1: /*
2: * Copyright (c) 2007, Cameron Rich
3: *
4: * All rights reserved.
5: *
6: * Redistribution and use in source and binary forms, with or without
7: * modification, are permitted provided that the following conditions are met:
8: *
9: * * Redistributions of source code must retain the above copyright notice,
10: * this list of conditions and the following disclaimer.
11: * * Redistributions in binary form must reproduce the above copyright notice,
12: * this list of conditions and the following disclaimer in the documentation
13: * and/or other materials provided with the distribution.
14: * * Neither the name of the axTLS project nor the names of its contributors
15: * may be used to endorse or promote products derived from this software
16: * without specific prior written permission.
17: *
18: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
19: * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
20: * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
21: * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
22: * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
23: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
24: * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
25: * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
26: * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27: * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
28: * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29: */
30:
31: /*
32: * Enable a subset of openssl compatible functions. We don't aim to be 100%
33: * compatible - just to be able to do basic ports etc.
34: *
35: * Only really tested on mini_httpd, so I'm not too sure how extensive this
36: * port is.
37: */
38:
39: #include "config.h"
40:
41: #ifdef CONFIG_OPENSSL_COMPATIBLE
42: #include <stdlib.h>
43: #include <string.h>
44: #include <stdarg.h>
45: #include "os_port.h"
46: #include "ssl.h"
47:
48: #define OPENSSL_CTX_ATTR ((OPENSSL_CTX *)ssl_ctx->bonus_attr)
49:
50: static char *key_password = NULL;
51:
52: void *SSLv23_server_method(void) { return NULL; }
53: void *SSLv3_server_method(void) { return NULL; }
54: void *TLSv1_server_method(void) { return NULL; }
55: void *SSLv23_client_method(void) { return NULL; }
56: void *SSLv3_client_method(void) { return NULL; }
57: void *TLSv1_client_method(void) { return NULL; }
58:
59: typedef void * (*ssl_func_type_t)(void);
60: typedef void * (*bio_func_type_t)(void);
61:
62: typedef struct
63: {
64: ssl_func_type_t ssl_func_type;
65: } OPENSSL_CTX;
66:
67: SSL_CTX * SSL_CTX_new(ssl_func_type_t meth)
68: {
69: SSL_CTX *ssl_ctx = ssl_ctx_new(0, 5);
70: ssl_ctx->bonus_attr = malloc(sizeof(OPENSSL_CTX));
71: OPENSSL_CTX_ATTR->ssl_func_type = meth;
72: return ssl_ctx;
73: }
74:
75: void SSL_CTX_free(SSL_CTX * ssl_ctx)
76: {
77: free(ssl_ctx->bonus_attr);
78: ssl_ctx_free(ssl_ctx);
79: }
80:
81: SSL * SSL_new(SSL_CTX *ssl_ctx)
82: {
83: SSL *ssl;
84: ssl_func_type_t ssl_func_type;
85:
86: ssl = ssl_new(ssl_ctx, -1); /* fd is set later */
87: ssl_func_type = OPENSSL_CTX_ATTR->ssl_func_type;
88:
89: #ifdef CONFIG_SSL_ENABLE_CLIENT
90: if (ssl_func_type == SSLv23_client_method ||
91: ssl_func_type == SSLv3_client_method ||
92: ssl_func_type == TLSv1_client_method)
93: {
94: SET_SSL_FLAG(SSL_IS_CLIENT);
95: }
96: else
97: #endif
98: {
99: ssl->next_state = HS_CLIENT_HELLO;
100: }
101:
102: return ssl;
103: }
104:
105: int SSL_set_fd(SSL *s, int fd)
106: {
107: s->client_fd = fd;
108: return 1; /* always succeeds */
109: }
110:
111: int SSL_accept(SSL *ssl)
112: {
113: while (ssl_read(ssl, NULL) == SSL_OK)
114: {
115: if (ssl->next_state == HS_CLIENT_HELLO)
116: return 1; /* we're done */
117: }
118:
119: return -1;
120: }
121:
122: #ifdef CONFIG_SSL_ENABLE_CLIENT
123: int SSL_connect(SSL *ssl)
124: {
125: return do_client_connect(ssl) == SSL_OK ? 1 : -1;
126: }
127: #endif
128:
129: void SSL_free(SSL *ssl)
130: {
131: ssl_free(ssl);
132: }
133:
134: int SSL_read(SSL *ssl, void *buf, int num)
135: {
136: uint8_t *read_buf;
137: int ret;
138:
139: while ((ret = ssl_read(ssl, &read_buf)) == SSL_OK);
140:
141: if (ret > SSL_OK)
142: {
143: memcpy(buf, read_buf, ret > num ? num : ret);
144: }
145:
146: return ret;
147: }
148:
149: int SSL_write(SSL *ssl, const void *buf, int num)
150: {
151: return ssl_write(ssl, buf, num);
152: }
153:
154: int SSL_CTX_use_certificate_file(SSL_CTX *ssl_ctx, const char *file, int type)
155: {
156: return (ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CERT, file, NULL) == SSL_OK);
157: }
158:
159: int SSL_CTX_use_PrivateKey_file(SSL_CTX *ssl_ctx, const char *file, int type)
160: {
161: return (ssl_obj_load(ssl_ctx, SSL_OBJ_RSA_KEY, file, key_password) == SSL_OK);
162: }
163:
164: int SSL_CTX_use_certificate_ASN1(SSL_CTX *ssl_ctx, int len, const uint8_t *d)
165: {
166: return (ssl_obj_memory_load(ssl_ctx,
167: SSL_OBJ_X509_CERT, d, len, NULL) == SSL_OK);
168: }
169:
170: int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
171: unsigned int sid_ctx_len)
172: {
173: return 1;
174: }
175:
176: int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
177: {
178: return 1;
179: }
180:
181: int SSL_CTX_use_certificate_chain_file(SSL_CTX *ssl_ctx, const char *file)
182: {
183: return (ssl_obj_load(ssl_ctx,
184: SSL_OBJ_X509_CERT, file, NULL) == SSL_OK);
185: }
186:
187: int SSL_shutdown(SSL *ssl)
188: {
189: return 1;
190: }
191:
192: /*** get/set session ***/
193: SSL_SESSION *SSL_get1_session(SSL *ssl)
194: {
195: return (SSL_SESSION *)ssl_get_session_id(ssl); /* note: wrong cast */
196: }
197:
198: int SSL_set_session(SSL *ssl, SSL_SESSION *session)
199: {
200: memcpy(ssl->session_id, (uint8_t *)session, SSL_SESSION_ID_SIZE);
201: return 1;
202: }
203:
204: void SSL_SESSION_free(SSL_SESSION *session) { }
205: /*** end get/set session ***/
206:
207: long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
208: {
209: return 0;
210: }
211:
212: void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
213: int (*verify_callback)(int, void *)) { }
214:
215: void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth) { }
216:
217: int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
218: const char *CApath)
219: {
220: return 1;
221: }
222:
223: void *SSL_load_client_CA_file(const char *file)
224: {
225: return (void *)file;
226: }
227:
228: void SSL_CTX_set_client_CA_list(SSL_CTX *ssl_ctx, void *file)
229: {
230:
231: ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CERT, (const char *)file, NULL);
232: }
233:
234: void SSLv23_method(void) { }
235:
236: void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, void *cb) { }
237:
238: void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
239: {
240: key_password = (char *)u;
241: }
242:
243: int SSL_peek(SSL *ssl, void *buf, int num)
244: {
245: memcpy(buf, ssl->bm_data, num);
246: return num;
247: }
248:
249: void SSL_set_bio(SSL *ssl, void *rbio, void *wbio) { }
250:
251: long SSL_get_verify_result(const SSL *ssl)
252: {
253: return ssl_handshake_status(ssl);
254: }
255:
256: int SSL_state(SSL *ssl)
257: {
258: return 0x03; // ok state
259: }
260:
261: /** end of could do better list */
262:
263: void *SSL_get_peer_certificate(const SSL *ssl)
264: {
265: return &ssl->ssl_ctx->certs[0];
266: }
267:
268: int SSL_clear(SSL *ssl)
269: {
270: return 1;
271: }
272:
273:
274: int SSL_CTX_check_private_key(const SSL_CTX *ctx)
275: {
276: return 1;
277: }
278:
279: int SSL_CTX_set_cipher_list(SSL *s, const char *str)
280: {
281: return 1;
282: }
283:
284: int SSL_get_error(const SSL *ssl, int ret)
285: {
286: ssl_display_error(ret);
287: return 0; /* TODO: return proper return code */
288: }
289:
290: void SSL_CTX_set_options(SSL_CTX *ssl_ctx, int option) {}
291: int SSL_library_init(void ) { return 1; }
292: void SSL_load_error_strings(void ) {}
293: void ERR_print_errors_fp(FILE *fp) {}
294:
295: #ifndef CONFIG_SSL_SKELETON_MODE
296: long SSL_CTX_get_timeout(const SSL_CTX *ssl_ctx) {
297: return CONFIG_SSL_EXPIRY_TIME*3600; }
298: long SSL_CTX_set_timeout(SSL_CTX *ssl_ctx, long t) {
299: return SSL_CTX_get_timeout(ssl_ctx); }
300: #endif
301: void BIO_printf(FILE *f, const char *format, ...)
302: {
303: va_list(ap);
304: va_start(ap, format);
305: vfprintf(f, format, ap);
306: va_end(ap);
307: }
308:
309: void* BIO_s_null(void) { return NULL; }
310: FILE *BIO_new(bio_func_type_t func)
311: {
312: if (func == BIO_s_null)
313: return fopen("/dev/null", "r");
314: else
315: return NULL;
316: }
317:
318: FILE *BIO_new_fp(FILE *stream, int close_flag) { return stream; }
319: int BIO_free(FILE *a) { if (a != stdout && a != stderr) fclose(a); return 1; }
320:
321:
322:
323: #endif
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to openssl.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / axTLS / ssl