Changeset: b7c164a70e50 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB/rev/b7c164a70e50 Modified Files: common/stream/tls_stream.c Branch: smapi Log Message:
Initial implementation of tls read and write functions diffs (106 lines): diff --git a/common/stream/tls_stream.c b/common/stream/tls_stream.c --- a/common/stream/tls_stream.c +++ b/common/stream/tls_stream.c @@ -25,33 +25,29 @@ typedef struct ssl_wrapper { SSL *cSSL; } ssl_wrapper; -/* + static ssize_t tls_write(stream *restrict s, const void *restrict buf, size_t elmsize, size_t cnt) { - (void)s; - (void)buf; - (void)elmsize; - (void)cnt; + /* Is it safe to cast a void pointer into an ssl_wrapper pointer? */ + ssl_wrapper *w = (ssl_wrapper *)s->stream_data.p; - return 0; + return SSL_write(w->cSSL, buf, elmsize*cnt); } static ssize_t -tls_read(stream *restrict s, const void *restrict buf, size_t elmsize, size_t cnt) +tls_read(stream *restrict s, void *restrict buf, size_t elmsize, size_t cnt) { - (void)s; - (void)buf; - (void)elmsize; - (void)cnt; + ssl_wrapper *w = (ssl_wrapper *)s->stream_data.p; - return 0; + return SSL_read(w->cSSL, buf, elmsize*cnt); } -*/ + stream * open_tls_serv_stream(int fd) { - int err = 1; + int ssl_err = 1; + stream *ret; ssl_wrapper *w = (ssl_wrapper *)malloc(sizeof(ssl_wrapper)); if (w == NULL) { @@ -68,22 +64,22 @@ open_tls_serv_stream(int fd) /* TODO parametrize */ const char *server_keypair_fname = "/home/kutsurak/src/monetdb/mercurial-repos/public/smapi/smapi-dev-certificates/leaf_keypair.pem"; - err = SSL_CTX_use_PrivateKey_file(w->ctx, server_keypair_fname, SSL_FILETYPE_PEM); - if (err <= 0) { + ssl_err = SSL_CTX_use_PrivateKey_file(w->ctx, server_keypair_fname, SSL_FILETYPE_PEM); + if (ssl_err <= 0) { /* TODO handle */ return NULL; } /* TODO parametrize */ const char *server_cert_chain_fname = "/home/kutsurak/src/monetdb/mercurial-repos/public/smapi/smapi-dev-certificates/leaf_cert.pem"; - err = SSL_CTX_use_certificate_chain_file(w->ctx, server_cert_chain_fname); - if (err <= 0) { + ssl_err = SSL_CTX_use_certificate_chain_file(w->ctx, server_cert_chain_fname); + if (ssl_err <= 0) { /* TODO handle */ return NULL; } - err = SSL_CTX_check_private_key(w->ctx); - if (err <= 0) { + ssl_err = SSL_CTX_check_private_key(w->ctx); + if (ssl_err <= 0) { /* TODO handle */ return NULL; } @@ -93,13 +89,23 @@ open_tls_serv_stream(int fd) SSL_set_fd(w->cSSL, fd); - /* TODO: Accept connection and construct stream. - * - * NOTE: Accepting the connection will probably need to happen at the point where the TCP connection is - * accepted. The handshake also happens there and the open_tlsstream is given a fully constructed ssl wrapper. - */ + ssl_err = SSL_accept(w->cSSL); + if (ssl_err <= 0) { + /* TODO handle */ + return NULL; + } + - return NULL; + if ((ret = create_stream("server_ssl_stream")) == NULL) { + return NULL; + } + + + ret->stream_data.p = w; + ret->read = tls_read; + ret->write = tls_write; + + return ret; } #else _______________________________________________ checkin-list mailing list -- checkin-list@monetdb.org To unsubscribe send an email to checkin-list-le...@monetdb.org