From 8a72e00a6020db9ab93c68c80841757ce445ef9f Mon Sep 17 00:00:00 2001 From: Garrett D'Amore Date: Mon, 27 Nov 2017 11:24:22 -0800 Subject: fixes #160 Convert TLS url from tls:// to tls+tcp:// --- docs/nng_tls.adoc | 17 +++++++++-------- src/transport/tls/tls.c | 6 +++--- tests/tls.c | 21 +++++++++++---------- tests/trantest.h | 3 ++- 4 files changed, 25 insertions(+), 22 deletions(-) diff --git a/docs/nng_tls.adoc b/docs/nng_tls.adoc index 34221f6b..e6eafdd5 100644 --- a/docs/nng_tls.adoc +++ b/docs/nng_tls.adoc @@ -51,7 +51,8 @@ Availability ~~~~~~~~~~~~ The _tls_ transport depends on the use of an external library. -As of this writing, https://tls.mbed.org/[mbed TLS] is required. +As of this writing, https://tls.mbed.org/[mbed TLS] version 2.0 +or later is required. TIP: Applications may need to add this library (or libraries) to their link line, particularly when using a statically built @@ -67,18 +68,18 @@ license terms of any libraries you make use of. URI Format ~~~~~~~~~~ -This transport uses URIs using the scheme `tls://`, followed by +This transport uses URIs using the scheme `tls+tcp://`, followed by an IP address or hostname, followed by a colon and finally a TCP port number. For example, to contact port 4433 on the localhost -either of the following URIs could be used: `tls://127.0.0.1:4433` or -`tcp://localhost:4433`. +either of the following URIs could be used: `tls+tcp://127.0.0.1:4433` or +`tls+tcp://localhost:4433`. When specifying IPv6 addresses, the address must be enclosed in square brackets (`[]`) to avoid confusion with the final colon separating the port. For example, the same port 4433 on the IPv6 loopback address ('::1') would -be specified as `tcp://[::1]:4433`. +be specified as `tls+tcp://[::1]:4433`. NOTE: When using symbolic names, the name is resolved when the name is first used. _nng_ won't become aware of changes in the @@ -97,9 +98,9 @@ the asterisk (`*`) character. For example, the following three URIs are all equivalent, and could be used to listen to port 9999 on the host: - 1. `tls://0.0.0.0:9999` - 2. `tls://*:9999` - 3. `tls://:9999` + 1. `tls+tcp://0.0.0.0:9999` + 2. `tls+tcp://*:9999` + 3. `tls+tcp://:9999` The entire URI must be less than `NNG_MAXADDRLEN` bytes long. diff --git a/src/transport/tls/tls.c b/src/transport/tls/tls.c index 1bd83971..8dcb3f60 100644 --- a/src/transport/tls/tls.c +++ b/src/transport/tls/tls.c @@ -546,10 +546,10 @@ nni_tls_parse_url(char *url, char **lhost, char **lserv, char **rhost, char *h1; int rv; - if (strncmp(url, "tls://", strlen("tls://")) != 0) { + if (strncmp(url, "tls+tcp://", strlen("tls+tcp://")) != 0) { return (NNG_EADDRINVAL); } - url += strlen("tls://"); + url += strlen("tls+tcp://"); if ((mode == NNI_EP_MODE_DIAL) && ((h1 = strchr(url, ';')) != 0)) { // The local address is the first part, the remote address // is the second part. @@ -1067,7 +1067,7 @@ static nni_tran_ep nni_tls_ep_ops = { static nni_tran nni_tls_tran = { .tran_version = NNI_TRANSPORT_VERSION, - .tran_scheme = "tls", + .tran_scheme = "tls+tcp", .tran_ep = &nni_tls_ep_ops, .tran_pipe = &nni_tls_pipe_ops, .tran_init = nni_tls_tran_init, diff --git a/tests/tls.c b/tests/tls.c index e4e430af..6ec249cf 100644 --- a/tests/tls.c +++ b/tests/tls.c @@ -1,6 +1,7 @@ // // Copyright 2017 Garrett D'Amore // Copyright 2017 Capitar IT Group BV +// Copyright 2017 Staysail Systems, Inc. // // This software is supplied under the terms of the MIT License, a // copy of which should be located in the distribution where this @@ -126,7 +127,7 @@ TestMain("TLS Transport", { static trantest tt; tt.init = init_tls; - tt.tmpl = "tls://127.0.0.1:%u"; + tt.tmpl = "tls+tcp://127.0.0.1:%u"; trantest_test(&tt); @@ -140,7 +141,7 @@ TestMain("TLS Transport", { So(nng_tls_register() == 0); So(nng_pair_open(&s) == 0); Reset({ nng_close(s); }); - trantest_next_address(addr, "tls://*:%u"); + trantest_next_address(addr, "tls+tcp://*:%u"); So(nng_dial(s, addr, NULL, 0) == NNG_EADDRINVAL); }); @@ -156,10 +157,10 @@ TestMain("TLS Transport", { nng_close(s2); nng_close(s1); }); - trantest_next_address(addr, "tls://*:%u"); + trantest_next_address(addr, "tls+tcp://*:%u"); So(nng_listen(s1, addr, NULL, 0) == 0); // reset port back one - trantest_prev_address(addr, "tls://127.0.0.1:%u"); + trantest_prev_address(addr, "tls+tcp://127.0.0.1:%u"); So(nng_dial(s2, addr, NULL, 0) == 0); }); @@ -169,16 +170,16 @@ TestMain("TLS Transport", { So(nng_tls_register() == 0); So(nng_pair_open(&s1) == 0); Reset({ nng_close(s1); }); - So(nng_dial(s1, "tls://127.0.0.1", NULL, 0) == NNG_EADDRINVAL); - So(nng_dial(s1, "tls://127.0.0.1.32", NULL, 0) == + So(nng_dial(s1, "tls+tcp://127.0.0.1", NULL, 0) == NNG_EADDRINVAL); + So(nng_dial(s1, "tls+tcp://127.0.0.1.32", NULL, 0) == NNG_EADDRINVAL); - So(nng_dial(s1, "tls://127.0.x.1.32", NULL, 0) == + So(nng_dial(s1, "tls+tcp://127.0.x.1.32", NULL, 0) == NNG_EADDRINVAL); - So(nng_listen(s1, "tls://127.0.0.1", NULL, 0) == + So(nng_listen(s1, "tls+tcp://127.0.0.1", NULL, 0) == NNG_EADDRINVAL); - So(nng_listen(s1, "tls://127.0.0.1.32", NULL, 0) == + So(nng_listen(s1, "tls+tcp://127.0.0.1.32", NULL, 0) == NNG_EADDRINVAL); - So(nng_listen(s1, "tls://127.0.x.1.32", NULL, 0) == + So(nng_listen(s1, "tls+tcp://127.0.x.1.32", NULL, 0) == NNG_EADDRINVAL); }); diff --git a/tests/trantest.h b/tests/trantest.h index 21a9c893..4f6dfe7f 100644 --- a/tests/trantest.h +++ b/tests/trantest.h @@ -1,6 +1,7 @@ // // Copyright 2017 Garrett D'Amore // Copyright 2017 Capitar IT Group BV +// Copyright 2017 Staysail Systems, Inc. // // This software is supplied under the terms of the MIT License, a // copy of which should be located in the distribution where this @@ -85,7 +86,7 @@ trantest_checktran(const char *url) CHKTRAN(url, "tcp:"); #endif #ifndef NNG_HAVE_TLS - CHKTRAN(url, "tls:"); + CHKTRAN(url, "tls+tcp:"); #endif (void) url; -- cgit v1.2.3-70-g09d2