Mercurial Mercurial > evirc / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
src/ssl.c
branchnew-lib-errors
changeset 219 cefec18b8268
parent 218 5229a5d098b2 
--- a/src/ssl.c	Thu May 28 00:35:02 2009 +0300
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,102 +0,0 @@
-#include "ssl_internal.h"
-
-#include <assert.h>
-
-/*
- * Global shared anonymous client credentials
- */
-struct ssl_client_cred ssl_client_cred_anon = { .x509 = NULL, .verify = false, .refcount = 0 };
-
-
-// XXX: GnuTLS log func
-void _log (int level, const char *msg)
-{
-    printf("gnutls: %d: %s", level, msg);
-}
-
-err_t ssl_global_init (error_t *err)
-{
-    // global init
-    if ((ERROR_EXTRA(err) = gnutls_global_init()) < 0)
-        return SET_ERROR(err, ERR_GNUTLS_GLOBAL_INIT);
-
-    // initialize the anon client credentials
-    if ((ERROR_EXTRA(err) = gnutls_certificate_allocate_credentials(&ssl_client_cred_anon.x509)) < 0)
-        return SET_ERROR(err, ERR_GNUTLS_CERT_ALLOC_CRED);
-
-    // XXX: debug
-//    gnutls_global_set_log_function(&_log);
-//    gnutls_global_set_log_level(11);
-
-    // done
-    return SUCCESS;
-}
-
-static void ssl_client_cred_destroy (struct ssl_client_cred *cred)
-{
-    // simple
-    gnutls_certificate_free_credentials(cred->x509);
-
-    free(cred);
-}
-
-err_t ssl_client_cred_create (struct ssl_client_cred **ctx_cred,
-        const char *cafile_path, bool verify,
-        const char *cert_path, const char *pkey_path,
-        error_t *err
-) {
-    struct ssl_client_cred *cred;
-
-    // alloc it
-    if ((cred = calloc(1, sizeof(*cred))) == NULL)
-        return SET_ERROR(err, ERR_CALLOC);
-
-    // create the cert
-    if ((ERROR_EXTRA(err) = gnutls_certificate_allocate_credentials(&cred->x509)) < 0)
-        JUMP_SET_ERROR(err, ERR_GNUTLS_CERT_ALLOC_CRED);
-    
-    // load the trusted ca certs?
-    if (cafile_path) {
-        // load them
-        if ((ERROR_EXTRA(err) = gnutls_certificate_set_x509_trust_file(cred->x509, cafile_path, GNUTLS_X509_FMT_PEM)) < 0)
-            JUMP_SET_ERROR(err, ERR_GNUTLS_CERT_SET_X509_TRUST_FILE);
-
-    }
-
-    // set the verify flags?
-    cred->verify = verify;
-    gnutls_certificate_set_verify_flags(cred->x509, 0);
-
-    // load the client cert?
-    if (cert_path || pkey_path) {
-        // need both...
-        assert(cert_path && pkey_path);
-
-        // load
-        if ((ERROR_EXTRA(err) = gnutls_certificate_set_x509_key_file(cred->x509, cert_path, pkey_path, GNUTLS_X509_FMT_PEM)))
-            JUMP_SET_ERROR(err, ERR_GNUTLS_CERT_SET_X509_KEY_FILE);
-    }
-
-    // ok
-    cred->refcount = 1;
-    *ctx_cred = cred;
-
-    return SUCCESS;
-
-error:
-    // release
-    ssl_client_cred_destroy(cred);
-
-    return ERROR_CODE(err);
-}
-
-void ssl_client_cred_get (struct ssl_client_cred *cred)
-{
-    cred->refcount++;
-}
-
-void ssl_client_cred_put (struct ssl_client_cred *cred)
-{
-    if (--cred->refcount == 0)
-        ssl_client_cred_destroy(cred);
-}
evirc