net.http, net.websocket: allow importing both in the same app
Delyan Angelov
parent
53ee5eb043
commit
d28a1042a0
|
|
@ -4,66 +4,11 @@
|
|||
module http
|
||||
|
||||
import strings
|
||||
import net.openssl
|
||||
|
||||
// On linux, prefer a localy build openssl, because it is
|
||||
// much more likely for it to be newer, than the system
|
||||
// openssl from libssl-dev. If there is no local openssl,
|
||||
// the next flag is harmless, since it will still use the
|
||||
// (older) system openssl.
|
||||
#flag linux -I/usr/local/include/openssl -L/usr/local/lib
|
||||
#flag -l ssl -l crypto
|
||||
// MacPorts
|
||||
#flag darwin -I/opt/local/include
|
||||
#flag darwin -L/opt/local/lib
|
||||
// Brew
|
||||
#flag darwin -I/usr/local/opt/openssl/include
|
||||
#flag darwin -L/usr/local/opt/openssl/lib
|
||||
#include <openssl/ssl.h>
|
||||
|
||||
struct C.ssl_st {}
|
||||
|
||||
fn C.SSL_library_init()
|
||||
|
||||
fn C.TLSv1_2_method() voidptr
|
||||
|
||||
fn C.SSL_CTX_set_options()
|
||||
|
||||
fn C.SSL_CTX_new() voidptr
|
||||
|
||||
fn C.SSL_CTX_set_verify_depth()
|
||||
|
||||
fn C.SSL_CTX_load_verify_locations() int
|
||||
|
||||
fn C.BIO_new_ssl_connect() voidptr
|
||||
|
||||
fn C.BIO_set_conn_hostname() int
|
||||
|
||||
fn C.BIO_get_ssl()
|
||||
|
||||
fn C.SSL_set_cipher_list() int
|
||||
|
||||
fn C.BIO_do_connect() int
|
||||
|
||||
fn C.BIO_do_handshake() int
|
||||
|
||||
fn C.SSL_get_peer_certificate() int
|
||||
|
||||
fn C.SSL_get_verify_result() int
|
||||
|
||||
fn C.SSL_set_tlsext_host_name() int
|
||||
|
||||
fn C.BIO_puts()
|
||||
|
||||
fn C.BIO_read() int
|
||||
|
||||
fn C.BIO_free_all()
|
||||
|
||||
fn C.SSL_CTX_free()
|
||||
|
||||
fn init() int {
|
||||
C.SSL_library_init()
|
||||
return 1
|
||||
}
|
||||
const (
|
||||
is_used = openssl.is_used
|
||||
)
|
||||
|
||||
fn (req &Request) ssl_do(port int, method, host_name, path string) ?Response {
|
||||
// ssl_method := C.SSLv23_method()
|
||||
|
|
@ -76,7 +21,7 @@ fn (req &Request) ssl_do(port int, method, host_name, path string) ?Response {
|
|||
web := C.BIO_new_ssl_connect(ctx)
|
||||
addr := host_name + ':' + port.str()
|
||||
res = C.BIO_set_conn_hostname(web, addr.str)
|
||||
ssl := &C.ssl_st(0)
|
||||
ssl := &openssl.SSL(0)
|
||||
C.BIO_get_ssl(web, &ssl)
|
||||
preferred_ciphers := 'HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4'
|
||||
res = C.SSL_set_cipher_list(ssl, preferred_ciphers.str)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,60 @@
|
|||
module openssl
|
||||
|
||||
// On linux, prefer a localy build openssl, because it is
|
||||
// much more likely for it to be newer, than the system
|
||||
// openssl from libssl-dev. If there is no local openssl,
|
||||
// the next flag is harmless, since it will still use the
|
||||
// (older) system openssl.
|
||||
#flag linux -I/usr/local/include/openssl -L/usr/local/lib
|
||||
#flag -l ssl -l crypto
|
||||
// MacPorts
|
||||
#flag darwin -I/opt/local/include
|
||||
#flag darwin -L/opt/local/lib
|
||||
// Brew
|
||||
#flag darwin -I/usr/local/opt/openssl/include
|
||||
#flag darwin -L/usr/local/opt/openssl/lib
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
|
||||
pub struct C.SSL {}
|
||||
pub struct SSL_CTX {}
|
||||
pub struct SSL {}
|
||||
pub struct SSL_METHOD {}
|
||||
|
||||
fn C.BIO_new_ssl_connect() voidptr
|
||||
fn C.BIO_set_conn_hostname() int
|
||||
fn C.BIO_get_ssl()
|
||||
fn C.BIO_do_connect() int
|
||||
fn C.BIO_do_handshake() int
|
||||
fn C.BIO_puts()
|
||||
fn C.BIO_read() int
|
||||
fn C.BIO_free_all()
|
||||
fn C.SSL_CTX_new() &C.SSL_CTX
|
||||
fn C.SSL_CTX_set_options()
|
||||
fn C.SSL_CTX_set_verify_depth()
|
||||
fn C.SSL_CTX_load_verify_locations() int
|
||||
fn C.SSL_CTX_free()
|
||||
fn C.SSL_new() &C.SSL
|
||||
fn C.SSL_set_fd() int
|
||||
fn C.SSL_connect() int
|
||||
fn C.SSL_set_cipher_list() int
|
||||
fn C.SSL_get_peer_certificate() int
|
||||
fn C.SSL_get_verify_result() int
|
||||
fn C.SSL_set_tlsext_host_name() int
|
||||
fn C.SSL_shutdown()
|
||||
fn C.SSL_free()
|
||||
fn C.SSL_write() int
|
||||
fn C.SSL_read() int
|
||||
fn C.SSL_load_error_strings()
|
||||
fn C.SSL_library_init()
|
||||
fn C.SSLv23_client_method() &C.SSL_METHOD
|
||||
fn C.TLSv1_2_method() voidptr
|
||||
|
||||
fn init() {
|
||||
C.SSL_library_init()
|
||||
}
|
||||
|
||||
pub const (
|
||||
is_used = 1
|
||||
)
|
||||
|
|
@ -1,58 +1,14 @@
|
|||
module websocket
|
||||
|
||||
// On linux, prefer a localy build openssl, because it is
|
||||
// much more likely for it to be newer, than the system
|
||||
// openssl from libssl-dev. If there is no local openssl,
|
||||
// the next flag is harmless, since it will still use the
|
||||
// (older) system openssl.
|
||||
#flag linux -I/usr/local/include/openssl -L/usr/local/lib
|
||||
#flag -lssl
|
||||
// MacPorts
|
||||
#flag darwin -I/opt/local/include
|
||||
#flag darwin -L/opt/local/lib
|
||||
// Brew
|
||||
#flag darwin -I/usr/local/opt/openssl/include
|
||||
#flag darwin -L/usr/local/opt/openssl/lib
|
||||
#include <openssl/rand.h>
|
||||
#include <openssl/ssl.h>
|
||||
#include <openssl/err.h>
|
||||
struct SSL_CTX {
|
||||
}
|
||||
import net.openssl
|
||||
|
||||
struct SSL {
|
||||
}
|
||||
|
||||
struct SSL_METHOD {
|
||||
}
|
||||
|
||||
fn C.SSL_load_error_strings()
|
||||
|
||||
fn C.SSL_library_init()
|
||||
|
||||
fn C.SSLv23_client_method() &C.SSL_METHOD
|
||||
|
||||
fn C.SSL_CTX_new() &C.SSL_CTX
|
||||
|
||||
fn C.SSL_new() &C.SSL
|
||||
|
||||
fn C.SSL_set_fd() int
|
||||
|
||||
fn C.SSL_connect() int
|
||||
|
||||
fn C.SSL_shutdown()
|
||||
|
||||
fn C.SSL_free()
|
||||
|
||||
fn C.SSL_CTX_free()
|
||||
|
||||
fn C.SSL_write() int
|
||||
|
||||
fn C.SSL_read() int
|
||||
const (
|
||||
is_used = openssl.is_used
|
||||
)
|
||||
|
||||
fn (mut ws Client) connect_ssl() {
|
||||
l.i('Using secure SSL connection')
|
||||
C.SSL_load_error_strings()
|
||||
C.SSL_library_init()
|
||||
ws.sslctx = C.SSL_CTX_new(C.SSLv23_client_method())
|
||||
if ws.sslctx == 0 {
|
||||
l.f("Couldn't get ssl context")
|
||||
|
|
|
|||
Loading…
Reference in New Issue