diff options
| author | lloyd <[email protected]> | 2011-04-05 10:08:34 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2011-04-05 10:08:34 +0000 |
| commit | d81b3d27abb1b261d2e8c6222865b1ab358595e7 (patch) | |
| tree | 6baa131df00ba36414c1783a03076e91ce1e46e6 | |
| parent | c84143c2cb2554213399aee6d31e09d26aece6c8 (diff) | |
Remove the socket wrapper code, as the SSL interface itself
doesn't actually care. Move it to examples/socket.h
| -rw-r--r-- | doc/log.txt | 10 | ||||
| -rw-r--r-- | examples/GNUmakefile | 4 | ||||
| -rw-r--r-- | examples/socket.h | 211 | ||||
| -rw-r--r-- | examples/tls_client.cpp | 4 | ||||
| -rw-r--r-- | examples/tls_server.cpp | 7 | ||||
| -rw-r--r-- | src/ssl/info.txt | 1 | ||||
| -rw-r--r-- | src/ssl/socket.h | 46 | ||||
| -rw-r--r-- | src/ssl/unix_socket/info.txt | 20 | ||||
| -rw-r--r-- | src/ssl/unix_socket/unx_sock.cpp | 206 | ||||
| -rw-r--r-- | src/ssl/unix_socket/unx_sock.h | 62 |
10 files changed, 227 insertions, 344 deletions
diff --git a/doc/log.txt b/doc/log.txt index 89ab238d7..148956b38 100644 --- a/doc/log.txt +++ b/doc/log.txt @@ -12,11 +12,17 @@ Release 1.9.16-dev, ????-??-?? * The documenation, previously written in LaTeX, is now in reStructuredText suitable for processing by Sphinx, which can generate HTML, PDFs, or man pages. + * Remove the socket wrapper code; it was not actually used by + anything in the library, only in the examples, and you can use + whatever kind of (blocking) socket interface you like with the + SSL/TLS code. It's available as socket.h in the examples directory + if you want to use it. * Disable the by-default 'strong' checking of private keys that are loaded from storage. You can always request key material sanity - checking using check_key. + checking using Private_Key::check_key. * Bring back removed functions min_keylength_of, max_keylength_of, - keylength_multiple_of in lookup.h to avoid breaking applications. + keylength_multiple_of in lookup.h to avoid breaking applications + written against 1.8 Release 1.9.15, 2011-03-21 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/examples/GNUmakefile b/examples/GNUmakefile index 44fcfeea5..c386f4390 100644 --- a/examples/GNUmakefile +++ b/examples/GNUmakefile @@ -2,8 +2,8 @@ BOTAN_CONFIG = botan-config CXX = g++ -CFLAGS = -O2 -ansi -W -Wall -I../../build/include -LIBS = -L../.. -lbotan +CFLAGS = -O2 -ansi -W -Wall -I../build/include +LIBS = -L.. -lbotan SRCS=$(wildcard *.cpp) diff --git a/examples/socket.h b/examples/socket.h new file mode 100644 index 000000000..c4fa46600 --- /dev/null +++ b/examples/socket.h @@ -0,0 +1,211 @@ +/* +* Unix Socket +* (C) 2004-2010 Jack Lloyd +* +* Released under the terms of the Botan license +*/ + +#ifndef SOCKET_WRAPPER_H__ +#define SOCKET_WRAPPER_H__ + +#include <stdexcept> + +#include <sys/types.h> +#include <sys/socket.h> +#include <sys/time.h> +#include <netinet/in.h> +#include <netdb.h> +#include <unistd.h> +#include <errno.h> +#include <string.h> + +class Socket + { + public: + size_t read(unsigned char[], size_t); + void write(const unsigned char[], size_t); + + std::string peer_id() const { return peer; } + + void close() + { + if(sockfd != -1) + { + if(::close(sockfd) != 0) + throw std::runtime_error("Socket::close failed"); + sockfd = -1; + } + } + + Socket(int fd, const std::string& peer_id = "") : + peer(peer_id), sockfd(fd) + { + } + + Socket(const std::string&, unsigned short); + ~Socket() { close(); } + private: + std::string peer; + int sockfd; + }; + +class Server_Socket + { + public: + /** + * Accept a new connection + */ + Socket* accept() + { + int retval = ::accept(sockfd, 0, 0); + if(retval == -1) + throw std::runtime_error("Server_Socket: accept failed"); + return new Socket(retval); + } + + void close() + { + if(sockfd != -1) + { + if(::close(sockfd) != 0) + throw std::runtime_error("Server_Socket::close failed"); + sockfd = -1; + } + } + + Server_Socket(unsigned short); + ~Server_Socket() { close(); } + private: + int sockfd; + }; + +/** +* Unix Socket Constructor +*/ +Socket::Socket(const std::string& host, unsigned short port) : peer(host) + { + sockfd = -1; + + hostent* host_addr = ::gethostbyname(host.c_str()); + + if(host_addr == 0) + throw std::runtime_error("Socket: gethostbyname failed for " + host); + if(host_addr->h_addrtype != AF_INET) // FIXME + throw std::runtime_error("Socket: " + host + " has IPv6 address"); + + int fd = ::socket(PF_INET, SOCK_STREAM, 0); + if(fd == -1) + throw std::runtime_error("Socket: Unable to acquire socket"); + + sockaddr_in socket_info; + ::memset(&socket_info, 0, sizeof(socket_info)); + socket_info.sin_family = AF_INET; + socket_info.sin_port = htons(port); + + ::memcpy(&socket_info.sin_addr, + host_addr->h_addr, + host_addr->h_length); + + socket_info.sin_addr = *(struct in_addr*)host_addr->h_addr; // FIXME + + if(::connect(fd, (sockaddr*)&socket_info, sizeof(struct sockaddr)) != 0) + { + ::close(fd); + throw std::runtime_error("Socket: connect failed"); + } + + sockfd = fd; + } + +/** +* Read from a Unix socket +*/ +size_t Socket::read(unsigned char buf[], size_t length) + { + if(sockfd == -1) + throw std::runtime_error("Socket::read: Socket not connected"); + + size_t got = 0; + + while(length) + { + ssize_t this_time = ::recv(sockfd, buf + got, length, MSG_NOSIGNAL); + + if(this_time == 0) + break; + + if(this_time == -1) + { + if(errno == EINTR) + this_time = 0; + else + throw std::runtime_error("Socket::read: Socket read failed"); + } + + got += this_time; + length -= this_time; + } + return got; + } + +/** +* Write to a Unix socket +*/ +void Socket::write(const unsigned char buf[], size_t length) + { + if(sockfd == -1) + throw std::runtime_error("Socket::write: Socket not connected"); + + size_t offset = 0; + while(length) + { + ssize_t sent = ::send(sockfd, buf + offset, length, MSG_NOSIGNAL); + + if(sent == -1) + { + if(errno == EINTR) + sent = 0; + else + throw std::runtime_error("Socket::write: Socket write failed"); + } + + offset += sent; + length -= sent; + } + } + +/** +* Unix Server Socket Constructor +*/ +Server_Socket::Server_Socket(unsigned short port) + { + sockfd = -1; + + int fd = ::socket(PF_INET, SOCK_STREAM, 0); + if(fd == -1) + throw std::runtime_error("Server_Socket: Unable to acquire socket"); + + sockaddr_in socket_info; + ::memset(&socket_info, 0, sizeof(socket_info)); + socket_info.sin_family = AF_INET; + socket_info.sin_port = htons(port); + + // FIXME: support limiting listeners + socket_info.sin_addr.s_addr = INADDR_ANY; + + if(::bind(fd, (sockaddr*)&socket_info, sizeof(struct sockaddr)) != 0) + { + ::close(fd); + throw std::runtime_error("Server_Socket: bind failed"); + } + + if(listen(fd, 100) != 0) // FIXME: totally arbitrary + { + ::close(fd); + throw std::runtime_error("Server_Socket: listen failed"); + } + + sockfd = fd; + } + +#endif diff --git a/examples/tls_client.cpp b/examples/tls_client.cpp index 10ead20cc..9f6f6229a 100644 --- a/examples/tls_client.cpp +++ b/examples/tls_client.cpp @@ -6,7 +6,7 @@ #include <botan/init.h> #include <botan/tls_client.h> -#include <botan/unx_sock.h> +#include "socket.h" using namespace Botan; @@ -48,7 +48,7 @@ int main(int argc, char* argv[]) printf("Connecting to %s:%d...\n", host.c_str(), port); - Unix_Socket sock(argv[1], port); + Socket sock(argv[1], port); std::auto_ptr<Botan::RandomNumberGenerator> rng( Botan::RandomNumberGenerator::make_rng()); diff --git a/examples/tls_server.cpp b/examples/tls_server.cpp index da13953f8..087ba86fa 100644 --- a/examples/tls_server.cpp +++ b/examples/tls_server.cpp @@ -6,12 +6,13 @@ #include <botan/botan.h> #include <botan/tls_server.h> -#include <botan/unx_sock.h> #include <botan/rsa.h> #include <botan/dsa.h> #include <botan/x509self.h> +#include "socket.h" + using namespace Botan; #include <stdio.h> @@ -34,9 +35,9 @@ class Server_TLS_Policy : public TLS_Policy return true; } }; + int main(int argc, char* argv[]) { - int port = 4433; if(argc == 2) @@ -57,7 +58,7 @@ int main(int argc, char* argv[]) X509_Certificate cert = X509::create_self_signed_cert(options, key, "SHA-1", rng); - Unix_Server_Socket listener(port); + Server_Socket listener(port); Server_TLS_Policy policy; diff --git a/src/ssl/info.txt b/src/ssl/info.txt index 17e6fd1c0..586a6cec7 100644 --- a/src/ssl/info.txt +++ b/src/ssl/info.txt @@ -8,7 +8,6 @@ serious bugs or security issues. uses_tr1 yes <header:public> -socket.h tls_client.h tls_connection.h tls_exceptn.h diff --git a/src/ssl/socket.h b/src/ssl/socket.h deleted file mode 100644 index 6d88bd48a..000000000 --- a/src/ssl/socket.h +++ /dev/null @@ -1,46 +0,0 @@ -/* -* Socket Interface -* (C) 2004-2006 Jack Lloyd -* -* Released under the terms of the Botan license -*/ - -#ifndef BOTAN_TLS_SOCKET_H__ -#define BOTAN_TLS_SOCKET_H__ - -#include <botan/types.h> -#include <string> - -namespace Botan { - -/** -* Socket Base Class -*/ -class BOTAN_DLL Socket - { - public: - virtual size_t read(byte[], size_t) = 0; - virtual void write(const byte[], size_t) = 0; - - virtual std::string peer_id() const = 0; - - virtual void close() = 0; - - virtual ~Socket() {} - }; - -/** -* Server Socket Base Class -*/ -class BOTAN_DLL Server_Socket - { - public: - virtual Socket* accept() = 0; - virtual void close() = 0; - - virtual ~Server_Socket() {} - }; - -} - -#endif diff --git a/src/ssl/unix_socket/info.txt b/src/ssl/unix_socket/info.txt deleted file mode 100644 index 15fc50f5b..000000000 --- a/src/ssl/unix_socket/info.txt +++ /dev/null @@ -1,20 +0,0 @@ -define UNIX_SOCKET - -<source> -unx_sock.cpp -</source> - -<header:public> -unx_sock.h -</header:public> - -<requires> -ssl -</requires> - -<os> -linux -freebsd -netbsd -solaris -</os> diff --git a/src/ssl/unix_socket/unx_sock.cpp b/src/ssl/unix_socket/unx_sock.cpp deleted file mode 100644 index a7c19b70c..000000000 --- a/src/ssl/unix_socket/unx_sock.cpp +++ /dev/null @@ -1,206 +0,0 @@ -/* -* Unix Socket -* (C) 2004-2010 Jack Lloyd -* -* Released under the terms of the Botan license -*/ - -#include <botan/unx_sock.h> -#include <botan/exceptn.h> - -#include <sys/types.h> -#include <sys/socket.h> -#include <sys/time.h> -#include <netinet/in.h> -#include <netdb.h> -#include <unistd.h> -#include <errno.h> -#include <string.h> - -namespace Botan { - -/** -* Unix Socket Constructor -*/ -Unix_Socket::Unix_Socket(const std::string& host, u16bit port) : peer(host) - { - sockfd = -1; - - hostent* host_addr = ::gethostbyname(host.c_str()); - - if(host_addr == 0) - throw Stream_IO_Error("Unix_Socket: gethostbyname failed for " + host); - if(host_addr->h_addrtype != AF_INET) // FIXME - throw Stream_IO_Error("Unix_Socket: " + host + " has IPv6 address"); - - int fd = ::socket(PF_INET, SOCK_STREAM, 0); - if(fd == -1) - throw Stream_IO_Error("Unix_Socket: Unable to acquire socket"); - - sockaddr_in socket_info; - ::memset(&socket_info, 0, sizeof(socket_info)); - socket_info.sin_family = AF_INET; - socket_info.sin_port = htons(port); - - ::memcpy(&socket_info.sin_addr, - host_addr->h_addr, - host_addr->h_length); - - socket_info.sin_addr = *(struct in_addr*)host_addr->h_addr; // FIXME - - if(::connect(fd, (sockaddr*)&socket_info, sizeof(struct sockaddr)) != 0) - { - ::close(fd); - throw Stream_IO_Error("Unix_Socket: connect failed"); - } - - sockfd = fd; - } - -/** -* Unix Socket Constructor -*/ -Unix_Socket::Unix_Socket(int fd, const std::string& peer_id) - { - sockfd = fd; - peer = peer_id; - } - -/** -* Read from a Unix socket -*/ -size_t Unix_Socket::read(byte buf[], size_t length) - { - if(sockfd == -1) - throw Stream_IO_Error("Unix_Socket::read: Socket not connected"); - - size_t got = 0; - - while(length) - { - ssize_t this_time = ::recv(sockfd, buf + got, length, MSG_NOSIGNAL); - - if(this_time == 0) - break; - - if(this_time == -1) - { - if(errno == EINTR) - this_time = 0; - else - throw Stream_IO_Error("Unix_Socket::read: Socket read failed"); - } - - got += this_time; - length -= this_time; - } - return got; - } - -/** -* Write to a Unix socket -*/ -void Unix_Socket::write(const byte buf[], size_t length) - { - if(sockfd == -1) - throw Stream_IO_Error("Unix_Socket::write: Socket not connected"); - - size_t offset = 0; - while(length) - { - ssize_t sent = ::send(sockfd, buf + offset, length, MSG_NOSIGNAL); - - if(sent == -1) - { - if(errno == EINTR) - sent = 0; - else - throw Stream_IO_Error("Unix_Socket::write: Socket write failed"); - } - - offset += sent; - length -= sent; - } - } - -/** -* Close a Unix socket -*/ -void Unix_Socket::close() - { - if(sockfd != -1) - { - if(::close(sockfd) != 0) - throw Stream_IO_Error("Unix_Socket::close failed"); - sockfd = -1; - } - } - -/** -* Return the peer's name -*/ -std::string Unix_Socket::peer_id() const - { - return peer; - } - -/** -* Unix Server Socket Constructor -*/ -Unix_Server_Socket::Unix_Server_Socket(u16bit port) - { - sockfd = -1; - - int fd = ::socket(PF_INET, SOCK_STREAM, 0); - if(fd == -1) - throw Stream_IO_Error("Unix_Server_Socket: Unable to acquire socket"); - - sockaddr_in socket_info; - ::memset(&socket_info, 0, sizeof(socket_info)); - socket_info.sin_family = AF_INET; - socket_info.sin_port = htons(port); - - // FIXME: support limiting listeners - socket_info.sin_addr.s_addr = INADDR_ANY; - - if(::bind(fd, (sockaddr*)&socket_info, sizeof(struct sockaddr)) != 0) - { - ::close(fd); - throw Stream_IO_Error("Unix_Server_Socket: bind failed"); - } - - if(listen(fd, 100) != 0) // FIXME: totally arbitrary - { - ::close(fd); - throw Stream_IO_Error("Unix_Server_Socket: listen failed"); - } - - sockfd = fd; - } - -/** -* Close a Unix socket -*/ -void Unix_Server_Socket::close() - { - if(sockfd != -1) - { - if(::close(sockfd) != 0) - throw Stream_IO_Error("Unix_Server_Socket::close failed"); - sockfd = -1; - } - } - -/** -* Accept a new connection -*/ -Socket* Unix_Server_Socket::accept() - { - // FIXME: grab IP of remote side, use gethostbyaddr, store as peer_id - int retval = ::accept(sockfd, 0, 0); - if(retval == -1) - throw Stream_IO_Error("Unix_Server_Socket: accept failed"); - return new Unix_Socket(retval); - } - -} diff --git a/src/ssl/unix_socket/unx_sock.h b/src/ssl/unix_socket/unx_sock.h deleted file mode 100644 index 58c7ada69..000000000 --- a/src/ssl/unix_socket/unx_sock.h +++ /dev/null @@ -1,62 +0,0 @@ -/* -* Unix Socket -* (C) 2004-2006 Jack Lloyd -* -* Released under the terms of the Botan license -*/ - -#ifndef BOTAN_TLS_SOCKET_UNIX_H__ -#define BOTAN_TLS_SOCKET_UNIX_H__ - -#include <botan/socket.h> - -namespace Botan { - -/** - FIXME: the current socket interface is totally unusable - It has to handle (cleanly): - - TCP, UDP, and SCTP, where UDP is only usable with DTLS and - TCP/SCTP is only usable with TLS. - - Alternate socket interfaces (ACE, Netxx, whatever) with - minimal wrapping needed. -*/ - - -/** -* Unix Socket Base Class -*/ -class BOTAN_DLL Unix_Socket : public Socket - { - public: - size_t read(byte[], size_t); - void write(const byte[], size_t); - - std::string peer_id() const; - - void close(); - Unix_Socket(int, const std::string& = ""); - Unix_Socket(const std::string&, u16bit); - ~Unix_Socket() { close(); } - private: - std::string peer; - int sockfd; - }; - -/** -* Unix Server Socket Base Class -*/ -class BOTAN_DLL Unix_Server_Socket : public Server_Socket - { - public: - Socket* accept(); - void close(); - - Unix_Server_Socket(u16bit); - ~Unix_Server_Socket() { close(); } - private: - int sockfd; - }; - -} - -#endif |