Re: Patch for Atheros AR8161/AR8162/AR8171/AR8172 chipsets

[Jonathan Gray]

On Sun, Jul 17, 2016 at 10:52:33PM -0400, Jason Hunt wrote:
> Below is a patch to add support for Atheros AR8161, AR8162, AR8171, and
> AR8172 chipsets.  A version of this was originally submitted by Atanas
> Vladimirov in early 2015 (see reference below) but never merged, so I
> have updated it for current and have been using it all afternoon without
> any issues:
> 
> $ dmesg | grep alc
> alc0 at pci2 dev 0 function 0 "Attansic Technology AR8161" rev 0x10atphy0 at 
> alc0 phy 0: F1 10/100/1000 PHY, rev. 9
> $ ifconfig alc0
> alc0: flags=8843 mtu 1500
> lladdr 74:d4:35:ff:ff:ff
> priority: 0
> groups: egress
> media: Ethernet autoselect (1000baseT 
> full-duplex,master,rxpause,txpause)
> status: active
> inet 17x.3x.12x.1x netmask 0xfe00 broadcast 17x.3x.12x.255
> $ netstat -I alc0
> NameMtu   Network Address  Ipkts IerrsOpkts Oerrs 
> Colls
> alc0150074:d4:35:ff:ff:ff   744900 0   548543 0 > 0
> alc01500  17x.3x.12x/ CPE74d435ff-C   744900 0   548543 0 > 0
> 
> Original patch: https://marc.info/?l=openbsd-tech=142895293124325=2
> 
> Updated patch for current:

This is still full of whitespace abuse, ifdefs/if 0 including
alc_init and changes that make no sense such as removing the printing
of the mac address.

> 
> 
> Index: if_alc.c
> ===
> RCS file: /cvs/src/sys/dev/pci/if_alc.c,v
> retrieving revision 1.39
> diff -u -p -r1.39 if_alc.c
> --- if_alc.c  13 Apr 2016 10:34:32 -  1.39
> +++ if_alc.c  17 Jul 2016 19:24:26 -
> @@ -26,7 +26,7 @@
>   * SUCH DAMAGE.
>   */
>  
> -/* Driver for Atheros AR8131/AR8132 PCIe Ethernet. */
> +/* Driver for Atheros AR8131/AR8132 AR8161/AR8162 AR8171/AR8172 PCIe 
> Ethernet. */
>  
>  #include "bpfilter.h"
>  #include "vlan.h"
> @@ -77,12 +77,17 @@ void  alc_watchdog(struct ifnet *);
>  int  alc_mediachange(struct ifnet *);
>  void alc_mediastatus(struct ifnet *, struct ifmediareq *);
>  
> -void alc_aspm(struct alc_softc *, uint64_t);
> +void alc_aspm(struct alc_softc *, int, uint64_t);
> +void alc_aspm_813x(struct alc_softc *, uint64_t);
> +void alc_aspm_816x(struct alc_softc *, int);
>  void alc_disable_l0s_l1(struct alc_softc *);
>  int  alc_dma_alloc(struct alc_softc *);
>  void alc_dma_free(struct alc_softc *);
>  int  alc_encap(struct alc_softc *, struct mbuf *);
>  void alc_get_macaddr(struct alc_softc *);
> +void alc_get_macaddr_813x(struct alc_softc *);
> +void alc_get_macaddr_816x(struct alc_softc *);
> +void alc_get_macaddr_par(struct alc_softc *);
>  void alc_init_cmb(struct alc_softc *);
>  void alc_init_rr_ring(struct alc_softc *);
>  int  alc_init_rx_ring(struct alc_softc *);
> @@ -90,9 +95,26 @@ void   alc_init_smb(struct alc_softc *);
>  void alc_init_tx_ring(struct alc_softc *);
>  int  alc_intr(void *);
>  void alc_mac_config(struct alc_softc *);
> +uint32_t alc_mii_readreg_813x(struct alc_softc *, int, int);
> +uint32_t alc_mii_readreg_816x(struct alc_softc *, int, int);
> +uint32_t alc_mii_writereg_813x(struct alc_softc *, int, int, int);
> +uint32_t alc_mii_writereg_816x(struct alc_softc *, int, int, int);
> +void alc_dsp_fixup(struct alc_softc *, int);
> +
>  int  alc_miibus_readreg(struct device *, int, int);
>  void alc_miibus_statchg(struct device *);
> +int  alc_miibus_writeregr(struct device *, int, int, int);
>  void alc_miibus_writereg(struct device *, int, int, int);
> +uint32_t alc_miidbg_readreg(struct alc_softc *, int);
> +uint32_t alc_miidbg_writereg(struct alc_softc *, int, int);
> +uint32_t alc_miiext_readreg(struct alc_softc *, int, int);
> +uint32_t alc_miiext_writereg(struct alc_softc *, int, int, int);
> +//intalc_mediachange_locked(struct alc_softc *);
> +void alc_phy_reset_813x(struct alc_softc *);
> +void alc_phy_reset_816x(struct alc_softc *);
> +void alc_setwol_813x(struct alc_softc *);
> +void alc_setwol_816x(struct alc_softc *);
> +
>  int  alc_newbuf(struct alc_softc *, struct alc_rxdesc *);
>  void alc_phy_down(struct alc_softc *);
>  void alc_phy_reset(struct alc_softc *);
> @@ -109,6 +131,13 @@ void alc_stop_mac(struct alc_softc *);
>  void alc_stop_queue(struct alc_softc *);
>  void alc_tick(void *);
>  void alc_txeof(struct alc_softc *);
> +void alc_init_pcie(struct alc_softc *, int);
> +void alc_config_msi(struct alc_softc *);
> +
> +int  alc_dma_alloc(struct alc_softc *);
> +void alc_dma_free(struct alc_softc *);
> +int  alc_encap(struct alc_softc *, struct mbuf *);
> +void alc_osc_reset(struct alc_softc *);
>  
>  uint32_t alc_dma_burst[] = { 128, 256, 512, 1024, 2048, 4096, 0 };
>  
> @@ -118,11 +147,15 @@ const struct pci_matchid alc_devices[] =
>   { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L1D },
>   { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L1D_1 },
>   { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L2C_1 },
> -   

Patch for Atheros AR8161/AR8162/AR8171/AR8172 chipsets

[Jason Hunt]

Below is a patch to add support for Atheros AR8161, AR8162, AR8171, and
AR8172 chipsets.  A version of this was originally submitted by Atanas
Vladimirov in early 2015 (see reference below) but never merged, so I
have updated it for current and have been using it all afternoon without
any issues:

$ dmesg | grep alc
alc0 at pci2 dev 0 function 0 "Attansic Technology AR8161" rev 0x10atphy0 at 
alc0 phy 0: F1 10/100/1000 PHY, rev. 9
$ ifconfig alc0
alc0: flags=8843 mtu 1500
lladdr 74:d4:35:ff:ff:ff
priority: 0
groups: egress
media: Ethernet autoselect (1000baseT 
full-duplex,master,rxpause,txpause)
status: active
inet 17x.3x.12x.1x netmask 0xfe00 broadcast 17x.3x.12x.255
$ netstat -I alc0
NameMtu   Network Address  Ipkts IerrsOpkts Oerrs Colls
alc0150074:d4:35:ff:ff:ff   744900 0   548543 0 0
alc01500  17x.3x.12x/ CPE74d435ff-C   744900 0   548543 0 0

Original patch: https://marc.info/?l=openbsd-tech=142895293124325=2

Updated patch for current:


Index: if_alc.c
===
RCS file: /cvs/src/sys/dev/pci/if_alc.c,v
retrieving revision 1.39
diff -u -p -r1.39 if_alc.c
--- if_alc.c13 Apr 2016 10:34:32 -  1.39
+++ if_alc.c17 Jul 2016 19:24:26 -
@@ -26,7 +26,7 @@
  * SUCH DAMAGE.
  */
 
-/* Driver for Atheros AR8131/AR8132 PCIe Ethernet. */
+/* Driver for Atheros AR8131/AR8132 AR8161/AR8162 AR8171/AR8172 PCIe Ethernet. 
*/
 
 #include "bpfilter.h"
 #include "vlan.h"
@@ -77,12 +77,17 @@ voidalc_watchdog(struct ifnet *);
 intalc_mediachange(struct ifnet *);
 void   alc_mediastatus(struct ifnet *, struct ifmediareq *);
 
-void   alc_aspm(struct alc_softc *, uint64_t);
+void   alc_aspm(struct alc_softc *, int, uint64_t);
+void   alc_aspm_813x(struct alc_softc *, uint64_t);
+void   alc_aspm_816x(struct alc_softc *, int);
 void   alc_disable_l0s_l1(struct alc_softc *);
 intalc_dma_alloc(struct alc_softc *);
 void   alc_dma_free(struct alc_softc *);
 intalc_encap(struct alc_softc *, struct mbuf *);
 void   alc_get_macaddr(struct alc_softc *);
+void   alc_get_macaddr_813x(struct alc_softc *);
+void   alc_get_macaddr_816x(struct alc_softc *);
+void   alc_get_macaddr_par(struct alc_softc *);
 void   alc_init_cmb(struct alc_softc *);
 void   alc_init_rr_ring(struct alc_softc *);
 intalc_init_rx_ring(struct alc_softc *);
@@ -90,9 +95,26 @@ void alc_init_smb(struct alc_softc *);
 void   alc_init_tx_ring(struct alc_softc *);
 intalc_intr(void *);
 void   alc_mac_config(struct alc_softc *);
+uint32_t   alc_mii_readreg_813x(struct alc_softc *, int, int);
+uint32_t   alc_mii_readreg_816x(struct alc_softc *, int, int);
+uint32_t   alc_mii_writereg_813x(struct alc_softc *, int, int, int);
+uint32_t   alc_mii_writereg_816x(struct alc_softc *, int, int, int);
+void   alc_dsp_fixup(struct alc_softc *, int);
+
 intalc_miibus_readreg(struct device *, int, int);
 void   alc_miibus_statchg(struct device *);
+intalc_miibus_writeregr(struct device *, int, int, int);
 void   alc_miibus_writereg(struct device *, int, int, int);
+uint32_t   alc_miidbg_readreg(struct alc_softc *, int);
+uint32_t   alc_miidbg_writereg(struct alc_softc *, int, int);
+uint32_t   alc_miiext_readreg(struct alc_softc *, int, int);
+uint32_t   alc_miiext_writereg(struct alc_softc *, int, int, int);
+//int  alc_mediachange_locked(struct alc_softc *);
+void   alc_phy_reset_813x(struct alc_softc *);
+void   alc_phy_reset_816x(struct alc_softc *);
+void   alc_setwol_813x(struct alc_softc *);
+void   alc_setwol_816x(struct alc_softc *);
+
 intalc_newbuf(struct alc_softc *, struct alc_rxdesc *);
 void   alc_phy_down(struct alc_softc *);
 void   alc_phy_reset(struct alc_softc *);
@@ -109,6 +131,13 @@ void   alc_stop_mac(struct alc_softc *);
 void   alc_stop_queue(struct alc_softc *);
 void   alc_tick(void *);
 void   alc_txeof(struct alc_softc *);
+void   alc_init_pcie(struct alc_softc *, int);
+void   alc_config_msi(struct alc_softc *);
+
+intalc_dma_alloc(struct alc_softc *);
+void   alc_dma_free(struct alc_softc *);
+intalc_encap(struct alc_softc *, struct mbuf *);
+void   alc_osc_reset(struct alc_softc *);
 
 uint32_t alc_dma_burst[] = { 128, 256, 512, 1024, 2048, 4096, 0 };
 
@@ -118,11 +147,15 @@ const struct pci_matchid alc_devices[] =
{ PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L1D },
{ PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L1D_1 },
{ PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L2C_1 },
-   { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L2C_2 }
+   { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_L2C_2 },
+   { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_AR8161 },
+   { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_AR8162 },
+   { PCI_VENDOR_ATTANSIC, PCI_PRODUCT_ATTANSIC_AR8171 },
+   { PCI_VENDOR_ATTANSIC, 

Re: initialize variables patch for bn_nist.c

[Ted Unangst]

Brent Cook wrote:
> I didn't notice it at first, because the patch wasn't inline, but the union
> here needed to be initialized with memset or use a different kind of
> initializer.
> 
> I went with the memset on top of your patch:
> 
> --- bn_nist.c   17 Jul 2016 21:21:40 -  1.16
> +++ bn_nist.c   17 Jul 2016 22:00:45 -
> @@ -59,6 +59,7 @@
>  #include 
> 
>  #include 
> +#include 
> 
>  #include "bn_lcl.h"
> 
> @@ -568,7 +569,8 @@ BN_nist_mod_224(BIGNUM *r, const BIGNUM
> BN_ULONG bn[BN_NIST_224_TOP];
> unsigned int ui[BN_NIST_224_TOP *
> sizeof(BN_ULONG) / sizeof(unsigned int)];
> -   } buf = {0};
> +   } buf;
> +   memset(, 0, sizeof(buf));
> BN_ULONG c_d[BN_NIST_224_TOP], *res;

ok, but please don't mix code and decls like that.

Re: Better for mount(2)

[Vadim Zhukov]

Here is an improved version, after a lot of feedback from jmc@.

Quick list of changes:

  * the unmount description moved closer to the top, since we
mention it in flags description anyway;
  * list of mount options is now sorted;
  * the description of the MNT_RELOAD flag was added;
  * the descriptions of the MNT_FORCE and MNT_UPDATE flags were reworked
and moved to separate paragraphs.

Okay to commit?
--
WBR,
  Vadim Zhukov


Index: mount.2
===
RCS file: /cvs/src/lib/libc/sys/mount.2,v
retrieving revision 1.46
diff -u -p -r1.46 mount.2
--- mount.2 27 May 2016 19:45:04 -  1.46
+++ mount.2 17 Jul 2016 22:13:06 -
@@ -70,31 +70,41 @@ at the time
 of a successful mount are swept under the carpet, so to speak, and
 are unavailable until the filesystem is unmounted.
 .Pp
+The
+.Fn unmount
+function disassociates the filesystem from the specified
+mount point
+.Fa dir .
+.Pp
 The following
 .Fa flags
-may be specified to
-suppress default semantics which affect filesystem access.
+may be specified to change default behaviour:
 .Bl -tag -width MNT_SYNCHRONOUS
-.It Dv MNT_RDONLY
-The filesystem should be treated as read-only:
-even the superuser may not write to it.
+.It Dv MNT_ASYNC
+All I/O to the filesystem should be done asynchronously.
 .It Dv MNT_NOATIME
 Do not update the access time on files in the filesystem unless
 the modification or status change times are also being updated.
+.It Dv MNT_NODEV
+Do not interpret special files on the filesystem.
 .It Dv MNT_NOEXEC
 Do not allow files to be executed from the filesystem.
 .It Dv MNT_NOSUID
 Do not honor setuid or setgid bits on files when executing them.
-.It Dv MNT_NODEV
-Do not interpret special files on the filesystem.
-.It Dv MNT_SYNCHRONOUS
-All I/O to the filesystem should be done synchronously.
-.It Dv MNT_ASYNC
-All I/O to the filesystem should be done asynchronously.
+.It Dv MNT_RDONLY
+The filesystem should be treated as read-only:
+even the superuser may not write to it.
+.It Dv MNT_RELOAD
+Reload a MNT_RDONLY filesystem.
+Used, for example, by
+.Xr fsck 8
+after modification of on-disk structures.
 .It Dv MNT_SOFTDEP
 Use soft dependencies.
 Applies to FFS filesystems only (see 'softdep' in
 .Xr mount 8 ) .
+.It Dv MNT_SYNCHRONOUS
+All I/O to the filesystem should be done synchronously.
 .It MNT_WXALLOWED
 Processes that ask for memory to be made writeable plus executable
 using the
@@ -108,10 +118,13 @@ The option is typically used on the
 filesystem.
 .El
 .Pp
-The flag
+Two more flags affect the behaviour of system calls themselves,
+and not the behaviour of the corresponding filesystem:
+.Pp
+The
 .Dv MNT_UPDATE
-indicates that the mount command is being applied
-to an already mounted filesystem.
+flag indicates that the mount command is being applied to an already
+mounted filesystem.
 This allows the mount flags to be changed without requiring
 that the filesystem be unmounted and remounted.
 Some filesystems may not allow all flags to be changed.
@@ -119,6 +132,18 @@ For example,
 most filesystems will not allow a change from read-write to read-only.
 .Pp
 The
+.Dv MNT_FORCE
+flag, if used together with
+.Dv MNT_UPDATE ,
+allows transition from read-write to read-only,
+even if there are files open for writing.
+And when used on unmount, it specifies that the filesystem
+should be forcibly unmounted even if files are still active;
+active special devices continue to work,
+but any further access to any other active files result in errors,
+even if the filesystem is later remounted.
+.Pp
+The
 .Fa type
 argument defines the type of the filesystem.
 The types of filesystems known to the system are defined in
@@ -237,22 +262,6 @@ struct udf_args {
char*fspec; /* block special device to mount */
 };
 .Ed
-.Pp
-The
-.Fn unmount
-function call disassociates the filesystem from the specified
-mount point
-.Fa dir .
-.Pp
-The
-.Fa flags
-argument may specify
-.Dv MNT_FORCE
-to specify that the filesystem should be forcibly unmounted even if files are
-still active.
-Active special devices continue to work,
-but any further accesses to any other active files result in errors
-even if the filesystem is later remounted.
 .Sh RETURN VALUES
 .Rv -std
 .Sh ERRORS

Re: initialize variables patch for bn_nist.c

[Brent Cook]

I didn't notice it at first, because the patch wasn't inline, but the union
here needed to be initialized with memset or use a different kind of
initializer.

I went with the memset on top of your patch:

--- bn_nist.c   17 Jul 2016 21:21:40 -  1.16
+++ bn_nist.c   17 Jul 2016 22:00:45 -
@@ -59,6 +59,7 @@
 #include 

 #include 
+#include 

 #include "bn_lcl.h"

@@ -568,7 +569,8 @@ BN_nist_mod_224(BIGNUM *r, const BIGNUM
BN_ULONG bn[BN_NIST_224_TOP];
unsigned int ui[BN_NIST_224_TOP *
sizeof(BN_ULONG) / sizeof(unsigned int)];
-   } buf = {0};
+   } buf;
+   memset(, 0, sizeof(buf));
BN_ULONG c_d[BN_NIST_224_TOP], *res;
uintptr_t mask;
union {


On Thu, Jul 14, 2016 at 8:39 AM, Bob Beck  wrote:

> I'm ok with this.
>
>
> On Thu, Jul 14, 2016 at 4:57 AM, Kinichiro Inoguchi <
> kinichiro.inogu...@gmail.com> wrote:
>
> > Hi,
> >
> > When I build LibreSSL portable on HP-UX 11.3 with HP C/aC++ compiler,
> > this warning is detected.
> >
> > ...
> > "bn/bn_nist.c", line 611: warning #2549-D: variable "buf" is used before
> > its value is set
> > nist_set_224(buf.bn, c_d, 14, 13, 12, 11, 10, 9, 8);
> > ^
> > ...
> >
> > To initialize these variables before using, I would like to apply the
> > patch.
> > OK ?
> >
> > Here is original topic on GitHub.
> > https://github.com/libressl-portable/openbsd/pull/19
> >
> > Best Regards,
> >
> > kinichiro inoguchi
> >
> >
>

Re: [PATCH] Callback-based interface to libtls

[Bob Beck]

Excellent.  Im currently travelling but I think you will be hearing from
Joel

Aside from any minor changes i will say i basically like your diff, we may
need to wait for after OpenBSD 6.0 to put it in (few weeks) as we are close
to release and api changes now can hurt ports

but thank you very much for posting this!

On Sunday, 17 July 2016, Tobias Pape  wrote:

> Hi all,
>
> I'm Tobias and fond of using libtls.
> I have a certain use case, where I want to do TLS/SSL but
> can only work with buffers/callbacks and not sockets or FDs.
> In p(l)ain openssl, this is doable, but not nice. Libtls
> does not yet have such a facility.
>
> I did a patch (or Pull-Request in GitHub parlance) against
> portable on github, it would be great if it were considered.
> Then I could migrate the SSL facilities of the Squeak
> programming system from openssl to libtls.
>
> Best regards
> -Tobias
>
> diff --git src/lib/libtls/Makefile src/lib/libtls/Makefile
> index f51f2cd..f4252a6 100644
> --- src/lib/libtls/Makefile
> +++ src/lib/libtls/Makefile
> @@ -13,6 +13,7 @@ LDADD+= -L${BSDOBJDIR}/lib/libssl/ssl -lssl
>  HDRS=  tls.h
>
>  SRCS=  tls.c \
> +   tls_bio_cb.c \
> tls_client.c \
> tls_config.c \
> tls_conninfo.c \
> diff --git src/lib/libtls/tls.c src/lib/libtls/tls.c
> index 22e8c87..7417e8b 100644
> --- src/lib/libtls/tls.c
> +++ src/lib/libtls/tls.c
> @@ -393,6 +393,10 @@ tls_reset(struct tls *ctx)
> tls_free_conninfo(ctx->conninfo);
> free(ctx->conninfo);
> ctx->conninfo = NULL;
> +
> +   ctx->cb_read = NULL;
> +   ctx->cb_write = NULL;
> +   ctx->cb_payload = NULL;
>  }
>
>  int
> @@ -580,3 +584,58 @@ tls_close(struct tls *ctx)
> errno = 0;
> return (rv);
>  }
> +
> +static int
> +tls_bio_cb_write(BIO *h, const char *buf, int num, void *payload)
> +{
> +   int ret = 0;
> +   struct tls *ctx = (struct tls *)payload;
> +   ret = (ctx->cb_write)(ctx, (const void*)buf, (size_t)num,
> ctx->cb_payload);
> +   return (ret);
> +}
> +
> +static int
> +tls_bio_cb_read(BIO *h, char *buf, int size, void *payload)
> +{
> +   int ret = 0;
> +   struct tls *ctx = (struct tls *)payload;
> +   ret = (ctx->cb_read)(ctx, (void*)buf, (size_t)size,
> ctx->cb_payload);
> +   return (ret);
> +}
> +
> +static BIO *
> +tls_get_new_cb_bio(struct tls *ctx)
> +{
> +   BIO *bcb = NULL;
> +   if (ctx->cb_read == NULL || ctx->cb_write == NULL)
> +   tls_set_errorx(ctx, "no callbacks registered");
> +   bcb = BIO_new(BIO_s_cb());
> +   if (bcb == NULL) {
> +   tls_set_errorx(ctx, "failed to create callback i/o");
> +   return (NULL);
> +   }
> +   BIO_set_cb_write(bcb, tls_bio_cb_write);
> +   BIO_set_cb_read(bcb, tls_bio_cb_read);
> +   BIO_set_cb_payload(bcb, ctx);
> +   return (bcb);
> +}
> +
> +int
> +tls_set_cbs(struct tls *ctx, tls_read_cb cb_read, tls_write_cb cb_write,
> +void *cb_payload)
> +{
> +   int rv = -1;
> +   BIO *bcb;
> +   ctx->cb_read = cb_read;
> +   ctx->cb_write = cb_write;
> +   ctx->cb_payload = cb_payload;
> +   bcb = tls_get_new_cb_bio(ctx);
> +   if (bcb == NULL) {
> +   tls_set_errorx(ctx, "failed to create callback i/o");
> +   goto err;
> +   }
> +   SSL_set_bio(ctx->ssl_conn, bcb, bcb);
> +   rv = 0;
> +err:
> +   return (rv);
> +}
> diff --git src/lib/libtls/tls.h src/lib/libtls/tls.h
> index 3e75eb7..f236245 100644
> --- src/lib/libtls/tls.h
> +++ src/lib/libtls/tls.h
> @@ -44,6 +44,11 @@ extern "C" {
>  struct tls;
>  struct tls_config;
>
> +typedef ssize_t (*tls_read_cb)(void *_ctx, void *_buf, size_t _buflen,
> +void *_payload);
> +typedef ssize_t (*tls_write_cb)(void *_ctx, const void *_buf,
> +size_t _buflen, void *_payload);
> +
>  int tls_init(void);
>
>  const char *tls_config_error(struct tls_config *_config);
> @@ -96,12 +101,16 @@ void tls_free(struct tls *_ctx);
>  int tls_accept_fds(struct tls *_ctx, struct tls **_cctx, int _fd_read,
>  int _fd_write);
>  int tls_accept_socket(struct tls *_ctx, struct tls **_cctx, int _socket);
> +int tls_accept_cbs(struct tls *_ctx, struct tls **_cctx,
> +tls_read_cb _cb_read, tls_write_cb _cb_write, void *_cb_payload);
>  int tls_connect(struct tls *_ctx, const char *_host, const char *_port);
>  int tls_connect_fds(struct tls *_ctx, int _fd_read, int _fd_write,
>  const char *_servername);
>  int tls_connect_servername(struct tls *_ctx, const char *_host,
>  const char *_port, const char *_servername);
>  int tls_connect_socket(struct tls *_ctx, int _s, const char *_servername);
> +int tls_connect_cbs(struct tls *_ctx, tls_read_cb _cb_read, tls_write_cb
> _cb_write,
> +void *_cb_payload, const char *_servername);
>  int tls_handshake(struct tls *_ctx);
>  ssize_t tls_read(struct tls *_ctx, void *_buf, size_t _buflen);
>  ssize_t tls_write(struct tls *_ctx, 

[PATCH] Callback-based interface to libtls

[Tobias Pape]

Hi all,

I'm Tobias and fond of using libtls.
I have a certain use case, where I want to do TLS/SSL but
can only work with buffers/callbacks and not sockets or FDs.
In p(l)ain openssl, this is doable, but not nice. Libtls 
does not yet have such a facility.

I did a patch (or Pull-Request in GitHub parlance) against
portable on github, it would be great if it were considered.
Then I could migrate the SSL facilities of the Squeak 
programming system from openssl to libtls.

Best regards
-Tobias

diff --git src/lib/libtls/Makefile src/lib/libtls/Makefile
index f51f2cd..f4252a6 100644
--- src/lib/libtls/Makefile
+++ src/lib/libtls/Makefile
@@ -13,6 +13,7 @@ LDADD+= -L${BSDOBJDIR}/lib/libssl/ssl -lssl
 HDRS=  tls.h
 
 SRCS=  tls.c \
+   tls_bio_cb.c \
tls_client.c \
tls_config.c \
tls_conninfo.c \
diff --git src/lib/libtls/tls.c src/lib/libtls/tls.c
index 22e8c87..7417e8b 100644
--- src/lib/libtls/tls.c
+++ src/lib/libtls/tls.c
@@ -393,6 +393,10 @@ tls_reset(struct tls *ctx)
tls_free_conninfo(ctx->conninfo);
free(ctx->conninfo);
ctx->conninfo = NULL;
+
+   ctx->cb_read = NULL;
+   ctx->cb_write = NULL;
+   ctx->cb_payload = NULL;
 }
 
 int
@@ -580,3 +584,58 @@ tls_close(struct tls *ctx)
errno = 0;
return (rv);
 }
+
+static int
+tls_bio_cb_write(BIO *h, const char *buf, int num, void *payload)
+{
+   int ret = 0;
+   struct tls *ctx = (struct tls *)payload;
+   ret = (ctx->cb_write)(ctx, (const void*)buf, (size_t)num, 
ctx->cb_payload);
+   return (ret);
+}
+
+static int
+tls_bio_cb_read(BIO *h, char *buf, int size, void *payload)
+{
+   int ret = 0;
+   struct tls *ctx = (struct tls *)payload;
+   ret = (ctx->cb_read)(ctx, (void*)buf, (size_t)size, ctx->cb_payload);
+   return (ret);
+}
+
+static BIO *
+tls_get_new_cb_bio(struct tls *ctx)
+{
+   BIO *bcb = NULL;
+   if (ctx->cb_read == NULL || ctx->cb_write == NULL)
+   tls_set_errorx(ctx, "no callbacks registered");
+   bcb = BIO_new(BIO_s_cb());
+   if (bcb == NULL) {
+   tls_set_errorx(ctx, "failed to create callback i/o");
+   return (NULL);
+   }
+   BIO_set_cb_write(bcb, tls_bio_cb_write);
+   BIO_set_cb_read(bcb, tls_bio_cb_read);
+   BIO_set_cb_payload(bcb, ctx);
+   return (bcb);
+}
+
+int
+tls_set_cbs(struct tls *ctx, tls_read_cb cb_read, tls_write_cb cb_write,
+void *cb_payload)
+{
+   int rv = -1;
+   BIO *bcb;
+   ctx->cb_read = cb_read;
+   ctx->cb_write = cb_write;
+   ctx->cb_payload = cb_payload;
+   bcb = tls_get_new_cb_bio(ctx);
+   if (bcb == NULL) {
+   tls_set_errorx(ctx, "failed to create callback i/o");
+   goto err;
+   }
+   SSL_set_bio(ctx->ssl_conn, bcb, bcb);
+   rv = 0;
+err:
+   return (rv);
+}
diff --git src/lib/libtls/tls.h src/lib/libtls/tls.h
index 3e75eb7..f236245 100644
--- src/lib/libtls/tls.h
+++ src/lib/libtls/tls.h
@@ -44,6 +44,11 @@ extern "C" {
 struct tls;
 struct tls_config;
 
+typedef ssize_t (*tls_read_cb)(void *_ctx, void *_buf, size_t _buflen,
+void *_payload);
+typedef ssize_t (*tls_write_cb)(void *_ctx, const void *_buf,
+size_t _buflen, void *_payload);
+
 int tls_init(void);
 
 const char *tls_config_error(struct tls_config *_config);
@@ -96,12 +101,16 @@ void tls_free(struct tls *_ctx);
 int tls_accept_fds(struct tls *_ctx, struct tls **_cctx, int _fd_read,
 int _fd_write);
 int tls_accept_socket(struct tls *_ctx, struct tls **_cctx, int _socket);
+int tls_accept_cbs(struct tls *_ctx, struct tls **_cctx,
+tls_read_cb _cb_read, tls_write_cb _cb_write, void *_cb_payload);
 int tls_connect(struct tls *_ctx, const char *_host, const char *_port);
 int tls_connect_fds(struct tls *_ctx, int _fd_read, int _fd_write,
 const char *_servername);
 int tls_connect_servername(struct tls *_ctx, const char *_host,
 const char *_port, const char *_servername);
 int tls_connect_socket(struct tls *_ctx, int _s, const char *_servername);
+int tls_connect_cbs(struct tls *_ctx, tls_read_cb _cb_read, tls_write_cb 
_cb_write,
+void *_cb_payload, const char *_servername);
 int tls_handshake(struct tls *_ctx);
 ssize_t tls_read(struct tls *_ctx, void *_buf, size_t _buflen);
 ssize_t tls_write(struct tls *_ctx, const void *_buf, size_t _buflen);
diff --git src/lib/libtls/tls_bio_cb.c src/lib/libtls/tls_bio_cb.c
new file mode 100644
index 000..f8b24b0
--- /dev/null
+++ src/lib/libtls/tls_bio_cb.c
@@ -0,0 +1,182 @@
+/* $ID$ */
+/*
+ * Copyright (c) 2016 Tobias Pape 
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED