From 7640a5451bdc222eb91e200df2eaa496c9a27a81 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Mon, 20 Jul 2009 11:02:32 +0000 Subject: [PATCH] 2009-07-20 13:02 UTC+0200 Viktor Szakats (harbour.01 syenar.hu) * contrib/hbssl/ssl.c * contrib/hbssl/sslctx.c * contrib/hbssl/tests/test.prg + Added: SSL_CTX_GET_OPTIONS() SSL_CTX_GET_CLIENT_CA_LIST() SSL_GET_OPTIONS() SSL_GET_CIPHERS() SSL_GET_CLIENT_CA_LIST() SSL_LOAD_CLIENT_CA_FILE() --- harbour/ChangeLog | 12 ++++ harbour/contrib/hbssl/ssl.c | 100 +++++++++++++++++++++++++-- harbour/contrib/hbssl/sslctx.c | 48 ++++++++++++- harbour/contrib/hbssl/tests/test.prg | 9 +++ 4 files changed, 164 insertions(+), 5 deletions(-) diff --git a/harbour/ChangeLog b/harbour/ChangeLog index 312eaafe53..1dce688df3 100644 --- a/harbour/ChangeLog +++ b/harbour/ChangeLog @@ -17,6 +17,18 @@ past entries belonging to author(s): Viktor Szakats. */ +2009-07-20 13:02 UTC+0200 Viktor Szakats (harbour.01 syenar.hu) + * contrib/hbssl/ssl.c + * contrib/hbssl/sslctx.c + * contrib/hbssl/tests/test.prg + + Added: + SSL_CTX_GET_OPTIONS() + SSL_CTX_GET_CLIENT_CA_LIST() + SSL_GET_OPTIONS() + SSL_GET_CIPHERS() + SSL_GET_CLIENT_CA_LIST() + SSL_LOAD_CLIENT_CA_FILE() + 2009-07-20 10:27 UTC+0200 Viktor Szakats (harbour.01 syenar.hu) * include/hbapinet.h ! Fix for Cygwin. diff --git a/harbour/contrib/hbssl/ssl.c b/harbour/contrib/hbssl/ssl.c index 3bb4339fce..9f8ec0eaf8 100644 --- a/harbour/contrib/hbssl/ssl.c +++ b/harbour/contrib/hbssl/ssl.c @@ -1072,6 +1072,19 @@ HB_FUNC( SSL_SET_CONNECT_STATE ) hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); } +HB_FUNC( SSL_GET_OPTIONS ) +{ + if( hb_SSL_is( 1 ) ) + { + SSL * ssl = hb_SSL_par( 1 ); + + if( ssl ) + hb_retnl( SSL_get_options( ssl ) ); + } + else + hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); +} + HB_FUNC( SSL_SET_OPTIONS ) { if( hb_SSL_is( 1 ) ) @@ -1269,7 +1282,90 @@ HB_FUNC( SSL_USE_RSAPRIVATEKEY_FILE ) hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); } +HB_FUNC( SSL_GET_CIPHERS ) +{ + if( hb_SSL_is( 1 ) ) + { + SSL * ssl = hb_SSL_par( 1 ); + + if( ssl ) + { + STACK_OF( SSL_CIPHER ) * stack = SSL_get_ciphers( ssl ); + int len = sk_SSL_CIPHER_num( stack ); + + if( len > 0 ) + { + PHB_ITEM pArray = hb_itemArrayNew( len ); + int tmp; + + for( tmp = 0; tmp < len; tmp++ ) + hb_arraySetPtr( pArray, tmp + 1, sk_SSL_CIPHER_value( stack, tmp ) ); + + hb_itemReturnRelease( pArray ); + } + else + hb_reta( 0 ); + } + } + else + hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); +} + +HB_FUNC( SSL_GET_CLIENT_CA_LIST ) +{ + if( hb_SSL_is( 1 ) ) + { + SSL * ssl = hb_SSL_par( 1 ); + + if( ssl ) + { + STACK_OF( X509_NAME ) * stack = SSL_get_client_CA_list( ssl ); + int len = sk_X509_NAME_num( stack ); + + if( len > 0 ) + { + PHB_ITEM pArray = hb_itemArrayNew( len ); + int tmp; + + for( tmp = 0; tmp < len; tmp++ ) + hb_arraySetPtr( pArray, tmp + 1, sk_X509_NAME_value( stack, tmp ) ); + + hb_itemReturnRelease( pArray ); + } + else + hb_reta( 0 ); + } + } + else + hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); +} + +HB_FUNC( SSL_LOAD_CLIENT_CA_FILE ) +{ + if( HB_ISCHAR( 1 ) ) + { + STACK_OF( X509_NAME ) * stack = SSL_load_client_CA_file( hb_parc( 1 ) ); + int len = sk_X509_NAME_num( stack ); + + if( len > 0 ) + { + PHB_ITEM pArray = hb_itemArrayNew( len ); + int tmp; + + for( tmp = 0; tmp < len; tmp++ ) + hb_arraySetPtr( pArray, tmp + 1, sk_X509_NAME_value( stack, tmp ) ); + + hb_itemReturnRelease( pArray ); + } + else + hb_reta( 0 ); + } + else + hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); +} + /* +STACK * SSL_get_peer_cert_chain(const SSL *ssl); int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey); int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, unsigned char *d, long len); int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa); @@ -1285,16 +1381,12 @@ int SSL_add_dir_cert_subjects_to_stack(STACK *stack, const char *dir); int SSL_add_file_cert_subjects_to_stack(STACK *stack, const char *file); STACK * SSL_dup_CA_list(STACK *sk); SSL_CTX * SSL_get_SSL_CTX(const SSL *ssl); -STACK * SSL_get_ciphers(const SSL *ssl); -STACK * SSL_get_client_CA_list(const SSL *ssl); int SSL_get_ex_data_X509_STORE_CTX_idx(void); int SSL_get_ex_new_index(long argl, char *argp, int (*new_func);(void), int (*dup_func)(void), void (*free_func)(void)) void (*SSL_get_info_callback(const SSL *ssl);)() -STACK * SSL_get_peer_cert_chain(const SSL *ssl); EVP_PKEY * SSL_get_privatekey(SSL *ssl); SSL_SESSION *SSL_get_session(const SSL *ssl); int (*SSL_get_verify_callback(const SSL *ssl))(int,X509_STORE_CTX *) -STACK * SSL_load_client_CA_file(char *file); void SSL_set_client_CA_list(SSL *ssl, STACK *list); void SSL_set_info_callback(SSL *ssl, void (*cb);(void)) void SSL_set_msg_callback(SSL *ctx, void (*cb)(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg)); diff --git a/harbour/contrib/hbssl/sslctx.c b/harbour/contrib/hbssl/sslctx.c index d251e08500..a3980ddf36 100644 --- a/harbour/contrib/hbssl/sslctx.c +++ b/harbour/contrib/hbssl/sslctx.c @@ -52,6 +52,7 @@ #include "hbapi.h" #include "hbapierr.h" +#include "hbapiitm.h" #include "hbssl.h" @@ -518,6 +519,19 @@ HB_FUNC( SSL_CTX_SET_DEFAULT_READ_AHEAD ) hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); } +HB_FUNC( SSL_CTX_GET_OPTIONS ) +{ + if( hb_SSL_CTX_is( 1 ) ) + { + SSL_CTX * ctx = hb_SSL_CTX_par( 1 ); + + if( ctx ) + hb_retnl( SSL_CTX_get_options( ctx ) ); + } + else + hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); +} + HB_FUNC( SSL_CTX_SET_OPTIONS ) { if( hb_SSL_CTX_is( 1 ) ) @@ -598,6 +612,35 @@ HB_FUNC( SSL_CTX_ADD_CLIENT_CA ) hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); } +HB_FUNC( SSL_CTX_GET_CLIENT_CA_LIST ) +{ + if( hb_SSL_CTX_is( 1 ) ) + { + SSL_CTX * ctx = hb_SSL_CTX_par( 1 ); + + if( ctx ) + { + STACK_OF( X509_NAME ) * stack = SSL_CTX_get_client_CA_list( ctx ); + int len = sk_X509_NAME_num( stack ); + + if( len > 0 ) + { + PHB_ITEM pArray = hb_itemArrayNew( sk_X509_NAME_num( stack ) ); + int tmp; + + for( tmp = 0; tmp < len; tmp++ ) + hb_arraySetPtr( pArray, tmp + 1, sk_X509_NAME_value( stack, tmp ) ); + + hb_itemReturnRelease( pArray ); + } + else + hb_reta( 0 ); + } + } + else + hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS ); +} + HB_FUNC( SSL_CTX_ADD_EXTRA_CHAIN_CERT ) { if( hb_SSL_CTX_is( 1 ) && hb_X509_is( 2 ) ) @@ -665,6 +708,10 @@ HB_FUNC( SSL_CTX_USE_RSAPRIVATEKEY_FILE ) } /* +#define sk_X509_NAME_new_null() SKM_sk_new_null(X509_NAME) +#define sk_X509_NAME_push(st, val) SKM_sk_push(X509_NAME, (st), (val)) +#define sk_X509_NAME_free(st) SKM_sk_free(X509_NAME, (st)) + int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d); X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *); @@ -675,7 +722,6 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, unsigned char *d, long int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa); int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len); long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, char *parg); -STACK *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx); void SSL_CTX_set_app_data(SSL_CTX *ctx, void *arg); int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, char *arg); diff --git a/harbour/contrib/hbssl/tests/test.prg b/harbour/contrib/hbssl/tests/test.prg index 0098a70496..bde0fb7f44 100644 --- a/harbour/contrib/hbssl/tests/test.prg +++ b/harbour/contrib/hbssl/tests/test.prg @@ -74,6 +74,15 @@ PROCEDURE Main() ? "SSL_CONNECT", tmp := SSL_CONNECT( ssl ) ? "SSL_GET_ERROR", SSL_GET_ERROR( ssl, tmp ) + tmp := SSL_get_ciphers( ssl ) + FOR EACH cipher IN tmp + ? "SSL_CIPHER_GET_NAME" , SSL_CIPHER_GET_NAME( cipher ) + ? "SSL_CIPHER_GET_VERSION", SSL_CIPHER_GET_VERSION( cipher ) + ? "SSL_CIPHER_GET_BITS" , SSL_CIPHER_GET_BITS( cipher, @bits ), bits + ? "SSL_CIPHER_DESCRIPTION", ">" + SSL_CIPHER_DESCRIPTION( cipher ) + "<" + ? "- - - - - - - - - - - - - - -" + NEXT + ? "SSL_GET_CIPHER_BITS" , SSL_GET_CIPHER_BITS( ssl, @bits ), bits ? "SSL_GET_CIPHER_LIST" , SSL_GET_CIPHER_LIST( ssl ) ? "SSL_GET_CIPHER_NAME" , SSL_GET_CIPHER_NAME( ssl )