diff options
| author | Garrett D'Amore <garrett@damore.org> | 2024-07-20 16:47:25 -0700 |
|---|---|---|
| committer | Garrett D'Amore <garrett@damore.org> | 2024-07-21 14:23:08 -0700 |
| commit | 0aeed90d9a85eaf6f00e81c6f5f69a7ed9fec8c6 (patch) | |
| tree | 9f1acaa0bc8569a9e8e88e203fddd877f0dbab99 /src/supplemental/tls/tls_common.c | |
| parent | c0b93b441199619d27a1caf201a8c410f4246cf4 (diff) | |
| download | nng-0aeed90d9a85eaf6f00e81c6f5f69a7ed9fec8c6.tar.gz nng-0aeed90d9a85eaf6f00e81c6f5f69a7ed9fec8c6.tar.bz2 nng-0aeed90d9a85eaf6f00e81c6f5f69a7ed9fec8c6.zip | |
fixes #1846 Add support for TLS PSK
This also adds an SP layer transport test for TLS, based on the TCP
test but with some additions; this test does not cover all the edge
cases for TLS, but it does at least show how to use it.
Diffstat (limited to 'src/supplemental/tls/tls_common.c')
| -rw-r--r-- | src/supplemental/tls/tls_common.c | 35 |
1 files changed, 27 insertions, 8 deletions
diff --git a/src/supplemental/tls/tls_common.c b/src/supplemental/tls/tls_common.c index 65805b03..62296de0 100644 --- a/src/supplemental/tls/tls_common.c +++ b/src/supplemental/tls/tls_common.c @@ -1,5 +1,5 @@ // -// Copyright 2021 Staysail Systems, Inc. <info@staysail.tech> +// Copyright 2024 Staysail Systems, Inc. <info@staysail.tech> // Copyright 2018 Capitar IT Group BV <info@capitar.com> // Copyright 2019 Devolutions <info@devolutions.net> // @@ -46,7 +46,7 @@ struct nng_tls_config { const nng_tls_engine *engine; // store this so we can verify nni_mtx lock; int ref; - int busy; + bool busy; size_t size; // ... engine config data follows @@ -843,6 +843,10 @@ tls_alloc(tls_conn **conn_p, nng_tls_config *cfg, nng_aio *user_aio) eng = cfg->engine; + nni_mtx_lock(&cfg->lock); + cfg->busy = true; + nni_mtx_unlock(&cfg->lock); + size = NNI_ALIGN_UP(sizeof(*conn)) + eng->conn_ops->size; if ((conn = nni_zalloc(size)) == NULL) { @@ -1325,7 +1329,7 @@ nng_tls_config_version( int rv; nni_mtx_lock(&cfg->lock); - if (cfg->busy != 0) { + if (cfg->busy) { rv = NNG_EBUSY; } else { rv = cfg->ops.version((void *) (cfg + 1), min_ver, max_ver); @@ -1340,7 +1344,7 @@ nng_tls_config_server_name(nng_tls_config *cfg, const char *name) int rv; nni_mtx_lock(&cfg->lock); - if (cfg->busy != 0) { + if (cfg->busy) { rv = NNG_EBUSY; } else { rv = cfg->ops.server((void *) (cfg + 1), name); @@ -1356,7 +1360,7 @@ nng_tls_config_ca_chain( int rv; nni_mtx_lock(&cfg->lock); - if (cfg->busy != 0) { + if (cfg->busy) { rv = NNG_EBUSY; } else { rv = cfg->ops.ca_chain((void *) (cfg + 1), certs, crl); @@ -1371,7 +1375,7 @@ nng_tls_config_own_cert( { int rv; nni_mtx_lock(&cfg->lock); - if (cfg->busy != 0) { + if (cfg->busy) { rv = NNG_EBUSY; } else { rv = cfg->ops.own_cert((void *) (cfg + 1), cert, key, pass); @@ -1381,12 +1385,27 @@ nng_tls_config_own_cert( } int +nng_tls_config_psk(nng_tls_config *cfg, const char *identity, + const uint8_t *key, size_t key_len) +{ + int rv; + nni_mtx_lock(&cfg->lock); + if (cfg->busy) { + rv = NNG_EBUSY; + } else { + rv = cfg->ops.psk((void *) (cfg + 1), identity, key, key_len); + } + nni_mtx_unlock(&cfg->lock); + return (rv); +} + +int nng_tls_config_auth_mode(nng_tls_config *cfg, nng_tls_auth_mode mode) { int rv; nni_mtx_lock(&cfg->lock); - if (cfg->busy != 0) { + if (cfg->busy) { rv = NNG_EBUSY; } else { rv = cfg->ops.auth((void *) (cfg + 1), mode); @@ -1423,7 +1442,7 @@ nng_tls_config_alloc(nng_tls_config **cfg_p, nng_tls_mode mode) cfg->size = size; cfg->engine = eng; cfg->ref = 1; - cfg->busy = 0; + cfg->busy = false; nni_mtx_init(&cfg->lock); if ((rv = cfg->ops.init((void *) (cfg + 1), mode)) != 0) { |