In practice this rarely works anyway as other libs can end up
allocating things before we even reach main() as demonstrated
on the discord channel earlier.
It was hardcoded that if KORE_USE_PYTHON was defined we would
look at the passed argument on the command-line as the python
script or module to be run.
This won't work when adding more runtimes.
So instead call a kore_runtime_resolve() function that in
turn calls each available runtime its resolve function.
That resolve function will check if its a script / module
that it can load, and if so will load it.
This way we can remove all those KORE_USE_PYTHON blocks in the
Kore startup path and we pave the way for lua.
We used to just call EVP_PKEY_get1_RSA() and set the domain
and RSA_METHOD on that.
But with OpenSSL 3, the EVP_PKEY_get1_RSA() function returns a cached
copy of the internal provider struct and any changes we make are not
reflected back. So we can't use it to set the domain and custom method.
Instead just create our own EVP_PKEY from scratch, coupled with an
RSA key that contains just n and e from the public key.
Works with both 1.1.x and 3.0.x.
When this code was moved from src/connection.c into src/tls_openssl.c
a return wouldn't break us out from kore_connection_handle() as
previously expected.
This ment that Kore would move the connection into established state
immediately even if SSL_accept() needed to read more.
This broke TLS client authentication as Kore its belts and suspenders
kept throwing a 403 due to the code not properly obtaining the client
certificate when expected.
This work moves all TLS / crypto related code into a tls_openssl.c
file and adds a tls_none.c which contains just stubs.
Allows compilation of Kore with TLS_BACKEND=none to remove building
against OpenSSL.
Also adds code for SHA1/SHA2 taken from openssh-portable so we don't
depend on those being present anymore in libcrypto.
Daniel Melani
Joris Vink