2016-06-18 20:46:12 +08:00
|
|
|
/*************************************************************************/
|
|
|
|
/* stream_peer_openssl.h */
|
|
|
|
/*************************************************************************/
|
|
|
|
/* This file is part of: */
|
|
|
|
/* GODOT ENGINE */
|
2017-08-27 20:16:55 +08:00
|
|
|
/* https://godotengine.org */
|
2016-06-18 20:46:12 +08:00
|
|
|
/*************************************************************************/
|
2018-01-01 21:40:08 +08:00
|
|
|
/* Copyright (c) 2007-2018 Juan Linietsky, Ariel Manzur. */
|
|
|
|
/* Copyright (c) 2014-2018 Godot Engine contributors (cf. AUTHORS.md) */
|
2016-06-18 20:46:12 +08:00
|
|
|
/* */
|
|
|
|
/* Permission is hereby granted, free of charge, to any person obtaining */
|
|
|
|
/* a copy of this software and associated documentation files (the */
|
|
|
|
/* "Software"), to deal in the Software without restriction, including */
|
|
|
|
/* without limitation the rights to use, copy, modify, merge, publish, */
|
|
|
|
/* distribute, sublicense, and/or sell copies of the Software, and to */
|
|
|
|
/* permit persons to whom the Software is furnished to do so, subject to */
|
|
|
|
/* the following conditions: */
|
|
|
|
/* */
|
|
|
|
/* The above copyright notice and this permission notice shall be */
|
|
|
|
/* included in all copies or substantial portions of the Software. */
|
|
|
|
/* */
|
|
|
|
/* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, */
|
|
|
|
/* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF */
|
|
|
|
/* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.*/
|
|
|
|
/* IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY */
|
|
|
|
/* CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, */
|
|
|
|
/* TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE */
|
|
|
|
/* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */
|
|
|
|
/*************************************************************************/
|
2018-01-05 07:50:27 +08:00
|
|
|
|
2014-04-29 08:56:43 +08:00
|
|
|
#ifndef STREAM_PEER_OPEN_SSL_H
|
|
|
|
#define STREAM_PEER_OPEN_SSL_H
|
|
|
|
|
2017-03-05 23:44:50 +08:00
|
|
|
#include "io/stream_peer_ssl.h"
|
2014-05-01 20:53:37 +08:00
|
|
|
#include "os/file_access.h"
|
2017-07-22 18:47:04 +08:00
|
|
|
#include "project_settings.h"
|
2017-04-29 01:28:21 +08:00
|
|
|
|
|
|
|
#include "thirdparty/misc/curl_hostcheck.h"
|
2014-05-01 20:53:37 +08:00
|
|
|
|
2014-04-29 08:56:43 +08:00
|
|
|
#include <openssl/bio.h> // BIO objects for I/O
|
|
|
|
#include <openssl/err.h> // Error reporting
|
2017-03-05 23:44:50 +08:00
|
|
|
#include <openssl/ssl.h> // SSL and SSL_CTX for SSL connections
|
2014-04-29 08:56:43 +08:00
|
|
|
#include <openssl/x509v3.h>
|
|
|
|
|
2017-04-29 01:28:21 +08:00
|
|
|
#include <stdio.h>
|
|
|
|
|
2014-04-29 08:56:43 +08:00
|
|
|
class StreamPeerOpenSSL : public StreamPeerSSL {
|
|
|
|
private:
|
2017-03-05 23:44:50 +08:00
|
|
|
static int _bio_create(BIO *b);
|
|
|
|
static int _bio_destroy(BIO *b);
|
|
|
|
static int _bio_read(BIO *b, char *buf, int len);
|
|
|
|
static int _bio_write(BIO *b, const char *buf, int len);
|
|
|
|
static long _bio_ctrl(BIO *b, int cmd, long num, void *ptr);
|
|
|
|
static int _bio_gets(BIO *b, char *buf, int len);
|
|
|
|
static int _bio_puts(BIO *b, const char *str);
|
2014-04-29 08:56:43 +08:00
|
|
|
|
2017-10-18 10:03:00 +08:00
|
|
|
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
|
2017-09-24 13:45:02 +08:00
|
|
|
static BIO_METHOD *_bio_method;
|
|
|
|
#else
|
2014-04-29 08:56:43 +08:00
|
|
|
static BIO_METHOD _bio_method;
|
2017-09-24 13:45:02 +08:00
|
|
|
#endif
|
|
|
|
static BIO_METHOD *_get_bio_method();
|
2014-04-29 08:56:43 +08:00
|
|
|
|
|
|
|
static bool _match_host_name(const char *name, const char *hostname);
|
|
|
|
static Error _match_common_name(const char *hostname, const X509 *server_cert);
|
|
|
|
static Error _match_subject_alternative_name(const char *hostname, const X509 *server_cert);
|
|
|
|
|
|
|
|
static int _cert_verify_callback(X509_STORE_CTX *x509_ctx, void *arg);
|
|
|
|
|
|
|
|
Status status;
|
|
|
|
String hostname;
|
|
|
|
int max_cert_chain_depth;
|
2017-03-05 23:44:50 +08:00
|
|
|
SSL_CTX *ctx;
|
|
|
|
SSL *ssl;
|
|
|
|
BIO *bio;
|
2014-04-29 08:56:43 +08:00
|
|
|
bool connected;
|
|
|
|
int flags;
|
|
|
|
bool use_blocking;
|
|
|
|
bool validate_certs;
|
|
|
|
bool validate_hostname;
|
|
|
|
|
|
|
|
Ref<StreamPeer> base;
|
|
|
|
|
2017-03-05 23:44:50 +08:00
|
|
|
static StreamPeerSSL *_create_func();
|
2014-04-29 08:56:43 +08:00
|
|
|
void _print_error(int err);
|
|
|
|
|
2017-03-05 23:44:50 +08:00
|
|
|
static Vector<X509 *> certs;
|
|
|
|
|
|
|
|
static void _load_certs(const PoolByteArray &p_array);
|
2014-04-29 08:56:43 +08:00
|
|
|
|
|
|
|
protected:
|
|
|
|
static void _bind_methods();
|
|
|
|
|
2017-03-05 23:44:50 +08:00
|
|
|
public:
|
2017-01-14 22:07:57 +08:00
|
|
|
virtual Error accept_stream(Ref<StreamPeer> p_base);
|
2017-03-05 23:44:50 +08:00
|
|
|
virtual Error connect_to_stream(Ref<StreamPeer> p_base, bool p_validate_certs = false, const String &p_for_hostname = String());
|
2014-04-29 08:56:43 +08:00
|
|
|
virtual Status get_status() const;
|
|
|
|
|
2017-01-14 22:07:57 +08:00
|
|
|
virtual void disconnect_from_stream();
|
2014-04-29 08:56:43 +08:00
|
|
|
|
2017-03-05 23:44:50 +08:00
|
|
|
virtual Error put_data(const uint8_t *p_data, int p_bytes);
|
|
|
|
virtual Error put_partial_data(const uint8_t *p_data, int p_bytes, int &r_sent);
|
2014-04-29 08:56:43 +08:00
|
|
|
|
2017-03-05 23:44:50 +08:00
|
|
|
virtual Error get_data(uint8_t *p_buffer, int p_bytes);
|
|
|
|
virtual Error get_partial_data(uint8_t *p_buffer, int p_bytes, int &r_received);
|
2014-04-29 08:56:43 +08:00
|
|
|
|
2015-12-13 23:53:29 +08:00
|
|
|
virtual int get_available_bytes() const;
|
|
|
|
|
2014-04-29 08:56:43 +08:00
|
|
|
static void initialize_ssl();
|
|
|
|
static void finalize_ssl();
|
|
|
|
|
|
|
|
StreamPeerOpenSSL();
|
|
|
|
~StreamPeerOpenSSL();
|
|
|
|
};
|
|
|
|
|
|
|
|
#endif // STREAM_PEER_SSL_H
|