdown(con->ssl);
SSL_clear(con->ssl);
}
#endif
#endif /* SSL_USE_OPENSSL */
#endif /* SSL_SUPPORT */
net_close(con->sd);
con->sd = -1;

9
src/network/common.h
View File

@ -35,10 +35,17 @@
net_connection_cb callback; /** Callback function */ \
struct timeout_evt* timeout; /** timeout event handler */
#ifdef SSL_USE_OPENSSL
#define NET_CON_STRUCT_SSL \
SSL* ssl; /** SSL handle */ \
uint32_t ssl_state; /** SSL state */ \
size_t write_len; /** Length of last SSL_write(), only used if flags is NET_WANT_SSL_READ. */ \
size_t write_len; /** Length of last SSL_write(), only used if flags is NET_WANT_SSL_READ. */
#endif
#ifdef SSL_USE_GNUTLS
#define NET_CON_STRUCT_SSL \
uint32_t ssl_state; /** SSL state */
#endif
#ifdef SSL_SUPPORT
#define NET_CON_STRUCT_COMMON \

42
src/network/connection.c
View File

@ -32,6 +32,7 @@ enum uhub_tls_state
tls_st_disconnecting,
};
#ifdef SSL_USE_OPENSSL
static int handle_openssl_error(struct net_connection* con, int ret)
{
uhub_assert(con);
@ -72,15 +73,18 @@ static int handle_openssl_error(struct net_connection* con, int ret)
}
return -1;
}
#endif /* SSL_USE_OPENSSL */
ssize_t net_con_ssl_accept(struct net_connection* con)
{
uhub_assert(con);
con->ssl_state = tls_st_accepting;
ssize_t ret = SSL_accept(con->ssl);
ssize_t ret;
#ifdef SSL_USE_OPENSSL
ret = SSL_accept(con->ssl);
#ifdef NETWORK_DUMP_DEBUG
LOG_PROTO("SSL_accept() ret=%d", ret);
#endif
#endif /* NETWORK_DUMP_DEBUG */
if (ret > 0)
{
net_con_update(con, NET_EVENT_READ);
@ -90,18 +94,20 @@ ssize_t net_con_ssl_accept(struct net_connection* con)
{
return handle_openssl_error(con, ret);
}
#endif /* SSL_USE_OPENSSL */
return ret;
}
ssize_t net_con_ssl_connect(struct net_connection* con)
{
uhub_assert(con);
ssize_t ret;
con->ssl_state = tls_st_connecting;
ssize_t ret = SSL_connect(con->ssl);
#ifdef SSL_USE_OPENSSL
ret = SSL_connect(con->ssl);
#ifdef NETWORK_DUMP_DEBUG
LOG_PROTO("SSL_connect() ret=%d", ret);
#endif
#endif /* NETWORK_DUMP_DEBUG */
if (ret > 0)
{
con->ssl_state = tls_st_connected;
@ -111,12 +117,15 @@ ssize_t net_con_ssl_connect(struct net_connection* con)
{
return handle_openssl_error(con, ret);
}
#endif /* SSL_USE_OPENSSL */
return ret;
}
#ifdef SSL_USE_OPENSSL
ssize_t net_con_ssl_handshake(struct net_connection* con, enum net_con_ssl_mode ssl_mode, SSL_CTX* ssl_ctx)
{
uhub_assert(con);
SSL* ssl = 0;
if (ssl_mode == net_con_ssl_mode_server)
@ -138,7 +147,9 @@ ssize_t net_con_ssl_handshake(struct net_connection* con, enum net_con_ssl_mode
net_con_set_ssl(con, ssl);
return net_con_ssl_connect(con);
}
}
#endif /* SSL_USE_OPENSSL */
#endif /* SSL_SUPPORT */
#ifdef SSL_SUPPORT
@ -150,7 +161,9 @@ ssize_t net_con_send(struct net_connection* con, const void* buf, size_t len)
{
int ret;
#ifdef SSL_SUPPORT
#ifdef SSL_USE_OPENSSL
if (!con->ssl)
#endif /* SSL_USE_OPENSSL */
{
#endif
ret = net_send(con->sd, buf, len, UHUB_SEND_SIGNAL);
@ -168,6 +181,7 @@ ssize_t net_con_send(struct net_connection* con, const void* buf, size_t len)
}
#ifdef SSL_SUPPORT
}
#ifdef SSL_USE_OPENSSL
else
{
con->write_len = len;
@ -182,7 +196,8 @@ ssize_t net_con_send(struct net_connection* con, const void* buf, size_t len)
net_stats_add_tx(ret);
}
}
#endif
#endif /* SSL_USE_OPENSSL */
#endif /* SSL_SUPPORT */
return ret;
}
@ -214,6 +229,7 @@ ssize_t net_con_recv(struct net_connection* con, void* buf, size_t len)
}
else
{
#ifdef SSL_USE_OPENSSL
if (con->ssl_state == tls_st_error)
return -1;
@ -228,8 +244,9 @@ ssize_t net_con_recv(struct net_connection* con, void* buf, size_t len)
{
return handle_openssl_error(con, ret);
}
#endif /* SSL_USE_OPENSSL */
}
#endif
#endif /* SSL_SUPPORT */
return ret;
}
@ -254,11 +271,15 @@ ssize_t net_con_peek(struct net_connection* con, void* buf, size_t len)
}
#ifdef SSL_SUPPORT
int net_con_is_ssl(struct net_connection* con)
{
#ifdef SSL_USE_OPENSSL
return con->ssl != 0;
#endif
}
#ifdef SSL_USE_OPENSSL
SSL* net_con_get_ssl(struct net_connection* con)
{
return con->ssl;
@ -268,6 +289,7 @@ void net_con_set_ssl(struct net_connection* con, SSL* ssl)
{
con->ssl = ssl;
}
#endif /* SSL_USE_OPENSSL */
#endif /* SSL_SUPPORT */
int net_con_get_sd(struct net_connection* con)
@ -283,7 +305,9 @@ void* net_con_get_ptr(struct net_connection* con)
void net_con_destroy(struct net_connection* con)
{
#ifdef SSL_SUPPORT
#ifdef SSL_USE_OPENSSL
SSL_free(con->ssl);
#endif /* SSL_USE_OPENSSL */
#endif
hub_free(con);
}
@ -301,13 +325,17 @@ void net_con_callback(struct net_connection* con, int events)
}
#ifdef SSL_SUPPORT
#ifdef SSL_USE_OPENSSL
if (!con->ssl)
#endif /* SSL_USE_OPENSSL */
{
#endif
con->callback(con, events, con->ptr);
#ifdef SSL_SUPPORT
}
#ifdef SSL_USE_OPENSSL
else
#endif /* SSL_USE_OPENSSL */
{
#ifdef NETWORK_DUMP_DEBUG
LOG_PROTO("net_con_event: events=%d, con=%p, state=%d", events, con, con->ssl_state);

6
src/network/connection.h
View File

@ -100,11 +100,13 @@ enum net_con_ssl_mode
net_con_ssl_mode_client,
};
#ifdef SSL_USE_OPENSSL
extern ssize_t net_con_ssl_handshake(struct net_connection* con, enum net_con_ssl_mode, SSL_CTX* ssl_ctx);
extern int net_con_is_ssl(struct net_connection* con);
extern SSL* net_con_get_ssl(struct net_connection* con);
extern void net_con_set_ssl(struct net_connection* con, SSL*);
#endif // SSL_USE_OPENSSL
extern int net_con_is_ssl(struct net_connection* con);
#endif /* SSL_SUPPORT */
#endif /* HAVE_UHUB_NETWORK_CONNECTION_H */

6
src/network/network.c
View File

@ -59,9 +59,11 @@ int net_initialize()
net_stats_initialize();
#ifdef SSL_SUPPORT
#ifdef SSL_USE_OPENSSL
LOG_TRACE("Initializing OpenSSL...");
SSL_library_init();
SSL_load_error_strings();
#endif /* SSL_USE_OPENSSL */
#endif /* SSL_SUPPORT */
net_initialized = 1;
@ -100,10 +102,12 @@ int net_destroy()
net_backend_shutdown();
#ifdef SSL_SUPPORT
#ifdef SSL_USE_OPENSSL
ERR_free_strings();
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
#endif
#endif /* SSL_USE_OPENSSL */
#endif /* SSL_SUPPORT */
#ifdef WINSOCK
WSACleanup();

5
src/system.h
View File

@ -99,8 +99,13 @@
#endif
#ifdef SSL_SUPPORT
#ifdef SSL_USE_OPENSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#endif /* SSL_USE_OPENSSL */
#ifdef SSL_USE_GNUTLS
#include <gnutls/gnutls.h>
#endif /* SSL_USE_GNUTLS */
#endif
#include "version.h"

2
src/tools/adcclient.c
View File

@ -66,8 +66,10 @@ struct ADC_client
int flags;
void* ptr;
#ifdef SSL_SUPPORT
#ifdef SSL_USE_OPENSSL
const SSL_METHOD* ssl_method;
SSL_CTX* ssl_ctx;
#endif /* SSL_USE_OPENSSL */
#endif /* SSL_SUPPORT */
};