static serf_ssl_context_t *ssl_init_context(void)
{
serf_ssl_context_t *ssl_ctx;
apr_pool_t *pool;
serf_bucket_alloc_t *allocator;
init_ssl_libraries();
apr_pool_create(&pool, NULL);
allocator = serf_bucket_allocator_create(pool, NULL, NULL);
ssl_ctx = serf_bucket_mem_alloc(allocator, sizeof(*ssl_ctx));
ssl_ctx->refcount = 0;
ssl_ctx->pool = pool;
ssl_ctx->allocator = allocator;
ssl_ctx->ctx = SSL_CTX_new(SSLv23_client_method());
SSL_CTX_set_client_cert_cb(ssl_ctx->ctx, ssl_need_client_cert);
ssl_ctx->cached_cert = 0;
ssl_ctx->cached_cert_pw = 0;
ssl_ctx->pending_err = APR_SUCCESS;
SSL_CTX_set_verify(ssl_ctx->ctx, SSL_VERIFY_PEER,
validate_server_certificate);
SSL_CTX_set_options(ssl_ctx->ctx, SSL_OP_ALL);
ssl_ctx->ssl = SSL_new(ssl_ctx->ctx);
ssl_ctx->bio = BIO_new(&bio_bucket_method);
ssl_ctx->bio->ptr = ssl_ctx;
SSL_set_bio(ssl_ctx->ssl, ssl_ctx->bio, ssl_ctx->bio);
SSL_set_connect_state(ssl_ctx->ssl);
SSL_set_app_data(ssl_ctx->ssl, ssl_ctx);
ssl_ctx->encrypt.stream = NULL;
ssl_ctx->encrypt.stream_next = NULL;
ssl_ctx->encrypt.pending = serf_bucket_aggregate_create(allocator);
ssl_ctx->encrypt.status = APR_SUCCESS;
serf_databuf_init(&ssl_ctx->encrypt.databuf);
ssl_ctx->encrypt.databuf.read = ssl_encrypt;
ssl_ctx->encrypt.databuf.read_baton = ssl_ctx;
ssl_ctx->decrypt.stream = NULL;
ssl_ctx->decrypt.pending = serf_bucket_aggregate_create(allocator);
ssl_ctx->decrypt.status = APR_SUCCESS;
serf_databuf_init(&ssl_ctx->decrypt.databuf);
ssl_ctx->decrypt.databuf.read = ssl_decrypt;
ssl_ctx->decrypt.databuf.read_baton = ssl_ctx;
return ssl_ctx;
}
SERF_DECLARE(serf_bucket_t *) serf_bucket_socket_create(
apr_socket_t *skt,
serf_bucket_alloc_t *allocator)
{
socket_context_t *ctx;
/* Oh, well. */
ctx = serf_bucket_mem_alloc(allocator, sizeof(*ctx));
ctx->skt = skt;
serf_databuf_init(&ctx->databuf);
ctx->databuf.read = socket_reader;
ctx->databuf.read_baton = ctx;
ctx->progress_func = ctx->progress_baton = NULL;
return serf_bucket_create(&serf_bucket_type_socket, allocator, ctx);
}
