mirrors
/
kore
mirror of https://git.kore.io/kore.git
1
0
Fork 1
Code Issues Projects Releases Wiki Activity

Define KORE_PRIVATE_KEY per TLS backend.

This commit is contained in:
Joris Vink 2022-02-18 10:50:17 +01:00
parent 80383024a3
commit 7f74790da7
4 changed files with 15 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
include/kore/kore.h
View File

@ -68,11 +68,13 @@ typedef X509 KORE_X509;
typedef SSL KORE_TLS;
typedef SSL_CTX KORE_TLS_CTX;
typedef X509_NAME KORE_X509_NAMES;
typedef EVP_PKEY KORE_PRIVATE_KEY;
#else
typedef void KORE_X509;
typedef void KORE_TLS;
typedef void KORE_TLS_CTX;
typedef void KORE_X509_NAMES;
typedef void KORE_PRIVATE_KEY;
#endif
#define KORE_RSAKEY_BITS 4096
@ -835,8 +837,8 @@ void kore_tls_domain_crl(struct kore_domain *, const void *, size_t);
void kore_tls_domain_setup(struct kore_domain *,
int, const void *, size_t);
void *kore_tls_rsakey_load(const char *);
void *kore_tls_rsakey_generate(const char *);
KORE_PRIVATE_KEY *kore_tls_rsakey_load(const char *);
KORE_PRIVATE_KEY *kore_tls_rsakey_generate(const char *);
int kore_tls_x509_data(struct connection *, u_int8_t **, size_t *);
KORE_X509_NAMES *kore_tls_x509_issuer_name(struct connection *);

2
src/keymgr_openssl.c
View File

@ -163,7 +163,7 @@ static struct sock_filter filter_keymgr[] = {
#endif
struct key {
EVP_PKEY *pkey;
KORE_PRIVATE_KEY *pkey;
struct kore_domain *dom;
TAILQ_ENTRY(key) list;
};

10
src/tls_none.c
View File

@ -129,32 +129,32 @@ kore_tls_write(struct connection *c, size_t len, size_t *written)
fatal("%s: not supported", __func__);
}
void *
KORE_PRIVATE_KEY *
kore_tls_rsakey_load(const char *path)
{
fatal("%s: not supported", __func__);
}
void *
KORE_PRIVATE_KEY *
kore_tls_rsakey_generate(const char *path)
{
fatal("%s: not supported", __func__);
}
void *
KORE_X509_NAMES *
kore_tls_x509_subject_name(struct connection *c)
{
fatal("%s: not supported", __func__);
}
void *
KORE_X509_NAMES *
kore_tls_x509_issuer_name(struct connection *c)
{
fatal("%s: not supported", __func__);
}
int
kore_tls_x509name_foreach(void *name, int flags, void *udata,
kore_tls_x509name_foreach(KORE_X509_NAMES *name, int flags, void *udata,
int (*cb)(void *, int, int, const char *, const void *, size_t, int))
{
fatal("%s: not supported", __func__);

10
src/tls_openssl.c
View File

@ -598,11 +598,11 @@ kore_tls_connection_cleanup(struct connection *c)
}
void *
KORE_PRIVATE_KEY *
kore_tls_rsakey_load(const char *path)
{
FILE *fp;
EVP_PKEY *pkey;
FILE *fp;
KORE_PRIVATE_KEY *pkey;
if (access(path, R_OK) == -1)
return (NULL);
@ -618,12 +618,12 @@ kore_tls_rsakey_load(const char *path)
return (pkey);
}
void *
KORE_PRIVATE_KEY *
kore_tls_rsakey_generate(const char *path)
{
FILE *fp;
EVP_PKEY_CTX *ctx;
EVP_PKEY *pkey;
KORE_PRIVATE_KEY *pkey;
if ((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
fatalx("EVP_PKEY_CTX_new_id: %s", ssl_errno_s);