diff options
| author | Garrett D'Amore <garrett@damore.org> | 2024-10-27 22:51:29 -0700 |
|---|---|---|
| committer | Garrett D'Amore <garrett@damore.org> | 2024-10-28 07:06:29 -0700 |
| commit | cbd8c5573ef6816d585d00d63568cf98aa6a97b8 (patch) | |
| tree | 52c2242be427f63dd862394de644394a4bc8c352 /src/supplemental/tls | |
| parent | ef1cf275eded10ccfe24c44089eb044dd5cd48b4 (diff) | |
| download | nng-cbd8c5573ef6816d585d00d63568cf98aa6a97b8.tar.gz nng-cbd8c5573ef6816d585d00d63568cf98aa6a97b8.tar.bz2 nng-cbd8c5573ef6816d585d00d63568cf98aa6a97b8.zip | |
tls: Remove the individual TLS configuration options
This is a breaking change.
TLS configuration changes are to be made using TLS configuration
objects, and then set on a listener or dialer with NNG_OPT_TLS_CONFIG.
This should be a bit less racy, and allows for simpler code.
Diffstat (limited to 'src/supplemental/tls')
| -rw-r--r-- | src/supplemental/tls/tls_common.c | 167 |
1 files changed, 0 insertions, 167 deletions
diff --git a/src/supplemental/tls/tls_common.c b/src/supplemental/tls/tls_common.c index a6b3a8d6..02ca1442 100644 --- a/src/supplemental/tls/tls_common.c +++ b/src/supplemental/tls/tls_common.c @@ -191,23 +191,6 @@ tls_dialer_dial(void *arg, nng_aio *aio) } static int -tls_check_string(const void *v, size_t sz, nni_opt_type t) -{ - switch (t) { - case NNI_TYPE_OPAQUE: - if (nni_strnlen(v, sz) >= sz) { - return (NNG_EINVAL); - } - return (0); - case NNI_TYPE_STRING: - // Caller is assumed to pass a good string. - return (0); - default: - return (NNG_EBADTYPE); - } -} - -static int tls_dialer_set_config(void *arg, const void *buf, size_t sz, nni_type t) { int rv; @@ -249,65 +232,6 @@ tls_dialer_get_config(void *arg, void *buf, size_t *szp, nni_type t) return (rv); } -static int -tls_dialer_set_server_name(void *arg, const void *buf, size_t sz, nni_type t) -{ - tls_dialer *d = arg; - int rv; - if ((rv = tls_check_string(buf, sz, t)) == 0) { - nni_mtx_lock(&d->lk); - rv = nng_tls_config_server_name(d->cfg, buf); - nni_mtx_unlock(&d->lk); - } - return (rv); -} - -static int -tls_dialer_set_auth_mode(void *arg, const void *buf, size_t sz, nni_type t) -{ - int mode; - int rv; - tls_dialer *d = arg; - - rv = nni_copyin_int(&mode, buf, sz, NNG_TLS_AUTH_MODE_NONE, - NNG_TLS_AUTH_MODE_REQUIRED, t); - if (rv == 0) { - nni_mtx_lock(&d->lk); - rv = nng_tls_config_auth_mode(d->cfg, mode); - nni_mtx_unlock(&d->lk); - } - return (rv); -} - -static int -tls_dialer_set_ca_file(void *arg, const void *buf, size_t sz, nni_opt_type t) -{ - tls_dialer *d = arg; - int rv; - - if ((rv = tls_check_string(buf, sz, t)) == 0) { - nni_mtx_lock(&d->lk); - rv = nng_tls_config_ca_file(d->cfg, buf); - nni_mtx_unlock(&d->lk); - } - return (rv); -} - -static int -tls_dialer_set_cert_key_file( - void *arg, const void *buf, size_t sz, nni_opt_type t) -{ - tls_dialer *d = arg; - int rv; - - if ((rv = tls_check_string(buf, sz, t)) == 0) { - nni_mtx_lock(&d->lk); - rv = nng_tls_config_cert_key_file(d->cfg, buf, NULL); - nni_mtx_unlock(&d->lk); - } - return (rv); -} - static const nni_option tls_dialer_opts[] = { { .o_name = NNG_OPT_TLS_CONFIG, @@ -315,22 +239,6 @@ static const nni_option tls_dialer_opts[] = { .o_set = tls_dialer_set_config, }, { - .o_name = NNG_OPT_TLS_SERVER_NAME, - .o_set = tls_dialer_set_server_name, - }, - { - .o_name = NNG_OPT_TLS_CA_FILE, - .o_set = tls_dialer_set_ca_file, - }, - { - .o_name = NNG_OPT_TLS_CERT_KEY_FILE, - .o_set = tls_dialer_set_cert_key_file, - }, - { - .o_name = NNG_OPT_TLS_AUTH_MODE, - .o_set = tls_dialer_set_auth_mode, - }, - { .o_name = NULL, }, }; @@ -508,65 +416,6 @@ tls_listener_get_config(void *arg, void *buf, size_t *szp, nni_type t) return (rv); } -static int -tls_listener_set_server_name(void *arg, const void *buf, size_t sz, nni_type t) -{ - tls_listener *l = arg; - int rv; - if ((rv = tls_check_string(buf, sz, t)) == 0) { - nni_mtx_lock(&l->lk); - rv = nng_tls_config_server_name(l->cfg, buf); - nni_mtx_unlock(&l->lk); - } - return (rv); -} - -static int -tls_listener_set_auth_mode(void *arg, const void *buf, size_t sz, nni_type t) -{ - int mode; - int rv; - tls_listener *l = arg; - - rv = nni_copyin_int(&mode, buf, sz, NNG_TLS_AUTH_MODE_NONE, - NNG_TLS_AUTH_MODE_REQUIRED, t); - if (rv == 0) { - nni_mtx_lock(&l->lk); - rv = nng_tls_config_auth_mode(l->cfg, mode); - nni_mtx_unlock(&l->lk); - } - return (rv); -} - -static int -tls_listener_set_ca_file(void *arg, const void *buf, size_t sz, nni_opt_type t) -{ - tls_listener *l = arg; - int rv; - - if ((rv = tls_check_string(buf, sz, t)) == 0) { - nni_mtx_lock(&l->lk); - rv = nng_tls_config_ca_file(l->cfg, buf); - nni_mtx_unlock(&l->lk); - } - return (rv); -} - -static int -tls_listener_set_cert_key_file( - void *arg, const void *buf, size_t sz, nni_opt_type t) -{ - tls_listener *l = arg; - int rv; - - if ((rv = tls_check_string(buf, sz, t)) == 0) { - nni_mtx_lock(&l->lk); - rv = nng_tls_config_cert_key_file(l->cfg, buf, NULL); - nni_mtx_unlock(&l->lk); - } - return (rv); -} - static const nni_option tls_listener_opts[] = { { .o_name = NNG_OPT_TLS_CONFIG, @@ -574,22 +423,6 @@ static const nni_option tls_listener_opts[] = { .o_set = tls_listener_set_config, }, { - .o_name = NNG_OPT_TLS_SERVER_NAME, - .o_set = tls_listener_set_server_name, - }, - { - .o_name = NNG_OPT_TLS_CA_FILE, - .o_set = tls_listener_set_ca_file, - }, - { - .o_name = NNG_OPT_TLS_CERT_KEY_FILE, - .o_set = tls_listener_set_cert_key_file, - }, - { - .o_name = NNG_OPT_TLS_AUTH_MODE, - .o_set = tls_listener_set_auth_mode, - }, - { .o_name = NULL, }, }; |