author | Tero Marttila <terom@fixme.fi> |
Sun, 22 Feb 2009 08:48:21 +0200 | |
changeset 9 | 4c4c906cc649 |
parent 5 | a09a0797f6f0 |
child 10 | 9fe218576d13 |
permissions | -rw-r--r-- |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
1 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
2 |
#include "sock_gnutls.h" |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
3 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
4 |
#include <stdlib.h> |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
5 |
#include <err.h> |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
6 |
|
3 | 7 |
static err_t sock_gnutls_read (struct sock_stream *base_sock, void *buf, size_t len) |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
8 |
{ |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
9 |
struct sock_gnutls *sock = SOCK_FROM_BASE(base_sock, struct sock_gnutls); |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
10 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
11 |
// just map to gnutls_record_recv |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
12 |
return gnutls_record_recv(sock->session, buf, len); |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
13 |
} |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
14 |
|
3 | 15 |
static err_t sock_gnutls_write (struct sock_stream *base_sock, const void *buf, size_t len) |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
16 |
{ |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
17 |
struct sock_gnutls *sock = SOCK_FROM_BASE(base_sock, struct sock_gnutls); |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
18 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
19 |
// just map to gnutls_record_send |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
20 |
return gnutls_record_send(sock->session, buf, len); |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
21 |
} |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
22 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
23 |
/* |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
24 |
* Our sock_stream_Type |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
25 |
*/ |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
26 |
struct sock_stream_type sock_gnutls_type = { |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
27 |
.methods.read = &sock_gnutls_read, |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
28 |
.methods.write = &sock_gnutls_write, |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
29 |
}; |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
30 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
31 |
/* |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
32 |
* XXX: global shared sock_gnutls_ctx |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
33 |
*/ |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
34 |
struct sock_gnutls_client_ctx _sock_gnutls_client_ctx; |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
35 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
36 |
/* |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
37 |
* Configure the given gnutls socket context to use simple anonymous client credentials |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
38 |
*/ |
4
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
39 |
static err_t sock_gnutls_client_ctx_anon (struct sock_gnutls_client_ctx *ctx, struct error_info *err) |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
40 |
{ |
4
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
41 |
// init to use anonymous x509 cert |
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
42 |
if ((ERROR_EXTRA(err) = gnutls_certificate_allocate_credentials(&ctx->xcred)) < 0) |
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
43 |
return SET_ERROR(err, ERR_GNUTLS_CERT_ALLOC_CRED); |
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
44 |
|
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
45 |
// done |
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
46 |
return SUCCESS; |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
47 |
} |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
48 |
|
5 | 49 |
err_t sock_gnutls_global_init (struct error_info *err) |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
50 |
{ |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
51 |
// global init |
4
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
52 |
if ((ERROR_EXTRA(err) = gnutls_global_init()) < 0) |
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
53 |
return SET_ERROR(err, ERR_GNUTLS_GLOBAL_INIT); |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
54 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
55 |
// init _sock_gnutls_ctx |
4
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
56 |
if (sock_gnutls_client_ctx_anon(&_sock_gnutls_client_ctx, err)) |
a3ca0f97a075
change ERROR_* to use pointers again, and implement error_info for sock_init
Tero Marttila <terom@fixme.fi>
parents:
3
diff
changeset
|
57 |
return ERROR_CODE(err); |
3 | 58 |
|
59 |
// done |
|
60 |
return SUCCESS; |
|
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
61 |
} |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
62 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
63 |
|
5 | 64 |
err_t sock_gnutls_connect (struct sock_stream **sock_ptr, const char *host, const char *service, struct error_info *err) |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
65 |
{ |
5 | 66 |
struct sock_gnutls *sock = NULL; |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
67 |
struct sock_gnutls_client_ctx *ctx = &_sock_gnutls_client_ctx; |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
68 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
69 |
// alloc |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
70 |
if ((sock = calloc(1, sizeof(*sock))) == NULL) |
5 | 71 |
return SET_ERROR(err, ERR_CALLOC); |
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
72 |
|
5 | 73 |
// initialize base |
74 |
sock_stream_init(SOCK_GNUTLS_BASE(sock), &sock_gnutls_type); |
|
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
75 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
76 |
// initialize client session |
5 | 77 |
if ((ERROR_EXTRA(err) = gnutls_init(&sock->session, GNUTLS_CLIENT)) < 0) |
78 |
JUMP_SET_ERROR(err, ERR_GNUTLS_INIT); |
|
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
79 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
80 |
// ...default priority stuff |
5 | 81 |
if ((ERROR_EXTRA(err) = gnutls_set_default_priority(sock->session))) |
82 |
JUMP_SET_ERROR(err, ERR_GNUTLS_SET_DEFAULT_PRIORITY); |
|
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
83 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
84 |
// bind anon credentials |
5 | 85 |
if ((ERROR_EXTRA(err) = gnutls_credentials_set(sock->session, GNUTLS_CRD_CERTIFICATE, ctx->xcred))) |
86 |
JUMP_SET_ERROR(err, ERR_GNUTLS_CRED_SET); |
|
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
87 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
88 |
// TCP connect |
5 | 89 |
if (sock_tcp_init_connect(SOCK_GNUTLS_TCP(sock), host, service)) |
90 |
JUMP_SET_ERROR_INFO(err, SOCK_GNUTLS_ERR(sock)); |
|
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
91 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
92 |
// bind default transport functions (recv/send) to use the TCP fd |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
93 |
gnutls_transport_set_ptr(sock->session, (gnutls_transport_ptr_t) sock->base_tcp.fd); |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
94 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
95 |
// perform the handshake |
5 | 96 |
if ((ERROR_EXTRA(err) = gnutls_handshake(sock->session)) < 0) |
97 |
JUMP_SET_ERROR(err, ERR_GNUTLS_HANDSHAKE); |
|
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
98 |
|
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
99 |
// done |
5 | 100 |
*sock_ptr = SOCK_GNUTLS_BASE(sock); |
101 |
||
102 |
return SUCCESS; |
|
103 |
||
104 |
error: |
|
105 |
// XXX: cleanup |
|
106 |
||
107 |
return ERROR_CODE(err); |
|
2
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
108 |
} |
a834f0559939
working SSL using gnutls - a bit of a painful process
Tero Marttila <terom@fixme.fi>
parents:
diff
changeset
|
109 |