Changeset 1185:b4fcbc44f0db
- Timestamp:
- 03/17/09 09:27:52 (3 years ago)
- Branch:
- default
- Location:
- trunk
- Files:
-
- 16 edited
- 1 copied
-
include/libdodo/cgiFastExchange.h (modified) (2 diffs)
-
include/libdodo/ioNetwork.h (modified) (1 diff)
-
include/libdodo/ioNetworkServer.h (modified) (5 diffs)
-
include/libdodo/ioNetworkSslClient.h (modified) (4 diffs)
-
include/libdodo/ioNetworkSslExchange.h (modified) (7 diffs)
-
include/libdodo/ioNetworkSslServer.h (modified) (4 diffs)
-
include/libdodo/ioSsl.h (modified) (3 diffs)
-
include/libdodo/pcProcessCollection.h (modified) (2 diffs)
-
src/graphicsImage.inline (modified) (1 diff)
-
src/ioNetworkHttp.cc (modified) (4 diffs)
-
src/ioNetworkServer.cc (modified) (3 diffs)
-
src/ioNetworkSslClient.cc (modified) (34 diffs)
-
src/ioNetworkSslExchange.cc (modified) (17 diffs)
-
src/ioNetworkSslServer.cc (modified) (20 diffs)
-
src/ioSsl.cc (modified) (3 diffs)
-
src/ioSsl.inline (copied) (copied from trunk/src/ioNetworkSslClient.cc) (2 diffs)
-
tests/ionetworkhttp_test/test.cc (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/libdodo/cgiFastExchange.h
r1179 r1185 35 35 #ifdef FASTCGI_EXT 36 36 #include <libdodo/types.h> 37 #include <libdodo/cgiExchange.h> 37 38 38 39 namespace dodo … … 40 41 namespace cgi 41 42 { 42 class exchange;43 44 43 namespace fast 45 44 { -
trunk/include/libdodo/ioNetwork.h
r1080 r1185 33 33 #include <libdodo/ioNetworkClient.h> 34 34 #include <libdodo/ioNetworkServer.h> 35 #include <libdodo/ioNetworkExchange.h> 35 36 36 37 #endif -
trunk/include/libdodo/ioNetworkServer.h
r1164 r1185 33 33 #include <libdodo/directives.h> 34 34 35 #include <sys/types.h>36 #include <sys/stat.h>37 #include <netinet/in.h>38 #include <arpa/inet.h>39 #include <netdb.h>40 #include <sys/un.h>41 #include <sys/socket.h>42 #include <net/if.h>43 #include <sys/ioctl.h>44 #include <fcntl.h>45 46 #include <libdodo/toolsFilesystem.h>47 #include <libdodo/ioNetworkServerEx.h>48 35 #include <libdodo/types.h> 49 36 #include <libdodo/ioNetworkConnection.h> 50 #include <libdodo/ioNetworkExchange.h>51 37 #include <libdodo/xexec.h> 52 38 #include <libdodo/ioEventInfo.h> … … 63 49 }; 64 50 51 class __initialAccept; 52 65 53 /** 66 54 * @enum serverOperationTypeEnum defines type of operation for hook … … 77 65 78 66 #ifndef IO_WO_XEXEC 79 80 67 /** 81 68 * @class __xexecIoNetworkServerCollectedData … … 93 80 __xexecIoNetworkServerCollectedData(xexec *executor, short execObject); 94 81 }; 95 96 82 #endif 97 83 … … 205 191 206 192 #ifndef IO_WO_XEXEC 207 208 193 __xexecIoNetworkServerCollectedData collectedData; ///< data collected for xexec 209 210 194 #endif 211 195 }; -
trunk/include/libdodo/ioNetworkSslClient.h
r1164 r1185 34 34 35 35 #ifdef OPENSSL_EXT 36 37 #include <sys/types.h>38 #include <sys/stat.h>39 #include <netinet/in.h>40 #include <arpa/inet.h>41 #include <netdb.h>42 #include <sys/un.h>43 #include <sys/socket.h>44 #include <net/if.h>45 #include <sys/ioctl.h>46 #include <fcntl.h>47 #include <openssl/ssl.h>48 49 #include <libdodo/toolsFilesystem.h>50 #include <libdodo/ioNetworkSslClientEx.h>51 36 #include <libdodo/ioNetworkClient.h> 52 #include <libdodo/ioSsl.h>53 37 #include <libdodo/types.h> 54 #include <libdodo/ioNetworkSslExchange.h>55 #include <libdodo/xexec.h>56 #include <libdodo/ioEventInfo.h>57 38 58 39 namespace dodo … … 62 43 namespace network 63 44 { 45 class http; 46 }; 47 48 namespace ssl 49 { 50 struct __sslHandle; 51 struct __sslContext; 52 struct __certificates; 53 }; 54 55 namespace network 56 { 64 57 namespace ssl 65 58 { 59 class exchange; 60 66 61 /** 67 62 * @class client … … 149 144 virtual void connectSsl(); 150 145 151 SSL_CTX *sslCtx; ///< SSL context152 SSL *sslHandle; ///< SSL connection handle146 io::ssl::__sslHandle *handle; ///< ssl connection handle 147 io::ssl::__sslContext *ctx; ///< ssl connection context 153 148 154 149 bool sslConnected; ///< true if SSL connection established … … 158 153 }; 159 154 }; 160 161 155 #endif 162 156 -
trunk/include/libdodo/ioNetworkSslExchange.h
r1166 r1185 34 34 35 35 #ifdef OPENSSL_EXT 36 37 #include <sys/types.h>38 #include <netinet/in.h>39 #include <arpa/inet.h>40 #include <netdb.h>41 #include <sys/un.h>42 #include <sys/socket.h>43 #include <net/if.h>44 #include <sys/ioctl.h>45 #include <fcntl.h>46 #include <poll.h>47 #include <openssl/ssl.h>48 49 #include <libdodo/ioChannel.h>50 #include <libdodo/ioNetworkSslExchangeEx.h>51 36 #include <libdodo/ioNetworkExchange.h> 52 #include <libdodo/ioSsl.h>53 37 #include <libdodo/types.h> 54 #include <libdodo/xexec.h>55 38 56 39 namespace dodo … … 64 47 namespace ssl 65 48 { 49 struct __sslHandle; 50 66 51 /** 67 52 * @class __initialAccept … … 87 72 __initialAccept(__initialAccept &init); 88 73 74 /** 75 * destructor 76 */ 77 ~__initialAccept(); 78 89 79 private: 90 80 91 81 int socket; ///< socket 92 82 93 SSL *sslHandle; ///< SSL connection handle83 io::ssl::__sslHandle *handle; ///< SSL connection handle 94 84 95 85 bool blocked; ///< true if blocked … … 154 144 protected: 155 145 156 SSL *sslHandle; ///< SSL connection handle146 io::ssl::__sslHandle *handle; ///< SSL connection handle 157 147 158 148 /** … … 162 152 */ 163 153 virtual void _close(int socket, 164 SSL *sslHandle);154 io::ssl::__sslHandle *handle); 165 155 166 156 /** … … 172 162 */ 173 163 virtual void init(int socket, 174 SSL*handle,164 io::ssl::__sslHandle *handle, 175 165 bool blocked, 176 166 bool blockInherited); … … 198 188 }; 199 189 }; 200 201 190 #endif 202 191 -
trunk/include/libdodo/ioNetworkSslServer.h
r1164 r1185 34 34 35 35 #ifdef OPENSSL_EXT 36 37 #include <sys/types.h>38 #include <sys/stat.h>39 #include <netinet/in.h>40 #include <arpa/inet.h>41 #include <netdb.h>42 #include <sys/un.h>43 #include <sys/socket.h>44 #include <net/if.h>45 #include <sys/ioctl.h>46 #include <fcntl.h>47 #include <openssl/ssl.h>48 49 #include <libdodo/toolsFilesystem.h>50 #include <libdodo/ioNetworkSslServerEx.h>51 36 #include <libdodo/ioNetworkServer.h> 52 #include <libdodo/ioSsl.h>53 37 #include <libdodo/types.h> 54 #include <libdodo/ioNetworkSslExchange.h>55 #include <libdodo/xexec.h>56 #include <libdodo/ioEventInfo.h>57 38 58 39 namespace dodo … … 60 41 namespace io 61 42 { 43 namespace ssl 44 { 45 struct __sslContext; 46 struct __certificates; 47 }; 48 62 49 namespace network 63 50 { 64 51 namespace ssl 65 52 { 53 class exchange; 54 class __initialAccept; 55 66 56 /** 67 57 * @class server … … 161 151 virtual void acceptSsl(__initialAccept &init); 162 152 163 SSL_CTX *sslCtx; ///< SSL context153 io::ssl::__sslContext *ctx; ///< SSL context 164 154 }; 165 155 }; … … 167 157 }; 168 158 }; 169 170 159 #endif 171 160 -
trunk/include/libdodo/ioSsl.h
r1160 r1185 34 34 35 35 #ifdef OPENSSL_EXT 36 37 #include <openssl/ssl.h> 38 #include <openssl/err.h> 39 #include <openssl/rand.h> 40 #include <sys/types.h> 41 #include <sys/stat.h> 42 #include <unistd.h> 43 #include <sys/time.h> 44 45 #include <libdodo/toolsMisc.h> 36 #include <libdodo/types.h> 46 37 47 38 namespace dodo … … 51 42 namespace ssl 52 43 { 44 /** 45 * @struct __sslHandle 46 * @brief defines internal handlers for SSL 47 */ 48 struct __sslHandle; 49 50 /** 51 * @struct __sslContext 52 * @brief defines internal context for SSL 53 */ 54 struct __sslContext; 55 53 56 enum keyTypeEnum 54 57 { … … 90 93 dodoString cipher; ///< allowed SSL ciphers 91 94 }; 92 93 /**94 * @class __openssl_init__95 * @brief initializes openssl evironment96 */97 class __openssl_init__98 {99 public:100 101 /**102 * contructor103 */104 __openssl_init__();105 106 /**107 * destructor108 */109 ~__openssl_init__();110 111 /**112 * add entropy for randomness113 */114 void addEntropy();115 };116 117 extern __openssl_init__ __openssl_init_object__;118 95 }; 119 96 }; 120 97 }; 121 122 123 98 #endif 124 99 -
trunk/include/libdodo/pcProcessCollection.h
r1160 r1185 31 31 #define _PCPROCESSCOLLECTION_H_ 1 32 32 33 #include <libdodo/directives.h> 34 33 35 #ifdef DL_EXT 34 36 … … 42 44 #include <sys/wait.h> 43 45 44 #include <libdodo/directives.h>45 46 #include <libdodo/types.h> 46 47 #include <libdodo/pcJobCollection.h> -
trunk/src/graphicsImage.inline
r1181 r1185 48 48 }; 49 49 }; 50 51 50 #endif 52 51 -
trunk/src/ioNetworkHttp.cc
r1183 r1185 34 34 #include <sys/stat.h> 35 35 36 #include "ioSsl.inline" 37 36 38 #include <libdodo/ioNetworkHttp.h> 37 39 #include <libdodo/toolsCode.h> 40 #include <libdodo/toolsFilesystem.h> 38 41 #include <libdodo/ioNetworkClient.h> 39 42 #include <libdodo/ioNetworkSslClient.h> … … 41 44 #include <libdodo/ioNetworkHttpEx.h> 42 45 #include <libdodo/ioNetworkClientEx.h> 46 #include <libdodo/ioNetworkSslClientEx.h> 43 47 #include <libdodo/ioNetworkExchangeEx.h> 48 #include <libdodo/ioNetworkSslExchangeEx.h> 49 #include <libdodo/ioNetworkSslExchange.h> 44 50 #include <libdodo/types.h> 45 51 #include <libdodo/cgi.h> … … 416 422 ((ssl::client *)net)->connectSsl(); 417 423 418 ((ssl::exchange *)ex)-> sslHandle = ((ssl::client *)net)->sslHandle;424 ((ssl::exchange *)ex)->handle->handle = ((ssl::client *)net)->handle->handle; 419 425 420 426 ((ssl::client *)net)->socket = -1; 421 ((ssl::client *)net)-> sslHandle = NULL;427 ((ssl::client *)net)->handle->handle = NULL; 422 428 } 423 429 #endif … … 932 938 ((ssl::client *)net)->connectSsl(); 933 939 934 ((ssl::exchange *)ex)-> sslHandle = ((ssl::client *)net)->sslHandle;940 ((ssl::exchange *)ex)->handle->handle = ((ssl::client *)net)->handle->handle; 935 941 936 942 ((ssl::client *)net)->socket = -1; 937 ((ssl::client *)net)-> sslHandle = NULL;943 ((ssl::client *)net)->handle->handle = NULL; 938 944 } 939 945 -
trunk/src/ioNetworkServer.cc
r1166 r1185 28 28 */ 29 29 30 #include <libdodo/directives.h> 31 32 #include <arpa/inet.h> 33 #include <sys/un.h> 34 #include <fcntl.h> 35 30 36 #include <libdodo/ioNetworkServer.h> 37 #include <libdodo/ioNetworkServerEx.h> 38 #include <libdodo/types.h> 39 #include <libdodo/ioNetworkConnection.h> 40 #include <libdodo/ioNetworkExchange.h> 41 #include <libdodo/xexec.h> 42 #include <libdodo/ioEventInfo.h> 31 43 32 44 using namespace dodo::io::network; 33 45 34 46 #ifndef IO_WO_XEXEC 35 36 47 __xexecIoNetworkServerCollectedData::__xexecIoNetworkServerCollectedData(xexec *a_executor, 37 48 short execObject) : __xexecCollectedData(a_executor, execObject) 38 49 { 39 50 } 40 41 51 #endif 42 52 … … 44 54 45 55 server::server(server &fs) 46 47 #ifndef IO_WO_XEXEC 48 56 #ifndef IO_WO_XEXE 49 57 : collectedData(this, XEXEC_OBJECT_IONETWORKSERVER) 50 51 58 #endif 52 59 { … … 60 67 blockInherited(false) 61 68 #ifndef IO_WO_XEXEC 62 63 69 , 64 70 collectedData(this, XEXEC_OBJECT_IONETWORKSERVER) 65 66 71 #endif 67 72 { -
trunk/src/ioNetworkSslClient.cc
r1166 r1185 28 28 */ 29 29 30 #include <libdodo/directives.h> 31 32 #ifdef OPENSSL_EXT 33 #include <sys/socket.h> 34 #include <sys/un.h> 35 #include <arpa/inet.h> 36 #include <openssl/ssl.h> 37 #include <openssl/err.h> 38 39 #include "ioSsl.inline" 40 30 41 #include <libdodo/ioNetworkSslClient.h> 31 32 #ifdef OPENSSL_EXT 42 #include <libdodo/toolsFilesystem.h> 43 #include <libdodo/ioNetworkSslClientEx.h> 44 #include <libdodo/ioSsl.h> 45 #include <libdodo/types.h> 46 #include <libdodo/ioNetworkSslExchange.h> 47 #include <libdodo/xexec.h> 48 #include <libdodo/ioEventInfo.h> 33 49 34 50 using namespace dodo::io::network::ssl; … … 43 59 short a_type) : network::client(a_family, 44 60 a_type), 45 sslC tx(NULL),46 sslHandle(NULL),47 sslConnected(false)61 sslConnected(false), 62 handle(new io::ssl::__sslHandle), 63 ctx(new io::ssl::__sslContext) 48 64 { 49 65 #ifndef IO_WO_XEXEC 50 51 66 collectedData.setExecObject(XEXEC_OBJECT_IONETWORKSSLCLIENT); 52 53 #endif 67 #endif 68 69 ctx->ctx = NULL; 70 handle->handle = NULL; 54 71 } 55 72 … … 58 75 client::~client() 59 76 { 60 if (sslHandle != NULL) 61 { 62 if (sslConnected && SSL_shutdown(sslHandle) == 0) 63 { 64 SSL_shutdown(sslHandle); 65 } 66 67 SSL_free(sslHandle); 68 } 69 70 if (sslCtx != NULL) 71 { 72 SSL_CTX_free(sslCtx); 73 } 77 if (handle->handle != NULL) 78 { 79 if (sslConnected && SSL_shutdown(handle->handle) == 0) 80 { 81 SSL_shutdown(handle->handle); 82 } 83 84 SSL_free(handle->handle); 85 } 86 87 if (ctx->ctx != NULL) 88 { 89 SSL_CTX_free(ctx->ctx); 90 } 91 92 delete handle; 93 delete ctx; 74 94 } 75 95 … … 79 99 client::removeSertificates() 80 100 { 81 if ( sslHandle != NULL)101 if (handle->handle != NULL) 82 102 { 83 103 if (sslConnected) 84 104 { 85 int err = SSL_shutdown( sslHandle);105 int err = SSL_shutdown(handle->handle); 86 106 if (err < 0) 87 107 { … … 91 111 if (err == 0) 92 112 { 93 err = SSL_shutdown( sslHandle);113 err = SSL_shutdown(handle->handle); 94 114 if (err < 0) 95 115 { … … 102 122 } 103 123 104 SSL_free( sslHandle);105 106 sslHandle = NULL;107 } 108 109 if ( sslCtx != NULL)110 { 111 SSL_CTX_free( sslCtx);112 113 sslCtx = NULL;114 } 115 116 sslCtx = SSL_CTX_new(SSLv23_client_method());117 if ( sslCtx == NULL)124 SSL_free(handle->handle); 125 126 handle->handle = NULL; 127 } 128 129 if (ctx->ctx != NULL) 130 { 131 SSL_CTX_free(ctx->ctx); 132 133 ctx->ctx = NULL; 134 } 135 136 ctx->ctx = SSL_CTX_new(SSLv23_client_method()); 137 if (ctx->ctx == NULL) 118 138 { 119 139 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_REMOVESERTIFICATES, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITCONTEXT, IONETWORKSSLCLIENTEX_UNABLETOINITCONTEXT_STR, __LINE__, __FILE__); 120 140 } 121 141 122 sslHandle = SSL_new(sslCtx);123 if ( sslHandle == NULL)142 handle->handle = SSL_new(ctx->ctx); 143 if (handle->handle == NULL) 124 144 { 125 145 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_REMOVESERTIFICATES, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITSSL, IONETWORKSSLCLIENTEX_UNABLETOINITSSL_STR, __LINE__, __FILE__); … … 132 152 client::setSertificates(const io::ssl::__certificates &certs) 133 153 { 134 if ( sslHandle != NULL)154 if (handle->handle != NULL) 135 155 { 136 156 if (sslConnected) 137 157 { 138 int err = SSL_shutdown( sslHandle);158 int err = SSL_shutdown(handle->handle); 139 159 if (err < 0) 140 160 { … … 144 164 if (err == 0) 145 165 { 146 err = SSL_shutdown( sslHandle);166 err = SSL_shutdown(handle->handle); 147 167 if (err < 0) 148 168 { … … 155 175 } 156 176 157 SSL_free( sslHandle);158 159 sslHandle = NULL;160 } 161 162 if ( sslCtx != NULL)163 { 164 SSL_CTX_free( sslCtx);165 166 sslCtx = NULL;167 } 168 169 sslCtx = SSL_CTX_new(SSLv23_client_method());170 if ( sslCtx == NULL)177 SSL_free(handle->handle); 178 179 handle->handle = NULL; 180 } 181 182 if (ctx->ctx != NULL) 183 { 184 SSL_CTX_free(ctx->ctx); 185 186 ctx->ctx = NULL; 187 } 188 189 ctx->ctx = SSL_CTX_new(SSLv23_client_method()); 190 if (ctx->ctx == NULL) 171 191 { 172 192 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITCONTEXT, IONETWORKSSLCLIENTEX_UNABLETOINITCONTEXT_STR, __LINE__, __FILE__); 173 193 } 174 194 175 if (certs.cipher.size() > 0 && SSL_CTX_set_cipher_list( sslCtx, certs.cipher.c_str()) != 1)195 if (certs.cipher.size() > 0 && SSL_CTX_set_cipher_list(ctx->ctx, certs.cipher.c_str()) != 1) 176 196 { 177 197 unsigned long nerr = ERR_get_error(); … … 179 199 } 180 200 181 if (certs.ca.size() > 0 && SSL_CTX_use_certificate_chain_file( sslCtx, certs.ca.c_str()) != 1)201 if (certs.ca.size() > 0 && SSL_CTX_use_certificate_chain_file(ctx->ctx, certs.ca.c_str()) != 1) 182 202 { 183 203 unsigned long nerr = ERR_get_error(); … … 185 205 } 186 206 187 if (certs.cert.size() > 0 && SSL_CTX_use_certificate_file( sslCtx, certs.cert.c_str(), SSL_FILETYPE_PEM) != 1)207 if (certs.cert.size() > 0 && SSL_CTX_use_certificate_file(ctx->ctx, certs.cert.c_str(), SSL_FILETYPE_PEM) != 1) 188 208 { 189 209 unsigned long nerr = ERR_get_error(); … … 193 213 if (certs.keyPassword.size() > 0) 194 214 { 195 SSL_CTX_set_default_passwd_cb_userdata( sslCtx, (void *)certs.keyPassword.c_str());215 SSL_CTX_set_default_passwd_cb_userdata(ctx->ctx, (void *)certs.keyPassword.c_str()); 196 216 } 197 217 … … 204 224 case io::ssl::KEYTYPE_PKEY: 205 225 206 if (SSL_CTX_use_PrivateKey_file( sslCtx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1)226 if (SSL_CTX_use_PrivateKey_file(ctx->ctx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1) 207 227 { 208 228 unsigned long nerr = ERR_get_error(); … … 216 236 case io::ssl::KEYTYPE_RSA: 217 237 218 if (SSL_CTX_use_RSAPrivateKey_file( sslCtx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1)238 if (SSL_CTX_use_RSAPrivateKey_file(ctx->ctx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1) 219 239 { 220 240 unsigned long nerr = ERR_get_error(); … … 235 255 if (certs.ca.size() > 0) 236 256 { 237 if (SSL_CTX_use_PrivateKey_file( sslCtx, certs.ca.c_str(), SSL_FILETYPE_PEM) != 1)257 if (SSL_CTX_use_PrivateKey_file(ctx->ctx, certs.ca.c_str(), SSL_FILETYPE_PEM) != 1) 238 258 { 239 259 unsigned long nerr = ERR_get_error(); … … 249 269 if (tools::filesystem::getFileInfo(certs.caPath).type == tools::FILESYSTEM_FILETYPE_DIRECTORY) 250 270 { 251 if (SSL_CTX_load_verify_locations( sslCtx, NULL, certs.caPath.c_str()) != 1)271 if (SSL_CTX_load_verify_locations(ctx->ctx, NULL, certs.caPath.c_str()) != 1) 252 272 { 253 273 unsigned long nerr = ERR_get_error(); … … 257 277 else 258 278 { 259 if (SSL_CTX_load_verify_locations( sslCtx, certs.caPath.c_str(), NULL) != 1)279 if (SSL_CTX_load_verify_locations(ctx->ctx, certs.caPath.c_str(), NULL) != 1) 260 280 { 261 281 unsigned long nerr = ERR_get_error(); … … 265 285 } 266 286 267 if (keySet && SSL_CTX_check_private_key( sslCtx) != 1)287 if (keySet && SSL_CTX_check_private_key(ctx->ctx) != 1) 268 288 { 269 289 unsigned long nerr = ERR_get_error(); … … 271 291 } 272 292 273 sslHandle = SSL_new(sslCtx);274 if ( sslHandle == NULL)293 handle->handle = SSL_new(ctx->ctx); 294 if (handle->handle == NULL) 275 295 { 276 296 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITSSL, IONETWORKSSLCLIENTEX_UNABLETOINITSSL_STR, __LINE__, __FILE__); … … 283 303 client::initSsl() 284 304 { 285 if ( sslCtx == NULL)286 { 287 sslCtx = SSL_CTX_new(SSLv23_client_method());288 if ( sslCtx == NULL)305 if (ctx->ctx == NULL) 306 { 307 ctx->ctx = SSL_CTX_new(SSLv23_client_method()); 308 if (ctx->ctx == NULL) 289 309 { 290 310 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_INITSSL, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITCONTEXT, IONETWORKSSLCLIENTEX_UNABLETOINITCONTEXT_STR, __LINE__, __FILE__); … … 292 312 } 293 313 294 if ( sslHandle == NULL)295 { 296 sslHandle = SSL_new(sslCtx);297 if ( sslHandle == NULL)314 if (handle->handle == NULL) 315 { 316 handle->handle = SSL_new(ctx->ctx); 317 if (handle->handle == NULL) 298 318 { 299 319 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_INITSSL, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITSSL, IONETWORKSSLCLIENTEX_UNABLETOINITSSL_STR, __LINE__, __FILE__); … … 311 331 if (sslConnected) 312 332 { 313 int err = SSL_shutdown( sslHandle);333 int err = SSL_shutdown(handle->handle); 314 334 if (err < 0) 315 335 { … … 319 339 if (err == 0) 320 340 { 321 err = SSL_shutdown( sslHandle);341 err = SSL_shutdown(handle->handle); 322 342 if (err < 0) 323 343 { … … 330 350 } 331 351 332 if (SSL_clear( sslHandle) == 0)352 if (SSL_clear(handle->handle) == 0) 333 353 { 334 354 unsigned long nerr = ERR_get_error(); … … 336 356 } 337 357 338 if (SSL_set_fd( sslHandle, socket) == 0)358 if (SSL_set_fd(handle->handle, socket) == 0) 339 359 { 340 360 unsigned long nerr = ERR_get_error(); … … 342 362 } 343 363 344 int res = SSL_connect( sslHandle);364 int res = SSL_connect(handle->handle); 345 365 switch (res) 346 366 { … … 356 376 case - 1: 357 377 { 358 int nerr = SSL_get_error( sslHandle, res);378 int nerr = SSL_get_error(handle->handle, res); 359 379 if (nerr == SSL_ERROR_WANT_READ || nerr == SSL_ERROR_WANT_WRITE || nerr == SSL_ERROR_WANT_X509_LOOKUP) 360 380 { … … 367 387 unsigned long nerr = ERR_get_error(); 368 388 369 int err = SSL_shutdown( sslHandle);389 int err = SSL_shutdown(handle->handle); 370 390 if (err < 0) 371 391 { … … 375 395 if (err == 0) 376 396 { 377 err = SSL_shutdown( sslHandle);397 err = SSL_shutdown(handle->handle); 378 398 if (err < 0) 379 399 { … … 448 468 connectSsl(); 449 469 450 exchange.init(socket, sslHandle, blocked, blockInherited);470 exchange.init(socket, handle, blocked, blockInherited); 451 471 452 472 socket = -1; 453 sslHandle = NULL;473 handle->handle = NULL; 454 474 455 475 #ifndef IO_WO_XEXEC … … 541 561 connectSsl(); 542 562 543 exchange.init(socket, sslHandle, blocked, blockInherited);563 exchange.init(socket, handle, blocked, blockInherited); 544 564 545 565 socket = -1; 546 sslHandle = NULL;566 handle->handle = NULL; 547 567 548 568 #ifndef IO_WO_XEXEC … … 571 591 if (size >= 108) 572 592 { 573 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECT, exception::ERRNO_LIBDODO, CLIENTEX_LONGPATH, IONETWORK CLIENTEX_LONGPATH_STR, __LINE__, __FILE__);593 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECT, exception::ERRNO_LIBDODO, CLIENTEX_LONGPATH, IONETWORKSSLCLIENTEX_LONGPATH_STR, __LINE__, __FILE__); 574 594 } 575 595 … … 591 611 connectSsl(); 592 612 593 exchange.init(socket, sslHandle, blocked, blockInherited);613 exchange.init(socket, handle, blocked, blockInherited); 594 614 595 615 socket = -1; 596 sslHandle = NULL;616 handle->handle = NULL; 597 617 598 618 #ifndef IO_WO_XEXEC … … 602 622 603 623 //------------------------------------------------------------------- 604 605 #endif 606 624 #endif 625 -
trunk/src/ioNetworkSslExchange.cc
r1166 r1185 28 28 */ 29 29 30 #include <libdodo/directives.h> 31 32 #ifdef OPENSSL_EXT 33 #include <poll.h> 34 #include <openssl/ssl.h> 35 #include <openssl/err.h> 36 37 #include "ioSsl.inline" 38 30 39 #include <libdodo/ioNetworkSslExchange.h> 31 32 #ifdef OPENSSL_EXT 40 #include <libdodo/ioChannel.h> 41 #include <libdodo/ioNetworkSslExchangeEx.h> 42 #include <libdodo/ioNetworkExchange.h> 43 #include <libdodo/ioSsl.h> 44 #include <libdodo/types.h> 45 #include <libdodo/xexec.h> 46 #include <libdodo/pcSyncProtector.h> 33 47 34 48 using namespace dodo::io::network::ssl; 35 49 36 50 __initialAccept::__initialAccept() : socket(-1), 37 sslHandle(NULL) 38 { 51 handle(new io::ssl::__sslHandle) 52 { 53 handle->handle = NULL; 39 54 } 40 55 … … 42 57 43 58 __initialAccept::__initialAccept(__initialAccept &init) : socket(init.socket), 44 sslHandle(init.sslHandle) 45 { 59 handle(new io::ssl::__sslHandle) 60 { 61 handle->handle = init.handle->handle; 62 46 63 init.socket = -1; 47 init.sslHandle = NULL; 64 init.handle = NULL; 65 } 66 67 //------------------------------------------------------------------- 68 69 __initialAccept::~__initialAccept() 70 { 71 delete handle; 48 72 } 49 73 … … 54 78 { 55 79 #ifndef IO_WO_XEXEC 56 57 80 collectedData.setExecObject(XEXEC_OBJECT_IONETWORKSSLEXCHANGE); 58 59 #endif 60 61 sslHandle = fse.sslHandle; 62 63 fse.sslHandle = NULL; 64 } 65 66 //------------------------------------------------------------------- 67 68 exchange::exchange(short protection) : sslHandle(NULL), 69 channel(protection) 81 #endif 82 83 handle = fse.handle; 84 85 fse.handle = NULL; 86 } 87 88 //------------------------------------------------------------------- 89 90 exchange::exchange(short protection) : channel(protection), 91 handle(new io::ssl::__sslHandle) 70 92 { 71 93 #ifndef IO_WO_XEXEC 72 73 94 collectedData.setExecObject(XEXEC_OBJECT_IONETWORKSSLEXCHANGE); 74 75 #endif 95 #endif 96 97 handle->handle = NULL; 76 98 } 77 99 … … 79 101 80 102 exchange::exchange(__initialAccept &a_init, 81 short protection) : channel(protection) 103 short protection) : channel(protection), 104 handle(new io::ssl::__sslHandle) 82 105 { 83 106 #ifndef IO_WO_XEXEC 84 85 107 collectedData.setExecObject(XEXEC_OBJECT_IONETWORKSSLEXCHANGE); 86 87 108 #endif 88 109 … … 94 115 exchange::~exchange() 95 116 { 96 if (sslHandle != NULL) 97 { 98 if (SSL_shutdown(sslHandle) == 0) 99 { 100 SSL_shutdown(sslHandle); 101 } 102 103 SSL_free(sslHandle); 104 } 117 if (handle->handle != NULL) 118 { 119 if (SSL_shutdown(handle->handle) == 0) 120 { 121 SSL_shutdown(handle->handle); 122 } 123 124 SSL_free(handle->handle); 125 } 126 127 delete handle; 105 128 } 106 129 … … 110 133 exchange::init(__initialAccept &a_init) 111 134 { 112 init(a_init.socket, a_init. sslHandle, a_init.blocked, a_init.blockInherited);135 init(a_init.socket, a_init.handle, a_init.blocked, a_init.blockInherited); 113 136 114 137 a_init.socket = -1; 115 a_init. sslHandle = NULL;138 a_init.handle->handle = NULL; 116 139 } 117 140 … … 120 143 void 121 144 exchange::_close(int socket, 122 SSL *sslHandle)123 { 124 int err = SSL_shutdown( sslHandle);145 io::ssl::__sslHandle *handle) 146 { 147 int err = SSL_shutdown(handle->handle); 125 148 if (err < 0) 126 149 { … … 130 153 if (err == 0) 131 154 { 132 err = SSL_shutdown( sslHandle);155 err = SSL_shutdown(handle->handle); 133 156 if (err < 0) 134 157 { … … 155 178 if (socket != -1) 156 179 { 157 _close(socket, sslHandle);180 _close(socket, handle); 158 181 159 182 socket = -1; 160 sslHandle = NULL;183 handle->handle = NULL; 161 184 } 162 185 … … 170 193 void 171 194 exchange::init(int a_socket, 172 SSL *a_sslHandle,195 io::ssl::__sslHandle *a_handle, 173 196 bool a_blocked, 174 197 bool blockInherited) … … 178 201 if (socket != -1) 179 202 { 180 _close(socket, sslHandle);203 _close(socket, handle); 181 204 182 205 socket = -1; 183 sslHandle = NULL;206 handle->handle = NULL; 184 207 } 185 208 186 209 blocked = a_blocked; 187 210 socket = a_socket; 188 sslHandle = a_sslHandle;211 handle->handle = a_handle->handle; 189 212 190 213 setInBufferSize(inSocketBuffer); … … 237 260 } 238 261 239 _close(socket, sslHandle);262 _close(socket, handle); 240 263 241 264 socket = -1; 242 sslHandle = NULL;265 handle->handle = NULL; 243 266 244 267 return false; … … 266 289 while (true) 267 290 { 268 if ((n = SSL_write( sslHandle, data, outSocketBuffer)) <= 0)291 if ((n = SSL_write(handle->handle, data, outSocketBuffer)) <= 0) 269 292 { 270 switch (SSL_get_error( sslHandle, n))293 switch (SSL_get_error(handle->handle, n)) 271 294 { 272 295 case SSL_ERROR_WANT_READ: … … 301 324 while (true) 302 325 { 303 if ((n = SSL_write( sslHandle, data, rest)) <= 0)326 if ((n = SSL_write(handle->handle, data, rest)) <= 0) 304 327 { 305 switch (SSL_get_error( sslHandle, n))328 switch (SSL_get_error(handle->handle, n)) 306 329 { 307 330 case SSL_ERROR_WANT_READ: … … 354 377 while (true) 355 378 { 356 if ((n = SSL_read( sslHandle, data, inSocketBuffer)) <= 0)379 if ((n = SSL_read(handle->handle, data, inSocketBuffer)) <= 0) 357 380 { 358 switch (SSL_get_error( sslHandle, n))381 switch (SSL_get_error(handle->handle, n)) 359 382 { 360 383 case SSL_ERROR_WANT_READ: … … 389 412 while (true) 390 413 { 391 if ((n = SSL_read( sslHandle, data, rest)) <= 0)414 if ((n = SSL_read(handle->handle, data, rest)) <= 0) 392 415 { 393 switch (SSL_get_error( sslHandle, n))416 switch (SSL_get_error(handle->handle, n)) 394 417 { 395 418 case SSL_ERROR_WANT_READ: … … 435 458 while (true) 436 459 { 437 if ((n = SSL_read( sslHandle, data, inSize)) <= 0)438 { 439 switch (SSL_get_error( sslHandle, n))460 if ((n = SSL_read(handle->handle, data, inSize)) <= 0) 461 { 462 switch (SSL_get_error(handle->handle, n)) 440 463 { 441 464 case SSL_ERROR_WANT_READ: -
trunk/src/ioNetworkSslServer.cc
r1166 r1185 28 28 */ 29 29 30 #include <libdodo/directives.h> 31 32 #ifdef OPENSSL_EXT 33 #include <sys/socket.h> 34 #include <sys/un.h> 35 #include <arpa/inet.h> 36 #include <openssl/ssl.h> 37 #include <openssl/err.h> 38 39 #include "ioSsl.inline" 40 30 41 #include <libdodo/ioNetworkSslServer.h> 31 32 #ifdef OPENSSL_EXT 42 #include <libdodo/ioNetworkSslClient.h> 43 #include <libdodo/pcSyncProtector.h> 44 #include <libdodo/toolsFilesystem.h> 45 #include <libdodo/ioNetworkSslServerEx.h> 46 #include <libdodo/ioNetworkServer.h> 47 #include <libdodo/ioSsl.h> 48 #include <libdodo/types.h> 49 #include <libdodo/ioNetworkSslExchange.h> 50 #include <libdodo/xexec.h> 51 #include <libdodo/ioEventInfo.h> 33 52 34 53 using namespace dodo::io::network::ssl; … … 43 62 short a_type) : network::server(a_family, 44 63 a_type), 45 sslCtx(NULL) 46 { 47 #ifndef IO_WO_XEXEC 48 64 ctx(new io::ssl::__sslContext) 65 { 66 #ifndef IO_WO_XEXEC 49 67 collectedData.setExecObject(XEXEC_OBJECT_IONETWORKSSLSERVER); 50 51 #endif 68 #endif 69 70 ctx->ctx = NULL; 52 71 } 53 72 … … 57 76 server::~server() 58 77 { 59 if (sslCtx != NULL) 60 { 61 SSL_CTX_free(sslCtx); 62 } 78 if (ctx->ctx != NULL) 79 { 80 SSL_CTX_free(ctx->ctx); 81 } 82 83 delete ctx; 63 84 } 64 85 … … 69 90 server::removeSertificates() 70 91 { 71 if ( sslCtx != NULL)72 { 73 SSL_CTX_free( sslCtx);74 75 sslCtx = NULL;76 } 77 78 sslCtx = SSL_CTX_new(SSLv23_server_method());79 if ( sslCtx == NULL)92 if (ctx->ctx != NULL) 93 { 94 SSL_CTX_free(ctx->ctx); 95 96 ctx->ctx = NULL; 97 } 98 99 ctx->ctx = SSL_CTX_new(SSLv23_server_method()); 100 if (ctx->ctx == NULL) 80 101 { 81 102 throw exception::basic(exception::ERRMODULE_IONETWORKSSLSERVER, SERVEREX_REMOVESERTIFICATES, exception::ERRNO_LIBDODO, SERVEREX_UNABLETOINITCONTEXT, IONETWORKSSLSERVEREX_UNABLETOINITCONTEXT_STR, __LINE__, __FILE__); … … 88 109 server::setSertificates(const io::ssl::__certificates &certs) 89 110 { 90 if ( sslCtx != NULL)91 { 92 SSL_CTX_free( sslCtx);93 } 94 95 sslCtx = SSL_CTX_new(SSLv23_server_method());96 if ( sslCtx == NULL)111 if (ctx->ctx != NULL) 112 { 113 SSL_CTX_free(ctx->ctx); 114 } 115 116 ctx->ctx = SSL_CTX_new(SSLv23_server_method()); 117 if (ctx->ctx == NULL) 97 118 { 98 119 throw exception::basic(exception::ERRMODULE_IONETWORKSSLSERVER, SERVEREX_SETSERTIFICATES, exception::ERRNO_LIBDODO, SERVEREX_UNABLETOINITCONTEXT, IONETWORKSSLSERVEREX_UNABLETOINITCONTEXT_STR, __LINE__, __FILE__); 99 120 } 100 121 101 if (certs.cipher.size() > 0 && SSL_CTX_set_cipher_list( sslCtx, certs.cipher.c_str()) != 1)122 if (certs.cipher.size() > 0 && SSL_CTX_set_cipher_list(ctx->ctx, certs.cipher.c_str()) != 1) 102 123 { 103 124 unsigned long nerr = ERR_get_error(); … … 105 126 } 106 127 107 if (certs.ca.size() > 0 && SSL_CTX_use_certificate_chain_file( sslCtx, certs.ca.c_str()) != 1)128 if (certs.ca.size() > 0 && SSL_CTX_use_certificate_chain_file(ctx->ctx, certs.ca.c_str()) != 1) 108 129 { 109 130 unsigned long nerr = ERR_get_error(); … … 111 132 } 112 133 113 if (certs.cert.size() > 0 && SSL_CTX_use_certificate_file( sslCtx, certs.cert.c_str(), SSL_FILETYPE_PEM) != 1)134 if (certs.cert.size() > 0 && SSL_CTX_use_certificate_file(ctx->ctx, certs.cert.c_str(), SSL_FILETYPE_PEM) != 1) 114 135 { 115 136 unsigned long nerr = ERR_get_error(); … … 119 140 if (certs.keyPassword.size() > 0) 120 141 { 121 SSL_CTX_set_default_passwd_cb_userdata( sslCtx, (void *)certs.keyPassword.c_str());142 SSL_CTX_set_default_passwd_cb_userdata(ctx->ctx, (void *)certs.keyPassword.c_str()); 122 143 } 123 144 … … 130 151 case io::ssl::KEYTYPE_PKEY: 131 152 132 if (SSL_CTX_use_PrivateKey_file( sslCtx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1)153 if (SSL_CTX_use_PrivateKey_file(ctx->ctx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1) 133 154 { 134 155 unsigned long nerr = ERR_get_error(); … … 142 163 case io::ssl::KEYTYPE_RSA: 143 164 144 if (SSL_CTX_use_RSAPrivateKey_file( sslCtx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1)165 if (SSL_CTX_use_RSAPrivateKey_file(ctx->ctx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1) 145 166 { 146 167 unsigned long nerr = ERR_get_error(); … … 161 182 if (certs.ca.size() > 0) 162 183 { 163 if (SSL_CTX_use_PrivateKey_file( sslCtx, certs.ca.c_str(), SSL_FILETYPE_PEM) != 1)184 if (SSL_CTX_use_PrivateKey_file(ctx->ctx, certs.ca.c_str(), SSL_FILETYPE_PEM) != 1) 164 185 { 165 186 unsigned long nerr = ERR_get_error(); … … 175 196 if (tools::filesystem::getFileInfo(certs.caPath).type == tools::FILESYSTEM_FILETYPE_DIRECTORY) 176 197 { 177 if (SSL_CTX_load_verify_locations( sslCtx, NULL, certs.caPath.c_str()) != 1)198 if (SSL_CTX_load_verify_locations(ctx->ctx, NULL, certs.caPath.c_str()) != 1) 178 199 { 179 200 unsigned long nerr = ERR_get_error(); … … 183 204 else 184 205 { 185 if (SSL_CTX_load_verify_locations( sslCtx, certs.caPath.c_str(), NULL) != 1)206 if (SSL_CTX_load_verify_locations(ctx->ctx, certs.caPath.c_str(), NULL) != 1) 186 207 { 187 208 unsigned long nerr = ERR_get_error(); … … 191 212 } 192 213 193 if (keySet && SSL_CTX_check_private_key( sslCtx) != 1)214 if (keySet && SSL_CTX_check_private_key(ctx->ctx) != 1) 194 215 { 195 216 unsigned long nerr = ERR_get_error(); … … 203 224 server::initSsl() 204 225 { 205 if ( sslCtx == NULL)206 { 207 sslCtx = SSL_CTX_new(SSLv23_server_method());208 if ( sslCtx == NULL)226 if (ctx->ctx == NULL) 227 { 228 ctx->ctx = SSL_CTX_new(SSLv23_server_method()); 229 if (ctx->ctx == NULL) 209 230 { 210 231 throw exception::basic(exception::ERRMODULE_IONETWORKSSLSERVER, SERVEREX_INITSSL, exception::ERRNO_LIBDODO, SERVEREX_UNABLETOINITCONTEXT, IONETWORKSSLSERVEREX_UNABLETOINITCONTEXT_STR, __LINE__, __FILE__); … … 220 241 io::ssl::__openssl_init_object__.addEntropy(); 221 242 222 init. sslHandle = SSL_new(sslCtx);223 if (init. sslHandle == NULL)243 init.handle->handle = SSL_new(ctx->ctx); 244 if (init.handle->handle == NULL) 224 245 { 225 246 throw exception::basic(exception::ERRMODULE_IONETWORKSSLSERVER, SERVEREX_INITSSL, exception::ERRNO_LIBDODO, SERVEREX_UNABLETOINITSSL, IONETWORKSSLSERVEREX_UNABLETOINITSSL_STR, __LINE__, __FILE__); 226 247 } 227 248 228 if (SSL_set_fd(init. sslHandle, init.socket) == 0)249 if (SSL_set_fd(init.handle->handle, init.socket) == 0) 229 250 { 230 251 unsigned long nerr = ERR_get_error(); … … 232 253 } 233 254 234 int res = SSL_accept(init. sslHandle);255 int res = SSL_accept(init.handle->handle); 235 256 switch (res) 236 257 { … … 246 267 case - 1: 247 268 { 248 int nerr = SSL_get_error(init. sslHandle, res);269 int nerr = SSL_get_error(init.handle->handle, res); 249 270 if (nerr == SSL_ERROR_WANT_READ || nerr == SSL_ERROR_WANT_WRITE || nerr == SSL_ERROR_WANT_X509_LOOKUP) 250 271 { … … 257 278 unsigned long nerr = ERR_get_error(); 258 279 259 int err = SSL_shutdown(init. sslHandle);280 int err = SSL_shutdown(init.handle->handle); 260 281 if (err < 0) 261 282 { … … 265 286 if (err == 0) 266 287 { 267 err = SSL_shutdown(init. sslHandle);288 err = SSL_shutdown(init.handle->handle); 268 289 if (err < 0) 269 290 { -
trunk/src/ioSsl.cc
r1162 r1185 28 28 */ 29 29 30 #include <libdodo/ ioSsl.h>30 #include <libdodo/directives.h> 31 31 32 32 #ifdef OPENSSL_EXT 33 #include <sys/stat.h> 34 #include <sys/time.h> 35 #include <openssl/ssl.h> 36 #include <openssl/rand.h> 37 #include <openssl/err.h> 38 39 #include "ioSsl.inline" 40 41 #include <libdodo/ioSsl.h> 33 42 34 43 namespace dodo … … 93 102 } 94 103 104 //------------------------------------------------------------------- 105 95 106 void 96 107 __openssl_init__::addEntropy() … … 123 134 124 135 //------------------------------------------------------------------- 125 126 136 #endif 127 137 -
trunk/src/ioSsl.inline
r1166 r1185 1 1 /*************************************************************************** 2 * io NetworkSslClient.cc2 * ioSsl.inline 3 3 * 4 * Tue Jun 10 17:00:47 20085 * Copyright 200 8Ni@m4 * Tue Mar 17 01:48:47 2009 5 * Copyright 2009 Ni@m 6 6 * niam.niam@gmail.com 7 7 ****************************************************************************/ … … 28 28 */ 29 29 30 #include <libdodo/ ioNetworkSslClient.h>30 #include <libdodo/directives.h> 31 31 32 32 #ifdef OPENSSL_EXT 33 #include <openssl/ssl.h> 33 34 34 using namespace dodo::io::network::ssl; 35 namespace dodo 36 { 37 namespace io 38 { 39 namespace ssl 40 { 41 struct __sslHandle 42 { 43 SSL *handle; ///< SSL connection handle 44 }; 35 45 36 client::client(client &fs) : network::client(fs) 37 { 38 } 46 struct __sslContext 47 { 48 SSL_CTX *ctx; ///< SSL context 49 }; 39 50 40 //------------------------------------------------------------------- 51 /** 52 * @class __openssl_init__ 53 * @brief initializes openssl evironment 54 */ 55 class __openssl_init__ 56 { 57 public: 41 58 42 client::client(short a_family, 43 short a_type) : network::client(a_family, 44 a_type), 45 sslCtx(NULL), 46 sslHandle(NULL), 47 sslConnected(false) 48 { 49 #ifndef IO_WO_XEXEC 59 /** 60 * contructor 61 */ 62 __openssl_init__(); 50 63 51 collectedData.setExecObject(XEXEC_OBJECT_IONETWORKSSLCLIENT); 64 /** 65 * destructor 66 */ 67 ~__openssl_init__(); 52 68 53 #endif 54 } 69 /** 70 * add entropy for randomness 71 */ 72 void addEntropy(); 73 }; 55 74 56 //------------------------------------------------------------------- 57 58 client::~client() 59 { 60 if (sslHandle != NULL) 61 { 62 if (sslConnected && SSL_shutdown(sslHandle) == 0) 63 { 64 SSL_shutdown(sslHandle); 65 } 66 67 SSL_free(sslHandle); 68 } 69 70 if (sslCtx != NULL) 71 { 72 SSL_CTX_free(sslCtx); 73 } 74 } 75 76 //------------------------------------------------------------------- 77 78 void 79 client::removeSertificates() 80 { 81 if (sslHandle != NULL) 82 { 83 if (sslConnected) 84 { 85 int err = SSL_shutdown(sslHandle); 86 if (err < 0) 87 { 88 unsigned long nerr = ERR_get_error(); 89 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_REMOVESERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 90 } 91 if (err == 0) 92 { 93 err = SSL_shutdown(sslHandle); 94 if (err < 0) 95 { 96 unsigned long nerr = ERR_get_error(); 97 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_REMOVESERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 98 } 99 } 100 101 sslConnected = false; 102 } 103 104 SSL_free(sslHandle); 105 106 sslHandle = NULL; 107 } 108 109 if (sslCtx != NULL) 110 { 111 SSL_CTX_free(sslCtx); 112 113 sslCtx = NULL; 114 } 115 116 sslCtx = SSL_CTX_new(SSLv23_client_method()); 117 if (sslCtx == NULL) 118 { 119 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_REMOVESERTIFICATES, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITCONTEXT, IONETWORKSSLCLIENTEX_UNABLETOINITCONTEXT_STR, __LINE__, __FILE__); 120 } 121 122 sslHandle = SSL_new(sslCtx); 123 if (sslHandle == NULL) 124 { 125 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_REMOVESERTIFICATES, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITSSL, IONETWORKSSLCLIENTEX_UNABLETOINITSSL_STR, __LINE__, __FILE__); 126 } 127 } 128 129 //------------------------------------------------------------------- 130 131 void 132 client::setSertificates(const io::ssl::__certificates &certs) 133 { 134 if (sslHandle != NULL) 135 { 136 if (sslConnected) 137 { 138 int err = SSL_shutdown(sslHandle); 139 if (err < 0) 140 { 141 unsigned long nerr = ERR_get_error(); 142 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 143 } 144 if (err == 0) 145 { 146 err = SSL_shutdown(sslHandle); 147 if (err < 0) 148 { 149 unsigned long nerr = ERR_get_error(); 150 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 151 } 152 } 153 154 sslConnected = false; 155 } 156 157 SSL_free(sslHandle); 158 159 sslHandle = NULL; 160 } 161 162 if (sslCtx != NULL) 163 { 164 SSL_CTX_free(sslCtx); 165 166 sslCtx = NULL; 167 } 168 169 sslCtx = SSL_CTX_new(SSLv23_client_method()); 170 if (sslCtx == NULL) 171 { 172 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITCONTEXT, IONETWORKSSLCLIENTEX_UNABLETOINITCONTEXT_STR, __LINE__, __FILE__); 173 } 174 175 if (certs.cipher.size() > 0 && SSL_CTX_set_cipher_list(sslCtx, certs.cipher.c_str()) != 1) 176 { 177 unsigned long nerr = ERR_get_error(); 178 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 179 } 180 181 if (certs.ca.size() > 0 && SSL_CTX_use_certificate_chain_file(sslCtx, certs.ca.c_str()) != 1) 182 { 183 unsigned long nerr = ERR_get_error(); 184 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 185 } 186 187 if (certs.cert.size() > 0 && SSL_CTX_use_certificate_file(sslCtx, certs.cert.c_str(), SSL_FILETYPE_PEM) != 1) 188 { 189 unsigned long nerr = ERR_get_error(); 190 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 191 } 192 193 if (certs.keyPassword.size() > 0) 194 { 195 SSL_CTX_set_default_passwd_cb_userdata(sslCtx, (void *)certs.keyPassword.c_str()); 196 } 197 198 bool keySet = false; 199 200 if (certs.key.size() > 0) 201 { 202 switch (certs.keyType) 203 { 204 case io::ssl::KEYTYPE_PKEY: 205 206 if (SSL_CTX_use_PrivateKey_file(sslCtx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1) 207 { 208 unsigned long nerr = ERR_get_error(); 209 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 210 } 211 212 keySet = true; 213 214 break; 215 216 case io::ssl::KEYTYPE_RSA: 217 218 if (SSL_CTX_use_RSAPrivateKey_file(sslCtx, certs.key.c_str(), SSL_FILETYPE_PEM) != 1) 219 { 220 unsigned long nerr = ERR_get_error(); 221 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 222 } 223 224 keySet = true; 225 226 break; 227 228 default: 229 230 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_LIBDODO, CLIENTEX_UNKNOWNKEYTYPE, IONETWORKSSLCLIENTEX_UNKNOWNKEYTYPE_STR, __LINE__, __FILE__); 231 } 232 } 233 else 234 { 235 if (certs.ca.size() > 0) 236 { 237 if (SSL_CTX_use_PrivateKey_file(sslCtx, certs.ca.c_str(), SSL_FILETYPE_PEM) != 1) 238 { 239 unsigned long nerr = ERR_get_error(); 240 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 241 } 242 243 keySet = true; 244 } 245 } 246 247 if (certs.caPath.size() > 0) 248 { 249 if (tools::filesystem::getFileInfo(certs.caPath).type == tools::FILESYSTEM_FILETYPE_DIRECTORY) 250 { 251 if (SSL_CTX_load_verify_locations(sslCtx, NULL, certs.caPath.c_str()) != 1) 252 { 253 unsigned long nerr = ERR_get_error(); 254 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 255 } 256 } 257 else 258 { 259 if (SSL_CTX_load_verify_locations(sslCtx, certs.caPath.c_str(), NULL) != 1) 260 { 261 unsigned long nerr = ERR_get_error(); 262 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 263 } 264 } 265 } 266 267 if (keySet && SSL_CTX_check_private_key(sslCtx) != 1) 268 { 269 unsigned long nerr = ERR_get_error(); 270 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 271 } 272 273 sslHandle = SSL_new(sslCtx); 274 if (sslHandle == NULL) 275 { 276 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_SETSERTIFICATES, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITSSL, IONETWORKSSLCLIENTEX_UNABLETOINITSSL_STR, __LINE__, __FILE__); 277 } 278 } 279 280 //------------------------------------------------------------------- 281 282 void 283 client::initSsl() 284 { 285 if (sslCtx == NULL) 286 { 287 sslCtx = SSL_CTX_new(SSLv23_client_method()); 288 if (sslCtx == NULL) 289 { 290 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_INITSSL, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITCONTEXT, IONETWORKSSLCLIENTEX_UNABLETOINITCONTEXT_STR, __LINE__, __FILE__); 291 } 292 } 293 294 if (sslHandle == NULL) 295 { 296 sslHandle = SSL_new(sslCtx); 297 if (sslHandle == NULL) 298 { 299 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_INITSSL, exception::ERRNO_LIBDODO, CLIENTEX_UNABLETOINITSSL, IONETWORKSSLCLIENTEX_UNABLETOINITSSL_STR, __LINE__, __FILE__); 300 } 301 } 302 } 303 304 //------------------------------------------------------------------- 305 306 void 307 client::connectSsl() 308 { 309 io::ssl::__openssl_init_object__.addEntropy(); 310 311 if (sslConnected) 312 { 313 int err = SSL_shutdown(sslHandle); 314 if (err < 0) 315 { 316 unsigned long nerr = ERR_get_error(); 317 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTSSL, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 318 } 319 if (err == 0) 320 { 321 err = SSL_shutdown(sslHandle); 322 if (err < 0) 323 { 324 unsigned long nerr = ERR_get_error(); 325 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTSSL, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 326 } 327 } 328 329 sslConnected = false; 330 } 331 332 if (SSL_clear(sslHandle) == 0) 333 { 334 unsigned long nerr = ERR_get_error(); 335 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTSSL, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 336 } 337 338 if (SSL_set_fd(sslHandle, socket) == 0) 339 { 340 unsigned long nerr = ERR_get_error(); 341 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTSSL, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 342 } 343 344 int res = SSL_connect(sslHandle); 345 switch (res) 346 { 347 case 1: 348 break; 349 350 case 0: 351 { 352 unsigned long nerr = ERR_get_error(); 353 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTSSL, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 354 } 355 356 case - 1: 357 { 358 int nerr = SSL_get_error(sslHandle, res); 359 if (nerr == SSL_ERROR_WANT_READ || nerr == SSL_ERROR_WANT_WRITE || nerr == SSL_ERROR_WANT_X509_LOOKUP) 360 { 361 break; 362 } 363 } 364 365 default: 366 { 367 unsigned long nerr = ERR_get_error(); 368 369 int err = SSL_shutdown(sslHandle); 370 if (err < 0) 371 { 372 nerr = ERR_get_error(); 373 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTSSL, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 374 } 375 if (err == 0) 376 { 377 err = SSL_shutdown(sslHandle); 378 if (err < 0) 379 { 380 nerr = ERR_get_error(); 381 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTSSL, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 382 } 383 } 384 385 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTSSL, exception::ERRNO_OPENSSL, nerr, ERR_error_string(nerr, NULL), __LINE__, __FILE__); 386 } 387 } 388 389 sslConnected = true; 390 } 391 392 //------------------------------------------------------------------- 393 394 void 395 client::connect(const dodoString &host, 396 int port, 397 exchange &exchange) 398 { 399 #ifndef IO_WO_XEXEC 400 operType = CLIENT_OPERATION_CONNECT; 401 performXExec(preExec); 75 extern __openssl_init__ __openssl_init_object__; 76 }; 77 }; 78 }; 402 79 #endif 403 80 404 initSsl();405 makeSocket();406 407 if (family == CONNECTION_PROTO_FAMILY_IPV4)408 {409 struct sockaddr_in sa;410 sa.sin_family = AF_INET;411 sa.sin_port = htons(port);412 inet_aton(host.c_str(), &sa.sin_addr);413 414 if (::connect(socket, (struct sockaddr *)&sa, sizeof(sa)) == -1)415 {416 if (::close(socket) == -1)417 {418 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECT, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);419 }420 421 socket = -1;422 423 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECT, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);424 }425 }426 else427 {428 struct sockaddr_in6 sa;429 sa.sin6_family = AF_INET6;430 sa.sin6_port = htons(port);431 sa.sin6_flowinfo = 0;432 sa.sin6_scope_id = 0;433 inet_pton(AF_INET6, host.c_str(), &sa.sin6_addr);434 435 if (::connect(socket, (struct sockaddr *)&sa, sizeof(sa)) == -1)436 {437 if (::close(socket) == -1)438 {439 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECT, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);440 }441 442 socket = -1;443 444 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECT, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);445 }446 }447 448 connectSsl();449 450 exchange.init(socket, sslHandle, blocked, blockInherited);451 452 socket = -1;453 sslHandle = NULL;454 455 #ifndef IO_WO_XEXEC456 performXExec(postExec);457 #endif458 }459 460 //-------------------------------------------------------------------461 462 void463 client::connectFrom(const dodoString &local,464 const dodoString &host,465 int port,466 exchange &exchange)467 {468 #ifndef IO_WO_XEXEC469 operType = CLIENT_OPERATION_CONNECTFROM;470 performXExec(preExec);471 #endif472 473 initSsl();474 makeSocket();475 476 int sockFlag(1);477 if (setsockopt(socket, SOL_SOCKET, SO_REUSEADDR, &sockFlag, sizeof(int)) == -1)478 {479 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTFROM, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);480 }481 482 addFlag(socketOpts, 1 << CONNECTION_OPTION_REUSE_ADDRESS);483 484 if (family == CONNECTION_PROTO_FAMILY_IPV4)485 {486 struct sockaddr_in sa;487 sa.sin_family = AF_INET;488 sa.sin_port = htons(0);489 inet_aton(local.c_str(), &sa.sin_addr);490 491 if (::bind(socket, (struct sockaddr *)&sa, sizeof(sa)) == -1)492 {493 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTFROM, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);494 }495 496 sa.sin_port = htons(port);497 inet_aton(host.c_str(), &sa.sin_addr);498 499 if (::connect(socket, (struct sockaddr *)&sa, sizeof(sa)) == -1)500 {501 if (::close(socket) == -1)502 {503 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTFROM, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);504 }505 506 socket = -1;507 508 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTFROM, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);509 }510 }511 else512 {513 struct sockaddr_in6 sa;514 sa.sin6_family = AF_INET6;515 sa.sin6_flowinfo = 0;516 sa.sin6_scope_id = 0;517 sa.sin6_port = htons(0);518 inet_pton(AF_INET6, local.c_str(), &sa.sin6_addr);519 520 if (::bind(socket, (struct sockaddr *)&sa, sizeof(sa)) == -1)521 {522 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTFROM, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);523 }524 525 sa.sin6_port = htons(port);526 inet_pton(AF_INET6, host.c_str(), &sa.sin6_addr);527 528 if (::connect(socket, (struct sockaddr *)&sa, sizeof(sa)) == -1)529 {530 if (::close(socket) == -1)531 {532 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTFROM, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);533 }534 535 socket = -1;536 537 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECTFROM, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);538 }539 }540 541 connectSsl();542 543 exchange.init(socket, sslHandle, blocked, blockInherited);544 545 socket = -1;546 sslHandle = NULL;547 548 #ifndef IO_WO_XEXEC549 performXExec(postExec);550 #endif551 }552 553 //-------------------------------------------------------------------554 555 void556 client::connect(const dodoString &path,557 exchange &exchange)558 {559 #ifndef IO_WO_XEXEC560 operType = CLIENT_OPERATION_CONNECT_UNIX;561 performXExec(preExec);562 #endif563 564 initSsl();565 makeSocket();566 567 struct sockaddr_un sa;568 569 unsigned long size = path.size();570 571 if (size >= 108)572 {573 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECT, exception::ERRNO_LIBDODO, CLIENTEX_LONGPATH, IONETWORKCLIENTEX_LONGPATH_STR, __LINE__, __FILE__);574 }575 576 strncpy(sa.sun_path, path.c_str(), size);577 sa.sun_family = AF_UNIX;578 579 if (::connect(socket, (struct sockaddr *)&sa, path.size() + sizeof(sa.sun_family)) == -1)580 {581 if (::close(socket) == -1)582 {583 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECT, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);584 }585 586 socket = -1;587 588 throw exception::basic(exception::ERRMODULE_IONETWORKSSLCLIENT, CLIENTEX_CONNECT, exception::ERRNO_ERRNO, errno, strerror(errno), __LINE__, __FILE__);589 }590 591 connectSsl();592 593 exchange.init(socket, sslHandle, blocked, blockInherited);594 595 socket = -1;596 sslHandle = NULL;597 598 #ifndef IO_WO_XEXEC599 performXExec(postExec);600 #endif601 }602 603 //-------------------------------------------------------------------604 605 #endif606 -
trunk/tests/ionetworkhttp_test/test.cc
r1123 r1185 9 9 #include <libdodo/ioNetworkHttp.h> 10 10 #include <libdodo/types.h> 11 #include <libdodo/cgi.h> 12 #include <libdodo/toolsFilesystem.h> 11 13 12 14 #include <iostream>
Note: See TracChangeset
for help on using the changeset viewer.
