Author: mturk Date: Thu Sep 8 17:59:14 2011 New Revision: 1166827 URL: http://svn.apache.org/viewvc?rev=1166827&view=rev Log: Use the same function namimg rules like with mod_ssl
Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c Modified: commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h?rev=1166827&r1=1166826&r2=1166827&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h (original) +++ commons/sandbox/runtime/trunk/src/main/native/include/acr/ssl.h Thu Sep 8 17:59:14 2011 @@ -201,7 +201,7 @@ "In order to read them you have to provide the pass phrases.\n" \ "Enter password :" -extern void *ACRSSL_temp_keys[SSL_TMP_KEY_MAX]; +extern void *acr_ssl_temp_keys[SSL_TMP_KEY_MAX]; typedef struct ssl_pkc_t { /* client can have any number of cert/key pairs */ @@ -218,7 +218,7 @@ typedef struct ssl_pass_cb_t { /* Default password callback that * directly prompts the console */ -extern ssl_pass_cb_t *ACRSSL_password_cb; +extern ssl_pass_cb_t *acr_ssl_password_cb; /* Server context */ typedef struct acr_ssl_ctxt_t { @@ -261,8 +261,8 @@ typedef struct acr_ssl_ctxt_t { } acr_ssl_ctxt_t; -#define ACRSSL_CTX_get_extra_certs(ctx) ((ctx)->extra_certs) -#define ACRSSL_CTX_set_extra_certs(ctx, value) \ +#define ssl_ctx_get_extra_certs(ctx) ((ctx)->extra_certs) +#define ssl_ctx_set_extra_certs(ctx, value) \ do { \ (ctx)->extra_certs = (value); \ } while (0) @@ -271,22 +271,21 @@ typedef struct acr_ssl_ctxt_t { /** * Additional Functions */ -void ACRSSL_init_app_data2_idx(void); -void *ACRSSL_get_app_data2(SSL *); -void ACRSSL_set_app_data2(SSL *, void *); -int ACRSSL_password_prompt(ssl_pass_cb_t *); -int ACRSSL_password_callback(char *, int, int, void *); -void ACRSSL_BIO_close(BIO *); -void ACRSSL_BIO_doref(BIO *); -DH *ACRSSL_dh_get_tmp_param(int); -DH *ACRSSL_dh_get_param_from_file(const char *); -RSA *ACRSSL_callback_tmp_RSA(SSL *, int, int); -DH *ACRSSL_callback_tmp_DH(SSL *, int, int); -void ACRSSL_callback_handshake(const SSL *, int, int); -void ACRSSL_vhost_algo_id(const unsigned char *, unsigned char *, int); -int ACRSSL_CTX_use_certificate_chain(SSL_CTX *, const char *, int); -int ACRSSL_callback_SSL_verify(int, X509_STORE_CTX *); -int ACRSSL_rand_seed(const char *file); +void ssl_init_app_data2_idx(void); +void *ssl_get_app_data2(SSL *); +void ssl_set_app_data2(SSL *, void *); +int ssl_password_callback(char *, int, int, void *); +void ssl_BIO_close(BIO *); +void ssl_BIO_doref(BIO *); +DH *ssl_dh_get_tmp_param(int); +DH *ssl_dh_get_param_from_file(const char *); +RSA *ssl_callback_tmp_RSA(SSL *, int, int); +DH *ssl_callback_tmp_DH(SSL *, int, int); +void ssl_callback_handshake(const SSL *, int, int); +void ssl_vhost_algo_id(const unsigned char *, unsigned char *, int); +int ssl_ctx_use_certificate_chain(SSL_CTX *, const char *, int); +int ssl_callback_SSL_verify(int, X509_STORE_CTX *); +int ssl_rand_seed(const char *file); #endif #endif /* _ACR_SSL_H_ */ Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c?rev=1166827&r1=1166826&r2=1166827&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c (original) +++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/init.c Thu Sep 8 17:59:14 2011 @@ -27,7 +27,7 @@ #error "Cannot compile this file without HAVE_OPENSSL defined" #endif -void *ACRSSL_temp_keys[SSL_TMP_KEY_MAX]; +void *acr_ssl_temp_keys[SSL_TMP_KEY_MAX]; static char ssl_global_rand_file[PATH_MAX] = { 0 }; /* Dynamic lock structure */ @@ -42,9 +42,9 @@ struct CRYPTO_dynlock_value { */ #define SSL_TMP_KEY_FREE(type, idx) \ - if (ACRSSL_temp_keys[idx]) { \ - type##_free((type *)ACRSSL_temp_keys[idx]); \ - ACRSSL_temp_keys[idx] = 0; \ + if (acr_ssl_temp_keys[idx]) { \ + type##_free((type *)acr_ssl_temp_keys[idx]); \ + acr_ssl_temp_keys[idx] = 0; \ } else (void)(0) #define SSL_TMP_KEYS_FREE(type) \ @@ -60,8 +60,8 @@ struct CRYPTO_dynlock_value { ssl_tmp_key_init_dh(bits, SSL_TMP_KEY_DH_##bits) #define SSL_TMP_KEYS_INIT(R) \ - ACRSSL_temp_keys[SSL_TMP_KEY_RSA_2048] = 0; \ - ACRSSL_temp_keys[SSL_TMP_KEY_RSA_4096] = 0; \ + acr_ssl_temp_keys[SSL_TMP_KEY_RSA_2048] = 0; \ + acr_ssl_temp_keys[SSL_TMP_KEY_RSA_4096] = 0; \ R |= SSL_TMP_KEY_INIT_RSA(512); \ R |= SSL_TMP_KEY_INIT_RSA(1024); \ R |= SSL_TMP_KEY_INIT_DH(512); \ @@ -71,7 +71,7 @@ struct CRYPTO_dynlock_value { static int ssl_tmp_key_init_rsa(int bits, int idx) { - if ((ACRSSL_temp_keys[idx] = RSA_generate_key(bits, RSA_F4, 0, 0)) == 0) + if ((acr_ssl_temp_keys[idx] = RSA_generate_key(bits, RSA_F4, 0, 0)) == 0) return 1; else return 0; @@ -79,7 +79,7 @@ static int ssl_tmp_key_init_rsa(int bits static int ssl_tmp_key_init_dh(int bits, int idx) { - if ((ACRSSL_temp_keys[idx] = ACRSSL_dh_get_tmp_param(bits)) == 0) + if ((acr_ssl_temp_keys[idx] = ssl_dh_get_tmp_param(bits)) == 0) return 1; else return 0; @@ -223,7 +223,7 @@ static int ssl_rand_load_file(const char return -1; } -int ACRSSL_rand_seed(const char *file) +int ssl_rand_seed(const char *file) { unsigned char stackdata[256]; static volatile unsigned int counter = 0; @@ -264,7 +264,7 @@ ACR_SSL_EXPORT(jint, Library, init0)(JNI if (ssl_initialized != 0) return 0; - memset(&ACRSSL_password_cb, 0, sizeof(ssl_pass_cb_t)); + memset(&acr_ssl_password_cb, 0, sizeof(ssl_pass_cb_t)); /* We must register the library in full, to ensure our configuration * code can successfully test the SSL environment. */ @@ -300,7 +300,7 @@ ACR_SSL_EXPORT(jint, Library, init0)(JNI CRYPTO_set_dynlock_destroy_callback(ssl_dynlock_destroy); /* For SSL_get_app_data2() at request time */ - ACRSSL_init_app_data2_idx(); + ssl_init_app_data2_idx(); SSL_TMP_KEYS_INIT(rc); if (rc != 0) { /* One of the inits failed @@ -374,14 +374,14 @@ ACR_SSL_EXPORT(jboolean, Random, seed0)( * low entropy seed. */ WITH_CSTR(file) { - rc = ACRSSL_rand_seed(J2S(file)); + rc = ssl_rand_seed(J2S(file)); } DONE_WITH_STR(file); return rc == 0 ? JNI_FALSE : JNI_TRUE; } ACR_SSL_EXPORT(jboolean, Random, seed1)(JNI_STDARGS) { - return ACRSSL_rand_seed(0) == 0 ? JNI_FALSE : JNI_TRUE; + return ssl_rand_seed(0) == 0 ? JNI_FALSE : JNI_TRUE; } ACR_SSL_EXPORT(jboolean, Random, seed2)(JNI_STDARGS, jbyteArray ba, Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c?rev=1166827&r1=1166826&r2=1166827&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c (original) +++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/password.c Thu Sep 8 17:59:14 2011 @@ -18,15 +18,40 @@ #include "acr/error.h" #include "acr/misc.h" #include "acr/string.h" -#include "arch_sync.h" +#include "acr/port.h" #include "acr/ssl.h" +#include "arch_sync.h" #if !HAVE_OPENSSL #error "Cannot compile this file without HAVE_OPENSSL defined" #endif /* Global password callback */ -ssl_pass_cb_t *ACRSSL_password_cb; +ssl_pass_cb_t *acr_ssl_password_cb; + +int ssl_password_callback(char *buf, int bufsiz, int verify, void *cb) +{ + ssl_pass_cb_t *pcb = (ssl_pass_cb_t *)cb; + + if (buf == 0) + return 0; + buf[0] = '\0'; + if (pcb == 0) + pcb = acr_ssl_password_cb; + if (pcb == 0) + return 0; + if (pcb->password == 0) { + /* Call PasswordCallback.handler() + */ + AcrCallbackRun(0, pcb->cb, 0, 0, 0); + } + if (pcb->password != 0) { + /* Return already obtained password */ + strlcpy(buf, pcb->password, bufsiz); + return (int)strlen(buf); + } + return 0; +} ACR_SSL_EXPORT(jlong, PasswordCallback, new0)(JNI_STDARGS) { @@ -48,9 +73,9 @@ ACR_SSL_EXPORT(void, PasswordCallback, d ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *); if (pc != 0) { - if (pc == ACRSSL_password_cb) { + if (pc == acr_ssl_password_cb) { /* XXX: Should we allow that ? */ - ACRSSL_password_cb = 0; + acr_ssl_password_cb = 0; } AcrMemCleanse(pc->password, 0); AcrFree(pc->password); @@ -61,7 +86,7 @@ ACR_SSL_EXPORT(void, PasswordCallback, d ACR_SSL_EXPORT(void, PasswordCallback, def0)(JNI_STDARGS, jlong ph) { ssl_pass_cb_t *pc = J2P(ph, ssl_pass_cb_t *); - ACRSSL_password_cb = pc; + acr_ssl_password_cb = pc; } ACR_SSL_EXPORT(void, PasswordCallback, set0)(JNI_STDARGS, jlong ph, jstring password) @@ -79,9 +104,9 @@ ACR_SSL_EXPORT(void, PasswordCallback, s #if defined(ENABLE_TEST_PRIVATE) ACR_SSL_EXPORT(int, TestOpenSSL, runPasswordCallback)(JNI_STDARGS) { - if (ACRSSL_password_cb != 0) { - AcrCallbackRun(0, ACRSSL_password_cb->cb, 0, 0, 0); - if (ACRSSL_password_cb->password && strcmp(ACRSSL_password_cb->password, "secret") == 0) + if (acr_ssl_password_cb != 0) { + AcrCallbackRun(0, acr_ssl_password_cb->cb, 0, 0, 0); + if (acr_ssl_password_cb->password && strcmp(acr_ssl_password_cb->password, "secret") == 0) return 0; else return ACR_EINVAL; Modified: commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c?rev=1166827&r1=1166826&r2=1166827&view=diff ============================================================================== --- commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c (original) +++ commons/sandbox/runtime/trunk/src/main/native/modules/openssl/util.c Thu Sep 8 17:59:14 2011 @@ -37,29 +37,29 @@ * also note that OpenSSL increments at static variable when * SSL_get_ex_new_index() is called, so we _must_ do this at startup. */ -static int ssl_app_data2_idx = -1; +static int app_data2_idx = -1; -void ACRSSL_init_app_data2_idx(void) +void ssl_init_app_data2_idx(void) { int i; - if (ssl_app_data2_idx > -1) { + if (app_data2_idx > -1) { return; } /* we _do_ need to call this twice */ for (i = 0; i <= 1; i++) { - ssl_app_data2_idx = SSL_get_ex_new_index(0, "Second Application Data for SSL", 0, 0, 0); + app_data2_idx = SSL_get_ex_new_index(0, "Second Application Data for SSL", 0, 0, 0); } } -void *ACRSSL_get_app_data2(SSL *ssl) +void *ssl_get_app_data2(SSL *ssl) { - return (void *)SSL_get_ex_data(ssl, ssl_app_data2_idx); + return (void *)SSL_get_ex_data(ssl, app_data2_idx); } -void ACRSSL_set_app_data2(SSL *ssl, void *arg) +void ssl_set_app_data2(SSL *ssl, void *arg) { - SSL_set_ex_data(ssl, ssl_app_data2_idx, (char *)arg); + SSL_set_ex_data(ssl, app_data2_idx, (char *)arg); return; } @@ -190,7 +190,7 @@ static DH *get_dh(int idx) return dh; } -DH *ACRSSL_dh_get_tmp_param(int key_len) +DH *ssl_dh_get_tmp_param(int key_len) { DH *dh; @@ -207,7 +207,7 @@ DH *ACRSSL_dh_get_tmp_param(int key_len) return dh; } -DH *ACRSSL_dh_get_param_from_file(const char *file) +DH *ssl_dh_get_param_from_file(const char *file) { DH *dh = 0; BIO *bio; @@ -257,7 +257,7 @@ DH *ACRSSL_dh_get_param_from_file(const * which we now just hand out on demand.... */ -RSA *ACRSSL_callback_tmp_RSA(SSL *ssl, int export, int keylen) +RSA *ssl_callback_tmp_RSA(SSL *ssl, int export, int keylen) { int idx; @@ -273,12 +273,12 @@ RSA *ACRSSL_callback_tmp_RSA(SSL *ssl, i break; case 2048: idx = SSL_TMP_KEY_RSA_2048; - if (ACRSSL_temp_keys[idx] == 0) + if (acr_ssl_temp_keys[idx] == 0) idx = SSL_TMP_KEY_RSA_1024; break; case 4096: idx = SSL_TMP_KEY_RSA_4096; - if (ACRSSL_temp_keys[idx] == 0) + if (acr_ssl_temp_keys[idx] == 0) idx = SSL_TMP_KEY_RSA_2048; break; case 1024: @@ -286,13 +286,13 @@ RSA *ACRSSL_callback_tmp_RSA(SSL *ssl, i idx = SSL_TMP_KEY_RSA_1024; break; } - return (RSA *)ACRSSL_temp_keys[idx]; + return (RSA *)acr_ssl_temp_keys[idx]; } /* * Hand out the already generated DH parameters... */ -DH *ACRSSL_callback_tmp_DH(SSL *ssl, int export, int keylen) +DH *ssl_callback_tmp_DH(SSL *ssl, int export, int keylen) { int idx; switch (keylen) { @@ -310,10 +310,10 @@ DH *ACRSSL_callback_tmp_DH(SSL *ssl, int idx = SSL_TMP_KEY_DH_1024; break; } - return (DH *)ACRSSL_temp_keys[idx]; + return (DH *)acr_ssl_temp_keys[idx]; } -void ACRSSL_vhost_algo_id(const unsigned char *vhost_id, unsigned char *md, int algo) +void ssl_vhost_algo_id(const unsigned char *vhost_id, unsigned char *md, int algo) { MD5_CTX c; @@ -343,8 +343,8 @@ void ACRSSL_vhost_algo_id(const unsigned * format, possibly followed by a sequence of CA certificates that * should be sent to the peer in the SSL Certificate message. */ -int ACRSSL_CTX_use_certificate_chain(SSL_CTX *ctx, const char *file, - int skipfirst) +int ssl_ctx_use_certificate_chain(SSL_CTX *ctx, const char *file, + int skipfirst) { BIO *bio; X509 *x509; @@ -367,10 +367,10 @@ int ACRSSL_CTX_use_certificate_chain(SSL X509_free(x509); } /* free a perhaps already configured extra chain */ - extra_certs = ACRSSL_CTX_get_extra_certs(ctx); + extra_certs = ssl_ctx_get_extra_certs(ctx); if (extra_certs != 0) { sk_X509_pop_free(extra_certs, X509_free); - ACRSSL_CTX_set_extra_certs(ctx, 0); + ssl_ctx_set_extra_certs(ctx, 0); } /* create new extra chain by loading the certs */ n = 0;