diff options
| author | Joel Sing <jsing@cvs.openbsd.org> | 2014-07-13 23:17:30 +0000 |
|---|---|---|
| committer | Joel Sing <jsing@cvs.openbsd.org> | 2014-07-13 23:17:30 +0000 |
| commit | 77a9559c215a3c76047053399085ca4a0f1e87bd (patch) | |
| tree | 7e4e0cc4b76c78eed60cd54e4caffbced8886807 /lib | |
| parent | 4a34e47b56687ff68e7852df5ebf16a2508bcec7 (diff) | |
Rename the context allocation from ressl_new to ressl_client, which makes
it completely obvious what the context is for. Ensure client functions are
used on client contexts.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libressl/ressl.h | 2 | ||||
| -rw-r--r-- | lib/libressl/ressl_client.c | 23 | ||||
| -rw-r--r-- | lib/libressl/ressl_internal.h | 6 |
3 files changed, 30 insertions, 1 deletions
diff --git a/lib/libressl/ressl.h b/lib/libressl/ressl.h index 766335aa0cd..e7e0a9c51b0 100644 --- a/lib/libressl/ressl.h +++ b/lib/libressl/ressl.h @@ -36,7 +36,7 @@ void ressl_config_set_verify_depth(struct ressl_config *config, void ressl_config_insecure_no_verify(struct ressl_config *config); void ressl_config_verify(struct ressl_config *config); -struct ressl *ressl_new(void); +struct ressl *ressl_client(void); int ressl_configure(struct ressl *ctx, struct ressl_config *config); void ressl_reset(struct ressl *ctx); void ressl_free(struct ressl *ctx); diff --git a/lib/libressl/ressl_client.c b/lib/libressl/ressl_client.c index 2e4f2538567..1d1ad72b862 100644 --- a/lib/libressl/ressl_client.c +++ b/lib/libressl/ressl_client.c @@ -28,6 +28,19 @@ #include <ressl.h> #include "ressl_internal.h" +struct ressl * +ressl_client(void) +{ + struct ressl *ctx; + + if ((ctx = ressl_new()) == NULL) + return (NULL); + + ctx->flags |= RESSL_CLIENT; + + return (ctx); +} + int ressl_connect(struct ressl *ctx, const char *host, const char *port) { @@ -36,6 +49,11 @@ ressl_connect(struct ressl *ctx, const char *host, const char *port) char *hs = NULL, *ps = NULL; int rv = -1, s = -1, ret; + if ((ctx->flags & RESSL_CLIENT) == 0) { + ressl_set_error(ctx, "not a client context"); + goto err; + } + if (host == NULL) { ressl_set_error(ctx, "host not specified"); goto err; @@ -108,6 +126,11 @@ ressl_connect_socket(struct ressl *ctx, int socket, const char *hostname) X509 *cert = NULL; int ret; + if ((ctx->flags & RESSL_CLIENT) == 0) { + ressl_set_error(ctx, "not a client context"); + goto err; + } + ctx->socket = socket; /* XXX - add a configuration option to control versions. */ diff --git a/lib/libressl/ressl_internal.h b/lib/libressl/ressl_internal.h index f4eec10e63e..260ae8e1f93 100644 --- a/lib/libressl/ressl_internal.h +++ b/lib/libressl/ressl_internal.h @@ -33,8 +33,12 @@ struct ressl_config { int verify_depth; }; +#define RESSL_CLIENT (1 << 0) +#define RESSL_SERVER (1 << 1) + struct ressl { struct ressl_config *config; + uint64_t flags; int err; char *errmsg; @@ -45,6 +49,8 @@ struct ressl { SSL_CTX *ssl_ctx; }; +struct ressl *ressl_new(void); + int ressl_check_hostname(X509 *cert, const char *host); int ressl_host_port(const char *hostport, char **host, char **port); int ressl_set_error(struct ressl *ctx, char *fmt, ...); |