Add caDir and move serialDir into Config.Bind
[hcoop/domtool2.git] / openssl / openssl_sml.c
CommitLineData
559e89e9
AC
1#include "openssl/bio.h"
2#include "openssl/ssl.h"
3#include "openssl/err.h"
4
3b267643
AC
5#include <sys/types.h>
6#include <sys/socket.h>
7#include <unistd.h>
8#include <netinet/in.h>
9
10void OpenSSL_SML_init() {
11 SSL_library_init();
559e89e9
AC
12}
13
14void OpenSSL_SML_load_error_strings() {
15 SSL_load_error_strings();
3b267643 16 ERR_load_X509_strings();
559e89e9
AC
17}
18
19void OpenSSL_SML_load_BIO_strings() {
20 ERR_load_BIO_strings();
21}
22
23int OpenSSL_SML_get_error() {
24 return ERR_get_error();
25}
26
64a44dc0
AC
27int OpenSSL_SML_should_retry(BIO *b) {
28 return BIO_should_retry(b);
29}
30
559e89e9
AC
31const char *OpenSSL_SML_lib_error_string(int err) {
32 return ERR_lib_error_string(err);
33}
34
35const char *OpenSSL_SML_func_error_string(int err) {
36 return ERR_func_error_string(err);
37}
38
39const char *OpenSSL_SML_reason_error_string(int err) {
40 return ERR_reason_error_string(err);
41}
42
07cc384c
AC
43int OpenSSL_SML_read(BIO *b, void *data, int len) {
44 return BIO_read(b, data, len);
45}
46
559e89e9
AC
47int OpenSSL_SML_write(BIO *b, const void *data, int len) {
48 return BIO_write(b, data, len);
49}
50
51BIO *OpenSSL_SML_new_connect(char *addr) {
52 return BIO_new_connect(addr);
53}
54
55void OpenSSL_SML_free_all(BIO *b) {
56 BIO_free_all(b);
57}
58
59int OpenSSL_SML_do_connect(BIO *b) {
60 return BIO_do_connect(b);
61}
07cc384c
AC
62
63int OpenSSL_SML_do_accept(BIO *b) {
64 return BIO_do_accept(b);
65}
3b267643 66
60534712
AC
67int OpenSSL_SML_do_handshake(BIO *b) {
68 return BIO_do_handshake(b);
69}
70
3b267643
AC
71SSL_CTX *OpenSSL_SML_CTX_new(SSL_METHOD *meth) {
72 SSL_CTX *ctx = SSL_CTX_new(meth);
73 SSL_CTX_set_verify(ctx,
74 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
75 0);
2ee50226
AC
76 SSL_CTX_set_verify_depth(ctx,
77 2);
3b267643
AC
78 return ctx;
79}
80
81void OpenSSL_SML_CTX_free(SSL_CTX *ctx) {
82 return SSL_CTX_free(ctx);
83}
84
85SSL_METHOD *OpenSSL_SML_SSLv23_method() {
86 return SSLv23_method();
87}
88
89int OpenSSL_SML_load_verify_locations(SSL_CTX *ctx, const char *trust, const char *certs) {
90 return SSL_CTX_load_verify_locations(ctx, trust, certs);
91}
92
93BIO *OpenSSL_SML_new_ssl_connect(SSL_CTX *ctx) {
94 BIO *bio = BIO_new_ssl_connect(ctx);
95 SSL *ssl;
96
97 BIO_get_ssl(bio, &ssl);
98 SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
99
100 return bio;
101}
102
60534712
AC
103BIO *OpenSSL_SML_new_ssl(SSL_CTX *ctx) {
104 BIO *bio = BIO_new_ssl_connect(ctx);
105 SSL *ssl;
106
107 BIO_get_ssl(bio, &ssl);
108 SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
109
110 return bio;
111}
112
113BIO *OpenSSL_SML_new_accept(SSL_CTX *ctx, char *port) {
114 BIO *sbio = BIO_new_ssl(ctx, 0);
115 BIO *acpt = BIO_new_accept(port);
116
117 BIO_set_accept_bios(acpt, sbio);
118
119 return acpt;
120}
3b267643
AC
121
122SSL *OpenSSL_SML_get_ssl(BIO *bio) {
123 SSL *ssl;
124
125 if (BIO_get_ssl(bio, &ssl) <= 0)
126 return NULL;
127 else
128 return ssl;
129}
130
131int OpenSSL_SML_set_conn_hostname(BIO *bio, char *hostname) {
132 BIO_set_conn_hostname(bio, hostname);
133}
134
135int OpenSSL_SML_set_accept_port(BIO *bio, char *port) {
136 BIO_set_accept_port(bio, port);
137}
138
139int OpenSSL_SML_tcp_listen(int port, int qsize) {
140 int sock;
141 struct sockaddr_in sin;
142 int val=1;
143
144 if((sock=socket(AF_INET,SOCK_STREAM,0))<0)
145 return -1;
146
147 memset(&sin,0,sizeof(sin));
148 sin.sin_addr.s_addr=INADDR_ANY;
149 sin.sin_family=AF_INET;
150 sin.sin_port=htons(port);
151 setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,
152 &val,sizeof(val));
153
154 if(bind(sock,(struct sockaddr *)&sin,
155 sizeof(sin))<0)
156 return -1;
157 listen(sock, qsize);
158
159 return sock;
160}
161
162int OpenSSL_SML_accept(int sock) {
163 return accept(sock, 0, 0);
164}
165
166BIO *OpenSSL_SML_new_socket(int sock) {
167 return BIO_new_socket(sock, BIO_NOCLOSE);
168}
169
170SSL *OpenSSL_SML_SSL_new(SSL_CTX *ctx) {
171 SSL *ssl = SSL_new(ctx);
172
173 return ssl;
174}
175
176int OpenSSL_SML_SSL_shutdown(SSL *ssl) {
177 return SSL_shutdown(ssl);
178}
179
180void OpenSSL_SML_shutdown(int sock) {
181 shutdown(sock, 1);
182}
183
184void OpenSSL_SML_SSL_set_bio(SSL *ssl, BIO *b1, BIO *b2) {
185 SSL_set_mode(ssl, SSL_MODE_AUTO_RETRY);
186 SSL_set_bio(ssl, b1, b2);
60534712 187 BIO_set_ssl(b1, ssl, BIO_NOCLOSE);
3b267643
AC
188}
189
190int OpenSSL_SML_use_PrivateKey_file(SSL_CTX *ctx, char *keyfile) {
191 return SSL_CTX_use_PrivateKey_file(ctx,
192 keyfile,
193 SSL_FILETYPE_PEM);
194}
195
196int OpenSSL_SML_SSL_accept(SSL *ssl) {
197 return SSL_accept(ssl);
198}
199
200int OpenSSL_SML_use_certificate_chain_file(SSL_CTX *ctx, char *keyfile) {
201 return SSL_CTX_use_certificate_chain_file(ctx,
202 keyfile);
203}
204
3b267643
AC
205const char *OpenSSL_SML_get_peer_name(SSL *ssl) {
206 X509 *x = SSL_get_peer_certificate(ssl);
3b267643
AC
207
208 if (x) {
209 X509_NAME *name = X509_get_subject_name(x);
210
211 if (name) {
3b267643
AC
212 X509_NAME_ENTRY *ne;
213
51be7da6 214 ne = X509_NAME_get_entry(name, 0);
3b267643
AC
215
216 if (ne) {
217 ASN1_STRING *s = X509_NAME_ENTRY_get_data(ne);
218 static char ret[1024];
219
220 if (M_ASN1_STRING_length(s) >= sizeof ret)
221 return NULL;
222 else {
223 memcpy(ret, M_ASN1_STRING_data(s), M_ASN1_STRING_length(s));
224 ret[M_ASN1_STRING_length(s)] = 0;
225 return ret;
226 }
60534712
AC
227 } else {
228 printf("Null entry\n");
3b267643 229 return NULL;
60534712
AC
230 }
231 } else {
232 printf("Null name\n");
3b267643 233 return NULL;
60534712
AC
234 }
235 } else {
236 printf("Null certificate\n");
3b267643 237 return NULL;
60534712
AC
238 }
239}
240
241BIO *OpenSSL_SML_pop(BIO *b) {
242 return BIO_pop(b);
3b267643 243}
19f3c4e6
AC
244
245BIO *OpenSSL_SML_next(BIO *b) {
246 return BIO_next(b);
247}
36e42cb8
AC
248
249int OpenSSL_SML_puts(BIO *b, const char *buf) {
250 return BIO_puts(b, buf);
251}