Strophe 0.12
XMPP client library
Data Structures | Macros | Enumerations | Functions | Variables
tls_openssl.c File Reference

TLS implementation with OpenSSL. More...

Data Structures

struct  tls_t
 

Macros

#define STROPHE_ERR_func_error_string(e)   ERR_func_error_string(e)
 
#define TLS_ERROR_STR(error, table)    _tls_error_str(error, table, ARRAY_SIZE(table))
 
#define TLS_ERROR_FIELD(x)   [x] = #x
 

Enumerations

enum  { TLS_SHUTDOWN_MAX_RETRIES = 10 , TLS_TIMEOUT_SEC = 0 , TLS_TIMEOUT_USEC = 100000 }
 

Functions

static const unsigned char * ASN1_STRING_get0_data (ASN1_STRING *asn1)
 
static int SSL_CTX_use_cert_and_key (SSL_CTX *ctx, X509 *x509, EVP_PKEY *privatekey, STACK_OF(X509) *chain, int override)
 
static int GENERAL_NAME_get0_otherName (const GENERAL_NAME *gen, ASN1_OBJECT **poid, ASN1_TYPE **pvalue)
 
static void _tls_sock_wait (tls_t *tls, int error)
 
static const char * _tls_error_str (int error, const char **tbl, size_t tbl_size)
 
static void _tls_set_error (tls_t *tls, int error)
 
static void _tls_log_error (xmpp_ctx_t *ctx)
 
static void _tls_dump_cert_info (tls_t *tls)
 
static X509 * _tls_cert_read (xmpp_conn_t *conn)
 
static X509 * _tls_cert_read_p12 (xmpp_conn_t *conn, EVP_PKEY **pkey, STACK_OF(X509) **ca)
 
static int _tls_xaddr_nid (void)
 
static int _tls_xmppaddr_to_string (GENERAL_NAME *name, char **res)
 Convert GENERAL_NAME* to a string. More...
 
static int _tls_dnsname_to_string (GENERAL_NAME *name, char **res)
 
static GENERAL_NAMES * _tls_conn_get_names (xmpp_conn_t *conn)
 
static GENERAL_NAMES * _tls_cert_get_names (X509 *client_cert)
 
void tls_initialize (void)
 
void tls_shutdown (void)
 
int tls_error (tls_t *tls)
 
char * tls_id_on_xmppaddr (xmpp_conn_t *conn, unsigned int n)
 Search through the SubjectAlternativeNames and return the next id-on-xmppAddr element starting from n. More...
 
unsigned int tls_id_on_xmppaddr_num (xmpp_conn_t *conn)
 
static int _convert_ASN1TIME (ASN1_TIME *ansi_time, char *buf, size_t len)
 
static char * _asn1_time_to_str (const xmpp_ctx_t *ctx, ASN1_TIME *t)
 
static char * _get_fingerprint (const xmpp_ctx_t *ctx, X509 *err_cert, xmpp_cert_element_t el)
 
static char * _get_alg (const xmpp_ctx_t *ctx, X509 *err_cert, xmpp_cert_element_t el)
 
static xmpp_tlscert_t * _x509_to_tlscert (xmpp_ctx_t *ctx, X509 *cert)
 
static int _tls_verify (int preverify_ok, X509_STORE_CTX *x509_ctx)
 
static int _tls_password_callback (char *buf, int size, int rwflag, void *u)
 
tls_t * tls_new (xmpp_conn_t *conn)
 
void tls_free (tls_t *tls)
 
xmpp_tlscert_t * tls_peer_cert (xmpp_conn_t *conn)
 
int tls_set_credentials (tls_t *tls, const char *cafilename)
 
int tls_start (tls_t *tls)
 
int tls_stop (tls_t *tls)
 
int tls_is_recoverable (int error)
 
int tls_pending (tls_t *tls)
 
int tls_read (tls_t *tls, void *buff, size_t len)
 
int tls_write (tls_t *tls, const void *buff, size_t len)
 
int tls_clear_pending_write (tls_t *tls)
 
static X509 * _tls_cert_read_x509 (xmpp_conn_t *conn)
 
static int _tls_parse_p12 (PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
 

Variables

const char * tls_errors []
 
const char * cert_errors []
 

Detailed Description

TLS implementation with OpenSSL.

Macro Definition Documentation

◆ STROPHE_ERR_func_error_string

#define STROPHE_ERR_func_error_string (   e)    ERR_func_error_string(e)

◆ TLS_ERROR_STR

#define TLS_ERROR_STR (   error,
  table 
)     _tls_error_str(error, table, ARRAY_SIZE(table))

◆ TLS_ERROR_FIELD

#define TLS_ERROR_FIELD (   x)    [x] = #x

Enumeration Type Documentation

◆ anonymous enum

anonymous enum
Enumerator
TLS_SHUTDOWN_MAX_RETRIES 
TLS_TIMEOUT_SEC 
TLS_TIMEOUT_USEC 

Function Documentation

◆ ASN1_STRING_get0_data()

static const unsigned char * ASN1_STRING_get0_data ( ASN1_STRING *  asn1)
static

◆ SSL_CTX_use_cert_and_key()

static int SSL_CTX_use_cert_and_key ( SSL_CTX *  ctx,
X509 *  x509,
EVP_PKEY *  privatekey,
STACK_OF(X509) *  chain,
int  override 
)
static

◆ GENERAL_NAME_get0_otherName()

static int GENERAL_NAME_get0_otherName ( const GENERAL_NAME *  gen,
ASN1_OBJECT **  poid,
ASN1_TYPE **  pvalue 
)
static

◆ _tls_sock_wait()

static void _tls_sock_wait ( tls_t *  tls,
int  error 
)
static

◆ _tls_error_str()

static const char * _tls_error_str ( int  error,
const char **  tbl,
size_t  tbl_size 
)
static

◆ _tls_set_error()

static void _tls_set_error ( tls_t *  tls,
int  error 
)
static

◆ _tls_log_error()

static void _tls_log_error ( xmpp_ctx_t *  ctx)
static

◆ _tls_dump_cert_info()

static void _tls_dump_cert_info ( tls_t *  tls)
static

◆ _tls_cert_read()

static X509 * _tls_cert_read ( xmpp_conn_t *  conn)
static

◆ _tls_cert_read_p12()

static X509 * _tls_cert_read_p12 ( xmpp_conn_t *  conn,
EVP_PKEY **  pkey,
STACK_OF(X509) **  ca 
)
static

◆ _tls_xaddr_nid()

static int _tls_xaddr_nid ( void  )
static

◆ _tls_xmppaddr_to_string()

static int _tls_xmppaddr_to_string ( GENERAL_NAME *  name,
char **  res 
)
static

Convert GENERAL_NAME* to a string.

This checks whether the GENERAL_NAME* that is given has the correct id-on-xmppAddr set and then optionally converts this form ASN.1 to a string/char*.

When res pointer is set to NULL this method doesn't allocate the result but only checks whether it is in the correct format.

Parameters
namePointer to the GENERAL_NAME that shall be converted
resResult-pointer (optional, can be NULL)
Returns
classic Unix style - 0=success, 1=error

◆ _tls_dnsname_to_string()

static int _tls_dnsname_to_string ( GENERAL_NAME *  name,
char **  res 
)
static

◆ _tls_conn_get_names()

static GENERAL_NAMES * _tls_conn_get_names ( xmpp_conn_t *  conn)
static

◆ _tls_cert_get_names()

static GENERAL_NAMES * _tls_cert_get_names ( X509 *  client_cert)
static

◆ tls_initialize()

void tls_initialize ( void  )

◆ tls_shutdown()

void tls_shutdown ( void  )

◆ tls_error()

int tls_error ( tls_t *  tls)

◆ tls_id_on_xmppaddr()

char * tls_id_on_xmppaddr ( xmpp_conn_t *  conn,
unsigned int  n 
)

Search through the SubjectAlternativeNames and return the next id-on-xmppAddr element starting from n.

◆ tls_id_on_xmppaddr_num()

unsigned int tls_id_on_xmppaddr_num ( xmpp_conn_t *  conn)

◆ _convert_ASN1TIME()

static int _convert_ASN1TIME ( ASN1_TIME *  ansi_time,
char *  buf,
size_t  len 
)
static

◆ _asn1_time_to_str()

static char * _asn1_time_to_str ( const xmpp_ctx_t *  ctx,
ASN1_TIME *  t 
)
static

◆ _get_fingerprint()

static char * _get_fingerprint ( const xmpp_ctx_t *  ctx,
X509 *  err_cert,
xmpp_cert_element_t  el 
)
static

◆ _get_alg()

static char * _get_alg ( const xmpp_ctx_t *  ctx,
X509 *  err_cert,
xmpp_cert_element_t  el 
)
static

◆ _x509_to_tlscert()

static xmpp_tlscert_t * _x509_to_tlscert ( xmpp_ctx_t *  ctx,
X509 *  cert 
)
static

◆ _tls_verify()

static int _tls_verify ( int  preverify_ok,
X509_STORE_CTX *  x509_ctx 
)
static

◆ _tls_password_callback()

static int _tls_password_callback ( char *  buf,
int  size,
int  rwflag,
void *  u 
)
static

◆ tls_new()

tls_t * tls_new ( xmpp_conn_t *  conn)

◆ tls_free()

void tls_free ( tls_t *  tls)

◆ tls_peer_cert()

xmpp_tlscert_t * tls_peer_cert ( xmpp_conn_t *  conn)

◆ tls_set_credentials()

int tls_set_credentials ( tls_t *  tls,
const char *  cafilename 
)

◆ tls_start()

int tls_start ( tls_t *  tls)

◆ tls_stop()

int tls_stop ( tls_t *  tls)

◆ tls_is_recoverable()

int tls_is_recoverable ( int  error)

◆ tls_pending()

int tls_pending ( tls_t *  tls)

◆ tls_read()

int tls_read ( tls_t *  tls,
void *  buff,
size_t  len 
)

◆ tls_write()

int tls_write ( tls_t *  tls,
const void *  buff,
size_t  len 
)

◆ tls_clear_pending_write()

int tls_clear_pending_write ( tls_t *  tls)

◆ _tls_cert_read_x509()

static X509 * _tls_cert_read_x509 ( xmpp_conn_t *  conn)
static

◆ _tls_parse_p12()

static int _tls_parse_p12 ( PKCS12 *  p12,
const char *  pass,
EVP_PKEY **  pkey,
X509 **  cert,
STACK_OF(X509) **  ca 
)
static

Variable Documentation

◆ tls_errors

const char* tls_errors[]
Initial value:
= {
TLS_ERROR_FIELD(SSL_ERROR_NONE),
TLS_ERROR_FIELD(SSL_ERROR_SSL),
TLS_ERROR_FIELD(SSL_ERROR_WANT_READ),
TLS_ERROR_FIELD(SSL_ERROR_WANT_WRITE),
TLS_ERROR_FIELD(SSL_ERROR_WANT_X509_LOOKUP),
TLS_ERROR_FIELD(SSL_ERROR_SYSCALL),
TLS_ERROR_FIELD(SSL_ERROR_ZERO_RETURN),
TLS_ERROR_FIELD(SSL_ERROR_WANT_CONNECT),
TLS_ERROR_FIELD(SSL_ERROR_WANT_ACCEPT),
}
#define TLS_ERROR_FIELD(x)
Definition: tls_openssl.c:135

◆ cert_errors

const char* cert_errors[]