From d28a1042a0f88f32547b9200e92e3566dd08dabb Mon Sep 17 00:00:00 2001 From: Delyan Angelov Date: Sun, 12 Jul 2020 15:21:40 +0300 Subject: [PATCH] net.http, net.websocket: allow importing both in the same app --- vlib/net/http/backend_nix.c.v | 65 +++-------------------------------- vlib/net/openssl/c.v | 60 ++++++++++++++++++++++++++++++++ vlib/net/websocket/ssl.v | 52 +++------------------------- 3 files changed, 69 insertions(+), 108 deletions(-) create mode 100644 vlib/net/openssl/c.v diff --git a/vlib/net/http/backend_nix.c.v b/vlib/net/http/backend_nix.c.v index 6157e94a15..738ee5d9d9 100644 --- a/vlib/net/http/backend_nix.c.v +++ b/vlib/net/http/backend_nix.c.v @@ -4,66 +4,11 @@ module http import strings +import net.openssl -// On linux, prefer a localy build openssl, because it is -// much more likely for it to be newer, than the system -// openssl from libssl-dev. If there is no local openssl, -// the next flag is harmless, since it will still use the -// (older) system openssl. -#flag linux -I/usr/local/include/openssl -L/usr/local/lib -#flag -l ssl -l crypto -// MacPorts -#flag darwin -I/opt/local/include -#flag darwin -L/opt/local/lib -// Brew -#flag darwin -I/usr/local/opt/openssl/include -#flag darwin -L/usr/local/opt/openssl/lib -#include - -struct C.ssl_st {} - -fn C.SSL_library_init() - -fn C.TLSv1_2_method() voidptr - -fn C.SSL_CTX_set_options() - -fn C.SSL_CTX_new() voidptr - -fn C.SSL_CTX_set_verify_depth() - -fn C.SSL_CTX_load_verify_locations() int - -fn C.BIO_new_ssl_connect() voidptr - -fn C.BIO_set_conn_hostname() int - -fn C.BIO_get_ssl() - -fn C.SSL_set_cipher_list() int - -fn C.BIO_do_connect() int - -fn C.BIO_do_handshake() int - -fn C.SSL_get_peer_certificate() int - -fn C.SSL_get_verify_result() int - -fn C.SSL_set_tlsext_host_name() int - -fn C.BIO_puts() - -fn C.BIO_read() int - -fn C.BIO_free_all() - -fn C.SSL_CTX_free() - -fn init() int { - C.SSL_library_init() - return 1 -} +const ( + is_used = openssl.is_used +) fn (req &Request) ssl_do(port int, method, host_name, path string) ?Response { // ssl_method := C.SSLv23_method() @@ -76,7 +21,7 @@ fn (req &Request) ssl_do(port int, method, host_name, path string) ?Response { web := C.BIO_new_ssl_connect(ctx) addr := host_name + ':' + port.str() res = C.BIO_set_conn_hostname(web, addr.str) - ssl := &C.ssl_st(0) + ssl := &openssl.SSL(0) C.BIO_get_ssl(web, &ssl) preferred_ciphers := 'HIGH:!aNULL:!kRSA:!PSK:!SRP:!MD5:!RC4' res = C.SSL_set_cipher_list(ssl, preferred_ciphers.str) diff --git a/vlib/net/openssl/c.v b/vlib/net/openssl/c.v new file mode 100644 index 0000000000..ff4cd5db1a --- /dev/null +++ b/vlib/net/openssl/c.v @@ -0,0 +1,60 @@ +module openssl + +// On linux, prefer a localy build openssl, because it is +// much more likely for it to be newer, than the system +// openssl from libssl-dev. If there is no local openssl, +// the next flag is harmless, since it will still use the +// (older) system openssl. +#flag linux -I/usr/local/include/openssl -L/usr/local/lib +#flag -l ssl -l crypto +// MacPorts +#flag darwin -I/opt/local/include +#flag darwin -L/opt/local/lib +// Brew +#flag darwin -I/usr/local/opt/openssl/include +#flag darwin -L/usr/local/opt/openssl/lib +#include +#include +#include + +pub struct C.SSL {} +pub struct SSL_CTX {} +pub struct SSL {} +pub struct SSL_METHOD {} + +fn C.BIO_new_ssl_connect() voidptr +fn C.BIO_set_conn_hostname() int +fn C.BIO_get_ssl() +fn C.BIO_do_connect() int +fn C.BIO_do_handshake() int +fn C.BIO_puts() +fn C.BIO_read() int +fn C.BIO_free_all() +fn C.SSL_CTX_new() &C.SSL_CTX +fn C.SSL_CTX_set_options() +fn C.SSL_CTX_set_verify_depth() +fn C.SSL_CTX_load_verify_locations() int +fn C.SSL_CTX_free() +fn C.SSL_new() &C.SSL +fn C.SSL_set_fd() int +fn C.SSL_connect() int +fn C.SSL_set_cipher_list() int +fn C.SSL_get_peer_certificate() int +fn C.SSL_get_verify_result() int +fn C.SSL_set_tlsext_host_name() int +fn C.SSL_shutdown() +fn C.SSL_free() +fn C.SSL_write() int +fn C.SSL_read() int +fn C.SSL_load_error_strings() +fn C.SSL_library_init() +fn C.SSLv23_client_method() &C.SSL_METHOD +fn C.TLSv1_2_method() voidptr + +fn init() { + C.SSL_library_init() +} + +pub const ( + is_used = 1 +) diff --git a/vlib/net/websocket/ssl.v b/vlib/net/websocket/ssl.v index fbb37dd07d..83df1e9cb4 100644 --- a/vlib/net/websocket/ssl.v +++ b/vlib/net/websocket/ssl.v @@ -1,58 +1,14 @@ module websocket -// On linux, prefer a localy build openssl, because it is -// much more likely for it to be newer, than the system -// openssl from libssl-dev. If there is no local openssl, -// the next flag is harmless, since it will still use the -// (older) system openssl. -#flag linux -I/usr/local/include/openssl -L/usr/local/lib -#flag -lssl -// MacPorts -#flag darwin -I/opt/local/include -#flag darwin -L/opt/local/lib -// Brew -#flag darwin -I/usr/local/opt/openssl/include -#flag darwin -L/usr/local/opt/openssl/lib -#include -#include -#include -struct SSL_CTX { -} +import net.openssl -struct SSL { -} - -struct SSL_METHOD { -} - -fn C.SSL_load_error_strings() - -fn C.SSL_library_init() - -fn C.SSLv23_client_method() &C.SSL_METHOD - -fn C.SSL_CTX_new() &C.SSL_CTX - -fn C.SSL_new() &C.SSL - -fn C.SSL_set_fd() int - -fn C.SSL_connect() int - -fn C.SSL_shutdown() - -fn C.SSL_free() - -fn C.SSL_CTX_free() - -fn C.SSL_write() int - -fn C.SSL_read() int +const ( + is_used = openssl.is_used +) fn (mut ws Client) connect_ssl() { l.i('Using secure SSL connection') C.SSL_load_error_strings() - C.SSL_library_init() ws.sslctx = C.SSL_CTX_new(C.SSLv23_client_method()) if ws.sslctx == 0 { l.f("Couldn't get ssl context")