diff options
author | Michael Widenius <monty@askmonty.org> | 2012-08-14 17:23:34 +0300 |
---|---|---|
committer | Michael Widenius <monty@askmonty.org> | 2012-08-14 17:23:34 +0300 |
commit | 60589aeee03949033c66da5c1eae70d4342179fc (patch) | |
tree | 1cd399dbed17c5c7b4ed16eb7b872dc979af1c93 /extra/yassl/src | |
parent | b39e6e3d093b45f792959ef06fea1c175263ae1a (diff) | |
download | mariadb-git-60589aeee03949033c66da5c1eae70d4342179fc.tar.gz |
Next part of merge. See TODO for details
Diffstat (limited to 'extra/yassl/src')
-rw-r--r-- | extra/yassl/src/cert_wrapper.cpp | 36 | ||||
-rw-r--r-- | extra/yassl/src/handshake.cpp | 6 | ||||
-rw-r--r-- | extra/yassl/src/socket_wrapper.cpp | 76 | ||||
-rw-r--r-- | extra/yassl/src/ssl.cpp | 41 | ||||
-rw-r--r-- | extra/yassl/src/yassl_int.cpp | 21 |
5 files changed, 136 insertions, 44 deletions
diff --git a/extra/yassl/src/cert_wrapper.cpp b/extra/yassl/src/cert_wrapper.cpp index 7e73464001a..e293b80ec04 100644 --- a/extra/yassl/src/cert_wrapper.cpp +++ b/extra/yassl/src/cert_wrapper.cpp @@ -91,7 +91,7 @@ opaque* x509::use_buffer() //CertManager CertManager::CertManager() - : peerX509_(0), verifyPeer_(false), verifyNone_(false), failNoCert_(false), + : peerX509_(0), selfX509_(0), verifyPeer_(false), verifyNone_(false), failNoCert_(false), sendVerify_(false), verifyCallback_(0) {} @@ -99,6 +99,7 @@ CertManager::CertManager() CertManager::~CertManager() { ysDelete(peerX509_); + ysDelete(selfX509_); STL::for_each(signers_.begin(), signers_.end(), del_ptr_zero()) ; @@ -210,6 +211,12 @@ X509* CertManager::get_peerX509() const } +X509* CertManager::get_selfX509() const +{ + return selfX509_; +} + + SignatureAlgorithm CertManager::get_peerKeyType() const { return peerKeyType_; @@ -281,11 +288,15 @@ int CertManager::Validate() size_t iSz = strlen(cert.GetIssuer()) + 1; size_t sSz = strlen(cert.GetCommonName()) + 1; - int bSz = (int)strlen(cert.GetBeforeDate()) + 1; - int aSz = (int)strlen(cert.GetAfterDate()) + 1; + ASN1_STRING beforeDate, afterDate; + beforeDate.data= (unsigned char *) cert.GetBeforeDate(); + beforeDate.type= cert.GetBeforeDateType(); + beforeDate.length= strlen((char *) beforeDate.data) + 1; + afterDate.data= (unsigned char *) cert.GetAfterDate(); + afterDate.type= cert.GetAfterDateType(); + afterDate.length= strlen((char *) afterDate.data) + 1; peerX509_ = NEW_YS X509(cert.GetIssuer(), iSz, cert.GetCommonName(), - sSz, cert.GetBeforeDate(), bSz, - cert.GetAfterDate(), aSz); + sSz, &beforeDate, &afterDate); if (err == TaoCrypt::SIG_OTHER_E && verifyCallback_) { X509_STORE_CTX store; @@ -320,6 +331,18 @@ int CertManager::SetPrivateKey(const x509& key) keyType_ = rsa_sa_algo; else keyType_ = dsa_sa_algo; + + size_t iSz = strlen(cd.GetIssuer()) + 1; + size_t sSz = strlen(cd.GetCommonName()) + 1; + ASN1_STRING beforeDate, afterDate; + beforeDate.data= (unsigned char *) cd.GetBeforeDate(); + beforeDate.type= cd.GetBeforeDateType(); + beforeDate.length= strlen((char *) beforeDate.data) + 1; + afterDate.data= (unsigned char *) cd.GetAfterDate(); + afterDate.type= cd.GetAfterDateType(); + afterDate.length= strlen((char *) afterDate.data) + 1; + selfX509_ = NEW_YS X509(cd.GetIssuer(), iSz, cd.GetCommonName(), + sSz, &beforeDate, &afterDate); } return 0; } @@ -336,8 +359,7 @@ void CertManager::setPeerX509(X509* x) ASN1_STRING* after = x->GetAfter(); peerX509_ = NEW_YS X509(issuer->GetName(), issuer->GetLength(), - subject->GetName(), subject->GetLength(), (const char*) before->data, - before->length, (const char*) after->data, after->length); + subject->GetName(), subject->GetLength(), before, after); } diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp index c1ee61d043e..fb342a10fd5 100644 --- a/extra/yassl/src/handshake.cpp +++ b/extra/yassl/src/handshake.cpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2008 MySQL AB, 2009 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -712,7 +711,8 @@ int DoProcessReply(SSL& ssl) return 0; } uint ready = ssl.getSocket().get_ready(); - if (!ready) return 1; + if (!ready) + ready= 64; // add buffered data if its there input_buffer* buffered = ssl.useBuffers().TakeRawInput(); diff --git a/extra/yassl/src/socket_wrapper.cpp b/extra/yassl/src/socket_wrapper.cpp index d88df13c08e..cf761d912e6 100644 --- a/extra/yassl/src/socket_wrapper.cpp +++ b/extra/yassl/src/socket_wrapper.cpp @@ -1,5 +1,5 @@ /* - Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. + Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -52,11 +52,33 @@ #endif // _WIN32 +namespace { + + +extern "C" long system_recv(void *ptr, void *buf, size_t count, int flags) +{ + yaSSL::socket_t *socket = (yaSSL::socket_t *) ptr; + return ::recv(*socket, reinterpret_cast<char *>(buf), count, flags); +} + + +extern "C" long system_send(void *ptr, const void *buf, size_t count, + int flags) +{ + yaSSL::socket_t *socket = (yaSSL::socket_t *) ptr; + return ::send(*socket, reinterpret_cast<const char *>(buf), count, flags); +} + + +} + + namespace yaSSL { Socket::Socket(socket_t s) - : socket_(s), wouldBlock_(false), nonBlocking_(false) + : socket_(s), wouldBlock_(false), nonBlocking_(false), + ptr_(&socket_), send_func_(system_send), recv_func_(system_recv) {} @@ -108,8 +130,25 @@ uint Socket::get_ready() const return ready; } +void Socket::set_transport_ptr(void *ptr) +{ + ptr_ = ptr; +} + -uint Socket::send(const byte* buf, unsigned int sz, unsigned int& written, +void Socket::set_transport_recv_function(yaSSL_recv_func_t recv_func) +{ + recv_func_ = recv_func; +} + + +void Socket::set_transport_send_function(yaSSL_send_func_t send_func) +{ + send_func_ = send_func; +} + + +uint Socket::send(const byte* buf, unsigned int sz, unsigned int &written, int flags) { const byte* pos = buf; @@ -117,22 +156,23 @@ uint Socket::send(const byte* buf, unsigned int sz, unsigned int& written, wouldBlock_ = false; - while (pos != end) { - int sent = ::send(socket_, reinterpret_cast<const char *>(pos), - static_cast<int>(end - pos), flags); - if (sent == -1) { - if (get_lastError() == SOCKET_EWOULDBLOCK || - get_lastError() == SOCKET_EAGAIN) { - wouldBlock_ = true; // would have blocked this time only - nonBlocking_ = true; // nonblocking, win32 only way to tell - return 0; - } - return static_cast<uint>(-1); + while (pos != end) + { + int sent = send_func_(ptr_, pos, static_cast<int>(end - pos), flags); + if (sent == -1) + { + if (get_lastError() == SOCKET_EWOULDBLOCK || + get_lastError() == SOCKET_EAGAIN) + { + wouldBlock_ = true; // would have blocked this time only + nonBlocking_ = true; // nonblocking, win32 only way to tell + return 0; } - pos += sent; - written += sent; + return static_cast<uint>(-1); + } + pos += sent; + written += sent; } - return sz; } @@ -141,7 +181,7 @@ uint Socket::receive(byte* buf, unsigned int sz, int flags) { wouldBlock_ = false; - int recvd = ::recv(socket_, reinterpret_cast<char *>(buf), sz, flags); + int recvd = recv_func_(ptr_, buf, sz, flags); // idea to seperate error from would block by arnetheduck@gmail.com if (recvd == -1) { diff --git a/extra/yassl/src/ssl.cpp b/extra/yassl/src/ssl.cpp index 8401798534b..54cfdbba83c 100644 --- a/extra/yassl/src/ssl.cpp +++ b/extra/yassl/src/ssl.cpp @@ -1,6 +1,5 @@ /* - Copyright (c) 2005-2007 MySQL AB, 2008-2010 Sun Microsystems, Inc. - Use is subject to license terms. + Copyright (c) 2005, 2011, Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -40,6 +39,7 @@ #include "coding.hpp" // HexDecoder #include "helpers.hpp" // for placement new hack #include <stdio.h> +#include <time.h> #ifdef _WIN32 #include <windows.h> // FindFirstFile etc.. @@ -1196,8 +1196,7 @@ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX* ctx, void* userdata) X509* SSL_get_certificate(SSL* ssl) { - // only used to pass to get_privatekey which isn't used - return 0; + return ssl->getCrypto().get_certManager().get_selfX509(); } @@ -1671,7 +1670,6 @@ unsigned long ERR_get_error() // TODO: } - SSL_CIPHER* SSL_get_current_cipher(SSL*) { // TODO: @@ -1685,10 +1683,41 @@ unsigned long ERR_get_error() return 0; } + // end stunnel needs + + char *yaSSL_ASN1_TIME_to_string(ASN1_TIME *time, char *buf, size_t len) + { + tm t; + static const char *month_names[12]= + { + "Jan","Feb","Mar","Apr","May","Jun", + "Jul","Aug","Sep","Oct","Nov","Dec" + }; + + TaoCrypt::ASN1_TIME_extract(time->data, time->type, &t); + snprintf(buf, len, "%s %2d %02d:%02d:%02d %d GMT", + month_names[t.tm_mon], t.tm_mday, t.tm_hour, t.tm_min, + t.tm_sec, t.tm_year + 1900); + return buf; + } - // end stunnel needs + void yaSSL_transport_set_ptr(SSL *ssl, void *ptr) + { + ssl->useSocket().set_transport_ptr(ptr); + } + + + void yaSSL_transport_set_recv_function(SSL *ssl, yaSSL_recv_func_t func) + { + ssl->useSocket().set_transport_recv_function(func); + } + + void yaSSL_transport_set_send_function(SSL *ssl, yaSSL_send_func_t func) + { + ssl->useSocket().set_transport_send_function(func); + } } // extern "C" } // namespace diff --git a/extra/yassl/src/yassl_int.cpp b/extra/yassl/src/yassl_int.cpp index 65e17b01544..8de24850223 100644 --- a/extra/yassl/src/yassl_int.cpp +++ b/extra/yassl/src/yassl_int.cpp @@ -1459,12 +1459,12 @@ void SSL_SESSION::CopyX509(X509* x) X509_NAME* issuer = x->GetIssuer(); X509_NAME* subject = x->GetSubject(); - ASN1_STRING* before = x->GetBefore(); - ASN1_STRING* after = x->GetAfter(); + ASN1_TIME* before = x->GetBefore(); + ASN1_TIME* after = x->GetAfter(); peerX509_ = NEW_YS X509(issuer->GetName(), issuer->GetLength(), - subject->GetName(), subject->GetLength(), (const char*) before->data, - before->length, (const char*) after->data, after->length); + subject->GetName(), subject->GetLength(), + before, after); } @@ -2412,9 +2412,10 @@ size_t X509_NAME::GetLength() const X509::X509(const char* i, size_t iSz, const char* s, size_t sSz, - const char* b, int bSz, const char* a, int aSz) + ASN1_STRING *b, ASN1_STRING *a) : issuer_(i, iSz), subject_(s, sSz), - beforeDate_(b, bSz), afterDate_(a, aSz) + beforeDate_((char *) b->data, b->length, b->type), + afterDate_((char *) a->data, a->length, a->type) {} @@ -2430,13 +2431,13 @@ X509_NAME* X509::GetSubject() } -ASN1_STRING* X509::GetBefore() +ASN1_TIME* X509::GetBefore() { return beforeDate_.GetString(); } -ASN1_STRING* X509::GetAfter() +ASN1_TIME* X509::GetAfter() { return afterDate_.GetString(); } @@ -2464,12 +2465,12 @@ ASN1_STRING* X509_NAME::GetEntry(int i) } -StringHolder::StringHolder(const char* str, int sz) +StringHolder::StringHolder(const char* str, int sz, byte type) { asnString_.length = sz; asnString_.data = NEW_YS byte[sz + 1]; memcpy(asnString_.data, str, sz); - asnString_.type = 0; // not used for now + asnString_.type = type; } |