diff options
-rw-r--r-- | libs/nixio/src/openssl-compat.c | 297 | ||||
-rw-r--r-- | libs/nixio/src/openssl-compat.h | 145 |
2 files changed, 0 insertions, 442 deletions
diff --git a/libs/nixio/src/openssl-compat.c b/libs/nixio/src/openssl-compat.c deleted file mode 100644 index 2c5b746c2d..0000000000 --- a/libs/nixio/src/openssl-compat.c +++ /dev/null @@ -1,297 +0,0 @@ -/* - * Copyright (c) 2007, Cameron Rich - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * * Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * * Neither the name of the axTLS project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* - * Enable a subset of openssl compatible functions. We don't aim to be 100% - * compatible - just to be able to do basic ports etc. - * - * Only really tested on mini_httpd, so I'm not too sure how extensive this - * port is. - */ - -#include "config.h" - -#include <stdlib.h> -#include <string.h> -#include <stdarg.h> -#include "ssl.h" - -static char *key_password = NULL; - -void *SSLv23_server_method(void) { return NULL; } -void *SSLv3_server_method(void) { return NULL; } -void *TLSv1_server_method(void) { return NULL; } -void *SSLv23_client_method(void) { return NULL; } -void *SSLv3_client_method(void) { return NULL; } -void *TLSv1_client_method(void) { return NULL; } -void *SSLv23_method(void) { return NULL; } -void *TLSv1_method(void) { return NULL; } - -SSL_CTX * SSL_CTX_new(void *meth) -{ - SSL_CTX *ssl_ctx = ssl_ctx_new(SSL_SERVER_VERIFY_LATER, 5); - return ssl_ctx; -} - -void SSL_CTX_free(SSL_CTX * ssl_ctx) -{ - ssl_ctx_free(ssl_ctx); -} - -SSL * SSL_new(SSL_CTX *ssl_ctx) -{ - SSL *ssl; - - ssl = ssl_new(ssl_ctx, -1); /* fd is set later */ - - return ssl; -} - -int SSL_set_fd(SSL *s, int fd) -{ - s->client_fd = fd; - return 1; /* always succeeds */ -} - -int SSL_accept(SSL *ssl) -{ - ssl->next_state = HS_CLIENT_HELLO; - while (ssl_read(ssl, NULL) == SSL_OK) - { - if (ssl->next_state == HS_CLIENT_HELLO) - return 1; /* we're done */ - } - - return -1; -} - -int SSL_connect(SSL *ssl) -{ - SET_SSL_FLAG(SSL_IS_CLIENT); - int stat = do_client_connect(ssl); - ssl_display_error(stat); - return (stat == SSL_OK) ? 1 : -1; -} - -void SSL_free(SSL *ssl) -{ - ssl_free(ssl); -} - -int SSL_read(SSL *ssl, void *buf, int num) -{ - uint8_t *read_buf; - int ret; - - while ((ret = ssl_read(ssl, &read_buf)) == SSL_OK); - - if (ret > SSL_OK) - { - memcpy(buf, read_buf, ret > num ? num : ret); - } - - return ret; -} - -int SSL_write(SSL *ssl, const void *buf, int num) -{ - return ssl_write(ssl, buf, num); -} - -int SSL_CTX_use_certificate_file(SSL_CTX *ssl_ctx, const char *file, int type) -{ - return (ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CERT, file, NULL) == SSL_OK); -} - -int SSL_CTX_use_PrivateKey_file(SSL_CTX *ssl_ctx, const char *file, int type) -{ - return (ssl_obj_load(ssl_ctx, SSL_OBJ_RSA_KEY, file, key_password) == SSL_OK); -} - -int SSL_CTX_use_certificate_ASN1(SSL_CTX *ssl_ctx, int len, const uint8_t *d) -{ - return (ssl_obj_memory_load(ssl_ctx, - SSL_OBJ_X509_CERT, d, len, NULL) == SSL_OK); -} - -int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, - unsigned int sid_ctx_len) -{ - return 1; -} - -int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) -{ - return 1; -} - -int SSL_CTX_use_certificate_chain_file(SSL_CTX *ssl_ctx, const char *file) -{ - return (ssl_obj_load(ssl_ctx, - SSL_OBJ_X509_CERT, file, NULL) == SSL_OK); -} - -int SSL_shutdown(SSL *ssl) -{ - return 1; -} - -/*** get/set session ***/ -SSL_SESSION *SSL_get1_session(SSL *ssl) -{ - return (SSL_SESSION *)ssl_get_session_id(ssl); /* note: wrong cast */ -} - -int SSL_set_session(SSL *ssl, SSL_SESSION *session) -{ - memcpy(ssl->session_id, (uint8_t *)session, SSL_SESSION_ID_SIZE); - return 1; -} - -void SSL_SESSION_free(SSL_SESSION *session) { } -/*** end get/set session ***/ - -long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) -{ - return 0; -} - -void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, - int (*verify_callback)(int, void *)) { - if (mode & SSL_VERIFY_PEER) { - ctx->options &= ~SSL_SERVER_VERIFY_LATER; - ctx->options |= SSL_CLIENT_AUTHENTICATION; - } else { - ctx->options |= SSL_SERVER_VERIFY_LATER; - ctx->options &= ~SSL_CLIENT_AUTHENTICATION; - } -} - -void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth) { } - -int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, - const char *CApath) -{ - return 1; -} - -void *SSL_load_client_CA_file(const char *file) -{ - return (void *)file; -} - -void SSL_CTX_set_client_CA_list(SSL_CTX *ssl_ctx, void *file) -{ - - ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CERT, (const char *)file, NULL); -} - -void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, void *cb) { } - -void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u) -{ - key_password = (char *)u; -} - -int SSL_peek(SSL *ssl, void *buf, int num) -{ - memcpy(buf, ssl->bm_data, num); - return num; -} - -void SSL_set_bio(SSL *ssl, void *rbio, void *wbio) { } - -long SSL_get_verify_result(const SSL *ssl) -{ - return ssl_handshake_status(ssl); -} - -int SSL_state(SSL *ssl) -{ - return 0x03; // ok state -} - -/** end of could do better list */ - -void *SSL_get_peer_certificate(const SSL *ssl) -{ - return &ssl->ssl_ctx->certs[0]; -} - -int SSL_clear(SSL *ssl) -{ - return 1; -} - - -int SSL_CTX_check_private_key(const SSL_CTX *ctx) -{ - return 1; -} - -int SSL_CTX_set_cipher_list(SSL_CTX *s, const char *str) -{ - return 1; -} - -int SSL_get_error(const SSL *ssl, int ret) -{ - ssl_display_error(ret); - return ret; /* TODO: return proper return code */ -} - -void SSL_CTX_set_options(SSL_CTX *ssl_ctx, int option) {} -int SSL_library_init(void ) { return 1; } -void SSL_load_error_strings(void ) {} -void ERR_print_errors_fp(FILE *fp) {} - -long SSL_CTX_get_timeout(const SSL_CTX *ssl_ctx) { - return CONFIG_SSL_EXPIRY_TIME*3600; } -long SSL_CTX_set_timeout(SSL_CTX *ssl_ctx, long t) { - return SSL_CTX_get_timeout(ssl_ctx); } -void BIO_printf(FILE *f, const char *format, ...) -{ - va_list(ap); - va_start(ap, format); - vfprintf(f, format, ap); - va_end(ap); -} - -void* BIO_s_null(void) { return NULL; } -FILE *BIO_new(bio_func_type_t func) -{ - if (func == BIO_s_null) - return fopen("/dev/null", "r"); - else - return NULL; -} - -FILE *BIO_new_fp(FILE *stream, int close_flag) { return stream; } -int BIO_free(FILE *a) { if (a != stdout && a != stderr) fclose(a); return 1; } diff --git a/libs/nixio/src/openssl-compat.h b/libs/nixio/src/openssl-compat.h deleted file mode 100644 index 669b2b9949..0000000000 --- a/libs/nixio/src/openssl-compat.h +++ /dev/null @@ -1,145 +0,0 @@ -/* - * Copyright (c) 2007, Cameron Rich - * - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * * Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above copyright notice, - * this list of conditions and the following disclaimer in the documentation - * and/or other materials provided with the distribution. - * * Neither the name of the axTLS project nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR - * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR - * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF - * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING - * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -/* - * Enable a subset of openssl compatible functions. We don't aim to be 100% - * compatible - just to be able to do basic ports etc. - * - * Only really tested on mini_httpd, so I'm not too sure how extensive this - * port is. - */ - -#include "nixio.h" -#include "config.h" - -#define WITH_AXTLS 1 -#define WITHOUT_OPENSSL 1 -#define SSL_OP_NO_SSLv3 0x02000000L -#define SSL_OP_NO_SSLv2 0x01000000L -#define SSL_FILETYPE_PEM 1 -#define SSL_VERIFY_NONE 0x00 -#define SSL_VERIFY_PEER 0x01 -#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 -#define SSL_VERIFY_CLIENT_ONCE 0x03 - -#include <stdlib.h> -#include <string.h> -#include <stdarg.h> -#include "ssl.h" - -void *SSLv23_server_method(void); -void *SSLv3_server_method(void); -void *TLSv1_server_method(void); -void *SSLv23_client_method(void); -void *SSLv3_client_method(void); -void *TLSv1_client_method(void); -void *SSLv23_method(void); -void *TLSv1_method(void); - - -typedef void * (*ssl_func_type_t)(void); -typedef void * (*bio_func_type_t)(void); - -SSL_CTX * SSL_CTX_new(void *meth); -void SSL_CTX_free(SSL_CTX * ssl_ctx); -SSL * SSL_new(SSL_CTX *ssl_ctx); -int SSL_set_fd(SSL *s, int fd); -int SSL_accept(SSL *ssl); -int SSL_connect(SSL *ssl); -void SSL_free(SSL *ssl); -int SSL_read(SSL *ssl, void *buf, int num); -int SSL_write(SSL *ssl, const void *buf, int num); -int SSL_CTX_use_certificate_file(SSL_CTX *ssl_ctx, const char *file, int type); -int SSL_CTX_use_PrivateKey_file(SSL_CTX *ssl_ctx, const char *file, int type); -int SSL_CTX_use_certificate_ASN1(SSL_CTX *ssl_ctx, int len, const uint8_t *d); -int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx, - unsigned int sid_ctx_len); -int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); -int SSL_CTX_use_certificate_chain_file(SSL_CTX *ssl_ctx, const char *file); -int SSL_shutdown(SSL *ssl); - -/*** get/set session ***/ -SSL_SESSION *SSL_get1_session(SSL *ssl); -int SSL_set_session(SSL *ssl, SSL_SESSION *session); -void SSL_SESSION_free(SSL_SESSION *session); -/*** end get/set session ***/ - -long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg); -void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, - int (*verify_callback)(int, void *)); - -void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth); - -int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, - const char *CApath); - -void *SSL_load_client_CA_file(const char *file); - -void SSL_CTX_set_client_CA_list(SSL_CTX *ssl_ctx, void *file); - -void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, void *cb); - -void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u); - -int SSL_peek(SSL *ssl, void *buf, int num); - -void SSL_set_bio(SSL *ssl, void *rbio, void *wbio); - -long SSL_get_verify_result(const SSL *ssl); - -int SSL_state(SSL *ssl); - -/** end of could do better list */ - -void *SSL_get_peer_certificate(const SSL *ssl); - -int SSL_clear(SSL *ssl); - - -int SSL_CTX_check_private_key(const SSL_CTX *ctx); - -int SSL_CTX_set_cipher_list(SSL_CTX *s, const char *str); - -int SSL_get_error(const SSL *ssl, int ret); - -void SSL_CTX_set_options(SSL_CTX *ssl_ctx, int option); -int SSL_library_init(void ); -void SSL_load_error_strings(void ); -void ERR_print_errors_fp(FILE *fp); - -long SSL_CTX_get_timeout(const SSL_CTX *ssl_ctx); -long SSL_CTX_set_timeout(SSL_CTX *ssl_ctx, long t); -void BIO_printf(FILE *f, const char *format, ...); - -void* BIO_s_null(void); -FILE *BIO_new(bio_func_type_t func); - -FILE *BIO_new_fp(FILE *stream, int close_flag); -int BIO_free(FILE *a); |