fixes #209 NNG_OPT_TLS_VERIFIED is busted

fixes #210 Want NNG_OPT_TLS_* options for TLS transport
fixes #212 Eliminate a_endpt member of aio

4 files changed, 111 insertions, 48 deletions

diff --git a/src/transport/inproc/inproc.c b/src/transport/inproc/inproc.c
index ae64263c..5b52e80a 100644
--- a/src/transport/inproc/inproc.c
+++ b/src/transport/inproc/inproc.c
@@ -1,6 +1,6 @@
 //
-// Copyright 2017 Garrett D'Amore <garrett@damore.org>
-// Copyright 2017 Capitar IT Group BV <info@capitar.com>
+// Copyright 2018 Staysail Systems, Inc. <info@staysail.tech>
+// Copyright 2018 Capitar IT Group BV <info@capitar.com>
 //
 // This software is supplied under the terms of the MIT License, a
 // copy of which should be located in the distribution where this
@@ -222,7 +222,7 @@ nni_inproc_ep_fini(void *arg)
 static void
 nni_inproc_conn_finish(nni_aio *aio, int rv)
 {
-	nni_inproc_ep *ep = aio->a_endpt;
+	nni_inproc_ep *ep = aio->a_prov_extra[0];
 	void *         pipe;
 
 	nni_aio_list_remove(aio);
@@ -361,6 +361,7 @@ nni_inproc_ep_connect(void *arg, nni_aio *aio)
 		return;
 	}
 
+	aio->a_prov_extra[0] = ep;
 	if ((rv = nni_inproc_pipe_init((void *) &aio->a_pipe, ep)) != 0) {
 		nni_aio_finish_error(aio, rv);
 		nni_mtx_unlock(&nni_inproc.mx);
@@ -418,6 +419,8 @@ nni_inproc_ep_accept(void *arg, nni_aio *aio)
 		return;
 	}
 
+	aio->a_prov_extra[0] = ep;
+
 	// We are already on the master list of servers, thanks to bind.
 
 	if ((rv = nni_inproc_pipe_init((void *) &aio->a_pipe, ep)) != 0) {
diff --git a/src/transport/tls/tls.c b/src/transport/tls/tls.c
index 05d477b5..9832c36c 100644
--- a/src/transport/tls/tls.c
+++ b/src/transport/tls/tls.c
@@ -843,13 +843,68 @@ tls_getopt_config(void *arg, void *v, size_t *szp)
 }
 
 static int
+tls_setopt_ca_file(void *arg, const void *v, size_t sz)
+{
+	nni_tls_ep *ep = arg;
+
+	if (nni_strnlen(v, sz) >= sz) {
+		return (NNG_EINVAL);
+	}
+	if (ep == NULL) {
+		return (0);
+	}
+	return (nng_tls_config_ca_file(ep->cfg, v));
+}
+
+static int
+tls_setopt_auth_mode(void *arg, const void *v, size_t sz)
+{
+	nni_tls_ep *ep = arg;
+	int         mode;
+	int         rv;
+
+	rv = nni_setopt_int(
+	    &mode, v, sz, NNG_TLS_AUTH_MODE_NONE, NNG_TLS_AUTH_MODE_REQUIRED);
+	if ((rv != 0) || (ep == NULL)) {
+		return (rv);
+	}
+	return (nng_tls_config_auth_mode(ep->cfg, mode));
+}
+
+static int
+tls_setopt_server_name(void *arg, const void *v, size_t sz)
+{
+	nni_tls_ep *ep = arg;
+
+	if (nni_strnlen(v, sz) >= sz) {
+		return (NNG_EINVAL);
+	}
+	if (ep == NULL) {
+		return (0);
+	}
+	return (nng_tls_config_server_name(ep->cfg, v));
+}
+
+static int
+tls_setopt_cert_key_file(void *arg, const void *v, size_t sz)
+{
+	nni_tls_ep *ep = arg;
+
+	if (nni_strnlen(v, sz) >= sz) {
+		return (NNG_EINVAL);
+	}
+	if (ep == NULL) {
+		return (0);
+	}
+	return (nng_tls_config_cert_key_file(ep->cfg, v, NULL));
+}
+
+static int
 tls_getopt_verified(void *arg, void *v, size_t *szp)
 {
 	nni_tls_pipe *p = arg;
-	int           verified;
 
-	verified = nni_tls_verified(p->tls);
-	return (nni_getopt_int(verified, v, szp));
+	return (nni_getopt_int(nni_tls_verified(p->tls) ? 1 : 0, v, szp));
 }
 
 static nni_tran_pipe_option nni_tls_pipe_options[] = {
@@ -886,6 +941,26 @@ static nni_tran_ep_option nni_tls_ep_options[] = {
 	    .eo_getopt = tls_getopt_config,
 	    .eo_setopt = tls_setopt_config,
 	},
+	{
+	    .eo_name   = NNG_OPT_TLS_CERT_KEY_FILE,
+	    .eo_getopt = NULL,
+	    .eo_setopt = tls_setopt_cert_key_file,
+	},
+	{
+	    .eo_name   = NNG_OPT_TLS_CA_FILE,
+	    .eo_getopt = NULL,
+	    .eo_setopt = tls_setopt_ca_file,
+	},
+	{
+	    .eo_name   = NNG_OPT_TLS_AUTH_MODE,
+	    .eo_getopt = NULL,
+	    .eo_setopt = tls_setopt_auth_mode,
+	},
+	{
+	    .eo_name   = NNG_OPT_TLS_SERVER_NAME,
+	    .eo_getopt = NULL,
+	    .eo_setopt = tls_setopt_server_name,
+	},
 	// terminate list
 	{ NULL, NULL, NULL },
 };
diff --git a/src/transport/ws/websocket.c b/src/transport/ws/websocket.c
index a06910d3..83155046 100644
--- a/src/transport/ws/websocket.c
+++ b/src/transport/ws/websocket.c
@@ -363,7 +363,6 @@ ws_ep_setopt_recvmaxsz(void *arg, const void *v, size_t sz)
 static int
 ws_ep_setopt_headers(ws_ep *ep, const void *v, size_t sz)
 {
-	// XXX: check that the string is well formed.
 	char *   dupstr;
 	size_t   duplen;
 	char *   name;
@@ -373,6 +372,10 @@ ws_ep_setopt_headers(ws_ep *ep, const void *v, size_t sz)
 	ws_hdr * h;
 	int      rv;
 
+	if (nni_strnlen(v, sz) >= sz) {
+		return (NNG_EINVAL);
+	}
+
 	if (ep == NULL) {
 		return (0);
 	}
@@ -835,13 +838,11 @@ wss_ep_setopt_tlsconfig(void *arg, const void *v, size_t sz)
 	if (ep == NULL) {
 		return (0);
 	}
-	nni_mtx_lock(&ep->mtx);
 	if (ep->mode == NNI_EP_MODE_LISTEN) {
 		rv = nni_ws_listener_set_tls(ep->listener, cfg);
 	} else {
 		rv = nni_ws_dialer_set_tls(ep->dialer, cfg);
 	}
-	nni_mtx_unlock(&ep->mtx);
 	return (rv);
 }
 
@@ -852,20 +853,16 @@ wss_ep_setopt_tls_cert_key_file(void *arg, const void *v, size_t sz)
 	int             rv;
 	nng_tls_config *tls;
 
+	if (nni_strnlen(v, sz) >= sz) {
+		return (NNG_EINVAL);
+	}
 	if (ep == NULL) {
-		if (nni_strnlen(v, sz) >= sz) {
-			return (NNG_EINVAL);
-		}
 		return (0);
 	}
-	nni_mtx_lock(&ep->mtx);
-	if (((rv = wss_get_tls(ep, &tls)) != 0) ||
-	    ((rv = nng_tls_config_cert_key_file(tls, v, NULL)) != 0)) {
-		goto done;
+	if ((rv = wss_get_tls(ep, &tls)) != 0) {
+		return (rv);
 	}
-done:
-	nni_mtx_unlock(&ep->mtx);
-	return (rv);
+	return (nng_tls_config_cert_key_file(tls, v, NULL));
 }
 
 static int
@@ -875,20 +872,16 @@ wss_ep_setopt_tls_ca_file(void *arg, const void *v, size_t sz)
 	int             rv;
 	nng_tls_config *tls;
 
+	if (nni_strnlen(v, sz) >= sz) {
+		return (NNG_EINVAL);
+	}
 	if (ep == NULL) {
-		if (nni_strnlen(v, sz) >= sz) {
-			return (NNG_EINVAL);
-		}
 		return (0);
 	}
-	nni_mtx_lock(&ep->mtx);
-	if (((rv = wss_get_tls(ep, &tls)) != 0) ||
-	    ((rv = nng_tls_config_ca_file(tls, v)) != 0)) {
-		goto done;
+	if ((rv = wss_get_tls(ep, &tls)) != 0) {
+		return (rv);
 	}
-done:
-	nni_mtx_unlock(&ep->mtx);
-	return (rv);
+	return (nng_tls_config_ca_file(tls, v));
 }
 
 static int
@@ -904,14 +897,10 @@ wss_ep_setopt_tls_auth_mode(void *arg, const void *v, size_t sz)
 	if ((rv != 0) || (ep == NULL)) {
 		return (rv);
 	}
-	nni_mtx_lock(&ep->mtx);
-	if (((rv = wss_get_tls(ep, &tls)) != 0) ||
-	    ((rv = nng_tls_config_auth_mode(tls, mode)) != 0)) {
-		goto done;
+	if ((rv = wss_get_tls(ep, &tls)) != 0) {
+		return (rv);
 	}
-done:
-	nni_mtx_unlock(&ep->mtx);
-	return (rv);
+	return (nng_tls_config_auth_mode(tls, mode));
 }
 
 static int
@@ -921,20 +910,16 @@ wss_ep_setopt_tls_server_name(void *arg, const void *v, size_t sz)
 	int             rv;
 	nng_tls_config *tls;
 
+	if (nni_strnlen(v, sz) >= sz) {
+		return (NNG_EINVAL);
+	}
 	if (ep == NULL) {
-		if (nni_strnlen(v, sz) >= sz) {
-			return (NNG_EINVAL);
-		}
 		return (0);
 	}
-	nni_mtx_lock(&ep->mtx);
-	if (((rv = wss_get_tls(ep, &tls)) != 0) ||
-	    ((rv = nng_tls_config_server_name(tls, v)) != 0)) {
-		goto done;
+	if ((rv = wss_get_tls(ep, &tls)) != 0) {
+		return (rv);
 	}
-done:
-	nni_mtx_unlock(&ep->mtx);
-	return (rv);
+	return (nng_tls_config_server_name(tls, v));
 }
 
 static nni_tran_ep_option wss_ep_options[] = {
diff --git a/src/transport/ws/websocket.h b/src/transport/ws/websocket.h
index 76e94c3e..8179beab 100644
--- a/src/transport/ws/websocket.h
+++ b/src/transport/ws/websocket.h
@@ -1,6 +1,6 @@
 //
-// Copyright 2017 Staysail Systems, Inc. <info@staysail.tech>
-// Copyright 2017 Capitar IT Group BV <info@capitar.com>
+// Copyright 2018 Staysail Systems, Inc. <info@staysail.tech>
+// Copyright 2018 Capitar IT Group BV <info@capitar.com>
 //
 // This software is supplied under the terms of the MIT License, a
 // copy of which should be located in the distribution where this