commons-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mt...@apache.org
Subject svn commit: r1166827 - in /commons/sandbox/runtime/trunk/src/main/native: include/acr/ssl.h modules/openssl/init.c modules/openssl/password.c modules/openssl/util.c
Date Thu, 08 Sep 2011 17:59:14 GMT
Author: mturk
Date: Thu Sep  8 17:59:14 2011
New Revision: 1166827

URL: http://svn.apache.org/viewvc?rev=1166827&view=rev
Log:
Use the same function namimg rules like with mod_ssl

Modified:
    commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c
    commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c

Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h?rev=1166827&r1=1166826&r2=1166827&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h Thu Sep  8 17:59:14 2011
@@ -201,7 +201,7 @@
                                 "In order to read them you have to provide the pass phrases.\n"
        \
                                 "Enter password :"
 
-extern void *ACRSSL_temp_keys[SSL_TMP_KEY_MAX];
+extern void *acr_ssl_temp_keys[SSL_TMP_KEY_MAX];
 
 typedef struct ssl_pkc_t {
     /* client can have any number of cert/key pairs */
@@ -218,7 +218,7 @@ typedef struct ssl_pass_cb_t {
 /* Default password callback that
  * directly prompts the console
  */
-extern ssl_pass_cb_t *ACRSSL_password_cb;
+extern ssl_pass_cb_t *acr_ssl_password_cb;
 
 /* Server context */
 typedef struct acr_ssl_ctxt_t {
@@ -261,8 +261,8 @@ typedef struct acr_ssl_ctxt_t {
     
 } acr_ssl_ctxt_t;
 
-#define ACRSSL_CTX_get_extra_certs(ctx)        ((ctx)->extra_certs)
-#define ACRSSL_CTX_set_extra_certs(ctx, value)  \
+#define ssl_ctx_get_extra_certs(ctx)        ((ctx)->extra_certs)
+#define ssl_ctx_set_extra_certs(ctx, value)     \
     do {                                        \
         (ctx)->extra_certs = (value);           \
     } while (0)
@@ -271,22 +271,21 @@ typedef struct acr_ssl_ctxt_t {
 /**
  *  Additional Functions
  */
-void        ACRSSL_init_app_data2_idx(void);
-void       *ACRSSL_get_app_data2(SSL *);
-void        ACRSSL_set_app_data2(SSL *, void *);
-int         ACRSSL_password_prompt(ssl_pass_cb_t *);
-int         ACRSSL_password_callback(char *, int, int, void *);
-void        ACRSSL_BIO_close(BIO *);
-void        ACRSSL_BIO_doref(BIO *);
-DH         *ACRSSL_dh_get_tmp_param(int);
-DH         *ACRSSL_dh_get_param_from_file(const char *);
-RSA        *ACRSSL_callback_tmp_RSA(SSL *, int, int);
-DH         *ACRSSL_callback_tmp_DH(SSL *, int, int);
-void        ACRSSL_callback_handshake(const SSL *, int, int);
-void        ACRSSL_vhost_algo_id(const unsigned char *, unsigned char *, int);
-int         ACRSSL_CTX_use_certificate_chain(SSL_CTX *, const char *, int);
-int         ACRSSL_callback_SSL_verify(int, X509_STORE_CTX *);
-int         ACRSSL_rand_seed(const char *file);
+void        ssl_init_app_data2_idx(void);
+void       *ssl_get_app_data2(SSL *);
+void        ssl_set_app_data2(SSL *, void *);
+int         ssl_password_callback(char *, int, int, void *);
+void        ssl_BIO_close(BIO *);
+void        ssl_BIO_doref(BIO *);
+DH         *ssl_dh_get_tmp_param(int);
+DH         *ssl_dh_get_param_from_file(const char *);
+RSA        *ssl_callback_tmp_RSA(SSL *, int, int);
+DH         *ssl_callback_tmp_DH(SSL *, int, int);
+void        ssl_callback_handshake(const SSL *, int, int);
+void        ssl_vhost_algo_id(const unsigned char *, unsigned char *, int);
+int         ssl_ctx_use_certificate_chain(SSL_CTX *, const char *, int);
+int         ssl_callback_SSL_verify(int, X509_STORE_CTX *);
+int         ssl_rand_seed(const char *file);
 
 #endif
 #endif /* _ACR_SSL_H_ */

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c?rev=1166827&r1=1166826&r2=1166827&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c Thu Sep  8 17:59:14
2011
@@ -27,7 +27,7 @@
 #error "Cannot compile this file without HAVE_OPENSSL defined"
 #endif
 
-void *ACRSSL_temp_keys[SSL_TMP_KEY_MAX];
+void *acr_ssl_temp_keys[SSL_TMP_KEY_MAX];
 static char ssl_global_rand_file[PATH_MAX] = { 0 };
 
 /* Dynamic lock structure */
@@ -42,9 +42,9 @@ struct CRYPTO_dynlock_value {
  */
 
 #define SSL_TMP_KEY_FREE(type, idx)                     \
-    if (ACRSSL_temp_keys[idx]) {                        \
-        type##_free((type *)ACRSSL_temp_keys[idx]);     \
-        ACRSSL_temp_keys[idx] = 0;                      \
+    if (acr_ssl_temp_keys[idx]) {                       \
+        type##_free((type *)acr_ssl_temp_keys[idx]);    \
+        acr_ssl_temp_keys[idx] = 0;                     \
     } else (void)(0)
 
 #define SSL_TMP_KEYS_FREE(type) \
@@ -60,8 +60,8 @@ struct CRYPTO_dynlock_value {
     ssl_tmp_key_init_dh(bits, SSL_TMP_KEY_DH_##bits)
 
 #define SSL_TMP_KEYS_INIT(R)                            \
-    ACRSSL_temp_keys[SSL_TMP_KEY_RSA_2048] = 0;         \
-    ACRSSL_temp_keys[SSL_TMP_KEY_RSA_4096] = 0;         \
+    acr_ssl_temp_keys[SSL_TMP_KEY_RSA_2048] = 0;        \
+    acr_ssl_temp_keys[SSL_TMP_KEY_RSA_4096] = 0;        \
     R |= SSL_TMP_KEY_INIT_RSA(512);                     \
     R |= SSL_TMP_KEY_INIT_RSA(1024);                    \
     R |= SSL_TMP_KEY_INIT_DH(512);                      \
@@ -71,7 +71,7 @@ struct CRYPTO_dynlock_value {
 
 static int ssl_tmp_key_init_rsa(int bits, int idx)
 {
-    if ((ACRSSL_temp_keys[idx] = RSA_generate_key(bits, RSA_F4, 0, 0)) == 0)
+    if ((acr_ssl_temp_keys[idx] = RSA_generate_key(bits, RSA_F4, 0, 0)) == 0)
         return 1;
     else
         return 0;
@@ -79,7 +79,7 @@ static int ssl_tmp_key_init_rsa(int bits
 
 static int ssl_tmp_key_init_dh(int bits, int idx)
 {
-    if ((ACRSSL_temp_keys[idx] = ACRSSL_dh_get_tmp_param(bits)) == 0)
+    if ((acr_ssl_temp_keys[idx] = ssl_dh_get_tmp_param(bits)) == 0)
         return 1;
     else
         return 0;
@@ -223,7 +223,7 @@ static int ssl_rand_load_file(const char
     return -1;
 }
 
-int ACRSSL_rand_seed(const char *file)
+int ssl_rand_seed(const char *file)
 {
     unsigned char stackdata[256];
     static volatile unsigned int counter = 0;
@@ -264,7 +264,7 @@ ACR_SSL_EXPORT(jint, Library, init0)(JNI
 
     if (ssl_initialized != 0)
         return 0;
-    memset(&ACRSSL_password_cb, 0, sizeof(ssl_pass_cb_t));
+    memset(&acr_ssl_password_cb, 0, sizeof(ssl_pass_cb_t));
     /* We must register the library in full, to ensure our configuration
      * code can successfully test the SSL environment.
      */
@@ -300,7 +300,7 @@ ACR_SSL_EXPORT(jint, Library, init0)(JNI
     CRYPTO_set_dynlock_destroy_callback(ssl_dynlock_destroy);
 
     /* For SSL_get_app_data2() at request time */
-    ACRSSL_init_app_data2_idx();
+    ssl_init_app_data2_idx();
     SSL_TMP_KEYS_INIT(rc);
     if (rc != 0) {
         /* One of the inits failed
@@ -374,14 +374,14 @@ ACR_SSL_EXPORT(jboolean, Random, seed0)(
      * low entropy seed.
      */
     WITH_CSTR(file) {
-        rc = ACRSSL_rand_seed(J2S(file));
+        rc = ssl_rand_seed(J2S(file));
     } DONE_WITH_STR(file);
     return rc == 0 ? JNI_FALSE : JNI_TRUE;
 }
 
 ACR_SSL_EXPORT(jboolean, Random, seed1)(JNI_STDARGS)
 {
-    return ACRSSL_rand_seed(0) == 0 ? JNI_FALSE : JNI_TRUE;
+    return ssl_rand_seed(0) == 0 ? JNI_FALSE : JNI_TRUE;
 }
 
 ACR_SSL_EXPORT(jboolean, Random, seed2)(JNI_STDARGS, jbyteArray ba,

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c?rev=1166827&r1=1166826&r2=1166827&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c Thu Sep  8 17:59:14
2011
@@ -18,15 +18,40 @@
 #include "acr/error.h"
 #include "acr/misc.h"
 #include "acr/string.h"
-#include "arch_sync.h"
+#include "acr/port.h"
 #include "acr/ssl.h"
+#include "arch_sync.h"
 
 #if !HAVE_OPENSSL
 #error "Cannot compile this file without HAVE_OPENSSL defined"
 #endif
 
 /* Global password callback */
-ssl_pass_cb_t *ACRSSL_password_cb;
+ssl_pass_cb_t *acr_ssl_password_cb;
+
+int ssl_password_callback(char *buf, int bufsiz, int verify, void *cb)
+{
+    ssl_pass_cb_t *pcb = (ssl_pass_cb_t *)cb;
+
+    if (buf == 0)
+        return 0;
+    buf[0] = '\0';
+    if (pcb == 0)
+        pcb = acr_ssl_password_cb;
+    if (pcb == 0)
+        return 0;
+    if (pcb->password == 0) {
+        /* Call PasswordCallback.handler()
+         */
+        AcrCallbackRun(0, pcb->cb, 0, 0, 0);
+    }
+    if (pcb->password != 0) {
+        /* Return already obtained password */
+        strlcpy(buf, pcb->password, bufsiz);
+        return (int)strlen(buf);
+    }
+    return 0;
+}
 
 ACR_SSL_EXPORT(jlong, PasswordCallback, new0)(JNI_STDARGS)
 {
@@ -48,9 +73,9 @@ ACR_SSL_EXPORT(void, PasswordCallback, d
     ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *);
 
     if (pc != 0) {
-        if (pc == ACRSSL_password_cb) {
+        if (pc == acr_ssl_password_cb) {
             /* XXX: Should we allow that ? */
-            ACRSSL_password_cb = 0;
+            acr_ssl_password_cb = 0;
         }
         AcrMemCleanse(pc->password, 0);
         AcrFree(pc->password);
@@ -61,7 +86,7 @@ ACR_SSL_EXPORT(void, PasswordCallback, d
 ACR_SSL_EXPORT(void, PasswordCallback, def0)(JNI_STDARGS, jlong ph)
 {
     ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *);
-    ACRSSL_password_cb = pc;
+    acr_ssl_password_cb = pc;
 }
 
 ACR_SSL_EXPORT(void, PasswordCallback, set0)(JNI_STDARGS, jlong ph, jstring password)
@@ -79,9 +104,9 @@ ACR_SSL_EXPORT(void, PasswordCallback, s
 #if defined(ENABLE_TEST_PRIVATE)
 ACR_SSL_EXPORT(int, TestOpenSSL, runPasswordCallback)(JNI_STDARGS)
 {
-    if (ACRSSL_password_cb != 0) {
-        AcrCallbackRun(0, ACRSSL_password_cb->cb, 0, 0, 0);
-        if (ACRSSL_password_cb->password && strcmp(ACRSSL_password_cb->password,
"secret") == 0)
+    if (acr_ssl_password_cb != 0) {
+        AcrCallbackRun(0, acr_ssl_password_cb->cb, 0, 0, 0);
+        if (acr_ssl_password_cb->password && strcmp(acr_ssl_password_cb->password,
"secret") == 0)
             return 0;
         else
             return ACR_EINVAL;

Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c?rev=1166827&r1=1166826&r2=1166827&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c Thu Sep  8 17:59:14
2011
@@ -37,29 +37,29 @@
  * also note that OpenSSL increments at static variable when
  * SSL_get_ex_new_index() is called, so we _must_ do this at startup.
  */
-static int ssl_app_data2_idx = -1;
+static int app_data2_idx = -1;
 
-void ACRSSL_init_app_data2_idx(void)
+void ssl_init_app_data2_idx(void)
 {
     int i;
 
-    if (ssl_app_data2_idx > -1) {
+    if (app_data2_idx > -1) {
         return;
     }
     /* we _do_ need to call this twice */
     for (i = 0; i <= 1; i++) {
-        ssl_app_data2_idx = SSL_get_ex_new_index(0, "Second Application Data for SSL", 0,
0, 0);
+        app_data2_idx = SSL_get_ex_new_index(0, "Second Application Data for SSL", 0, 0,
0);
     }
 }
 
-void *ACRSSL_get_app_data2(SSL *ssl)
+void *ssl_get_app_data2(SSL *ssl)
 {
-    return (void *)SSL_get_ex_data(ssl, ssl_app_data2_idx);
+    return (void *)SSL_get_ex_data(ssl, app_data2_idx);
 }
 
-void ACRSSL_set_app_data2(SSL *ssl, void *arg)
+void ssl_set_app_data2(SSL *ssl, void *arg)
 {
-    SSL_set_ex_data(ssl, ssl_app_data2_idx, (char *)arg);
+    SSL_set_ex_data(ssl, app_data2_idx, (char *)arg);
     return;
 }
 
@@ -190,7 +190,7 @@ static DH *get_dh(int idx)
         return dh;
 }
 
-DH *ACRSSL_dh_get_tmp_param(int key_len)
+DH *ssl_dh_get_tmp_param(int key_len)
 {
     DH *dh;
 
@@ -207,7 +207,7 @@ DH *ACRSSL_dh_get_tmp_param(int key_len)
     return dh;
 }
 
-DH *ACRSSL_dh_get_param_from_file(const char *file)
+DH *ssl_dh_get_param_from_file(const char *file)
 {
     DH *dh = 0;
     BIO *bio;
@@ -257,7 +257,7 @@ DH *ACRSSL_dh_get_param_from_file(const 
  * which we now just hand out on demand....
  */
 
-RSA *ACRSSL_callback_tmp_RSA(SSL *ssl, int export, int keylen)
+RSA *ssl_callback_tmp_RSA(SSL *ssl, int export, int keylen)
 {
     int idx;
 
@@ -273,12 +273,12 @@ RSA *ACRSSL_callback_tmp_RSA(SSL *ssl, i
         break;
         case 2048:
             idx = SSL_TMP_KEY_RSA_2048;
-            if (ACRSSL_temp_keys[idx] == 0)
+            if (acr_ssl_temp_keys[idx] == 0)
                 idx = SSL_TMP_KEY_RSA_1024;
         break;
         case 4096:
             idx = SSL_TMP_KEY_RSA_4096;
-            if (ACRSSL_temp_keys[idx] == 0)
+            if (acr_ssl_temp_keys[idx] == 0)
                 idx = SSL_TMP_KEY_RSA_2048;
         break;
         case 1024:
@@ -286,13 +286,13 @@ RSA *ACRSSL_callback_tmp_RSA(SSL *ssl, i
             idx = SSL_TMP_KEY_RSA_1024;
         break;
     }
-    return (RSA *)ACRSSL_temp_keys[idx];
+    return (RSA *)acr_ssl_temp_keys[idx];
 }
 
 /*
  * Hand out the already generated DH parameters...
  */
-DH *ACRSSL_callback_tmp_DH(SSL *ssl, int export, int keylen)
+DH *ssl_callback_tmp_DH(SSL *ssl, int export, int keylen)
 {
     int idx;
     switch (keylen) {
@@ -310,10 +310,10 @@ DH *ACRSSL_callback_tmp_DH(SSL *ssl, int
             idx = SSL_TMP_KEY_DH_1024;
         break;
     }
-    return (DH *)ACRSSL_temp_keys[idx];
+    return (DH *)acr_ssl_temp_keys[idx];
 }
 
-void ACRSSL_vhost_algo_id(const unsigned char *vhost_id, unsigned char *md, int algo)
+void ssl_vhost_algo_id(const unsigned char *vhost_id, unsigned char *md, int algo)
 {
     MD5_CTX c;
 
@@ -343,8 +343,8 @@ void ACRSSL_vhost_algo_id(const unsigned
  * format, possibly followed by a sequence of CA certificates that
  * should be sent to the peer in the SSL Certificate message.
  */
-int ACRSSL_CTX_use_certificate_chain(SSL_CTX *ctx, const char *file,
-                                     int skipfirst)
+int ssl_ctx_use_certificate_chain(SSL_CTX *ctx, const char *file,
+                                  int skipfirst)
 {
     BIO *bio;
     X509 *x509;
@@ -367,10 +367,10 @@ int ACRSSL_CTX_use_certificate_chain(SSL
         X509_free(x509);
     }
     /* free a perhaps already configured extra chain */
-    extra_certs = ACRSSL_CTX_get_extra_certs(ctx);
+    extra_certs = ssl_ctx_get_extra_certs(ctx);
     if (extra_certs != 0) {
         sk_X509_pop_free(extra_certs, X509_free);
-        ACRSSL_CTX_set_extra_certs(ctx, 0);
+        ssl_ctx_set_extra_certs(ctx, 0);
     }
     /* create new extra chain by loading the certs */
     n = 0;



Mime
View raw message