commit 7f74790da7842bddc9d571b2de1939d53d1ab063
parent 80383024a39a1c338a213ca1181a092694f80fba
Author: Joris Vink <joris@coders.se>
Date: Fri, 18 Feb 2022 10:50:17 +0100
Define KORE_PRIVATE_KEY per TLS backend.
Diffstat:
4 files changed, 15 insertions(+), 13 deletions(-)
diff --git a/include/kore/kore.h b/include/kore/kore.h
@@ -68,11 +68,13 @@ typedef X509 KORE_X509;
typedef SSL KORE_TLS;
typedef SSL_CTX KORE_TLS_CTX;
typedef X509_NAME KORE_X509_NAMES;
+typedef EVP_PKEY KORE_PRIVATE_KEY;
#else
typedef void KORE_X509;
typedef void KORE_TLS;
typedef void KORE_TLS_CTX;
typedef void KORE_X509_NAMES;
+typedef void KORE_PRIVATE_KEY;
#endif
#define KORE_RSAKEY_BITS 4096
@@ -835,8 +837,8 @@ void kore_tls_domain_crl(struct kore_domain *, const void *, size_t);
void kore_tls_domain_setup(struct kore_domain *,
int, const void *, size_t);
-void *kore_tls_rsakey_load(const char *);
-void *kore_tls_rsakey_generate(const char *);
+KORE_PRIVATE_KEY *kore_tls_rsakey_load(const char *);
+KORE_PRIVATE_KEY *kore_tls_rsakey_generate(const char *);
int kore_tls_x509_data(struct connection *, u_int8_t **, size_t *);
KORE_X509_NAMES *kore_tls_x509_issuer_name(struct connection *);
diff --git a/src/keymgr_openssl.c b/src/keymgr_openssl.c
@@ -163,7 +163,7 @@ static struct sock_filter filter_keymgr[] = {
#endif
struct key {
- EVP_PKEY *pkey;
+ KORE_PRIVATE_KEY *pkey;
struct kore_domain *dom;
TAILQ_ENTRY(key) list;
};
diff --git a/src/tls_none.c b/src/tls_none.c
@@ -129,32 +129,32 @@ kore_tls_write(struct connection *c, size_t len, size_t *written)
fatal("%s: not supported", __func__);
}
-void *
+KORE_PRIVATE_KEY *
kore_tls_rsakey_load(const char *path)
{
fatal("%s: not supported", __func__);
}
-void *
+KORE_PRIVATE_KEY *
kore_tls_rsakey_generate(const char *path)
{
fatal("%s: not supported", __func__);
}
-void *
+KORE_X509_NAMES *
kore_tls_x509_subject_name(struct connection *c)
{
fatal("%s: not supported", __func__);
}
-void *
+KORE_X509_NAMES *
kore_tls_x509_issuer_name(struct connection *c)
{
fatal("%s: not supported", __func__);
}
int
-kore_tls_x509name_foreach(void *name, int flags, void *udata,
+kore_tls_x509name_foreach(KORE_X509_NAMES *name, int flags, void *udata,
int (*cb)(void *, int, int, const char *, const void *, size_t, int))
{
fatal("%s: not supported", __func__);
diff --git a/src/tls_openssl.c b/src/tls_openssl.c
@@ -598,11 +598,11 @@ kore_tls_connection_cleanup(struct connection *c)
}
-void *
+KORE_PRIVATE_KEY *
kore_tls_rsakey_load(const char *path)
{
- FILE *fp;
- EVP_PKEY *pkey;
+ FILE *fp;
+ KORE_PRIVATE_KEY *pkey;
if (access(path, R_OK) == -1)
return (NULL);
@@ -618,12 +618,12 @@ kore_tls_rsakey_load(const char *path)
return (pkey);
}
-void *
+KORE_PRIVATE_KEY *
kore_tls_rsakey_generate(const char *path)
{
FILE *fp;
EVP_PKEY_CTX *ctx;
- EVP_PKEY *pkey;
+ KORE_PRIVATE_KEY *pkey;
if ((ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)) == NULL)
fatalx("EVP_PKEY_CTX_new_id: %s", ssl_errno_s);
