From: Martin Johansson Date: Thu, 6 Oct 2011 10:55:31 +0000 (-0400) Subject: Merge remote-tracking branch 'phr0z3nt04st/master' X-Git-Url: http://git.code-monkey.de/?a=commitdiff_plain;h=4a60669fa1d85ec4644acaed84bad7ac8f79fdba;p=umurmur.git Merge remote-tracking branch 'phr0z3nt04st/master' Some stuff added to accomodate both v1.x.x and v0.x.x of PolarSSL. --- 4a60669fa1d85ec4644acaed84bad7ac8f79fdba diff --cc src/ssl.c index 92aaf02,354af85..ab953f3 --- a/src/ssl.c +++ b/src/ssl.c @@@ -45,8 -45,9 +45,7 @@@ #include #include #include - #include -#define CA_CRT_FILENAME "ca.crt" - int ciphers[] = { SSL_EDH_RSA_AES_256_SHA, @@@ -142,6 -172,6 +141,8 @@@ static void pssl_debug(void *ctx, int l void SSLi_init(void) { ++ char verstring[12]; ++ initCert(); if (builtInTestCertificate) { Log_warn("*** Using built-in test certificate and RSA key ***"); @@@ -151,7 -181,7 +152,13 @@@ else initKey(); havege_init(&hs); ++ ++#ifdef POLARSSL_VERSION_MAJOR ++ version_get_string(verstring); ++ Log_info("PolarSSL library version %s initialized", verstring); ++#else Log_info("PolarSSL library initialized"); ++#endif } void SSLi_deinit(void) @@@ -178,17 -208,18 +185,21 @@@ SSL_handle_t *SSLi_newconnection(int *f Log_fatal("Failed to initalize: %d", rc); ssl_set_endpoint(ssl, SSL_IS_SERVER); - ssl_set_authmode(ssl, SSL_VERIFY_OPTIONAL); + ssl_set_authmode(ssl, SSL_VERIFY_NONE); - ssl_set_rng(ssl, havege_rand, &hs); - ssl_set_dbg(ssl, pssl_debug, NULL); - ssl_set_bio(ssl, net_recv, fd, net_send, fd); + ssl_set_rng(ssl, havege_rand, &hs); + ssl_set_dbg(ssl, pssl_debug, NULL); + ssl_set_bio(ssl, net_recv, fd, net_send, fd); - ssl_set_ciphersuites(ssl, ciphers); ++#ifdef POLARSSL_API_V1 ++ ssl_set_ciphersuites(ssl, ciphers); ++#else + ssl_set_ciphers(ssl, ciphers); - ssl_set_session(ssl, 0, 0, ssn); ++#endif + ssl_set_session(ssl, 0, 0, ssn); - ssl_set_ca_chain(ssl, certificate.next, NULL, NULL); - ssl_set_own_cert(ssl, &certificate, &key); - ssl_set_dh_param(ssl, my_dhm_P, my_dhm_G); + ssl_set_own_cert(ssl, &certificate, &key); + ssl_set_dh_param(ssl, my_dhm_P, my_dhm_G); return ssl; } @@@ -199,7 -230,7 +210,11 @@@ int SSLi_nonblockaccept(SSL_handle_t *s rc = ssl_handshake(ssl); if (rc != 0) { ++#ifdef POLARSSL_API_V1 + if (rc == POLARSSL_ERR_NET_WANT_READ || rc == POLARSSL_ERR_NET_WANT_WRITE) { ++#else + if (rc == POLARSSL_ERR_NET_TRY_AGAIN) { ++#endif return 0; } else { Log_warn("SSL handshake failed: %d", rc); @@@ -213,8 -244,8 +228,13 @@@ int SSLi_read(SSL_handle_t *ssl, uint8_t *buf, int len) { int rc; ++ rc = ssl_read(ssl, buf, len); ++#ifdef POLARSSL_API_V1 + if (rc == POLARSSL_ERR_NET_WANT_READ) ++#else + if (rc == POLARSSL_ERR_NET_TRY_AGAIN) ++#endif return SSLI_ERROR_WANT_READ; return rc; } @@@ -222,8 -253,8 +242,13 @@@ int SSLi_write(SSL_handle_t *ssl, uint8_t *buf, int len) { int rc; ++ rc = ssl_write(ssl, buf, len); ++#ifdef POLARSSL_API_V1 + if (rc == POLARSSL_ERR_NET_WANT_WRITE) ++#else + if (rc == POLARSSL_ERR_NET_TRY_AGAIN) ++#endif return SSLI_ERROR_WANT_WRITE; return rc; } diff --cc src/ssl.h index 27920e4,27920e4..5629c4c --- a/src/ssl.h +++ b/src/ssl.h @@@ -38,7 -38,7 +38,19 @@@ #ifdef USE_POLARSSL #include ++#include ++ ++#ifndef POLARSSL_VERSION_MAJOR ++ #define POLARSSL_API_V0 ++#else ++#if (POLARSSL_VERSION_MAJOR == 0) ++ #define POLARSSL_API_V0 #else ++ #define POLARSSL_API_V1 ++#endif ++#endif ++ ++#else /* OpenSSL */ #include #include #endif @@@ -47,9 -47,9 +59,14 @@@ #include #ifdef USE_POLARSSL --#define SSLI_ERROR_WANT_READ -0x0F300 /* PolarSSL uses -0x0f00 -> --0x0f90 */ ++#define SSLI_ERROR_WANT_READ -0x0F300 /* PolarSSL v0.x.x uses -0x0f00 -> --0x0f90, v1.x.x uses -0x7080 -> -0x7e80 */ #define SSLI_ERROR_WANT_WRITE -0x0F310 ++ ++#ifdef POLARSSL_API_V1 ++#define SSLI_ERROR_ZERO_RETURN 0 ++#else #define SSLI_ERROR_ZERO_RETURN POLARSSL_ERR_NET_CONN_RESET ++#endif #define SSLI_ERROR_CONNRESET POLARSSL_ERR_NET_CONN_RESET #define SSLI_ERROR_SYSCALL POLARSSL_ERR_NET_RECV_FAILED