summaryrefslogtreecommitdiff
path: root/vchat-ssl.c
diff options
context:
space:
mode:
authorDirk Engling <erdgeist@erdgeist.org>2014-11-16 00:31:32 +0100
committerDirk Engling <erdgeist@erdgeist.org>2014-11-16 00:31:32 +0100
commit4c635b85709b33f5161674fcea273d5739d484fe (patch)
tree50d8d6b398cc91c10109d12f6c2638c94e6814e5 /vchat-ssl.c
parent279772cb4f3894f087b9e0389c6742c6ebb48062 (diff)
Keep pulling openssl's tentacles out of protocol code
Diffstat (limited to 'vchat-ssl.c')
-rwxr-xr-xvchat-ssl.c66
1 files changed, 52 insertions, 14 deletions
diff --git a/vchat-ssl.c b/vchat-ssl.c
index 73a56fa..fab5ffe 100755
--- a/vchat-ssl.c
+++ b/vchat-ssl.c
@@ -34,6 +34,33 @@
34 34
35const char *vchat_ssl_version = "vchat-ssl.c $Id$"; 35const char *vchat_ssl_version = "vchat-ssl.c $Id$";
36 36
37typedef int (*vc_x509verify_cb_t)(int, X509_STORE_CTX *);
38struct vc_x509store_t {
39 char *cafile;
40 char *capath;
41 char *crlfile;
42 vc_x509verify_cb_t callback;
43 vc_askpass_cb_t askpass_callback;
44 STACK_OF(X509) *certs;
45 STACK_OF(X509_CRL) *crls;
46 char *use_certfile;
47 STACK_OF(X509) *use_certs;
48 char *use_keyfile;
49 EVP_PKEY *use_key;
50 int flags;
51};
52
53static void vc_cleanup_x509store(vc_x509store_t *); // Should not be static but is unused
54static SSL_CTX * vc_create_sslctx( vc_x509store_t *vc_store );
55static int vc_verify_callback(int, X509_STORE_CTX *);
56static X509_STORE * vc_x509store_create(vc_x509store_t *);
57static void vc_x509store_clearflags(vc_x509store_t *, int);
58static void vc_x509store_setcafile(vc_x509store_t *, char *);
59static void vc_x509store_setcapath(vc_x509store_t *, char *);
60static void vc_x509store_setcrlfile(vc_x509store_t *, char *);
61static void vc_x509store_addcert(vc_x509store_t *, X509 *);
62static void vc_x509store_setcb(vc_x509store_t *, vc_x509verify_cb_t);
63
37#define VC_CTX_ERR_EXIT(se, cx) do { \ 64#define VC_CTX_ERR_EXIT(se, cx) do { \
38 snprintf(tmpstr, TMPSTRSIZE, "CREATE CTX: %s", \ 65 snprintf(tmpstr, TMPSTRSIZE, "CREATE CTX: %s", \
39 ERR_error_string (ERR_get_error (), NULL)); \ 66 ERR_error_string (ERR_get_error (), NULL)); \
@@ -51,7 +78,7 @@ const char *vchat_ssl_version = "vchat-ssl.c $Id$";
51 return(NULL); \ 78 return(NULL); \
52 } while(0) 79 } while(0)
53 80
54SSL_CTX * vc_create_sslctx( vc_x509store_t *vc_store ) 81static SSL_CTX * vc_create_sslctx( vc_x509store_t *vc_store )
55{ 82{
56 int i = 0; 83 int i = 0;
57 int n = 0; 84 int n = 0;
@@ -372,20 +399,31 @@ void vc_x509store_setcertfile(vc_x509store_t *store, char *file)
372} 399}
373 400
374 401
375void vc_init_x509store(vc_x509store_t *s) 402vc_x509store_t *vc_init_x509store()
376{ 403{
377 s->cafile = NULL; 404 vc_x509store_t *s = malloc(sizeof(vc_x509store_t));
378 s->capath = NULL; 405 if (s) {
379 s->crlfile = NULL; 406
380 s->callback = NULL; 407 static int sslinit;
381 s->askpass_callback = NULL; 408 if( !sslinit++ ) {
382 s->certs = sk_X509_new_null(); 409 SSL_library_init ();
383 s->crls = sk_X509_CRL_new_null(); 410 SSL_load_error_strings();
384 s->use_certfile = NULL; 411 }
385 s->use_certs = sk_X509_new_null(); 412
386 s->use_keyfile = NULL; 413 s->cafile = NULL;
387 s->use_key = NULL; 414 s->capath = NULL;
388 s->flags = 0; 415 s->crlfile = NULL;
416 s->callback = NULL;
417 s->askpass_callback = NULL;
418 s->certs = sk_X509_new_null();
419 s->crls = sk_X509_CRL_new_null();
420 s->use_certfile = NULL;
421 s->use_certs = sk_X509_new_null();
422 s->use_keyfile = NULL;
423 s->use_key = NULL;
424 s->flags = 0;
425 }
426 return s;
389} 427}
390 428
391void vc_cleanup_x509store(vc_x509store_t *s) 429void vc_cleanup_x509store(vc_x509store_t *s)