1 line
41 KiB
C++
1 line
41 KiB
C++
|
/* Copyright (c) 2017, Computer History Museum
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted (subject to
the limitations in the disclaimer below) provided that the following conditions are met:
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of Computer History Museum nor the names of its contributors may be used to endorse or promote products
derived from this software without specific prior written permission.
NO EXPRESS OR IMPLIED LICENSES TO ANY PARTY'S PATENT RIGHTS ARE GRANTED BY THIS LICENSE. THIS SOFTWARE IS PROVIDED BY THE
COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
DAMAGE. */
/*
OpenSSL.cp
OpenSSL bits for Eudora. Match up the OpenSSL interfaces to the Eudora ones
Basic data structures:
SSL_CTX -- an SSL context. Has an connection method (client/server),
(SSL2/SSL3/TLS1) and some certs assoctiate with it. SSL_CTX_new/SSL_CTX_free.
SSL -- a SSL connection object. Manages a single SSL connection. Has an
associated SSL_CTX. SSL_new/SSL_free.
BIO - Basic I/O -- an object to run the IO. Talks to a file/socket/whatever.
There are filter bios, too. Some handle the encryption and decryption. Another
might handle logging, etc.
We define a new BIO class, that talks to an OpenTransport socket via an Eudora TransStream;
since OpenSSL doesn't know OpenTransport from Adam.
Gotchas -
1. Since the SSL_CTX knows the connection method (v2, v3, TLSV1), we can't
share the SSL_CTX between all the connections. Rats.
2. Since OpenSSL is Mach-O, but Eudora is (currently) PEF, we can't call
OpenSSL functions directly, but will have to bridge them. Also, we have to
make the function pointers that OpenSSL calls into Mach-O function pointers,
since it doesn't (again) know PEF from Adam. In particular, the BIO is a table
of function pointers.
3. OpenSSL wants the certificates in PEM format; we've got them in BER.
*/
#include "OpenSSL.h"
#include "MachOWrapper.h"
/* NO MORE "relaxed pointer rules"!!! */
#pragma mpwc_relax off
static void *MachOFunctionPointerForCFMFunctionPointer( void *cfmfp );
extern TransVector ESSLSubTrans;
#define SSL_CTRL_OPTIONS 32
#define SSL_CTX_set_options(ctx,op) \
SSL_CTX_ctrl((ctx),SSL_CTRL_OPTIONS,(op),NULL)
/* Maybe.. */
int BIO_ot_should_retry ( OTResult err );
int BIO_ot_non_fatal_error ( OTResult err );
BIO * BIO_new ( BIO_METHOD *type );
long BIO_int_ctrl(BIO *bp,int cmd,long larg,int iarg);
long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg);
/* These are the MachO function pointers for the BIO */
void *gOTWrite = NULL;
void *gOTRead = NULL;
void *gOTPuts = NULL;
void *gOTCtrl = NULL;
void *gOTNew = NULL;
void *gOTFree = NULL;
CFBundleRef gSSLBundle = NULL;
#define BIO_TYPE_OT_SOCKET (25|0x0400|0x0100)
/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
* are 'ored' with SSL_VERIFY_PEER if they are desired */
#define SSL_VERIFY_NONE 0x00
#define SSL_VERIFY_PEER 0x01
#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
#define SSL_VERIFY_CLIENT_ONC
|