CFLAGS_SER=-Wall -g -I${top_srcdir}/src
LFLAGS_SER=-L. -lcanl
-HEAD_CANL=canl.h canl_locl.h
+HEAD_CANL=canl.h canl_locl.h canl_err.h
SRC_CLI=canl_sample_client.c
HEAD_CLI=canl.h
all: libcanl.la server client
-libcanl.la: canl.lo canl_err.lo canl_dns.lo canl_ssl.lo
+libcanl.la: canl.lo canl_err.lo canl_dns.lo canl_ssl.lo canl_cert.lo
${LINK} -rpath ${stagedir}${prefix}/${libdir} ${version_info} $+ ${LFLAGS_LIB} -o $@
-canl.lo: canl.c ${HEAD_CANL} canl_err.h
+canl.lo: canl.c ${HEAD_CANL}
${COMPILE} -c ${top_srcdir}/src/canl.c ${CFLAGS_LIB} -o $@
-canl_dns.lo: canl_dns.c ${HEAD_CANL}
+canl_dns.lo: canl_dns.c ${HEAD_CANL}
${COMPILE} -c ${top_srcdir}/src/canl_dns.c ${CFLAGS_LIB} -o $@
-canl_err.lo: canl_err.c ${HEAD_CANL}
+canl_err.lo: canl_err.c ${HEAD_CANL}
${COMPILE} -c ${top_srcdir}/src/canl_err.c ${CFLAGS_LIB} -o $@
canl_ssl.lo: canl_ssl.c ${HEAD_CANL}
${COMPILE} -c ${top_srcdir}/src/canl_ssl.c ${CFLAGS_LIB} -o $@
+canl_cert.lo: canl_cert.c ${HEAD_CANL}
+ ${COMPILE} -c ${top_srcdir}/src/canl_cert.c ${CFLAGS_LIB} -o $@
+
client: ${OBJ_CLI}
${LINK} $< ${LFLAGS_CLI} -o $@
#include <stdlib.h>
#include <sys/types.h>
#include <arpa/inet.h>
-#include "canl.h"
#include "canl_locl.h"
#include "sys/socket.h"
#include "string.h"
}
end:
- if (err)
+ if (err) {
update_error(glb_cc, "can't write to connection"
" (canl_io_write)");
+ return -1;
+ }
return b_written;
}
+
+int canl_set_ctx_own_cert(canl_ctx cc, canl_x509 cert,
+ canl_stack_of_x509 chain, canl_pkey key)
+{
+ glb_ctx *glb_cc = (glb_ctx*) cc;
+ int err = 0;
+
+ if (!cc)
+ return EINVAL;
+ if(!cert || !key) {
+ err = EINVAL;
+ set_error(glb_cc, err, posix_error, "invalid parameter value"
+ " (canl_set_ctx_own_cert)");
+ return err;
+ }
+
+ do_set_ctx_own_cert(glb_cc, cert, chain, key);
+
+ if(err) {
+ update_error(glb_cc, "can't set cert or key to context"
+ " (canl_set_ctx_own_cert)");
+ }
+ return err;
+}
typedef void *canl_ctx;
typedef void *cred_handler;
+typedef void *canl_x509;
+typedef void *canl_stack_of_x509;
+typedef void *canl_pkey;
+
canl_ctx canl_create_ctx();
void canl_free_ctx(canl_ctx cc);
canl_io_handler canl_create_io_handler(canl_ctx cc);
int canl_io_close(canl_ctx cc, canl_io_handler io);
int canl_io_destroy(canl_ctx cc, canl_io_handler io);
+int canl_set_ctx_own_cert(canl_ctx cc, canl_x509 cert,
+ canl_stack_of_x509 chain, canl_pkey key);
+
#endif
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
-#include "canl.h"
#include "canl_locl.h"
static int resolve_error(glb_ctx *cc, CANL_ERROR err_code,
-#ifndef CANL_LOCL_H
-#define CANL_LOCL_H
+#ifndef _CANL_LOCL_H
+#define _CANL_LOCL_H
+
#include <errno.h>
#include "canl_err.h"
+#include "canl.h"
#include <ares.h>
#include <ares_version.h>
#include <netdb.h>
#include <openssl/ssl.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/safestack.h>
#include <unistd.h>
#include <fcntl.h>
+typedef struct _cert_key_store {
+ X509 *cert;
+ EVP_PKEY *key;
+} cert_key_store;
+
typedef struct _glb_ctx
{
int opened_ios;
char * err_msg;
CANL_ERROR err_code;
CANL_ERROR_ORIGIN err_orig;
+ cert_key_store *cert_key;
} glb_ctx;
typedef struct _ossl_ctx
int ssl_write(glb_ctx *cc, io_handler *io, void *buffer, size_t size,
struct timeval *tout);
+int do_set_ctx_own_cert(glb_ctx *cc, canl_x509 cert, canl_stack_of_x509 chain,
+ canl_pkey key);
#endif
git://scientific.zcu.cz / jra1mw.git / commitdiff