summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoel Sing <jsing@cvs.openbsd.org>2014-10-31 14:10:56 +0000
committerJoel Sing <jsing@cvs.openbsd.org>2014-10-31 14:10:56 +0000
commita17d6bf53ab09d09bb87a7de7080dc396564f208 (patch)
tree4609ff33cc74e2a82d70497e680ea46552a92565
parent6823694d2f683d8a1d136c4f3cbb2fbfe8817287 (diff)
Update regress for the libressl to libtls rename.
-rw-r--r--regress/lib/Makefile4
-rw-r--r--regress/lib/libressl/Makefile8
-rw-r--r--regress/lib/libressl/goressl/ressl.go161
-rw-r--r--regress/lib/libtls/Makefile8
-rw-r--r--regress/lib/libtls/gotls/Makefile (renamed from regress/lib/libressl/goressl/Makefile)6
-rw-r--r--regress/lib/libtls/gotls/tls.go165
-rw-r--r--regress/lib/libtls/gotls/tls_test.go (renamed from regress/lib/libressl/goressl/ressl_test.go)30
7 files changed, 193 insertions, 189 deletions
diff --git a/regress/lib/Makefile b/regress/lib/Makefile
index e98bd496fd8..2df295114e4 100644
--- a/regress/lib/Makefile
+++ b/regress/lib/Makefile
@@ -1,6 +1,6 @@
-# $OpenBSD: Makefile,v 1.17 2014/07/14 01:05:36 jsing Exp $
+# $OpenBSD: Makefile,v 1.18 2014/10/31 14:10:55 jsing Exp $
-SUBDIR+= csu libc libcrypto libevent libm libpthread libressl libskey libssl \
+SUBDIR+= csu libc libcrypto libevent libm libpthread libskey libssl libtls \
libutil
install:
diff --git a/regress/lib/libressl/Makefile b/regress/lib/libressl/Makefile
deleted file mode 100644
index 563753a1f07..00000000000
--- a/regress/lib/libressl/Makefile
+++ /dev/null
@@ -1,8 +0,0 @@
-# $OpenBSD: Makefile,v 1.1 2014/07/12 16:01:28 jsing Exp $
-
-SUBDIR= \
- goressl
-
-install:
-
-.include <bsd.subdir.mk>
diff --git a/regress/lib/libressl/goressl/ressl.go b/regress/lib/libressl/goressl/ressl.go
deleted file mode 100644
index 17f457d1bfe..00000000000
--- a/regress/lib/libressl/goressl/ressl.go
+++ /dev/null
@@ -1,161 +0,0 @@
-// Package ressl provides a Go interface to the libressl library.
-package ressl
-
-/*
-#cgo LDFLAGS: -lressl -lssl -lcrypto
-
-#include <stdlib.h>
-
-#include <ressl.h>
-
-typedef void *ressl;
-*/
-import "C"
-
-import (
- "errors"
- "fmt"
- "unsafe"
-)
-
-// ResslConfig provides configuration options for a Ressl context.
-type ResslConfig struct {
- caFile *C.char
- resslCfg *C.struct_ressl_config
-}
-
-// Ressl encapsulates the context for ressl.
-type Ressl struct {
- cfg *ResslConfig
- ctx *C.struct_ressl
-}
-
-// Init initialises the ressl library.
-func Init() error {
- if C.ressl_init() != 0 {
- return errors.New("initialisation failed")
- }
- return nil
-}
-
-// NewConfig returns a new ressl configuration.
-func NewConfig() (*ResslConfig, error) {
- cfg := C.ressl_config_new()
- if cfg == nil {
- return nil, errors.New("failed to allocate config")
- }
- return &ResslConfig{
- resslCfg: cfg,
- }, nil
-}
-
-// SetCAFile sets the CA file to be used for connections.
-func (c *ResslConfig) SetCAFile(filename string) {
- if c.caFile != nil {
- C.free(unsafe.Pointer(c.caFile))
- }
- c.caFile = C.CString(filename)
- C.ressl_config_set_ca_file(c.resslCfg, c.caFile)
-}
-
-// SetInsecure disables verification for the connection.
-func (c *ResslConfig) InsecureNoVerify() {
- C.ressl_config_insecure_no_verify(c.resslCfg)
-}
-
-// SetSecure enables verification for the connection.
-func (c *ResslConfig) SetVerify() {
- C.ressl_config_verify(c.resslCfg)
-}
-
-// Free frees resources associated with the ressl configuration.
-func (c *ResslConfig) Free() {
- if c.resslCfg == nil {
- return
- }
- C.ressl_config_free(c.resslCfg)
- c.resslCfg = nil
-}
-
-// NewClient returns a new ressl client context, using the optional
-// configuration. If no configuration is specified the default configuration
-// will be used.
-func NewClient(config *ResslConfig) (*Ressl, error) {
- var sslCfg *C.struct_ressl_config
- if config != nil {
- sslCfg = config.resslCfg
- }
- ctx := C.ressl_client()
- if ctx == nil {
- return nil, errors.New("ressl client failed")
- }
- if C.ressl_configure(ctx, sslCfg) != 0 {
- return nil, errors.New("ressl configure failed")
- }
- return &Ressl{
- cfg: config,
- ctx: ctx,
- }, nil
-}
-
-// Error returns the error message from the ressl context.
-func (r *Ressl) Error() string {
- if msg := C.ressl_error(r.ctx); msg != nil {
- return C.GoString(msg)
- }
- return ""
-}
-
-// Connect attempts to establish an SSL connection to the specified host on
-// the given port. The host may optionally contain a colon separated port
-// value if the port string is specified as an empty string.
-func (r *Ressl) Connect(host, port string) error {
- h := C.CString(host)
- var p *C.char
- if port != "" {
- p = C.CString(port)
- }
- defer C.free(unsafe.Pointer(h))
- defer C.free(unsafe.Pointer(p))
- if C.ressl_connect(r.ctx, h, p) != 0 {
- return fmt.Errorf("connect failed: %v", r.Error())
- }
- return nil
-}
-
-// Read reads data the SSL connection into the given buffer.
-func (r *Ressl) Read(buf []byte) (int, error) {
- var inlen C.size_t
- if C.ressl_read(r.ctx, unsafe.Pointer(&buf[0]), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(&inlen))) != 0 {
- return -1, fmt.Errorf("read failed: %v", r.Error())
- }
- return int(inlen), nil
-}
-
-// Write writes the given data to the SSL connection.
-func (r *Ressl) Write(buf []byte) (int, error) {
- var outlen C.size_t
- p := C.CString(string(buf))
- defer C.free(unsafe.Pointer(p))
- if C.ressl_write(r.ctx, unsafe.Pointer(p), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(&outlen))) != 0 {
- return -1, fmt.Errorf("write failed: %v", r.Error())
- }
- return int(outlen), nil
-}
-
-// Close closes the SSL connection.
-func (r *Ressl) Close() error {
- if C.ressl_close(r.ctx) != 0 {
- return fmt.Errorf("close failed: %v", r.Error())
- }
- return nil
-}
-
-// Free frees resources associated with the ressl context.
-func (r *Ressl) Free() {
- if r.ctx == nil {
- return
- }
- C.ressl_free(r.ctx)
- r.ctx = nil
-}
diff --git a/regress/lib/libtls/Makefile b/regress/lib/libtls/Makefile
new file mode 100644
index 00000000000..fc1e97a3b5e
--- /dev/null
+++ b/regress/lib/libtls/Makefile
@@ -0,0 +1,8 @@
+# $OpenBSD: Makefile,v 1.1 2014/10/31 14:10:55 jsing Exp $
+
+SUBDIR= \
+ gotls
+
+install:
+
+.include <bsd.subdir.mk>
diff --git a/regress/lib/libressl/goressl/Makefile b/regress/lib/libtls/gotls/Makefile
index d938db3f370..56286feec92 100644
--- a/regress/lib/libressl/goressl/Makefile
+++ b/regress/lib/libtls/gotls/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.1 2014/07/12 16:01:28 jsing Exp $
+# $OpenBSD: Makefile,v 1.1 2014/10/31 14:10:55 jsing Exp $
GO_VERSION != sh -c "(go version) 2>/dev/null || true"
@@ -7,9 +7,9 @@ regress:
@echo golang is required for this regress... skipping
.endif
-REGRESS_TARGETS=regress-goressl
+REGRESS_TARGETS=regress-gotls
-regress-goressl:
+regress-gotls:
cd ${.CURDIR} && go test -test.v .
.include <bsd.regress.mk>
diff --git a/regress/lib/libtls/gotls/tls.go b/regress/lib/libtls/gotls/tls.go
new file mode 100644
index 00000000000..7f490492bc9
--- /dev/null
+++ b/regress/lib/libtls/gotls/tls.go
@@ -0,0 +1,165 @@
+// Package tls provides a Go interface to the libtls library.
+package tls
+
+/*
+#cgo LDFLAGS: -ltls -lssl -lcrypto
+
+#include <stdlib.h>
+
+#include <tls.h>
+
+typedef void *tls;
+*/
+import "C"
+
+import (
+ "errors"
+ "fmt"
+ "unsafe"
+)
+
+// TLSConfig provides configuration options for a TLS context.
+type TLSConfig struct {
+ caFile *C.char
+ tlsCfg *C.struct_tls_config
+}
+
+// TLS encapsulates the TLS context.
+type TLS struct {
+ cfg *TLSConfig
+ ctx *C.struct_tls
+}
+
+// Init initialises the TLS library.
+func Init() error {
+ if C.tls_init() != 0 {
+ return errors.New("initialisation failed")
+ }
+ return nil
+}
+
+// NewConfig returns a new TLS configuration.
+func NewConfig() (*TLSConfig, error) {
+ cfg := C.tls_config_new()
+ if cfg == nil {
+ return nil, errors.New("failed to allocate config")
+ }
+ return &TLSConfig{
+ tlsCfg: cfg,
+ }, nil
+}
+
+// SetCAFile sets the CA file to be used for connections.
+func (c *TLSConfig) SetCAFile(filename string) {
+ if c.caFile != nil {
+ C.free(unsafe.Pointer(c.caFile))
+ }
+ c.caFile = C.CString(filename)
+ C.tls_config_set_ca_file(c.tlsCfg, c.caFile)
+}
+
+// InsecureNoVerifyCert disables certificate verification for the connection.
+func (c *TLSConfig) InsecureNoVerifyCert() {
+ C.tls_config_insecure_noverifycert(c.tlsCfg)
+}
+
+// InsecureNoVerifyHost disables hostname verification for the connection.
+func (c *TLSConfig) InsecureNoVerifyHost() {
+ C.tls_config_insecure_noverifyhost(c.tlsCfg)
+}
+
+// SetSecure enables verification for the connection.
+func (c *TLSConfig) SetVerify() {
+ C.tls_config_verify(c.tlsCfg)
+}
+
+// Free frees resources associated with the TLS configuration.
+func (c *TLSConfig) Free() {
+ if c.tlsCfg == nil {
+ return
+ }
+ C.tls_config_free(c.tlsCfg)
+ c.tlsCfg = nil
+}
+
+// NewClient returns a new TLS client context, using the optional configuration.
+// If no configuration is specified the default configuration will be used.
+func NewClient(config *TLSConfig) (*TLS, error) {
+ var sslCfg *C.struct_tls_config
+ if config != nil {
+ sslCfg = config.tlsCfg
+ }
+ ctx := C.tls_client()
+ if ctx == nil {
+ return nil, errors.New("tls client failed")
+ }
+ if C.tls_configure(ctx, sslCfg) != 0 {
+ return nil, errors.New("tls configure failed")
+ }
+ return &TLS{
+ cfg: config,
+ ctx: ctx,
+ }, nil
+}
+
+// Error returns the error message from the TLS context.
+func (t *TLS) Error() string {
+ if msg := C.tls_error(t.ctx); msg != nil {
+ return C.GoString(msg)
+ }
+ return ""
+}
+
+// Connect attempts to establish an TLS connection to the specified host on
+// the given port. The host may optionally contain a colon separated port
+// value if the port string is specified as an empty string.
+func (t *TLS) Connect(host, port string) error {
+ h := C.CString(host)
+ var p *C.char
+ if port != "" {
+ p = C.CString(port)
+ }
+ defer C.free(unsafe.Pointer(h))
+ defer C.free(unsafe.Pointer(p))
+ if C.tls_connect(t.ctx, h, p) != 0 {
+ return fmt.Errorf("connect failed: %v", t.Error())
+ }
+ return nil
+}
+
+// Read reads data the TLS connection into the given buffer.
+func (t *TLS) Read(buf []byte) (int, error) {
+ var inlen C.size_t
+ if C.tls_read(t.ctx, unsafe.Pointer(&buf[0]), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(&inlen))) != 0 {
+ return -1, fmt.Errorf("read failed: %v", t.Error())
+ }
+ return int(inlen), nil
+}
+
+// Write writes the given data to the TLS connection.
+func (t *TLS) Write(buf []byte) (int, error) {
+ var outlen C.size_t
+ p := C.CString(string(buf))
+ defer C.free(unsafe.Pointer(p))
+ if C.tls_write(t.ctx, unsafe.Pointer(p), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(&outlen))) != 0 {
+ return -1, fmt.Errorf("write failed: %v", t.Error())
+ }
+ return int(outlen), nil
+}
+
+// Close closes the TLS connection.
+func (t *TLS) Close() error {
+ if C.tls_close(t.ctx) != 0 {
+ return fmt.Errorf("close failed: %v", t.Error())
+ }
+ return nil
+}
+
+// Free frees resources associated with the TLS context.
+func (t *TLS) Free() {
+ if t.ctx == nil {
+ return
+ }
+ C.tls_free(t.ctx)
+ t.ctx = nil
+}
diff --git a/regress/lib/libressl/goressl/ressl_test.go b/regress/lib/libtls/gotls/tls_test.go
index a2d1a04a5bc..f709fcb455d 100644
--- a/regress/lib/libressl/goressl/ressl_test.go
+++ b/regress/lib/libtls/gotls/tls_test.go
@@ -1,4 +1,4 @@
-package ressl
+package tls
import (
"encoding/pem"
@@ -13,9 +13,9 @@ import (
)
// createCAFile writes a PEM encoded version of the certificate out to a
-// temporary file, for use by ressl.
+// temporary file, for use by libtls.
func createCAFile(cert []byte) (string, error) {
- f, err := ioutil.TempFile("", "ressl")
+ f, err := ioutil.TempFile("", "tls")
if err != nil {
return "", fmt.Errorf("failed to create file: %v", err)
}
@@ -30,9 +30,9 @@ func createCAFile(cert []byte) (string, error) {
return f.Name(), nil
}
-const httpContent = "Hello, ressl!"
+const httpContent = "Hello, TLS!"
-func TestResslBasic(t *testing.T) {
+func TestTLSBasic(t *testing.T) {
ts := httptest.NewTLSServer(
http.HandlerFunc(
func(w http.ResponseWriter, r *http.Request) {
@@ -64,27 +64,31 @@ func TestResslBasic(t *testing.T) {
defer cfg.Free()
cfg.SetCAFile(caFile)
- ssl, err := NewClient(cfg)
+ tls, err := NewClient(cfg)
if err != nil {
t.Fatal(err)
}
- defer ssl.Free()
+ defer tls.Free()
t.Logf("Connecting to %s", u.Host)
- if err := ssl.Connect(u.Host, ""); err != nil {
+ if err := tls.Connect(u.Host, ""); err != nil {
t.Fatal(err)
}
- defer ssl.Close()
+ defer func() {
+ if err := tls.Close(); err != nil {
+ t.Logf("Close failed: %v", err)
+ }
+ }()
- n, err := ssl.Write([]byte("GET / HTTP/1.0\n\n"))
+ n, err := tls.Write([]byte("GET / HTTP/1.0\n\n"))
if err != nil {
t.Fatal(err)
}
t.Logf("Wrote %d bytes...", n)
buf := make([]byte, 1024)
- n, err = ssl.Read(buf)
+ n, err = tls.Read(buf)
if err != nil {
t.Fatal(err)
}
@@ -93,8 +97,4 @@ func TestResslBasic(t *testing.T) {
if !strings.Contains(string(buf), httpContent) {
t.Errorf("Response does not contain %q", httpContent)
}
-
- if err := ssl.Close(); err != nil {
- t.Fatal(err)
- }
}