-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathshim.c
233 lines (185 loc) · 5.8 KB
/
shim.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
/*
* Copyright (C) 2014 Space Monkey, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
#include <string.h>
#include <openssl/conf.h>
#include <openssl/bio.h>
#include <openssl/crypto.h>
#include <openssl/engine.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/ssl.h>
#include "_cgo_export.h"
void X_tongsuogo_init(void) {
SSL_load_error_strings();
SSL_library_init();
}
long X_SSL_set_options(SSL* ssl, long options) {
return SSL_set_options(ssl, options);
}
long X_SSL_get_options(SSL* ssl) {
return SSL_get_options(ssl);
}
long X_SSL_clear_options(SSL* ssl, long options) {
return SSL_clear_options(ssl, options);
}
long X_SSL_set_tlsext_host_name(SSL *ssl, const char *name) {
return SSL_set_tlsext_host_name(ssl, name);
}
const char *X_SSL_get_cipher_name(const SSL *ssl) {
return SSL_get_cipher_name(ssl);
}
const char *X_SSL_get_version(const SSL *ssl) {
return SSL_get_version(ssl);
}
int X_SSL_session_reused(SSL *ssl) {
return SSL_session_reused(ssl);
}
int X_SSL_new_index() {
return SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
}
int X_SSL_verify_cb(int ok, X509_STORE_CTX* store) {
SSL* ssl = (SSL *)X509_STORE_CTX_get_ex_data(store,
SSL_get_ex_data_X509_STORE_CTX_idx());
void* p = SSL_get_ex_data(ssl, get_ssl_idx());
// get the pointer to the go Ctx object and pass it back into the thunk
return go_ssl_verify_cb_thunk(p, ok, store);
}
int X_SSL_CTX_set_max_proto_version(SSL_CTX *ctx, int version) {
return SSL_CTX_set_max_proto_version(ctx, version);
}
int X_SSL_CTX_set_min_proto_version(SSL_CTX *ctx, int version) {
return SSL_CTX_set_min_proto_version(ctx, version);
}
const SSL_METHOD *X_SSLv23_method() {
return SSLv23_method();
}
const SSL_METHOD *X_SSLv3_method() {
#ifndef OPENSSL_NO_SSL3_METHOD
return SSLv3_method();
#else
return NULL;
#endif
}
const SSL_METHOD *X_TLSv1_method() {
return TLSv1_method();
}
const SSL_METHOD *X_TLSv1_1_method() {
#if defined(TLS1_1_VERSION) && !defined(OPENSSL_SYSNAME_MACOSX)
return TLSv1_1_method();
#else
return NULL;
#endif
}
const SSL_METHOD *X_TLSv1_2_method() {
#if defined(TLS1_2_VERSION) && !defined(OPENSSL_SYSNAME_MACOSX)
return TLSv1_2_method();
#else
return NULL;
#endif
}
const SSL_METHOD *X_NTLS_method() {
return NTLS_method();
}
const SSL_METHOD *X_NTLS_client_method() {
return NTLS_client_method();
}
const SSL_METHOD *X_NTLS_server_method() {
return NTLS_server_method();
}
int X_SSL_CTX_new_index() {
return SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
}
void X_SSL_CTX_enable_ntls(SSL_CTX* ctx) {
return SSL_CTX_enable_ntls(ctx);
}
long X_SSL_CTX_set_options(SSL_CTX* ctx, long options) {
return SSL_CTX_set_options(ctx, options);
}
long X_SSL_CTX_clear_options(SSL_CTX* ctx, long options) {
return SSL_CTX_clear_options(ctx, options);
}
long X_SSL_CTX_get_options(SSL_CTX* ctx) {
return SSL_CTX_get_options(ctx);
}
long X_SSL_CTX_set_mode(SSL_CTX* ctx, long modes) {
return SSL_CTX_set_mode(ctx, modes);
}
long X_SSL_CTX_get_mode(SSL_CTX* ctx) {
return SSL_CTX_get_mode(ctx);
}
long X_SSL_CTX_set_session_cache_mode(SSL_CTX* ctx, long modes) {
return SSL_CTX_set_session_cache_mode(ctx, modes);
}
long X_SSL_CTX_sess_set_cache_size(SSL_CTX* ctx, long t) {
return SSL_CTX_sess_set_cache_size(ctx, t);
}
long X_SSL_CTX_sess_get_cache_size(SSL_CTX* ctx) {
return SSL_CTX_sess_get_cache_size(ctx);
}
long X_SSL_CTX_set_timeout(SSL_CTX* ctx, long t) {
return SSL_CTX_set_timeout(ctx, t);
}
long X_SSL_CTX_get_timeout(SSL_CTX* ctx) {
return SSL_CTX_get_timeout(ctx);
}
long X_SSL_CTX_add_extra_chain_cert(SSL_CTX* ctx, X509 *cert) {
return SSL_CTX_add_extra_chain_cert(ctx, cert);
}
long X_SSL_CTX_set_tmp_ecdh(SSL_CTX* ctx, EC_KEY *key) {
return SSL_CTX_set_tmp_ecdh(ctx, key);
}
long X_SSL_CTX_set_tlsext_servername_callback(
SSL_CTX* ctx, int (*cb)(SSL *con, int *ad, void *args)) {
return SSL_CTX_set_tlsext_servername_callback(ctx, cb);
}
int X_SSL_CTX_verify_cb(int ok, X509_STORE_CTX* store) {
SSL* ssl = (SSL *)X509_STORE_CTX_get_ex_data(store,
SSL_get_ex_data_X509_STORE_CTX_idx());
SSL_CTX* ssl_ctx = SSL_get_SSL_CTX(ssl);
void* p = SSL_CTX_get_ex_data(ssl_ctx, get_ssl_ctx_idx());
// get the pointer to the go Ctx object and pass it back into the thunk
return go_ssl_ctx_verify_cb_thunk(p, ok, store);
}
long X_SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH *dh) {
return SSL_CTX_set_tmp_dh(ctx, dh);
}
long X_PEM_read_DHparams(SSL_CTX* ctx, DH *dh) {
return SSL_CTX_set_tmp_dh(ctx, dh);
}
int X_SSL_CTX_set_tlsext_ticket_key_cb(SSL_CTX *sslctx,
int (*cb)(SSL *s, unsigned char key_name[16],
unsigned char iv[EVP_MAX_IV_LENGTH],
EVP_CIPHER_CTX *ctx, HMAC_CTX *hctx, int enc)) {
return SSL_CTX_set_tlsext_ticket_key_cb(sslctx, cb);
}
int X_SSL_CTX_ticket_key_cb(SSL *s, unsigned char key_name[16],
unsigned char iv[EVP_MAX_IV_LENGTH],
EVP_CIPHER_CTX *cctx, HMAC_CTX *hctx, int enc) {
SSL_CTX* ssl_ctx = SSL_get_SSL_CTX(s);
void* p = SSL_CTX_get_ex_data(ssl_ctx, get_ssl_ctx_idx());
// get the pointer to the go Ctx object and pass it back into the thunk
return go_ticket_key_cb_thunk(p, key_name, cctx, hctx, enc);
}
int X_X509_add_ref(X509* x509) {
return X509_up_ref(x509);
}
int X_sk_X509_num(STACK_OF(X509) *sk) {
return sk_X509_num(sk);
}
X509 *X_sk_X509_value(STACK_OF(X509)* sk, int i) {
return sk_X509_value(sk, i);
}