static void dill_tls_init(void) { static int init = 0; if(dill_slow(!init)) { SSL_library_init(); SSL_load_error_strings(); /* Create our own custom BIO type. */ int idx = BIO_get_new_index(); dill_tls_cbio = BIO_meth_new(idx, "bsock"); dill_assert(dill_tls_cbio); int rc = BIO_meth_set_create(dill_tls_cbio, dill_tls_cbio_create); dill_assert(rc == 1); rc = BIO_meth_set_destroy(dill_tls_cbio, dill_tls_cbio_destroy); dill_assert(rc == 1); rc = BIO_meth_set_write(dill_tls_cbio, dill_tls_cbio_write); dill_assert(rc == 1); rc = BIO_meth_set_read(dill_tls_cbio, dill_tls_cbio_read); dill_assert(rc == 1); rc = BIO_meth_set_ctrl(dill_tls_cbio, dill_tls_cbio_ctrl); dill_assert(rc == 1); /* Deallocate the method once the process exits. */ rc = atexit(dill_tls_term); dill_assert(rc == 0); init = 1; } }
/* Return the method table for the bufferevents BIO */ static BIO_METHOD * BIO_s_bufferevent(void) { if (methods_bufferevent == NULL) { methods_bufferevent = BIO_meth_new(BIO_TYPE_LIBEVENT, "bufferevent"); if (methods_bufferevent == NULL) return NULL; BIO_meth_set_write(methods_bufferevent, bio_bufferevent_write); BIO_meth_set_read(methods_bufferevent, bio_bufferevent_read); BIO_meth_set_puts(methods_bufferevent, bio_bufferevent_puts); BIO_meth_set_ctrl(methods_bufferevent, bio_bufferevent_ctrl); BIO_meth_set_create(methods_bufferevent, bio_bufferevent_new); BIO_meth_set_destroy(methods_bufferevent, bio_bufferevent_free); } return methods_bufferevent; }
static int init_bio_method(void) { /* Set up the BIO_METHOD we use for wrapping our own stream implementations */ git_stream_bio_method = BIO_meth_new(BIO_TYPE_SOURCE_SINK | BIO_get_new_index(), "git_stream"); GITERR_CHECK_ALLOC(git_stream_bio_method); BIO_meth_set_write(git_stream_bio_method, bio_write); BIO_meth_set_read(git_stream_bio_method, bio_read); BIO_meth_set_puts(git_stream_bio_method, bio_puts); BIO_meth_set_gets(git_stream_bio_method, bio_gets); BIO_meth_set_ctrl(git_stream_bio_method, bio_ctrl); BIO_meth_set_create(git_stream_bio_method, bio_create); BIO_meth_set_destroy(git_stream_bio_method, bio_destroy); return 0; }
const BIO_METHOD *bio_s_mempacket_test(void) { if (meth_mem == NULL) { if (!TEST_ptr(meth_mem = BIO_meth_new(BIO_TYPE_MEMPACKET_TEST, "Mem Packet Test")) || !TEST_true(BIO_meth_set_write(meth_mem, mempacket_test_write)) || !TEST_true(BIO_meth_set_read(meth_mem, mempacket_test_read)) || !TEST_true(BIO_meth_set_puts(meth_mem, mempacket_test_puts)) || !TEST_true(BIO_meth_set_gets(meth_mem, mempacket_test_gets)) || !TEST_true(BIO_meth_set_ctrl(meth_mem, mempacket_test_ctrl)) || !TEST_true(BIO_meth_set_create(meth_mem, mempacket_test_new)) || !TEST_true(BIO_meth_set_destroy(meth_mem, mempacket_test_free))) return NULL; } return meth_mem; }
static const BIO_METHOD *bio_f_watchccs_filter(void) { if (method_watchccs == NULL) { method_watchccs = BIO_meth_new(BIO_TYPE_WATCHCCS_FILTER, "Watch CCS filter"); if ( method_watchccs == NULL || !BIO_meth_set_write(method_watchccs, watchccs_write) || !BIO_meth_set_read(method_watchccs, watchccs_read) || !BIO_meth_set_puts(method_watchccs, watchccs_puts) || !BIO_meth_set_gets(method_watchccs, watchccs_gets) || !BIO_meth_set_ctrl(method_watchccs, watchccs_ctrl) || !BIO_meth_set_create(method_watchccs, watchccs_new) || !BIO_meth_set_destroy(method_watchccs, watchccs_free)) return NULL; } return method_watchccs; }
/* Note: Not thread safe! */ const BIO_METHOD *bio_f_tls_dump_filter(void) { if (method_tls_dump == NULL) { method_tls_dump = BIO_meth_new(BIO_TYPE_TLS_DUMP_FILTER, "TLS dump filter"); if ( method_tls_dump == NULL || !BIO_meth_set_write(method_tls_dump, tls_dump_write) || !BIO_meth_set_read(method_tls_dump, tls_dump_read) || !BIO_meth_set_puts(method_tls_dump, tls_dump_puts) || !BIO_meth_set_gets(method_tls_dump, tls_dump_gets) || !BIO_meth_set_ctrl(method_tls_dump, tls_dump_ctrl) || !BIO_meth_set_create(method_tls_dump, tls_dump_new) || !BIO_meth_set_destroy(method_tls_dump, tls_dump_free)) return NULL; } return method_tls_dump; }
const BIO_METHOD *bio_s_mempacket_test(void) { if (method_mempacket_test == NULL) { method_mempacket_test = BIO_meth_new(BIO_TYPE_MEMPACKET_TEST, "Mem Packet Test"); if ( method_mempacket_test == NULL || !BIO_meth_set_write(method_mempacket_test, mempacket_test_write) || !BIO_meth_set_read(method_mempacket_test, mempacket_test_read) || !BIO_meth_set_puts(method_mempacket_test, mempacket_test_puts) || !BIO_meth_set_gets(method_mempacket_test, mempacket_test_gets) || !BIO_meth_set_ctrl(method_mempacket_test, mempacket_test_ctrl) || !BIO_meth_set_create(method_mempacket_test, mempacket_test_new) || !BIO_meth_set_destroy(method_mempacket_test, mempacket_test_free)) return NULL; } return method_mempacket_test; }
BIO_METHOD * mongoc_stream_tls_openssl_bio_meth_new () { BIO_METHOD *meth = NULL; meth = BIO_meth_new (BIO_TYPE_FILTER, "mongoc-stream-tls-glue"); if (meth) { BIO_meth_set_write (meth, mongoc_stream_tls_openssl_bio_write); BIO_meth_set_read (meth, mongoc_stream_tls_openssl_bio_read); BIO_meth_set_puts (meth, mongoc_stream_tls_openssl_bio_puts); BIO_meth_set_gets (meth, mongoc_stream_tls_openssl_bio_gets); BIO_meth_set_ctrl (meth, mongoc_stream_tls_openssl_bio_ctrl); BIO_meth_set_create (meth, mongoc_stream_tls_openssl_bio_create); BIO_meth_set_destroy (meth, mongoc_stream_tls_openssl_bio_destroy); } return meth; }
const BIO_METHOD *BIO_f_tap(void) { static BIO_METHOD *tap = NULL; if (tap == NULL) { tap = BIO_meth_new(BIO_TYPE_START | BIO_TYPE_FILTER, "tap"); if (tap != NULL) { BIO_meth_set_write_ex(tap, tap_write_ex); BIO_meth_set_read_ex(tap, tap_read_ex); BIO_meth_set_puts(tap, tap_puts); BIO_meth_set_gets(tap, tap_gets); BIO_meth_set_ctrl(tap, tap_ctrl); BIO_meth_set_create(tap, tap_new); BIO_meth_set_destroy(tap, tap_free); BIO_meth_set_callback_ctrl(tap, tap_callback_ctrl); } } return tap; }
static BIO_METHOD * BIO_s_gst_dtls_connection (void) { if (custom_bio_methods != NULL) return custom_bio_methods; custom_bio_methods = BIO_meth_new (BIO_TYPE_BIO, "stream"); if (custom_bio_methods == NULL || !BIO_meth_set_write (custom_bio_methods, bio_method_write) || !BIO_meth_set_read (custom_bio_methods, bio_method_read) || !BIO_meth_set_ctrl (custom_bio_methods, bio_method_ctrl) || !BIO_meth_set_create (custom_bio_methods, bio_method_new) || !BIO_meth_set_destroy (custom_bio_methods, bio_method_free)) { BIO_meth_free (custom_bio_methods); return NULL; } return custom_bio_methods; }
static BIO_METHOD* BIO_s_rdg(void) { static BIO_METHOD* bio_methods = NULL; if (bio_methods == NULL) { if (!(bio_methods = BIO_meth_new(BIO_TYPE_TSG, "RDGateway"))) return NULL; BIO_meth_set_write(bio_methods, rdg_bio_write); BIO_meth_set_read(bio_methods, rdg_bio_read); BIO_meth_set_puts(bio_methods, rdg_bio_puts); BIO_meth_set_gets(bio_methods, rdg_bio_gets); BIO_meth_set_ctrl(bio_methods, rdg_bio_ctrl); BIO_meth_set_create(bio_methods, rdg_bio_new); BIO_meth_set_destroy(bio_methods, rdg_bio_free); } return bio_methods; }
BIO_METHOD* BIO_s_buffered_socket(void) { static BIO_METHOD* bio_methods = NULL; if (bio_methods == NULL) { if (!(bio_methods = BIO_meth_new(BIO_TYPE_BUFFERED, "BufferedSocket"))) return NULL; BIO_meth_set_write(bio_methods, transport_bio_buffered_write); BIO_meth_set_read(bio_methods, transport_bio_buffered_read); BIO_meth_set_puts(bio_methods, transport_bio_buffered_puts); BIO_meth_set_gets(bio_methods, transport_bio_buffered_gets); BIO_meth_set_ctrl(bio_methods, transport_bio_buffered_ctrl); BIO_meth_set_create(bio_methods, transport_bio_buffered_new); BIO_meth_set_destroy(bio_methods, transport_bio_buffered_free); } return bio_methods; }
BIO_METHOD* BIO_s_simple_socket(void) { static BIO_METHOD* bio_methods = NULL; if (bio_methods == NULL) { if (!(bio_methods = BIO_meth_new(BIO_TYPE_SIMPLE, "SimpleSocket"))) return NULL; BIO_meth_set_write(bio_methods, transport_bio_simple_write); BIO_meth_set_read(bio_methods, transport_bio_simple_read); BIO_meth_set_puts(bio_methods, transport_bio_simple_puts); BIO_meth_set_gets(bio_methods, transport_bio_simple_gets); BIO_meth_set_ctrl(bio_methods, transport_bio_simple_ctrl); BIO_meth_set_create(bio_methods, transport_bio_simple_new); BIO_meth_set_destroy(bio_methods, transport_bio_simple_free); } return bio_methods; }
BIO_METHOD* BIO_s_rdp_tls(void) { static BIO_METHOD* bio_methods = NULL; if (bio_methods == NULL) { if (!(bio_methods = BIO_meth_new(BIO_TYPE_RDP_TLS, "RdpTls"))) return NULL; BIO_meth_set_write(bio_methods, bio_rdp_tls_write); BIO_meth_set_read(bio_methods, bio_rdp_tls_read); BIO_meth_set_puts(bio_methods, bio_rdp_tls_puts); BIO_meth_set_gets(bio_methods, bio_rdp_tls_gets); BIO_meth_set_ctrl(bio_methods, bio_rdp_tls_ctrl); BIO_meth_set_create(bio_methods, bio_rdp_tls_new); BIO_meth_set_destroy(bio_methods, bio_rdp_tls_free); BIO_meth_set_callback_ctrl(bio_methods, bio_rdp_tls_callback_ctrl); } return bio_methods; }
static BIO_METHOD * my_BIO_s_socket(void) { if (!my_bio_methods) { BIO_METHOD *biom = (BIO_METHOD *) BIO_s_socket(); #ifdef HAVE_BIO_METH_NEW int my_bio_index; my_bio_index = BIO_get_new_index(); if (my_bio_index == -1) return NULL; my_bio_methods = BIO_meth_new(my_bio_index, "PostgreSQL backend socket"); if (!my_bio_methods) return NULL; if (!BIO_meth_set_write(my_bio_methods, my_sock_write) || !BIO_meth_set_read(my_bio_methods, my_sock_read) || !BIO_meth_set_gets(my_bio_methods, BIO_meth_get_gets(biom)) || !BIO_meth_set_puts(my_bio_methods, BIO_meth_get_puts(biom)) || !BIO_meth_set_ctrl(my_bio_methods, BIO_meth_get_ctrl(biom)) || !BIO_meth_set_create(my_bio_methods, BIO_meth_get_create(biom)) || !BIO_meth_set_destroy(my_bio_methods, BIO_meth_get_destroy(biom)) || !BIO_meth_set_callback_ctrl(my_bio_methods, BIO_meth_get_callback_ctrl(biom))) { BIO_meth_free(my_bio_methods); my_bio_methods = NULL; return NULL; } #else my_bio_methods = malloc(sizeof(BIO_METHOD)); if (!my_bio_methods) return NULL; memcpy(my_bio_methods, biom, sizeof(BIO_METHOD)); my_bio_methods->bread = my_sock_read; my_bio_methods->bwrite = my_sock_write; #endif } return my_bio_methods; }
/** returns a custom tls_mbuf BIO. */ BIO_METHOD* tls_BIO_mbuf(void) { #if OPENSSL_VERSION_NUMBER < 0x010100000L return &tls_mbuf_method; #else if(tls_mbuf_method != NULL) { return tls_mbuf_method; } tls_mbuf_method = BIO_meth_new(BIO_TYPE_TLS_MBUF, "sr_tls_mbuf"); if(tls_mbuf_method==NULL) { LM_ERR("cannot get a new bio method structure\n"); return NULL; } BIO_meth_set_write(tls_mbuf_method, tls_bio_mbuf_write); BIO_meth_set_read(tls_mbuf_method, tls_bio_mbuf_read); BIO_meth_set_puts(tls_mbuf_method, tls_bio_mbuf_puts); BIO_meth_set_gets(tls_mbuf_method, NULL); BIO_meth_set_ctrl(tls_mbuf_method, tls_bio_mbuf_ctrl); BIO_meth_set_create(tls_mbuf_method, tls_bio_mbuf_new); BIO_meth_set_destroy(tls_mbuf_method, tls_bio_mbuf_free); BIO_meth_set_callback_ctrl(tls_mbuf_method, NULL); return tls_mbuf_method; #endif }
static int tls_open(URLContext *h, const char *uri, int flags, AVDictionary **options) { TLSContext *p = h->priv_data; TLSShared *c = &p->tls_shared; BIO *bio; int ret; ff_openssl_init(); if ((ret = ff_tls_open_underlying(c, h, uri, options)) < 0) goto fail; // We want to support all versions of TLS >= 1.0, but not the deprecated // and insecure SSLv2 and SSLv3. Despite the name, SSLv23_*_method() // enables support for all versions of SSL and TLS, and we then disable // support for the old protocols immediately after creating the context. p->ctx = SSL_CTX_new(c->listen ? SSLv23_server_method() : SSLv23_client_method()); if (!p->ctx) { av_log(h, AV_LOG_ERROR, "%s\n", ERR_error_string(ERR_get_error(), NULL)); ret = AVERROR(EIO); goto fail; } SSL_CTX_set_options(p->ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); if (c->ca_file) SSL_CTX_load_verify_locations(p->ctx, c->ca_file, NULL); if (c->cert_file && !SSL_CTX_use_certificate_chain_file(p->ctx, c->cert_file)) { av_log(h, AV_LOG_ERROR, "Unable to load cert file %s: %s\n", c->cert_file, ERR_error_string(ERR_get_error(), NULL)); ret = AVERROR(EIO); goto fail; } if (c->key_file && !SSL_CTX_use_PrivateKey_file(p->ctx, c->key_file, SSL_FILETYPE_PEM)) { av_log(h, AV_LOG_ERROR, "Unable to load key file %s: %s\n", c->key_file, ERR_error_string(ERR_get_error(), NULL)); ret = AVERROR(EIO); goto fail; } // Note, this doesn't check that the peer certificate actually matches // the requested hostname. if (c->verify) SSL_CTX_set_verify(p->ctx, SSL_VERIFY_PEER, NULL); p->ssl = SSL_new(p->ctx); if (!p->ssl) { av_log(h, AV_LOG_ERROR, "%s\n", ERR_error_string(ERR_get_error(), NULL)); ret = AVERROR(EIO); goto fail; } #if OPENSSL_VERSION_NUMBER >= 0x1010000fL p->url_bio_method = BIO_meth_new(BIO_TYPE_SOURCE_SINK, "urlprotocol bio"); BIO_meth_set_write(p->url_bio_method, url_bio_bwrite); BIO_meth_set_read(p->url_bio_method, url_bio_bread); BIO_meth_set_puts(p->url_bio_method, url_bio_bputs); BIO_meth_set_ctrl(p->url_bio_method, url_bio_ctrl); BIO_meth_set_create(p->url_bio_method, url_bio_create); BIO_meth_set_destroy(p->url_bio_method, url_bio_destroy); bio = BIO_new(p->url_bio_method); BIO_set_data(bio, c->tcp); #else bio = BIO_new(&url_bio_method); bio->ptr = c->tcp; #endif SSL_set_bio(p->ssl, bio, bio); if (!c->listen && !c->numerichost) SSL_set_tlsext_host_name(p->ssl, c->host); ret = c->listen ? SSL_accept(p->ssl) : SSL_connect(p->ssl); if (ret == 0) { av_log(h, AV_LOG_ERROR, "Unable to negotiate TLS/SSL session\n"); ret = AVERROR(EIO); goto fail; } else if (ret < 0) { ret = print_tls_error(h, ret); goto fail; } return 0; fail: tls_close(h); return ret; }