Re: Patch for Atheros AR8161/AR8162/AR8171/AR8172 chipsets
On Sun, Jul 17, 2016 at 10:52:33PM -0400, Jason Hunt wrote: > Below is a patch to add support for Atheros AR8161, AR8162, AR8171, and > AR8172 chipsets. A version of this was originally submitted by Atanas > Vladimirov in early 2015 (see reference below) but never merged, so I > have updated it for current and have been using it all afternoon without > any issues: > > $ dmesg | grep alc > alc0 at pci2 dev 0 function 0 "Attansic Technology AR8161" rev 0x10atphy0 at > alc0 phy 0: F1 10/100/1000 PHY, rev. 9 > $ ifconfig alc0 > alc0: flags=8843mtu 1500 > lladdr 74:d4:35:ff:ff:ff > priority: 0 > groups: egress > media: Ethernet autoselect (1000baseT > full-duplex,master,rxpause,txpause) > status: active > inet 17x.3x.12x.1x netmask 0xfe00 broadcast 17x.3x.12x.255 > $ netstat -I alc0 > NameMtu Network Address Ipkts IerrsOpkts Oerrs > Colls > alc0150074:d4:35:ff:ff:ff 744900 0 548543 0 > 0 > alc01500 17x.3x.12x/ CPE74d435ff-C 744900 0 548543 0 > 0 > > Original patch: https://marc.info/?l=openbsd-tech=142895293124325=2 > > Updated patch for current: This is still full of whitespace abuse, ifdefs/if 0 including alc_init and changes that make no sense such as removing the printing of the mac address. > > > Index: if_alc.c > === > RCS file: /cvs/src/sys/dev/pci/if_alc.c,v > retrieving revision 1.39 > diff -u -p -r1.39 if_alc.c > --- if_alc.c 13 Apr 2016 10:34:32 - 1.39 > +++ if_alc.c 17 Jul 2016 19:24:26 - > @@ -26,7 +26,7 @@ > * SUCH DAMAGE. > */ > > -/* Driver for Atheros AR8131/AR8132 PCIe Ethernet. */ > +/* Driver for Atheros AR8131/AR8132 AR8161/AR8162 AR8171/AR8172 PCIe > Ethernet. */ > > #include "bpfilter.h" > #include "vlan.h" > @@ -77,12 +77,17 @@ void alc_watchdog(struct ifnet *); > int alc_mediachange(struct ifnet *); > void alc_mediastatus(struct ifnet *, struct ifmediareq *); > > -void alc_aspm(struct alc_softc *, uint64_t); > +void alc_aspm(struct alc_softc *, int, uint64_t); > +void alc_aspm_813x(struct alc_softc *, uint64_t); > +void alc_aspm_816x(struct alc_softc *, int); > void alc_disable_l0s_l1(struct alc_softc *); > int alc_dma_alloc(struct alc_softc *); > void alc_dma_free(struct alc_softc *); > int alc_encap(struct alc_softc *, struct mbuf *); > void alc_get_macaddr(struct alc_softc *); > +void alc_get_macaddr_813x(struct alc_softc *); > +void alc_get_macaddr_816x(struct alc_softc *); > +void alc_get_macaddr_par(struct alc_softc *); > void alc_init_cmb(struct alc_softc *); > void alc_init_rr_ring(struct alc_softc *); > int alc_init_rx_ring(struct alc_softc *); > @@ -90,9 +95,26 @@ void alc_init_smb(struct alc_softc *); > void alc_init_tx_ring(struct alc_softc *); > int alc_intr(void *); > void alc_mac_config(struct alc_softc *); > +uint32_t alc_mii_readreg_813x(struct alc_softc *, int, int); > +uint32_t alc_mii_readreg_816x(struct alc_softc *, int, int); > +uint32_t alc_mii_writereg_813x(struct alc_softc *, int, int, int); > +uint32_t alc_mii_writereg_816x(struct alc_softc *, int, int, int); > +void alc_dsp_fixup(struct alc_softc *, int); > + > int alc_miibus_readreg(struct device *, int, int); > void alc_miibus_statchg(struct device *); > +int alc_miibus_writeregr(struct device *, int, int, int); > void alc_miibus_writereg(struct device *, int, int, int); > +uint32_t alc_miidbg_readreg(struct alc_softc *, int); > +uint32_t alc_miidbg_writereg(struct alc_softc *, int, int); > +uint32_t alc_miiext_readreg(struct alc_softc *, int, int); > +uint32_t alc_miiext_writereg(struct alc_softc *, int, int, int); > +//intalc_mediachange_locked(struct alc_softc *); > +void alc_phy_reset_813x(struct alc_softc *); > +void alc_phy_reset_816x(struct alc_softc *); > +void alc_setwol_813x(struct alc_softc *); > +void alc_setwol_816x(struct alc_softc *); > + > int alc_newbuf(struct alc_softc *, struct alc_rxdesc *); > void alc_phy_down(struct alc_softc *); > void alc_phy_reset(struct alc_softc *); > @@ -109,6 +131,13 @@ void alc_stop_mac(struct alc_softc *); > void alc_stop_queue(struct alc_softc *); > void alc_tick(void *); > void alc_txeof(struct alc_softc *); > +void alc_init_pcie(struct alc_softc *, int); > +void alc_config_msi(struct alc_softc *); > + > +int alc_dma_alloc(struct alc_softc *); > +void alc_dma_free(struct alc_softc *); > +int alc_encap(struct alc_softc *, struct mbuf *); > +void alc_osc_reset(struct alc_softc *); > > uint32_t alc_dma_burst[] = { 128, 256, 512, 1024, 2048, 4096, 0 }; > > @@ -118,11 +147,15 @@ const struct pci_matchid alc_devices[] = > { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L1D }, > { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L1D_1 }, > { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L2C_1 }, > -
Patch for Atheros AR8161/AR8162/AR8171/AR8172 chipsets
Below is a patch to add support for Atheros AR8161, AR8162, AR8171, and AR8172 chipsets. A version of this was originally submitted by Atanas Vladimirov in early 2015 (see reference below) but never merged, so I have updated it for current and have been using it all afternoon without any issues: $ dmesg | grep alc alc0 at pci2 dev 0 function 0 "Attansic Technology AR8161" rev 0x10atphy0 at alc0 phy 0: F1 10/100/1000 PHY, rev. 9 $ ifconfig alc0 alc0: flags=8843mtu 1500 lladdr 74:d4:35:ff:ff:ff priority: 0 groups: egress media: Ethernet autoselect (1000baseT full-duplex,master,rxpause,txpause) status: active inet 17x.3x.12x.1x netmask 0xfe00 broadcast 17x.3x.12x.255 $ netstat -I alc0 NameMtu Network Address Ipkts IerrsOpkts Oerrs Colls alc0150074:d4:35:ff:ff:ff 744900 0 548543 0 0 alc01500 17x.3x.12x/ CPE74d435ff-C 744900 0 548543 0 0 Original patch: https://marc.info/?l=openbsd-tech=142895293124325=2 Updated patch for current: Index: if_alc.c === RCS file: /cvs/src/sys/dev/pci/if_alc.c,v retrieving revision 1.39 diff -u -p -r1.39 if_alc.c --- if_alc.c13 Apr 2016 10:34:32 - 1.39 +++ if_alc.c17 Jul 2016 19:24:26 - @@ -26,7 +26,7 @@ * SUCH DAMAGE. */ -/* Driver for Atheros AR8131/AR8132 PCIe Ethernet. */ +/* Driver for Atheros AR8131/AR8132 AR8161/AR8162 AR8171/AR8172 PCIe Ethernet. */ #include "bpfilter.h" #include "vlan.h" @@ -77,12 +77,17 @@ voidalc_watchdog(struct ifnet *); intalc_mediachange(struct ifnet *); void alc_mediastatus(struct ifnet *, struct ifmediareq *); -void alc_aspm(struct alc_softc *, uint64_t); +void alc_aspm(struct alc_softc *, int, uint64_t); +void alc_aspm_813x(struct alc_softc *, uint64_t); +void alc_aspm_816x(struct alc_softc *, int); void alc_disable_l0s_l1(struct alc_softc *); intalc_dma_alloc(struct alc_softc *); void alc_dma_free(struct alc_softc *); intalc_encap(struct alc_softc *, struct mbuf *); void alc_get_macaddr(struct alc_softc *); +void alc_get_macaddr_813x(struct alc_softc *); +void alc_get_macaddr_816x(struct alc_softc *); +void alc_get_macaddr_par(struct alc_softc *); void alc_init_cmb(struct alc_softc *); void alc_init_rr_ring(struct alc_softc *); intalc_init_rx_ring(struct alc_softc *); @@ -90,9 +95,26 @@ void alc_init_smb(struct alc_softc *); void alc_init_tx_ring(struct alc_softc *); intalc_intr(void *); void alc_mac_config(struct alc_softc *); +uint32_t alc_mii_readreg_813x(struct alc_softc *, int, int); +uint32_t alc_mii_readreg_816x(struct alc_softc *, int, int); +uint32_t alc_mii_writereg_813x(struct alc_softc *, int, int, int); +uint32_t alc_mii_writereg_816x(struct alc_softc *, int, int, int); +void alc_dsp_fixup(struct alc_softc *, int); + intalc_miibus_readreg(struct device *, int, int); void alc_miibus_statchg(struct device *); +intalc_miibus_writeregr(struct device *, int, int, int); void alc_miibus_writereg(struct device *, int, int, int); +uint32_t alc_miidbg_readreg(struct alc_softc *, int); +uint32_t alc_miidbg_writereg(struct alc_softc *, int, int); +uint32_t alc_miiext_readreg(struct alc_softc *, int, int); +uint32_t alc_miiext_writereg(struct alc_softc *, int, int, int); +//int alc_mediachange_locked(struct alc_softc *); +void alc_phy_reset_813x(struct alc_softc *); +void alc_phy_reset_816x(struct alc_softc *); +void alc_setwol_813x(struct alc_softc *); +void alc_setwol_816x(struct alc_softc *); + intalc_newbuf(struct alc_softc *, struct alc_rxdesc *); void alc_phy_down(struct alc_softc *); void alc_phy_reset(struct alc_softc *); @@ -109,6 +131,13 @@ void alc_stop_mac(struct alc_softc *); void alc_stop_queue(struct alc_softc *); void alc_tick(void *); void alc_txeof(struct alc_softc *); +void alc_init_pcie(struct alc_softc *, int); +void alc_config_msi(struct alc_softc *); + +intalc_dma_alloc(struct alc_softc *); +void alc_dma_free(struct alc_softc *); +intalc_encap(struct alc_softc *, struct mbuf *); +void alc_osc_reset(struct alc_softc *); uint32_t alc_dma_burst[] = { 128, 256, 512, 1024, 2048, 4096, 0 }; @@ -118,11 +147,15 @@ const struct pci_matchid alc_devices[] = { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L1D }, { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L1D_1 }, { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L2C_1 }, - { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L2C_2 } + { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L2C_2 }, + { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_AR8161 }, + { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_AR8162 }, + { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_AR8171 }, + { PCI_VENDOR_ATTANSIC,
Re: initialize variables patch for bn_nist.c
Brent Cook wrote: > I didn't notice it at first, because the patch wasn't inline, but the union > here needed to be initialized with memset or use a different kind of > initializer. > > I went with the memset on top of your patch: > > --- bn_nist.c 17 Jul 2016 21:21:40 - 1.16 > +++ bn_nist.c 17 Jul 2016 22:00:45 - > @@ -59,6 +59,7 @@ > #include > > #include > +#include > > #include "bn_lcl.h" > > @@ -568,7 +569,8 @@ BN_nist_mod_224(BIGNUM *r, const BIGNUM > BN_ULONG bn[BN_NIST_224_TOP]; > unsigned int ui[BN_NIST_224_TOP * > sizeof(BN_ULONG) / sizeof(unsigned int)]; > - } buf = {0}; > + } buf; > + memset(, 0, sizeof(buf)); > BN_ULONG c_d[BN_NIST_224_TOP], *res; ok, but please don't mix code and decls like that.
Re: Better for mount(2)
Here is an improved version, after a lot of feedback from jmc@. Quick list of changes: * the unmount description moved closer to the top, since we mention it in flags description anyway; * list of mount options is now sorted; * the description of the MNT_RELOAD flag was added; * the descriptions of the MNT_FORCE and MNT_UPDATE flags were reworked and moved to separate paragraphs. Okay to commit? -- WBR, Vadim Zhukov Index: mount.2 === RCS file: /cvs/src/lib/libc/sys/mount.2,v retrieving revision 1.46 diff -u -p -r1.46 mount.2 --- mount.2 27 May 2016 19:45:04 - 1.46 +++ mount.2 17 Jul 2016 22:13:06 - @@ -70,31 +70,41 @@ at the time of a successful mount are swept under the carpet, so to speak, and are unavailable until the filesystem is unmounted. .Pp +The +.Fn unmount +function disassociates the filesystem from the specified +mount point +.Fa dir . +.Pp The following .Fa flags -may be specified to -suppress default semantics which affect filesystem access. +may be specified to change default behaviour: .Bl -tag -width MNT_SYNCHRONOUS -.It Dv MNT_RDONLY -The filesystem should be treated as read-only: -even the superuser may not write to it. +.It Dv MNT_ASYNC +All I/O to the filesystem should be done asynchronously. .It Dv MNT_NOATIME Do not update the access time on files in the filesystem unless the modification or status change times are also being updated. +.It Dv MNT_NODEV +Do not interpret special files on the filesystem. .It Dv MNT_NOEXEC Do not allow files to be executed from the filesystem. .It Dv MNT_NOSUID Do not honor setuid or setgid bits on files when executing them. -.It Dv MNT_NODEV -Do not interpret special files on the filesystem. -.It Dv MNT_SYNCHRONOUS -All I/O to the filesystem should be done synchronously. -.It Dv MNT_ASYNC -All I/O to the filesystem should be done asynchronously. +.It Dv MNT_RDONLY +The filesystem should be treated as read-only: +even the superuser may not write to it. +.It Dv MNT_RELOAD +Reload a MNT_RDONLY filesystem. +Used, for example, by +.Xr fsck 8 +after modification of on-disk structures. .It Dv MNT_SOFTDEP Use soft dependencies. Applies to FFS filesystems only (see 'softdep' in .Xr mount 8 ) . +.It Dv MNT_SYNCHRONOUS +All I/O to the filesystem should be done synchronously. .It MNT_WXALLOWED Processes that ask for memory to be made writeable plus executable using the @@ -108,10 +118,13 @@ The option is typically used on the filesystem. .El .Pp -The flag +Two more flags affect the behaviour of system calls themselves, +and not the behaviour of the corresponding filesystem: +.Pp +The .Dv MNT_UPDATE -indicates that the mount command is being applied -to an already mounted filesystem. +flag indicates that the mount command is being applied to an already +mounted filesystem. This allows the mount flags to be changed without requiring that the filesystem be unmounted and remounted. Some filesystems may not allow all flags to be changed. @@ -119,6 +132,18 @@ For example, most filesystems will not allow a change from read-write to read-only. .Pp The +.Dv MNT_FORCE +flag, if used together with +.Dv MNT_UPDATE , +allows transition from read-write to read-only, +even if there are files open for writing. +And when used on unmount, it specifies that the filesystem +should be forcibly unmounted even if files are still active; +active special devices continue to work, +but any further access to any other active files result in errors, +even if the filesystem is later remounted. +.Pp +The .Fa type argument defines the type of the filesystem. The types of filesystems known to the system are defined in @@ -237,22 +262,6 @@ struct udf_args { char*fspec; /* block special device to mount */ }; .Ed -.Pp -The -.Fn unmount -function call disassociates the filesystem from the specified -mount point -.Fa dir . -.Pp -The -.Fa flags -argument may specify -.Dv MNT_FORCE -to specify that the filesystem should be forcibly unmounted even if files are -still active. -Active special devices continue to work, -but any further accesses to any other active files result in errors -even if the filesystem is later remounted. .Sh RETURN VALUES .Rv -std .Sh ERRORS
Re: initialize variables patch for bn_nist.c
I didn't notice it at first, because the patch wasn't inline, but the union here needed to be initialized with memset or use a different kind of initializer. I went with the memset on top of your patch: --- bn_nist.c 17 Jul 2016 21:21:40 - 1.16 +++ bn_nist.c 17 Jul 2016 22:00:45 - @@ -59,6 +59,7 @@ #include #include +#include #include "bn_lcl.h" @@ -568,7 +569,8 @@ BN_nist_mod_224(BIGNUM *r, const BIGNUM BN_ULONG bn[BN_NIST_224_TOP]; unsigned int ui[BN_NIST_224_TOP * sizeof(BN_ULONG) / sizeof(unsigned int)]; - } buf = {0}; + } buf; + memset(, 0, sizeof(buf)); BN_ULONG c_d[BN_NIST_224_TOP], *res; uintptr_t mask; union { On Thu, Jul 14, 2016 at 8:39 AM, Bob Beckwrote: > I'm ok with this. > > > On Thu, Jul 14, 2016 at 4:57 AM, Kinichiro Inoguchi < > kinichiro.inogu...@gmail.com> wrote: > > > Hi, > > > > When I build LibreSSL portable on HP-UX 11.3 with HP C/aC++ compiler, > > this warning is detected. > > > > ... > > "bn/bn_nist.c", line 611: warning #2549-D: variable "buf" is used before > > its value is set > > nist_set_224(buf.bn, c_d, 14, 13, 12, 11, 10, 9, 8); > > ^ > > ... > > > > To initialize these variables before using, I would like to apply the > > patch. > > OK ? > > > > Here is original topic on GitHub. > > https://github.com/libressl-portable/openbsd/pull/19 > > > > Best Regards, > > > > kinichiro inoguchi > > > > >
Re: [PATCH] Callback-based interface to libtls
Excellent. Im currently travelling but I think you will be hearing from Joel Aside from any minor changes i will say i basically like your diff, we may need to wait for after OpenBSD 6.0 to put it in (few weeks) as we are close to release and api changes now can hurt ports but thank you very much for posting this! On Sunday, 17 July 2016, Tobias Papewrote: > Hi all, > > I'm Tobias and fond of using libtls. > I have a certain use case, where I want to do TLS/SSL but > can only work with buffers/callbacks and not sockets or FDs. > In p(l)ain openssl, this is doable, but not nice. Libtls > does not yet have such a facility. > > I did a patch (or Pull-Request in GitHub parlance) against > portable on github, it would be great if it were considered. > Then I could migrate the SSL facilities of the Squeak > programming system from openssl to libtls. > > Best regards > -Tobias > > diff --git src/lib/libtls/Makefile src/lib/libtls/Makefile > index f51f2cd..f4252a6 100644 > --- src/lib/libtls/Makefile > +++ src/lib/libtls/Makefile > @@ -13,6 +13,7 @@ LDADD+= -L${BSDOBJDIR}/lib/libssl/ssl -lssl > HDRS= tls.h > > SRCS= tls.c \ > + tls_bio_cb.c \ > tls_client.c \ > tls_config.c \ > tls_conninfo.c \ > diff --git src/lib/libtls/tls.c src/lib/libtls/tls.c > index 22e8c87..7417e8b 100644 > --- src/lib/libtls/tls.c > +++ src/lib/libtls/tls.c > @@ -393,6 +393,10 @@ tls_reset(struct tls *ctx) > tls_free_conninfo(ctx->conninfo); > free(ctx->conninfo); > ctx->conninfo = NULL; > + > + ctx->cb_read = NULL; > + ctx->cb_write = NULL; > + ctx->cb_payload = NULL; > } > > int > @@ -580,3 +584,58 @@ tls_close(struct tls *ctx) > errno = 0; > return (rv); > } > + > +static int > +tls_bio_cb_write(BIO *h, const char *buf, int num, void *payload) > +{ > + int ret = 0; > + struct tls *ctx = (struct tls *)payload; > + ret = (ctx->cb_write)(ctx, (const void*)buf, (size_t)num, > ctx->cb_payload); > + return (ret); > +} > + > +static int > +tls_bio_cb_read(BIO *h, char *buf, int size, void *payload) > +{ > + int ret = 0; > + struct tls *ctx = (struct tls *)payload; > + ret = (ctx->cb_read)(ctx, (void*)buf, (size_t)size, > ctx->cb_payload); > + return (ret); > +} > + > +static BIO * > +tls_get_new_cb_bio(struct tls *ctx) > +{ > + BIO *bcb = NULL; > + if (ctx->cb_read == NULL || ctx->cb_write == NULL) > + tls_set_errorx(ctx, "no callbacks registered"); > + bcb = BIO_new(BIO_s_cb()); > + if (bcb == NULL) { > + tls_set_errorx(ctx, "failed to create callback i/o"); > + return (NULL); > + } > + BIO_set_cb_write(bcb, tls_bio_cb_write); > + BIO_set_cb_read(bcb, tls_bio_cb_read); > + BIO_set_cb_payload(bcb, ctx); > + return (bcb); > +} > + > +int > +tls_set_cbs(struct tls *ctx, tls_read_cb cb_read, tls_write_cb cb_write, > +void *cb_payload) > +{ > + int rv = -1; > + BIO *bcb; > + ctx->cb_read = cb_read; > + ctx->cb_write = cb_write; > + ctx->cb_payload = cb_payload; > + bcb = tls_get_new_cb_bio(ctx); > + if (bcb == NULL) { > + tls_set_errorx(ctx, "failed to create callback i/o"); > + goto err; > + } > + SSL_set_bio(ctx->ssl_conn, bcb, bcb); > + rv = 0; > +err: > + return (rv); > +} > diff --git src/lib/libtls/tls.h src/lib/libtls/tls.h > index 3e75eb7..f236245 100644 > --- src/lib/libtls/tls.h > +++ src/lib/libtls/tls.h > @@ -44,6 +44,11 @@ extern "C" { > struct tls; > struct tls_config; > > +typedef ssize_t (*tls_read_cb)(void *_ctx, void *_buf, size_t _buflen, > +void *_payload); > +typedef ssize_t (*tls_write_cb)(void *_ctx, const void *_buf, > +size_t _buflen, void *_payload); > + > int tls_init(void); > > const char *tls_config_error(struct tls_config *_config); > @@ -96,12 +101,16 @@ void tls_free(struct tls *_ctx); > int tls_accept_fds(struct tls *_ctx, struct tls **_cctx, int _fd_read, > int _fd_write); > int tls_accept_socket(struct tls *_ctx, struct tls **_cctx, int _socket); > +int tls_accept_cbs(struct tls *_ctx, struct tls **_cctx, > +tls_read_cb _cb_read, tls_write_cb _cb_write, void *_cb_payload); > int tls_connect(struct tls *_ctx, const char *_host, const char *_port); > int tls_connect_fds(struct tls *_ctx, int _fd_read, int _fd_write, > const char *_servername); > int tls_connect_servername(struct tls *_ctx, const char *_host, > const char *_port, const char *_servername); > int tls_connect_socket(struct tls *_ctx, int _s, const char *_servername); > +int tls_connect_cbs(struct tls *_ctx, tls_read_cb _cb_read, tls_write_cb > _cb_write, > +void *_cb_payload, const char *_servername); > int tls_handshake(struct tls *_ctx); > ssize_t tls_read(struct tls *_ctx, void *_buf, size_t _buflen); > ssize_t tls_write(struct tls *_ctx,
[PATCH] Callback-based interface to libtls
Hi all, I'm Tobias and fond of using libtls. I have a certain use case, where I want to do TLS/SSL but can only work with buffers/callbacks and not sockets or FDs. In p(l)ain openssl, this is doable, but not nice. Libtls does not yet have such a facility. I did a patch (or Pull-Request in GitHub parlance) against portable on github, it would be great if it were considered. Then I could migrate the SSL facilities of the Squeak programming system from openssl to libtls. Best regards -Tobias diff --git src/lib/libtls/Makefile src/lib/libtls/Makefile index f51f2cd..f4252a6 100644 --- src/lib/libtls/Makefile +++ src/lib/libtls/Makefile @@ -13,6 +13,7 @@ LDADD+= -L${BSDOBJDIR}/lib/libssl/ssl -lssl HDRS= tls.h SRCS= tls.c \ + tls_bio_cb.c \ tls_client.c \ tls_config.c \ tls_conninfo.c \ diff --git src/lib/libtls/tls.c src/lib/libtls/tls.c index 22e8c87..7417e8b 100644 --- src/lib/libtls/tls.c +++ src/lib/libtls/tls.c @@ -393,6 +393,10 @@ tls_reset(struct tls *ctx) tls_free_conninfo(ctx->conninfo); free(ctx->conninfo); ctx->conninfo = NULL; + + ctx->cb_read = NULL; + ctx->cb_write = NULL; + ctx->cb_payload = NULL; } int @@ -580,3 +584,58 @@ tls_close(struct tls *ctx) errno = 0; return (rv); } + +static int +tls_bio_cb_write(BIO *h, const char *buf, int num, void *payload) +{ + int ret = 0; + struct tls *ctx = (struct tls *)payload; + ret = (ctx->cb_write)(ctx, (const void*)buf, (size_t)num, ctx->cb_payload); + return (ret); +} + +static int +tls_bio_cb_read(BIO *h, char *buf, int size, void *payload) +{ + int ret = 0; + struct tls *ctx = (struct tls *)payload; + ret = (ctx->cb_read)(ctx, (void*)buf, (size_t)size, ctx->cb_payload); + return (ret); +} + +static BIO * +tls_get_new_cb_bio(struct tls *ctx) +{ + BIO *bcb = NULL; + if (ctx->cb_read == NULL || ctx->cb_write == NULL) + tls_set_errorx(ctx, "no callbacks registered"); + bcb = BIO_new(BIO_s_cb()); + if (bcb == NULL) { + tls_set_errorx(ctx, "failed to create callback i/o"); + return (NULL); + } + BIO_set_cb_write(bcb, tls_bio_cb_write); + BIO_set_cb_read(bcb, tls_bio_cb_read); + BIO_set_cb_payload(bcb, ctx); + return (bcb); +} + +int +tls_set_cbs(struct tls *ctx, tls_read_cb cb_read, tls_write_cb cb_write, +void *cb_payload) +{ + int rv = -1; + BIO *bcb; + ctx->cb_read = cb_read; + ctx->cb_write = cb_write; + ctx->cb_payload = cb_payload; + bcb = tls_get_new_cb_bio(ctx); + if (bcb == NULL) { + tls_set_errorx(ctx, "failed to create callback i/o"); + goto err; + } + SSL_set_bio(ctx->ssl_conn, bcb, bcb); + rv = 0; +err: + return (rv); +} diff --git src/lib/libtls/tls.h src/lib/libtls/tls.h index 3e75eb7..f236245 100644 --- src/lib/libtls/tls.h +++ src/lib/libtls/tls.h @@ -44,6 +44,11 @@ extern "C" { struct tls; struct tls_config; +typedef ssize_t (*tls_read_cb)(void *_ctx, void *_buf, size_t _buflen, +void *_payload); +typedef ssize_t (*tls_write_cb)(void *_ctx, const void *_buf, +size_t _buflen, void *_payload); + int tls_init(void); const char *tls_config_error(struct tls_config *_config); @@ -96,12 +101,16 @@ void tls_free(struct tls *_ctx); int tls_accept_fds(struct tls *_ctx, struct tls **_cctx, int _fd_read, int _fd_write); int tls_accept_socket(struct tls *_ctx, struct tls **_cctx, int _socket); +int tls_accept_cbs(struct tls *_ctx, struct tls **_cctx, +tls_read_cb _cb_read, tls_write_cb _cb_write, void *_cb_payload); int tls_connect(struct tls *_ctx, const char *_host, const char *_port); int tls_connect_fds(struct tls *_ctx, int _fd_read, int _fd_write, const char *_servername); int tls_connect_servername(struct tls *_ctx, const char *_host, const char *_port, const char *_servername); int tls_connect_socket(struct tls *_ctx, int _s, const char *_servername); +int tls_connect_cbs(struct tls *_ctx, tls_read_cb _cb_read, tls_write_cb _cb_write, +void *_cb_payload, const char *_servername); int tls_handshake(struct tls *_ctx); ssize_t tls_read(struct tls *_ctx, void *_buf, size_t _buflen); ssize_t tls_write(struct tls *_ctx, const void *_buf, size_t _buflen); diff --git src/lib/libtls/tls_bio_cb.c src/lib/libtls/tls_bio_cb.c new file mode 100644 index 000..f8b24b0 --- /dev/null +++ src/lib/libtls/tls_bio_cb.c @@ -0,0 +1,182 @@ +/* $ID$ */ +/* + * Copyright (c) 2016 Tobias Pape+ * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED