static struct CRYPTO_dynlock_value * ossl_dyn_create_callback(const char *file, int line) { /* Do not use xmalloc() here, since it may raise NoMemoryError */ struct CRYPTO_dynlock_value *dynlock = OPENSSL_malloc(sizeof(struct CRYPTO_dynlock_value)); if (dynlock) ossl_lock_init(dynlock); return dynlock; }
static void Init_ossl_locks(void) { int i; int num_locks = CRYPTO_num_locks(); ossl_locks = ALLOC_N(struct CRYPTO_dynlock_value, num_locks); for (i = 0; i < num_locks; i++) ossl_lock_init(&ossl_locks[i]); CRYPTO_THREADID_set_callback(ossl_threadid_func); CRYPTO_set_locking_callback(ossl_lock_callback); CRYPTO_set_dynlock_create_callback(ossl_dyn_create_callback); CRYPTO_set_dynlock_lock_callback(ossl_dyn_lock_callback); CRYPTO_set_dynlock_destroy_callback(ossl_dyn_destroy_callback); }
static void ossl_init_locks(void) { unsigned ii, nlocks; if (CRYPTO_get_locking_callback() != NULL) { /* Someone already set the callback before us. Don't destroy it! */ return; } nlocks = CRYPTO_num_locks(); ossl_locks = malloc(sizeof(*ossl_locks) * nlocks); for (ii = 0; ii < nlocks; ii++) { ossl_lock_init(ossl_locks + ii); } CRYPTO_set_locking_callback(ossl_lockfn); }
void Init_ossl_ssl() { int i; VALUE ary; #if 0 /* let rdoc know about mOSSL */ mOSSL = rb_define_module("OpenSSL"); #endif ID_callback_state = rb_intern("@callback_state"); ossl_ssl_ex_vcb_idx = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_vcb_idx",0,0,0); ossl_ssl_ex_store_p = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_store_p",0,0,0); ossl_ssl_ex_ptr_idx = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_ptr_idx",0,0,0); ossl_ssl_ex_client_cert_cb_idx = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_client_cert_cb_idx",0,0,0); ossl_ssl_ex_tmp_dh_callback_idx = SSL_get_ex_new_index(0,(void *)"ossl_ssl_ex_tmp_dh_callback_idx",0,0,0); mSSL = rb_define_module_under(mOSSL, "SSL"); eSSLError = rb_define_class_under(mSSL, "SSLError", eOSSLError); Init_ossl_ssl_session(); /* class SSLContext * * The following attributes are available but don't show up in rdoc. * All attributes must be set before calling SSLSocket.new(io, ctx). * * ssl_version, cert, key, client_ca, ca_file, ca_path, timeout, * * verify_mode, verify_depth client_cert_cb, tmp_dh_callback, * * session_id_context, session_add_cb, session_new_cb, session_remove_cb */ cSSLContext = rb_define_class_under(mSSL, "SSLContext", rb_cObject); rb_objc_define_method(*(VALUE *)cSSLContext, "alloc", ossl_sslctx_s_alloc, 0); for(i = 0; i < numberof(ossl_sslctx_attrs); i++) rb_attr(cSSLContext, rb_intern(ossl_sslctx_attrs[i]), 1, 1, Qfalse); rb_define_alias(cSSLContext, "ssl_timeout", "timeout"); rb_define_alias(cSSLContext, "ssl_timeout=", "timeout="); rb_objc_define_method(cSSLContext, "initialize", ossl_sslctx_initialize, -1); rb_objc_define_method(cSSLContext, "ssl_version=", ossl_sslctx_set_ssl_version, 1); rb_objc_define_method(cSSLContext, "ciphers", ossl_sslctx_get_ciphers, 0); rb_objc_define_method(cSSLContext, "ciphers=", ossl_sslctx_set_ciphers, 1); rb_objc_define_method(cSSLContext, "setup", ossl_sslctx_setup, 0); rb_define_const(cSSLContext, "SESSION_CACHE_OFF", LONG2FIX(SSL_SESS_CACHE_OFF)); rb_define_const(cSSLContext, "SESSION_CACHE_CLIENT", LONG2FIX(SSL_SESS_CACHE_CLIENT)); /* doesn't actually do anything in 0.9.8e */ rb_define_const(cSSLContext, "SESSION_CACHE_SERVER", LONG2FIX(SSL_SESS_CACHE_SERVER)); rb_define_const(cSSLContext, "SESSION_CACHE_BOTH", LONG2FIX(SSL_SESS_CACHE_BOTH)); /* no different than CACHE_SERVER in 0.9.8e */ rb_define_const(cSSLContext, "SESSION_CACHE_NO_AUTO_CLEAR", LONG2FIX(SSL_SESS_CACHE_NO_AUTO_CLEAR)); rb_define_const(cSSLContext, "SESSION_CACHE_NO_INTERNAL_LOOKUP", LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL_LOOKUP)); rb_define_const(cSSLContext, "SESSION_CACHE_NO_INTERNAL_STORE", LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL_STORE)); rb_define_const(cSSLContext, "SESSION_CACHE_NO_INTERNAL", LONG2FIX(SSL_SESS_CACHE_NO_INTERNAL)); rb_objc_define_method(cSSLContext, "session_add", ossl_sslctx_session_add, 1); rb_objc_define_method(cSSLContext, "session_remove", ossl_sslctx_session_remove, 1); rb_objc_define_method(cSSLContext, "session_cache_mode", ossl_sslctx_get_session_cache_mode, 0); rb_objc_define_method(cSSLContext, "session_cache_mode=", ossl_sslctx_set_session_cache_mode, 1); rb_objc_define_method(cSSLContext, "session_cache_size", ossl_sslctx_get_session_cache_size, 0); rb_objc_define_method(cSSLContext, "session_cache_size=", ossl_sslctx_set_session_cache_size, 1); rb_objc_define_method(cSSLContext, "session_cache_stats", ossl_sslctx_get_session_cache_stats, 0); rb_objc_define_method(cSSLContext, "flush_sessions", ossl_sslctx_flush_sessions, -1); ary = rb_ary_new2(numberof(ossl_ssl_method_tab)); for (i = 0; i < numberof(ossl_ssl_method_tab); i++) { rb_ary_push(ary, ID2SYM(rb_intern(ossl_ssl_method_tab[i].name))); } rb_obj_freeze(ary); /* holds a list of available SSL/TLS methods */ rb_define_const(cSSLContext, "METHODS", ary); /* class SSLSocket * * The following attributes are available but don't show up in rdoc. * * io, context, sync_close * */ cSSLSocket = rb_define_class_under(mSSL, "SSLSocket", rb_cObject); rb_objc_define_method(*(VALUE *)cSSLSocket, "alloc", ossl_ssl_s_alloc, 0); for(i = 0; i < numberof(ossl_ssl_attr_readers); i++) rb_attr(cSSLSocket, rb_intern(ossl_ssl_attr_readers[i]), 1, 0, Qfalse); for(i = 0; i < numberof(ossl_ssl_attrs); i++) rb_attr(cSSLSocket, rb_intern(ossl_ssl_attrs[i]), 1, 1, Qfalse); rb_define_alias(cSSLSocket, "to_io", "io"); rb_objc_define_method(cSSLSocket, "initialize", ossl_ssl_initialize, -1); rb_objc_define_method(cSSLSocket, "connect", ossl_ssl_connect, 0); rb_objc_define_method(cSSLSocket, "connect_nonblock", ossl_ssl_connect_nonblock, 0); rb_objc_define_method(cSSLSocket, "accept", ossl_ssl_accept, 0); rb_objc_define_method(cSSLSocket, "accept_nonblock", ossl_ssl_accept_nonblock, 0); rb_objc_define_method(cSSLSocket, "sysread", ossl_ssl_read, -1); rb_objc_define_private_method(cSSLSocket, "sysread_nonblock", ossl_ssl_read_nonblock, -1); rb_objc_define_method(cSSLSocket, "syswrite", ossl_ssl_write, 1); rb_objc_define_private_method(cSSLSocket, "syswrite_nonblock", ossl_ssl_write_nonblock, 1); rb_objc_define_method(cSSLSocket, "sysclose", ossl_ssl_close, 0); rb_objc_define_method(cSSLSocket, "cert", ossl_ssl_get_cert, 0); rb_objc_define_method(cSSLSocket, "peer_cert", ossl_ssl_get_peer_cert, 0); rb_objc_define_method(cSSLSocket, "peer_cert_chain", ossl_ssl_get_peer_cert_chain, 0); rb_objc_define_method(cSSLSocket, "cipher", ossl_ssl_get_cipher, 0); rb_objc_define_method(cSSLSocket, "state", ossl_ssl_get_state, 0); rb_objc_define_method(cSSLSocket, "pending", ossl_ssl_pending, 0); rb_objc_define_method(cSSLSocket, "session_reused?", ossl_ssl_session_reused, 0); rb_objc_define_method(cSSLSocket, "session=", ossl_ssl_set_session, 1); rb_objc_define_method(cSSLSocket, "verify_result", ossl_ssl_get_verify_result, 0); #define ossl_ssl_def_const(x) rb_define_const(mSSL, #x, INT2NUM(SSL_##x)) ossl_ssl_def_const(VERIFY_NONE); ossl_ssl_def_const(VERIFY_PEER); ossl_ssl_def_const(VERIFY_FAIL_IF_NO_PEER_CERT); ossl_ssl_def_const(VERIFY_CLIENT_ONCE); /* Introduce constants included in OP_ALL. These constants are mostly for * unset some bits in OP_ALL such as; * ctx.options = OP_ALL & ~OP_DONT_INSERT_EMPTY_FRAGMENTS */ ossl_ssl_def_const(OP_MICROSOFT_SESS_ID_BUG); ossl_ssl_def_const(OP_NETSCAPE_CHALLENGE_BUG); ossl_ssl_def_const(OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG); ossl_ssl_def_const(OP_SSLREF2_REUSE_CERT_TYPE_BUG); ossl_ssl_def_const(OP_MICROSOFT_BIG_SSLV3_BUFFER); ossl_ssl_def_const(OP_MSIE_SSLV2_RSA_PADDING); ossl_ssl_def_const(OP_SSLEAY_080_CLIENT_DH_BUG); ossl_ssl_def_const(OP_TLS_D5_BUG); ossl_ssl_def_const(OP_TLS_BLOCK_PADDING_BUG); ossl_ssl_def_const(OP_DONT_INSERT_EMPTY_FRAGMENTS); ossl_ssl_def_const(OP_ALL); #if defined(SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION) ossl_ssl_def_const(OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION); #endif #if defined(SSL_OP_SINGLE_ECDH_USE) ossl_ssl_def_const(OP_SINGLE_ECDH_USE); #endif ossl_ssl_def_const(OP_SINGLE_DH_USE); ossl_ssl_def_const(OP_EPHEMERAL_RSA); #if defined(SSL_OP_CIPHER_SERVER_PREFERENCE) ossl_ssl_def_const(OP_CIPHER_SERVER_PREFERENCE); #endif ossl_ssl_def_const(OP_TLS_ROLLBACK_BUG); ossl_ssl_def_const(OP_NO_SSLv2); ossl_ssl_def_const(OP_NO_SSLv3); ossl_ssl_def_const(OP_NO_TLSv1); #if defined(SSL_OP_NO_TICKET) ossl_ssl_def_const(OP_NO_TICKET); #endif ossl_ssl_def_const(OP_PKCS1_CHECK_1); ossl_ssl_def_const(OP_PKCS1_CHECK_2); ossl_ssl_def_const(OP_NETSCAPE_CA_DN_BUG); ossl_ssl_def_const(OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); ossl_lock_init(); }