summaryrefslogtreecommitdiff
path: root/src/sbearssl/sbearssl_sni_policy_init.c
blob: fd0e9468d67c0635861297e751821b89081cf5c9 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

/* ISC license. */

#include <errno.h>

#include <bearssl.h>

#include <skalibs/stralloc.h>
#include <skalibs/genalloc.h>
#include <skalibs/avltree.h>

#include <s6-networking/sbearssl.h>

#define INSTANCE(c) ((sbearssl_sni_policy_context *)(c))

static int choose (br_ssl_server_policy_class const **pctx, br_ssl_server_context const *sc, br_ssl_server_choices *choices)
{
  sbearssl_sni_policy_context *pol = INSTANCE(pctx) ;
  uint32_t n ;
  char const *servername = br_ssl_engine_get_server_name(&sc->eng) ;
  if (!avltree_search(&pol->map, servername, &n)
   && (!servername[0] || !avltree_search(&pol->map, "", &n)))
    return 0 ;
  avltree_free(&pol->map) ;
  copy_and_free(pol, n) ;
}

static uint32_t do_keyx (br_ssl_server_policy_class const **pctx, unsigned char *data, size_t *len)
{
  sbearssl_sni_policy_context *pol = INSTANCE(pctx) ;
  switch (pol->skey.type)
  {
    case BR_KEYTYPE_RSA : return kx_rsa(pol, data, len) ;
    case BR_KEYTYPE_EC : return kx_ec(pol, data, len) ;
    default : return 0 ;
  }
}

static size_t do_sign (br_ssl_server_policy_class const **pctx, unsigned int algo_id, unsigned char *data, size_t hv_len, size_t len)
{
  sbearssl_sni_policy_context *pol = INSTANCE(pctx) ;
  switch (pol->skey.type)
  {
    case BR_KEYTYPE_RSA : return sign_rsa(pol, algo_id, data, hv_len, len) ;
    case BR_KEYTYPE_EC : return sign_ec(pol, algo_id, data, hv_len, len) ;
    default : return 0 ;
  }
}

static br_ssl_server_policy_class const vtable =
{
  .context_size = sizeof(sbearssl_sni_policy_context),
  .choose = &choose,
  .do_keyx = &do_keyx,
  .do_sign = &do_sign
} ;

static void *sbearssl_sni_policy_node_dtok (uint32_t d, void *data)
{
  return ((sbearssl_sni_policy_context *)data)->storage.s + d ;
}

static int sbearssl_sni_policy_node_cmp (void const *a, void const *b, void *data)
{
  (void)data ;
  return strcmp((char const *)a, (char const *)b) ;
}

void sbearssl_sni_policy_init (sbearssl_sni_policy_context *pol)
{
  pol->vtable = &vtable ;
  pol->map = avltree_zero ;
  pol->mapga = genalloc_zero ;
  pol->certga = genalloc_zero ;
  pol->storage = GENALLOC_ZERO ;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-19 21:45:51 +0000