From e4a56ea6a916ec6052c981a61c5d2a543ca4aba0 Mon Sep 17 00:00:00 2001 From: mrcsys Date: Wed, 26 Apr 2006 17:48:29 +0000 Subject: Fixed a significant bug in updated ssl code that would allow processes to "run away" Added a new option and helper functions for socket timeout Added new helper function for ssl arguments --- nanohttp/nanohttp-ssl.h | 75 +++++++++++++++++++++++++++++++++++-------------- 1 file changed, 54 insertions(+), 21 deletions(-) (limited to 'nanohttp/nanohttp-ssl.h') diff --git a/nanohttp/nanohttp-ssl.h b/nanohttp/nanohttp-ssl.h index af99069..7559c8b 100644 --- a/nanohttp/nanohttp-ssl.h +++ b/nanohttp/nanohttp-ssl.h @@ -1,5 +1,5 @@ /****************************************************************** -* $Id: nanohttp-ssl.h,v 1.16 2006/04/17 12:26:17 mrcsys Exp $ +* $Id: nanohttp-ssl.h,v 1.17 2006/04/26 17:48:30 mrcsys Exp $ * * CSOAP Project: A http client/server library in C * Copyright (C) 2001-2005 Rochester Institute of Technology @@ -35,7 +35,8 @@ #endif #ifdef __cplusplus -extern "C" { +extern "C" +{ #endif /** @@ -43,20 +44,25 @@ extern "C" { * Initialization and shutdown of the SSL module * */ -herror_t hssl_module_init(int argc, char **argv); -void hssl_module_destroy(void); + herror_t hssl_module_init(int argc, char **argv); + void hssl_module_destroy(void); -int hssl_enabled(void); + void hssl_set_certificate(char *c); + void hssl_set_certpass(char *c); + void hssl_set_ca(char *c); + void hssl_enable(void); + + int hssl_enabled(void); /** * * Socket initialization and shutdown * */ -herror_t hssl_client_ssl(hsocket_t *sock); -herror_t hssl_server_ssl(hsocket_t *sock); + herror_t hssl_client_ssl(hsocket_t * sock); + herror_t hssl_server_ssl(hsocket_t * sock); -void hssl_cleanup(hsocket_t *sock); + void hssl_cleanup(hsocket_t * sock); /* * Callback for password checker @@ -70,7 +76,7 @@ void hssl_cleanup(hsocket_t *sock); */ #define CERT_SUBJECT 1 -int verify_sn(X509 * cert, int who, int nid, char *str); + int verify_sn(X509 * cert, int who, int nid, char *str); /* * Called by framework for verify @@ -81,9 +87,9 @@ int verify_sn(X509 * cert, int who, int nid, char *str); /* * This function MUST be implemented by user client/server code somewhere */ -void hssl_set_user_verify( int func(X509 * cert) ); + void hssl_set_user_verify(int func(X509 * cert)); -static int _hssl_dummy_verify_cert(X509 * cert); + static int _hssl_dummy_verify_cert(X509 * cert); #ifdef __cplusplus } @@ -91,24 +97,51 @@ static int _hssl_dummy_verify_cert(X509 * cert); #else /* HAVE_SSL */ -static inline herror_t hssl_module_init(int argc, char **argv) { return H_OK; } -static inline void hssl_module_destroy(void) { return; } +static inline herror_t +hssl_module_init(int argc, char **argv) +{ + return H_OK; +} +static inline void +hssl_module_destroy(void) +{ + return; +} -static inline int hssl_enabled(void) { return 0; } +static inline int +hssl_enabled(void) +{ + return 0; +} -static inline herror_t hssl_client_ssl(hsocket_t *sock) { return H_OK; } -static inline herror_t hssl_server_ssl(hsocket_t *sock) { return H_OK; } +static inline herror_t +hssl_client_ssl(hsocket_t * sock) +{ + return H_OK; +} +static inline herror_t +hssl_server_ssl(hsocket_t * sock) +{ + return H_OK; +} -static inline void hssl_cleanup(hsocket_t *sock) { return; } +static inline void +hssl_cleanup(hsocket_t * sock) +{ + return; +} #endif /* HAVE_SSL */ #ifdef __cplusplus -extern "C" { +extern "C" +{ #endif - -herror_t hssl_read(hsocket_t *sock, char *buf, size_t len, size_t *received); -herror_t hssl_write(hsocket_t *sock, const char *buf, size_t len, size_t *sent); + long hssl_bio_read(BIO * b, char *out, int outl); + herror_t hssl_read(hsocket_t * sock, char *buf, size_t len, + size_t * received); + herror_t hssl_write(hsocket_t * sock, const char *buf, size_t len, + size_t * sent); #ifdef __cplusplus } -- cgit v1.1-32-gdbae