X-Git-Url: http://git.indexdata.com/?a=blobdiff_plain;f=src%2Ftcpip.c;h=97449bf4fe0634663b76e50089ebf0653799dd64;hb=60a702f390f7e2addfdab79f2328db3ba2897c8b;hp=bcee219980a8b3851a466d2803953182f0635faf;hpb=69758252fce6231073cb288a4f5bbf8f7febc249;p=yaz-moved-to-github.git diff --git a/src/tcpip.c b/src/tcpip.c index bcee219..97449bf 100644 --- a/src/tcpip.c +++ b/src/tcpip.c @@ -1,22 +1,49 @@ /* - * Copyright (c) 1995-2004, Index Data + * Copyright (C) 1995-2005, Index Data ApS * See the file LICENSE for details. * - * $Id: tcpip.c,v 1.5 2004-04-29 21:19:23 adam Exp $ + * $Id: tcpip.c,v 1.15 2005-02-01 14:37:47 adam Exp $ + */ +/** + * \file tcpip.c + * \brief Implements TCP/IP + SSL COMSTACK. */ #include #include #include +#include +#include +#include +#if HAVE_SYS_TYPES_H +#include +#endif +#if HAVE_SYS_TIME_H +#include +#endif +#if HAVE_UNISTD_H +#include +#endif #ifdef WIN32 +#include #else -#include +#include +#include +#include +#include +#endif + +#if HAVE_SYS_SOCKET_H +#include +#endif +#if HAVE_SYS_SELECT_H +#include +#endif +#if HAVE_SYS_WAIT_H +#include #endif -#include -#include -#include #if HAVE_OPENSSL_SSL_H #include #include @@ -24,14 +51,8 @@ #include #include -#include #include -#ifdef WIN32 -#else -#include -#endif - static int tcpip_close(COMSTACK h); static int tcpip_put(COMSTACK h, char *buf, int size); static int tcpip_get(COMSTACK h, char **buf, int *bufsize); @@ -79,6 +100,7 @@ typedef struct tcpip_state SSL_CTX *ctx; /* current CTX. */ SSL_CTX *ctx_alloc; /* If =ctx it is owned by CS. If 0 it is not owned */ SSL *ssl; + char cert_fname[256]; #endif } tcpip_state; @@ -112,7 +134,7 @@ static int tcpip_init (void) COMSTACK tcpip_type(int s, int blocking, int protocol, void *vp) { COMSTACK p; - tcpip_state *state; + tcpip_state *sp; int new_socket; #ifdef WIN32 unsigned long tru = 1; @@ -130,7 +152,7 @@ COMSTACK tcpip_type(int s, int blocking, int protocol, void *vp) new_socket = 0; if (!(p = (struct comstack *)xmalloc(sizeof(struct comstack)))) return 0; - if (!(state = (struct tcpip_state *)(p->cprivate = + if (!(sp = (struct tcpip_state *)(p->cprivate = xmalloc(sizeof(tcpip_state))))) return 0; @@ -170,19 +192,21 @@ COMSTACK tcpip_type(int s, int blocking, int protocol, void *vp) p->event = CS_NONE; p->cerrno = 0; p->stackerr = 0; + p->user = 0; #if HAVE_OPENSSL_SSL_H - state->ctx = state->ctx_alloc = 0; - state->ssl = 0; + sp->ctx = sp->ctx_alloc = 0; + sp->ssl = 0; + strcpy(sp->cert_fname, "yaz.pem"); #endif - state->altbuf = 0; - state->altsize = state->altlen = 0; - state->towrite = state->written = -1; + sp->altbuf = 0; + sp->altsize = sp->altlen = 0; + sp->towrite = sp->written = -1; if (protocol == PROTO_WAIS) - state->complete = completeWAIS; + sp->complete = completeWAIS; else - state->complete = cs_complete_auto; + sp->complete = cs_complete_auto; p->timeout = COMSTACK_DEFAULT_TIMEOUT; TRC(fprintf(stderr, "Created new TCPIP comstack\n")); @@ -194,7 +218,7 @@ COMSTACK tcpip_type(int s, int blocking, int protocol, void *vp) COMSTACK ssl_type(int s, int blocking, int protocol, void *vp) { - tcpip_state *state; + tcpip_state *sp; COMSTACK p; p = tcpip_type (s, blocking, protocol, 0); @@ -203,9 +227,9 @@ COMSTACK ssl_type(int s, int blocking, int protocol, void *vp) p->f_get = ssl_get; p->f_put = ssl_put; p->type = ssl_type; - state = (tcpip_state *) p->cprivate; + sp = (tcpip_state *) p->cprivate; - state->ctx = vp; /* may be NULL */ + sp->ctx = (SSL_CTX *) vp; /* may be NULL */ /* note: we don't handle already opened socket in SSL mode - yet */ return p; @@ -466,14 +490,14 @@ static int tcpip_bind(COMSTACK h, void *address, int mode) if (sp->ctx_alloc) { int res; - res = SSL_CTX_use_certificate_file (sp->ctx, CERTF, + res = SSL_CTX_use_certificate_file (sp->ctx, sp->cert_fname, SSL_FILETYPE_PEM); if (res <= 0) { ERR_print_errors_fp(stderr); exit (2); } - res = SSL_CTX_use_PrivateKey_file (sp->ctx, KEYF, + res = SSL_CTX_use_PrivateKey_file (sp->ctx, sp->cert_fname, SSL_FILETYPE_PEM); if (res <= 0) { @@ -774,7 +798,7 @@ int tcpip_get(COMSTACK h, char **buf, int *bufsize) #endif } else if (!res) - return 0; + return hasread; hasread += res; } TRC (fprintf (stderr, " Out of read loop with hasread=%d, berlen=%d\n", @@ -1110,28 +1134,39 @@ int static tcpip_set_blocking(COMSTACK p, int blocking) #if HAVE_OPENSSL_SSL_H int cs_set_ssl_ctx(COMSTACK cs, void *ctx) { - struct tcpip_state *state; + struct tcpip_state *sp; if (!cs || cs->type != ssl_type) return 0; - state = (struct tcpip_state *) cs->cprivate; - if (state->ctx_alloc) + sp = (struct tcpip_state *) cs->cprivate; + if (sp->ctx_alloc) return 0; - state->ctx = ctx; + sp->ctx = (SSL_CTX *) ctx; return 1; } void *cs_get_ssl(COMSTACK cs) { - struct tcpip_state *state; + struct tcpip_state *sp; if (!cs || cs->type != ssl_type) return 0; - state = (struct tcpip_state *) cs->cprivate; - return state->ssl; + sp = (struct tcpip_state *) cs->cprivate; + return sp->ssl; +} + +int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname) +{ + struct tcpip_state *sp; + if (!cs || cs->type != ssl_type) + return 0; + sp = (struct tcpip_state *) cs->cprivate; + strncpy(sp->cert_fname, fname, sizeof(sp->cert_fname)-1); + sp->cert_fname[sizeof(sp->cert_fname)-1] = '\0'; + return 1; } int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len) { - SSL *ssl = cs_get_ssl(cs); + SSL *ssl = (SSL *) cs_get_ssl(cs); if (ssl) { X509 *server_cert = SSL_get_peer_certificate (ssl); @@ -1142,7 +1177,7 @@ int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len) /* get PEM buffer in memory */ PEM_write_bio_X509(bio, server_cert); *len = BIO_get_mem_data(bio, &pem_buf); - *buf = xmalloc(*len); + *buf = (char *) xmalloc(*len); memcpy(*buf, pem_buf, *len); BIO_free(bio); return 1; @@ -1166,5 +1201,9 @@ int cs_get_peer_certificate_x509(COMSTACK cs, char **buf, int *len) return 0; } +int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname) +{ + return 0; +} #endif