Download
Getting Started
Members
Projects
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
More
Community
Marketplace
Events
Planet Eclipse
Newsletter
Videos
Participate
Report a Bug
Forums
Mailing Lists
Wiki
IRC
How to Contribute
Working Groups
Automotive
Internet of Things
LocationTech
Long-Term Support
PolarSys
Science
OpenMDM
Toggle navigation
Bugzilla – Attachment 77886 Details for
Bug 202638
Lazy dynamic loading of ssl library in AC
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
Terms of Use
|
Copyright Agent
Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read
this important communication.
[patch]
patch
dl_ssl.txt (text/plain), 19.66 KB, created by
Igor Alelekov
on 2007-09-07 10:33:22 EDT
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Igor Alelekov
Created:
2007-09-07 10:33:22 EDT
Size:
19.66 KB
patch
obsolete
>### Eclipse Workspace Patch 1.0 >#P org.eclipse.tptp.platform.agentcontroller >Index: src-native-new/src/agentController/AgentController.make >=================================================================== >RCS file: /cvsroot/tptp/platform/org.eclipse.tptp.platform.agentcontroller/src-native-new/src/agentController/AgentController.make,v >retrieving revision 1.10 >diff -u -r1.10 AgentController.make >--- src-native-new/src/agentController/AgentController.make 29 Aug 2007 19:53:13 -0000 1.10 >+++ src-native-new/src/agentController/AgentController.make 7 Sep 2007 14:20:02 -0000 >@@ -29,7 +29,7 @@ > # (separated by blanks) > #----------------------------------- > >-LIBS := tptpUtils tptpLogUtils tptpConfig processControlUtil xerces-c pthread ssl >+LIBS := tptpUtils tptpLogUtils tptpConfig processControlUtil xerces-c pthread > > #----------------------------------- > # list of additional library directories to search from >Index: src-native-new/src/transport/socketTL/SocketListener.c >=================================================================== >RCS file: /cvsroot/tptp/platform/org.eclipse.tptp.platform.agentcontroller/src-native-new/src/transport/socketTL/SocketListener.c,v >retrieving revision 1.40 >diff -u -r1.40 SocketListener.c >--- src-native-new/src/transport/socketTL/SocketListener.c 31 Aug 2007 14:12:03 -0000 1.40 >+++ src-native-new/src/transport/socketTL/SocketListener.c 7 Sep 2007 14:20:02 -0000 >@@ -69,6 +69,7 @@ > #include <sys/wait.h> > #include <openssl/ssl.h> > #include <tptp/TPTPConfig.h> >+ #include "SSLSupport.h" > #endif > > #include "SocketListener.h" >@@ -83,11 +84,6 @@ > #define DEFAULT_PORT_NUM 10002 > #define PROTO_VERSION 1 > >-#define CONFIGURATION_HOME "TPTP_AC_HOME" >- >-#define CERTF "cert.pem" >-#define KEYF "key.pem" >- > /** thread status */ > enum ThreadStatus { IDLE, RUNNING } ; > >@@ -119,10 +115,6 @@ > > BOOL vrfusrpwd(tptp_string *userid, tptp_string *password); > >-static int sslinit = 1; >-static char* certFile = NULL; >-static char* keyFile = NULL; >- > /** > ********************************************************* > * >@@ -179,74 +171,6 @@ > return ( rc ) ; > } > >-#ifndef _WIN32 >-int setSSL(request_block_ptr_t pBlk) { >- SSL_METHOD *meth; >- SSL_CTX* ctx; >- SSL* ssl; >- int err; >- >- if (sslinit) { >- SSL_load_error_strings(); >- SSL_library_init(); >- sslinit = 0; >- } >- >- meth = SSLv23_server_method(); >- >- ctx = SSL_CTX_new (meth); >- if (!ctx) { >- TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL: context error"); >- return -1; >- } >- >- if (certFile == NULL) { >- TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL: no certificate file found"); >- return -1; >- } >- >- if (SSL_CTX_use_certificate_file(ctx, certFile, SSL_FILETYPE_PEM) <= 0) { >- TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "SSL: illegal certificate file %s", certFile); >- return -1; >- } >- >- if (keyFile == NULL) { >- TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL: no key file found"); >- return -1; >- } >- >- if (SSL_CTX_use_PrivateKey_file(ctx, keyFile, SSL_FILETYPE_PEM) <= 0) { >- TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "SSL: illegal key file %s", keyFile); >- return -1; >- } >- >- if (!SSL_CTX_check_private_key(ctx)) { >- TPTP_LOG_DEBUG_MSG2(pBlk->pServerData, "SSL: Private key %s does not match the certificate public key %s", >- keyFile, certFile); >- return -1; >- } >- >- ssl = SSL_new (ctx); >- if (ssl < 0) { >- TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL.new error"); >- return -1; >- } >- >- SSL_set_fd (ssl, pBlk->clientSock); >- err = SSL_accept (ssl); >- if (err < 0) { >- TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "SSL: ssl_accept error %d", SSL_get_error(ssl, err)); >- return -1; >- } >- >- pBlk->sslCtx = ctx; >- pBlk->ssl = ssl; >- pBlk->secured = TRUE; >- >- return 0; >-} >-#endif >- > /** > ********************************************************* > * >@@ -694,8 +618,9 @@ > > int recvData (request_block_ptr_t pRdb, char *buffer, int length, int *bytesRead) { > int result; >+ > if (pRdb->secured) { >- result = SSL_read (pRdb->ssl, buffer, length); >+ result = sslRead(pRdb->ssl, buffer, length); > *bytesRead = result; > } > else { >@@ -908,63 +833,9 @@ > TPTP_LOG_DEBUG_MSG1(pParam, "Socket server is running at port number of %d.", pParam->port) ; > serveRequest(serverSock, pParam) ; > } >- > return ( 0 ); > } > >-int getACHome (char* buf, int len) { >- char* acHome; >- >- acHome = getenv(CONFIGURATION_HOME); >- if (acHome != NULL) { >- strncpy(buf, acHome, len); >- return 0; >- } >- >-#ifdef _WIN32 >- acHome = _getcwd(buf, 1024); >- if (acHome == NULL) return -1; >- >- strcat(buf, "\\.."); >-#else >- acHome = getcwd(buf, 1024); >- if (acHome == NULL) return -1; >- >- strcat(buf, "/.."); >-#endif >- >- return 0; >-} >- >-int initSSL() { >- char buf[1024]; >- >- if (getACHome(buf, 1024) < 0) { >- certFile = (char*) malloc(strlen(CERTF) + 1); >- strcpy(certFile, CERTF); >- >- keyFile = (char*) malloc(strlen(KEYF) + 1); >- strcpy(keyFile, CERTF); >- } >- else { >-#ifdef _WIN32 >- strcat(buf, "\\security\\"); >-#else >- strcat(buf, "/security/"); >-#endif >- >- certFile = (char*) malloc(strlen(buf) + strlen(CERTF) + 1); >- strcpy(certFile, buf); >- strcat(certFile, CERTF); >- >- keyFile = (char*) malloc(strlen(buf) + strlen(KEYF) + 1); >- strcpy(keyFile, buf); >- strcat(keyFile, KEYF); >- } >- >- return 0; >-} >- > /** > ********************************************************* > * >@@ -975,54 +846,49 @@ > * 0 - Success > * nonzero - Error. > *********************************************************/ >-tptp_int32 createSocketListener(tptp_object* cmo, transport_layer_data_t * pTransportData, tptp_object* tlo) >-{ >- int rc = 0 ; >- >- initSSL(); >+tptp_int32 createSocketListener(tptp_object* cmo, transport_layer_data_t * pTransportData, tptp_object* tlo) { >+ server_block_t* pServerData; >+ SocketConfigInfo socketInfo; >+ int rc; > >- rc = initForSocketCalls() ; >- >- if (rc == 0) >- { >- server_block_t* pServerData; >- SocketConfigInfo socketInfo; >- >- /* prepare the globally available server data block */ >- pServerData = (server_block_ptr_t) malloc(sizeof(server_block_t)) ; >- pServerData->cmo = cmo; >- pServerData->threadStatus = 0 ; >- pServerData->agentControllerDataBlk = *pTransportData ; >- >- /* allocate connection table */ >- pServerData->connectionTable = tableCreate(); >- >- rc = getSocketConfigInfo(pTransportData->configurationData, &socketInfo); >- if (rc != -1) >- { >- pServerData->port = socketInfo.portNumber; >- pServerData->securityEnabled = socketInfo.securityEnabled; >- } >- else >- { >- pServerData->port = DEFAULT_PORT_NUM; >- pServerData->securityEnabled = 0; >+ rc = initForSocketCalls(); >+ if (rc != 0) { >+ if (pTransportData->logEventEntry) { >+ pTransportData->logEventEntry(cmo, "Socket TL", pTransportData->transportID, __FILE__, __LINE__, TPTP_FATAL, "Unable to initialize socket library."); > } >- >- tlo->data = pServerData; >- tlo->objectID = SOCKET_LISTENER_OBJECT_ID; >- >- TPTP_LOG_DEBUG_MSG(pServerData, "createTransportListener (socket)") ; >+ >+ return rc; > } >- else >- { >- if ( pTransportData->logEventEntry ) >- { >- pTransportData->logEventEntry( cmo, "Socket TL", pTransportData->transportID, __FILE__, __LINE__, TPTP_FATAL, "Unable to initialize socket library." ); >- } >+ >+ /* prepare the globally available server data block */ >+ pServerData = (server_block_ptr_t) malloc(sizeof(server_block_t)) ; >+ pServerData->cmo = cmo; >+ pServerData->threadStatus = 0 ; >+ pServerData->agentControllerDataBlk = *pTransportData ; >+ >+ /* allocate connection table */ >+ pServerData->connectionTable = tableCreate(); >+ >+ rc = getSocketConfigInfo(pTransportData->configurationData, &socketInfo); >+ if (rc != -1) { >+ pServerData->port = socketInfo.portNumber; >+#ifdef _WIN32 >+ pServerData->securityEnabled = 0; >+#else >+ pServerData->securityEnabled = socketInfo.securityEnabled; >+#endif >+ } >+ else { >+ pServerData->port = DEFAULT_PORT_NUM; >+ pServerData->securityEnabled = 0; > } > >- return ( rc ) ; >+ tlo->data = pServerData; >+ tlo->objectID = SOCKET_LISTENER_OBJECT_ID; >+ >+ TPTP_LOG_DEBUG_MSG(pServerData, "createTransportListener (socket)") ; >+ >+ return 0; > } > > /** >@@ -1090,14 +956,19 @@ > * 0 - Success > * nonzero - Error. > *********************************************************/ >-tptp_int32 startSocketListener(server_block_t* pServerData) >-{ >+tptp_int32 startSocketListener(server_block_t* pServerData) { > int rc = 0 ; > TID threadId; > HANDLE threadHandle ; > > TPTP_LOG_DEBUG_MSG(pServerData, "startTransportListener (socket)") ; > >+#ifndef _WIN32 >+ if (pServerData->securityEnabled && initSSL(pServerData)) { >+ return -1; >+ } >+#endif >+ > /* create new thread to listen for incoming connection requests */ > rc = tptpStartThread(doListening, > (LPVOID) pServerData, &threadId, &threadHandle) ; >@@ -1108,16 +979,8 @@ > tptp_int32 closeConnection(request_block_ptr_t pBlock) { > if (pBlock == NULL) return -1; > >-#ifndef _WIN32 >- if (pBlock->ssl != NULL) { >- SSL_free(pBlock->ssl); >- pBlock->ssl = NULL; >- } >- >- if (pBlock->sslCtx != NULL) { >- SSL_CTX_free(pBlock->sslCtx); >- pBlock->sslCtx = NULL; >- } >+#ifndef _WIN32 >+ sslFree(pBlock); > #endif > > pBlock->secured = FALSE; >@@ -1173,7 +1036,7 @@ > > tptp_int32 writeData(request_block_ptr_t pBlock, char* buffer, int length) { > if (pBlock->secured) { >- return SSL_write(pBlock->ssl, buffer, length); >+ return sslWrite(pBlock->ssl, buffer, length); > } > else { > return writeToSocket(pBlock->clientSock, buffer, length); >Index: src-native-new/src/transport/socketTL/SocketTL.make >=================================================================== >RCS file: /cvsroot/tptp/platform/org.eclipse.tptp.platform.agentcontroller/src-native-new/src/transport/socketTL/SocketTL.make,v >retrieving revision 1.7 >diff -u -r1.7 SocketTL.make >--- src-native-new/src/transport/socketTL/SocketTL.make 29 Aug 2007 19:53:13 -0000 1.7 >+++ src-native-new/src/transport/socketTL/SocketTL.make 7 Sep 2007 14:20:02 -0000 >@@ -44,7 +44,7 @@ > # list of additional libraries to be linked with > # (separated by blanks) > #----------------------------------- >-LIBS := dl tptpUtils transportSupport ssl >+LIBS := dl tptpUtils transportSupport > > #----------------------------------- > # list of additional library directories to search from >Index: src-native-new/src/transport/socketTL/SSLTypes.h >=================================================================== >RCS file: src-native-new/src/transport/socketTL/SSLTypes.h >diff -N src-native-new/src/transport/socketTL/SSLTypes.h >--- /dev/null 1 Jan 1970 00:00:00 -0000 >+++ src-native-new/src/transport/socketTL/SSLTypes.h 1 Jan 1970 00:00:00 -0000 >@@ -0,0 +1,53 @@ >+#ifndef _SSLTypes_H >+#define _SSLTypes_H >+ >+#define CONFIGURATION_HOME "TPTP_AC_HOME" >+ >+#define CERTF "cert.pem" >+#define KEYF "key.pem" >+ >+#ifndef _WIN32 >+ #include <openssl/ssl.h> >+#endif >+ >+#ifdef _WIN32 >+ #define SSL_LIBRARY_NAME "ssl.dll" >+#else >+ #define SSL_LIBRARY_NAME "libssl.so" >+#endif >+ >+/* Function names to be imported */ >+#define SSL_LOAD_ESTRINGS "SSL_load_error_strings" >+#define SSL_LIBRARY_INIT "SSL_library_init" >+#define SSLV23_SERVER_METHOD "SSLv23_server_method" >+#define SSL_CTX_NEW "SSL_CTX_new" >+#define SSL_CTX_CERT_FILE "SSL_CTX_use_certificate_file" >+#define SSL_CTX_KEY_FILE "SSL_CTX_use_PrivateKey_file" >+#define SSL_CTX_CHECK_KEY "SSL_CTX_check_private_key" >+#define SSL_NEW "SSL_new" >+#define SSL_SET_FD "SSL_set_fd" >+#define SSL_ACCEPT "SSL_accept" >+#define SSL_READ "SSL_read" >+#define SSL_WRITE "SSL_write" >+#define SSL_GET_ERROR "SSL_get_error" >+#define SSL_FREE "SSL_free" >+#define SSL_CTX_FREE "SSL_CTX_free" >+ >+/* SSL function types */ >+typedef void (*ssl_load_error_strings_t)(); >+typedef void (*ssl_library_init_t)(); >+typedef SSL_METHOD* (*sslv23_server_method_t)(); >+typedef SSL_CTX* (*ssl_CTX_new_t)(); >+typedef int (*ssl_CTX_use_certificate_file_t)(); >+typedef int (*ssl_CTX_use_PrivateKey_file_t)(); >+typedef int (*ssl_CTX_check_private_key_t)(); >+typedef SSL* (*ssl_new_t)(); >+typedef int (*ssl_set_fd_t)(); >+typedef int (*ssl_accept_t)(); >+typedef int (*ssl_read_t)(); >+typedef int (*ssl_write_t)(); >+typedef int (*ssl_get_error_t)(); >+typedef char* (*ssl_free_t)(); >+typedef char* (*ssl_CTX_free_t)(); >+ >+#endif >Index: src-native-new/src/transport/socketTL/SSLSupport.h >=================================================================== >RCS file: src-native-new/src/transport/socketTL/SSLSupport.h >diff -N src-native-new/src/transport/socketTL/SSLSupport.h >--- /dev/null 1 Jan 1970 00:00:00 -0000 >+++ src-native-new/src/transport/socketTL/SSLSupport.h 1 Jan 1970 00:00:00 -0000 >@@ -0,0 +1,15 @@ >+#ifndef SSLSUPPORT_H >+#define SSLSUPPORT_H >+ >+#ifndef _WIN32 >+ >+#include "SocketListener.h" >+ >+extern int initSSL(server_block_t* pServerData); >+extern int setSSL(request_block_ptr_t pBlk); >+extern int sslRead(SSL* ssl, char* buffer, int length); >+extern int sslWrite(SSL* ssl, char* buffer, int length); >+extern void sslFree(request_block_ptr_t pBlock); >+ >+#endif >+#endif >Index: src-native-new/src/transport/socketTL/SSLSupport.c >=================================================================== >RCS file: src-native-new/src/transport/socketTL/SSLSupport.c >diff -N src-native-new/src/transport/socketTL/SSLSupport.c >--- /dev/null 1 Jan 1970 00:00:00 -0000 >+++ src-native-new/src/transport/socketTL/SSLSupport.c 1 Jan 1970 00:00:00 -0000 >@@ -0,0 +1,246 @@ >+#include <stdio.h> >+#include <stdlib.h> >+#include <string.h> >+#include <unistd.h> >+#include <dlfcn.h> >+ >+#include "SSLTypes.h" >+#include "SSLSupport.h" >+#include "SocketTLLog.h" >+ >+static char* certFile = NULL; >+static char* keyFile = NULL; >+ >+/* Resolved SSL functions */ >+static sslv23_server_method_t sslv23_server_method; >+static ssl_CTX_new_t ssl_CTX_new; >+static ssl_CTX_use_certificate_file_t ssl_CTX_use_certificate_file; >+static ssl_CTX_use_PrivateKey_file_t ssl_CTX_use_PrivateKey_file; >+static ssl_CTX_check_private_key_t ssl_CTX_check_private_key; >+static ssl_new_t ssl_new; >+static ssl_set_fd_t ssl_set_fd; >+static ssl_accept_t ssl_accept; >+static ssl_read_t ssl_read; >+static ssl_write_t ssl_write; >+static ssl_get_error_t ssl_get_error; >+static ssl_free_t ssl_free; >+static ssl_CTX_free_t ssl_CTX_free; >+ >+int getACHome (char* buf, int len) { >+ char* acHome; >+ >+ acHome = getenv(CONFIGURATION_HOME); >+ if (acHome != NULL) { >+ strncpy(buf, acHome, len); >+ return 0; >+ } >+ >+#ifdef _WIN32 >+ acHome = _getcwd(buf, 1024); >+ if (acHome == NULL) return -1; >+ >+ strcat(buf, "\\.."); >+#else >+ acHome = getcwd(buf, 1024); >+ if (acHome == NULL) return -1; >+ >+ strcat(buf, "/.."); >+#endif >+ >+ return 0; >+} >+ >+int checkFile (char* fileName) { >+ FILE *fp; >+ >+ fp = fopen(fileName, "r"); >+ if (fp == NULL) { >+ return -1; >+ } >+ >+ fclose(fp); >+ >+ return 0; >+} >+ >+int initKeys(server_block_ptr_t pServerData) { >+ char buf[1024]; >+ >+ if (getACHome(buf, 1024) < 0) { >+ certFile = (char*) malloc(strlen(CERTF) + 1); >+ strcpy(certFile, CERTF); >+ >+ keyFile = (char*) malloc(strlen(KEYF) + 1); >+ strcpy(keyFile, CERTF); >+ } >+ else { >+#ifdef _WIN32 >+ strcat(buf, "\\security\\"); >+#else >+ strcat(buf, "/security/"); >+#endif >+ >+ certFile = (char*) malloc(strlen(buf) + strlen(CERTF) + 1); >+ strcpy(certFile, buf); >+ strcat(certFile, CERTF); >+ >+ keyFile = (char*) malloc(strlen(buf) + strlen(KEYF) + 1); >+ strcpy(keyFile, buf); >+ strcat(keyFile, KEYF); >+ } >+ >+ if (checkFile(certFile) < 0) { >+ TPTP_LOG_ERROR_MSG1(pServerData, "SSL: certificate file %s not found", certFile); >+ return -1; >+ } >+ >+ if (checkFile(keyFile) < 0) { >+ TPTP_LOG_ERROR_MSG1(pServerData, "SSL: key file %s not found", keyFile); >+ return -1; >+ } >+ >+ return 0; >+} >+ >+int initSSL(server_block_ptr_t pServerData) { >+ DLL_REFERENCE sslLibrary; >+ ssl_load_error_strings_t ssl_load_error_strings=NULL; >+ ssl_library_init_t ssl_library_init=NULL; >+ >+ int rc; >+ >+ sslLibrary = LOAD_LIBRARY(SSL_LIBRARY_NAME); >+ if (sslLibrary == NULL) { >+ TPTP_LOG_ERROR_MSG(pServerData, "Unable to find ssl library") ; >+ return -1; >+ } >+ >+ if (initKeys(pServerData) < 0) { >+ return -1; >+ } >+ >+ ssl_load_error_strings = (ssl_load_error_strings_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_LOAD_ESTRINGS); >+ ssl_library_init = (ssl_library_init_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_LIBRARY_INIT); >+ sslv23_server_method = (sslv23_server_method_t) RESOLVE_ENTRY_POINT(sslLibrary, SSLV23_SERVER_METHOD); >+ ssl_CTX_new = (ssl_CTX_new_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_CTX_NEW); >+ ssl_CTX_use_certificate_file = (ssl_CTX_use_certificate_file_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_CTX_CERT_FILE); >+ ssl_CTX_use_PrivateKey_file = (ssl_CTX_use_PrivateKey_file_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_CTX_KEY_FILE); >+ ssl_CTX_check_private_key = (ssl_CTX_check_private_key_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_CTX_CHECK_KEY); >+ ssl_new = (ssl_new_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_NEW); >+ ssl_set_fd = (ssl_set_fd_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_SET_FD); >+ ssl_accept = (ssl_accept_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_ACCEPT); >+ ssl_read = (ssl_read_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_READ); >+ ssl_write = (ssl_write_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_WRITE); >+ ssl_get_error = (ssl_get_error_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_GET_ERROR); >+ ssl_free = (ssl_free_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_FREE); >+ ssl_CTX_free = (ssl_CTX_free_t) RESOLVE_ENTRY_POINT(sslLibrary, SSL_CTX_FREE); >+ >+ /* Check to make sure we found everything */ >+ if (ssl_load_error_strings && >+ ssl_library_init && >+ sslv23_server_method && >+ ssl_CTX_new && >+ ssl_CTX_use_certificate_file && >+ ssl_CTX_use_PrivateKey_file && >+ ssl_CTX_check_private_key && >+ ssl_new && >+ ssl_set_fd && >+ ssl_accept && >+ ssl_read && >+ ssl_write && >+ ssl_get_error && >+ ssl_free && >+ ssl_CTX_free) { >+ >+ (*ssl_load_error_strings)(); >+ (*ssl_library_init)(); >+ >+ rc = 0; >+ } >+ else { >+ TPTP_LOG_ERROR_MSG(pServerData, "Unable to initialize ssl library"); >+ rc = -1; >+ } >+ >+ return rc; >+} >+ >+int setSSL(request_block_ptr_t pBlk) { >+ SSL_METHOD *meth; >+ SSL_CTX* ctx; >+ SSL* ssl; >+ int err; >+ >+ meth = (*sslv23_server_method)(); >+ >+ ctx = (*ssl_CTX_new)(meth); >+ if (!ctx) { >+ TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL: context error"); >+ return -1; >+ } >+ >+ if (certFile == NULL) { >+ TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL: no certificate file found"); >+ return -1; >+ } >+ >+ if ((*ssl_CTX_use_certificate_file)(ctx, certFile, SSL_FILETYPE_PEM) <= 0) { >+ TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "SSL: illegal certificate file %s", certFile); >+ return -1; >+ } >+ >+ if (keyFile == NULL) { >+ TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL: no key file found"); >+ return -1; >+ } >+ >+ if ((*ssl_CTX_use_PrivateKey_file)(ctx, keyFile, SSL_FILETYPE_PEM) <= 0) { >+ TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "SSL: illegal key file %s", keyFile); >+ return -1; >+ } >+ >+ if (!(*ssl_CTX_check_private_key)(ctx)) { >+ TPTP_LOG_DEBUG_MSG2(pBlk->pServerData, "SSL: Private key %s does not match the certificate public key %s", >+ keyFile, certFile); >+ return -1; >+ } >+ >+ ssl = (*ssl_new)(ctx); >+ if (ssl < 0) { >+ TPTP_LOG_DEBUG_MSG(pBlk->pServerData, "SSL.new error"); >+ return -1; >+ } >+ >+ (*ssl_set_fd)(ssl, pBlk->clientSock); >+ err = (*ssl_accept)(ssl); >+ if (err < 0) { >+ TPTP_LOG_DEBUG_MSG1(pBlk->pServerData, "SSL: ssl_accept error %d", (*ssl_get_error)(ssl, err)); >+ return -1; >+ } >+ >+ pBlk->sslCtx = ctx; >+ pBlk->ssl = ssl; >+ pBlk->secured = TRUE; >+ >+ return 0; >+} >+ >+int sslRead(SSL* ssl, char* buffer, int length) { >+ return (ssl_read == NULL) ? -1 : (*ssl_read)(ssl, buffer, length); >+} >+ >+int sslWrite(SSL* ssl, char* buffer, int length) { >+ return (ssl_write == NULL) ? -1 : (*ssl_write)(ssl, buffer, length); >+} >+ >+void sslFree(request_block_ptr_t pBlock) { >+ if (pBlock->ssl != NULL) { >+ (*ssl_free)(pBlock->ssl); >+ pBlock->ssl = NULL; >+ } >+ >+ if (pBlock->sslCtx != NULL) { >+ (*ssl_CTX_free)(pBlock->sslCtx); >+ pBlock->sslCtx = NULL; >+ } >+}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=77886">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 202638
: 77886 |
80646
