From 0058b766b91f08b34dcef3c7bb55b216099f3f66 Mon Sep 17 00:00:00 2001 From: Garrett D'Amore Date: Sat, 9 Nov 2024 15:24:43 -0800 Subject: TLS configuration changed to use discret _set_tls and _get_tls functions. This is simpler, and more reliable than using socket options. --- docs/man/nng_tls.7.adoc | 1 - docs/man/nng_tls_options.5.adoc | 25 +++-- docs/man/nng_ws.7.adoc | 18 ++-- docs/ref/migrate/nng1.md | 17 +++- docs/ref/xref.md | 8 ++ include/nng/nng.h | 25 +++-- src/core/dialer.c | 18 ++++ src/core/dialer.h | 4 +- src/core/listener.c | 19 ++++ src/core/listener.h | 2 + src/core/stream.c | 60 ++++++++++++ src/core/stream.h | 8 ++ src/nng.c | 55 +++++++++++ src/sp/transport.h | 18 +++- src/sp/transport/tls/tls.c | 46 +++++++-- src/sp/transport/tls/tls_tran_test.c | 33 ++++--- src/sp/transport/ws/websocket.c | 46 +++++++-- src/supplemental/http/http_client.c | 33 +++---- src/supplemental/http/http_server.c | 156 +++++++++++++++--------------- src/supplemental/tls/tls_common.c | 129 ++++++------------------ src/supplemental/tls/tls_test.c | 18 ++-- src/supplemental/websocket/websocket.c | 66 +++++++++---- src/supplemental/websocket/wssfile_test.c | 4 +- src/tools/nngcat/nngcat.c | 6 +- tests/wss.c | 4 +- 25 files changed, 525 insertions(+), 294 deletions(-) diff --git a/docs/man/nng_tls.7.adoc b/docs/man/nng_tls.7.adoc index 73a63a9f..a4b39f48 100644 --- a/docs/man/nng_tls.7.adoc +++ b/docs/man/nng_tls.7.adoc @@ -107,7 +107,6 @@ Note that setting these must be done before the transport is started. * xref:nng_options.5.adoc#NNG_OPT_REMADDR[`NNG_OPT_REMADDR`] * xref:nng_tcp_options.5.adoc#NNG_OPT_TCP_KEEPALIVE[`NNG_OPT_TCP_KEEPALIVE`] * xref:nng_tcp_options.5.adoc#NNG_OPT_TCP_NODELAY[`NNG_OPT_TCP_NODELAY`] -* xref:nng_tls_options.5.adoc#NNG_OPT_TLS_CONFIG[`NNG_OPT_TLS_CONFIG`] * xref:nng_tls_options.5.adoc#NNG_OPT_TLS_VERIFIED[`NNG_OPT_TLS_VERIFIED_`] * xref:nng_tls_options.5.adoc#NNG_OPT_TLS_PEER_CN[`NNG_OPT_TLS_PEER_CN`] * xref:nng_tls_options.5.adoc#NNG_OPT_TLS_PEER_ALT_NAMES[`NNG_OPT_TLS_PEER_ALT_NAMES`] diff --git a/docs/man/nng_tls_options.5.adoc b/docs/man/nng_tls_options.5.adoc index cf2a99cf..5921246f 100644 --- a/docs/man/nng_tls_options.5.adoc +++ b/docs/man/nng_tls_options.5.adoc @@ -20,7 +20,6 @@ nng_tls_options - TLS-specific options ---- #include -#define NNG_OPT_TLS_CONFIG "tls-config" #define NNG_OPT_TLS_VERIFIED "tls-verified" #define NNG_OPT_TLS_PEER_CN "tls-peer-cn" #define NNG_OPT_TLS_PEER_ALT_NAMES "tls-peer-alt-names" @@ -43,18 +42,18 @@ description of the option. === TLS Options -[[NNG_OPT_TLS_CONFIG]]((`NNG_OPT_TLS_CONFIG`)):: -(`nng_tls_config *`) -This option references the underlying -xref:nng_tls_config.5.adoc[TLS configuration object]. -A hold is placed on the underlying -configuration object before returning it. -+ -NOTE: The caller should release the hold with -xref:nng_tls_config_free.3tls.adoc[`nng_tls_config_free()`] when it no -longer needs the TLS configuration object. -+ -TIP: Use this option when more advanced TLS configuration is required. +// [[NNG_OPT_TLS_CONFIG]]((`NNG_OPT_TLS_CONFIG`)):: +// (`nng_tls_config *`) +// This option references the underlying +// xref:nng_tls_config.5.adoc[TLS configuration object]. +// A hold is placed on the underlying +// configuration object before returning it. +// + +// NOTE: The caller should release the hold with +// xref:nng_tls_config_free.3tls.adoc[`nng_tls_config_free()`] when it no +// longer needs the TLS configuration object. +// + +// TIP: Use this option when more advanced TLS configuration is required. [[NNG_OPT_TLS_VERIFIED]]((`NNG_OPT_TLS_VERIFIED`)):: (`bool`) diff --git a/docs/man/nng_ws.7.adoc b/docs/man/nng_ws.7.adoc index 07c6cd14..938b16a9 100644 --- a/docs/man/nng_ws.7.adoc +++ b/docs/man/nng_ws.7.adoc @@ -145,17 +145,17 @@ When set, the stream will send TEXT frames instead of BINARY frames. NOTE: NNG does not check the frame data, and will attempt to send whatever the client requests. Peers that are compliant with RFC 6455 will discard TEXT frames (and break the connection) if they do not contain valid UTF-8. -((`NNG_OPT_TLS_CONFIG`)):: +// ((`NNG_OPT_TLS_CONFIG`)):: -(`nng_tls_config *`) The underlying TLS -configuration object for `wss://` endpoints. -A hold is placed on the underlying -configuration object before returning it. -The caller should release the object with -xref:nng_tls_config_free.3tls.adoc[`nng_tls_config_free()`] when it no -longer needs the TLS configuration. +// (`nng_tls_config *`) The underlying TLS +// configuration object for `wss://` endpoints. +// A hold is placed on the underlying +// configuration object before returning it. +// The caller should release the object with +// xref:nng_tls_config_free.3tls.adoc[`nng_tls_config_free()`] when it no +// longer needs the TLS configuration. -TIP: Use this option when advanced TLS configuration is required. +// TIP: Use this option when advanced TLS configuration is required. `NNG_OPT_TLS_VERIFIED`:: (`bool`) Whether the remote peer has been properly verified using TLS diff --git a/docs/ref/migrate/nng1.md b/docs/ref/migrate/nng1.md index d98b79f0..7a6698d0 100644 --- a/docs/ref/migrate/nng1.md +++ b/docs/ref/migrate/nng1.md @@ -33,14 +33,21 @@ The `NNG_OPT_WSS_REQUEST_HEADERS` and `NNG_OPT_WSS_RESPONSE_HEADERS` aliases for Just convert any use of them to `NNG_OPT_WS_REQUEST_HEADERS` or `NNG_OPT_WS_RESPONSE_HEADERS` as appropriate. -## TLS Options +## TLS Configuration -The support for configuring TLS via `NNG_TLS_AUTH_MODE`, `NNG_OPT_TLS_CA_FILE`, `NNG_OPT_TLS_SERVER_NAME`, -and similar has been removed. Instead configuration must be performed by allocating +The support for configuring TLS via `NNG_OPT_TLS_CONFIG`, `NNG_TLS_AUTH_MODE`, `NNG_OPT_TLS_CA_FILE`, +`NNG_OPT_TLS_SERVER_NAME`, and similar has been removed. + +Instead configuration must be performed by allocating a `nng_tls_config` object, and then setting fields on it using the appropriate functions, -after which it may be configured on a listener or dialer using the `NNG_OPT_TLS_CONFIG` option. +after which it may be configured on a listener or dialer using the [`nng_listener_set_tls`] +or [`nng_dialer_set_tls`] functions. + +Likewise, when using the streams API, use the [`nng_stream_listener_set_tls`] or +[`nng_stream_dialer_set_tls`] functions. -Note that TLS configuration is now available in ``, rather than the supplemental header. +Note that the declarations needed for TLS configuration are now available in ``, +rather than the supplemental header. ## Option Functions diff --git a/docs/ref/xref.md b/docs/ref/xref.md index 30714dc6..1139fa87 100644 --- a/docs/ref/xref.md +++ b/docs/ref/xref.md @@ -78,6 +78,14 @@ [`nng_sub0_ctx_unsubscribe`]: /TODO.md [`nng_sub0_socket_subscribe`]: /TODO.md [`nng_sub0_socket_unsubscribe`]: /TODO.md +[`nng_dialer_set_tls`]: /TODO.md +[`nng_dialer_get_tls`]: /TODO.md +[`nng_listener_set_tls`]: /TODO.md +[`nng_listener_get_tls`]: /TODO.md +[`nng_stream_dialer_set_tls`]: /TODO.md +[`nng_stream_dialer_get_tls`]: /TODO.md +[`nng_stream_listener_set_tls`]: /TODO.md +[`nng_stream_listener_get_tls`]: /TODO.md [`nng_opts_parse`]: /api/cmd_opts.md#parse-command-line-options [`nng_aio_begin`]: /TODO.md [`nng_aio_defer`]: /TODO.md diff --git a/include/nng/nng.h b/include/nng/nng.h index c39b142d..aebed4b9 100644 --- a/include/nng/nng.h +++ b/include/nng/nng.h @@ -357,6 +357,7 @@ NNG_DECL int nng_dialer_set_ptr(nng_dialer, const char *, void *); NNG_DECL int nng_dialer_set_ms(nng_dialer, const char *, nng_duration); NNG_DECL int nng_dialer_set_addr( nng_dialer, const char *, const nng_sockaddr *); +NNG_DECL int nng_dialer_set_tls(nng_dialer, nng_tls_config *); NNG_DECL int nng_dialer_get_bool(nng_dialer, const char *, bool *); NNG_DECL int nng_dialer_get_int(nng_dialer, const char *, int *); @@ -366,6 +367,7 @@ NNG_DECL int nng_dialer_get_string(nng_dialer, const char *, char **); NNG_DECL int nng_dialer_get_ptr(nng_dialer, const char *, void **); NNG_DECL int nng_dialer_get_ms(nng_dialer, const char *, nng_duration *); NNG_DECL int nng_dialer_get_addr(nng_dialer, const char *, nng_sockaddr *); +NNG_DECL int nng_dialer_get_tls(nng_dialer, nng_tls_config **); NNG_DECL int nng_listener_set_bool(nng_listener, const char *, bool); NNG_DECL int nng_listener_set_int(nng_listener, const char *, int); @@ -376,6 +378,7 @@ NNG_DECL int nng_listener_set_ptr(nng_listener, const char *, void *); NNG_DECL int nng_listener_set_ms(nng_listener, const char *, nng_duration); NNG_DECL int nng_listener_set_addr( nng_listener, const char *, const nng_sockaddr *); +NNG_DECL int nng_listener_set_tls(nng_listener, nng_tls_config *); NNG_DECL int nng_listener_get_bool(nng_listener, const char *, bool *); NNG_DECL int nng_listener_get_int(nng_listener, const char *, int *); @@ -385,6 +388,7 @@ NNG_DECL int nng_listener_get_string(nng_listener, const char *, char **); NNG_DECL int nng_listener_get_ptr(nng_listener, const char *, void **); NNG_DECL int nng_listener_get_ms(nng_listener, const char *, nng_duration *); NNG_DECL int nng_listener_get_addr(nng_listener, const char *, nng_sockaddr *); +NNG_DECL int nng_listener_get_tls(nng_listener, nng_tls_config **); // nng_strerror returns a human-readable string associated with the error // code supplied. @@ -735,15 +739,6 @@ NNG_DECL nng_listener nng_pipe_listener(nng_pipe); // TLS options are only used when the underlying transport supports TLS. -// NNG_OPT_TLS_CONFIG is a pointer to a nng_tls_config object. Generally -// this can be used with endpoints, although once an endpoint is started, or -// once a configuration is used, the value becomes read-only. Note that -// when configuring the object, a hold is placed on the TLS configuration, -// using a reference count. When retrieving the object, no such hold is -// placed, and so the caller must take care not to use the associated object -// after the endpoint it is associated with is closed. -#define NNG_OPT_TLS_CONFIG "tls-config" - // NNG_OPT_TLS_VERIFIED returns a boolean indicating whether the peer has // been verified (true) or not (false). Typically, this is read-only, and // only available for pipes. This option may return incorrect results if @@ -1188,6 +1183,13 @@ NNG_DECL int nng_stream_dialer_set_ptr( NNG_DECL int nng_stream_dialer_set_addr( nng_stream_dialer *, const char *, const nng_sockaddr *); +// Note that when configuring the object, a hold is placed on the TLS +// configuration, using a reference count. When retrieving the object, no such +// hold is placed, and so the caller must take care not to use the associated +// object after the endpoint it is associated with is closed. +NNG_DECL int nng_stream_dialer_get_tls(nng_stream_dialer *, nng_tls_config **); +NNG_DECL int nng_stream_dialer_set_tls(nng_stream_dialer *, nng_tls_config *); + NNG_DECL int nng_stream_listener_alloc(nng_stream_listener **, const char *); NNG_DECL int nng_stream_listener_alloc_url( nng_stream_listener **, const nng_url *); @@ -1228,6 +1230,11 @@ NNG_DECL int nng_stream_listener_set_ptr( NNG_DECL int nng_stream_listener_set_addr( nng_stream_listener *, const char *, const nng_sockaddr *); +NNG_DECL int nng_stream_listener_get_tls( + nng_stream_listener *, nng_tls_config **); +NNG_DECL int nng_stream_listener_set_tls( + nng_stream_listener *, nng_tls_config *); + // UDP operations. These are provided for convenience, // and should be considered somewhat experimental. diff --git a/src/core/dialer.c b/src/core/dialer.c index 722a0868..0ee2d361 100644 --- a/src/core/dialer.c +++ b/src/core/dialer.c @@ -558,6 +558,24 @@ nni_dialer_getopt( return (nni_sock_getopt(d->d_sock, name, valp, szp, t)); } +int +nni_dialer_get_tls(nni_dialer *d, nng_tls_config **cfgp) +{ + if (d->d_ops.d_get_tls == NULL) { + return (NNG_ENOTSUP); + } + return (d->d_ops.d_get_tls(d->d_data, cfgp)); +} + +int +nni_dialer_set_tls(nni_dialer *d, nng_tls_config *cfg) +{ + if (d->d_ops.d_set_tls == NULL) { + return (NNG_ENOTSUP); + } + return (d->d_ops.d_set_tls(d->d_data, cfg)); +} + void nni_dialer_add_stat(nni_dialer *d, nni_stat_item *item) { diff --git a/src/core/dialer.h b/src/core/dialer.h index 7bc1547d..97a24e4a 100644 --- a/src/core/dialer.h +++ b/src/core/dialer.h @@ -1,5 +1,5 @@ // -// Copyright 2021 Staysail Systems, Inc. +// Copyright 2024 Staysail Systems, Inc. // Copyright 2018 Capitar IT Group BV // Copyright 2018 Devolutions // @@ -25,6 +25,8 @@ extern int nni_dialer_setopt( nni_dialer *, const char *, const void *, size_t, nni_type); extern int nni_dialer_getopt( nni_dialer *, const char *, void *, size_t *, nni_type); +extern int nni_dialer_get_tls(nni_dialer *, nng_tls_config **); +extern int nni_dialer_set_tls(nni_dialer *, nng_tls_config *); extern void nni_dialer_add_stat(nni_dialer *, nni_stat_item *); extern void nni_dialer_bump_error(nni_dialer *, int); diff --git a/src/core/listener.c b/src/core/listener.c index 65fe5a9f..38a7d323 100644 --- a/src/core/listener.c +++ b/src/core/listener.c @@ -9,6 +9,7 @@ // found online at https://opensource.org/licenses/MIT. // +#include "core/defs.h" #include "core/nng_impl.h" #include "core/strs.h" #include "nng/nng.h" @@ -507,6 +508,24 @@ nni_listener_getopt( return (nni_sock_getopt(l->l_sock, name, val, szp, t)); } +int +nni_listener_get_tls(nni_listener *l, nng_tls_config **cfgp) +{ + if (l->l_ops.l_get_tls == NULL) { + return (NNG_ENOTSUP); + } + return (l->l_ops.l_get_tls(l->l_data, cfgp)); +} + +int +nni_listener_set_tls(nni_listener *l, nng_tls_config *cfg) +{ + if (l->l_ops.l_set_tls == NULL) { + return (NNG_ENOTSUP); + } + return (l->l_ops.l_set_tls(l->l_data, cfg)); +} + void nni_listener_add_stat(nni_listener *l, nni_stat_item *item) { diff --git a/src/core/listener.h b/src/core/listener.h index c6c0b5d3..67c80be0 100644 --- a/src/core/listener.h +++ b/src/core/listener.h @@ -25,6 +25,8 @@ extern int nni_listener_setopt( nni_listener *, const char *, const void *, size_t, nni_type); extern int nni_listener_getopt( nni_listener *, const char *, void *, size_t *, nni_type); +extern int nni_listener_get_tls(nni_listener *, nng_tls_config **); +extern int nni_listener_set_tls(nni_listener *, nng_tls_config *); extern void nni_listener_add_stat(nni_listener *, nni_stat_item *); extern void nni_listener_bump_error(nni_listener *, int); diff --git a/src/core/stream.c b/src/core/stream.c index 4ac27705..78029ddc 100644 --- a/src/core/stream.c +++ b/src/core/stream.c @@ -214,6 +214,24 @@ nni_stream_dialer_set(nng_stream_dialer *d, const char *nm, const void *data, return (d->sd_set(d, nm, data, sz, t)); } +int +nni_stream_dialer_get_tls(nng_stream_dialer *d, nng_tls_config **cfgp) +{ + if (d->sd_get_tls == NULL) { + return (NNG_ENOTSUP); + } + return (d->sd_get_tls(d, cfgp)); +} + +int +nni_stream_dialer_set_tls(nng_stream_dialer *d, nng_tls_config *cfg) +{ + if (d->sd_set_tls == NULL) { + return (NNG_ENOTSUP); + } + return (d->sd_set_tls(d, cfg)); +} + void nng_stream_listener_close(nng_stream_listener *l) { @@ -252,6 +270,24 @@ nni_stream_listener_set(nng_stream_listener *l, const char *nm, return (l->sl_set(l, nm, data, sz, t)); } +int +nni_stream_listener_get_tls(nng_stream_listener *l, nng_tls_config **cfgp) +{ + if (l->sl_get_tls == NULL) { + return (NNG_ENOTSUP); + } + return (l->sl_get_tls(l, cfgp)); +} + +int +nni_stream_listener_set_tls(nng_stream_listener *l, nng_tls_config *cfg) +{ + if (l->sl_set_tls == NULL) { + return (NNG_ENOTSUP); + } + return (l->sl_set_tls(l, cfg)); +} + int nng_stream_listener_alloc_url(nng_stream_listener **lp, const nng_url *url) { @@ -386,6 +422,12 @@ nng_stream_dialer_get_addr( return (nni_stream_dialer_get(d, n, v, NULL, NNI_TYPE_SOCKADDR)); } +int +nng_stream_dialer_get_tls(nng_stream_dialer *d, nng_tls_config **cfgp) +{ + return (nni_stream_dialer_get_tls(d, cfgp)); +} + int nng_stream_listener_get_int(nng_stream_listener *l, const char *n, int *v) { @@ -437,6 +479,12 @@ nng_stream_listener_get_addr( return (nni_stream_listener_get(l, n, v, NULL, NNI_TYPE_SOCKADDR)); } +int +nng_stream_listener_get_tls(nng_stream_listener *l, nng_tls_config **cfgp) +{ + return (nni_stream_listener_get_tls(l, cfgp)); +} + int nng_stream_dialer_set_int(nng_stream_dialer *d, const char *n, int v) { @@ -488,6 +536,12 @@ nng_stream_dialer_set_addr( return (nni_stream_dialer_set(d, n, v, sizeof(*v), NNI_TYPE_SOCKADDR)); } +int +nng_stream_dialer_set_tls(nng_stream_dialer *d, nng_tls_config *cfg) +{ + return (nni_stream_dialer_set_tls(d, cfg)); +} + int nng_stream_listener_set_int(nng_stream_listener *l, const char *n, int v) { @@ -543,3 +597,9 @@ nng_stream_listener_set_addr( return ( nni_stream_listener_set(l, n, v, sizeof(*v), NNI_TYPE_SOCKADDR)); } + +int +nng_stream_listener_set_tls(nng_stream_listener *l, nng_tls_config *cfg) +{ + return (nni_stream_listener_set_tls(l, cfg)); +} diff --git a/src/core/stream.h b/src/core/stream.h index eb3cb93b..0fa79a47 100644 --- a/src/core/stream.h +++ b/src/core/stream.h @@ -25,11 +25,15 @@ extern int nni_stream_dialer_get( nng_stream_dialer *, const char *, void *, size_t *, nni_type); extern int nni_stream_dialer_set( nng_stream_dialer *, const char *, const void *, size_t, nni_type); +extern int nni_stream_dialer_set_tls(nng_stream_dialer *, nng_tls_config *); +extern int nni_stream_dialer_get_tls(nng_stream_dialer *, nng_tls_config **); extern int nni_stream_listener_get( nng_stream_listener *, const char *, void *, size_t *, nni_type); extern int nni_stream_listener_set( nng_stream_listener *, const char *, const void *, size_t, nni_type); +extern int nni_stream_listener_set_tls(nng_stream_listener *, nng_tls_config *); +extern int nni_stream_listener_get_tls(nng_stream_listener *, nng_tls_config **); // This is the common implementation of a connected byte stream. It should be // the first element of any implementation. Applications are not permitted to @@ -50,6 +54,8 @@ struct nng_stream_dialer { void (*sd_dial)(void *, nng_aio *); int (*sd_get)(void *, const char *, void *, size_t *, nni_type); int (*sd_set)(void *, const char *, const void *, size_t, nni_type); + int (*sd_get_tls)(void *, nng_tls_config **); + int (*sd_set_tls)(void *, nng_tls_config *); }; // Listener implementation. Stream listeners accept connections and create @@ -61,6 +67,8 @@ struct nng_stream_listener { void (*sl_accept)(void *, nng_aio *); int (*sl_get)(void *, const char *, void *, size_t *, nni_type); int (*sl_set)(void *, const char *, const void *, size_t, nni_type); + int (*sl_get_tls)(void *, nng_tls_config **); + int (*sl_set_tls)(void *, nng_tls_config *); }; #endif // CORE_STREAM_H diff --git a/src/nng.c b/src/nng.c index bc68a5d3..dc8be731 100644 --- a/src/nng.c +++ b/src/nng.c @@ -787,6 +787,34 @@ nng_dialer_get_addr(nng_dialer id, const char *n, nng_sockaddr *v) return (dialer_get(id, n, v, NULL, NNI_TYPE_SOCKADDR)); } +int +nng_dialer_get_tls(nng_dialer id, nng_tls_config **cfgp) +{ + int rv; + nni_dialer *d; + if (((rv = nni_init()) != 0) || + ((rv = nni_dialer_find(&d, id.id)) != 0)) { + return (rv); + } + rv = nni_dialer_get_tls(d, cfgp); + nni_dialer_rele(d); + return (rv); +} + +int +nng_dialer_set_tls(nng_dialer id, nng_tls_config *cfg) +{ + int rv; + nni_dialer *d; + if (((rv = nni_init()) != 0) || + ((rv = nni_dialer_find(&d, id.id)) != 0)) { + return (rv); + } + rv = nni_dialer_set_tls(d, cfg); + nni_dialer_rele(d); + return (rv); +} + static int listener_set( nng_listener lid, const char *name, const void *v, size_t sz, nni_type t) @@ -920,6 +948,33 @@ nng_listener_get_addr(nng_listener id, const char *n, nng_sockaddr *v) return (listener_get(id, n, v, NULL, NNI_TYPE_SOCKADDR)); } +int +nng_listener_get_tls(nng_listener id, nng_tls_config **cfgp) +{ + int rv; + nni_listener *l; + if (((rv = nni_init()) != 0) || + ((rv = nni_listener_find(&l, id.id)) != 0)) { + return (rv); + } + rv = nni_listener_get_tls(l, cfgp); + nni_listener_rele(l); + return (rv); +} + +int +nng_listener_set_tls(nng_listener id, nng_tls_config *cfg) +{ + int rv; + nni_listener *l; + if (((rv = nni_init()) != 0) || + ((rv = nni_listener_find(&l, id.id)) != 0)) { + return (rv); + } + rv = nni_listener_set_tls(l, cfg); + nni_listener_rele(l); + return (rv); +} int nng_dialer_close(nng_dialer did) { diff --git a/src/sp/transport.h b/src/sp/transport.h index 76d8d36a..8fd47483 100644 --- a/src/sp/transport.h +++ b/src/sp/transport.h @@ -1,5 +1,5 @@ // -// Copyright 2021 Staysail Systems, Inc. +// Copyright 2024 Staysail Systems, Inc. // Copyright 2018 Capitar IT Group BV // Copyright 2018 Devolutions // @@ -49,6 +49,14 @@ struct nni_sp_dialer_ops { // d_setopt is used to set or change an option. int (*d_setopt)(void *, const char *, const void *, size_t, nni_type); + // d_get_tls is used to get the TLS configuration to use for dialing. + // This may be NULL if the dialer does not support TLS. + int (*d_get_tls)(void *, nng_tls_config **); + + // d_set_tls is used to set the TLS configruation to use for the + // dialer. This may be NULL if this dialer does not support TLS. + int (*d_set_tls)(void *, nng_tls_config *); + // d_options is an array of dialer options. The final // element must have a NULL name. If this member is NULL, then // no dialer specific options are available. @@ -85,6 +93,14 @@ struct nni_sp_listener_ops { // l_setopt is used to set or change an option. int (*l_setopt)(void *, const char *, const void *, size_t, nni_type); + // l_get_tls is used to get the TLS configuration to use for listening. + // This may be NULL if the listener does not support TLS. + int (*l_get_tls)(void *, nng_tls_config **); + + // l_set_tls is used to set the TLS configruation to use for listening. + // This may be NULL if this listener does not support TLS. + int (*l_set_tls)(void *, nng_tls_config *); + // l_options is an array of listener options. The final // element must have a NULL name. If this member is NULL, then // no dialer specific options are available. diff --git a/src/sp/transport/tls/tls.c b/src/sp/transport/tls/tls.c index f74209a2..387ce023 100644 --- a/src/sp/transport/tls/tls.c +++ b/src/sp/transport/tls/tls.c @@ -1240,6 +1240,34 @@ tlstran_listener_set( return (rv); } +static int +tlstran_listener_set_tls(void *arg, nng_tls_config *cfg) +{ + tlstran_ep *ep = arg; + return (nni_stream_listener_set_tls(ep->listener, cfg)); +} + +static int +tlstran_listener_get_tls(void *arg, nng_tls_config **cfgp) +{ + tlstran_ep *ep = arg; + return (nni_stream_listener_get_tls(ep->listener, cfgp)); +} + +static int +tlstran_dialer_set_tls(void *arg, nng_tls_config *cfg) +{ + tlstran_ep *ep = arg; + return (nni_stream_dialer_set_tls(ep->dialer, cfg)); +} + +static int +tlstran_dialer_get_tls(void *arg, nng_tls_config **cfgp) +{ + tlstran_ep *ep = arg; + return (nni_stream_dialer_get_tls(ep->dialer, cfgp)); +} + static nni_sp_dialer_ops tlstran_dialer_ops = { .d_init = tlstran_ep_init_dialer, .d_fini = tlstran_ep_fini, @@ -1247,16 +1275,20 @@ static nni_sp_dialer_ops tlstran_dialer_ops = { .d_close = tlstran_ep_close, .d_getopt = tlstran_dialer_getopt, .d_setopt = tlstran_dialer_setopt, + .d_get_tls = tlstran_dialer_get_tls, + .d_set_tls = tlstran_dialer_set_tls, }; static nni_sp_listener_ops tlstran_listener_ops = { - .l_init = tlstran_ep_init_listener, - .l_fini = tlstran_ep_fini, - .l_bind = tlstran_ep_bind, - .l_accept = tlstran_ep_accept, - .l_close = tlstran_ep_close, - .l_getopt = tlstran_listener_get, - .l_setopt = tlstran_listener_set, + .l_init = tlstran_ep_init_listener, + .l_fini = tlstran_ep_fini, + .l_bind = tlstran_ep_bind, + .l_accept = tlstran_ep_accept, + .l_close = tlstran_ep_close, + .l_getopt = tlstran_listener_get, + .l_setopt = tlstran_listener_set, + .l_set_tls = tlstran_listener_set_tls, + .l_get_tls = tlstran_listener_get_tls, }; static nni_sp_tran tls_tran = { diff --git a/src/sp/transport/tls/tls_tran_test.c b/src/sp/transport/tls/tls_tran_test.c index f186c3d3..67198363 100644 --- a/src/sp/transport/tls/tls_tran_test.c +++ b/src/sp/transport/tls/tls_tran_test.c @@ -71,6 +71,7 @@ test_tls_wild_card_bind(void) uint16_t port; nng_tls_config *cc; nng_tls_config *sc; + nng_tls_config *other; port = nuts_next_port(); @@ -81,11 +82,15 @@ test_tls_wild_card_bind(void) NUTS_OPEN(s2); (void) snprintf(addr, sizeof(addr), "tls+tcp4://*:%u", port); NUTS_PASS(nng_listener_create(&l, s1, addr)); - NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, sc)); + NUTS_PASS(nng_listener_set_tls(l, sc)); + NUTS_PASS(nng_listener_get_tls(l, &other)); + NUTS_TRUE(sc == other); NUTS_PASS(nng_listener_start(l, 0)); (void) snprintf(addr, sizeof(addr), "tls+tcp://127.0.0.1:%u", port); NUTS_PASS(nng_dialer_create(&d, s2, addr)); - NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, cc)); + NUTS_PASS(nng_dialer_set_tls(d, cc)); + NUTS_PASS(nng_dialer_get_tls(d, &other)); + NUTS_TRUE(cc == other); NUTS_PASS(nng_dialer_start(d, 0)); NUTS_CLOSE(s2); NUTS_CLOSE(s1); @@ -109,7 +114,7 @@ test_tls_port_zero_bind(void) NUTS_OPEN(s1); NUTS_OPEN(s2); NUTS_PASS(nng_listener_create(&l, s1, "tls+tcp://127.0.0.1:0")); - NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_listener_set_tls(l, c1)); NUTS_PASS(nng_listener_start(l, 0)); NUTS_PASS(nng_listener_get_string(l, NNG_OPT_URL, &addr)); NUTS_TRUE(memcmp(addr, "tls+tcp://", 6) == 0); @@ -118,7 +123,7 @@ test_tls_port_zero_bind(void) NUTS_TRUE(sa.s_in.sa_port != 0); NUTS_TRUE(sa.s_in.sa_addr = nuts_be32(0x7f000001)); NUTS_PASS(nng_dialer_create(&d, s2, addr)); - NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c2)); + NUTS_PASS(nng_dialer_set_tls(d, c2)); NUTS_PASS(nng_dialer_start(d, 0)); nng_strfree(addr); NUTS_CLOSE(s2); @@ -146,12 +151,12 @@ test_tls_local_address_connect(void) port = nuts_next_port(); (void) snprintf(addr, sizeof(addr), "tls+tcp://127.0.0.1:%u", port); NUTS_PASS(nng_listener_create(&l, s1, addr)); - NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_listener_set_tls(l, c1)); NUTS_PASS(nng_listener_start(l, 0)); (void) snprintf( addr, sizeof(addr), "tls+tcp://127.0.0.1;127.0.0.1:%u", port); NUTS_PASS(nng_dialer_create(&d, s2, addr)); - NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c2)); + NUTS_PASS(nng_dialer_set_tls(d, c2)); NUTS_PASS(nng_dialer_start(d, 0)); NUTS_CLOSE(s2); NUTS_CLOSE(s1); @@ -195,7 +200,7 @@ test_tls_no_delay_option(void) NUTS_OPEN(s); NUTS_PASS(nng_dialer_create(&d, s, addr)); - NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, dc)); + NUTS_PASS(nng_dialer_set_tls(d, dc)); NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_NODELAY, &v)); NUTS_TRUE(v); NUTS_PASS(nng_dialer_set_bool(d, NNG_OPT_TCP_NODELAY, false)); @@ -207,7 +212,7 @@ test_tls_no_delay_option(void) NUTS_FAIL(nng_dialer_set_int(d, NNG_OPT_TCP_NODELAY, x), NNG_EBADTYPE); NUTS_PASS(nng_listener_create(&l, s, addr)); - NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, lc)); + NUTS_PASS(nng_listener_set_tls(l, lc)); NUTS_PASS(nng_listener_get_bool(l, NNG_OPT_TCP_NODELAY, &v)); NUTS_TRUE(v == true); x = 0; @@ -238,7 +243,7 @@ test_tls_keep_alive_option(void) NUTS_ADDR(addr, "tls+tcp"); NUTS_OPEN(s); NUTS_PASS(nng_dialer_create(&d, s, addr)); - NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, dc)); + NUTS_PASS(nng_dialer_set_tls(d, dc)); NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_KEEPALIVE, &v)); NUTS_TRUE(v == false); NUTS_PASS(nng_dialer_set_bool(d, NNG_OPT_TCP_KEEPALIVE, true)); @@ -251,7 +256,7 @@ test_tls_keep_alive_option(void) nng_dialer_set_int(d, NNG_OPT_TCP_KEEPALIVE, x), NNG_EBADTYPE); NUTS_PASS(nng_listener_create(&l, s, addr)); - NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, lc)); + NUTS_PASS(nng_listener_set_tls(l, lc)); NUTS_PASS(nng_listener_get_bool(l, NNG_OPT_TCP_KEEPALIVE, &v)); NUTS_TRUE(v == false); x = 1; @@ -287,7 +292,7 @@ test_tls_recv_max(void) NUTS_PASS(nng_socket_set_ms(s0, NNG_OPT_RECVTIMEO, 100)); NUTS_PASS(nng_socket_set_size(s0, NNG_OPT_RECVMAXSZ, 200)); NUTS_PASS(nng_listener_create(&l, s0, addr)); - NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c0)); + NUTS_PASS(nng_listener_set_tls(l, c0)); NUTS_PASS(nng_socket_get_size(s0, NNG_OPT_RECVMAXSZ, &sz)); NUTS_TRUE(sz == 200); NUTS_PASS(nng_listener_set_size(l, NNG_OPT_RECVMAXSZ, 100)); @@ -295,7 +300,7 @@ test_tls_recv_max(void) NUTS_OPEN(s1); NUTS_PASS(nng_dialer_create(&d, s1, addr)); - NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_dialer_set_tls(d, c1)); NUTS_PASS(nng_dialer_start(d, 0)); NUTS_PASS(nng_send(s1, msg, 95, 0)); NUTS_PASS(nng_socket_set_ms(s1, NNG_OPT_SENDTIMEO, 100)); @@ -335,12 +340,12 @@ test_tls_psk(void) NUTS_OPEN(s0); NUTS_PASS(nng_socket_set_ms(s0, NNG_OPT_RECVTIMEO, 100)); NUTS_PASS(nng_listener_create(&l, s0, addr)); - NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c0)); + NUTS_PASS(nng_listener_set_tls(l, c0)); NUTS_PASS(nng_listener_start(l, 0)); NUTS_OPEN(s1); NUTS_PASS(nng_dialer_create(&d, s1, addr)); - NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_dialer_set_tls(d, c1)); NUTS_PASS(nng_dialer_start(d, 0)); NUTS_PASS(nng_send(s1, msg, 95, 0)); NUTS_PASS(nng_recv(s0, buf, &sz, 0)); diff --git a/src/sp/transport/ws/websocket.c b/src/sp/transport/ws/websocket.c index c749e789..3bfd9f31 100644 --- a/src/sp/transport/ws/websocket.c +++ b/src/sp/transport/ws/websocket.c @@ -596,6 +596,20 @@ wstran_dialer_setopt( return (rv); } +static int +wstran_dialer_get_tls(void *arg, nng_tls_config **tls) +{ + ws_dialer *d = arg; + return (nni_stream_dialer_get_tls(d->dialer, tls)); +} + +static int +wstran_dialer_set_tls(void *arg, nng_tls_config *tls) +{ + ws_dialer *d = arg; + return (nni_stream_dialer_set_tls(d->dialer, tls)); +} + static int wstran_listener_get( void *arg, const char *name, void *buf, size_t *szp, nni_type t) @@ -624,6 +638,20 @@ wstran_listener_set( return (rv); } +static int +wstran_listener_get_tls(void *arg, nng_tls_config **tls) +{ + ws_listener *l = arg; + return (nni_stream_listener_get_tls(l->listener, tls)); +} + +static int +wstran_listener_set_tls(void *arg, nng_tls_config *tls) +{ + ws_listener *l = arg; + return (nni_stream_listener_set_tls(l->listener, tls)); +} + static nni_sp_dialer_ops ws_dialer_ops = { .d_init = wstran_dialer_init, .d_fini = wstran_dialer_fini, @@ -631,16 +659,20 @@ static nni_sp_dialer_ops ws_dialer_ops = { .d_close = wstran_dialer_close, .d_setopt = wstran_dialer_setopt, .d_getopt = wstran_dialer_getopt, + .d_get_tls = wstran_dialer_get_tls, + .d_set_tls = wstran_dialer_set_tls, }; static nni_sp_listener_ops ws_listener_ops = { - .l_init = wstran_listener_init, - .l_fini = wstran_listener_fini, - .l_bind = ws_listener_bind, - .l_accept = wstran_listener_accept, - .l_close = wstran_listener_close, - .l_setopt = wstran_listener_set, - .l_getopt = wstran_listener_get, + .l_init = wstran_listener_init, + .l_fini = wstran_listener_fini, + .l_bind = ws_listener_bind, + .l_accept = wstran_listener_accept, + .l_close = wstran_listener_close, + .l_setopt = wstran_listener_set, + .l_getopt = wstran_listener_get, + .l_get_tls = wstran_listener_get_tls, + .l_set_tls = wstran_listener_set_tls, }; static nni_sp_tran ws_tran = { diff --git a/src/supplemental/http/http_client.c b/src/supplemental/http/http_client.c index b156794c..0fbe3ef9 100644 --- a/src/supplemental/http/http_client.c +++ b/src/supplemental/http/http_client.c @@ -1,5 +1,5 @@ // -// Copyright 2021 Staysail Systems, Inc. +// Copyright 2024 Staysail Systems, Inc. // Copyright 2018 Capitar IT Group BV // Copyright 2019 Devolutions // @@ -25,7 +25,7 @@ struct nng_http_client { nni_list aios; nni_mtx mtx; bool closed; - nni_aio * aio; + nni_aio *aio; nng_stream_dialer *dialer; }; @@ -42,10 +42,10 @@ static void http_dial_cb(void *arg) { nni_http_client *c = arg; - nni_aio * aio; + nni_aio *aio; int rv; - nng_stream * stream; - nni_http_conn * conn; + nng_stream *stream; + nni_http_conn *conn; nni_mtx_lock(&c->mtx); rv = nni_aio_result(c->aio); @@ -101,7 +101,7 @@ nni_http_client_init(nni_http_client **cp, const nni_url *url) int rv; nni_http_client *c; nng_url my_url; - const char * scheme; + const char *scheme; if ((scheme = nni_http_stream_scheme(url->u_scheme)) == NULL) { return (NNG_EADDRINVAL); @@ -138,14 +138,13 @@ nni_http_client_init(nni_http_client **cp, const nni_url *url) int nni_http_client_set_tls(nni_http_client *c, nng_tls_config *tls) { - return (nng_stream_dialer_set_ptr(c->dialer, NNG_OPT_TLS_CONFIG, tls)); + return (nng_stream_dialer_set_tls(c->dialer, tls)); } int nni_http_client_get_tls(nni_http_client *c, nng_tls_config **tlsp) { - return (nng_stream_dialer_get_ptr( - c->dialer, NNG_OPT_TLS_CONFIG, (void **) tlsp)); + return (nng_stream_dialer_get_tls(c->dialer, tlsp)); } int @@ -207,12 +206,12 @@ typedef enum http_txn_state { } http_txn_state; typedef struct http_txn { - nni_aio * aio; // lower level aio + nni_aio *aio; // lower level aio nni_list aios; // upper level aio(s) -- maximum one nni_http_client *client; - nni_http_conn * conn; - nni_http_req * req; - nni_http_res * res; + nni_http_conn *conn; + nni_http_req *req; + nni_http_res *res; nni_http_chunks *chunks; http_txn_state state; } http_txn; @@ -246,13 +245,13 @@ http_txn_finish_aios(http_txn *txn, int rv) static void http_txn_cb(void *arg) { - http_txn * txn = arg; - const char * str; - char * end; + http_txn *txn = arg; + const char *str; + char *end; int rv; uint64_t len; nni_iov iov; - char * dst; + char *dst; size_t sz; nni_http_chunk *chunk = NULL; diff --git a/src/supplemental/http/http_server.c b/src/supplemental/http/http_server.c index 42ff5dd9..ac57cf5b 100644 --- a/src/supplemental/http/http_server.c +++ b/src/supplemental/http/http_server.c @@ -1,5 +1,5 @@ // -// Copyright 2023 Staysail Systems, Inc. +// Copyright 2024 Staysail Systems, Inc. // Copyright 2018 Capitar IT Group BV // Copyright 2018 QXSoftware // Copyright 2019 Devolutions @@ -24,9 +24,9 @@ struct nng_http_handler { nni_list_node node; - char * uri; - char * method; - char * host; + char *uri; + char *method; + char *host; nng_sockaddr host_addr; bool host_ip; bool tree; @@ -35,33 +35,33 @@ struct nng_http_handler { nni_atomic_bool busy; size_t maxbody; bool getbody; - void * data; + void *data; nni_cb dtor; void (*cb)(nni_aio *); }; typedef struct http_sconn { nni_list_node node; - nni_http_conn * conn; - nni_http_server * server; - nni_http_req * req; - nni_http_res * res; + nni_http_conn *conn; + nni_http_server *server; + nni_http_req *req; + nni_http_res *res; nni_http_handler *handler; // set if we deferred to read body nni_http_handler *release; // set if we dispatched handler bool close; bool closed; bool finished; - nni_aio * cbaio; - nni_aio * rxaio; - nni_aio * txaio; - nni_aio * txdataio; + nni_aio *cbaio; + nni_aio *rxaio; + nni_aio *txaio; + nni_aio *txdataio; nni_reap_node reap; } http_sconn; typedef struct http_error { nni_list_node node; uint16_t code; - void * body; + void *body; size_t len; } http_error; @@ -75,10 +75,10 @@ struct nng_http_server { nni_mtx mtx; bool closed; bool fini; // if nni_http_server_fini was called - nni_aio * accaio; + nni_aio *accaio; nng_stream_listener *listener; int port; // native order - char * hostname; + char *hostname; nni_list errors; nni_mtx errors_mtx; nni_reap_node reap; @@ -277,7 +277,7 @@ static nni_mtx http_servers_lk = NNI_MTX_INITIALIZER; static void http_sc_reap(void *arg) { - http_sconn * sc = arg; + http_sconn *sc = arg; nni_http_server *s = sc->server; NNI_ASSERT(!sc->finished); sc->finished = true; @@ -346,7 +346,7 @@ static void http_sconn_txdatdone(void *arg) { http_sconn *sc = arg; - nni_aio * aio = sc->txdataio; + nni_aio *aio = sc->txdataio; if (nni_aio_result(aio) != 0) { http_sconn_close(sc); @@ -370,7 +370,7 @@ static void http_sconn_txdone(void *arg) { http_sconn *sc = arg; - nni_aio * aio = sc->txaio; + nni_aio *aio = sc->txaio; if (nni_aio_result(aio) != 0) { http_sconn_close(sc); @@ -572,21 +572,21 @@ http_handler_host_match(nni_http_handler *h, const char *host) static void http_sconn_rxdone(void *arg) { - http_sconn * sc = arg; - nni_http_server * s = sc->server; - nni_aio * aio = sc->rxaio; + http_sconn *sc = arg; + nni_http_server *s = sc->server; + nni_aio *aio = sc->rxaio; int rv; nni_http_handler *h = NULL; nni_http_handler *head = NULL; - const char * val; - nni_http_req * req = sc->req; - char * uri; + const char *val; + nni_http_req *req = sc->req; + char *uri; size_t urisz; - char * path; + char *path; bool badmeth = false; bool needhost = false; - const char * host; - const char * cls; + const char *host; + const char *cls; if ((rv = nni_aio_result(aio)) != 0) { http_sconn_close(sc); @@ -712,7 +712,7 @@ http_sconn_rxdone(void *arg) if ((h->getbody) && ((cls = nni_http_req_get_header(req, "Content-Length")) != NULL)) { uint64_t len; - char * end; + char *end; len = strtoull(cls, &end, 10); if ((end == NULL) || (*end != '\0') || (len > h->maxbody)) { @@ -762,11 +762,11 @@ finish: static void http_sconn_cbdone(void *arg) { - http_sconn * sc = arg; - nni_aio * aio = sc->cbaio; - nni_http_res * res; + http_sconn *sc = arg; + nni_aio *aio = sc->cbaio; + nni_http_res *res; nni_http_handler *h; - nni_http_server * s = sc->server; + nni_http_server *s = sc->server; // Get the handler. It may be set regardless of success or // failure. Clear it, and drop our reference, since we're @@ -804,7 +804,7 @@ http_sconn_cbdone(void *arg) } sc->res = res; if (strcmp(nni_http_req_get_method(sc->req), "HEAD") == 0) { - void * data; + void *data; size_t size; // prune off the data, but preserve the content-length // header. By passing NULL here, we leave off the old @@ -863,9 +863,9 @@ static void http_server_acccb(void *arg) { nni_http_server *s = arg; - nni_aio * aio = s->accaio; - nng_stream * stream; - http_sconn * sc; + nni_aio *aio = s->accaio; + nng_stream *stream; + http_sconn *sc; int rv; nni_mtx_lock(&s->mtx); @@ -904,7 +904,7 @@ static void http_server_fini(nni_http_server *s) { nni_http_handler *h; - http_error * epage; + http_error *epage; nni_aio_stop(s->accaio); @@ -937,7 +937,7 @@ http_server_init(nni_http_server **serverp, const nni_url *url) nni_http_server *s; int rv; nng_url my_url; - const char * scheme; + const char *scheme; if ((scheme = nni_http_stream_scheme(url->u_scheme)) == NULL) { return (NNG_EADDRINVAL); @@ -1127,7 +1127,7 @@ int nni_http_server_set_error_page( nni_http_server *s, uint16_t code, const char *html) { - char * body; + char *body; int rv; size_t len; @@ -1147,7 +1147,7 @@ int nni_http_server_set_error_file( nni_http_server *s, uint16_t code, const char *path) { - void * body; + void *body; size_t len; int rv; if ((rv = nni_file_get(path, &body, &len)) != 0) { @@ -1163,8 +1163,8 @@ int nni_http_server_res_error(nni_http_server *s, nni_http_res *res) { http_error *epage; - char * body = NULL; - char * html = NULL; + char *body = NULL; + char *html = NULL; size_t len = 0; uint16_t code = nni_http_res_get_status(res); int rv; @@ -1394,12 +1394,12 @@ static void http_handle_file(nni_aio *aio) { nni_http_handler *h = nni_aio_get_input(aio, 1); - nni_http_res * res = NULL; - void * data; + nni_http_res *res = NULL; + void *data; size_t size; int rv; - http_file * hf = nni_http_handler_get_data(h); - const char * ctype; + http_file *hf = nni_http_handler_get_data(h); + const char *ctype; if ((ctype = hf->ctype) == NULL) { ctype = "application/octet-stream"; @@ -1466,7 +1466,7 @@ nni_http_handler_init_file_ctype(nni_http_handler **hpp, const char *uri, const char *path, const char *ctype) { nni_http_handler *h; - http_file * hf; + http_file *hf; int rv; if ((hf = NNI_ALLOC_STRUCT(hf)) == NULL) { @@ -1515,21 +1515,21 @@ nni_http_handler_init_file( static void http_handle_dir(nni_aio *aio) { - nni_http_req * req = nni_aio_get_input(aio, 0); + nni_http_req *req = nni_aio_get_input(aio, 0); nni_http_handler *h = nni_aio_get_input(aio, 1); - nni_http_res * res = NULL; - void * data; + nni_http_res *res = NULL; + void *data; size_t size; int rv; - http_file * hf = nni_http_handler_get_data(h); - const char * path = hf->path; - const char * base = nni_http_handler_get_uri(h); // base uri - const char * uri = nni_http_req_get_uri(req); - const char * ctype; - char * dst; + http_file *hf = nni_http_handler_get_data(h); + const char *path = hf->path; + const char *base = nni_http_handler_get_uri(h); // base uri + const char *uri = nni_http_req_get_uri(req); + const char *ctype; + char *dst; size_t len; size_t pnsz; - char * pn; + char *pn; len = strlen(base); if (base[1] != '\0' && // Allows "/" as base @@ -1647,7 +1647,7 @@ int nni_http_handler_init_directory( nni_http_handler **hpp, const char *uri, const char *path) { - http_file * hf; + http_file *hf; nni_http_handler *h; int rv; @@ -1679,22 +1679,22 @@ nni_http_handler_init_directory( typedef struct http_redirect { uint16_t code; - char * where; + char *where; } http_redirect; static void http_handle_redirect(nni_aio *aio) { - nni_http_res * r = NULL; - char * html = NULL; - char * msg = NULL; - char * loc = NULL; - http_redirect * hr; + nni_http_res *r = NULL; + char *html = NULL; + char *msg = NULL; + char *loc = NULL; + http_redirect *hr; nni_http_handler *h; int rv; - nni_http_req * req; - const char * base; - const char * uri; + nni_http_req *req; + const char *base; + const char *uri; req = nni_aio_get_input(aio, 0); h = nni_aio_get_input(aio, 1); @@ -1766,7 +1766,7 @@ nni_http_handler_init_redirect(nni_http_handler **hpp, const char *uri, { nni_http_handler *h; int rv; - http_redirect * hr; + http_redirect *hr; if ((hr = NNI_ALLOC_STRUCT(hr)) == NULL) { return (NNG_ENOMEM); @@ -1802,18 +1802,18 @@ nni_http_handler_init_redirect(nni_http_handler **hpp, const char *uri, } typedef struct http_static { - void * data; + void *data; size_t size; - char * ctype; + char *ctype; } http_static; static void http_handle_static(nni_aio *aio) { - http_static * hs; - const char * ctype; + http_static *hs; + const char *ctype; nni_http_handler *h; - nni_http_res * r = NULL; + nni_http_res *r = NULL; int rv; h = nni_aio_get_input(aio, 1); @@ -1854,7 +1854,7 @@ nni_http_handler_init_static(nni_http_handler **hpp, const char *uri, { nni_http_handler *h; int rv; - http_static * hs; + http_static *hs; if ((hs = NNI_ALLOC_STRUCT(hs)) == NULL) { return (NNG_ENOMEM); @@ -1888,15 +1888,13 @@ nni_http_handler_init_static(nni_http_handler **hpp, const char *uri, int nni_http_server_set_tls(nni_http_server *s, nng_tls_config *tls) { - return ( - nng_stream_listener_set_ptr(s->listener, NNG_OPT_TLS_CONFIG, tls)); + return (nng_stream_listener_set_tls(s->listener, tls)); } int nni_http_server_get_tls(nni_http_server *s, nng_tls_config **tlsp) { - return (nng_stream_listener_get_ptr( - s->listener, NNG_OPT_TLS_CONFIG, (void **) tlsp)); + return (nng_stream_listener_get_tls(s->listener, tlsp)); } int diff --git a/src/supplemental/tls/tls_common.c b/src/supplemental/tls/tls_common.c index 139460f5..49d1a292 100644 --- a/src/supplemental/tls/tls_common.c +++ b/src/supplemental/tls/tls_common.c @@ -191,16 +191,10 @@ tls_dialer_dial(void *arg, nng_aio *aio) } static int -tls_dialer_set_config(void *arg, const void *buf, size_t sz, nni_type t) +tls_dialer_set_tls(void *arg, nng_tls_config *cfg) { - int rv; - nng_tls_config *cfg; tls_dialer *d = arg; nng_tls_config *old; - - if ((rv = nni_copyin_ptr((void **) &cfg, buf, sz, t)) != 0) { - return (rv); - } if (cfg == NULL) { return (NNG_EINVAL); } @@ -216,44 +210,21 @@ tls_dialer_set_config(void *arg, const void *buf, size_t sz, nni_type t) } static int -tls_dialer_get_config(void *arg, void *buf, size_t *szp, nni_type t) +tls_dialer_get_tls(void *arg, nng_tls_config **cfg) { - tls_dialer *d = arg; - nng_tls_config *cfg; - int rv; + tls_dialer *d = arg; nni_mtx_lock(&d->lk); - if ((cfg = d->cfg) != NULL) { - nng_tls_config_hold(cfg); - } - if ((rv = nni_copyout_ptr(cfg, buf, szp, t)) != 0) { - nng_tls_config_free(cfg); - } + *cfg = d->cfg; nni_mtx_unlock(&d->lk); - return (rv); + return (0); } -static const nni_option tls_dialer_opts[] = { - { - .o_name = NNG_OPT_TLS_CONFIG, - .o_get = tls_dialer_get_config, - .o_set = tls_dialer_set_config, - }, - { - .o_name = NULL, - }, -}; - static int tls_dialer_get(void *arg, const char *name, void *buf, size_t *szp, nni_type t) { tls_dialer *d = arg; - int rv; - rv = nni_stream_dialer_get(d->d, name, buf, szp, t); - if (rv == NNG_ENOTSUP) { - rv = nni_getopt(tls_dialer_opts, name, d, buf, szp, t); - } - return (rv); + return (nni_stream_dialer_get(d->d, name, buf, szp, t)); } static int @@ -261,13 +232,8 @@ tls_dialer_set( void *arg, const char *name, const void *buf, size_t sz, nni_type t) { tls_dialer *d = arg; - int rv; - rv = nni_stream_dialer_set(d->d, name, buf, sz, t); - if (rv == NNG_ENOTSUP) { - rv = nni_setopt(tls_dialer_opts, name, d, buf, sz, t); - } - return (rv); + return (nni_stream_dialer_set(d->d, name, buf, sz, t)); } int @@ -305,12 +271,15 @@ nni_tls_dialer_alloc(nng_stream_dialer **dp, const nng_url *url) // Set the expected outbound hostname nng_tls_config_server_name(d->cfg, url->u_hostname); - d->ops.sd_close = tls_dialer_close; - d->ops.sd_free = tls_dialer_free; - d->ops.sd_dial = tls_dialer_dial; - d->ops.sd_get = tls_dialer_get; - d->ops.sd_set = tls_dialer_set; - *dp = (void *) d; + d->ops.sd_close = tls_dialer_close; + d->ops.sd_free = tls_dialer_free; + d->ops.sd_dial = tls_dialer_dial; + d->ops.sd_get = tls_dialer_get; + d->ops.sd_set = tls_dialer_set; + d->ops.sd_get_tls = tls_dialer_get_tls; + d->ops.sd_set_tls = tls_dialer_set_tls; + + *dp = (void *) d; return (rv); } @@ -373,20 +342,13 @@ tls_listener_accept(void *arg, nng_aio *aio) } static int -tls_listener_set_config(void *arg, const void *buf, size_t sz, nni_type t) +tls_listener_set_tls(void *arg, nng_tls_config *cfg) { - int rv; - nng_tls_config *cfg; tls_listener *l = arg; nng_tls_config *old; - - if ((rv = nni_copyin_ptr((void **) &cfg, buf, sz, t)) != 0) { - return (rv); - } if (cfg == NULL) { return (NNG_EINVAL); } - nng_tls_config_hold(cfg); nni_mtx_lock(&l->lk); @@ -395,64 +357,35 @@ tls_listener_set_config(void *arg, const void *buf, size_t sz, nni_type t) nni_mtx_unlock(&l->lk); nng_tls_config_free(old); - return (0); } static int -tls_listener_get_config(void *arg, void *buf, size_t *szp, nni_type t) +tls_listener_get_tls(void *arg, nng_tls_config **cfg) { - tls_listener *l = arg; - nng_tls_config *cfg; - int rv; + tls_listener *l = arg; nni_mtx_lock(&l->lk); - if ((cfg = l->cfg) != NULL) { - nng_tls_config_hold(cfg); - } - if ((rv = nni_copyout_ptr(cfg, buf, szp, t)) != 0) { - nng_tls_config_free(cfg); - } + *cfg = l->cfg; nni_mtx_unlock(&l->lk); - return (rv); + return (0); } -static const nni_option tls_listener_opts[] = { - { - .o_name = NNG_OPT_TLS_CONFIG, - .o_get = tls_listener_get_config, - .o_set = tls_listener_set_config, - }, - { - .o_name = NULL, - }, -}; - static int tls_listener_get( void *arg, const char *name, void *buf, size_t *szp, nni_type t) { - int rv; tls_listener *l = arg; - rv = nni_stream_listener_get(l->l, name, buf, szp, t); - if (rv == NNG_ENOTSUP) { - rv = nni_getopt(tls_listener_opts, name, l, buf, szp, t); - } - return (rv); + return (nni_stream_listener_get(l->l, name, buf, szp, t)); } static int tls_listener_set( void *arg, const char *name, const void *buf, size_t sz, nni_type t) { - int rv; tls_listener *l = arg; - rv = nni_stream_listener_set(l->l, name, buf, sz, t); - if (rv == NNG_ENOTSUP) { - rv = nni_setopt(tls_listener_opts, name, l, buf, sz, t); - } - return (rv); + return (nni_stream_listener_set(l->l, name, buf, sz, t)); } int @@ -487,13 +420,15 @@ nni_tls_listener_alloc(nng_stream_listener **lp, const nng_url *url) NNI_FREE_STRUCT(l); return (rv); } - l->ops.sl_free = tls_listener_free; - l->ops.sl_close = tls_listener_close; - l->ops.sl_accept = tls_listener_accept; - l->ops.sl_listen = tls_listener_listen; - l->ops.sl_get = tls_listener_get; - l->ops.sl_set = tls_listener_set; - *lp = (void *) l; + l->ops.sl_free = tls_listener_free; + l->ops.sl_close = tls_listener_close; + l->ops.sl_accept = tls_listener_accept; + l->ops.sl_listen = tls_listener_listen; + l->ops.sl_get = tls_listener_get; + l->ops.sl_set = tls_listener_set; + l->ops.sl_get_tls = tls_listener_get_tls; + l->ops.sl_set_tls = tls_listener_set_tls; + *lp = (void *) l; return (0); } diff --git a/src/supplemental/tls/tls_test.c b/src/supplemental/tls/tls_test.c index 3d0c16a0..9317890d 100644 --- a/src/supplemental/tls/tls_test.c +++ b/src/supplemental/tls/tls_test.c @@ -106,7 +106,7 @@ test_tls_large_message(void) NUTS_PASS(nng_tls_config_alloc(&c1, NNG_TLS_MODE_SERVER)); NUTS_PASS(nng_tls_config_own_cert( c1, nuts_server_crt, nuts_server_key, NULL)); - NUTS_PASS(nng_stream_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_stream_listener_set_tls(l, c1)); NUTS_PASS(nng_stream_listener_listen(l)); NUTS_PASS( nng_stream_listener_get_int(l, NNG_OPT_TCP_BOUND_PORT, &port)); @@ -119,7 +119,7 @@ test_tls_large_message(void) NUTS_PASS(nng_tls_config_ca_chain(c2, nuts_server_crt, NULL)); NUTS_PASS(nng_tls_config_server_name(c2, "localhost")); - NUTS_PASS(nng_stream_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c2)); + NUTS_PASS(nng_stream_dialer_set_tls(d, c2)); nng_stream_listener_accept(l, aio1); nng_stream_dialer_dial(d, aio2); @@ -211,7 +211,7 @@ test_tls_psk(void) NUTS_PASS(nng_stream_listener_alloc(&l, "tls+tcp://127.0.0.1:0")); NUTS_PASS(nng_tls_config_alloc(&c1, NNG_TLS_MODE_SERVER)); NUTS_PASS(nng_tls_config_psk(c1, "identity", key, sizeof(key))); - NUTS_PASS(nng_stream_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_stream_listener_set_tls(l, c1)); NUTS_PASS(nng_stream_listener_listen(l)); NUTS_PASS( nng_stream_listener_get_int(l, NNG_OPT_TCP_BOUND_PORT, &port)); @@ -223,7 +223,7 @@ test_tls_psk(void) NUTS_PASS(nng_tls_config_alloc(&c2, NNG_TLS_MODE_CLIENT)); NUTS_PASS(nng_tls_config_psk(c2, "identity", key, sizeof(key))); - NUTS_PASS(nng_stream_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c2)); + NUTS_PASS(nng_stream_dialer_set_tls(d, c2)); nng_stream_listener_accept(l, aio1); nng_stream_dialer_dial(d, aio2); @@ -301,7 +301,7 @@ test_tls_psk_server_identities(void) nng_tls_config_psk(c1, "identity2", key + 4, sizeof(key) - 4)); NUTS_PASS(nng_tls_config_psk(c1, identity, key + 4, sizeof(key) - 4)); NUTS_PASS(nng_tls_config_psk(c1, identity, key, sizeof(key))); - NUTS_PASS(nng_stream_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_stream_listener_set_tls(l, c1)); NUTS_PASS(nng_stream_listener_listen(l)); NUTS_PASS( nng_stream_listener_get_int(l, NNG_OPT_TCP_BOUND_PORT, &port)); @@ -313,7 +313,7 @@ test_tls_psk_server_identities(void) NUTS_PASS(nng_tls_config_alloc(&c2, NNG_TLS_MODE_CLIENT)); NUTS_PASS(nng_tls_config_psk(c2, identity, key, sizeof(key))); - NUTS_PASS(nng_stream_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c2)); + NUTS_PASS(nng_stream_dialer_set_tls(d, c2)); nng_stream_listener_accept(l, aio1); nng_stream_dialer_dial(d, aio2); @@ -387,7 +387,7 @@ test_tls_psk_bad_identity(void) NUTS_PASS(nng_tls_config_alloc(&c1, NNG_TLS_MODE_SERVER)); // Replace the identity .. first write one value, then we change it NUTS_PASS(nng_tls_config_psk(c1, "identity1", key, sizeof(key))); - NUTS_PASS(nng_stream_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_stream_listener_set_tls(l, c1)); NUTS_PASS(nng_stream_listener_listen(l)); NUTS_PASS( nng_stream_listener_get_int(l, NNG_OPT_TCP_BOUND_PORT, &port)); @@ -400,7 +400,7 @@ test_tls_psk_bad_identity(void) NUTS_PASS(nng_tls_config_psk(c2, "identity2", key, sizeof(key))); NUTS_PASS(nng_tls_config_server_name(c2, "localhost")); - NUTS_PASS(nng_stream_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c2)); + NUTS_PASS(nng_stream_dialer_set_tls(d, c2)); nng_stream_listener_accept(l, aio1); nng_stream_dialer_dial(d, aio2); @@ -463,7 +463,7 @@ test_tls_psk_config_busy(void) NUTS_PASS(nng_stream_listener_alloc(&l, "tls+tcp://127.0.0.1:0")); NUTS_PASS(nng_tls_config_alloc(&c1, NNG_TLS_MODE_SERVER)); NUTS_PASS(nng_tls_config_psk(c1, "identity", key, sizeof(key))); - NUTS_PASS(nng_stream_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_stream_listener_set_tls(l, c1)); nng_stream_listener_accept(l, aio); nng_msleep(100); NUTS_FAIL( diff --git a/src/supplemental/websocket/websocket.c b/src/supplemental/websocket/websocket.c index 8c622be6..ad3ee928 100644 --- a/src/supplemental/websocket/websocket.c +++ b/src/supplemental/websocket/websocket.c @@ -2110,6 +2110,20 @@ ws_listener_get( return (rv); } +static int +ws_listener_get_tls(void *arg, nng_tls_config **cfgp) +{ + nni_ws_listener *l = arg; + return (nni_http_server_get_tls(l->server, cfgp)); +} + +static int +ws_listener_set_tls(void *arg, nng_tls_config *cfg) +{ + nni_ws_listener *l = arg; + return (nni_http_server_set_tls(l->server, cfg)); +} + int nni_ws_listener_alloc(nng_stream_listener **wslp, const nng_url *url) { @@ -2151,17 +2165,19 @@ nni_ws_listener_alloc(nng_stream_listener **wslp, const nng_url *url) return (rv); } - l->fragsize = WS_DEF_MAXTXFRAME; - l->maxframe = WS_DEF_MAXRXFRAME; - l->recvmax = WS_DEF_RECVMAX; - l->isstream = true; - l->ops.sl_free = ws_listener_free; - l->ops.sl_close = ws_listener_close; - l->ops.sl_accept = ws_listener_accept; - l->ops.sl_listen = ws_listener_listen; - l->ops.sl_set = ws_listener_set; - l->ops.sl_get = ws_listener_get; - *wslp = (void *) l; + l->fragsize = WS_DEF_MAXTXFRAME; + l->maxframe = WS_DEF_MAXRXFRAME; + l->recvmax = WS_DEF_RECVMAX; + l->isstream = true; + l->ops.sl_free = ws_listener_free; + l->ops.sl_close = ws_listener_close; + l->ops.sl_accept = ws_listener_accept; + l->ops.sl_listen = ws_listener_listen; + l->ops.sl_set = ws_listener_set; + l->ops.sl_get = ws_listener_get; + l->ops.sl_get_tls = ws_listener_get_tls; + l->ops.sl_set_tls = ws_listener_set_tls; + *wslp = (void *) l; return (0); } @@ -2641,6 +2657,20 @@ ws_dialer_get(void *arg, const char *name, void *buf, size_t *szp, nni_type t) return (rv); } +static int +ws_dialer_get_tls(void *arg, nng_tls_config **cfgp) +{ + nni_ws_dialer *d = arg; + return (nni_http_client_get_tls(d->client, cfgp)); +} + +static int +ws_dialer_set_tls(void *arg, nng_tls_config *cfg) +{ + nni_ws_dialer *d = arg; + return (nni_http_client_set_tls(d->client, cfg)); +} + int nni_ws_dialer_alloc(nng_stream_dialer **dp, const nng_url *url) { @@ -2670,12 +2700,14 @@ nni_ws_dialer_alloc(nng_stream_dialer **dp, const nng_url *url) d->maxframe = WS_DEF_MAXRXFRAME; d->fragsize = WS_DEF_MAXTXFRAME; - d->ops.sd_free = ws_dialer_free; - d->ops.sd_close = ws_dialer_close; - d->ops.sd_dial = ws_dialer_dial; - d->ops.sd_set = ws_dialer_set; - d->ops.sd_get = ws_dialer_get; - *dp = (void *) d; + d->ops.sd_free = ws_dialer_free; + d->ops.sd_close = ws_dialer_close; + d->ops.sd_dial = ws_dialer_dial; + d->ops.sd_set = ws_dialer_set; + d->ops.sd_get = ws_dialer_get; + d->ops.sd_set_tls = ws_dialer_set_tls; + d->ops.sd_get_tls = ws_dialer_get_tls; + *dp = (void *) d; return (0); } diff --git a/src/supplemental/websocket/wssfile_test.c b/src/supplemental/websocket/wssfile_test.c index b449a6bf..584f8481 100644 --- a/src/supplemental/websocket/wssfile_test.c +++ b/src/supplemental/websocket/wssfile_test.c @@ -32,7 +32,7 @@ init_dialer_wss_file(nng_dialer d) NUTS_PASS(nng_tls_config_alloc(&c, NNG_TLS_MODE_CLIENT)); NUTS_PASS(nng_tls_config_ca_file(c, pth)); NUTS_PASS(nng_tls_config_server_name(c, "localhost")); - NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c)); + NUTS_PASS(nng_dialer_set_tls(d, c)); nni_file_delete(pth); nng_strfree(pth); nng_tls_config_free(c); @@ -57,7 +57,7 @@ init_listener_wss_file(nng_listener l) nng_strfree(cert_key); NUTS_PASS(nng_tls_config_alloc(&c, NNG_TLS_MODE_SERVER)); NUTS_PASS(nng_tls_config_cert_key_file(c, pth, pth)); - NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c)); + NUTS_PASS(nng_listener_set_tls(l, c)); nni_file_delete(pth); nng_strfree(pth); diff --git a/src/tools/nngcat/nngcat.c b/src/tools/nngcat/nngcat.c index 547b336b..87f7c0a6 100644 --- a/src/tools/nngcat/nngcat.c +++ b/src/tools/nngcat/nngcat.c @@ -1103,8 +1103,7 @@ main(int ac, char **av) fatal("Unable to create dialer for %s: %s", a->val, nng_strerror(rv)); } - rv = nng_dialer_get_ptr( - d, NNG_OPT_TLS_CONFIG, (void **) &tls); + rv = nng_dialer_get_tls(d, &tls); if (rv == 0) { configtls(tls); } else if (rv != NNG_ENOTSUP) { @@ -1138,8 +1137,7 @@ main(int ac, char **av) fatal("Unable to create listener for %s: %s", a->val, nng_strerror(rv)); } - rv = nng_listener_get_ptr( - l, NNG_OPT_TLS_CONFIG, (void **) &tls); + rv = nng_listener_get_tls(l, &tls); if (rv == 0) { configtls(tls); } else if (rv != NNG_ENOTSUP) { diff --git a/tests/wss.c b/tests/wss.c index 28b578fc..331b9a97 100644 --- a/tests/wss.c +++ b/tests/wss.c @@ -179,7 +179,7 @@ init_dialer_wss(nng_dialer d) 0) { goto out; } - rv = nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, cfg); + rv = nng_dialer_set_tls(d, cfg); out: nng_tls_config_free(cfg); @@ -199,7 +199,7 @@ init_listener_wss(nng_listener l) goto out; } - if ((rv = nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, cfg)) != 0) { + if ((rv = nng_listener_set_tls(l, cfg)) != 0) { // We can wind up with EBUSY from the server already running. if (rv == NNG_EBUSY) { rv = 0; -- cgit v1.2.3-70-g09d2