Author: mturk
Date: Wed Sep 14 20:46:41 2011
New Revision: 1170844
URL: http://svn.apache.org/viewvc?rev=1170844&view=rev
Log:
Add more of ssl api
Modified:
commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c
Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h?rev=1170844&r1=1170843&r2=1170844&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h (original)
+++ commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h Wed Sep 14 20:46:41 2011
@@ -293,6 +293,7 @@ typedef struct acr_ssl_ctxt_t {
int ca_certs;
int shutdown_type;
char *rand_file;
+ ssl_pass_cb_t *password_callback;
/* for client or downstream server authentication */
int verify_depth;
Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c?rev=1170844&r1=1170843&r2=1170844&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/api.c Wed Sep 14 20:46:41
2011
@@ -139,6 +139,8 @@ struct SSLAPIst {
/*** PEM ***/
DH* (*fpPEM_read_bio_DHparams)(BIO *, DH **, pem_password_cb *, void
*);
X509* (*fpPEM_read_bio_X509)(BIO *, X509 **, pem_password_cb *, void *);
+ X509* (*fpPEM_read_bio_X509_AUX)(BIO *, X509 **, pem_password_cb *, void
*);
+ EVP_PKEY* (*fpPEM_read_bio_PrivateKey)(BIO *, EVP_PKEY **, pem_password_cb
*, void *);
/*** RAND ***/
int (*fpRAND_bytes)(unsigned char *, int);
@@ -197,6 +199,7 @@ struct SSLAPIst {
void (*fpX509_free)(X509 *);
void (*fpX509_STORE_free)(X509_STORE *);
int (*fpX509_STORE_set_flags)(X509_STORE *, unsigned long);
+ X509* (*fpd2i_X509_bio)(BIO *, X509 **);
/*** _STACK ***/
void (*fpsk_pop_free)(SSLAPI_STACK *, void (*)(void *));
@@ -350,6 +353,8 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
/*** PEM ***/
CRYPTO_FPLOAD(PEM_read_bio_DHparams);
CRYPTO_FPLOAD(PEM_read_bio_X509);
+ CRYPTO_FPLOAD(PEM_read_bio_X509_AUX);
+ CRYPTO_FPLOAD(PEM_read_bio_PrivateKey);
/*** RAND ***/
CRYPTO_FPLOAD(RAND_bytes);
@@ -366,7 +371,7 @@ ACR_JNI_EXPORT(jboolean, Native, ldopens
CRYPTO_FPLOAD(X509_free);
CRYPTO_FPLOAD(X509_STORE_free);
CRYPTO_FPLOAD(X509_STORE_set_flags);
-
+ CRYPTO_FPLOAD(d2i_X509_bio);
/*** _STACK ***/
CRYPTO_FPLOAD(sk_pop_free);
/* Optional functions
@@ -702,6 +707,16 @@ X509 *PEM_read_bio_X509(BIO *bp, X509 **
return SSLAPI_CALL(PEM_read_bio_X509)(bp, x, cb, u);
}
+X509 *PEM_read_bio_X509_AUX(BIO *bp, X509 **x, pem_password_cb *cb, void *u)
+{
+ return SSLAPI_CALL(PEM_read_bio_X509_AUX)(bp, x, cb, u);
+}
+
+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u)
+{
+ return SSLAPI_CALL(PEM_read_bio_PrivateKey)(bp, x, cb, u);
+}
+
int RAND_bytes(unsigned char *buf, int num)
{
return SSLAPI_CALL(RAND_bytes)(buf, num);
@@ -867,6 +882,11 @@ void X509_free(X509 *x)
SSLAPI_CALL(X509_free)(x);
}
+X509 *d2i_X509_bio(BIO *bp,X509 **x509)
+{
+ return SSLAPI_CALL(d2i_X509_bio)(bp, x509);
+}
+
void X509_STORE_free(X509_STORE *v)
{
SSLAPI_CALL(X509_STORE_free)(v);
Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c?rev=1170844&r1=1170843&r2=1170844&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/ctx.c Wed Sep 14 20:46:41
2011
@@ -249,3 +249,61 @@ ACR_SSL_EXPORT(void, SSLContext, setveri
}
SSL_CTX_set_verify(c->ctx, verify, 0 /* ssl_callback_ssl_verify */);
}
+
+ACR_SSL_EXPORT(void, SSLContext, setpasscb0)(JNI_STDARGS, jlong ctx,
+ jlong cb)
+{
+ acr_ssl_ctxt_t *c = J2P(ctx, acr_ssl_ctxt_t *);
+ c->password_callback = J2P(cb, ssl_pass_cb_t *);
+}
+
+EVP_PKEY *load_pem_key(acr_ssl_ctxt_t *c, const char *file)
+{
+ BIO *bio = 0;
+ EVP_PKEY *key = 0;
+ int i;
+
+ if ((bio = BIO_new(BIO_s_file())) == NULL) {
+ return NULL;
+ }
+ if (BIO_read_filename(bio, file) <= 0) {
+ BIO_free(bio);
+ return NULL;
+ }
+ for (i = 0; i < 3; i++) {
+ key = PEM_read_bio_PrivateKey(bio, 0,
+ ssl_password_callback,
+ c->password_callback);
+ if (key != 0)
+ break;
+ if (c->password_callback) {
+ ACR_MFREE(c->password_callback->password);
+ }
+ BIO_ctrl(bio, BIO_CTRL_RESET, 0, 0);
+ }
+ BIO_free(bio);
+ return key;
+}
+
+X509 *load_pem_cert(acr_ssl_ctxt_t *c, const char *file)
+{
+ BIO *bio = 0;
+ X509 *cert = 0;
+
+ if ((bio = BIO_new(BIO_s_file())) == 0)
+ return 0;
+ if (BIO_read_filename(bio, file) <= 0) {
+ BIO_free(bio);
+ return 0;
+ }
+ cert = PEM_read_bio_X509_AUX(bio, 0,
+ ssl_password_callback,
+ c->password_callback);
+ if (cert == 0 && ERR_GET_REASON(ERR_get_error()) == PEM_R_NO_START_LINE) {
+ ERR_clear_error();
+ BIO_ctrl(bio, BIO_CTRL_RESET, 0, 0);
+ cert = d2i_X509_bio(bio, 0);
+ }
+ BIO_free(bio);
+ return cert;
+}
|