diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/salticidae/conn.h | 2 | ||||
-rw-r--r-- | include/salticidae/crypto.h | 66 | ||||
-rw-r--r-- | include/salticidae/network.h | 10 | ||||
-rw-r--r-- | include/salticidae/util.h | 8 |
4 files changed, 70 insertions, 16 deletions
diff --git a/include/salticidae/conn.h b/include/salticidae/conn.h index a3da96c..ceec176 100644 --- a/include/salticidae/conn.h +++ b/include/salticidae/conn.h @@ -112,7 +112,7 @@ class ConnPool { void disp_terminate(); public: - Conn(): ready_send(false), + Conn(): worker(nullptr), ready_send(false), send_data_func(nullptr), recv_data_func(nullptr), tls(nullptr), peer_cert(nullptr) {} Conn(const Conn &) = delete; diff --git a/include/salticidae/crypto.h b/include/salticidae/crypto.h index 7eec030..d7231a4 100644 --- a/include/salticidae/crypto.h +++ b/include/salticidae/crypto.h @@ -27,6 +27,8 @@ #include "salticidae/type.h" #include "salticidae/util.h" + +#ifdef __cplusplus #include <openssl/sha.h> #include <openssl/ssl.h> @@ -116,15 +118,15 @@ class SHA1 { } }; -static thread_local const char *_password; +static thread_local const char *_passwd; static inline int _tls_pem_no_passswd(char *, int, int, void *) { return -1; } static inline int _tls_pem_with_passwd(char *buf, int size, int, void *) { - size_t _size = strlen(_password) + 1; + size_t _size = strlen(_passwd) + 1; if (_size > (size_t)size) throw SalticidaeError(SALTI_ERROR_TLS_X509); - memmove(buf, _password, _size); + memmove(buf, _passwd, _size); return _size - 1; } @@ -140,14 +142,14 @@ class PKey { PKey(const PKey &) = delete; PKey(PKey &&other): key(other.key) { other.key = nullptr; } - PKey create_privkey_from_pem_file(std::string pem_fname, std::string *password = nullptr) { + static PKey create_privkey_from_pem_file(std::string pem_fname, std::string *passwd = nullptr) { FILE *fp = fopen(pem_fname.c_str(), "r"); EVP_PKEY *key; if (fp == nullptr) throw SalticidaeError(SALTI_ERROR_TLS_KEY); - if (password) + if (passwd) { - _password = password->c_str(); + _passwd = passwd->c_str(); key = PEM_read_PrivateKey(fp, NULL, _tls_pem_with_passwd, NULL); } else @@ -160,9 +162,10 @@ class PKey { return PKey(key); } - PKey create_privkey_from_der(const uint8_t *der, size_t size) { + static PKey create_privkey_from_der(const bytearray_t &der) { + const auto *_der = &der[0]; EVP_PKEY *key; - key = d2i_AutoPrivateKey(NULL, (const unsigned char **)&der, size); + key = d2i_AutoPrivateKey(NULL, (const unsigned char **)&_der, der.size()); if (key == nullptr) throw SalticidaeError(SALTI_ERROR_TLS_KEY); return PKey(key); @@ -201,14 +204,14 @@ class X509 { X509(const X509 &) = delete; X509(X509 &&other): x509(other.x509) { other.x509 = nullptr; } - X509 create_from_pem_file(std::string pem_fname, std::string *password = nullptr) { + static X509 create_from_pem_file(std::string pem_fname, std::string *passwd = nullptr) { FILE *fp = fopen(pem_fname.c_str(), "r"); ::X509 *x509; if (fp == nullptr) throw SalticidaeError(SALTI_ERROR_TLS_X509); - if (password) + if (passwd) { - _password = password->c_str(); + _passwd = passwd->c_str(); x509 = PEM_read_X509(fp, NULL, _tls_pem_with_passwd, NULL); } else @@ -221,9 +224,10 @@ class X509 { return X509(x509); } - X509 create_from_der(const uint8_t *der, size_t size) { + static X509 create_from_der(const bytearray_t &der) { + const auto *_der = &der[0]; ::X509 *x509; - x509 = d2i_X509(NULL, (const unsigned char **)&der, size); + x509 = d2i_X509(NULL, (const unsigned char **)&_der, der.size()); if (x509 == nullptr) throw SalticidaeError(SALTI_ERROR_TLS_X509); return X509(x509); @@ -356,4 +360,40 @@ class TLS { } +#ifdef SALTICIDAE_CBINDINGS +using x509_t = salticidae::X509; +using pkey_t = salticidae::PKey; +#endif + +#else + +#ifdef SALTICIDAE_CBINDINGS +typedef struct x509_t x509_t; +typedef struct pkey_t pkey_t; +#endif + +#endif + +#ifdef SALTICIDAE_CBINDINGS +#ifdef __cplusplus +extern "C" { +#endif + +x509_t *x509_new_from_pem_file(const char *pem_fname, const char *passwd, SalticidaeCError *err); +x509_t *x509_new_from_der(const bytearray_t *der, SalticidaeCError *err); +void x509_free(const x509_t *self); +pkey_t *x509_get_pubkey(const x509_t *self); +bytearray_t *x509_get_der(const x509_t *self); + +pkey_t *pkey_new_privkey_from_pem_file(const char *pem_fname, const char *passwd, SalticidaeCError *err); +pkey_t *pkey_new_privkey_from_der(const bytearray_t *der, SalticidaeCError *err); +void pkey_free(const pkey_t *self); +bytearray_t *pkey_get_pubkey_der(const pkey_t *self); +bytearray_t *pkey_get_privkey_der(const pkey_t *self); + +#ifdef __cplusplus +} +#endif +#endif + #endif diff --git a/include/salticidae/network.h b/include/salticidae/network.h index 3687c7e..6c8b7fd 100644 --- a/include/salticidae/network.h +++ b/include/salticidae/network.h @@ -26,6 +26,7 @@ #define _SALTICIDAE_NETWORK_H #include "salticidae/event.h" +#include "salticidae/crypto.h" #include "salticidae/netaddr.h" #include "salticidae/msg.h" #include "salticidae/conn.h" @@ -981,8 +982,13 @@ void msgnetwork_config_conn_server_timeout(msgnetwork_config_t *self, double tim void msgnetwork_config_seg_buff_size(msgnetwork_config_t *self, size_t size); void msgnetwork_config_nworker(msgnetwork_config_t *self, size_t nworker); void msgnetwork_config_queue_capacity(msgnetwork_config_t *self, size_t cap); +void msgnetwork_config_enable_tls(msgnetwork_config_t *self, bool enabled); +void msgnetwork_config_tls_key_file(msgnetwork_config_t *self, const char *pem_fname); +void msgnetwork_config_tls_cert_file(msgnetwork_config_t *self, const char *pem_fname); +void msgnetwork_config_tls_key_by_move(msgnetwork_config_t *self, pkey_t *key); +void msgnetwork_config_tls_cert_by_move(msgnetwork_config_t *self, x509_t *cert); -msgnetwork_t *msgnetwork_new(const eventcontext_t *ec, const msgnetwork_config_t *config); +msgnetwork_t *msgnetwork_new(const eventcontext_t *ec, const msgnetwork_config_t *config, SalticidaeCError *err); void msgnetwork_free(const msgnetwork_t *self); void msgnetwork_send_msg(msgnetwork_t *self, const msg_t *msg, const msgnetwork_conn_t *conn); void msgnetwork_send_msg_deferred_by_move(msgnetwork_t *self, msg_t *_moved_msg, const msgnetwork_conn_t *conn); @@ -1018,7 +1024,7 @@ void peernetwork_config_conn_timeout(peernetwork_config_t *self, double t); void peernetwork_config_id_mode(peernetwork_config_t *self, peernetwork_id_mode_t mode); msgnetwork_config_t *peernetwork_config_as_msgnetwork_config(peernetwork_config_t *self); -peernetwork_t *peernetwork_new(const eventcontext_t *ec, const peernetwork_config_t *config); +peernetwork_t *peernetwork_new(const eventcontext_t *ec, const peernetwork_config_t *config, SalticidaeCError *err); void peernetwork_free(const peernetwork_t *self); void peernetwork_add_peer(peernetwork_t *self, const netaddr_t *paddr); void peernetwork_del_peer(peernetwork_t *self, const netaddr_t *paddr); diff --git a/include/salticidae/util.h b/include/salticidae/util.h index 9a57ae8..9102842 100644 --- a/include/salticidae/util.h +++ b/include/salticidae/util.h @@ -43,6 +43,14 @@ SalticidaeCError salticidae_cerror_normal(); SalticidaeCError salticidae_cerror_unknown(); const char *salticidae_strerror(int code); +#define SALTICIDAE_CERROR_TRY(cerror) try { (*(cerror)) = salticidae_cerror_normal(); +#define SALTICIDAE_CERROR_CATCH(cerror) \ + } catch (const SalticidaeError &err) { \ + *cerror = err.get_cerr(); \ + } catch (const std::exception &err) { \ + *cerror = salticidae_cerror_unknown(); \ + } + #ifdef __cplusplus } #endif |