bool Environment::isItTheSamePathAsCurrent(unsigned int pId)
{
StringStorage currModulePath, testedModulePath;
ProcessHandle pHandle;
pHandle.openProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,
0, pId);
pHandle.getProcessModulePath(&testedModulePath);
getCurrentModulePath(&currModulePath);
return currModulePath.isEqualTo(&testedModulePath);
}
bool Environment::getCurrentModuleFolderPath(StringStorage *out)
{
if (!getCurrentModulePath(out)) {
return false;
}
size_t lastPos = out->findLast(_T('\\'));
if (lastPos != (size_t)-1) {
out->getSubstring(out, 0, max(lastPos - 1, 0));
}
return true;
}
bool OpenSslLib::init(const char* path)
{
if(ssl_ctx_client_ || ssl_ctx_server_) {
return true;
}
std::string cert_path;
if(path == NULL) {
cert_path = getCurrentModulePath();
} else {
cert_path = path;
if(cert_path.empty()) {
cert_path = getCurrentModulePath();
} else if(cert_path.at(cert_path.length() - 1) != PATH_SEPARATOR) {
cert_path += PATH_SEPARATOR;
}
}
std::string server_cert_file = cert_path + "server.cer";
std::string server_key_file = cert_path + "server.key";
std::string client_cert_file;// = cert_path + "cleint.cer";
std::string client_key_file;// = cert_path + "client.key";
std::string ca_cert_file = cert_path + "ca.cer";
SSL_library_init();
//OpenSSL_add_all_algorithms();
SSL_load_error_strings();
bool server_ctx_ok = false;
bool client_ctx_ok = false;
do {
ssl_ctx_server_ = SSL_CTX_new(SSLv23_server_method());
if(NULL == ssl_ctx_server_) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_new failed, err="<<ERR_reason_error_string(ERR_get_error()));
break;
}
//const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
//SSL_CTX_set_options(ssl_ctx_server_, flags);
SSL_CTX_set_options(ssl_ctx_server_, SSL_OP_NO_SSLv2);
SSL_CTX_set_mode(ssl_ctx_server_, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_mode(ssl_ctx_server_, SSL_MODE_ENABLE_PARTIAL_WRITE);
if(!server_cert_file.empty() && !server_key_file.empty()) {
if(SSL_CTX_use_certificate_file(ssl_ctx_server_, server_cert_file.c_str(), SSL_FILETYPE_PEM) != 1) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_use_certificate_file failed, file="<<server_cert_file
<<", err="<<ERR_reason_error_string(ERR_get_error()));
break;
}
if(SSL_CTX_use_PrivateKey_file(ssl_ctx_server_, server_key_file.c_str(), SSL_FILETYPE_PEM) != 1) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_use_PrivateKey_file failed, file:"<<server_key_file
<<", err="<<ERR_reason_error_string(ERR_get_error()));
break;
}
if(SSL_CTX_check_private_key(ssl_ctx_server_) != 1) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_check_private_key failed, err="<<ERR_reason_error_string(ERR_get_error()));
break;
}
}
/*
SSL_CTX_set_verify(ssl_ctx_client_, SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verifyCallback);
app_verify_arg arg0;
SSL_CTX_set_cert_verify_callback(ssl_ctx_server_, appVerifyCallback, &arg0);
int session_id_context = 1;
if(SSL_CTX_set_session_id_context(ssl_ctx_server_, (unsigned char *)&session_id_context, sizeof(session_id_context)) != 1)
{
}
*/
server_ctx_ok = true;
} while(0);
do {
ssl_ctx_client_ = SSL_CTX_new(SSLv23_client_method());
if(NULL == ssl_ctx_client_) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_new failed, err="<<ERR_reason_error_string(ERR_get_error()));
break;
}
SSL_CTX_set_verify(ssl_ctx_client_, SSL_VERIFY_PEER, verifyCallback);
//SSL_CTX_set_verify_depth(ssl_ctx_client_, 4);
//app_verify_arg arg1;
//SSL_CTX_set_cert_verify_callback(ssl_ctx_client_, appVerifyCallback, &arg1);
//const long flags = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION;
//SSL_CTX_set_options(ssl_ctx_client_, flags);
SSL_CTX_set_options(ssl_ctx_client_, SSL_OP_NO_SSLv2);
SSL_CTX_set_mode(ssl_ctx_client_, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_mode(ssl_ctx_client_, SSL_MODE_ENABLE_PARTIAL_WRITE);
// set AES256_SHA cipher for client.
//if(SSL_CTX_set_cipher_list(ssl_ctx_client_,"AES256-SHA") != 1)
//{
// KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_set_cipher_list failed, err="<<ERR_reason_error_string(ERR_get_error()));
//}
if(!client_cert_file.empty() && !client_key_file.empty()) {
if(SSL_CTX_use_certificate_file(ssl_ctx_client_, client_cert_file.c_str(), SSL_FILETYPE_PEM) != 1) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_use_certificate_file failed, file="<<client_cert_file
<<", err="<<ERR_reason_error_string(ERR_get_error()));
break;
}
if(SSL_CTX_use_PrivateKey_file(ssl_ctx_client_, client_key_file.c_str(), SSL_FILETYPE_PEM) != 1) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_use_PrivateKey_file failed, file="<<client_key_file
<<", err="<<ERR_reason_error_string(ERR_get_error()));
break;
}
if(SSL_CTX_check_private_key(ssl_ctx_client_) != 1) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_check_private_key failed, err="<<ERR_reason_error_string(ERR_get_error()));
break;
}
}
if(!ca_cert_file.empty() &&
SSL_CTX_load_verify_locations(ssl_ctx_client_, ca_cert_file.c_str(), NULL) != 1) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_load_verify_locations failed, file="<<ca_cert_file
<<", err="<<ERR_reason_error_string(ERR_get_error()));
break;
}
if(SSL_CTX_set_default_verify_paths(ssl_ctx_client_) != 1) {
KUMA_WARNTRACE("OpenSslLib::init, SSL_CTX_set_default_verify_paths failed, err="
<<ERR_reason_error_string(ERR_get_error()));
break;
}
client_ctx_ok = true;
} while(0);
if(!server_ctx_ok && ssl_ctx_server_) {
SSL_CTX_free(ssl_ctx_server_);
ssl_ctx_server_ = NULL;
}
if(!client_ctx_ok && ssl_ctx_client_) {
SSL_CTX_free(ssl_ctx_client_);
ssl_ctx_client_ = NULL;
}
if(!server_ctx_ok && !client_ctx_ok) {
return false;
}
ssl_locks_ = new std::mutex[CRYPTO_num_locks()];
CRYPTO_set_id_callback(threadIdCallback);
CRYPTO_set_locking_callback(lockingCallback);
// PRNG
RAND_poll();
while(RAND_status() == 0) {
unsigned short rand_ret = rand() % 65536;
RAND_seed(&rand_ret, sizeof(rand_ret));
}
return true;
}
