#include "config.h"#include "../msg.h"#include <assert.h>#include <sys/stat.h>#include <sys/types.h>#include <ctype.h>#include <stdio.h>#include <errno.h>#include "../../dlib/dlib.h"#include "../dialog.hh"#include "../klist.h"#include "iowatch.hh"#include "tls.h"#include "Url.h"#include <openssl/ssl.h>#include <openssl/rand.h>#include <openssl/err.h>#include <openssl/x509v3.h>#include <openssl/crypto.h>
Go to the source code of this file.
Macros | |
| #define | CERT_STATUS_NONE 0 |
| #define | CERT_STATUS_RECEIVING 1 |
| #define | CERT_STATUS_CLEAN 2 |
| #define | CERT_STATUS_BAD 3 |
| #define | CERT_STATUS_USER_ACCEPTED 4 |
| #define | ASTERISK_EXCLUDES_DOT /* mandated by rfc2818 */ |
Functions | |
| static void | Tls_connect_cb (int fd, void *vconnkey) |
| static int | Tls_fd_map_cmp (const void *v1, const void *v2) |
| static void | Tls_fd_map_add_entry (int fd, int connkey) |
| static void | Tls_fd_map_remove_entry (int fd) |
| void * | a_Tls_openssl_connection (int fd) |
| static int | Tls_conn_new (int fd, const DilloUrl *url, SSL *ssl) |
| static void | Tls_info_cb (const SSL *ssl, int where, int ret) |
| static void | Tls_load_certificates (void) |
| void | a_Tls_openssl_init (void) |
| static int | Tls_save_certificate_home (X509 *cert) |
| static int | Tls_servers_cmp (const void *v1, const void *v2) |
| static int | Tls_servers_by_url_cmp (const void *v1, const void *v2) |
| int | a_Tls_openssl_connect_ready (const DilloUrl *url) |
| static int | Tls_cert_status (const DilloUrl *url) |
| static int | Tls_user_said_no (const DilloUrl *url) |
| int | a_Tls_openssl_certificate_is_clean (const DilloUrl *url) |
| static bool_t | Tls_check_cert_strength (SSL *ssl, Server_t *srv, int *choice) |
| static bool_t | pattern_match (const char *pattern, const char *string) |
| static bool_t | Tls_check_cert_hostname (X509 *cert, const char *host, int *choice) |
| static X509 * | Tls_get_end_of_chain (SSL *ssl) |
| static void | Tls_get_issuer_name (X509 *cert, char *buf, uint_t buflen) |
| static void | Tls_get_expiration_str (X509 *cert, char *buf, uint_t buflen) |
| static int | Tls_examine_certificate (SSL *ssl, Server_t *srv) |
| void | a_Tls_openssl_reset_server_state (const DilloUrl *url) |
| static void | Tls_close_by_key (int connkey) |
| static void | Tls_connect (int fd, int connkey) |
| void | a_Tls_openssl_connect (int fd, const DilloUrl *url) |
| static int | Tls_handle_error (Conn_t *conn, int ret, const char *where) |
| int | a_Tls_openssl_read (void *conn, void *buf, size_t len) |
| int | a_Tls_openssl_write (void *conn, void *buf, size_t len) |
| void | a_Tls_openssl_close_by_fd (int fd) |
| static void | Tls_servers_freeall (void) |
| static void | Tls_fd_map_remove_all (void) |
| void | a_Tls_openssl_freeall (void) |
Variables | |
| static Klist_t * | conn_list = NULL |
| static SSL_CTX * | ssl_context |
| static Dlist * | servers |
| static Dlist * | fd_map |
Macro Definition Documentation
◆ ASTERISK_EXCLUDES_DOT
| #define ASTERISK_EXCLUDES_DOT /* mandated by rfc2818 */ |
Definition at line 537 of file tls_openssl.c.
◆ CERT_STATUS_BAD
| #define CERT_STATUS_BAD 3 |
Definition at line 61 of file tls_openssl.c.
◆ CERT_STATUS_CLEAN
| #define CERT_STATUS_CLEAN 2 |
Definition at line 60 of file tls_openssl.c.
◆ CERT_STATUS_NONE
| #define CERT_STATUS_NONE 0 |
Definition at line 58 of file tls_openssl.c.
◆ CERT_STATUS_RECEIVING
| #define CERT_STATUS_RECEIVING 1 |
Definition at line 59 of file tls_openssl.c.
◆ CERT_STATUS_USER_ACCEPTED
| #define CERT_STATUS_USER_ACCEPTED 4 |
Definition at line 62 of file tls_openssl.c.
Function Documentation
◆ a_Tls_openssl_certificate_is_clean()
| int a_Tls_openssl_certificate_is_clean | ( | const DilloUrl * | url | ) |
Definition at line 424 of file tls_openssl.c.
References CERT_STATUS_CLEAN, and Tls_cert_status().
Referenced by a_Tls_certificate_is_clean().
◆ a_Tls_openssl_close_by_fd()
| void a_Tls_openssl_close_by_fd | ( | int | fd | ) |
Definition at line 1331 of file tls_openssl.c.
References dList_find_custom(), fd_map, INT2VOIDP, Tls_close_by_key(), and Tls_fd_map_cmp().
Referenced by a_Tls_close_by_fd().
◆ a_Tls_openssl_connect()
| void a_Tls_openssl_connect | ( | int | fd, |
| const DilloUrl * | url | ||
| ) |
Definition at line 1209 of file tls_openssl.c.
References a_Http_connect_done(), a_Tls_openssl_reset_server_state(), a_Url_host_type(), FALSE, MSG, ssl_context, Tls_conn_new(), Tls_connect(), Tls_user_said_no(), TRUE, URL_HOST, and URL_HOST_NAME.
Referenced by a_Tls_connect().
◆ a_Tls_openssl_connect_ready()
| int a_Tls_openssl_connect_ready | ( | const DilloUrl * | url | ) |
Definition at line 377 of file tls_openssl.c.
References CERT_STATUS_BAD, CERT_STATUS_NONE, CERT_STATUS_RECEIVING, dList_find_sorted(), dList_insert_sorted(), dNew, dStrdup(), servers, ssl_context, TLS_CONNECT_NEVER, TLS_CONNECT_NOT_YET, TLS_CONNECT_READY, Tls_servers_by_url_cmp(), Tls_servers_cmp(), URL_HOST, and URL_PORT.
Referenced by a_Tls_connect_ready().
◆ a_Tls_openssl_connection()
| void * a_Tls_openssl_connection | ( | int | fd | ) |
Definition at line 145 of file tls_openssl.c.
References a_Klist_get_data(), conn_list, dList_find_custom(), fd_map, INT2VOIDP, and Tls_fd_map_cmp().
Referenced by a_Tls_connection().
◆ a_Tls_openssl_freeall()
| void a_Tls_openssl_freeall | ( | void | ) |
Definition at line 1373 of file tls_openssl.c.
References ssl_context, Tls_fd_map_remove_all(), and Tls_servers_freeall().
Referenced by a_Tls_freeall().
◆ a_Tls_openssl_init()
| void a_Tls_openssl_init | ( | void | ) |
Definition at line 252 of file tls_openssl.c.
References dList_new(), fd_map, MSG, MSG_ERR, servers, ssl_context, Tls_info_cb(), and Tls_load_certificates().
Referenced by a_Tls_init().
◆ a_Tls_openssl_read()
| int a_Tls_openssl_read | ( | void * | conn, |
| void * | buf, | ||
| size_t | len | ||
| ) |
Definition at line 1316 of file tls_openssl.c.
References Tls_handle_error().
Referenced by a_Tls_read().
◆ a_Tls_openssl_reset_server_state()
| void a_Tls_openssl_reset_server_state | ( | const DilloUrl * | url | ) |
Definition at line 1036 of file tls_openssl.c.
References CERT_STATUS_NONE, CERT_STATUS_RECEIVING, dList_find_sorted(), servers, and Tls_servers_by_url_cmp().
Referenced by a_Tls_openssl_connect(), a_Tls_reset_server_state(), and Tls_close_by_key().
◆ a_Tls_openssl_write()
| int a_Tls_openssl_write | ( | void * | conn, |
| void * | buf, | ||
| size_t | len | ||
| ) |
Definition at line 1325 of file tls_openssl.c.
References Tls_handle_error().
Referenced by a_Tls_write().
◆ pattern_match()
|
static |
Definition at line 553 of file tls_openssl.c.
References FALSE, pattern_match(), and TRUE.
Referenced by pattern_match(), and Tls_check_cert_hostname().
◆ Tls_cert_status()
|
static |
Definition at line 404 of file tls_openssl.c.
References CERT_STATUS_NONE, dList_find_sorted(), servers, and Tls_servers_by_url_cmp().
Referenced by a_Tls_openssl_certificate_is_clean(), and Tls_user_said_no().
◆ Tls_check_cert_hostname()
|
static |
Definition at line 586 of file tls_openssl.c.
References a_Dialog_choice(), dFree(), dStr_free(), dStr_new(), dStr_sprintf(), dStr_sprintfa(), dStrconcat(), FALSE, pattern_match(), Dstr::str, and TRUE.
Referenced by Tls_examine_certificate().
◆ Tls_check_cert_strength()
|
static |
Definition at line 439 of file tls_openssl.c.
References a_Dialog_choice(), CERT_STATUS_RECEIVING, FALSE, MSG, MSG_WARN, and TRUE.
Referenced by Tls_examine_certificate().
◆ Tls_close_by_key()
|
static |
Definition at line 1049 of file tls_openssl.c.
References a_IOwatch_remove_fd(), a_Klist_get_data(), a_Klist_remove(), a_Tls_openssl_reset_server_state(), a_Url_free(), conn_list, dClose(), dFree(), MSG, Tls_fd_map_remove_entry(), and URL_STR.
Referenced by a_Tls_openssl_close_by_fd(), and Tls_connect().
◆ Tls_conn_new()
|
static |
Definition at line 162 of file tls_openssl.c.
References a_Klist_insert(), a_Url_dup(), conn_list, dNew0, FALSE, Tls_fd_map_add_entry(), and TRUE.
Referenced by a_Tls_openssl_connect().
◆ Tls_connect()
|
static |
Definition at line 1080 of file tls_openssl.c.
References _MSG, a_Http_connect_done(), a_IOwatch_add_fd(), a_IOwatch_remove_fd(), a_Klist_get_data(), CERT_STATUS_RECEIVING, CERT_STATUS_USER_ACCEPTED, conn_list, DIO_READ, DIO_WRITE, dList_find_sorted(), dStrerror, failed, FALSE, INT2VOIDP, MSG, MSG_ERR, servers, Tls_close_by_key(), Tls_connect_cb(), Tls_examine_certificate(), Tls_servers_by_url_cmp(), TRUE, and URL_AUTHORITY.
Referenced by a_Tls_openssl_connect(), and Tls_connect_cb().
◆ Tls_connect_cb()
|
static |
Definition at line 1201 of file tls_openssl.c.
References Tls_connect(), and VOIDP2INT.
Referenced by Tls_connect().
◆ Tls_examine_certificate()
|
static |
Definition at line 816 of file tls_openssl.c.
References a_Dialog_choice(), CERT_STATUS_BAD, CERT_STATUS_CLEAN, CERT_STATUS_USER_ACCEPTED, dFree(), dStrconcat(), Tls_check_cert_hostname(), Tls_check_cert_strength(), Tls_get_end_of_chain(), Tls_get_expiration_str(), Tls_get_issuer_name(), and Tls_save_certificate_home().
Referenced by Tls_connect().
◆ Tls_fd_map_add_entry()
|
static |
Definition at line 110 of file tls_openssl.c.
References dList_append(), dList_find_custom(), dNew0, fd_map, INT2VOIDP, MSG_ERR, and Tls_fd_map_cmp().
Referenced by Tls_conn_new().
◆ Tls_fd_map_cmp()
|
static |
Definition at line 102 of file tls_openssl.c.
References VOIDP2INT.
Referenced by a_Tls_openssl_close_by_fd(), a_Tls_openssl_connection(), Tls_fd_map_add_entry(), and Tls_fd_map_remove_entry().
◆ Tls_fd_map_remove_all()
|
static |
Definition at line 1356 of file tls_openssl.c.
References dFree(), dList_free(), dList_length(), dList_nth_data(), and fd_map.
Referenced by a_Tls_openssl_freeall().
◆ Tls_fd_map_remove_entry()
|
static |
Definition at line 128 of file tls_openssl.c.
References dFree(), dList_find_custom(), dList_remove_fast(), fd_map, INT2VOIDP, MSG, and Tls_fd_map_cmp().
Referenced by Tls_close_by_key().
◆ Tls_get_end_of_chain()
|
static |
Definition at line 778 of file tls_openssl.c.
Referenced by Tls_examine_certificate().
◆ Tls_get_expiration_str()
|
static |
Definition at line 795 of file tls_openssl.c.
Referenced by Tls_examine_certificate().
◆ Tls_get_issuer_name()
|
static |
Definition at line 785 of file tls_openssl.c.
Referenced by Tls_examine_certificate().
◆ Tls_handle_error()
|
static |
Definition at line 1273 of file tls_openssl.c.
Referenced by a_Tls_openssl_read(), and a_Tls_openssl_write().
◆ Tls_info_cb()
|
static |
◆ Tls_load_certificates()
|
static |
Definition at line 202 of file tls_openssl.c.
References dFree(), dGethomedir(), dStrconcat(), and ssl_context.
Referenced by a_Tls_openssl_init().
◆ Tls_save_certificate_home()
|
static |
Definition at line 301 of file tls_openssl.c.
References dGethomedir(), and MSG.
Referenced by Tls_examine_certificate().
◆ Tls_servers_by_url_cmp()
|
static |
Definition at line 358 of file tls_openssl.c.
References dStrAsciiCasecmp(), URL_HOST, and URL_PORT.
Referenced by a_Tls_openssl_connect_ready(), a_Tls_openssl_reset_server_state(), Tls_cert_status(), and Tls_connect().
◆ Tls_servers_cmp()
|
static |
Definition at line 346 of file tls_openssl.c.
References dStrAsciiCasecmp().
Referenced by a_Tls_openssl_connect_ready().
◆ Tls_servers_freeall()
|
static |
Definition at line 1341 of file tls_openssl.c.
References dFree(), dList_free(), dList_length(), dList_nth_data(), and servers.
Referenced by a_Tls_openssl_freeall().
◆ Tls_user_said_no()
|
static |
Definition at line 415 of file tls_openssl.c.
References CERT_STATUS_BAD, and Tls_cert_status().
Referenced by a_Tls_openssl_connect().
Variable Documentation
◆ conn_list
|
static |
Definition at line 88 of file tls_openssl.c.
Referenced by a_Tls_openssl_connection(), Tls_close_by_key(), Tls_conn_new(), and Tls_connect().
◆ fd_map
|
static |
Definition at line 95 of file tls_openssl.c.
Referenced by a_Tls_openssl_close_by_fd(), a_Tls_openssl_connection(), a_Tls_openssl_init(), Tls_fd_map_add_entry(), Tls_fd_map_remove_all(), and Tls_fd_map_remove_entry().
◆ servers
|
static |
Definition at line 94 of file tls_openssl.c.
Referenced by a_Tls_openssl_connect_ready(), a_Tls_openssl_init(), a_Tls_openssl_reset_server_state(), Tls_cert_status(), Tls_connect(), and Tls_servers_freeall().
◆ ssl_context
|
static |
Definition at line 93 of file tls_openssl.c.
Referenced by a_Tls_openssl_connect(), a_Tls_openssl_connect_ready(), a_Tls_openssl_freeall(), a_Tls_openssl_init(), and Tls_load_certificates().
