Ignore:
Timestamp:
Oct 16, 2009 3:06:13 AM (13 years ago)
Author:
nanang
Message:

Ticket #957:

  • Added SSL socket abstraction with OpenSSL backend.
  • Updated cipher data type and added cipher constants (Symbian SSL socket has also been updated).
  • Updated SIP TLS transport to allow setting certificate/credential (via file).
File:
1 edited

Legend:

Unmodified
Added
Removed
  • pjproject/trunk/pjlib/src/pj/ssl_sock_common.c

    r2913 r2950  
    1818 */ 
    1919#include <pj/ssl_sock.h> 
     20#include <pj/errno.h> 
    2021#include <pj/string.h> 
     22 
     23/* Cipher name structure */ 
     24typedef struct cipher_name_t { 
     25    pj_ssl_cipher    cipher; 
     26    const char      *name; 
     27} cipher_name_t; 
     28 
     29/* Cipher name constants */ 
     30static cipher_name_t cipher_names[] = 
     31{ 
     32    {TLS_NULL_WITH_NULL_NULL,               "NULL"}, 
     33 
     34    /* TLS/SSLv3 */ 
     35    {TLS_RSA_WITH_NULL_MD5,                 "TLS_RSA_WITH_NULL_MD5"}, 
     36    {TLS_RSA_WITH_NULL_SHA,                 "TLS_RSA_WITH_NULL_SHA"}, 
     37    {TLS_RSA_WITH_NULL_SHA256,              "TLS_RSA_WITH_NULL_SHA256"}, 
     38    {TLS_RSA_WITH_RC4_128_MD5,              "TLS_RSA_WITH_RC4_128_MD5"}, 
     39    {TLS_RSA_WITH_RC4_128_SHA,              "TLS_RSA_WITH_RC4_128_SHA"}, 
     40    {TLS_RSA_WITH_3DES_EDE_CBC_SHA,         "TLS_RSA_WITH_3DES_EDE_CBC_SHA"}, 
     41    {TLS_RSA_WITH_AES_128_CBC_SHA,          "TLS_RSA_WITH_AES_128_CBC_SHA"}, 
     42    {TLS_RSA_WITH_AES_256_CBC_SHA,          "TLS_RSA_WITH_AES_256_CBC_SHA"}, 
     43    {TLS_RSA_WITH_AES_128_CBC_SHA256,       "TLS_RSA_WITH_AES_128_CBC_SHA256"}, 
     44    {TLS_RSA_WITH_AES_256_CBC_SHA256,       "TLS_RSA_WITH_AES_256_CBC_SHA256"}, 
     45    {TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA,      "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"}, 
     46    {TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA,      "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"}, 
     47    {TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA,     "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"}, 
     48    {TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA,     "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"}, 
     49    {TLS_DH_DSS_WITH_AES_128_CBC_SHA,       "TLS_DH_DSS_WITH_AES_128_CBC_SHA"}, 
     50    {TLS_DH_RSA_WITH_AES_128_CBC_SHA,       "TLS_DH_RSA_WITH_AES_128_CBC_SHA"}, 
     51    {TLS_DHE_DSS_WITH_AES_128_CBC_SHA,      "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"}, 
     52    {TLS_DHE_RSA_WITH_AES_128_CBC_SHA,      "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"}, 
     53    {TLS_DH_DSS_WITH_AES_256_CBC_SHA,       "TLS_DH_DSS_WITH_AES_256_CBC_SHA"}, 
     54    {TLS_DH_RSA_WITH_AES_256_CBC_SHA,       "TLS_DH_RSA_WITH_AES_256_CBC_SHA"}, 
     55    {TLS_DHE_DSS_WITH_AES_256_CBC_SHA,      "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"}, 
     56    {TLS_DHE_RSA_WITH_AES_256_CBC_SHA,      "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"}, 
     57    {TLS_DH_DSS_WITH_AES_128_CBC_SHA256,    "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"}, 
     58    {TLS_DH_RSA_WITH_AES_128_CBC_SHA256,    "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"}, 
     59    {TLS_DHE_DSS_WITH_AES_128_CBC_SHA256,   "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"}, 
     60    {TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,   "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"}, 
     61    {TLS_DH_DSS_WITH_AES_256_CBC_SHA256,    "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"}, 
     62    {TLS_DH_RSA_WITH_AES_256_CBC_SHA256,    "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"}, 
     63    {TLS_DHE_DSS_WITH_AES_256_CBC_SHA256,   "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"}, 
     64    {TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,   "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"}, 
     65    {TLS_DH_anon_WITH_RC4_128_MD5,          "TLS_DH_anon_WITH_RC4_128_MD5"}, 
     66    {TLS_DH_anon_WITH_3DES_EDE_CBC_SHA,     "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"}, 
     67    {TLS_DH_anon_WITH_AES_128_CBC_SHA,      "TLS_DH_anon_WITH_AES_128_CBC_SHA"}, 
     68    {TLS_DH_anon_WITH_AES_256_CBC_SHA,      "TLS_DH_anon_WITH_AES_256_CBC_SHA"}, 
     69    {TLS_DH_anon_WITH_AES_128_CBC_SHA256,   "TLS_DH_anon_WITH_AES_128_CBC_SHA256"}, 
     70    {TLS_DH_anon_WITH_AES_256_CBC_SHA256,   "TLS_DH_anon_WITH_AES_256_CBC_SHA256"}, 
     71 
     72    /* TLS (deprecated) */ 
     73    {TLS_RSA_EXPORT_WITH_RC4_40_MD5,        "TLS_RSA_EXPORT_WITH_RC4_40_MD5"}, 
     74    {TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5,    "TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5"}, 
     75    {TLS_RSA_WITH_IDEA_CBC_SHA,             "TLS_RSA_WITH_IDEA_CBC_SHA"}, 
     76    {TLS_RSA_EXPORT_WITH_DES40_CBC_SHA,     "TLS_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 
     77    {TLS_RSA_WITH_DES_CBC_SHA,              "TLS_RSA_WITH_DES_CBC_SHA"}, 
     78    {TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA,  "TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 
     79    {TLS_DH_DSS_WITH_DES_CBC_SHA,           "TLS_DH_DSS_WITH_DES_CBC_SHA"}, 
     80    {TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA,  "TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 
     81    {TLS_DH_RSA_WITH_DES_CBC_SHA,           "TLS_DH_RSA_WITH_DES_CBC_SHA"}, 
     82    {TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, "TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"}, 
     83    {TLS_DHE_DSS_WITH_DES_CBC_SHA,          "TLS_DHE_DSS_WITH_DES_CBC_SHA"}, 
     84    {TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, "TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"}, 
     85    {TLS_DHE_RSA_WITH_DES_CBC_SHA,          "TLS_DHE_RSA_WITH_DES_CBC_SHA"}, 
     86    {TLS_DH_anon_EXPORT_WITH_RC4_40_MD5,    "TLS_DH_anon_EXPORT_WITH_RC4_40_MD5"}, 
     87    {TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA, "TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"}, 
     88    {TLS_DH_anon_WITH_DES_CBC_SHA,          "TLS_DH_anon_WITH_DES_CBC_SHA"}, 
     89 
     90    /* SSLv3 */ 
     91    {SSL_FORTEZZA_KEA_WITH_NULL_SHA,        "SSL_FORTEZZA_KEA_WITH_NULL_SHA"}, 
     92    {SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA,"SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"}, 
     93    {SSL_FORTEZZA_KEA_WITH_RC4_128_SHA,     "SSL_FORTEZZA_KEA_WITH_RC4_128_SHA"}, 
     94 
     95    /* SSLv2 */ 
     96    {SSL_CK_RC4_128_WITH_MD5,               "SSL_CK_RC4_128_WITH_MD5"}, 
     97    {SSL_CK_RC4_128_EXPORT40_WITH_MD5,      "SSL_CK_RC4_128_EXPORT40_WITH_MD5"}, 
     98    {SSL_CK_RC2_128_CBC_WITH_MD5,           "SSL_CK_RC2_128_CBC_WITH_MD5"}, 
     99    {SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5,  "SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5"}, 
     100    {SSL_CK_IDEA_128_CBC_WITH_MD5,          "SSL_CK_IDEA_128_CBC_WITH_MD5"}, 
     101    {SSL_CK_DES_64_CBC_WITH_MD5,            "SSL_CK_DES_64_CBC_WITH_MD5"}, 
     102    {SSL_CK_DES_192_EDE3_CBC_WITH_MD5,      "SSL_CK_DES_192_EDE3_CBC_WITH_MD5"} 
     103}; 
     104 
    21105 
    22106/* 
    23107 * Initialize the SSL socket configuration with the default values. 
    24108 */ 
    25 PJ_DECL(void) pj_ssl_sock_param_default(pj_ssl_sock_param *param) 
     109PJ_DEF(void) pj_ssl_sock_param_default(pj_ssl_sock_param *param) 
    26110{ 
    27111    pj_bzero(param, sizeof(*param)); 
     
    33117    param->concurrency = -1; 
    34118    param->whole_data = PJ_TRUE; 
    35 #if PJ_SYMBIAN 
    36119    param->send_buffer_size = 8192; 
     120#if !defined(PJ_SYMBIAN) || PJ_SYMBIAN==0 
     121    param->read_buffer_size = 1500; 
    37122#endif 
    38123 
     
    42127 
    43128 
     129PJ_DEF(const char*) pj_ssl_cipher_name(pj_ssl_cipher cipher) 
     130{ 
     131    unsigned i, n; 
     132 
     133    n = PJ_ARRAY_SIZE(cipher_names); 
     134    for (i = 0; i < n; ++i) { 
     135        if (cipher == cipher_names[i].cipher) 
     136            return cipher_names[i].name; 
     137    } 
     138 
     139    return NULL; 
     140} 
Note: See TracChangeset for help on using the changeset viewer.