19 | 19 |
#include <erl_driver.h>
|
20 | 20 |
#include <openssl/err.h>
|
21 | 21 |
#include <openssl/ssl.h>
|
|
22 |
#include <openssl/opensslv.h>
|
22 | 23 |
#include <sys/types.h>
|
23 | 24 |
#include <sys/stat.h>
|
24 | 25 |
#include <stdint.h>
|
25 | 26 |
#include "options.h"
|
|
27 |
|
|
28 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
29 |
#define DH_set0_pqg(dh, dh_p, NULL, dh_g) (dh)->p = dh_p; (dh)->g = dh_g
|
|
30 |
#endif
|
26 | 31 |
|
27 | 32 |
#define BUF_SIZE 1024
|
28 | 33 |
|
|
52 | 57 |
|
53 | 58 |
#define CIPHERS "DEFAULT:!EXPORT:!LOW:!RC4:!SSLv2"
|
54 | 59 |
|
|
60 |
/* Wrappers around driver_alloc() that check */
|
|
61 |
/* for OOM. */
|
|
62 |
|
|
63 |
#ifdef HAS_ERTS_EXIT
|
|
64 |
void erts_exit(int n, char* v, ...);
|
|
65 |
#define erl_exit erts_exit
|
|
66 |
#else
|
|
67 |
void erl_exit(int n, char* v, ...);
|
|
68 |
#endif
|
|
69 |
|
|
70 |
void *ftls_alloc(ErlDrvSizeT size);
|
|
71 |
void *ftls_realloc(void *ptr, ErlDrvSizeT size);
|
|
72 |
ErlDrvBinary *ftls_alloc_binary(ErlDrvSizeT size);
|
|
73 |
ErlDrvBinary *ftls_realloc_binary(ErlDrvBinary *bin, ErlDrvSizeT size);
|
|
74 |
|
|
75 |
void *ftls_alloc(ErlDrvSizeT size) {
|
|
76 |
void *p = driver_alloc(size);
|
|
77 |
if (p == NULL) {
|
|
78 |
erl_exit(1, "fast_tls: Can't allocate %lu bytes of memory\n", size);
|
|
79 |
}
|
|
80 |
return p;
|
|
81 |
}
|
|
82 |
|
|
83 |
void *ftls_realloc(void *ptr, ErlDrvSizeT size) {
|
|
84 |
void *p = driver_realloc(ptr, size);
|
|
85 |
if (p == NULL) {
|
|
86 |
erl_exit(1, "fast_tls: Can't reallocate %lu bytes of memory\n", size);
|
|
87 |
}
|
|
88 |
return p;
|
|
89 |
}
|
|
90 |
|
|
91 |
ErlDrvBinary *ftls_alloc_binary(ErlDrvSizeT size) {
|
|
92 |
ErlDrvBinary *p = driver_alloc_binary(size);
|
|
93 |
if (p == NULL) {
|
|
94 |
erl_exit(1, "fast_tls: Can't allocate %lu binary\n", size);
|
|
95 |
}
|
|
96 |
return p;
|
|
97 |
}
|
|
98 |
|
|
99 |
ErlDrvBinary *ftls_realloc_binary(ErlDrvBinary *bin, ErlDrvSizeT size) {
|
|
100 |
ErlDrvBinary *p = driver_realloc_binary(bin, size);
|
|
101 |
if (p == NULL) {
|
|
102 |
erl_exit(1, "fast_tls: Can't reallocate %lu binary\n", size);
|
|
103 |
}
|
|
104 |
return p;
|
|
105 |
}
|
|
106 |
|
55 | 107 |
/**
|
56 | 108 |
* Prepare the SSL options flag.
|
57 | 109 |
**/
|
58 | |
static int set_option_flag(const char *opt, long *flag)
|
|
110 |
static int set_option_flag(const char *opt, unsigned long *flag)
|
59 | 111 |
{
|
60 | 112 |
ssl_option_t *p;
|
61 | 113 |
for (p = ssl_options; p->name; p++) {
|
|
108 | 160 |
char *key;
|
109 | 161 |
time_t key_mtime;
|
110 | 162 |
time_t dh_mtime;
|
|
163 |
time_t ca_mtime;
|
111 | 164 |
SSL_CTX *ssl_ctx;
|
112 | 165 |
struct bucket *next;
|
113 | 166 |
};
|
|
125 | 178 |
{
|
126 | 179 |
size_t size = 1 << (MIN_LEVEL + 1);
|
127 | 180 |
size_t i;
|
128 | |
ht.buckets = (struct bucket **)driver_alloc(sizeof(struct bucket *) * size);
|
|
181 |
ht.buckets = ftls_alloc(sizeof(struct bucket *) * size);
|
129 | 182 |
ht.split = 0;
|
130 | 183 |
ht.level = MIN_LEVEL;
|
131 | 184 |
for (i = 0; i < size; i++)
|
|
134 | 187 |
}
|
135 | 188 |
|
136 | 189 |
static void hash_table_insert(char *key, time_t key_mtime, time_t dh_mtime,
|
137 | |
SSL_CTX *ssl_ctx)
|
|
190 |
time_t ca_mtime, SSL_CTX *ssl_ctx)
|
138 | 191 |
{
|
139 | 192 |
int level, split;
|
140 | 193 |
uint32_t hash = str_hash(key);
|
|
155 | 208 |
if (el->hash == hash && strcmp(el->key, key) == 0) {
|
156 | 209 |
el->key_mtime = key_mtime;
|
157 | 210 |
el->dh_mtime = dh_mtime;
|
|
211 |
el->ca_mtime = ca_mtime;
|
158 | 212 |
if (el->ssl_ctx != NULL)
|
159 | 213 |
SSL_CTX_free(el->ssl_ctx);
|
160 | 214 |
el->ssl_ctx = ssl_ctx;
|
|
167 | 221 |
if (ht.buckets[bucket] != NULL)
|
168 | 222 |
do_split = !0;
|
169 | 223 |
|
170 | |
new_bucket_el = (struct bucket *)driver_alloc(sizeof(struct bucket));
|
|
224 |
new_bucket_el = ftls_alloc(sizeof(struct bucket));
|
171 | 225 |
new_bucket_el->hash = hash;
|
172 | |
new_bucket_el->key = (char *)driver_alloc(strlen(key) + 1);
|
|
226 |
new_bucket_el->key = ftls_alloc(strlen(key) + 1);
|
173 | 227 |
strcpy(new_bucket_el->key, key);
|
174 | 228 |
new_bucket_el->key_mtime = key_mtime;
|
175 | 229 |
new_bucket_el->dh_mtime = dh_mtime;
|
|
230 |
new_bucket_el->ca_mtime = ca_mtime;
|
176 | 231 |
new_bucket_el->ssl_ctx = ssl_ctx;
|
177 | 232 |
new_bucket_el->next = ht.buckets[bucket];
|
178 | 233 |
ht.buckets[bucket] = new_bucket_el;
|
|
200 | 255 |
size = 1 << (level + 1);
|
201 | 256 |
ht.split = split;
|
202 | 257 |
ht.level = level;
|
203 | |
ht.buckets = (struct bucket **)
|
204 | |
driver_realloc(ht.buckets, sizeof(struct bucket *) * size);
|
|
258 |
ht.buckets = ftls_realloc(ht.buckets, sizeof(struct bucket *) * size);
|
205 | 259 |
for (i = 1 << level; i < size; i++)
|
206 | 260 |
ht.buckets[i] = NULL;
|
207 | 261 |
} else
|
|
210 | 264 |
}
|
211 | 265 |
|
212 | 266 |
static SSL_CTX *hash_table_lookup(char *key, time_t *key_mtime,
|
213 | |
time_t *dh_mtime)
|
|
267 |
time_t *dh_mtime, time_t *ca_mtime)
|
214 | 268 |
{
|
215 | 269 |
int level, split;
|
216 | 270 |
uint32_t hash = str_hash(key);
|
|
229 | 283 |
if (el->hash == hash && strcmp(el->key, key) == 0) {
|
230 | 284 |
*key_mtime = el->key_mtime;
|
231 | 285 |
*dh_mtime = el->dh_mtime;
|
|
286 |
*ca_mtime = el->ca_mtime;
|
232 | 287 |
return el->ssl_ctx;
|
233 | 288 |
}
|
234 | 289 |
el = el->next;
|
|
240 | 295 |
|
241 | 296 |
static ErlDrvData tls_drv_start(ErlDrvPort port, char *buff)
|
242 | 297 |
{
|
243 | |
tls_data *d = (tls_data *)driver_alloc(sizeof(tls_data));
|
|
298 |
tls_data *d = ftls_alloc(sizeof(tls_data));
|
244 | 299 |
d->port = port;
|
245 | 300 |
d->bio_read = NULL;
|
246 | 301 |
d->bio_write = NULL;
|
|
290 | 345 |
}
|
291 | 346 |
|
292 | 347 |
driver_free(ht.buckets);
|
|
348 |
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
|
|
349 |
OPENSSL_cleanup();
|
|
350 |
#endif
|
293 | 351 |
}
|
294 | 352 |
|
295 | 353 |
static int is_modified(char *file, time_t *known_mtime)
|
|
399 | 457 |
return 0;
|
400 | 458 |
}
|
401 | 459 |
|
402 | |
dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
|
403 | |
dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
|
404 | |
if (dh->p == NULL || dh->g == NULL) {
|
405 | |
DH_free(dh);
|
406 | |
return 0;
|
407 | |
}
|
|
460 |
BIGNUM *dh_p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
|
|
461 |
BIGNUM *dh_g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
|
|
462 |
if (dh_p == NULL || dh_g == NULL) {
|
|
463 |
BN_free(dh_p);
|
|
464 |
BN_free(dh_g);
|
|
465 |
DH_free(dh);
|
|
466 |
return 0;
|
|
467 |
}
|
|
468 |
|
|
469 |
DH_set0_pqg(dh, dh_p, NULL, dh_g);
|
408 | 470 |
}
|
409 | 471 |
|
410 | 472 |
SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
|
|
417 | 479 |
|
418 | 480 |
static void ssl_info_callback(const SSL *s, int where, int ret)
|
419 | 481 |
{
|
420 | |
if (where == SSL_CB_ACCEPT_LOOP) {
|
421 | |
int state = SSL_get_state(s);
|
422 | |
if (state == SSL3_ST_SR_CLNT_HELLO_A ||
|
423 | |
state == SSL23_ST_SR_CLNT_HELLO_A) {
|
424 | |
tls_data *d = (tls_data *)SSL_get_ex_data(s, ssl_index);
|
425 | |
d->handshakes++;
|
426 | |
}
|
427 | |
}
|
428 | |
}
|
429 | |
|
|
482 |
tls_data *d = (tls_data *)SSL_get_ex_data(s, ssl_index);
|
|
483 |
if ((where & SSL_CB_HANDSHAKE_START) && d->handshakes) {
|
|
484 |
d->handshakes++;
|
|
485 |
} else if ((where & SSL_CB_HANDSHAKE_DONE) && !d->handshakes) {
|
|
486 |
d->handshakes++;
|
|
487 |
}
|
|
488 |
}
|
430 | 489 |
|
431 | 490 |
#define SET_CERTIFICATE_FILE_ACCEPT 1
|
432 | 491 |
#define SET_CERTIFICATE_FILE_CONNECT 2
|
|
446 | 505 |
unsigned long error_code = ERR_get_error(); \
|
447 | 506 |
char *error_string = error_code ? \
|
448 | 507 |
ERR_error_string(error_code, NULL) : \
|
449 | |
NULL; \
|
450 | |
int error_string_length = error_string ? \
|
451 | |
strlen(error_string) : 0; \
|
|
508 |
""; \
|
|
509 |
int error_string_length = strlen(error_string); \
|
452 | 510 |
if (error_code) \
|
453 | 511 |
rlen = errstrlen + error_string_length + 3; \
|
454 | 512 |
else \
|
455 | 513 |
rlen = errstrlen + 1; \
|
456 | |
b = driver_alloc_binary(rlen); \
|
|
514 |
b = ftls_alloc_binary(rlen); \
|
457 | 515 |
b->orig_bytes[0] = 1; \
|
458 | 516 |
strncpy(b->orig_bytes + 1, errstr, errstrlen); \
|
459 | 517 |
if (error_code) { \
|
|
525 | 583 |
case SET_CERTIFICATE_FILE_CONNECT: {
|
526 | 584 |
time_t key_mtime = 0;
|
527 | 585 |
time_t dh_mtime = 0;
|
|
586 |
time_t ca_mtime = 0;
|
528 | 587 |
char *key_file = buf;
|
529 | 588 |
size_t key_file_len = strlen(key_file);
|
530 | 589 |
char *ciphers = key_file + key_file_len + 1;
|
|
533 | 592 |
size_t protocol_options_len = strlen(protocol_options);
|
534 | 593 |
char *dh_file = protocol_options + protocol_options_len + 1;
|
535 | 594 |
size_t dh_file_len = strlen(dh_file);
|
536 | |
char *hash_key = (char *)driver_alloc(key_file_len +
|
|
595 |
char *ca_file = dh_file + dh_file_len + 1;
|
|
596 |
size_t ca_file_len = strlen(ca_file);
|
|
597 |
char *hash_key = ftls_alloc(key_file_len +
|
537 | 598 |
ciphers_len +
|
538 | 599 |
protocol_options_len +
|
539 | |
dh_file_len + 1);
|
540 | |
long options = 0L;
|
|
600 |
dh_file_len +
|
|
601 |
ca_file_len + 1);
|
|
602 |
unsigned long options = 0L;
|
541 | 603 |
|
542 | 604 |
if (protocol_options_len != 0) {
|
543 | 605 |
char *po = strdup(protocol_options), delim[] = "|";
|
544 | 606 |
char *popts = po;
|
545 | 607 |
char *strtok_buf;
|
546 | 608 |
|
|
609 |
if (!po) {
|
|
610 |
erl_exit(1, "fast_tls: strdup failed");
|
|
611 |
}
|
|
612 |
|
547 | 613 |
while ((po = strtok_r(po, delim, &strtok_buf)) != NULL) {
|
548 | 614 |
set_option_flag(po, &options);
|
549 | 615 |
po = NULL;
|
|
552 | 618 |
free(popts);
|
553 | 619 |
}
|
554 | 620 |
|
555 | |
sprintf(hash_key, "%s%s%s%s", key_file, ciphers, protocol_options,
|
556 | |
dh_file);
|
557 | |
SSL_CTX *ssl_ctx = hash_table_lookup(hash_key, &key_mtime, &dh_mtime);
|
|
621 |
sprintf(hash_key, "%s%s%s%s%s", key_file, ciphers, protocol_options,
|
|
622 |
dh_file, ca_file);
|
|
623 |
SSL_CTX *ssl_ctx = hash_table_lookup(hash_key, &key_mtime, &dh_mtime, &ca_mtime);
|
558 | 624 |
|
559 | 625 |
if (dh_file_len == 0)
|
560 | 626 |
dh_file = NULL;
|
561 | 627 |
|
|
628 |
if (ca_file_len == 0)
|
|
629 |
ca_file = NULL;
|
|
630 |
|
562 | 631 |
if (is_modified(key_file, &key_mtime) ||
|
563 | 632 |
is_modified(dh_file, &dh_mtime) ||
|
|
633 |
is_modified(ca_file, &ca_mtime) ||
|
564 | 634 |
ssl_ctx == NULL)
|
565 | 635 |
{
|
566 | 636 |
SSL_CTX *ctx;
|
567 | 637 |
|
568 | |
hash_table_insert(hash_key, key_mtime, dh_mtime, NULL);
|
|
638 |
hash_table_insert(hash_key, key_mtime, dh_mtime, ca_mtime, NULL);
|
569 | 639 |
|
570 | 640 |
ctx = SSL_CTX_new(SSLv23_method());
|
571 | 641 |
die_unless(ctx, "SSL_CTX_new failed");
|
|
592 | 662 |
#endif
|
593 | 663 |
|
594 | 664 |
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
|
595 | |
SSL_CTX_set_default_verify_paths(ctx);
|
|
665 |
if (ca_file)
|
|
666 |
SSL_CTX_load_verify_locations(ctx, ca_file, NULL);
|
|
667 |
else
|
|
668 |
SSL_CTX_set_default_verify_paths(ctx);
|
596 | 669 |
#ifdef SSL_MODE_RELEASE_BUFFERS
|
597 | 670 |
SSL_CTX_set_mode(ctx, SSL_MODE_RELEASE_BUFFERS);
|
598 | 671 |
#endif
|
|
610 | 683 |
SSL_CTX_set_info_callback(ctx, &ssl_info_callback);
|
611 | 684 |
|
612 | 685 |
ssl_ctx = ctx;
|
613 | |
hash_table_insert(hash_key, key_mtime, dh_mtime, ssl_ctx);
|
|
686 |
hash_table_insert(hash_key, key_mtime, dh_mtime, ca_mtime, ssl_ctx);
|
614 | 687 |
}
|
615 | 688 |
|
616 | 689 |
driver_free(hash_key);
|
|
630 | 703 |
|
631 | 704 |
d->bio_read = BIO_new(BIO_s_mem());
|
632 | 705 |
d->bio_write = BIO_new(BIO_s_mem());
|
|
706 |
|
|
707 |
die_unless(d->bio_read, "BIO_new failed");
|
|
708 |
die_unless(d->bio_write, "BIO_new failed");
|
633 | 709 |
|
634 | 710 |
SSL_set_bio(d->ssl, d->bio_read, d->bio_write);
|
635 | 711 |
|
|
660 | 736 |
if (d->send_buffer2 == NULL) {
|
661 | 737 |
d->send_buffer2_len = len;
|
662 | 738 |
d->send_buffer2_size = len;
|
663 | |
d->send_buffer2 = driver_alloc(d->send_buffer2_size);
|
|
739 |
d->send_buffer2 = ftls_alloc(d->send_buffer2_size);
|
664 | 740 |
memcpy(d->send_buffer2, buf, len);
|
665 | 741 |
} else {
|
666 | 742 |
if (d->send_buffer2_size <
|
|
669 | 745 |
d->send_buffer2_len + len) {
|
670 | 746 |
d->send_buffer2_size *= 2;
|
671 | 747 |
}
|
672 | |
d->send_buffer2 = driver_realloc(d->send_buffer2,
|
|
748 |
d->send_buffer2 = ftls_realloc(d->send_buffer2,
|
673 | 749 |
d->send_buffer2_size);
|
674 | 750 |
}
|
675 | 751 |
memcpy(d->send_buffer2 + d->send_buffer2_len,
|
|
684 | 760 |
res == SSL_ERROR_WANT_WRITE) {
|
685 | 761 |
d->send_buffer_len = len;
|
686 | 762 |
d->send_buffer_size = len;
|
687 | |
d->send_buffer = driver_alloc(d->send_buffer_size);
|
|
763 |
d->send_buffer = ftls_alloc(d->send_buffer_size);
|
688 | 764 |
memcpy(d->send_buffer, buf, len);
|
689 | 765 |
} else {
|
690 | 766 |
die_unless(0, "SSL_write failed");
|
|
696 | 772 |
case GET_ENCRYPTED_OUTPUT:
|
697 | 773 |
die_unless(d->ssl, "SSL not initialized");
|
698 | 774 |
size = BIO_ctrl_pending(d->bio_write) + 1;
|
699 | |
b = driver_alloc_binary(size);
|
|
775 |
b = ftls_alloc_binary(size);
|
700 | 776 |
b->orig_bytes[0] = 0;
|
701 | 777 |
BIO_read(d->bio_write, b->orig_bytes + 1, size - 1);
|
702 | 778 |
*rbuf = (char *)b;
|
703 | 779 |
return size;
|
704 | 780 |
case GET_DECRYPTED_INPUT: {
|
705 | 781 |
int retcode = 0;
|
|
782 |
die_unless(d->ssl, "SSL not initialized");
|
706 | 783 |
if (!SSL_is_init_finished(d->ssl))
|
707 | 784 |
{
|
708 | 785 |
retcode = 2;
|
|
732 | 809 |
|
733 | 810 |
if (len == 4)
|
734 | 811 |
{
|
735 | |
unsigned char *b = (unsigned char *)buf;
|
|
812 |
unsigned char *b2 = (unsigned char *)buf;
|
736 | 813 |
req_size =
|
737 | |
(b[0] << 24) | (b[1] << 16) | (b[2] << 8) | b[3];
|
|
814 |
(b2[0] << 24) | (b2[1] << 16) | (b2[2] << 8) | b2[3];
|
738 | 815 |
}
|
739 | 816 |
size = BUF_SIZE + 1;
|
740 | 817 |
rlen = 1;
|
741 | |
b = driver_alloc_binary(size);
|
|
818 |
b = ftls_alloc_binary(size);
|
742 | 819 |
b->orig_bytes[0] = retcode;
|
743 | 820 |
|
744 | 821 |
res = 0;
|
|
753 | 830 |
rlen += res;
|
754 | 831 |
if (size - rlen < BUF_SIZE) {
|
755 | 832 |
size *= 2;
|
756 | |
b = driver_realloc_binary(b, size);
|
|
833 |
b = ftls_realloc_binary(b, size);
|
757 | 834 |
}
|
758 | 835 |
}
|
759 | 836 |
|
|
761 | 838 |
char *error = "client renegotiations forbidden";
|
762 | 839 |
int error_len = strlen(error);
|
763 | 840 |
rlen = error_len + 1;
|
764 | |
b = driver_alloc_binary(rlen);
|
|
841 |
b = ftls_alloc_binary(rlen);
|
765 | 842 |
b->orig_bytes[0] = 1;
|
766 | 843 |
strncpy(b->orig_bytes + 1, error, error_len);
|
767 | 844 |
*rbuf = (char *)b;
|
|
779 | 856 |
}
|
780 | 857 |
// TODO
|
781 | 858 |
}
|
782 | |
b = driver_realloc_binary(b, rlen);
|
|
859 |
b = ftls_realloc_binary(b, rlen);
|
783 | 860 |
*rbuf = (char *)b;
|
784 | 861 |
return rlen;
|
785 | 862 |
} else {
|
786 | |
b = driver_alloc_binary(1);
|
|
863 |
b = ftls_alloc_binary(1);
|
787 | 864 |
b->orig_bytes[0] = 2;
|
788 | 865 |
*rbuf = (char *)b;
|
789 | 866 |
return 1;
|
|
794 | 871 |
cert = SSL_get_peer_certificate(d->ssl);
|
795 | 872 |
if (cert == NULL)
|
796 | 873 |
{
|
797 | |
b = driver_alloc_binary(1);
|
|
874 |
b = ftls_alloc_binary(1);
|
798 | 875 |
b->orig_bytes[0] = 1;
|
799 | 876 |
*rbuf = (char *)b;
|
800 | 877 |
return 1;
|
801 | 878 |
} else {
|
802 | 879 |
unsigned char *tmp_buf;
|
803 | |
rlen = i2d_X509(cert, NULL);
|
804 | |
if (rlen >= 0)
|
|
880 |
int encode_len = i2d_X509(cert, NULL);
|
|
881 |
if (encode_len >= 0)
|
805 | 882 |
{
|
806 | |
rlen++;
|
807 | |
b = driver_alloc_binary(rlen);
|
|
883 |
rlen = encode_len + 1;
|
|
884 |
b = ftls_alloc_binary(rlen);
|
808 | 885 |
b->orig_bytes[0] = 0;
|
809 | 886 |
tmp_buf = (unsigned char *)&b->orig_bytes[1];
|
810 | 887 |
i2d_X509(cert, &tmp_buf);
|
|
816 | 893 |
}
|
817 | 894 |
break;
|
818 | 895 |
case GET_VERIFY_RESULT:
|
819 | |
b = driver_alloc_binary(1);
|
|
896 |
b = ftls_alloc_binary(1);
|
820 | 897 |
b->orig_bytes[0] = SSL_get_verify_result(d->ssl);
|
821 | 898 |
*rbuf = (char *)b;
|
822 | 899 |
return 1;
|
823 | 900 |
break;
|
824 | 901 |
}
|
825 | 902 |
|
826 | |
b = driver_alloc_binary(1);
|
|
903 |
b = ftls_alloc_binary(1);
|
827 | 904 |
b->orig_bytes[0] = 0;
|
828 | 905 |
*rbuf = (char *)b;
|
829 | 906 |
return 1;
|
|
856 | 933 |
NULL, /* process_exit */
|
857 | 934 |
NULL /* stop_select */
|
858 | 935 |
};
|
|
936 |
#if OPENSSL_VERSION_NUMBER < 0x10100000L
|
|
937 |
#define our_alloc driver_alloc
|
|
938 |
#define our_realloc driver_realloc
|
|
939 |
#define our_free driver_free
|
|
940 |
#else
|
|
941 |
static void *our_alloc(size_t size, const char *file, int line) {
|
|
942 |
return driver_alloc(size);
|
|
943 |
}
|
|
944 |
static void * our_realloc(void *ptr, size_t size, const char *file, int line) {
|
|
945 |
return driver_realloc(ptr, size);
|
|
946 |
}
|
|
947 |
|
|
948 |
static void our_free(void *ptr, const char *file, int line) {
|
|
949 |
driver_free(ptr);
|
|
950 |
}
|
|
951 |
#endif
|
859 | 952 |
|
860 | 953 |
DRIVER_INIT(fast_tls_drv) /* must match name in driver_entry */
|
861 | 954 |
{
|
862 | |
CRYPTO_set_mem_functions(driver_alloc, driver_realloc, driver_free);
|
|
955 |
CRYPTO_set_mem_functions(our_alloc, our_realloc, our_free);
|
863 | 956 |
OpenSSL_add_ssl_algorithms();
|
864 | 957 |
SSL_load_error_strings();
|
865 | 958 |
init_hash_table();
|
866 | 959 |
ssl_index = SSL_get_ex_new_index(0, "ssl index", NULL, NULL, NULL);
|
867 | 960 |
return &tls_driver_entry;
|
868 | 961 |
}
|
869 | |
|
870 | |
|