summaryrefslogtreecommitdiffhomepage
path: root/libs/luci-lib-nixio/axTLS/bindings
diff options
context:
space:
mode:
Diffstat (limited to 'libs/luci-lib-nixio/axTLS/bindings')
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/Config.in105
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/Makefile86
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/README43
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/csharp/Makefile35
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/csharp/axTLS.cs491
-rwxr-xr-xlibs/luci-lib-nixio/axTLS/bindings/generate_SWIG_interface.pl393
-rwxr-xr-xlibs/luci-lib-nixio/axTLS/bindings/generate_interface.pl322
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/java/Makefile94
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/java/SSL.java137
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/java/SSLCTX.java229
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/java/SSLClient.java81
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/java/SSLReadHolder.java61
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/java/SSLServer.java72
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/java/SSLUtil.java116
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/lua/Makefile67
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/perl/Makefile91
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/vbnet/Makefile35
-rw-r--r--libs/luci-lib-nixio/axTLS/bindings/vbnet/axTLSvb.vb200
18 files changed, 2658 insertions, 0 deletions
diff --git a/libs/luci-lib-nixio/axTLS/bindings/Config.in b/libs/luci-lib-nixio/axTLS/bindings/Config.in
new file mode 100644
index 0000000000..12a696ba8b
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/Config.in
@@ -0,0 +1,105 @@
+#
+# For a description of the syntax of this configuration file,
+# see scripts/config/Kconfig-language.txt
+#
+menu "Language Bindings"
+
+config CONFIG_BINDINGS
+ bool "Create language bindings"
+ default n
+ help
+ axTLS supports language bindings in C#, VB.NET, Java and Perl.
+
+ Select Y here if you want to build the various language bindings.
+
+config CONFIG_CSHARP_BINDINGS
+ bool "Create C# bindings"
+ default n
+ depends on CONFIG_BINDINGS
+ help
+ Build C# bindings.
+
+ This requires .NET to be installed on Win32 platforms and mono to be
+ installed on all other platforms.
+
+config CONFIG_VBNET_BINDINGS
+ bool "Create VB.NET bindings"
+ default n
+ depends on CONFIG_BINDINGS
+ help
+ Build VB.NET bindings.
+
+ This requires the .NET to be installed and is only built under Win32
+ platforms.
+
+menu ".Net Framework"
+depends on CONFIG_CSHARP_BINDINGS || CONFIG_VBNET_BINDINGS
+config CONFIG_DOT_NET_FRAMEWORK_BASE
+ string "Location of .NET Framework"
+ default "c:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727"
+endmenu
+
+config CONFIG_JAVA_BINDINGS
+ bool "Create Java bindings"
+ default n
+ depends on CONFIG_BINDINGS
+ help
+ Build Java bindings.
+
+ Current Issues (see README):
+ * Needs Java 1.4 or better.
+ * If building under Win32 it will use the Win32 JDK.
+
+menu "Java Home"
+depends on CONFIG_JAVA_BINDINGS
+config CONFIG_JAVA_HOME
+ string "Location of JDK"
+ default "c:\\Program Files\\Java\\jdk1.5.0_06" if CONFIG_PLATFORM_WIN32 || CONFIG_PLATFORM_CYGWIN
+ default "/usr/local/jdk142" if !CONFIG_PLATFORM_WIN32 && !CONFIG_PLATFORM_CYGWIN
+ depends on CONFIG_JAVA_BINDINGS
+ help
+ The location of Sun's JDK.
+endmenu
+
+config CONFIG_PERL_BINDINGS
+ bool "Create Perl bindings"
+ default n
+ depends on CONFIG_BINDINGS
+ help
+ Build Perl bindings.
+
+ Current Issues (see README):
+ * 64 bit versions don't work at present.
+ * libperl.so needs to be in the shared library path.
+
+menu "Perl Home"
+depends on CONFIG_PERL_BINDINGS && CONFIG_PLATFORM_WIN32
+config CONFIG_PERL_CORE
+ string "Location of Perl CORE"
+ default "c:\\perl\\lib\\CORE"
+ help:
+ works with ActiveState
+ "http://www.activestate.com/Products/ActivePerl"
+
+config CONFIG_PERL_LIB
+ string "Name of Perl Library"
+ default "perl58.lib"
+endmenu
+
+config CONFIG_LUA_BINDINGS
+ bool "Create Lua bindings"
+ default n
+ depends on CONFIG_BINDINGS && !CONFIG_PLATFORM_WIN32
+ help
+ Build Lua bindings (see www.lua.org).
+
+menu "Lua Home"
+depends on CONFIG_LUA_BINDINGS
+config CONFIG_LUA_CORE
+ string "Location of Lua CORE"
+ default "/usr/local"
+ help:
+ If the Lua exists on another directory then this needs to be changed
+endmenu
+
+endmenu
diff --git a/libs/luci-lib-nixio/axTLS/bindings/Makefile b/libs/luci-lib-nixio/axTLS/bindings/Makefile
new file mode 100644
index 0000000000..7654fbba57
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/Makefile
@@ -0,0 +1,86 @@
+#
+# Copyright (c) 2007, Cameron Rich
+#
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the axTLS project nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+all:
+
+include ../config/.config
+include ../config/makefile.conf
+
+ifdef CONFIG_CSHARP_BINDINGS
+all: csharp/axInterface.cs
+endif
+
+ifdef CONFIG_VBNET_BINDINGS
+all: vbnet/axInterface.vb
+endif
+
+ifdef CONFIG_JAVA_BINDINGS
+all: java/axtlsj.java
+endif
+
+ifdef CONFIG_PERL_BINDINGS
+all: perl/axTLSp_wrap.c
+endif
+
+ifdef CONFIG_LUA_BINDINGS
+all: lua/axTLSl_wrap.c
+endif
+
+csharp/axInterface.cs: ../ssl/ssl.h
+ @perl ./generate_interface.pl -csharp
+
+vbnet/axInterface.vb: ../ssl/ssl.h
+ @perl ./generate_interface.pl -vbnet
+
+java/axTLSj.i: ../ssl/ssl.h
+ @perl ./generate_SWIG_interface.pl -java
+
+java/axtlsj.java: java/axTLSj.i $(wildcard java/SSL*.java)
+ @cd java; swig -java -package axTLSj axTLSj.i; $(MAKE)
+
+perl/axTLSp.i: ../ssl/ssl.h
+ @perl ./generate_SWIG_interface.pl -perl
+
+perl/axTLSp_wrap.c: perl/axTLSp.i
+ @cd perl; swig -perl5 axTLSp.i; $(MAKE)
+
+lua/axTLSl.i: ../ssl/ssl.h
+ @perl ./generate_SWIG_interface.pl -lua
+
+lua/axTLSl_wrap.c: lua/axTLSl.i
+ @cd lua; swig -lua axTLSl.i; $(MAKE)
+
+clean::
+ $(MAKE) -C csharp clean
+ $(MAKE) -C vbnet clean
+ $(MAKE) -C java clean
+ $(MAKE) -C perl clean
+ $(MAKE) -C lua clean
+
diff --git a/libs/luci-lib-nixio/axTLS/bindings/README b/libs/luci-lib-nixio/axTLS/bindings/README
new file mode 100644
index 0000000000..8bc3109c12
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/README
@@ -0,0 +1,43 @@
+===============================================================================
+= Language Bindings =
+===============================================================================
+
+The tools to generate the various language bindings are done here.
+SWIG 1.3.24 or better is required for creating the Java and Perl bindings.
+
+Perl scripts are used to parse ssl.h and automagically give the appropriate
+bindings.
+
+At present, the four languages supported are:
+
+* C#
+* VB.NET
+* Java
+* Perl
+
+To generate each binding run the following:
+
+C#:
+> generate_interface.pl -csharp
+
+VB.NET:
+> generate_interface.pl -vbnet
+
+
+Java:
+> generate_SWIG_interface.pl -java
+> cd java; swig -java -package axTLSj -noextern axTLSj.i
+
+Perl:
+> generate_SWIG_interface.pl -perl
+> cd perl; swig -noextern -perl axTLSp.i
+
+Java and Perl both create a library each called libaxtlsj.so and libaxtlsp.so
+(or axtlsj.dll and atlsp.dll on Win32 platforms).
+
+Note: the "-noextern" is deprecated in swig 1.3.27 and newer. The "-noextern"
+option was required to get Win32 bindings to work (which is why is has probably
+been deprecated).
+
+Each binding (except for Perl) has an extra helper interface to make life
+easier.
diff --git a/libs/luci-lib-nixio/axTLS/bindings/csharp/Makefile b/libs/luci-lib-nixio/axTLS/bindings/csharp/Makefile
new file mode 100644
index 0000000000..3414f85621
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/csharp/Makefile
@@ -0,0 +1,35 @@
+#
+# Copyright (c) 2007, Cameron Rich
+#
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the axTLS project nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+include ../../config/.config
+include ../../config/makefile.conf
+
+clean::
+ @rm -f axssl* axInterface.cs
diff --git a/libs/luci-lib-nixio/axTLS/bindings/csharp/axTLS.cs b/libs/luci-lib-nixio/axTLS/bindings/csharp/axTLS.cs
new file mode 100644
index 0000000000..cf64a256e7
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/csharp/axTLS.cs
@@ -0,0 +1,491 @@
+/*
+ * Copyright (c) 2007, Cameron Rich
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the axTLS project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/**
+ * A wrapper around the unmanaged interface to give a semi-decent C# API
+ */
+
+using System;
+using System.Runtime.InteropServices;
+using System.Net.Sockets;
+
+/**
+ * @defgroup csharp_api C# API.
+ *
+ * Ensure that the appropriate Dispose() methods are called when finished with
+ * various objects - otherwise memory leaks will result.
+ * @{
+ */
+namespace axTLS
+{
+ /**
+ * @class SSL
+ * @ingroup csharp_api
+ * @brief A representation of an SSL connection.
+ */
+ public class SSL
+ {
+ public IntPtr m_ssl; /**< A pointer to the real SSL type */
+
+ /**
+ * @brief Store the reference to an SSL context.
+ * @param ip [in] A reference to an SSL object.
+ */
+ public SSL(IntPtr ip)
+ {
+ m_ssl = ip;
+ }
+
+ /**
+ * @brief Free any used resources on this connection.
+ *
+ * A "Close Notify" message is sent on this connection (if possible).
+ * It is up to the application to close the socket.
+ */
+ public void Dispose()
+ {
+ axtls.ssl_free(m_ssl);
+ }
+
+ /**
+ * @brief Return the result of a handshake.
+ * @return SSL_OK if the handshake is complete and ok.
+ * @see ssl.h for the error code list.
+ */
+ public int HandshakeStatus()
+ {
+ return axtls.ssl_handshake_status(m_ssl);
+ }
+
+ /**
+ * @brief Return the SSL cipher id.
+ * @return The cipher id which is one of:
+ * - SSL_AES128_SHA (0x2f)
+ * - SSL_AES256_SHA (0x35)
+ * - SSL_RC4_128_SHA (0x05)
+ * - SSL_RC4_128_MD5 (0x04)
+ */
+ public byte GetCipherId()
+ {
+ return axtls.ssl_get_cipher_id(m_ssl);
+ }
+
+ /**
+ * @brief Get the session id for a handshake.
+ *
+ * This will be a 32 byte sequence and is available after the first
+ * handshaking messages are sent.
+ * @return The session id as a 32 byte sequence.
+ * @note A SSLv23 handshake may have only 16 valid bytes.
+ */
+ public byte[] GetSessionId()
+ {
+ IntPtr ptr = axtls.ssl_get_session_id(m_ssl);
+ byte sess_id_size = axtls.ssl_get_session_id_size(m_ssl);
+ byte[] result = new byte[sess_id_size];
+ Marshal.Copy(ptr, result, 0, sess_id_size);
+ return result;
+ }
+
+ /**
+ * @brief Retrieve an X.509 distinguished name component.
+ *
+ * When a handshake is complete and a certificate has been exchanged,
+ * then the details of the remote certificate can be retrieved.
+ *
+ * This will usually be used by a client to check that the server's
+ * common name matches the URL.
+ *
+ * A full handshake needs to occur for this call to work.
+ *
+ * @param component [in] one of:
+ * - SSL_X509_CERT_COMMON_NAME
+ * - SSL_X509_CERT_ORGANIZATION
+ * - SSL_X509_CERT_ORGANIZATIONAL_NAME
+ * - SSL_X509_CA_CERT_COMMON_NAME
+ * - SSL_X509_CA_CERT_ORGANIZATION
+ * - SSL_X509_CA_CERT_ORGANIZATIONAL_NAME
+ * @return The appropriate string (or null if not defined)
+ */
+ public string GetCertificateDN(int component)
+ {
+ return axtls.ssl_get_cert_dn(m_ssl, component);
+ }
+ }
+
+ /**
+ * @class SSLUtil
+ * @ingroup csharp_api
+ * @brief Some global helper functions.
+ */
+ public class SSLUtil
+ {
+
+ /**
+ * @brief Return the build mode of the axTLS project.
+ * @return The build mode is one of:
+ * - SSL_BUILD_SERVER_ONLY
+ * - SSL_BUILD_ENABLE_VERIFICATION
+ * - SSL_BUILD_ENABLE_CLIENT
+ * - SSL_BUILD_FULL_MODE
+ */
+ public static int BuildMode()
+ {
+ return axtls.ssl_get_config(axtls.SSL_BUILD_MODE);
+ }
+
+ /**
+ * @brief Return the number of chained certificates that the
+ * client/server supports.
+ * @return The number of supported server certificates.
+ */
+ public static int MaxCerts()
+ {
+ return axtls.ssl_get_config(axtls.SSL_MAX_CERT_CFG_OFFSET);
+ }
+
+ /**
+ * @brief Return the number of CA certificates that the client/server
+ * supports.
+ * @return The number of supported CA certificates.
+ */
+ public static int MaxCACerts()
+ {
+ return axtls.ssl_get_config(axtls.SSL_MAX_CA_CERT_CFG_OFFSET);
+ }
+
+ /**
+ * @brief Indicate if PEM is supported.
+ * @return true if PEM supported.
+ */
+ public static bool HasPEM()
+ {
+ return axtls.ssl_get_config(axtls.SSL_HAS_PEM) > 0 ? true : false;
+ }
+
+ /**
+ * @brief Display the text string of the error.
+ * @param error_code [in] The integer error code.
+ */
+ public static void DisplayError(int error_code)
+ {
+ axtls.ssl_display_error(error_code);
+ }
+
+ /**
+ * @brief Return the version of the axTLS project.
+ */
+ public static string Version()
+ {
+ return axtls.ssl_version();
+ }
+ }
+
+ /**
+ * @class SSLCTX
+ * @ingroup csharp_api
+ * @brief A base object for SSLServer/SSLClient.
+ */
+ public class SSLCTX
+ {
+ /**
+ * @brief A reference to the real client/server context.
+ */
+ protected IntPtr m_ctx;
+
+ /**
+ * @brief Establish a new client/server context.
+ *
+ * This function is called before any client/server SSL connections are
+ * made. If multiple threads are used, then each thread will have its
+ * own SSLCTX context. Any number of connections may be made with a
+ * single context.
+ *
+ * Each new connection will use the this context's private key and
+ * certificate chain. If a different certificate chain is required,
+ * then a different context needs to be be used.
+ *
+ * @param options [in] Any particular options. At present the options
+ * supported are:
+ * - SSL_SERVER_VERIFY_LATER (client only): Don't stop a handshake if
+ * the server authentication fails. The certificate can be
+ * authenticated later with a call to VerifyCert().
+ * - SSL_CLIENT_AUTHENTICATION (server only): Enforce client
+ * authentication i.e. each handshake will include a "certificate
+ * request" message from the server.
+ * - SSL_DISPLAY_BYTES (full mode build only): Display the byte
+ * sequences during the handshake.
+ * - SSL_DISPLAY_STATES (full mode build only): Display the state
+ * changes during the handshake.
+ * - SSL_DISPLAY_CERTS (full mode build only): Display the
+ * certificates that are passed during a handshake.
+ * - SSL_DISPLAY_RSA (full mode build only): Display the RSA key
+ * details that are passed during a handshake.
+ * @param num_sessions [in] The number of sessions to be used for
+ * session caching. If this value is 0, then there is no session
+ * caching.
+ * @return A client/server context.
+ */
+ protected SSLCTX(uint options, int num_sessions)
+ {
+ m_ctx = axtls.ssl_ctx_new(options, num_sessions);
+ }
+
+ /**
+ * @brief Remove a client/server context.
+ *
+ * Frees any used resources used by this context. Each connection will
+ * be sent a "Close Notify" alert (if possible).
+ */
+ public void Dispose()
+ {
+ axtls.ssl_ctx_free(m_ctx);
+ }
+
+ /**
+ * @brief Read the SSL data stream.
+ * @param ssl [in] An SSL object reference.
+ * @param in_data [out] After a successful read, the decrypted data
+ * will be here. It will be null otherwise.
+ * @return The number of decrypted bytes:
+ * - if > 0, then the handshaking is complete and we are returning the
+ * number of decrypted bytes.
+ * - SSL_OK if the handshaking stage is successful (but not yet
+ * complete).
+ * - < 0 if an error.
+ * @see ssl.h for the error code list.
+ * @note Use in_data before doing any successive ssl calls.
+ */
+ public int Read(SSL ssl, out byte[] in_data)
+ {
+ IntPtr ptr = IntPtr.Zero;
+ int ret = axtls.ssl_read(ssl.m_ssl, ref ptr);
+
+ if (ret > axtls.SSL_OK)
+ {
+ in_data = new byte[ret];
+ Marshal.Copy(ptr, in_data, 0, ret);
+ }
+ else
+ {
+ in_data = null;
+ }
+
+ return ret;
+ }
+
+ /**
+ * @brief Write to the SSL data stream.
+ * @param ssl [in] An SSL obect reference.
+ * @param out_data [in] The data to be written
+ * @return The number of bytes sent, or if < 0 if an error.
+ * @see ssl.h for the error code list.
+ */
+ public int Write(SSL ssl, byte[] out_data)
+ {
+ return axtls.ssl_write(ssl.m_ssl, out_data, out_data.Length);
+ }
+
+ /**
+ * @brief Write to the SSL data stream.
+ * @param ssl [in] An SSL obect reference.
+ * @param out_data [in] The data to be written
+ * @param out_len [in] The number of bytes to be written
+ * @return The number of bytes sent, or if < 0 if an error.
+ * @see ssl.h for the error code list.
+ */
+ public int Write(SSL ssl, byte[] out_data, int out_len)
+ {
+ return axtls.ssl_write(ssl.m_ssl, out_data, out_len);
+ }
+
+ /**
+ * @brief Find an ssl object based on a Socket reference.
+ *
+ * Goes through the list of SSL objects maintained in a client/server
+ * context to look for a socket match.
+ * @param s [in] A reference to a <A HREF="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemnetsocketssocketclasstopic.asp">Socket</A> object.
+ * @return A reference to the SSL object. Returns null if the object
+ * could not be found.
+ */
+ public SSL Find(Socket s)
+ {
+ int client_fd = s.Handle.ToInt32();
+ return new SSL(axtls. ssl_find(m_ctx, client_fd));
+ }
+
+ /**
+ * @brief Authenticate a received certificate.
+ *
+ * This call is usually made by a client after a handshake is complete
+ * and the context is in SSL_SERVER_VERIFY_LATER mode.
+ * @param ssl [in] An SSL object reference.
+ * @return SSL_OK if the certificate is verified.
+ */
+ public int VerifyCert(SSL ssl)
+ {
+ return axtls.ssl_verify_cert(ssl.m_ssl);
+ }
+
+ /**
+ * @brief Force the client to perform its handshake again.
+ *
+ * For a client this involves sending another "client hello" message.
+ * For the server is means sending a "hello request" message.
+ *
+ * This is a blocking call on the client (until the handshake
+ * completes).
+ * @param ssl [in] An SSL object reference.
+ * @return SSL_OK if renegotiation instantiation was ok
+ */
+ public int Renegotiate(SSL ssl)
+ {
+ return axtls.ssl_renegotiate(ssl.m_ssl);
+ }
+
+ /**
+ * @brief Load a file into memory that is in binary DER or ASCII PEM
+ * format.
+ *
+ * These are temporary objects that are used to load private keys,
+ * certificates etc into memory.
+ * @param obj_type [in] The format of the file. Can be one of:
+ * - SSL_OBJ_X509_CERT (no password required)
+ * - SSL_OBJ_X509_CACERT (no password required)
+ * - SSL_OBJ_RSA_KEY (AES128/AES256 PEM encryption supported)
+ * - SSL_OBJ_P8 (RC4-128 encrypted data supported)
+ * - SSL_OBJ_P12 (RC4-128 encrypted data supported)
+ *
+ * PEM files are automatically detected (if supported).
+ * @param filename [in] The location of a file in DER/PEM format.
+ * @param password [in] The password used. Can be null if not required.
+ * @return SSL_OK if all ok
+ */
+ public int ObjLoad(int obj_type, string filename, string password)
+ {
+ return axtls.ssl_obj_load(m_ctx, obj_type, filename, password);
+ }
+
+ /**
+ * @brief Transfer binary data into the object loader.
+ *
+ * These are temporary objects that are used to load private keys,
+ * certificates etc into memory.
+ * @param obj_type [in] The format of the memory data.
+ * @param data [in] The binary data to be loaded.
+ * @param len [in] The amount of data to be loaded.
+ * @param password [in] The password used. Can be null if not required.
+ * @return SSL_OK if all ok
+ */
+ public int ObjLoad(int obj_type, byte[] data, int len, string password)
+ {
+ return axtls.ssl_obj_memory_load(m_ctx, obj_type,
+ data, len, password);
+ }
+ }
+
+ /**
+ * @class SSLServer
+ * @ingroup csharp_api
+ * @brief The server context.
+ *
+ * All server connections are started within a server context.
+ */
+ public class SSLServer : SSLCTX
+ {
+ /**
+ * @brief Start a new server context.
+ *
+ * @see SSLCTX for details.
+ */
+ public SSLServer(uint options, int num_sessions) :
+ base(options, num_sessions) {}
+
+ /**
+ * @brief Establish a new SSL connection to an SSL client.
+ *
+ * It is up to the application to establish the initial socket
+ * connection.
+ *
+ * Call Dispose() when the connection is to be removed.
+ * @param s [in] A reference to a <A HREF="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemnetsocketssocketclasstopic.asp">Socket</A> object.
+ * @return An SSL object reference.
+ */
+ public SSL Connect(Socket s)
+ {
+ int client_fd = s.Handle.ToInt32();
+ return new SSL(axtls.ssl_server_new(m_ctx, client_fd));
+ }
+ }
+
+ /**
+ * @class SSLClient
+ * @ingroup csharp_api
+ * @brief The client context.
+ *
+ * All client connections are started within a client context.
+ */
+ public class SSLClient : SSLCTX
+ {
+ /**
+ * @brief Start a new client context.
+ *
+ * @see SSLCTX for details.
+ */
+ public SSLClient(uint options, int num_sessions) :
+ base(options, num_sessions) {}
+
+ /**
+ * @brief Establish a new SSL connection to an SSL server.
+ *
+ * It is up to the application to establish the initial socket
+ * connection.
+ *
+ * This is a blocking call - it will finish when the handshake is
+ * complete (or has failed).
+ *
+ * Call Dispose() when the connection is to be removed.
+ * @param s [in] A reference to a <A HREF="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemnetsocketssocketclasstopic.asp">Socket</A> object.
+ * @param session_id [in] A 32 byte session id for session resumption.
+ * This can be null if no session resumption is not required.
+ * @return An SSL object reference. Use SSL.handshakeStatus() to check
+ * if a handshake succeeded.
+ */
+ public SSL Connect(Socket s, byte[] session_id)
+ {
+ int client_fd = s.Handle.ToInt32();
+ byte sess_id_size = (byte)(session_id != null ?
+ session_id.Length : 0);
+ return new SSL(axtls.ssl_client_new(m_ctx, client_fd, session_id,
+ sess_id_size));
+ }
+ }
+}
+/** @} */
diff --git a/libs/luci-lib-nixio/axTLS/bindings/generate_SWIG_interface.pl b/libs/luci-lib-nixio/axTLS/bindings/generate_SWIG_interface.pl
new file mode 100755
index 0000000000..4b2517988f
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/generate_SWIG_interface.pl
@@ -0,0 +1,393 @@
+#!/usr/bin/perl
+
+#
+# Copyright (c) 2007, Cameron Rich
+#
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the axTLS project nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+#===============================================================
+# Transforms function signature into SWIG format
+sub transformSignature
+{
+ foreach $item (@_)
+ {
+ $line =~ s/STDCALL //g;
+ $line =~ s/EXP_FUNC/extern/g;
+
+ # make API Java more 'byte' friendly
+ $line =~ s/uint32_t/int/g;
+ $line =~ s/const uint8_t \* /const unsigned char \* /g;
+ $line =~ s/\(void\)/()/g;
+ if ($ARGV[0] eq "-java")
+ {
+ $line =~ s/.*ssl_read.*//g;
+ $line =~ s/const uint8_t \*(\w+)/const signed char $1\[\]/g;
+ $line =~ s/uint8_t/signed char/g;
+ }
+ elsif ($ARGV[0] eq "-perl")
+ {
+ $line =~ s/const uint8_t \*(\w+)/const unsigned char $1\[\]/g;
+ $line =~ s/uint8_t/unsigned char/g;
+ }
+ else # lua
+ {
+ $line =~ s/const uint8_t \*session_id/const unsigned char session_id\[\]/g;
+ $line =~ s/const uint8_t \*\w+/unsigned char *INPUT/g;
+ $line =~ s/uint8_t/unsigned char/g;
+ }
+ }
+
+ return $line;
+}
+
+# Parse input file
+sub parseFile
+{
+ foreach $line (@_)
+ {
+ next if $line =~ /ssl_x509_create/; # ignore for now
+
+ # test for a #define
+ if (!$skip && $line =~ m/^#define/)
+ {
+ $splitDefine = 1 if $line =~ m/\\$/;
+ print DATA_OUT $line;
+
+ # check line is not split
+ next if $splitDefine == 1;
+ }
+
+ # pick up second line of #define statement
+ if ($splitDefine)
+ {
+ print DATA_OUT $line;
+
+ # check line is not split
+ $splitDefine = ($line =~ m/\\$/);
+ next;
+ }
+
+ # test for function declaration
+ if (!$skip && $line =~ /EXP_FUNC/ && $line !~/\/\*/)
+ {
+ $line = transformSignature($line);
+ $splitFunctionDeclaration = $line !~ /;/;
+ print DATA_OUT $line;
+ next;
+ }
+
+ if ($splitFunctionDeclaration)
+ {
+ $line = transformSignature($line);
+ $splitFunctionDeclaration = $line !~ /;/;
+ print DATA_OUT $line;
+ next;
+ }
+ }
+}
+
+#===============================================================
+
+# Determine which module to build from cammand-line options
+use strict;
+use Getopt::Std;
+
+my $module;
+my $interfaceFile;
+my $data_file;
+my $skip;
+my $splitLine;
+my @raw_data;
+
+if (not defined $ARGV[0])
+{
+ goto ouch;
+}
+
+if ($ARGV[0] eq "-java")
+{
+ print "Generating Java interface file\n";
+ $module = "axtlsj";
+ $interfaceFile = "java/axTLSj.i";
+}
+elsif ($ARGV[0] eq "-perl")
+{
+ print "Generating Perl interface file\n";
+ $module = "axtlsp";
+ $interfaceFile = "perl/axTLSp.i";
+}
+elsif ($ARGV[0] eq "-lua")
+{
+ print "Generating lua interface file\n";
+ $module = "axtlsl";
+ $interfaceFile = "lua/axTLSl.i";
+}
+else
+{
+ouch:
+ die "Usage: $0 [-java | -perl | -lua]\n";
+}
+
+# Input file required to generate SWIG interface file.
+$data_file = "../ssl/ssl.h";
+
+# Open input files
+open(DATA_IN, $data_file) || die("Could not open file ($data_file)!");
+@raw_data = <DATA_IN>;
+
+# Open output file
+open(DATA_OUT, ">$interfaceFile") || die("Cannot Open File");
+
+#
+# I wish I could say it was easy to generate the Perl/Java/Lua bindings,
+# but each had their own set of challenges... :-(.
+#
+print DATA_OUT << "END";
+%module $module\n
+
+/* include our own header */
+%inline %{
+#include "ssl.h"
+%}
+
+%include "typemaps.i"
+/* Some SWIG magic to make the API a bit more Java friendly */
+#ifdef SWIGJAVA
+
+%apply long { SSL * };
+%apply long { SSL_CTX * };
+%apply long { SSLObjLoader * };
+
+/* allow "unsigned char []" to become "byte[]" */
+%include "arrays_java.i"
+
+/* convert these pointers to use long */
+%apply signed char[] {unsigned char *};
+%apply signed char[] {signed char *};
+
+/* allow ssl_get_session_id() to return "byte[]" */
+%typemap(out) unsigned char * ssl_get_session_id \"if (result) jresult = SWIG_JavaArrayOutSchar(jenv, result, ssl_get_session_id_size((SSL const *)arg1));\"
+
+/* allow ssl_client_new() to have a null session_id input */
+%typemap(in) const signed char session_id[] (jbyte *jarr) {
+ if (jarg3 == NULL)
+ {
+ jresult = (jint)ssl_client_new(arg1,arg2,NULL,0);
+ return jresult;
+ }
+
+ if (!SWIG_JavaArrayInSchar(jenv, &jarr, &arg3, jarg3)) return 0;
+}
+
+/* Lot's of work required for an ssl_read() due to its various custom
+ * requirements.
+ */
+%native (ssl_read) int ssl_read(SSL *ssl, jobject in_data);
+%{
+JNIEXPORT jint JNICALL Java_axTLSj_axtlsjJNI_ssl_1read(JNIEnv *jenv, jclass jcls, jint jarg1, jobject jarg2) {
+ jint jresult = 0 ;
+ SSL *arg1;
+ unsigned char *arg2;
+ jbyte *jarr;
+ int result;
+ JNIEnv e = *jenv;
+ jclass holder_class;
+ jfieldID fid;
+
+ arg1 = (SSL *)jarg1;
+ result = (int)ssl_read(arg1, &arg2);
+
+ /* find the "m_buf" entry in the SSLReadHolder class */
+ if (!(holder_class = e->GetObjectClass(jenv,jarg2)) ||
+ !(fid = e->GetFieldID(jenv,holder_class, "m_buf", "[B")))
+ return SSL_NOT_OK;
+
+ if (result > SSL_OK)
+ {
+ int i;
+
+ /* create a new byte array to hold the read data */
+ jbyteArray jarray = e->NewByteArray(jenv, result);
+
+ /* copy the bytes across to the java byte array */
+ jarr = e->GetByteArrayElements(jenv, jarray, 0);
+ for (i = 0; i < result; i++)
+ jarr[i] = (jbyte)arg2[i];
+
+ /* clean up and set the new m_buf object */
+ e->ReleaseByteArrayElements(jenv, jarray, jarr, 0);
+ e->SetObjectField(jenv, jarg2, fid, jarray);
+ }
+ else /* set to null */
+ e->SetObjectField(jenv, jarg2, fid, NULL);
+
+ jresult = (jint)result;
+ return jresult;
+}
+%}
+
+/* Big hack to get hold of a socket's file descriptor */
+%typemap (jtype) long "Object"
+%typemap (jstype) long "Object"
+%native (getFd) int getFd(long sock);
+%{
+JNIEXPORT jint JNICALL Java_axTLSj_axtlsjJNI_getFd(JNIEnv *env, jclass jcls, jobject sock)
+{
+ JNIEnv e = *env;
+ jfieldID fid;
+ jobject impl;
+ jobject fdesc;
+
+ /* get the SocketImpl from the Socket */
+ if (!(jcls = e->GetObjectClass(env,sock)) ||
+ !(fid = e->GetFieldID(env,jcls,"impl","Ljava/net/SocketImpl;")) ||
+ !(impl = e->GetObjectField(env,sock,fid))) return -1;
+
+ /* get the FileDescriptor from the SocketImpl */
+ if (!(jcls = e->GetObjectClass(env,impl)) ||
+ !(fid = e->GetFieldID(env,jcls,"fd","Ljava/io/FileDescriptor;")) ||
+ !(fdesc = e->GetObjectField(env,impl,fid))) return -1;
+
+ /* get the fd from the FileDescriptor */
+ if (!(jcls = e->GetObjectClass(env,fdesc)) ||
+ !(fid = e->GetFieldID(env,jcls,"fd","I"))) return -1;
+
+ /* return the descriptor */
+ return e->GetIntField(env,fdesc,fid);
+}
+%}
+
+#endif
+
+/* Some SWIG magic to make the API a bit more Perl friendly */
+#ifdef SWIGPERL
+
+/* for ssl_session_id() */
+%typemap(out) const unsigned char * {
+ SV *svs = newSVpv((unsigned char *)\$1, ssl_get_session_id_size((SSL const *)arg1));
+ \$result = newRV(svs);
+ sv_2mortal(\$result);
+ argvi++;
+}
+
+/* for ssl_write() */
+%typemap(in) const unsigned char out_data[] {
+ SV* tempsv;
+ if (!SvROK(\$input))
+ croak("Argument \$argnum is not a reference.");
+ tempsv = SvRV(\$input);
+ if (SvTYPE(tempsv) != SVt_PV)
+ croak("Argument \$argnum is not an string.");
+ \$1 = (unsigned char *)SvPV(tempsv, PL_na);
+}
+
+/* for ssl_read() */
+%typemap(in) unsigned char **in_data (unsigned char *buf) {
+ \$1 = &buf;
+}
+
+%typemap(argout) unsigned char **in_data {
+ if (result > SSL_OK) {
+ SV *svs = newSVpv(*\$1, result);
+ \$result = newRV(svs);
+ sv_2mortal(\$result);
+ argvi++;
+ }
+}
+
+/* for ssl_client_new() */
+%typemap(in) const unsigned char session_id[] {
+ /* check for a reference */
+ if (SvOK(\$input) && SvROK(\$input)) {
+ SV* tempsv = SvRV(\$input);
+ if (SvTYPE(tempsv) != SVt_PV)
+ croak("Argument \$argnum is not an string.");
+ \$1 = (unsigned char *)SvPV(tempsv, PL_na);
+ }
+ else
+ \$1 = NULL;
+}
+
+#endif
+
+/* Some SWIG magic to make the API a bit more Lua friendly */
+#ifdef SWIGLUA
+SWIG_NUMBER_TYPEMAP(unsigned char);
+SWIG_TYPEMAP_NUM_ARR(uchar,unsigned char);
+
+/* for ssl_session_id() */
+%typemap(out) const unsigned char * {
+ int i;
+ lua_newtable(L);
+ for (i = 0; i < ssl_get_session_id_size((SSL const *)arg1); i++){
+ lua_pushnumber(L,(lua_Number)result[i]);
+ lua_rawseti(L,-2,i+1); /* -1 is the number, -2 is the table */
+ }
+ SWIG_arg++;
+}
+
+/* for ssl_read() */
+%typemap(in) unsigned char **in_data (unsigned char *buf) {
+ \$1 = &buf;
+}
+
+%typemap(argout) unsigned char **in_data {
+ if (result > SSL_OK) {
+ int i;
+ lua_newtable(L);
+ for (i = 0; i < result; i++){
+ lua_pushnumber(L,(lua_Number)buf2[i]);
+ lua_rawseti(L,-2,i+1); /* -1 is the number, -2 is the table */
+ }
+ SWIG_arg++;
+ }
+}
+
+/* for ssl_client_new() */
+%typemap(in) const unsigned char session_id[] {
+ if (lua_isnil(L,\$input))
+ \$1 = NULL;
+ else
+ \$1 = SWIG_get_uchar_num_array_fixed(L,\$input, ssl_get_session_id((SSL const *)\$1));
+}
+
+#endif
+
+END
+
+# Initialise loop variables
+$skip = 1;
+$splitLine = 0;
+
+parseFile(@raw_data);
+
+close(DATA_IN);
+close(DATA_OUT);
+
+#===============================================================
+
diff --git a/libs/luci-lib-nixio/axTLS/bindings/generate_interface.pl b/libs/luci-lib-nixio/axTLS/bindings/generate_interface.pl
new file mode 100755
index 0000000000..c24bff9f40
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/generate_interface.pl
@@ -0,0 +1,322 @@
+#!/usr/bin/perl -w
+
+#
+# Copyright (c) 2007, Cameron Rich
+#
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the axTLS project nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+#===============================================================
+# This application transforms ssl.h into interfaces that can be used by
+# other language bindings. It is "SWIG"-like in nature in that various
+# files are generated based on the axTLS API.
+#
+# The file produced is axInterface.? (depending on the file extension).
+#
+#===============================================================
+
+use strict;
+
+my $CSHARP = 0;
+my $VBNET = 1;
+
+my $binding;
+my $skip = 0;
+my $signature_ret_type;
+
+# Transforms function signature into an Interface format
+sub transformSignature
+{
+ my $item;
+ my ($line) = @_;
+
+ foreach $item ($line)
+ {
+ # our very basic preprocessor
+ if ($binding == $CSHARP)
+ {
+ $line =~ s/STDCALL //;
+ $line =~ s/EXP_FUNC/ [DllImport ("axtls")]\n public static extern/;
+ $line =~ s/uint32_t/uint/g;
+ $line =~ s/uint8_t \*\*/ref IntPtr /g;
+ $line =~ s/const uint8_t \* /IntPtr /g;
+ $line =~ s/const uint8_t \*/byte[] /g; # note: subtle diff
+ $line =~ s/uint8_t \* ?/byte[] /g;
+ $line =~ s/uint8_t ?/byte /g;
+ $line =~ s/const char \* ?/string /g;
+ $line =~ s/const SSL_CTX \* ?/IntPtr /g;
+ $line =~ s/SSL_CTX \* ?/IntPtr /g;
+ $line =~ s/SSLObjLoader \* ?/IntPtr /g;
+ $line =~ s/const SSL \* ?/IntPtr /g;
+ $line =~ s/SSL \* ?/IntPtr /g;
+ $line =~ s/\(void\)/()/g;
+ }
+ elsif ($binding == $VBNET)
+ {
+ if ($line =~ /EXP_FUNC/)
+ {
+ # Procedure or function?
+ my $invariant = $line =~ /void /;
+
+ my $proc = $invariant ? "Sub" : "Function";
+ ($signature_ret_type) = $line =~ /EXP_FUNC (.*) STDCALL/;
+ $line =~ s/EXP_FUNC .* STDCALL / <DllImport("axtls")> Public Shared $proc _\n /;
+
+ $signature_ret_type =~ s/const uint8_t \*/As IntPtr/;
+ $signature_ret_type =~ s/const char \*/As String/;
+ $signature_ret_type =~ s/SSL_CTX \*/As IntPtr/;
+ $signature_ret_type =~ s/SSLObjLoader \*/As IntPtr/;
+ $signature_ret_type =~ s/SSL \*/As IntPtr/;
+ $signature_ret_type =~ s/uint8_t/As Byte/;
+ $signature_ret_type =~ s/int/As Integer/;
+ $signature_ret_type =~ s/void//;
+ $signature_ret_type .= "\n End $proc\n\n";
+ }
+
+ $line =~ s/uint32_t (\w+)/ByVal $1 As Integer/g;
+ $line =~ s/int (\w+)/ByVal $1 As Integer/g;
+ $line =~ s/uint8_t \*\* ?(\w+)/ByRef $1 As IntPtr/g;
+ $line =~ s/const uint8_t \* ?(\w+)/ByVal $1() As Byte/g;
+ $line =~ s/uint8_t \* ?(\w+)/ByVal $1() As Byte/g;
+ $line =~ s/uint8_t ?(\w+)/ByVal $1 As Byte/g;
+ $line =~ s/const char \* ?(\w+)/ByVal $1 As String/g;
+ $line =~ s/const SSL_CTX \* ?(\w+)/ByVal $1 As IntPtr/g;
+ $line =~ s/SSL_CTX \* ?(\w+)/ByVal $1 As IntPtr/g;
+ $line =~ s/SSLObjLoader \* ?(\w+)/ByVal $1 As IntPtr/g;
+ $line =~ s/const SSL \* ?(\w+)/ByVal $1 As IntPtr/g;
+ $line =~ s/SSL \* ?(\w+)/ByVal $1 As IntPtr/g;
+ $line =~ s/void \* ?(\w+)/Byval $1 As IntPtr/g;
+ $line =~ s/\(void\)/()/g;
+ $line =~ s/void//g;
+ $line =~ s/;\n/ $signature_ret_type;/;
+ }
+ }
+
+ return $line;
+}
+
+# Parse input file
+sub parseFile
+{
+ my (@file) = @_;
+ my $line;
+ my $splitDefine = 0;
+ my $splitFunctionDeclaration;
+ my $vb_hack = " ";
+ my $vb_line_hack = 0;
+
+ $skip = 0;
+
+ foreach $line (@file)
+ {
+ next if $line =~ /sl_x509_create/; # ignore for now
+
+ # test for a #define
+ if (!$skip && $line =~ m/^#define/)
+ {
+ $splitDefine = 1 if $line =~ m/\\$/;
+
+ if ($binding == $VBNET)
+ {
+ $line =~ s/\|/Or/g;
+ $line =~ s/ 0x/ &H/;
+ }
+
+ my ($name, $value) = $line =~ /#define (\w+) +([^\\]*)[\\]?\n/;
+
+ if (defined $name && defined $value)
+ {
+ # C# constant translation
+ if ($binding == $CSHARP)
+ {
+ $line = " public const int $name = $value";
+ }
+ # VB.NET constant translation
+ elsif ($binding == $VBNET)
+ {
+ $line = " Public Const $name As Integer = $value";
+ }
+ }
+
+ next if $line =~ /#define/; # ignore any other defines
+
+ print DATA_OUT $line;
+
+ # check line is not split
+ next if $splitDefine == 1;
+ print DATA_OUT ";" if $binding == $CSHARP;
+ print DATA_OUT "\n";
+ }
+
+ # pick up second line of #define statement
+ if ($splitDefine)
+ {
+ if ($line !~ /\\$/)
+ {
+ $line =~ s/$/;/ if $binding == $CSHARP; # add the ";"
+ }
+
+ $line =~ s/ ?\| ?/ Or /g
+ if ($binding == $VBNET);
+
+ # check line is not split
+ $splitDefine = ($line =~ m/\\$/);
+
+ # ignore trailing "\"
+ $line =~ s/\\$// if $binding == $CSHARP;
+ $line =~ s/\\$/_/ if $binding == $VBNET;
+ print DATA_OUT $line;
+ next;
+ }
+
+ # test for function declaration
+ if (!$skip && $line =~ /EXP_FUNC/ && $line !~ /\/\*/)
+ {
+ $line = transformSignature($line);
+ $splitFunctionDeclaration = $line !~ /;/;
+ $line =~ s/;// if ($binding == $VBNET);
+ $line =~ s/\n$/ _\n/ if ($binding == $VBNET) &&
+ $splitFunctionDeclaration;
+ print DATA_OUT $line;
+ next;
+ }
+
+ if ($splitFunctionDeclaration)
+ {
+ $line = transformSignature($line);
+ $splitFunctionDeclaration = $line !~ /;/;
+ $line =~ s/;// if ($binding == $VBNET);
+ $line =~ s/\n/ _\n/ if ($binding == $VBNET) &&
+ $splitFunctionDeclaration == 1;
+ print DATA_OUT $line;
+ next;
+ }
+ }
+}
+
+#===============================================================
+
+# Determine which module to build from command-line options
+use strict;
+use Getopt::Std;
+
+my $binding_prefix;
+my $binding_suffix;
+my $data_file;
+my @raw_data;
+
+if (not defined $ARGV[0])
+{
+ goto ouch;
+}
+
+if ($ARGV[0] eq "-csharp")
+{
+ print "Generating C# interface file\n";
+ $binding_prefix = "csharp";
+ $binding_suffix = "cs";
+ $binding = $CSHARP;
+}
+elsif ($ARGV[0] eq "-vbnet")
+{
+ print "Generating VB.NET interface file\n";
+ $binding_prefix = "vbnet";
+ $binding_suffix = "vb";
+ $binding = $VBNET;
+}
+else
+{
+ouch:
+ die "Usage: $0 [-csharp | -vbnet]\n";
+}
+
+my $interfaceFile = "$binding_prefix/axInterface.$binding_suffix";
+
+# Input file required to generate interface file.
+$data_file = "../ssl/ssl.h";
+
+# Open input files
+open(DATA_IN, $data_file) || die("Could not open file ($data_file)!");
+@raw_data = <DATA_IN>;
+
+
+# Open output file
+if ($binding == $CSHARP || $binding == $VBNET)
+{
+ open(DATA_OUT, ">$interfaceFile") || die("Cannot Open File");
+}
+
+# SPEC interface file header
+if ($binding == $CSHARP)
+{
+ # generate the C#/C interface file
+ print DATA_OUT << "END";
+// The C# to C interface definition file for the axTLS project
+// Do not modify - this file is generated
+
+using System;
+using System.Runtime.InteropServices;
+
+namespace axTLS
+{
+ public class axtls
+ {
+END
+}
+elsif ($binding == $VBNET)
+{
+ # generate the VB.NET/C interface file
+ print DATA_OUT << "END";
+' The VB.NET to C interface definition file for the axTLS project
+' Do not modify - this file is generated
+
+Imports System
+Imports System.Runtime.InteropServices
+
+Namespace axTLSvb
+ Public Class axtls
+END
+}
+
+parseFile(@raw_data);
+
+# finish up
+if ($binding == $CSHARP)
+{
+ print DATA_OUT " };\n";
+ print DATA_OUT "};\n";
+}
+elsif ($binding == $VBNET)
+{
+ print DATA_OUT " End Class\nEnd Namespace\n";
+}
+
+close(DATA_IN);
+close(DATA_OUT);
+
+#===============================================================
+
diff --git a/libs/luci-lib-nixio/axTLS/bindings/java/Makefile b/libs/luci-lib-nixio/axTLS/bindings/java/Makefile
new file mode 100644
index 0000000000..8df1d0aa83
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/java/Makefile
@@ -0,0 +1,94 @@
+#
+# Copyright (c) 2007, Cameron Rich
+#
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the axTLS project nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+AXTLS_HOME=../..
+
+include $(AXTLS_HOME)/config/.config
+include $(AXTLS_HOME)/config/makefile.conf
+include $(AXTLS_HOME)/config/makefile.java.conf
+
+all: lib jar
+
+JAR=$(AXTLS_HOME)/$(STAGE)/axtls.jar
+
+ifdef CONFIG_PLATFORM_WIN32
+TARGET=$(AXTLS_HOME)/$(STAGE)/axtlsj.dll
+else
+TARGET=$(AXTLS_HOME)/$(STAGE)/libaxtlsj.so
+endif
+
+lib: $(TARGET)
+axTLSj_wrap.o : axTLSj_wrap.c
+
+JAVA_FILES= \
+ axtlsjJNI.java \
+ axtlsjConstants.java \
+ axtlsj.java \
+ SSLReadHolder.java \
+ SSL.java \
+ SSLUtil.java \
+ SSLCTX.java \
+ SSLServer.java \
+ SSLClient.java
+
+OBJ=axTLSj_wrap.o
+
+JAVA_CLASSES:=$(JAVA_FILES:%.java=classes/axTLSj/%.class)
+
+ifdef CONFIG_PLATFORM_WIN32
+LDFLAGS += axtls.lib /libpath:"$(AXTLS_HOME)/$(STAGE)"
+
+include $(AXTLS_HOME)/config/makefile.post
+
+$(TARGET) : $(OBJ)
+ $(LD) $(LDFLAGS) $(LDSHARED) /out:$@ $(OBJ)
+else # Not Win32
+
+$(TARGET) : $(OBJ)
+ $(LD) $(LDFLAGS) -L $(AXTLS_HOME)/$(STAGE) $(LDSHARED) -o $@ $(OBJ) -laxtls
+endif
+
+jar: $(OBJ) $(JAR)
+
+# if we are doing the samples then defer creating the jar until then
+$(JAR): $(JAVA_CLASSES)
+ifndef CONFIG_JAVA_SAMPLES
+ jar cvf $@ -C classes axTLSj
+else
+ @if [ ! -f $(JAR) ]; then touch $(JAR); fi
+endif
+
+classes/axTLSj/%.class : %.java
+ javac -d classes -classpath classes $^
+
+clean::
+ @rm -f $(JAR) $(TARGET) SWIG* axtls* *.i *.c
+ @rm -fr classes/*
+
diff --git a/libs/luci-lib-nixio/axTLS/bindings/java/SSL.java b/libs/luci-lib-nixio/axTLS/bindings/java/SSL.java
new file mode 100644
index 0000000000..b53a6da067
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/java/SSL.java
@@ -0,0 +1,137 @@
+/*
+ * Copyright (c) 2007, Cameron Rich
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the axTLS project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * A wrapper around the unmanaged interface to give a semi-decent Java API
+ */
+
+package axTLSj;
+
+import java.io.*;
+import java.util.*;
+
+/**
+ * @defgroup java_api Java API.
+ *
+ * Ensure that the appropriate dispose() methods are called when finished with
+ * various objects - otherwise memory leaks will result.
+ */
+
+/**
+ * @class SSL
+ * @ingroup java_api
+ * @brief A representation of an SSL connection.
+ *
+ */
+public class SSL
+{
+ public int m_ssl; /**< A pointer to the real SSL type */
+
+ /**
+ * @brief Store the reference to an SSL context.
+ * @param ip [in] A reference to an SSL object.
+ */
+ public SSL(int ip)
+ {
+ m_ssl = ip;
+ }
+
+ /**
+ * @brief Free any used resources on this connection.
+ *
+ * A "Close Notify" message is sent on this connection (if possible). It
+ * is up to the application to close the socket.
+ */
+ public void dispose()
+ {
+ axtlsj.ssl_free(m_ssl);
+ }
+
+ /**
+ * @brief Return the result of a handshake.
+ * @return SSL_OK if the handshake is complete and ok.
+ * @see ssl.h for the error code list.
+ */
+ public int handshakeStatus()
+ {
+ return axtlsj.ssl_handshake_status(m_ssl);
+ }
+
+ /**
+ * @brief Return the SSL cipher id.
+ * @return The cipher id which is one of:
+ * - SSL_AES128_SHA (0x2f)
+ * - SSL_AES256_SHA (0x35)
+ * - SSL_RC4_128_SHA (0x05)
+ * - SSL_RC4_128_MD5 (0x04)
+ */
+ public byte getCipherId()
+ {
+ return axtlsj.ssl_get_cipher_id(m_ssl);
+ }
+
+ /**
+ * @brief Get the session id for a handshake.
+ *
+ * This will be a 32 byte sequence and is available after the first
+ * handshaking messages are sent.
+ * @return The session id as a 32 byte sequence.
+ * @note A SSLv23 handshake may have only 16 valid bytes.
+ */
+ public byte[] getSessionId()
+ {
+ return axtlsj.ssl_get_session_id(m_ssl);
+ }
+
+ /**
+ * @brief Retrieve an X.509 distinguished name component.
+ *
+ * When a handshake is complete and a certificate has been exchanged,
+ * then the details of the remote certificate can be retrieved.
+ *
+ * This will usually be used by a client to check that the server's common
+ * name matches the URL.
+ *
+ * A full handshake needs to occur for this call to work.
+ *
+ * @param component [in] one of:
+ * - SSL_X509_CERT_COMMON_NAME
+ * - SSL_X509_CERT_ORGANIZATION
+ * - SSL_X509_CERT_ORGANIZATIONAL_NAME
+ * - SSL_X509_CA_CERT_COMMON_NAME
+ * - SSL_X509_CA_CERT_ORGANIZATION
+ * - SSL_X509_CA_CERT_ORGANIZATIONAL_NAME
+ * @return The appropriate string (or null if not defined)
+ */
+ public String getCertificateDN(int component)
+ {
+ return axtlsj.ssl_get_cert_dn(m_ssl, component);
+ }
+}
diff --git a/libs/luci-lib-nixio/axTLS/bindings/java/SSLCTX.java b/libs/luci-lib-nixio/axTLS/bindings/java/SSLCTX.java
new file mode 100644
index 0000000000..1cd3e032f0
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/java/SSLCTX.java
@@ -0,0 +1,229 @@
+/*
+ * Copyright (c) 2007, Cameron Rich
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the axTLS project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * A wrapper around the unmanaged interface to give a semi-decent Java API
+ */
+
+package axTLSj;
+
+import java.net.*;
+
+/**
+ * @class SSLCTX
+ * @ingroup java_api
+ * @brief A base object for SSLServer/SSLClient.
+ */
+public class SSLCTX
+{
+ /**
+ * A reference to the real client/server context.
+ */
+ protected int m_ctx;
+
+ /**
+ * @brief Establish a new client/server context.
+ *
+ * This function is called before any client/server SSL connections are
+ * made. If multiple threads are used, then each thread will have its
+ * own SSLCTX context. Any number of connections may be made with a single
+ * context.
+ *
+ * Each new connection will use the this context's private key and
+ * certificate chain. If a different certificate chain is required, then a
+ * different context needs to be be used.
+ *
+ * @param options [in] Any particular options. At present the options
+ * supported are:
+ * - SSL_SERVER_VERIFY_LATER (client only): Don't stop a handshake if the
+ * server authentication fails. The certificate can be authenticated later
+ * with a call to verifyCert().
+ * - SSL_CLIENT_AUTHENTICATION (server only): Enforce client authentication
+ * i.e. each handshake will include a "certificate request" message from
+ * the server.
+ * - SSL_DISPLAY_BYTES (full mode build only): Display the byte sequences
+ * during the handshake.
+ * - SSL_DISPLAY_STATES (full mode build only): Display the state changes
+ * during the handshake.
+ * - SSL_DISPLAY_CERTS (full mode build only): Display the certificates that
+ * are passed during a handshake.
+ * - SSL_DISPLAY_RSA (full mode build only): Display the RSA key details
+ * that are passed during a handshake.
+ *
+ * @param num_sessions [in] The number of sessions to be used for session
+ * caching. If this value is 0, then there is no session caching.
+ *
+ * If this option is null, then the default internal private key/
+ * certificate pair is used (if CONFIG_SSL_USE_DEFAULT_KEY is set).
+ *
+ * The resources used by this object are automatically freed.
+ * @return A client/server context.
+ */
+ protected SSLCTX(int options, int num_sessions)
+ {
+ m_ctx = axtlsj.ssl_ctx_new(options, num_sessions);
+ }
+
+ /**
+ * @brief Remove a client/server context.
+ *
+ * Frees any used resources used by this context. Each connection will be
+ * sent a "Close Notify" alert (if possible).
+ */
+ public void dispose()
+ {
+ axtlsj.ssl_ctx_free(m_ctx);
+ }
+
+ /**
+ * @brief Read the SSL data stream.
+ * @param ssl [in] An SSL object reference.
+ * @param rh [out] After a successful read, the decrypted data can be
+ * retrieved with rh.getData(). It will be null otherwise.
+ * @return The number of decrypted bytes:
+ * - if > 0, then the handshaking is complete and we are returning the
+ * number of decrypted bytes.
+ * - SSL_OK if the handshaking stage is successful (but not yet complete).
+ * - < 0 if an error.
+ * @see ssl.h for the error code list.
+ * @note Use rh before doing any successive ssl calls.
+ */
+ public int read(SSL ssl, SSLReadHolder rh)
+ {
+ return axtlsj.ssl_read(ssl.m_ssl, rh);
+ }
+
+ /**
+ * @brief Write to the SSL data stream.
+ * @param ssl [in] An SSL obect reference.
+ * @param out_data [in] The data to be written
+ * @return The number of bytes sent, or if < 0 if an error.
+ * @see ssl.h for the error code list.
+ */
+ public int write(SSL ssl, byte[] out_data)
+ {
+ return axtlsj.ssl_write(ssl.m_ssl, out_data, out_data.length);
+ }
+
+ /**
+ * @brief Write to the SSL data stream.
+ * @param ssl [in] An SSL obect reference.
+ * @param out_data [in] The data to be written
+ * @param out_len [in] The number of bytes to be written
+ * @return The number of bytes sent, or if < 0 if an error.
+ * @see ssl.h for the error code list.
+ */
+ public int write(SSL ssl, byte[] out_data, int out_len)
+ {
+ return axtlsj.ssl_write(ssl.m_ssl, out_data, out_len);
+ }
+
+ /**
+ * @brief Find an ssl object based on a Socket reference.
+ *
+ * Goes through the list of SSL objects maintained in a client/server
+ * context to look for a socket match.
+ * @param s [in] A reference to a <A HREF="http://java.sun.com/j2se/1.4.2/docs/api">Socket</A> object.
+ * @return A reference to the SSL object. Returns null if the object
+ * could not be found.
+ */
+ public SSL find(Socket s)
+ {
+ int client_fd = axtlsj.getFd(s);
+ return new SSL(axtlsj.ssl_find(m_ctx, client_fd));
+ }
+
+ /**
+ * @brief Authenticate a received certificate.
+ *
+ * This call is usually made by a client after a handshake is complete
+ * and the context is in SSL_SERVER_VERIFY_LATER mode.
+ * @param ssl [in] An SSL object reference.
+ * @return SSL_OK if the certificate is verified.
+ */
+ public int verifyCert(SSL ssl)
+ {
+ return axtlsj.ssl_verify_cert(ssl.m_ssl);
+ }
+
+ /**
+ * @brief Force the client to perform its handshake again.
+ *
+ * For a client this involves sending another "client hello" message.
+ * For the server is means sending a "hello request" message.
+ *
+ * This is a blocking call on the client (until the handshake completes).
+ * @param ssl [in] An SSL object reference.
+ * @return SSL_OK if renegotiation instantiation was ok
+ */
+ public int renegotiate(SSL ssl)
+ {
+ return axtlsj.ssl_renegotiate(ssl.m_ssl);
+ }
+
+ /**
+ * @brief Load a file into memory that is in binary DER or ASCII PEM format.
+ *
+ * These are temporary objects that are used to load private keys,
+ * certificates etc into memory.
+ * @param obj_type [in] The format of the file. Can be one of:
+ * - SSL_OBJ_X509_CERT (no password required)
+ * - SSL_OBJ_X509_CACERT (no password required)
+ * - SSL_OBJ_RSA_KEY (AES128/AES256 PEM encryption supported)
+ * - SSL_OBJ_P8 (RC4-128 encrypted data supported)
+ * - SSL_OBJ_P12 (RC4-128 encrypted data supported)
+ *
+ * PEM files are automatically detected (if supported).
+ * @param filename [in] The location of a file in DER/PEM format.
+ * @param password [in] The password used. Can be null if not required.
+ * @return SSL_OK if all ok
+ */
+ public int objLoad(int obj_type, String filename, String password)
+ {
+ return axtlsj.ssl_obj_load(m_ctx, obj_type, filename, password);
+ }
+
+ /**
+ * @brief Transfer binary data into the object loader.
+ *
+ * These are temporary objects that are used to load private keys,
+ * certificates etc into memory.
+ * @param obj_type [in] The format of the memory data.
+ * @param data [in] The binary data to be loaded.
+ * @param len [in] The amount of data to be loaded.
+ * @param password [in] The password used. Can be null if not required.
+ * @return SSL_OK if all ok
+ */
+
+ public int objLoad(int obj_type, byte[] data, int len, String password)
+ {
+ return axtlsj.ssl_obj_memory_load(m_ctx, obj_type, data, len, password);
+ }
+}
diff --git a/libs/luci-lib-nixio/axTLS/bindings/java/SSLClient.java b/libs/luci-lib-nixio/axTLS/bindings/java/SSLClient.java
new file mode 100644
index 0000000000..f65fe9c53f
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/java/SSLClient.java
@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 2007, Cameron Rich
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the axTLS project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * A wrapper around the unmanaged interface to give a semi-decent Java API
+ */
+
+package axTLSj;
+
+import java.net.*;
+
+/**
+ * @class SSLClient
+ * @ingroup java_api
+ * @brief The client context.
+ *
+ * All client connections are started within a client context.
+ */
+public class SSLClient extends SSLCTX
+{
+ /**
+ * @brief Start a new client context.
+ *
+ * @see SSLCTX for details.
+ */
+ public SSLClient(int options, int num_sessions)
+ {
+ super(options, num_sessions);
+ }
+
+ /**
+ * @brief Establish a new SSL connection to an SSL server.
+ *
+ * It is up to the application to establish the initial socket connection.
+ *
+ * This is a blocking call - it will finish when the handshake is
+ * complete (or has failed).
+ *
+ * Call dispose() when the connection is to be removed.
+ * @param s [in] A reference to a <A HREF="http://java.sun.com/j2se/1.4.2/docs/api">Socket</A> object.
+ * @param session_id [in] A 32 byte session id for session resumption. This
+ * can be null if no session resumption is not required.
+ * @return An SSL object reference. Use SSL.handshakeStatus() to check
+ * if a handshake succeeded.
+ */
+ public SSL connect(Socket s, byte[] session_id)
+ {
+ int client_fd = axtlsj.getFd(s);
+ byte sess_id_size = (byte)(session_id != null ?
+ session_id.length : 0);
+ return new SSL(axtlsj.ssl_client_new(m_ctx, client_fd, session_id,
+ sess_id_size));
+ }
+}
diff --git a/libs/luci-lib-nixio/axTLS/bindings/java/SSLReadHolder.java b/libs/luci-lib-nixio/axTLS/bindings/java/SSLReadHolder.java
new file mode 100644
index 0000000000..91fd76b23f
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/java/SSLReadHolder.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2007, Cameron Rich
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the axTLS project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * A wrapper around the unmanaged interface to give a semi-decent Java API
+ */
+
+package axTLSj;
+
+/**
+ * @class SSLReadHolder
+ * @ingroup java_api
+ * @brief A holder for data read in an SSL read.
+ */
+public class SSLReadHolder
+{
+ /**
+ * @brief Contruct a new read holder object.
+ */
+ public SSLReadHolder()
+ {
+ m_buf = null;
+ }
+
+ /**
+ * @brief Retrieve the reference to the read data.
+ */
+ public byte[] getData()
+ {
+ return m_buf;
+ }
+
+ private byte[] m_buf;
+}
diff --git a/libs/luci-lib-nixio/axTLS/bindings/java/SSLServer.java b/libs/luci-lib-nixio/axTLS/bindings/java/SSLServer.java
new file mode 100644
index 0000000000..514ccb0342
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/java/SSLServer.java
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2007, Cameron Rich
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the axTLS project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * A wrapper around the unmanaged interface to give a semi-decent Java API
+ */
+
+package axTLSj;
+
+import java.net.*;
+
+/**
+ * @class SSLServer
+ * @ingroup java_api
+ * @brief The server context.
+ *
+ * All server connections are started within a server context.
+ */
+public class SSLServer extends SSLCTX
+{
+ /**
+ * @brief Start a new server context.
+ *
+ * @see SSLCTX for details.
+ */
+ public SSLServer(int options, int num_sessions)
+ {
+ super(options, num_sessions);
+ }
+
+ /**
+ * @brief Establish a new SSL connection to an SSL client.
+ *
+ * It is up to the application to establish the initial socket connection.
+ *
+ * Call dispose() when the connection is to be removed.
+ * @param s [in] A reference to a <A HREF="http://java.sun.com/j2se/1.4.2/docs/api">Socket</A> object.
+ * @return An SSL object reference.
+ */
+ public SSL connect(Socket s)
+ {
+ int client_fd = axtlsj.getFd(s);
+ return new SSL(axtlsj.ssl_server_new(m_ctx, client_fd));
+ }
+}
diff --git a/libs/luci-lib-nixio/axTLS/bindings/java/SSLUtil.java b/libs/luci-lib-nixio/axTLS/bindings/java/SSLUtil.java
new file mode 100644
index 0000000000..3d53de51cb
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/java/SSLUtil.java
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2007, Cameron Rich
+ *
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the axTLS project nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+ * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * A wrapper around the unmanaged interface to give a semi-decent Java API
+ */
+
+package axTLSj;
+
+import java.io.*;
+import java.util.*;
+
+/**
+ * @class SSLUtil
+ * @ingroup java_api
+ * @brief Some global helper functions.
+ *
+ */
+public class SSLUtil
+{
+ /**
+ * @brief Load up the ddl/shared library
+ */
+ static
+ {
+ System.loadLibrary("axtlsj");
+ }
+
+ /**
+ * @brief Return the build mode of the axTLS project.
+ * @return The build mode is one of:
+ * - SSL_BUILD_SERVER_ONLY
+ * - SSL_BUILD_ENABLE_VERIFICATION
+ * - SSL_BUILD_ENABLE_CLIENT
+ * - SSL_BUILD_FULL_MODE
+ */
+ public static int buildMode()
+ {
+ return axtlsj.ssl_get_config(axtlsj.SSL_BUILD_MODE);
+ }
+
+ /**
+ * @brief Return the number of chained certificates that the client/server
+ * supports.
+ * @return The number of supported client/server certificates.
+ */
+ public static int maxCerts()
+ {
+ return axtlsj.ssl_get_config(axtlsj.SSL_MAX_CERT_CFG_OFFSET);
+ }
+
+ /**
+ * @brief Return the number of CA certificates that the client/server
+ * supports.
+ * @return The number of supported CA certificates.
+ */
+ public static int maxCACerts()
+ {
+ return axtlsj.ssl_get_config(axtlsj.SSL_MAX_CA_CERT_CFG_OFFSET);
+ }
+
+ /**
+ * @brief Indicate if PEM is supported.
+ * @return true if PEM supported.
+ */
+ public static boolean hasPEM()
+ {
+ return axtlsj.ssl_get_config(axtlsj.SSL_HAS_PEM) > 0 ? true : false;
+ }
+
+ /**
+ * @brief Display the text string of the error.
+ * @param error_code [in] The integer error code.
+ * @see ssl.h for the error code list.
+ */
+ public static void displayError(int error_code)
+ {
+ axtlsj.ssl_display_error(error_code);
+ }
+
+ /**
+ * @brief Return the version of the axTLS project.
+ */
+ public static String version()
+ {
+ return axtlsj.ssl_version();
+ }
+}
+
diff --git a/libs/luci-lib-nixio/axTLS/bindings/lua/Makefile b/libs/luci-lib-nixio/axTLS/bindings/lua/Makefile
new file mode 100644
index 0000000000..daacf92150
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/lua/Makefile
@@ -0,0 +1,67 @@
+#
+# Copyright (c) 2007, Cameron Rich
+#
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the axTLS project nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+AXTLS_HOME=../..
+
+include $(AXTLS_HOME)/config/.config
+include $(AXTLS_HOME)/config/makefile.conf
+
+all: lib
+
+
+ifdef CONFIG_PLATFORM_WIN32
+TARGET=$(AXTLS_HOME)/$(STAGE)/axtlsl.dll
+else
+TARGET=$(CONFIG_LUA_CORE)/lib/lua/5.1/axtlsl.so
+endif
+
+ifneq ($(MAKECMDGOALS), clean)
+
+lib: $(TARGET)
+OBJ:=axTLSl_wrap.o
+include $(AXTLS_HOME)/config/makefile.post
+
+# there are a few static functions that aren't used
+CFLAGS += -funit-at-a-time
+
+$(TARGET) : $(OBJ)
+ $(LD) $(LDFLAGS) $(LDSHARED) -o $@ $^ -L$(AXTLS_HOME)/$(STAGE) -L$(CONFIG_LUA_CORE)/lib -laxtls -llua
+
+CFLAGS += -I $(CONFIG_LUA_CORE)/include
+else
+CFLAGS += /I"`cygpath -w $(CONFIG_LUA_CORE)/include`"
+LDFLAGS += axtls.lib /libpath:"$(AXTLS_HOME)/$(STAGE)"
+
+$(TARGET) : $(OBJ)
+ $(LD) $(LDFLAGS) $(LDSHARED) /out:$@ $(OBJ)
+endif # WIN32
+
+clean::
+ @rm -f $(TARGET) *.i axTLSl* .depend
diff --git a/libs/luci-lib-nixio/axTLS/bindings/perl/Makefile b/libs/luci-lib-nixio/axTLS/bindings/perl/Makefile
new file mode 100644
index 0000000000..92fd3c50f7
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/perl/Makefile
@@ -0,0 +1,91 @@
+#
+# Copyright (c) 2007, Cameron Rich
+#
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the axTLS project nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+AXTLS_HOME=../..
+
+include $(AXTLS_HOME)/config/.config
+include $(AXTLS_HOME)/config/makefile.conf
+
+all: lib
+
+ifdef CONFIG_PLATFORM_WIN32
+TARGET=$(AXTLS_HOME)/$(STAGE)/axtlsp.dll
+else
+TARGET=$(AXTLS_HOME)/$(STAGE)/libaxtlsp.so
+endif
+
+ifneq ($(MAKECMDGOALS), clean)
+
+ifdef CONFIG_PLATFORM_WIN32
+PERL5_CORE:=$(shell cygpath -w "$(CONFIG_PERL_CORE)")
+else
+PERL5_CORE= $(shell perl -e 'use Config; print $$Config{archlib};')/CORE
+endif
+
+all: test_perl
+
+test_perl:
+ @if ! [ -d "$(PERL5_CORE)" ]; then \
+ echo "*** Error: Perl not installed at $(CONFIG_PERL_CORE) - go to " \
+ "http://www.cpan.org/authors/id/G/GR/GRAHAMC/SiePerl-5.8.0-bin-1.0-Win32.INSTALL.exe" && exit 1; \
+ fi
+
+endif
+
+lib: $(TARGET)
+OBJ:=axTLSp_wrap.o
+include $(AXTLS_HOME)/config/makefile.post
+
+ifndef CONFIG_PLATFORM_WIN32 # Linux/Unix/Cygwin
+
+#
+# Could have used libperl.a, but it increases the library to over 1MB, so just
+# use libperl.so. But this needs to be in the shared library path for things to
+# work.
+#
+$(TARGET) : $(OBJ)
+ $(LD) $(LDFLAGS) -L$(AXTLS_HOME)/$(STAGE) -L$(PERL5_CORE) $(LDSHARED) -o $@ $(OBJ) -laxtls -lperl
+ifdef CONFIG_PLATFORM_CYGWIN
+ cd $(AXTLS_HOME)/$(STAGE); ln -sf $(notdir $@) axtlsp.dll
+endif
+ @install axtlsp.pm $(AXTLS_HOME)/$(STAGE)
+
+CFLAGS += -D_GNU_SOURCE -I$(PERL5_CORE)
+else
+CFLAGS += /I"$(PERL5_CORE)"
+LDFLAGS += $(CONFIG_PERL_LIB) /libpath:"$(PERL5_CORE)" axtls.lib /libpath:"$(AXTLS_HOME)/$(STAGE)"
+
+$(TARGET) : $(OBJ)
+ $(LD) $(LDFLAGS) $(LDSHARED) /out:$@ $(OBJ)
+ install axtlsp.pm $(AXTLS_HOME)/$(STAGE)
+endif # WIN32
+
+clean::
+ @rm -f $(TARGET) axtls* *.i axTLSp* *.c .depend $(AXTLS_HOME)/$(STAGE)/axtlsp.pm
diff --git a/libs/luci-lib-nixio/axTLS/bindings/vbnet/Makefile b/libs/luci-lib-nixio/axTLS/bindings/vbnet/Makefile
new file mode 100644
index 0000000000..7da60d02ed
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/vbnet/Makefile
@@ -0,0 +1,35 @@
+#
+# Copyright (c) 2007, Cameron Rich
+#
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# * Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above copyright
+# notice, this list of conditions and the following disclaimer in the
+# documentation and/or other materials provided with the distribution.
+# * Neither the name of the axTLS project nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+# OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+
+include ../../config/.config
+include ../../config/makefile.conf
+
+clean::
+ @rm -f axssl* axInterface.vb
diff --git a/libs/luci-lib-nixio/axTLS/bindings/vbnet/axTLSvb.vb b/libs/luci-lib-nixio/axTLS/bindings/vbnet/axTLSvb.vb
new file mode 100644
index 0000000000..9388273ce8
--- /dev/null
+++ b/libs/luci-lib-nixio/axTLS/bindings/vbnet/axTLSvb.vb
@@ -0,0 +1,200 @@
+'
+' Copyright (c) 2007, Cameron Rich
+'
+' All rights reserved.
+'
+' Redistribution and use in source and binary forms, with or without
+' modification, are permitted provided that the following conditions are met:
+'
+' * Redistributions of source code must retain the above copyright notice,
+' this list of conditions and the following disclaimer.
+' * Redistributions in binary form must reproduce the above copyright
+' notice, this list of conditions and the following disclaimer in the
+' documentation and/or other materials provided with the distribution.
+' * Neither the name of the axTLS project nor the names of its
+' contributors may be used to endorse or promote products derived
+' from this software without specific prior written permission.
+'
+' THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+' "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+' LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+' A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
+' CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+' SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+' TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+' DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+' OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+' NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+' THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+'
+
+'
+' A wrapper around the unmanaged Integererface to give a semi-decent VB.NET API
+'
+
+Imports System
+Imports System.Runtime.InteropServices
+Imports System.Net.Sockets
+Imports axTLSvb
+
+Namespace axTLSvb
+ Public Class SSL
+ Public m_ssl As IntPtr
+
+ Public Sub New(ByRef ip As IntPtr)
+ m_ssl = ip
+ End Sub
+
+ Public Sub Dispose()
+ axtls.ssl_free(m_ssl)
+ End Sub
+
+ Public Function HandshakeStatus() As Integer
+ Return axtls.ssl_handshake_status(m_ssl)
+ End Function
+
+ Public Function GetCipherId() As Byte
+ Return axtls.ssl_get_cipher_id(m_ssl)
+ End Function
+
+ Public Function GetSessionId() As Byte()
+ Dim ptr As IntPtr = axtls.ssl_get_session_id(m_ssl)
+ Dim sess_id_size As Integer = axtls.ssl_get_session_id_size(m_ssl)
+ Dim result(sess_id_size-1) As Byte
+ Marshal.Copy(ptr, result, 0, sess_id_size)
+ Return result
+ End Function
+
+ Public Function GetCertificateDN(component As Integer) As String
+ Return axtls.ssl_get_cert_dn(m_ssl, component)
+ End Function
+ End Class
+
+ Public Class SSLUtil
+ Private dummy As Integer ' need something here
+
+ Public Shared Function BuildMode() As Integer
+ Return axtls.ssl_get_config(axtls.SSL_BUILD_MODE)
+ End Function
+
+ Public Shared Function MaxCerts() As Integer
+ Return axtls.ssl_get_config(axtls.SSL_MAX_CERT_CFG_OFFSET)
+ End Function
+
+ Public Shared Function MaxCACerts() As Integer
+ Return axtls.ssl_get_config(axtls.SSL_MAX_CA_CERT_CFG_OFFSET)
+ End Function
+
+ Public Shared Function HasPEM() As Boolean
+ If axtls.ssl_get_config(axtls.SSL_HAS_PEM) > 0 Then
+ Return True
+ Else
+ Return False
+ End If
+ End Function
+
+ Public Shared Sub DisplayError(ByVal error_code As Integer)
+ axtls.ssl_display_error(error_code)
+ End Sub
+
+ Public Shared Function Version() As String
+ Return axtls.ssl_version()
+ End Function
+ End Class
+
+ Public Class SSLCTX
+ Protected m_ctx As IntPtr
+
+ Protected Sub New(ByVal options As Integer, _
+ ByVal num_sessions As Integer)
+ m_ctx = axtls.ssl_ctx_new(options, num_sessions)
+ End Sub
+
+ Public Sub Dispose()
+ axtls.ssl_ctx_free(m_ctx)
+ End Sub
+
+ Public Function Read(ByVal ssl As SSL, ByRef in_data As Byte()) As Integer
+ Dim ptr As IntPtr = IntPtr.Zero
+ Dim ret as Integer = axtls.ssl_read(ssl.m_ssl, ptr)
+
+ If ret > axtls.SSL_OK Then
+ ReDim in_data(ret)
+ Marshal.Copy(ptr, in_data, 0, ret)
+ Else
+ in_data = Nothing
+ End If
+
+ Return ret
+ End Function
+
+ Public Function Write(ByVal ssl As SSL, _
+ ByVal data As Byte(), len As Integer) As Integer
+ Return axtls.ssl_write(ssl.m_ssl, data, len)
+ End Function
+
+ Public Function Find(ByVal s As Socket) As SSL
+ Dim client_fd As Integer = s.Handle.ToInt32()
+ Return New SSL(axtls.ssl_find(m_ctx, client_fd))
+ End Function
+
+ Public Function VerifyCert(ByVal ssl As SSL) As Integer
+ Return axtls.ssl_verify_cert(ssl.m_ssl)
+ End Function
+
+ Public Function Renegotiate(ByVal ssl As SSL) As Integer
+ Return axtls.ssl_renegotiate(ssl.m_ssl)
+ End Function
+
+ Public Function ObjLoad(ByVal obj_type As Integer, _
+ ByVal filename As String, _
+ password As String) As Integer
+ Return axtls.ssl_obj_load(m_ctx, obj_type, filename, password)
+ End Function
+
+ Public Function ObjLoad(ByVal obj_type As Integer, _
+ ByVal data As Byte(), ByVal len As Integer, _
+ password As String) As Integer
+ Return axtls.ssl_obj_memory_load( _
+ m_ctx, obj_type, data, len, password)
+ End Function
+ End Class
+
+ Public Class SSLServer
+ Inherits SSLCTX
+
+ Public Sub New(ByVal options As Integer, _
+ ByVal num_sessions As Integer)
+ MyBase.New(options, num_sessions)
+ End Sub
+
+ Public Function Connect(ByVal s As Socket) As SSL
+ Dim client_fd As Integer = s.Handle.ToInt32()
+ Return New SSL(axtls.ssl_server_new(m_ctx, client_fd))
+ End Function
+ End Class
+
+ Public Class SSLClient
+ Inherits SSLCTX
+
+ Public Sub New(ByVal options As Integer, _
+ ByVal num_sessions As Integer)
+ MyBase.New(options, num_sessions)
+ End Sub
+
+ Public Function Connect(ByVal s As Socket, _
+ ByVal session_id As Byte()) As SSL
+ Dim client_fd As Integer = s.Handle.ToInt32()
+ Dim sess_id_size As Byte
+ If session_id is Nothing Then
+ sess_id_size = 0
+ Else
+ sess_id_size = session_id.Length
+ End If
+
+ Return New SSL(axtls.ssl_client_new(m_ctx, client_fd, session_id, _
+ sess_id_size))
+ End Function
+
+ End Class
+End Namespace