From: Jean-Marc Pigeon (Delson) Date: Wed, 7 Aug 2024 09:10:16 +0000 (-0400) Subject: Rename unissl to unitls X-Git-Tag: tag-0.4~14 X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=7e2ba3cd72bdef1367e9565d39025f587c05f76a;p=jmp%2Fmailleur Rename unissl to unitls --- diff --git a/lib/Makefile b/lib/Makefile index 86644be..4eb2505 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -20,7 +20,7 @@ OBJS= \ gestcp.o \ devsoc.o \ unieml.o \ - unipar.o uniprc.o unisig.o unissl.o \ + unipar.o uniprc.o unisig.o unitls.o \ subrou.o objs : $(OBJS) @@ -46,7 +46,7 @@ devsoc.o: \ subrou.h \ unieml.h \ uniprc.h \ - unissl.h \ + unitls.h \ devsoc.h devsoc.c unieml.o: \ @@ -64,9 +64,9 @@ unisig.o: \ subrou.h \ unisig.h unisig.c -unissl.o: \ +unitls.o: \ subrou.h \ - unissl.h unissl.c + unitls.h unitls.c subrou.o: \ subrou.h subrou.c diff --git a/lib/devsoc.c b/lib/devsoc.c index 9c3235f..c05cfa2 100644 --- a/lib/devsoc.c +++ b/lib/devsoc.c @@ -19,7 +19,7 @@ #include "subrou.h" #include "unieml.h" #include "uniprc.h" -#include "unissl.h" +#include "unitls.h" #include "devsoc.h" //Need to have GNU_SOURCE define within CFLAGS @@ -35,7 +35,7 @@ typedef struct { PROTYP proto; //Connexion protocol type int handle; //connexion handle _Bool modtls; //soc is in TLS mode - SSLTYP *ssl; //full TPS/SSL channel + TLSTYP *tls; //full TPS/SSL channel int maxcarin; //absolute number within carin char *EOL; //End of line marker int carin; //number of char within incpt; @@ -478,7 +478,7 @@ if (soc!=(SOCTYP *)0) { polling[0].revents=(short)0; switch (soc->modtls) { case true : - polling[0].fd=SSL_get_fd(soc->ssl->ssl); + polling[0].fd=SSL_get_fd(soc->tls->ssl); break; case false : polling[0].fd=soc->handle; @@ -573,7 +573,7 @@ soc=(SOCTYP *)socptr; if (soc!=(SOCTYP *)0) { switch (soc->modtls) { case true : - sent=ssl_write(soc->ssl,buffer,tosend); + sent=tls_write(soc->tls,buffer,tosend); break; case false : sent=send(soc->handle,buffer,tosend,0); @@ -608,7 +608,7 @@ if (soc!=(SOCTYP *)0) { buffer=soc->carpile+soc->carin; switch (soc->modtls) { case true : - got=ssl_read(soc->ssl,buffer,limit); + got=tls_read(soc->tls,buffer,limit); break; case false : got=recv(soc->handle,buffer,limit,MSG_DONTWAIT); @@ -711,11 +711,11 @@ while (proceed==true) { phase=999; break; case pro_smtps : //set secure socket - if ((newsoc->ssl=ssl_openssl(newsoc->handle,true))==(SSLTYP *)0) { + if ((newsoc->tls=tls_opentls(newsoc->handle,true))==(TLSTYP *)0) { newsoc=soc_release(newsoc); //trouble trouble break; } - (void) ssl_check_peer(newsoc->ssl); + (void) tls_check_peer(newsoc->tls); break; default : //undefined socket type??? (void) rou_alert(0,"%s, Undefined socket protocol='%d' (Bug?)", @@ -842,7 +842,7 @@ while (proceed==true) { } break; case 3 : //freeing the SSL contaxt - soc->ssl=ssl_closessl(soc->ssl); + soc->tls=tls_closetls(soc->tls); break; case 4 : //fee memory used by socket soc=freesocket(soc); @@ -881,10 +881,10 @@ if (mode!=modopen) { (void) rou_modesubrou(mode); (void) eml_modeunieml(mode); (void) prc_modeuniprc(mode); - (void) ssl_modeunissl(mode); + (void) tls_modeunitls(mode); break; case false : - (void) ssl_modeunissl(mode); + (void) tls_modeunitls(mode); (void) prc_modeuniprc(mode); (void) eml_modeunieml(mode); (void) rou_modesubrou(mode); diff --git a/lib/modrec.c b/lib/modrec.c index 4acf4b2..5e4b13a 100644 --- a/lib/modrec.c +++ b/lib/modrec.c @@ -229,7 +229,7 @@ _Bool proceed; childs=(pid_t)0; bindings=(SOCPTR **)0; bindings=soc_mkbindinf(bindings,pro_smtps,"192.219.254.70","1465",3); -//bindings=soc_mkbindinf(bindings,pro_smtp,"192.219.254.70","1025",3); +bindings=soc_mkbindinf(bindings,pro_smtp,"192.219.254.70","1025",3); //bindings=soc_mkbindinf(bindings,pro_smtp,"192.219.254.70","1587",3); nbrbind=rou_nbrlist((void **)bindings); phase=0; diff --git a/lib/subrou.c b/lib/subrou.c index 3ebaa7b..868e65f 100644 --- a/lib/subrou.c +++ b/lib/subrou.c @@ -20,7 +20,7 @@ //version definition #define VERSION "0.3" -#define RELEASE "27" +#define RELEASE "28" //Public variables PUBLIC int debug=0; //debug level diff --git a/lib/unissl.h b/lib/unissl.h deleted file mode 100644 index 156d179..0000000 --- a/lib/unissl.h +++ /dev/null @@ -1,41 +0,0 @@ -// vim: smarttab tabstop=8 shiftwidth=2 expandtab -/********************************************************/ -/* */ -/* Define all routine to manage SSL connexion */ -/* */ -/********************************************************/ -#ifndef UNISSL -#define UNISSL - -#include -#include - -typedef struct { - _Bool server; //SSL server/client mode - SSL_CTX *ctx; //SSL context - SSL *ssl; //SSL link - BIO *bio; //SSL Basic input output - }SSLTYP; - -//procedure to open an ssl channel -extern SSLTYP *ssl_openssl(int handle,_Bool server); - -//procedure to close an ssl channel -extern SSLTYP *ssl_closessl(SSLTYP *ssl); - -//write on the SSL channel -extern int ssl_write(SSLTYP *ssl,char *buffer,int tosend); - -//read from the SSL channel -extern int ssl_read(SSLTYP *ssl,char *buffer,int maxread); - -//check peer certificat -extern int ssl_check_peer(SSLTYP *ssl); - -//set socket as an ssl socket -extern SSL *ssl_setsocket(int handle,SSL_CTX *ctx); - -//homework to be done before starting/stopping module. -extern int ssl_modeunissl(_Bool mode); - -#endif diff --git a/lib/unissl.c b/lib/unitls.c similarity index 83% rename from lib/unissl.c rename to lib/unitls.c index 1f2d742..211de2f 100644 --- a/lib/unissl.c +++ b/lib/unitls.c @@ -10,7 +10,7 @@ #include #include "subrou.h" -#include "unissl.h" +#include "unitls.h" //alternate define SSL_CIPHER_LIST "ALL:!LOW" #define SSL_CIPHER_LIST "DEFAULT" @@ -45,10 +45,10 @@ while ((error=ERR_get_error())!=0) { /* fatal error found. */ /* */ /********************************************************/ -static _Bool showsslerror(SSLTYP *ssl,int sslerror,char *msg) +static _Bool showtlserror(TLSTYP *tls,int sslerror,char *msg) { -#define OPEP "unissl.c:showsslerror" +#define OPEP "unitls.c:showtlserror" _Bool good; good=true; @@ -63,9 +63,9 @@ if (sslerror<=0) { (void) showerrorstack(msg); break; default : - if (ssl->ssl==(SSL *)0) //in case of trouble + if (tls->ssl==(SSL *)0) //in case of trouble (void) rou_core_dump("%s Unexpected NULL SSL (Bug?)",OPEP); - code=SSL_get_error(ssl->ssl,sslerror); + code=SSL_get_error(tls->ssl,sslerror); (void) rou_alert(0,"JMPDBG err code='%d'",code); switch (code) { case SSL_ERROR_ZERO_RETURN : @@ -114,16 +114,16 @@ return good; /* Procedure to open an SSL channel */ /* */ /********************************************************/ -static SSLTYP *freessl(SSLTYP *ssl) +static TLSTYP *freetls(TLSTYP *tls) { -if (ssl!=(SSLTYP *)0) { - if (ssl->ctx!=(SSL_CTX *)0) - (void) SSL_CTX_free(ssl->ctx); - (void) free(ssl); - ssl=(SSLTYP *)0; +if (tls!=(TLSTYP *)0) { + if (tls->ctx!=(SSL_CTX *)0) + (void) SSL_CTX_free(tls->ctx); + (void) free(tls); + tls=(TLSTYP *)0; } -return ssl; +return tls; } /* ^L @@ -151,25 +151,25 @@ while (proceed==true) { switch (phase) { case 0 : //load CA trusted file if (SSL_CTX_use_certificate_chain_file(ctx,certpub[0])!=1) { - (void) showsslerror((SSLTYP *)0,0,"Get trusted file"); + (void) showtlserror((TLSTYP *)0,0,"Get trusted file"); phase=999; //no need to go furter } break; case 1 : //loading default CA verify dir if (SSL_CTX_set_default_verify_paths(ctx)==0) { - (void) showsslerror((SSLTYP *)0,0,"Get trusted file"); + (void) showtlserror((TLSTYP *)0,0,"Get trusted file"); phase=999; //no need to go furter } break; case 2 : //set certificate if (SSL_CTX_use_certificate_file(ctx,certpub[1],SSL_FILETYPE_PEM)!=1) { - (void) showsslerror((SSLTYP *)0,0,"Get local Certificate"); + (void) showtlserror((TLSTYP *)0,0,"Get local Certificate"); phase=999; //no need to go furter } break; case 3 : //set key if (SSL_CTX_use_PrivateKey_file(ctx,certpub[2],SSL_FILETYPE_PEM)!=1) { - (void) showsslerror((SSLTYP *)0,0,"Get Private Key"); + (void) showtlserror((TLSTYP *)0,0,"Get Private Key"); phase=999; } break; @@ -179,7 +179,7 @@ while (proceed==true) { (void) SSL_CTX_set_verify_depth(ctx,5); (void) SSL_CTX_set_options(ctx,SSL_OP_ALL); if (SSL_CTX_set_cipher_list(ctx,SSL_CIPHER_LIST)==0) { - (void) showsslerror((SSLTYP *)0,0,"set cipher list"); + (void) showtlserror((TLSTYP *)0,0,"set cipher list"); phase=999; } break; @@ -205,17 +205,17 @@ return done; /* Procedure to open an SSL channel */ /* */ /********************************************************/ -PUBLIC SSLTYP *ssl_openssl(int handle,_Bool server) +PUBLIC TLSTYP *tls_opentls(int handle,_Bool server) { -#define OPEP "unissl.c:ssl_openssl" +#define OPEP "unitls.c:tls_opentls" -SSLTYP *ssl; +TLSTYP *tls; const SSL_METHOD *(*tls_methode)(); int phase; _Bool proceed; -ssl=(SSLTYP *)0; +tls=(TLSTYP *)0; tls_methode=TLS_client_method; if (server==true) tls_methode=TLS_server_method; @@ -224,18 +224,18 @@ proceed=true; while (proceed==true) { switch (phase) { case 0 : //prepare the structure first; - ssl=(SSLTYP *)calloc(1,sizeof(SSLTYP)); - ssl->server=server; - if ((ssl->ctx=SSL_CTX_new(tls_methode()))==(SSL_CTX *)0) { - (void) showsslerror(ssl,0,"Get CTX"); - ssl=freessl(ssl); + tls=(TLSTYP *)calloc(1,sizeof(TLSTYP)); + tls->server=server; + if ((tls->ctx=SSL_CTX_new(tls_methode()))==(SSL_CTX *)0) { + (void) showtlserror(tls,0,"Get CTX"); + tls=freetls(tls); phase=999; //no need to go furter } break; case 1 : //set certificate if (server==true) { - if (set_server_certificate(ssl->ctx)==false) { - ssl=freessl(ssl); + if (set_server_certificate(tls->ctx)==false) { + tls=freetls(tls); phase=999; //trouble, trouble no need to go furter } } @@ -246,7 +246,7 @@ while (proceed==true) { } phase++; } -return ssl; +return tls; #undef OPEP } /* @@ -257,10 +257,10 @@ return ssl; /* Procedure to close an SSL channel */ /* */ /********************************************************/ -PUBLIC SSLTYP *ssl_closessl(SSLTYP *ssl) +PUBLIC TLSTYP *tls_closetls(TLSTYP *tls) { -return ssl; +return tls; } /* ^L @@ -272,15 +272,15 @@ return ssl; /* -1 if trouble. */ /* */ /********************************************************/ -PUBLIC int ssl_write(SSLTYP *ssl,char *buffer,int tosend) +PUBLIC int tls_write(TLSTYP *tls,char *buffer,int tosend) { int sent; sent=-1; -if (ssl!=(SSLTYP *)0) { - if ((sent=SSL_write(ssl->ssl,buffer,tosend))<=0) - (void) showsslerror(ssl,sent,"Trouble to send data"); +if (tls!=(TLSTYP *)0) { + if ((sent=SSL_write(tls->ssl,buffer,tosend))<=0) + (void) showtlserror(tls,sent,"Trouble to send data"); } return sent; } @@ -290,20 +290,20 @@ return sent; /********************************************************/ /* */ /* Procedure to read up to maxread character from */ -/* an ssl channel and store into a buffer. */ +/* an tls channel and store into a buffer. */ /* return the number of char read, or -1 if */ /* trouble. */ /* */ /********************************************************/ -PUBLIC int ssl_read(SSLTYP *ssl,char *buffer,int maxread) +PUBLIC int tls_read(TLSTYP *tls,char *buffer,int maxread) { int got; got=-1; -if (ssl!=(SSLTYP *)0) { - if ((got=SSL_read(ssl->ssl,buffer,maxread))<=0) - (void) showsslerror(ssl,got,"Trouble to read data"); +if (tls!=(TLSTYP *)0) { + if ((got=SSL_read(tls->ssl,buffer,maxread))<=0) + (void) showtlserror(tls,got,"Trouble to read data"); } return got; } @@ -317,10 +317,10 @@ return got; /* return -1if trouble, 0 otherwise */ /* */ /********************************************************/ -PUBLIC int ssl_check_peer(SSLTYP *ssl) +PUBLIC int tls_check_peer(TLSTYP *tls) { -#define OPEP "unissl.c:ssl_check_peer" +#define OPEP "unitls.c:tls_check_peer" int status; X509 *peer; @@ -335,19 +335,19 @@ while (proceed==true) { (void) printf("JMPDBG phase='%d', check peer\n",phase); switch (phase) { case 0 : //check SSL - if ((ssl==(SSLTYP *)0)||(ssl->ssl=(SSL *)0)) { + if ((tls==(TLSTYP *)0)||(tls->ssl=(SSL *)0)) { phase=999; //trouble trouble (Bug?) } break; case 1 : //get peer - if ((peer=SSL_get_peer_certificate(ssl->ssl))==(X509 *)0) { - (void) showsslerror(ssl,0,"Get peer Certificate"); + if ((peer=SSL_get_peer_certificate(tls->ssl))==(X509 *)0) { + (void) showtlserror(tls,0,"Get peer Certificate"); phase=999; //trouble trouble } break; case 2 : //is peer valid? - if (SSL_get_verify_result(ssl->ssl)!=X509_V_OK) { - (void) showsslerror(ssl,0,"Get Verify peer Certificate"); + if (SSL_get_verify_result(tls->ssl)!=X509_V_OK) { + (void) showtlserror(tls,0,"Get Verify peer Certificate"); phase=999; //trouble trouble } (void) X509_free(peer); @@ -374,10 +374,10 @@ return status; /* return an SSL pointer or a NULL pointer */ /* */ /********************************************************/ -PUBLIC SSL *ssl_setsocket(int handle,SSL_CTX *ctx) +PUBLIC SSL *tls_setsocket(int handle,SSL_CTX *ctx) { -#define OPEP "unissl.c:ssl_setsocket" +#define OPEP "unitls.c:tls_setsocket" SSL *ssl; int phase; @@ -429,7 +429,7 @@ return ssl; /* return zero if everything right */ /* */ /********************************************************/ -int ssl_modeunissl(_Bool mode) +int tls_modeunitls(_Bool mode) { #define OPEP "unidoc.c:soc_modeunisoc" diff --git a/lib/unitls.h b/lib/unitls.h new file mode 100644 index 0000000..aeb1d1a --- /dev/null +++ b/lib/unitls.h @@ -0,0 +1,42 @@ +// vim: smarttab tabstop=8 shiftwidth=2 expandtab +/********************************************************/ +/* */ +/* Define all routine to manage transport secure */ +/* layer. */ +/* */ +/********************************************************/ +#ifndef UNIUTL +#define UNIUTL + +#include +#include + +typedef struct { + _Bool server; //SSL server/client mode + SSL_CTX *ctx; //SSL context + SSL *ssl; //SSL link + BIO *bio; //SSL Basic input output + }TLSTYP; + +//procedure to open an tls channel +extern TLSTYP *tls_opentls(int handle,_Bool server); + +//procedure to close an tls channel +extern TLSTYP *tls_closetls(TLSTYP *tls); + +//write on the SSL channel +extern int tls_write(TLSTYP *tls,char *buffer,int tosend); + +//read from the SSL channel +extern int tls_read(TLSTYP *tls,char *buffer,int maxread); + +//check peer certificat +extern int tls_check_peer(TLSTYP *tls); + +//set socket as an tls socket +extern SSL *tls_setsocket(int handle,SSL_CTX *ctx); + +//homework to be done before starting/stopping module. +extern int tls_modeunitls(_Bool mode); + +#endif