fixes #166 Websocket TLS mapping

This introduces the wss:// scheme, which is available and works like
the ws:// scheme if TLS is enabled in the library.

The library modularization is refactored somewhat, to make it easier
to use.  There is now a single NNG_ENABLE_TLS that enables TLS support
under the hood.

This also adds a new option for the TLS transport, NNG_OPT_TLS_CONFIG
(and a similar one for WSS, NNG_OPT_TLS_WSS_CONFIG) that offer access
to the underlying TLS configuration object, which now has a public API
to go with it as well.

Note that it is also possible to use pure HTTPS using the *private*
API, which will be exposed in a public form soon.

1 files changed, 50 insertions, 14 deletions

diff --git a/tests/tls.c b/tests/tls.c
index fa44d9c9..70b22fea 100644
--- a/tests/tls.c
+++ b/tests/tls.c
@@ -105,20 +105,54 @@ check_props_v4(nng_msg *msg, nng_listener l, nng_dialer d)
 }
 
 static int
-init_tls(trantest *tt)
+init_dialer_tls(trantest *tt, nng_dialer d)
 {
-	const char *own[3];
-
-	So(nng_setopt(tt->reqsock, NNG_OPT_TLS_CA_CERT, server_cert,
-	       sizeof(server_cert)) == 0);
-	own[0] = server_cert;
-	own[1] = server_key;
-	own[2] = NULL;
-	So(nng_setopt(tt->repsock, NNG_OPT_TLS_CERT, server_cert,
-	       sizeof(server_cert)) == 0);
-	So(nng_setopt(tt->repsock, NNG_OPT_TLS_PRIVATE_KEY, server_key,
-	       sizeof(server_key)) == 0);
+	nng_tls_config *cfg;
+	int             rv;
+
+	if ((rv = nng_tls_config_init(&cfg, NNG_TLS_MODE_CLIENT)) != 0) {
+		return (rv);
+	}
+	if ((rv = nng_tls_config_ca_cert(
+	         cfg, (void *) server_cert, sizeof(server_cert))) != 0) {
+		goto out;
+	}
+	if ((rv = nng_tls_config_server_name(cfg, "127.0.0.1")) != 0) {
+		goto out;
+	}
+	nng_tls_config_auth_mode(cfg, NNG_TLS_AUTH_MODE_NONE);
+	rv = nng_dialer_setopt_ptr(d, NNG_OPT_TLS_CONFIG, cfg);
+
+out:
+	nng_tls_config_fini(cfg);
+	return (rv);
+}
 
+static int
+init_listener_tls(trantest *tt, nng_listener l)
+{
+	nng_tls_config *cfg;
+	int             rv;
+
+	if ((rv = nng_tls_config_init(&cfg, NNG_TLS_MODE_SERVER)) != 0) {
+		return (rv);
+	}
+	if ((rv = nng_tls_config_cert(
+	         cfg, (void *) server_cert, sizeof(server_cert))) != 0) {
+		nng_tls_config_fini(cfg);
+		return (rv);
+	}
+	if ((rv = nng_tls_config_key(
+	         cfg, (void *) server_key, sizeof(server_key))) != 0) {
+		nng_tls_config_fini(cfg);
+		return (rv);
+	}
+
+	if ((rv = nng_listener_setopt_ptr(l, NNG_OPT_TLS_CONFIG, cfg)) != 0) {
+		nng_tls_config_fini(cfg);
+		return (rv);
+	}
+	nng_tls_config_fini(cfg);
 	return (0);
 }
 
@@ -126,8 +160,10 @@ TestMain("TLS Transport", {
 
 	static trantest tt;
 
-	tt.init = init_tls;
-	tt.tmpl = "tls+tcp://127.0.0.1:%u";
+	tt.dialer_init   = init_dialer_tls;
+	tt.listener_init = init_listener_tls;
+	tt.tmpl          = "tls+tcp://127.0.0.1:%u";
+	tt.proptest      = check_props_v4;
 	atexit(nng_fini);
 
 	trantest_test(&tt);