Commit fresh-snapshots/upstream - erlang-p1-tls

Import upstream version 1.1.15+git20220728.1.dff53a5 Debian Janitor 1 year, 8 months ago

5 changed file(s) with 146 addition(s) and 6 deletion(s). Raw diff Collapse all Expand all

+47

-0

.github/workflows/ci.yml less more

	0	name: CI
	1
	2	on: [push, pull_request]
	3
	4	jobs:
	5
	6	tests:
	7	name: Tests
	8	strategy:
	9	fail-fast: false
	10	matrix:
	11	otp: ['19.3', '21.3', 24]
	12	runs-on: ubuntu-20.04
	13	container:
	14	image: erlang:${{ matrix.otp }}
	15	steps:
	16	- uses: actions/checkout@v2
	17	- run: ./configure
	18	- run: make
	19	- run: rebar3 compile
	20	- run: rebar3 xref
	21	- run: rebar3 dialyzer
	22	- run: rebar3 eunit -v
	23
	24	cover:
	25	name: Cover
	26	needs: [tests]
	27	runs-on: ubuntu-20.04
	28	steps:
	29	- uses: actions/checkout@v2
	30	- run: ./configure --enable-gcov
	31	- run: rebar3 compile
	32	- run: rebar3 eunit -v
	33	- run: rebar3 eunit -v
	34	- run: pip install --user cpp-coveralls
	35	- run: cpp-coveralls -b `pwd` --verbose --gcov-options '\-lp' --dump c.json
	36	- name: Send to Coveralls
	37	env:
	38	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	39	run: \|
	40	ADDJSONFILE=c.json COVERALLS=true rebar3 as test coveralls send
	41	curl -v -k https://coveralls.io/webhook \
	42	--header "Content-Type: application/json" \
	43	--data '{"repo_name":"$GITHUB_REPOSITORY",
	44	"repo_token":"$GITHUB_TOKEN",
	45	"payload":{"build_num":$GITHUB_RUN_ID,
	46	"status":"done"}}'

+43

-0

.github/workflows/hexpm-release.yml less more

	0	name: Hex
	1
	2	on:
	3	push:
	4	tags:
	5	- '*'
	6
	7	jobs:
	8	release:
	9	runs-on: ubuntu-latest
	10	steps:
	11	- name: Check out
	12	uses: actions/checkout@v2
	13
	14	- name: Setup rebar3 hex
	15	run: \|
	16	mkdir -p ~/.config/rebar3/
	17	echo "{plugins, [rebar3_hex]}." > ~/.config/rebar3/rebar.config
	18
	19	- run: rebar3 edoc
	20
	21	- name: Prepare Markdown
	22	run: \|
	23	echo "" >>README.md
	24	echo "## EDoc documentation" >>README.md
	25	echo "" >>README.md
	26	echo "You can check this library's " >>README.md
	27	echo "[EDoc documentation](edoc.html), " >>README.md
	28	echo "generated automatically from the source code comments." >>README.md
	29
	30	- name: Convert Markdown to HTML
	31	uses: natescherer/markdown-to-html-with-github-style-action@v1.1.0
	32	with:
	33	path: README.md
	34
	35	- run: \|
	36	mv doc/index.html doc/edoc.html
	37	mv README.html doc/index.html
	38
	39	- name: Publish to hex.pm
	40	run: DEBUG=1 rebar3 hex publish --repo hexpm --yes
	41	env:
	42	HEX_API_KEY: ${{ secrets.HEX_API_KEY }}

+17

-0

.gitignore less more

	0	*.swo
	1	*.swp
	2	.eunit
	3	.rebar
	4	_build
	5	autom4te.cache
	6	c_src/*.d
	7	c_src/*.gcda
	8	c_src/*.gcno
	9	c_src/*.o
	10	config.log
	11	config.status
	12	deps
	13	ebin
	14	priv
	15	rebar.lock
	16	vars.config

+38

-6

c_src/fast_tls.c less more

480	480	if (domain) {
481	481	size_t len = strlen(domain);
482	482	if (len) {
483		char name[len + 1];
	483	char *name = enif_alloc(len + 1);
	484	if (!name)
	485	return ret;
484	486	name[len] = 0;
485	487	size_t i = 0;
486	488	for (i = 0; i < len; i++)

499	501	ret = info;
500	502	}
501	503	}
	504	enif_free(name);
502	505	}
503	506	}
504	507	return ret;

678	681	cert_info_t *info = NULL;
679	682	cert_info_t *new_info = NULL;
680	683	cert_info_t *old_info = NULL;
681		char dh_hex[dh_size * 2 + 1];
	684	char dh_hex = enif_alloc(dh_size 2 + 1);
682	685	size_t key_size =
683	686	strlen(cert_file) + strlen(key_file) + strlen(ciphers) + 8 +
684	687	dh_size * 2 + strlen(dh_file) + strlen(ca_file) + 1;
685		char key[key_size];
	688	char *key = enif_alloc(key_size);
	689
	690	if (!dh_hex \|\| !key) {
	691	enif_free(dh_hex);
	692	enif_free(key);
	693	return "Memory allocation failed";
	694	}
	695
686	696	sprintf(key, "%s%s%s%08lx%s%s%s",
687	697	cert_file, key_file, ciphers,
688	698	options, dh_file, ca_file,

730	740	set_ctx(state, info->ssl_ctx);
731	741	enif_rwlock_runlock(certs_map_lock);
732	742	}
	743	enif_free(key);
	744	enif_free(dh_hex);
733	745	return ret;
734	746	}
735	747

940	952	}
941	953	}
942	954	}
	955
	956	#ifndef SSL_OP_NO_RENEGOTIATION
	957	// Forbid client-initiated renegotiation for OpenSSL < 1.1.0h
	958	if (state->handshakes > 1 && SSL_is_server(state->ssl)) {
	959	enif_release_binary(&buf);
	960	*ret = ERR_T(enif_make_atom(env, "closed"));
	961	return 2;
	962	}
	963	#endif
	964
943	965	enif_realloc_binary(&buf, pos);
944	966	*ret = enif_make_binary(env, &buf);
945	967	return 1;

1222	1244	if (!enif_inspect_iolist_as_binary(env, argv[0], &domain))
1223	1245	return enif_make_badarg(env);
1224	1246
1225		char key[domain.size + 1];
	1247	char *key = enif_alloc(domain.size + 1);
	1248	if (!key)
	1249	return enif_make_atom(env, "false");
	1250
1226	1251	memcpy(key, domain.data, domain.size);
1227	1252	key[domain.size] = 0;
1228	1253	enif_rwlock_rwlock(certfiles_map_lock);

1233	1258	ret = "true";
1234	1259	}
1235	1260	enif_rwlock_rwunlock(certfiles_map_lock);
	1261	enif_free(key);
1236	1262
1237	1263	return enif_make_atom(env, ret);
1238	1264	}

1246	1272	if (!enif_inspect_iolist_as_binary(env, argv[0], &domain))
1247	1273	return enif_make_badarg(env);
1248	1274
1249		char key[domain.size + 1];
	1275	char *key = enif_alloc(domain.size + 1);
	1276	if (!key)
	1277	return enif_make_atom(env, "error");
	1278
1250	1279	memcpy(key, domain.data, domain.size);
1251	1280	key[domain.size] = 0;
1252	1281	enif_rwlock_rlock(certfiles_map_lock);

1262	1291	result = enif_make_atom(env, "error");
1263	1292	}
1264	1293	enif_rwlock_runlock(certfiles_map_lock);
	1294	enif_free(key);
1265	1295
1266	1296	return result;
1267	1297	}

1384	1414
1385	1415	if (ret != 1)
1386	1416	return ssl_error(env, "FIPS_mode_set() failed");
1387		#else
	1417	#elif __GNUC__
1388	1418	#warning OpenSSL 3 FIPS support not implemented
1389	1419	#endif
1390	1420

1397	1427	#if OPENSSL_VERSION_NUMBER < 0x30000000L
1398	1428	const char *ret = FIPS_mode() ? "true" : "false";
1399	1429	#else
	1430	#if __GNUC__
1400	1431	#warning OpenSSL 3 FIPS support not implemented
	1432	#endif
1401	1433	static const char *ret = "false";
1402	1434	#endif
1403	1435

-0

rebar.config less more

23	23
24	24	{port_env, [{"CFLAGS", "$CFLAGS"}, {"LDFLAGS", "$LDFLAGS -lssl -lcrypto"},
25	25	{"ERL_LDFLAGS", " -L$ERL_EI_LIBDIR -lei"},
	26	{"win32", "LDFLAGS", "$LDFLAGS libssl.lib libcrypto.lib ws2_32.lib gdi32.lib advapi32.lib crypt32.lib user32.lib"},
26	27	{"darwin", "DRV_LDFLAGS", "-bundle -bundle_loader \"${BINDIR}/beam.smp\" $ERL_LDFLAGS"}]}.
27	28
28	29	{port_specs, [{"priv/lib/fast_tls.so", ["c_src/fast_tls.c", "c_src/ioqueue.c"]},