X-Git-Url: http://git.code-monkey.de/?a=blobdiff_plain;f=src%2Fssl.h;h=4efa24beb586caccb17a01e2a43086f7e835bc29;hb=fbd95a0ede5ada1903f2ad01fda03fd8296b8029;hp=5ed8384e30cdb47c65f8583490624a339fef85f6;hpb=14a67bc74c81651015bbbad075f7eb1c41218cf7;p=umurmur.git diff --git a/src/ssl.h b/src/ssl.h index 5ed8384..4efa24b 100644 --- a/src/ssl.h +++ b/src/ssl.h @@ -1,6 +1,6 @@ -/* Copyright (C) 2009-2010, Martin Johansson - Copyright (C) 2005-2010, Thorvald Natvig +/* Copyright (C) 2009-2014, Martin Johansson + Copyright (C) 2005-2014, Thorvald Natvig All rights reserved. Redistribution and use in source and binary forms, with or without @@ -32,26 +32,77 @@ #ifndef SSL_H_987698 #define SSL_H_987698 -#ifdef USE_POLARSSL +#include "config.h" +#include "types.h" + +#include +#include +#include + +#if defined(USE_POLARSSL) #include +#include + +#if defined(POLARSSL_VERSION_MAJOR) +#if (POLARSSL_VERSION_MAJOR < 1) +#error PolarSSL version 1.0.0 or greater is required! +#endif #else -#include -#include +#error PolarSSL version 1.0.0 or greater is required! #endif -#include "types.h" -#include +#if defined(USE_POLARSSL_HAVEGE) +#include + #if (POLARSSL_VERSION_MINOR >= 1) + #define HAVEGE_RAND (havege_random) + #define RAND_bytes(_dst_, _size_) do { \ + havege_random(&hs, _dst_, _size_); \ + } while (0) + #else + #define HAVEGE_RAND (havege_rand) + #define RAND_bytes(_dst_, _size_) do { \ + int i; \ + for (i = 0; i < _size_; i++) { \ + _dst_[i] = havege_rand(&hs); \ + } \ + } while (0) + #endif +#else +#define RAND_bytes(_dst_, _size_) do { urandom_bytes(NULL, _dst_, _size_); } while (0) +int urandom_bytes(void *ctx, unsigned char *dest, size_t len); +#endif + +#if (POLARSSL_VERSION_MINOR >= 2) + #define POLARSSL_API_V1_2_ABOVE +#endif +#if (POLARSSL_VERSION_MINOR == 3) + #define POLARSSL_API_V1_3_ABOVE +#endif -#ifdef USE_POLARSSL -#define SSLI_ERROR_WANT_READ -0x0F300 /* PolarSSL uses -0x0f00 -> --0x0f90 */ +#define SSLI_ERROR_WANT_READ -0x0F300 /* PolarSSL v0.x.x uses -0x0f00 -> --0x0f90, v1.x.x uses -0x7080 -> -0x7e80 */ #define SSLI_ERROR_WANT_WRITE -0x0F310 -#define SSLI_ERROR_ZERO_RETURN POLARSSL_ERR_NET_CONN_RESET + +#define SSLI_ERROR_ZERO_RETURN 0 #define SSLI_ERROR_CONNRESET POLARSSL_ERR_NET_CONN_RESET #define SSLI_ERROR_SYSCALL POLARSSL_ERR_NET_RECV_FAILED typedef ssl_context SSL_handle_t; -#else +#elif defined(USE_GNUTLS) + +#include + +#define SSLI_ERROR_WANT_READ GNUTLS_E_AGAIN +#define SSLI_ERROR_WANT_WRITE GNUTLS_E_AGAIN +#define SSLI_ERROR_ZERO_RETURN GNUTLS_E_PREMATURE_TERMINATION +#define SSLI_ERROR_CONNRESET GNUTLS_E_PREMATURE_TERMINATION +#define SSLI_ERROR_SYSCALL GNUTLS_E_PREMATURE_TERMINATION + +typedef gnutls_session_t SSL_handle_t; + +#else /* OpenSSL */ +#include +#include #define SSLI_ERROR_WANT_READ SSL_ERROR_WANT_READ #define SSLI_ERROR_WANT_WRITE SSL_ERROR_WANT_WRITE @@ -66,6 +117,7 @@ typedef SSL SSL_handle_t; void SSLi_init(void); void SSLi_deinit(void); SSL_handle_t *SSLi_newconnection(int *fd, bool_t *SSLready); +bool_t SSLi_getSHA1Hash(SSL_handle_t *ssl, uint8_t *hash); void SSLi_closeconnection(SSL_handle_t *ssl); int SSLi_nonblockaccept(SSL_handle_t *ssl, bool_t *SSLready); int SSLi_read(SSL_handle_t *ssl, uint8_t *buf, int len); @@ -75,4 +127,25 @@ bool_t SSLi_data_pending(SSL_handle_t *ssl); void SSLi_shutdown(SSL_handle_t *ssl); void SSLi_free(SSL_handle_t *ssl); +static inline void SSLi_hash2hex(uint8_t *hash, char *out) +{ + int i, offset = 0; + for (i = 0; i < 20; i++) + offset += sprintf(out + offset, "%02x", hash[i]); +} + +static inline void SSLi_hex2hash(char *in, uint8_t *hash) +{ + int i; + char byte[3]; + int scanned; + + byte[2] = '\0'; + for (i = 0; i < 20; i++) { + memcpy(byte, &in[i * 2], 2); + sscanf(byte, "%02x", &scanned); + hash[i] = scanned; + } +} #endif +