Codebase list erlang-p1-tls / 407cb57
Merge branch 'master' into jessie-backports Philipp Huebner 7 years ago
13 changed file(s) with 230 addition(s) and 72 deletion(s). Raw diff Collapse all Expand all
+18
-0
CHANGELOG.md less more
0 # Version 1.0.5
1
2 * OpenSSL 1.1.0 compliance (Paweł Chmielowski)
3 * Use p1_utils 1.0.4 (Mickaël Rémond)
4
5 # Version 1.0.4
6
7 * Better compliance with R17 and R18 (Paweł Chmielowski)
8
9 # Version 1.0.3
10
11 * Do not call internal erlang erl_exit function (Christophe Romain)
12
13 # Version 1.0.2
14
15 * Add support for cafile option (Evgeny Khramtsov)
16 * Better error checks (Michael Santos)
17
018 # Version 1.0.1
119
220 * Build improve, remove check on Erlang version for better build chain compliance (Mickaël Rémond)
+150
-59
c_src/fast_tls_drv.c less more
1919 #include <erl_driver.h>
2020 #include <openssl/err.h>
2121 #include <openssl/ssl.h>
22 #include <openssl/opensslv.h>
2223 #include <sys/types.h>
2324 #include <sys/stat.h>
2425 #include <stdint.h>
2526 #include "options.h"
27
28 #if OPENSSL_VERSION_NUMBER < 0x10100000L
29 #define DH_set0_pqg(dh, dh_p, NULL, dh_g) (dh)->p = dh_p; (dh)->g = dh_g
30 #endif
2631
2732 #define BUF_SIZE 1024
2833
5257
5358 #define CIPHERS "DEFAULT:!EXPORT:!LOW:!RC4:!SSLv2"
5459
60 /* Wrappers around driver_alloc() that check */
61 /* for OOM. */
62
63 #ifdef HAS_ERTS_EXIT
64 void erts_exit(int n, char* v, ...);
65 #define erl_exit erts_exit
66 #else
67 void erl_exit(int n, char* v, ...);
68 #endif
69
70 void *ftls_alloc(ErlDrvSizeT size);
71 void *ftls_realloc(void *ptr, ErlDrvSizeT size);
72 ErlDrvBinary *ftls_alloc_binary(ErlDrvSizeT size);
73 ErlDrvBinary *ftls_realloc_binary(ErlDrvBinary *bin, ErlDrvSizeT size);
74
75 void *ftls_alloc(ErlDrvSizeT size) {
76 void *p = driver_alloc(size);
77 if (p == NULL) {
78 erl_exit(1, "fast_tls: Can't allocate %lu bytes of memory\n", size);
79 }
80 return p;
81 }
82
83 void *ftls_realloc(void *ptr, ErlDrvSizeT size) {
84 void *p = driver_realloc(ptr, size);
85 if (p == NULL) {
86 erl_exit(1, "fast_tls: Can't reallocate %lu bytes of memory\n", size);
87 }
88 return p;
89 }
90
91 ErlDrvBinary *ftls_alloc_binary(ErlDrvSizeT size) {
92 ErlDrvBinary *p = driver_alloc_binary(size);
93 if (p == NULL) {
94 erl_exit(1, "fast_tls: Can't allocate %lu binary\n", size);
95 }
96 return p;
97 }
98
99 ErlDrvBinary *ftls_realloc_binary(ErlDrvBinary *bin, ErlDrvSizeT size) {
100 ErlDrvBinary *p = driver_realloc_binary(bin, size);
101 if (p == NULL) {
102 erl_exit(1, "fast_tls: Can't reallocate %lu binary\n", size);
103 }
104 return p;
105 }
106
55107 /**
56108 * Prepare the SSL options flag.
57109 **/
58 static int set_option_flag(const char *opt, long *flag)
110 static int set_option_flag(const char *opt, unsigned long *flag)
59111 {
60112 ssl_option_t *p;
61113 for (p = ssl_options; p->name; p++) {
108160 char *key;
109161 time_t key_mtime;
110162 time_t dh_mtime;
163 time_t ca_mtime;
111164 SSL_CTX *ssl_ctx;
112165 struct bucket *next;
113166 };
125178 {
126179 size_t size = 1 << (MIN_LEVEL + 1);
127180 size_t i;
128 ht.buckets = (struct bucket **)driver_alloc(sizeof(struct bucket *) * size);
181 ht.buckets = ftls_alloc(sizeof(struct bucket *) * size);
129182 ht.split = 0;
130183 ht.level = MIN_LEVEL;
131184 for (i = 0; i < size; i++)
134187 }
135188
136189 static void hash_table_insert(char *key, time_t key_mtime, time_t dh_mtime,
137 SSL_CTX *ssl_ctx)
190 time_t ca_mtime, SSL_CTX *ssl_ctx)
138191 {
139192 int level, split;
140193 uint32_t hash = str_hash(key);
155208 if (el->hash == hash && strcmp(el->key, key) == 0) {
156209 el->key_mtime = key_mtime;
157210 el->dh_mtime = dh_mtime;
211 el->ca_mtime = ca_mtime;
158212 if (el->ssl_ctx != NULL)
159213 SSL_CTX_free(el->ssl_ctx);
160214 el->ssl_ctx = ssl_ctx;
167221 if (ht.buckets[bucket] != NULL)
168222 do_split = !0;
169223
170 new_bucket_el = (struct bucket *)driver_alloc(sizeof(struct bucket));
224 new_bucket_el = ftls_alloc(sizeof(struct bucket));
171225 new_bucket_el->hash = hash;
172 new_bucket_el->key = (char *)driver_alloc(strlen(key) + 1);
226 new_bucket_el->key = ftls_alloc(strlen(key) + 1);
173227 strcpy(new_bucket_el->key, key);
174228 new_bucket_el->key_mtime = key_mtime;
175229 new_bucket_el->dh_mtime = dh_mtime;
230 new_bucket_el->ca_mtime = ca_mtime;
176231 new_bucket_el->ssl_ctx = ssl_ctx;
177232 new_bucket_el->next = ht.buckets[bucket];
178233 ht.buckets[bucket] = new_bucket_el;
200255 size = 1 << (level + 1);
201256 ht.split = split;
202257 ht.level = level;
203 ht.buckets = (struct bucket **)
204 driver_realloc(ht.buckets, sizeof(struct bucket *) * size);
258 ht.buckets = ftls_realloc(ht.buckets, sizeof(struct bucket *) * size);
205259 for (i = 1 << level; i < size; i++)
206260 ht.buckets[i] = NULL;
207261 } else
210264 }
211265
212266 static SSL_CTX *hash_table_lookup(char *key, time_t *key_mtime,
213 time_t *dh_mtime)
267 time_t *dh_mtime, time_t *ca_mtime)
214268 {
215269 int level, split;
216270 uint32_t hash = str_hash(key);
229283 if (el->hash == hash && strcmp(el->key, key) == 0) {
230284 *key_mtime = el->key_mtime;
231285 *dh_mtime = el->dh_mtime;
286 *ca_mtime = el->ca_mtime;
232287 return el->ssl_ctx;
233288 }
234289 el = el->next;
240295
241296 static ErlDrvData tls_drv_start(ErlDrvPort port, char *buff)
242297 {
243 tls_data *d = (tls_data *)driver_alloc(sizeof(tls_data));
298 tls_data *d = ftls_alloc(sizeof(tls_data));
244299 d->port = port;
245300 d->bio_read = NULL;
246301 d->bio_write = NULL;
290345 }
291346
292347 driver_free(ht.buckets);
348 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
349 OPENSSL_cleanup();
350 #endif
293351 }
294352
295353 static int is_modified(char *file, time_t *known_mtime)
399457 return 0;
400458 }
401459
402 dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
403 dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
404 if (dh->p == NULL || dh->g == NULL) {
405 DH_free(dh);
406 return 0;
407 }
460 BIGNUM *dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
461 BIGNUM *dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
462 if (dh_p == NULL || dh_g == NULL) {
463 BN_free(dh_p);
464 BN_free(dh_g);
465 DH_free(dh);
466 return 0;
467 }
468
469 DH_set0_pqg(dh, dh_p, NULL, dh_g);
408470 }
409471
410472 SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
417479
418480 static void ssl_info_callback(const SSL *s, int where, int ret)
419481 {
420 if (where == SSL_CB_ACCEPT_LOOP) {
421 int state = SSL_get_state(s);
422 if (state == SSL3_ST_SR_CLNT_HELLO_A ||
423 state == SSL23_ST_SR_CLNT_HELLO_A) {
424 tls_data *d = (tls_data *)SSL_get_ex_data(s, ssl_index);
425 d->handshakes++;
426 }
427 }
428 }
429
482 tls_data *d = (tls_data *)SSL_get_ex_data(s, ssl_index);
483 if ((where & SSL_CB_HANDSHAKE_START) && d->handshakes) {
484 d->handshakes++;
485 } else if ((where & SSL_CB_HANDSHAKE_DONE) && !d->handshakes) {
486 d->handshakes++;
487 }
488 }
430489
431490 #define SET_CERTIFICATE_FILE_ACCEPT 1
432491 #define SET_CERTIFICATE_FILE_CONNECT 2
446505 unsigned long error_code = ERR_get_error(); \
447506 char *error_string = error_code ? \
448507 ERR_error_string(error_code, NULL) : \
449 NULL; \
450 int error_string_length = error_string ? \
451 strlen(error_string) : 0; \
508 ""; \
509 int error_string_length = strlen(error_string); \
452510 if (error_code) \
453511 rlen = errstrlen + error_string_length + 3; \
454512 else \
455513 rlen = errstrlen + 1; \
456 b = driver_alloc_binary(rlen); \
514 b = ftls_alloc_binary(rlen); \
457515 b->orig_bytes[0] = 1; \
458516 strncpy(b->orig_bytes + 1, errstr, errstrlen); \
459517 if (error_code) { \
525583 case SET_CERTIFICATE_FILE_CONNECT: {
526584 time_t key_mtime = 0;
527585 time_t dh_mtime = 0;
586 time_t ca_mtime = 0;
528587 char *key_file = buf;
529588 size_t key_file_len = strlen(key_file);
530589 char *ciphers = key_file + key_file_len + 1;
533592 size_t protocol_options_len = strlen(protocol_options);
534593 char *dh_file = protocol_options + protocol_options_len + 1;
535594 size_t dh_file_len = strlen(dh_file);
536 char *hash_key = (char *)driver_alloc(key_file_len +
595 char *ca_file = dh_file + dh_file_len + 1;
596 size_t ca_file_len = strlen(ca_file);
597 char *hash_key = ftls_alloc(key_file_len +
537598 ciphers_len +
538599 protocol_options_len +
539 dh_file_len + 1);
540 long options = 0L;
600 dh_file_len +
601 ca_file_len + 1);
602 unsigned long options = 0L;
541603
542604 if (protocol_options_len != 0) {
543605 char *po = strdup(protocol_options), delim[] = "|";
544606 char *popts = po;
545607 char *strtok_buf;
546608
609 if (!po) {
610 erl_exit(1, "fast_tls: strdup failed");
611 }
612
547613 while ((po = strtok_r(po, delim, &strtok_buf)) != NULL) {
548614 set_option_flag(po, &options);
549615 po = NULL;
552618 free(popts);
553619 }
554620
555 sprintf(hash_key, "%s%s%s%s", key_file, ciphers, protocol_options,
556 dh_file);
557 SSL_CTX *ssl_ctx = hash_table_lookup(hash_key, &key_mtime, &dh_mtime);
621 sprintf(hash_key, "%s%s%s%s%s", key_file, ciphers, protocol_options,
622 dh_file, ca_file);
623 SSL_CTX *ssl_ctx = hash_table_lookup(hash_key, &key_mtime, &dh_mtime, &ca_mtime);
558624
559625 if (dh_file_len == 0)
560626 dh_file = NULL;
561627
628 if (ca_file_len == 0)
629 ca_file = NULL;
630
562631 if (is_modified(key_file, &key_mtime) ||
563632 is_modified(dh_file, &dh_mtime) ||
633 is_modified(ca_file, &ca_mtime) ||
564634 ssl_ctx == NULL)
565635 {
566636 SSL_CTX *ctx;
567637
568 hash_table_insert(hash_key, key_mtime, dh_mtime, NULL);
638 hash_table_insert(hash_key, key_mtime, dh_mtime, ca_mtime, NULL);
569639
570640 ctx = SSL_CTX_new(SSLv23_method());
571641 die_unless(ctx, "SSL_CTX_new failed");
592662 #endif
593663
594664 SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
595 SSL_CTX_set_default_verify_paths(ctx);
665 if (ca_file)
666 SSL_CTX_load_verify_locations(ctx, ca_file, NULL);
667 else
668 SSL_CTX_set_default_verify_paths(ctx);
596669 #ifdef SSL_MODE_RELEASE_BUFFERS
597670 SSL_CTX_set_mode(ctx, SSL_MODE_RELEASE_BUFFERS);
598671 #endif
610683 SSL_CTX_set_info_callback(ctx, &ssl_info_callback);
611684
612685 ssl_ctx = ctx;
613 hash_table_insert(hash_key, key_mtime, dh_mtime, ssl_ctx);
686 hash_table_insert(hash_key, key_mtime, dh_mtime, ca_mtime, ssl_ctx);
614687 }
615688
616689 driver_free(hash_key);
630703
631704 d->bio_read = BIO_new(BIO_s_mem());
632705 d->bio_write = BIO_new(BIO_s_mem());
706
707 die_unless(d->bio_read, "BIO_new failed");
708 die_unless(d->bio_write, "BIO_new failed");
633709
634710 SSL_set_bio(d->ssl, d->bio_read, d->bio_write);
635711
660736 if (d->send_buffer2 == NULL) {
661737 d->send_buffer2_len = len;
662738 d->send_buffer2_size = len;
663 d->send_buffer2 = driver_alloc(d->send_buffer2_size);
739 d->send_buffer2 = ftls_alloc(d->send_buffer2_size);
664740 memcpy(d->send_buffer2, buf, len);
665741 } else {
666742 if (d->send_buffer2_size <
669745 d->send_buffer2_len + len) {
670746 d->send_buffer2_size *= 2;
671747 }
672 d->send_buffer2 = driver_realloc(d->send_buffer2,
748 d->send_buffer2 = ftls_realloc(d->send_buffer2,
673749 d->send_buffer2_size);
674750 }
675751 memcpy(d->send_buffer2 + d->send_buffer2_len,
684760 res == SSL_ERROR_WANT_WRITE) {
685761 d->send_buffer_len = len;
686762 d->send_buffer_size = len;
687 d->send_buffer = driver_alloc(d->send_buffer_size);
763 d->send_buffer = ftls_alloc(d->send_buffer_size);
688764 memcpy(d->send_buffer, buf, len);
689765 } else {
690766 die_unless(0, "SSL_write failed");
696772 case GET_ENCRYPTED_OUTPUT:
697773 die_unless(d->ssl, "SSL not initialized");
698774 size = BIO_ctrl_pending(d->bio_write) + 1;
699 b = driver_alloc_binary(size);
775 b = ftls_alloc_binary(size);
700776 b->orig_bytes[0] = 0;
701777 BIO_read(d->bio_write, b->orig_bytes + 1, size - 1);
702778 *rbuf = (char *)b;
703779 return size;
704780 case GET_DECRYPTED_INPUT: {
705781 int retcode = 0;
782 die_unless(d->ssl, "SSL not initialized");
706783 if (!SSL_is_init_finished(d->ssl))
707784 {
708785 retcode = 2;
732809
733810 if (len == 4)
734811 {
735 unsigned char *b = (unsigned char *)buf;
812 unsigned char *b2 = (unsigned char *)buf;
736813 req_size =
737 (b[0] << 24) | (b[1] << 16) | (b[2] << 8) | b[3];
814 (b2[0] << 24) | (b2[1] << 16) | (b2[2] << 8) | b2[3];
738815 }
739816 size = BUF_SIZE + 1;
740817 rlen = 1;
741 b = driver_alloc_binary(size);
818 b = ftls_alloc_binary(size);
742819 b->orig_bytes[0] = retcode;
743820
744821 res = 0;
753830 rlen += res;
754831 if (size - rlen < BUF_SIZE) {
755832 size *= 2;
756 b = driver_realloc_binary(b, size);
833 b = ftls_realloc_binary(b, size);
757834 }
758835 }
759836
761838 char *error = "client renegotiations forbidden";
762839 int error_len = strlen(error);
763840 rlen = error_len + 1;
764 b = driver_alloc_binary(rlen);
841 b = ftls_alloc_binary(rlen);
765842 b->orig_bytes[0] = 1;
766843 strncpy(b->orig_bytes + 1, error, error_len);
767844 *rbuf = (char *)b;
779856 }
780857 // TODO
781858 }
782 b = driver_realloc_binary(b, rlen);
859 b = ftls_realloc_binary(b, rlen);
783860 *rbuf = (char *)b;
784861 return rlen;
785862 } else {
786 b = driver_alloc_binary(1);
863 b = ftls_alloc_binary(1);
787864 b->orig_bytes[0] = 2;
788865 *rbuf = (char *)b;
789866 return 1;
794871 cert = SSL_get_peer_certificate(d->ssl);
795872 if (cert == NULL)
796873 {
797 b = driver_alloc_binary(1);
874 b = ftls_alloc_binary(1);
798875 b->orig_bytes[0] = 1;
799876 *rbuf = (char *)b;
800877 return 1;
801878 } else {
802879 unsigned char *tmp_buf;
803 rlen = i2d_X509(cert, NULL);
804 if (rlen >= 0)
880 int encode_len = i2d_X509(cert, NULL);
881 if (encode_len >= 0)
805882 {
806 rlen++;
807 b = driver_alloc_binary(rlen);
883 rlen = encode_len + 1;
884 b = ftls_alloc_binary(rlen);
808885 b->orig_bytes[0] = 0;
809886 tmp_buf = (unsigned char *)&b->orig_bytes[1];
810887 i2d_X509(cert, &tmp_buf);
816893 }
817894 break;
818895 case GET_VERIFY_RESULT:
819 b = driver_alloc_binary(1);
896 b = ftls_alloc_binary(1);
820897 b->orig_bytes[0] = SSL_get_verify_result(d->ssl);
821898 *rbuf = (char *)b;
822899 return 1;
823900 break;
824901 }
825902
826 b = driver_alloc_binary(1);
903 b = ftls_alloc_binary(1);
827904 b->orig_bytes[0] = 0;
828905 *rbuf = (char *)b;
829906 return 1;
856933 NULL, /* process_exit */
857934 NULL /* stop_select */
858935 };
936 #if OPENSSL_VERSION_NUMBER < 0x10100000L
937 #define our_alloc driver_alloc
938 #define our_realloc driver_realloc
939 #define our_free driver_free
940 #else
941 static void *our_alloc(size_t size, const char *file, int line) {
942 return driver_alloc(size);
943 }
944 static void * our_realloc(void *ptr, size_t size, const char *file, int line) {
945 return driver_realloc(ptr, size);
946 }
947
948 static void our_free(void *ptr, const char *file, int line) {
949 driver_free(ptr);
950 }
951 #endif
859952
860953 DRIVER_INIT(fast_tls_drv) /* must match name in driver_entry */
861954 {
862 CRYPTO_set_mem_functions(driver_alloc, driver_realloc, driver_free);
955 CRYPTO_set_mem_functions(our_alloc, our_realloc, our_free);
863956 OpenSSL_add_ssl_algorithms();
864957 SSL_load_error_strings();
865958 init_hash_table();
866959 ssl_index = SSL_get_ex_new_index(0, "ssl index", NULL, NULL, NULL);
867960 return &tls_driver_entry;
868961 }
869
870
+10
-0
configure less more
38373837 fi
38383838
38393839
3840 ac_fn_c_check_header_mongrel "$LINENO" "openssl/opensslv.h" "ac_cv_header_openssl_opensslv_h" "$ac_includes_default"
3841 if test "x$ac_cv_header_openssl_opensslv_h" = xyes; then :
3842 OPENSSLV_HEADER=yes
3843 fi
3844
3845
38403846
38413847 if test "x$SSL_LIB" = "x"; then
38423848 as_fn_error $? "OpenSSL 'ssl' library was not found" "$LINENO" 5
38563862
38573863 if test "x$SHA_HEADER" = "x"; then
38583864 as_fn_error $? "OpenSSL header file \"openssl/sha.h\" was not found" "$LINENO" 5
3865 fi
3866
3867 if test "x$OPENSSLV_HEADER" = "x"; then
3868 as_fn_error $? "OpenSSL header file \"openssl/opensslv.h\" was not found" "$LINENO" 5
38593869 fi
38603870
38613871 # Check whether --enable-gcov was given.
+5
-0
configure.ac less more
3232 AC_CHECK_HEADER(openssl/ssl.h, [SSL_HEADER=yes], [], [])
3333 AC_CHECK_HEADER(openssl/err.h, [ERR_HEADER=yes], [], [])
3434 AC_CHECK_HEADER(openssl/sha.h, [SHA_HEADER=yes], [], [])
35 AC_CHECK_HEADER(openssl/opensslv.h, [OPENSSLV_HEADER=yes], [], [])
3536
3637 if test "x$SSL_LIB" = "x"; then
3738 AC_MSG_ERROR([OpenSSL 'ssl' library was not found])
5354 AC_MSG_ERROR([OpenSSL header file "openssl/sha.h" was not found])
5455 fi
5556
57 if test "x$OPENSSLV_HEADER" = "x"; then
58 AC_MSG_ERROR([OpenSSL header file "openssl/opensslv.h" was not found])
59 fi
60
5661 AC_ARG_ENABLE(gcov,
5762 [AC_HELP_STRING([--enable-gcov], [compile with gcov enabled (default: no)])],
5863 [case "${enableval}" in
+13
-3
debian/changelog less more
0 erlang-p1-tls (1.0.1-1~bpo8+1) jessie-backports; urgency=medium
0 erlang-p1-tls (1.0.5-1) unstable; urgency=medium
11
2 * Rebuild for jessie-backports.
2 * Imported Upstream version 1.0.5
33
4 -- Philipp Huebner <debalance@debian.org> Mon, 14 Mar 2016 19:51:39 +0100
4 -- Philipp Huebner <debalance@debian.org> Sun, 03 Jul 2016 16:42:21 +0200
5
6 erlang-p1-tls (1.0.4-1) unstable; urgency=medium
7
8 * Imported Upstream version 1.0.4
9 * Improved debian/watch
10 * Updated Standards-Version: 3.9.8 (no changes needed)
11 * Enabled hardening
12 * Added upstream patch to fix FTBFS with OpenSSL 1.1.0 (Closes: #828297)
13
14 -- Philipp Huebner <debalance@debian.org> Thu, 30 Jun 2016 07:28:42 +0200
515
616 erlang-p1-tls (1.0.1-1) unstable; urgency=medium
717
+3
-3
debian/control less more
00 Source: erlang-p1-tls
11 Priority: optional
22 Maintainer: Philipp Huebner <debalance@debian.org>
3 Build-Depends: debhelper (>= 9), dh-rebar, erlang-eunit, erlang-p1-utils (>= 1.0.3), erlang-syntax-tools, libssl-dev
4 Standards-Version: 3.9.7
3 Build-Depends: debhelper (>= 9), dh-rebar, erlang-eunit, erlang-p1-utils (>= 1.0.4), erlang-syntax-tools, libssl-dev
4 Standards-Version: 3.9.8
55 Section: libs
66 Homepage: https://github.com/processone/fast_tls
77 Vcs-Git: https://anonscm.debian.org/git/users/debalance/erlang-p1-tls.git
1010 Package: erlang-p1-tls
1111 Architecture: any
1212 Depends: ${shlibs:Depends}, ${misc:Depends}, erlang-base | ${erlang-abi:Depends},
13 ${erlang:Depends}
13 ${erlang:Depends}, erlang-p1-utils (>= 1.0.4)
1414 Description: native TLS / SSL driver for Erlang / Elixir
1515 Fast TSL is a native TLS / SSL driver for Erlang / Elixir.
1616 It is based on OpenSSL, a proven and efficient TLS implementation.
+1
-1
debian/patches/remove-deps.diff less more
1010 {port_specs, [{"priv/lib/fast_tls_drv.so", ["c_src/fast_tls_drv.c"]},
1111 {"priv/lib/p1_sha.so", ["c_src/p1_sha.c"]}]}.
1212
13 -{deps, [{p1_utils, ".*", {git, "git://github.com/processone/p1_utils", {tag, "1.0.3"}}}]}.
13 -{deps, [{p1_utils, ".*", {git, "git://github.com/processone/p1_utils", {tag, "1.0.4"}}}]}.
1414
1515 {clean_files, ["c_src/fast_tls_drv.gcda", "c_src/fast_tls_drv.gcno",
1616 "c_src/fast_sha.gcda", "c_src/fast_sha.gcno"]}.
+1
-0
debian/rules less more
00 #!/usr/bin/make -f
11 #export DH_VERBOSE=1
22
3 export DEB_BUILD_MAINT_OPTIONS = hardening=+all
34 include /usr/share/dpkg/default.mk
45
56 DESTDIR=$(CURDIR)/debian/erlang-p1-tls
+2
-2
debian/watch less more
00 version=3
1 opts="filenamemangle=s/(?:.*)?v?(\d[\d\.]*)\.tar\.gz/erlang-p1-fast-tls_$1.tar.gz/" \
2 https://github.com/processone/fast_tls/tags (?:.*/)?v?(\d[\d\.]*)\.tar\.gz
1 opts="filenamemangle=s/.*\/v?(\d\S*)\.tar\.gz/erlang-p1-tls_$1.tar.gz/" \
2 https://github.com/processone/fast_tls/releases .*/v?(\d\S*)\.tar\.gz
+1
-1
rebar.config less more
2626 {port_specs, [{"priv/lib/fast_tls_drv.so", ["c_src/fast_tls_drv.c"]},
2727 {"priv/lib/p1_sha.so", ["c_src/p1_sha.c"]}]}.
2828
29 {deps, [{p1_utils, ".*", {git, "git://github.com/processone/p1_utils", {tag, "1.0.3"}}}]}.
29 {deps, [{p1_utils, ".*", {git, "git://github.com/processone/p1_utils", {tag, "1.0.4"}}}]}.
3030
3131 {clean_files, ["c_src/fast_tls_drv.gcda", "c_src/fast_tls_drv.gcno",
3232 "c_src/fast_sha.gcda", "c_src/fast_sha.gcno"]}.
+7
-1
rebar.config.script less more
4545 ModCfg = fun(Cfg, Keys, Op, Default) -> ModCfg0(ModCfg0, Cfg, Keys, Op, Default) end.
4646 ModCfgS = fun(Cfg, Keys, Val) -> ModCfg0(ModCfg0, Cfg, Keys, fun(_V) -> Val end, "") end.
4747
48 Cfg0 = ModCfg(CONFIG, [port_env, "CFLAGS"], fun(V) -> V ++ " " ++ CfgCFlags end, "$CFLAGS"),
48
49 SysVersion = lists:map(fun erlang:list_to_integer/1,
50 string:tokens(erlang:system_info(version), ".")),
51
52 ExitFlag = case SysVersion >= [7, 3] of true -> "-DHAS_ERTS_EXIT"; _ -> "" end.
53
54 Cfg0 = ModCfg(CONFIG, [port_env, "CFLAGS"], fun(V) -> V ++ " " ++ ExitFlag ++ " " ++ CfgCFlags end, "$CFLAGS"),
4955 Cfg00 = ModCfg(Cfg0, [port_env, "LDFLAGS"], fun(V) -> V ++ " " ++ CfgLDFlags end, "$LDFLAGS"),
5056 Cfg1 = case CfgWithGCov of
5157 "true" ->
+1
-1
src/fast_tls.app.src less more
2222
2323 {application, fast_tls,
2424 [{description, "TLS / SSL OpenSSL-based native driver for Erlang / Elixir"},
25 {vsn, "1.0.1"},
25 {vsn, "1.0.5"},
2626 {modules, []},
2727 {registered, []},
2828 {applications, [kernel, stdlib]},
+18
-1
src/fast_tls.erl less more
3737 %% Internal exports, call-back functions.
3838 -export([init/1, handle_call/3, handle_cast/2,
3939 handle_info/2, code_change/3, terminate/2]).
40
41 -ifdef(TEST).
42 -include_lib("eunit/include/eunit.hrl").
43 -endif.
4044
4145 -define(SET_CERTIFICATE_FILE_ACCEPT, 1).
4246
141145 false ->
142146 <<>>
143147 end,
148 CAFile = case lists:keysearch(cafile, 1, Options) of
149 {value, {cafile, CF}} ->
150 iolist_to_binary(CF);
151 false ->
152 <<>>
153 end,
144154 CertFile1 = iolist_to_binary(CertFile),
145155 case catch port_control(Port, Command bor Flags,
146156 <<CertFile1/binary, 0, Ciphers/binary,
147157 0, ProtocolOpts/binary, 0, DHFile/binary,
148 0>>)
158 0, CAFile/binary, 0>>)
149159 of
150160 {'EXIT', {badarg, _}} -> {error, einval};
151161 <<0>> ->
414424 [erl_ddll:format_error(ErrorDesc)]),
415425 Err
416426 end.
427
428 -ifdef(TEST).
429
430 load_nif_test() ->
431 ?assertEqual(ok, load_driver()).
432
433 -endif.