9pfs/solanum-vs-hackint-and-charybdis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

MbedTLS & OpenSSL: Purely cosmetic changes.

Browse source 
This further reduces the diff between the backends.
It does not change any of the logic in either backend.
This commit is contained in:
Aaron Jones 2016-09-16 11:17:29 +00:00
parent de78e5906a
commit 159d901e71
No known key found for this signature in database
GPG key ID: EC6F86EE9CD840B5
2 changed files with 38 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
libratbox/src/mbedtls.c
View file

@ -22,7 +22,6 @@
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
* USA
*
* $Id$
*/
#include <libratbox_config.h>
@ -259,7 +258,7 @@ rb_ssl_accept_common(rb_fde_t *const F, void *const data)
}
static void
rb_ssl_tryconn_cb(rb_fde_t *const F, void *const data)
rb_ssl_connect_common(rb_fde_t *const F, void *const data)
{
lrb_assert(F != NULL);
lrb_assert(F->ssl != NULL);
@ -272,10 +271,10 @@ rb_ssl_tryconn_cb(rb_fde_t *const F, void *const data)
F->handshake_count++;
break;
case MBEDTLS_ERR_SSL_WANT_READ:
rb_setselect(F, RB_SELECT_READ, rb_ssl_tryconn_cb, data);
rb_setselect(F, RB_SELECT_READ, rb_ssl_connect_common, data);
return;
case MBEDTLS_ERR_SSL_WANT_WRITE:
rb_setselect(F, RB_SELECT_WRITE, rb_ssl_tryconn_cb, data);
rb_setselect(F, RB_SELECT_WRITE, rb_ssl_connect_common, data);
return;
default:
errno = EIO;
@ -559,17 +558,14 @@ rb_get_ssl_certfp(rb_fde_t *const F, uint8_t certfp[const RB_SSL_CERTFP_LEN], co
}
const mbedtls_x509_crt *const peer_cert = mbedtls_ssl_get_peer_cert(SSL_P(F));
if(peer_cert == NULL)
return 0;
const mbedtls_md_info_t *const md_info = mbedtls_md_info_from_type(md_type);
if(md_info == NULL)
return 0;
int ret;
if((ret = mbedtls_md(md_info, peer_cert->raw.p, peer_cert->raw.len, certfp)) != 0)
{
rb_lib_log("%s: mbedtls_md: %s", __func__, rb_ssl_strerror(ret));
@ -662,7 +658,6 @@ rb_ssl_write(rb_fde_t *const F, const void *const buf, const size_t count)
/*
* Internal library-agnostic code
* Mostly copied from the OpenSSL backend, with some optimisations and complete const-correctness
*/
static void
@ -672,6 +667,7 @@ rb_ssl_connect_realcb(rb_fde_t *const F, const int status, struct ssl_connect *c
F->connect->callback = sconn->callback;
F->connect->data = sconn->data;
rb_connect_callback(F, status);
rb_free(sconn);
}
@ -696,19 +692,19 @@ rb_ssl_tryconn(rb_fde_t *const F, const int status, void *const data)
{
lrb_assert(F != NULL);
struct ssl_connect *const sconn = data;
if(status != RB_OK)
{
rb_ssl_connect_realcb(F, status, data);
rb_ssl_connect_realcb(F, status, sconn);
return;
}
F->type |= RB_FD_SSL;
struct ssl_connect *const sconn = data;
rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn);
rb_ssl_init_fd(F, RB_FD_TLS_DIRECTION_OUT);
rb_ssl_tryconn_cb(F, sconn);
rb_ssl_connect_common(F, sconn);
}
static int
@ -741,7 +737,6 @@ rb_sock_net_xmit(void *const context_ptr, const unsigned char *const buf, const
/*
* External library-agnostic code
* Mostly copied from the OpenSSL backend, with some optimisations and const-correctness
*/
int
@ -826,19 +821,19 @@ rb_ssl_start_connected(rb_fde_t *const F, CNCB *const callback, void *const data
if(F == NULL)
return;
F->connect = rb_malloc(sizeof(struct conndata));
F->connect->callback = callback;
F->connect->data = data;
F->type |= RB_FD_SSL;
struct ssl_connect *const sconn = rb_malloc(sizeof *sconn);
sconn->data = data;
sconn->callback = callback;
sconn->timeout = timeout;
F->connect = rb_malloc(sizeof(struct conndata));
F->connect->callback = callback;
F->connect->data = data;
F->type |= RB_FD_SSL;
rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn);
rb_ssl_init_fd(F, RB_FD_TLS_DIRECTION_OUT);
rb_ssl_tryconn_cb(F, sconn);
rb_ssl_connect_common(F, sconn);
}
#endif /* HAVE_MBEDTLS */

49
libratbox/src/openssl.c
View file

@ -143,7 +143,7 @@ rb_ssl_accept_common(rb_fde_t *const F, void *const data)
}
static void
rb_ssl_tryconn_cb(rb_fde_t *const F, void *const data)
rb_ssl_connect_common(rb_fde_t *const F, void *const data)
{
lrb_assert(F != NULL);
lrb_assert(F->ssl != NULL);
@ -166,12 +166,12 @@ rb_ssl_tryconn_cb(rb_fde_t *const F, void *const data)
}
if(ret == -1 && err == SSL_ERROR_WANT_READ)
{
rb_setselect(F, RB_SELECT_READ, rb_ssl_tryconn_cb, data);
rb_setselect(F, RB_SELECT_READ, rb_ssl_connect_common, data);
return;
}
if(ret == -1 && err == SSL_ERROR_WANT_WRITE)
{
rb_setselect(F, RB_SELECT_WRITE, rb_ssl_tryconn_cb, data);
rb_setselect(F, RB_SELECT_WRITE, rb_ssl_connect_common, data);
return;
}
@ -467,36 +467,35 @@ rb_get_ssl_strerror(rb_fde_t *const F)
int
rb_get_ssl_certfp(rb_fde_t *const F, uint8_t certfp[const RB_SSL_CERTFP_LEN], const int method)
{
if(F->ssl == NULL)
if(F == NULL || F->ssl == NULL)
return 0;
const EVP_MD *evp;
unsigned int len;
const EVP_MD *md_type;
unsigned int hashlen;
switch(method)
{
case RB_SSL_CERTFP_METH_SHA1:
evp = EVP_sha1();
len = RB_SSL_CERTFP_LEN_SHA1;
md_type = EVP_sha1();
hashlen = RB_SSL_CERTFP_LEN_SHA1;
break;
case RB_SSL_CERTFP_METH_SHA256:
evp = EVP_sha256();
len = RB_SSL_CERTFP_LEN_SHA256;
md_type = EVP_sha256();
hashlen = RB_SSL_CERTFP_LEN_SHA256;
break;
case RB_SSL_CERTFP_METH_SHA512:
evp = EVP_sha512();
len = RB_SSL_CERTFP_LEN_SHA512;
md_type = EVP_sha512();
hashlen = RB_SSL_CERTFP_LEN_SHA512;
break;
default:
return 0;
}
X509 *const cert = SSL_get_peer_certificate(SSL_P(F));
if(cert == NULL)
X509 *const peer_cert = SSL_get_peer_certificate(SSL_P(F));
if(peer_cert == NULL)
return 0;
int res = SSL_get_verify_result(SSL_P(F));
switch(res)
switch(SSL_get_verify_result(SSL_P(F)))
{
case X509_V_OK:
case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
@ -506,14 +505,14 @@ rb_get_ssl_certfp(rb_fde_t *const F, uint8_t certfp[const RB_SSL_CERTFP_LEN], co
case X509_V_ERR_CERT_UNTRUSTED:
break;
default:
X509_free(cert);
X509_free(peer_cert);
return 0;
}
X509_digest(cert, evp, certfp, &len);
X509_free(cert);
X509_digest(peer_cert, md_type, certfp, &hashlen);
X509_free(peer_cert);
return (int) len;
return (int) hashlen;
}
void
@ -580,7 +579,7 @@ rb_ssl_connect_realcb(rb_fde_t *const F, const int status, struct ssl_connect *c
}
static void
rb_ssl_timeout(rb_fde_t *const F, void *const notused)
rb_ssl_timeout_cb(rb_fde_t *const F, void *const data)
{
lrb_assert(F->accept != NULL);
lrb_assert(F->accept->callback != NULL);
@ -611,7 +610,7 @@ rb_ssl_tryconn(rb_fde_t *const F, const int status, void *const data)
rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn);
rb_ssl_init_fd(F, RB_FD_TLS_DIRECTION_OUT);
rb_ssl_tryconn_cb(F, sconn);
rb_ssl_connect_common(F, sconn);
}
@ -649,7 +648,7 @@ rb_ssl_start_accepted(rb_fde_t *const F, ACCB *const cb, void *const data, const
F->accept->addrlen = 0;
(void) memset(&F->accept->S, 0x00, sizeof F->accept->S);
rb_settimeout(F, timeout, rb_ssl_timeout, NULL);
rb_settimeout(F, timeout, rb_ssl_timeout_cb, NULL);
rb_ssl_init_fd(F, RB_FD_TLS_DIRECTION_IN);
rb_ssl_accept_common(F, NULL);
}
@ -666,7 +665,7 @@ rb_ssl_accept_setup(rb_fde_t *const srv_F, rb_fde_t *const cli_F, struct sockadd
(void) memset(&cli_F->accept->S, 0x00, sizeof cli_F->accept->S);
(void) memcpy(&cli_F->accept->S, st, (size_t) addrlen);
rb_settimeout(cli_F, 10, rb_ssl_timeout, NULL);
rb_settimeout(cli_F, 10, rb_ssl_timeout_cb, NULL);
rb_ssl_init_fd(cli_F, RB_FD_TLS_DIRECTION_IN);
rb_ssl_accept_common(cli_F, NULL);
}
@ -714,7 +713,7 @@ rb_ssl_start_connected(rb_fde_t *const F, CNCB *const callback, void *const data
rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn);
rb_ssl_init_fd(F, RB_FD_TLS_DIRECTION_OUT);
rb_ssl_tryconn_cb(F, sconn);
rb_ssl_connect_common(F, sconn);
}
#endif /* HAVE_OPENSSL */