Dillo v3.1.1-119-g140d9ebd
Loading...
Searching...
No Matches
tls_mbedtls.c File Reference
#include "config.h"
#include "../msg.h"
#include <assert.h>
#include <errno.h>
#include "../../dlib/dlib.h"
#include "../dialog.hh"
#include "../klist.h"
#include "iowatch.hh"
#include "tls.h"
#include "Url.h"
#include <mbedtls/platform.h>
#include <mbedtls/ssl.h>
#include <mbedtls/ctr_drbg.h>
#include <mbedtls/entropy.h>
#include <mbedtls/error.h>
#include <mbedtls/oid.h>
#include <mbedtls/x509.h>
#include <mbedtls/version.h>
#include <mbedtls/net.h>
Include dependency graph for tls_mbedtls.c:

Go to the source code of this file.

Macros

#define CERT_STATUS_NONE   0
 
#define CERT_STATUS_RECEIVING   1
 
#define CERT_STATUS_CLEAN   2
 
#define CERT_STATUS_BAD   3
 
#define CERT_STATUS_USER_ACCEPTED   4
 

Functions

static void Tls_handshake_cb (int fd, void *vconnkey)
 
static int Tls_fd_map_cmp (const void *v1, const void *v2)
 
static void Tls_fd_map_add_entry (int fd, int connkey)
 
static void Tls_fd_map_remove_entry (int fd)
 
void * a_Tls_mbedtls_connection (int fd)
 
static Conn_t * Tls_conn_new (int fd, const DilloUrl *url, mbedtls_ssl_context *ssl)
 
static int Tls_make_conn_key (Conn_t *conn)
 
static void Tls_load_certificates_from_file (const char *const filename)
 
static void Tls_load_certificates_from_path (const char *const pathname)
 
static void Tls_remove_duplicate_certificates ()
 
static void Tls_load_certificates ()
 
static void Tls_remove_psk_ciphersuites ()
 
const char * a_Tls_mbedtls_version (char *buf, int n)
 
void a_Tls_mbedtls_init (void)
 
static int Tls_servers_cmp (const void *v1, const void *v2)
 
static int Tls_servers_by_url_cmp (const void *v1, const void *v2)
 
int a_Tls_mbedtls_connect_ready (const DilloUrl *url)
 
static int Tls_cert_status (const DilloUrl *url)
 
static int Tls_user_said_no (const DilloUrl *url)
 
int a_Tls_mbedtls_certificate_is_clean (const DilloUrl *url)
 
static void Tls_cert_expired (const mbedtls_x509_crt *cert, Dstr *ds)
 
static void Tls_cert_cn_mismatch (const mbedtls_x509_crt *cert, Dstr *ds)
 
static void Tls_cert_trust_chain_failed (const mbedtls_x509_crt *cert, Dstr *ds)
 
static void Tls_cert_not_valid_yet (const mbedtls_x509_crt *cert, Dstr *ds)
 
static void Tls_cert_bad_hash (const mbedtls_x509_crt *cert, Dstr *ds)
 
static void Tls_cert_bad_pk_alg (const mbedtls_x509_crt *cert, Dstr *ds)
 
static void Tls_cert_bad_key (const mbedtls_x509_crt *cert, Dstr *ds)
 
static char * Tls_make_bad_cert_msg (const mbedtls_x509_crt *cert, uint32_t flags)
 
static int Tls_cert_auth_cmp (const void *v1, const void *v2)
 
static int Tls_cert_auth_cmp_by_name (const void *v1, const void *v2)
 
static void Tls_update_cert_authorities_data (const mbedtls_x509_crt *cert, Server_t *srv)
 
static int Tls_examine_certificate (mbedtls_ssl_context *ssl, Server_t *srv)
 
void a_Tls_mbedtls_reset_server_state (const DilloUrl *url)
 
static void Tls_close_by_key (int connkey)
 
static void Tls_fatal_error_msg (int error_type)
 
static void Tls_handshake (int fd, int connkey)
 
void a_Tls_mbedtls_connect (int fd, const DilloUrl *url)
 
int a_Tls_mbedtls_read (void *conn, void *buf, size_t len)
 
int a_Tls_mbedtls_write (void *conn, void *buf, size_t len)
 
void a_Tls_mbedtls_close_by_fd (int fd)
 
static void Tls_cert_authorities_print_summary ()
 
static void Tls_cert_authorities_freeall ()
 
static void Tls_servers_freeall ()
 
static void Tls_fd_map_remove_all ()
 
void a_Tls_mbedtls_freeall (void)
 

Variables

static Klist_tconn_list = NULL
 
static bool_t ssl_enabled = TRUE
 
static mbedtls_ssl_config ssl_conf
 
static mbedtls_x509_crt cacerts
 
static mbedtls_ctr_drbg_context ctr_drbg
 
static mbedtls_entropy_context entropy
 
static Dlistservers
 
static Dlistcert_authorities
 
static Dlistfd_map
 

Macro Definition Documentation

◆ CERT_STATUS_BAD

#define CERT_STATUS_BAD   3

Definition at line 57 of file tls_mbedtls.c.

◆ CERT_STATUS_CLEAN

#define CERT_STATUS_CLEAN   2

Definition at line 56 of file tls_mbedtls.c.

◆ CERT_STATUS_NONE

#define CERT_STATUS_NONE   0

Definition at line 54 of file tls_mbedtls.c.

◆ CERT_STATUS_RECEIVING

#define CERT_STATUS_RECEIVING   1

Definition at line 55 of file tls_mbedtls.c.

◆ CERT_STATUS_USER_ACCEPTED

#define CERT_STATUS_USER_ACCEPTED   4

Definition at line 58 of file tls_mbedtls.c.

Function Documentation

◆ a_Tls_mbedtls_certificate_is_clean()

int a_Tls_mbedtls_certificate_is_clean ( const DilloUrl url)

Definition at line 527 of file tls_mbedtls.c.

References CERT_STATUS_CLEAN, and Tls_cert_status().

Referenced by a_Tls_certificate_is_clean().

◆ a_Tls_mbedtls_close_by_fd()

void a_Tls_mbedtls_close_by_fd ( int  fd)

Definition at line 1151 of file tls_mbedtls.c.

References dList_find_custom(), fd_map, INT2VOIDP, Tls_close_by_key(), and Tls_fd_map_cmp().

Referenced by a_Tls_close_by_fd().

◆ a_Tls_mbedtls_connect()

void a_Tls_mbedtls_connect ( int  fd,
const DilloUrl url 
)

◆ a_Tls_mbedtls_connect_ready()

◆ a_Tls_mbedtls_connection()

void * a_Tls_mbedtls_connection ( int  fd)

Definition at line 153 of file tls_mbedtls.c.

References a_Klist_get_data(), conn_list, dList_find_custom(), fd_map, INT2VOIDP, and Tls_fd_map_cmp().

Referenced by a_Tls_connection().

◆ a_Tls_mbedtls_freeall()

void a_Tls_mbedtls_freeall ( void  )

◆ a_Tls_mbedtls_init()

void a_Tls_mbedtls_init ( void  )

◆ a_Tls_mbedtls_read()

int a_Tls_mbedtls_read ( void *  conn,
void *  buf,
size_t  len 
)

Definition at line 1116 of file tls_mbedtls.c.

References MSG.

Referenced by a_Tls_read().

◆ a_Tls_mbedtls_reset_server_state()

void a_Tls_mbedtls_reset_server_state ( const DilloUrl url)

◆ a_Tls_mbedtls_version()

const char * a_Tls_mbedtls_version ( char *  buf,
int  n 
)

Definition at line 358 of file tls_mbedtls.c.

Referenced by a_Tls_version().

◆ a_Tls_mbedtls_write()

int a_Tls_mbedtls_write ( void *  conn,
void *  buf,
size_t  len 
)

Definition at line 1140 of file tls_mbedtls.c.

References MSG.

Referenced by a_Tls_write().

◆ Tls_cert_auth_cmp()

static int Tls_cert_auth_cmp ( const void *  v1,
const void *  v2 
)
static

Definition at line 732 of file tls_mbedtls.c.

Referenced by Tls_update_cert_authorities_data().

◆ Tls_cert_auth_cmp_by_name()

static int Tls_cert_auth_cmp_by_name ( const void *  v1,
const void *  v2 
)
static

Definition at line 739 of file tls_mbedtls.c.

Referenced by Tls_update_cert_authorities_data().

◆ Tls_cert_authorities_freeall()

static void Tls_cert_authorities_freeall ( )
static

◆ Tls_cert_authorities_print_summary()

static void Tls_cert_authorities_print_summary ( )
static

◆ Tls_cert_bad_hash()

static void Tls_cert_bad_hash ( const mbedtls_x509_crt *  cert,
Dstr ds 
)
static

Definition at line 648 of file tls_mbedtls.c.

References dStr_sprintfa().

Referenced by Tls_make_bad_cert_msg().

◆ Tls_cert_bad_key()

static void Tls_cert_bad_key ( const mbedtls_x509_crt *  cert,
Dstr ds 
)
static

Definition at line 688 of file tls_mbedtls.c.

References dStr_sprintfa().

Referenced by Tls_make_bad_cert_msg().

◆ Tls_cert_bad_pk_alg()

static void Tls_cert_bad_pk_alg ( const mbedtls_x509_crt *  cert,
Dstr ds 
)
static

Definition at line 676 of file tls_mbedtls.c.

References dStr_sprintfa().

Referenced by Tls_make_bad_cert_msg().

◆ Tls_cert_cn_mismatch()

static void Tls_cert_cn_mismatch ( const mbedtls_x509_crt *  cert,
Dstr ds 
)
static

Definition at line 583 of file tls_mbedtls.c.

References dStr_append(), and dStr_sprintfa().

Referenced by Tls_make_bad_cert_msg().

◆ Tls_cert_expired()

static void Tls_cert_expired ( const mbedtls_x509_crt *  cert,
Dstr ds 
)
static

Definition at line 571 of file tls_mbedtls.c.

References dStr_sprintfa().

Referenced by Tls_make_bad_cert_msg().

◆ Tls_cert_not_valid_yet()

static void Tls_cert_not_valid_yet ( const mbedtls_x509_crt *  cert,
Dstr ds 
)
static

Definition at line 635 of file tls_mbedtls.c.

References dStr_sprintfa().

Referenced by Tls_make_bad_cert_msg().

◆ Tls_cert_status()

static int Tls_cert_status ( const DilloUrl url)
static

◆ Tls_cert_trust_chain_failed()

static void Tls_cert_trust_chain_failed ( const mbedtls_x509_crt *  cert,
Dstr ds 
)
static

Definition at line 618 of file tls_mbedtls.c.

References dStr_sprintfa().

Referenced by Tls_make_bad_cert_msg().

◆ Tls_close_by_key()

static void Tls_close_by_key ( int  connkey)
static

◆ Tls_conn_new()

static Conn_t * Tls_conn_new ( int  fd,
const DilloUrl url,
mbedtls_ssl_context *  ssl 
)
static

Definition at line 170 of file tls_mbedtls.c.

References a_Url_dup(), dNew0, and TRUE.

Referenced by a_Tls_mbedtls_connect().

◆ Tls_examine_certificate()

static int Tls_examine_certificate ( mbedtls_ssl_context *  ssl,
Server_t *  srv 
)
static

◆ Tls_fatal_error_msg()

static void Tls_fatal_error_msg ( int  error_type)
static

Definition at line 884 of file tls_mbedtls.c.

References errmsg(), and MSG_WARN.

Referenced by Tls_handshake().

◆ Tls_fd_map_add_entry()

static void Tls_fd_map_add_entry ( int  fd,
int  connkey 
)
static

Definition at line 118 of file tls_mbedtls.c.

References dList_append(), dList_find_custom(), dNew0, fd_map, INT2VOIDP, MSG_ERR, and Tls_fd_map_cmp().

Referenced by Tls_make_conn_key().

◆ Tls_fd_map_cmp()

static int Tls_fd_map_cmp ( const void *  v1,
const void *  v2 
)
static

◆ Tls_fd_map_remove_all()

static void Tls_fd_map_remove_all ( void  )
static

Definition at line 1238 of file tls_mbedtls.c.

References dFree(), dList_free(), dList_length(), dList_nth_data(), and fd_map.

Referenced by a_Tls_mbedtls_freeall().

◆ Tls_fd_map_remove_entry()

static void Tls_fd_map_remove_entry ( int  fd)
static

Definition at line 136 of file tls_mbedtls.c.

References dFree(), dList_find_custom(), dList_remove_fast(), fd_map, INT2VOIDP, MSG, and Tls_fd_map_cmp().

Referenced by Tls_close_by_key().

◆ Tls_handshake()

◆ Tls_handshake_cb()

static void Tls_handshake_cb ( int  fd,
void *  vconnkey 
)
static

Definition at line 1065 of file tls_mbedtls.c.

References Tls_handshake(), and VOIDP2INT.

Referenced by Tls_handshake().

◆ Tls_load_certificates()

static void Tls_load_certificates ( void  )
static

◆ Tls_load_certificates_from_file()

static void Tls_load_certificates_from_file ( const char *const  filename)
static

Definition at line 193 of file tls_mbedtls.c.

References cacerts, and MSG.

Referenced by Tls_load_certificates().

◆ Tls_load_certificates_from_path()

static void Tls_load_certificates_from_path ( const char *const  pathname)
static

Definition at line 210 of file tls_mbedtls.c.

References cacerts, and MSG.

Referenced by Tls_load_certificates().

◆ Tls_make_bad_cert_msg()

static char * Tls_make_bad_cert_msg ( const mbedtls_x509_crt *  cert,
uint32_t  flags 
)
static

◆ Tls_make_conn_key()

static int Tls_make_conn_key ( Conn_t *  conn)
static

Definition at line 181 of file tls_mbedtls.c.

References a_Klist_insert(), conn_list, and Tls_fd_map_add_entry().

Referenced by a_Tls_mbedtls_connect().

◆ Tls_remove_duplicate_certificates()

static void Tls_remove_duplicate_certificates ( )
static

Definition at line 227 of file tls_mbedtls.c.

References cacerts, and dFree().

Referenced by Tls_load_certificates().

◆ Tls_remove_psk_ciphersuites()

static void Tls_remove_psk_ciphersuites ( )
static

Definition at line 324 of file tls_mbedtls.c.

References dNew, and ssl_conf.

Referenced by a_Tls_mbedtls_init().

◆ Tls_servers_by_url_cmp()

static int Tls_servers_by_url_cmp ( const void *  v1,
const void *  v2 
)
static

◆ Tls_servers_cmp()

static int Tls_servers_cmp ( const void *  v1,
const void *  v2 
)
static

Definition at line 450 of file tls_mbedtls.c.

References dStrAsciiCasecmp().

Referenced by a_Tls_mbedtls_connect_ready().

◆ Tls_servers_freeall()

static void Tls_servers_freeall ( void  )
static

Definition at line 1223 of file tls_mbedtls.c.

References dFree(), dList_free(), dList_length(), dList_nth_data(), and servers.

Referenced by a_Tls_mbedtls_freeall().

◆ Tls_update_cert_authorities_data()

static void Tls_update_cert_authorities_data ( const mbedtls_x509_crt *  cert,
Server_t *  srv 
)
static

◆ Tls_user_said_no()

static int Tls_user_said_no ( const DilloUrl url)
static

Definition at line 518 of file tls_mbedtls.c.

References CERT_STATUS_BAD, and Tls_cert_status().

Referenced by a_Tls_mbedtls_connect().

Variable Documentation

◆ cacerts

◆ cert_authorities

◆ conn_list

Klist_t* conn_list = NULL
static

◆ ctr_drbg

mbedtls_ctr_drbg_context ctr_drbg
static

Definition at line 92 of file tls_mbedtls.c.

Referenced by a_Tls_mbedtls_init().

◆ entropy

mbedtls_entropy_context entropy
static

Definition at line 93 of file tls_mbedtls.c.

Referenced by a_Tls_mbedtls_init().

◆ fd_map

◆ servers

◆ ssl_conf

mbedtls_ssl_config ssl_conf
static

◆ ssl_enabled

bool_t ssl_enabled = TRUE
static