diff options
author | June McEnroe <june@causal.agency> | 2020-07-27 21:55:29 -0400 |
---|---|---|
committer | June McEnroe <june@causal.agency> | 2020-07-30 19:02:22 -0400 |
commit | 4bb261b015d382a567563571ae4d399a16caebe2 (patch) | |
tree | 19862c3060f67c92df964ed948084e234e7a4952 /include | |
parent | import: Add script to extract libtls from libressl-portable (diff) | |
download | libretls-4bb261b015d382a567563571ae4d399a16caebe2.tar.gz libretls-4bb261b015d382a567563571ae4d399a16caebe2.zip |
Import LibreSSL 3.2.0
Diffstat (limited to '')
-rw-r--r-- | include/Makefile.am | 45 | ||||
-rw-r--r-- | include/compat/arpa/inet.h | 15 | ||||
-rw-r--r-- | include/compat/fcntl.h | 32 | ||||
-rw-r--r-- | include/compat/limits.h | 25 | ||||
-rw-r--r-- | include/compat/netdb.h | 10 | ||||
-rw-r--r-- | include/compat/netinet/in.h | 19 | ||||
-rw-r--r-- | include/compat/netinet/ip.h | 47 | ||||
-rw-r--r-- | include/compat/netinet/tcp.h | 10 | ||||
-rw-r--r-- | include/compat/pthread.h | 86 | ||||
-rw-r--r-- | include/compat/stdio.h | 51 | ||||
-rw-r--r-- | include/compat/stdlib.h | 47 | ||||
-rw-r--r-- | include/compat/string.h | 87 | ||||
-rw-r--r-- | include/compat/sys/ioctl.h | 11 | ||||
-rw-r--r-- | include/compat/sys/mman.h | 19 | ||||
-rw-r--r-- | include/compat/sys/param.h | 15 | ||||
-rw-r--r-- | include/compat/sys/socket.h | 17 | ||||
-rw-r--r-- | include/compat/sys/stat.h | 121 | ||||
-rw-r--r-- | include/compat/sys/time.h | 28 | ||||
-rw-r--r-- | include/compat/sys/types.h | 81 | ||||
-rw-r--r-- | include/compat/time.h | 60 | ||||
-rw-r--r-- | include/compat/unistd.h | 78 | ||||
-rw-r--r-- | include/compat/win32netcompat.h | 57 | ||||
-rw-r--r-- | include/tls.h | 226 |
23 files changed, 1187 insertions, 0 deletions
diff --git a/include/Makefile.am b/include/Makefile.am new file mode 100644 index 0000000..6d808cc --- /dev/null +++ b/include/Makefile.am @@ -0,0 +1,45 @@ +include $(top_srcdir)/Makefile.am.common + +EXTRA_DIST = CMakeLists.txt + +SUBDIRS = openssl + +noinst_HEADERS = pqueue.h +noinst_HEADERS += compat/dirent.h +noinst_HEADERS += compat/dirent_msvc.h +noinst_HEADERS += compat/err.h +noinst_HEADERS += compat/fcntl.h +noinst_HEADERS += compat/limits.h +noinst_HEADERS += compat/netdb.h +noinst_HEADERS += compat/poll.h +noinst_HEADERS += compat/pthread.h +noinst_HEADERS += compat/readpassphrase.h +noinst_HEADERS += compat/resolv.h +noinst_HEADERS += compat/stdio.h +noinst_HEADERS += compat/stdlib.h +noinst_HEADERS += compat/string.h +noinst_HEADERS += compat/syslog.h +noinst_HEADERS += compat/time.h +noinst_HEADERS += compat/unistd.h +noinst_HEADERS += compat/win32netcompat.h + +noinst_HEADERS += compat/arpa/inet.h +noinst_HEADERS += compat/arpa/nameser.h + +noinst_HEADERS += compat/machine/endian.h + +noinst_HEADERS += compat/netinet/in.h +noinst_HEADERS += compat/netinet/ip.h +noinst_HEADERS += compat/netinet/tcp.h + +noinst_HEADERS += compat/sys/ioctl.h +noinst_HEADERS += compat/sys/mman.h +noinst_HEADERS += compat/sys/param.h +noinst_HEADERS += compat/sys/select.h +noinst_HEADERS += compat/sys/socket.h +noinst_HEADERS += compat/sys/stat.h +noinst_HEADERS += compat/sys/time.h +noinst_HEADERS += compat/sys/types.h +noinst_HEADERS += compat/sys/uio.h + +include_HEADERS = tls.h diff --git a/include/compat/arpa/inet.h b/include/compat/arpa/inet.h new file mode 100644 index 0000000..4422f41 --- /dev/null +++ b/include/compat/arpa/inet.h @@ -0,0 +1,15 @@ +/* + * Public domain + * arpa/inet.h compatibility shim + */ + +#ifndef _WIN32 +#include_next <arpa/inet.h> +#else +#include <win32netcompat.h> + +#ifndef AI_ADDRCONFIG +#define AI_ADDRCONFIG 0x00000400 +#endif + +#endif diff --git a/include/compat/fcntl.h b/include/compat/fcntl.h new file mode 100644 index 0000000..7dfedc6 --- /dev/null +++ b/include/compat/fcntl.h @@ -0,0 +1,32 @@ +/* + * Public domain + * fcntl.h compatibility shim + */ + +#ifndef _WIN32 +#include_next <fcntl.h> +#else + +#ifdef _MSC_VER +#if _MSC_VER >= 1900 +#include <../ucrt/fcntl.h> +#else +#include <../include/fcntl.h> +#endif +#else +#include_next <fcntl.h> +#endif + +#endif + +#ifndef O_NONBLOCK +#define O_NONBLOCK 0x100000 +#endif + +#ifndef O_CLOEXEC +#define O_CLOEXEC 0x200000 +#endif + +#ifndef FD_CLOEXEC +#define FD_CLOEXEC 1 +#endif diff --git a/include/compat/limits.h b/include/compat/limits.h new file mode 100644 index 0000000..73cccfc --- /dev/null +++ b/include/compat/limits.h @@ -0,0 +1,25 @@ +/* + * Public domain + * limits.h compatibility shim + */ + +#ifdef _MSC_VER +#include <../include/limits.h> +#if _MSC_VER >= 1900 +#include <../ucrt/stdlib.h> +#else +#include <../include/stdlib.h> +#endif +#ifndef PATH_MAX +#define PATH_MAX _MAX_PATH +#endif +#else +#include_next <limits.h> +#endif + +#ifdef __hpux +#include <sys/param.h> +#ifndef PATH_MAX +#define PATH_MAX MAXPATHLEN +#endif +#endif diff --git a/include/compat/netdb.h b/include/compat/netdb.h new file mode 100644 index 0000000..d36b91d --- /dev/null +++ b/include/compat/netdb.h @@ -0,0 +1,10 @@ +/* + * Public domain + * netdb.h compatibility shim + */ + +#ifndef _WIN32 +#include_next <netdb.h> +#else +#include <win32netcompat.h> +#endif diff --git a/include/compat/netinet/in.h b/include/compat/netinet/in.h new file mode 100644 index 0000000..d1afb27 --- /dev/null +++ b/include/compat/netinet/in.h @@ -0,0 +1,19 @@ +/* + * Public domain + * netinet/in.h compatibility shim + */ + +#ifndef _WIN32 +#include_next <netinet/in.h> +#else +#include <win32netcompat.h> +#endif + +#ifndef LIBCRYPTOCOMPAT_NETINET_IN_H +#define LIBCRYPTOCOMPAT_NETINET_IN_H + +#ifdef __ANDROID__ +typedef uint16_t in_port_t; +#endif + +#endif diff --git a/include/compat/netinet/ip.h b/include/compat/netinet/ip.h new file mode 100644 index 0000000..6019f7d --- /dev/null +++ b/include/compat/netinet/ip.h @@ -0,0 +1,47 @@ +/* + * Public domain + * netinet/ip.h compatibility shim + */ + +#if defined(__hpux) +#include <netinet/in_systm.h> +#endif + +#ifndef _WIN32 +#include_next <netinet/ip.h> +#else +#include <win32netcompat.h> +#endif + +/* + * Definitions for DiffServ Codepoints as per RFC2474 + */ +#ifndef IPTOS_DSCP_CS0 +#define IPTOS_DSCP_CS0 0x00 +#define IPTOS_DSCP_CS1 0x20 +#define IPTOS_DSCP_CS2 0x40 +#define IPTOS_DSCP_CS3 0x60 +#define IPTOS_DSCP_CS4 0x80 +#define IPTOS_DSCP_CS5 0xa0 +#define IPTOS_DSCP_CS6 0xc0 +#define IPTOS_DSCP_CS7 0xe0 +#endif + +#ifndef IPTOS_DSCP_AF11 +#define IPTOS_DSCP_AF11 0x28 +#define IPTOS_DSCP_AF12 0x30 +#define IPTOS_DSCP_AF13 0x38 +#define IPTOS_DSCP_AF21 0x48 +#define IPTOS_DSCP_AF22 0x50 +#define IPTOS_DSCP_AF23 0x58 +#define IPTOS_DSCP_AF31 0x68 +#define IPTOS_DSCP_AF32 0x70 +#define IPTOS_DSCP_AF33 0x78 +#define IPTOS_DSCP_AF41 0x88 +#define IPTOS_DSCP_AF42 0x90 +#define IPTOS_DSCP_AF43 0x98 +#endif + +#ifndef IPTOS_DSCP_EF +#define IPTOS_DSCP_EF 0xb8 +#endif diff --git a/include/compat/netinet/tcp.h b/include/compat/netinet/tcp.h new file mode 100644 index 0000000..c98cf74 --- /dev/null +++ b/include/compat/netinet/tcp.h @@ -0,0 +1,10 @@ +/* + * Public domain + * netinet/tcp.h compatibility shim + */ + +#ifndef _WIN32 +#include_next <netinet/tcp.h> +#else +#include <win32netcompat.h> +#endif diff --git a/include/compat/pthread.h b/include/compat/pthread.h new file mode 100644 index 0000000..8b8c3c6 --- /dev/null +++ b/include/compat/pthread.h @@ -0,0 +1,86 @@ +/* + * Public domain + * pthread.h compatibility shim + */ + +#ifndef LIBCRYPTOCOMPAT_PTHREAD_H +#define LIBCRYPTOCOMPAT_PTHREAD_H + +#ifdef _WIN32 + +#include <windows.h> + +/* + * Static once initialization values. + */ +#define PTHREAD_ONCE_INIT { INIT_ONCE_STATIC_INIT } + +/* + * Once definitions. + */ +struct pthread_once { + INIT_ONCE once; +}; +typedef struct pthread_once pthread_once_t; + +static inline BOOL CALLBACK +_pthread_once_win32_cb(PINIT_ONCE once, PVOID param, PVOID *context) +{ + void (*cb) (void) = param; + cb(); + return TRUE; +} + +static inline int +pthread_once(pthread_once_t *once, void (*cb) (void)) +{ + BOOL rc = InitOnceExecuteOnce(&once->once, _pthread_once_win32_cb, cb, NULL); + if (rc == 0) + return -1; + else + return 0; +} + +typedef DWORD pthread_t; + +static inline pthread_t +pthread_self(void) +{ + return GetCurrentThreadId(); +} + +static inline int +pthread_equal(pthread_t t1, pthread_t t2) +{ + return t1 == t2; +} + +typedef CRITICAL_SECTION pthread_mutex_t; +typedef void pthread_mutexattr_t; + +static inline int +pthread_mutex_init(pthread_mutex_t *mutex, const pthread_mutexattr_t *attr) +{ + InitializeCriticalSection(mutex); + return 0; +} + +static inline int +pthread_mutex_lock(pthread_mutex_t *mutex) +{ + EnterCriticalSection(mutex); + return 0; +} + +static inline int +pthread_mutex_unlock(pthread_mutex_t *mutex) +{ + LeaveCriticalSection(mutex); + return 0; +} + +#else +#include_next <pthread.h> +#endif + +#endif diff --git a/include/compat/stdio.h b/include/compat/stdio.h new file mode 100644 index 0000000..d5725c9 --- /dev/null +++ b/include/compat/stdio.h @@ -0,0 +1,51 @@ +/* + * Public domain + * stdio.h compatibility shim + */ + +#ifndef LIBCRYPTOCOMPAT_STDIO_H +#define LIBCRYPTOCOMPAT_STDIO_H + +#ifdef _MSC_VER +#if _MSC_VER >= 1900 +#include <../ucrt/stdlib.h> +#include <../ucrt/corecrt_io.h> +#include <../ucrt/stdio.h> +#else +#include <../include/stdio.h> +#endif +#else +#include_next <stdio.h> +#endif + +#ifndef HAVE_ASPRINTF +#include <stdarg.h> +int vasprintf(char **str, const char *fmt, va_list ap); +int asprintf(char **str, const char *fmt, ...); +#endif + +#ifdef _WIN32 + +#if defined(_MSC_VER) +#define __func__ __FUNCTION__ +#endif + +void posix_perror(const char *s); +FILE * posix_fopen(const char *path, const char *mode); +char * posix_fgets(char *s, int size, FILE *stream); +int posix_rename(const char *oldpath, const char *newpath); + +#ifndef NO_REDEF_POSIX_FUNCTIONS +#define perror(errnum) posix_perror(errnum) +#define fopen(path, mode) posix_fopen(path, mode) +#define fgets(s, size, stream) posix_fgets(s, size, stream) +#define rename(oldpath, newpath) posix_rename(oldpath, newpath) +#endif + +#ifdef _MSC_VER +#define snprintf _snprintf +#endif + +#endif + +#endif diff --git a/include/compat/stdlib.h b/include/compat/stdlib.h new file mode 100644 index 0000000..2eaea24 --- /dev/null +++ b/include/compat/stdlib.h @@ -0,0 +1,47 @@ +/* + * stdlib.h compatibility shim + * Public domain + */ + +#ifdef _MSC_VER +#if _MSC_VER >= 1900 +#include <../ucrt/stdlib.h> +#else +#include <../include/stdlib.h> +#endif +#else +#include_next <stdlib.h> +#endif + +#ifndef LIBCRYPTOCOMPAT_STDLIB_H +#define LIBCRYPTOCOMPAT_STDLIB_H + +#include <sys/types.h> +#include <stdint.h> + +#ifndef HAVE_ARC4RANDOM_BUF +uint32_t arc4random(void); +void arc4random_buf(void *_buf, size_t n); +uint32_t arc4random_uniform(uint32_t upper_bound); +#endif + +#ifndef HAVE_FREEZERO +void freezero(void *ptr, size_t sz); +#endif + +#ifndef HAVE_GETPROGNAME +const char * getprogname(void); +#endif + +void *reallocarray(void *, size_t, size_t); + +#ifndef HAVE_RECALLOCARRAY +void *recallocarray(void *, size_t, size_t, size_t); +#endif + +#ifndef HAVE_STRTONUM +long long strtonum(const char *nptr, long long minval, + long long maxval, const char **errstr); +#endif + +#endif diff --git a/include/compat/string.h b/include/compat/string.h new file mode 100644 index 0000000..4bf7519 --- /dev/null +++ b/include/compat/string.h @@ -0,0 +1,87 @@ +/* + * Public domain + * string.h compatibility shim + */ + +#ifndef LIBCRYPTOCOMPAT_STRING_H +#define LIBCRYPTOCOMPAT_STRING_H + +#ifdef _MSC_VER +#if _MSC_VER >= 1900 +#include <../ucrt/string.h> +#else +#include <../include/string.h> +#endif +#else +#include_next <string.h> +#endif + +#include <sys/types.h> + +#if defined(__sun) || defined(_AIX) || defined(__hpux) +/* Some functions historically defined in string.h were placed in strings.h by + * SUS. Use the same hack as OS X and FreeBSD use to work around on AIX, + * Solaris, and HPUX. + */ +#include <strings.h> +#endif + +#ifndef HAVE_STRCASECMP +int strcasecmp(const char *s1, const char *s2); +int strncasecmp(const char *s1, const char *s2, size_t len); +#endif + +#ifndef HAVE_STRLCPY +size_t strlcpy(char *dst, const char *src, size_t siz); +#endif + +#ifndef HAVE_STRLCAT +size_t strlcat(char *dst, const char *src, size_t siz); +#endif + +#ifndef HAVE_STRNDUP +char * strndup(const char *str, size_t maxlen); +/* the only user of strnlen is strndup, so only build it if needed */ +#ifndef HAVE_STRNLEN +size_t strnlen(const char *str, size_t maxlen); +#endif +#endif + +#ifndef HAVE_STRSEP +char *strsep(char **stringp, const char *delim); +#endif + +#ifndef HAVE_EXPLICIT_BZERO +void explicit_bzero(void *, size_t); +#endif + +#ifndef HAVE_TIMINGSAFE_BCMP +int timingsafe_bcmp(const void *b1, const void *b2, size_t n); +#endif + +#ifndef HAVE_TIMINGSAFE_MEMCMP +int timingsafe_memcmp(const void *b1, const void *b2, size_t len); +#endif + +#ifndef HAVE_MEMMEM +void * memmem(const void *big, size_t big_len, const void *little, + size_t little_len); +#endif + +#ifdef _WIN32 +#include <errno.h> + +static inline char * +posix_strerror(int errnum) +{ + if (errnum == ECONNREFUSED) { + return "Connection refused"; + } + return strerror(errnum); +} + +#define strerror(errnum) posix_strerror(errnum) + +#endif + +#endif diff --git a/include/compat/sys/ioctl.h b/include/compat/sys/ioctl.h new file mode 100644 index 0000000..a255506 --- /dev/null +++ b/include/compat/sys/ioctl.h @@ -0,0 +1,11 @@ +/* + * Public domain + * sys/ioctl.h compatibility shim + */ + +#ifndef _WIN32 +#include_next <sys/ioctl.h> +#else +#include <win32netcompat.h> +#define ioctl(fd, type, arg) ioctlsocket(fd, type, arg) +#endif diff --git a/include/compat/sys/mman.h b/include/compat/sys/mman.h new file mode 100644 index 0000000..d9eb6a9 --- /dev/null +++ b/include/compat/sys/mman.h @@ -0,0 +1,19 @@ +/* + * Public domain + * sys/mman.h compatibility shim + */ + +#include_next <sys/mman.h> + +#ifndef LIBCRYPTOCOMPAT_MMAN_H +#define LIBCRYPTOCOMPAT_MMAN_H + +#ifndef MAP_ANON +#ifdef MAP_ANONYMOUS +#define MAP_ANON MAP_ANONYMOUS +#else +#error "System does not support mapping anonymous pages?" +#endif +#endif + +#endif diff --git a/include/compat/sys/param.h b/include/compat/sys/param.h new file mode 100644 index 0000000..70488f8 --- /dev/null +++ b/include/compat/sys/param.h @@ -0,0 +1,15 @@ +/* + * Public domain + * sys/param.h compatibility shim + */ + +#ifndef LIBCRYPTOCOMPAT_SYS_PARAM_H +#define LIBCRYPTOCOMPAT_SYS_PARAM_H + +#ifdef _MSC_VER +#include <winsock2.h> +#else +#include_next <sys/param.h> +#endif + +#endif diff --git a/include/compat/sys/socket.h b/include/compat/sys/socket.h new file mode 100644 index 0000000..10eb05f --- /dev/null +++ b/include/compat/sys/socket.h @@ -0,0 +1,17 @@ +/* + * Public domain + * sys/socket.h compatibility shim + */ + +#ifndef _WIN32 +#include_next <sys/socket.h> +#else +#include <win32netcompat.h> +#endif + +#if !defined(SOCK_NONBLOCK) || !defined(SOCK_CLOEXEC) +#define SOCK_CLOEXEC 0x8000 /* set FD_CLOEXEC */ +#define SOCK_NONBLOCK 0x4000 /* set O_NONBLOCK */ +int bsd_socketpair(int domain, int type, int protocol, int socket_vector[2]); +#define socketpair(d,t,p,sv) bsd_socketpair(d,t,p,sv) +#endif diff --git a/include/compat/sys/stat.h b/include/compat/sys/stat.h new file mode 100644 index 0000000..b88da1d --- /dev/null +++ b/include/compat/sys/stat.h @@ -0,0 +1,121 @@ +/* + * Public domain + * sys/stat.h compatibility shim + */ + +#ifndef LIBCRYPTOCOMPAT_SYS_STAT_H +#define LIBCRYPTOCOMPAT_SYS_STAT_H + +#ifndef _MSC_VER +#include_next <sys/stat.h> + +/* for old MinGW */ +#ifndef S_IRWXU +#define S_IRWXU 0 +#endif +#ifndef S_IRWXG +#define S_IRWXG 0 +#endif +#ifndef S_IRGRP +#define S_IRGRP 0 +#endif +#ifndef S_IRWXO +#define S_IRWXO 0 +#endif +#ifndef S_IROTH +#define S_IROTH 0 +#endif + +#else + +#include <windows.h> +#if _MSC_VER >= 1900 +#include <../ucrt/sys/stat.h> +#else +#include <../include/sys/stat.h> +#endif + +/* File type and permission flags for stat() */ +#if !defined(S_IFMT) +# define S_IFMT _S_IFMT /* File type mask */ +#endif +#if !defined(S_IFDIR) +# define S_IFDIR _S_IFDIR /* Directory */ +#endif +#if !defined(S_IFCHR) +# define S_IFCHR _S_IFCHR /* Character device */ +#endif +#if !defined(S_IFFIFO) +# define S_IFFIFO _S_IFFIFO /* Pipe */ +#endif +#if !defined(S_IFREG) +# define S_IFREG _S_IFREG /* Regular file */ +#endif +#if !defined(S_IREAD) +# define S_IREAD _S_IREAD /* Read permission */ +#endif +#if !defined(S_IWRITE) +# define S_IWRITE _S_IWRITE /* Write permission */ +#endif +#if !defined(S_IEXEC) +# define S_IEXEC _S_IEXEC /* Execute permission */ +#endif +#if !defined(S_IFIFO) +# define S_IFIFO _S_IFIFO /* Pipe */ +#endif +#if !defined(S_IFBLK) +# define S_IFBLK 0 /* Block device */ +#endif +#if !defined(S_IFLNK) +# define S_IFLNK 0 /* Link */ +#endif +#if !defined(S_IFSOCK) +# define S_IFSOCK 0 /* Socket */ +#endif + +#if defined(_MSC_VER) +# define S_IRWXU 0 /* RWX user */ +# define S_IRUSR S_IREAD /* Read user */ +# define S_IWUSR S_IWRITE /* Write user */ +# define S_IXUSR 0 /* Execute user */ +# define S_IRWXG 0 /* RWX group */ +# define S_IRGRP 0 /* Read group */ +# define S_IWGRP 0 /* Write group */ +# define S_IXGRP 0 /* Execute group */ +# define S_IRWXO 0 /* RWX others */ +# define S_IROTH 0 /* Read others */ +# define S_IWOTH 0 /* Write others */ +# define S_IXOTH 0 /* Execute others */ +#endif + +/* File type flags for d_type */ +#define DT_UNKNOWN 0 +#define DT_REG S_IFREG +#define DT_DIR S_IFDIR +#define DT_FIFO S_IFIFO +#define DT_SOCK S_IFSOCK +#define DT_CHR S_IFCHR +#define DT_BLK S_IFBLK +#define DT_LNK S_IFLNK + +/* Macros for converting between st_mode and d_type */ +#define IFTODT(mode) ((mode) & S_IFMT) +#define DTTOIF(type) (type) + +/* + * File type macros. Note that block devices, sockets and links cannot be + * distinguished on Windows and the macros S_ISBLK, S_ISSOCK and S_ISLNK are + * only defined for compatibility. These macros should always return false + * on Windows. + */ +#define S_ISFIFO(mode) (((mode) & S_IFMT) == S_IFIFO) +#define S_ISDIR(mode) (((mode) & S_IFMT) == S_IFDIR) +#define S_ISREG(mode) (((mode) & S_IFMT) == S_IFREG) +#define S_ISLNK(mode) (((mode) & S_IFMT) == S_IFLNK) +#define S_ISSOCK(mode) (((mode) & S_IFMT) == S_IFSOCK) +#define S_ISCHR(mode) (((mode) & S_IFMT) == S_IFCHR) +#define S_ISBLK(mode) (((mode) & S_IFMT) == S_IFBLK) + +#endif + +#endif diff --git a/include/compat/sys/time.h b/include/compat/sys/time.h new file mode 100644 index 0000000..76428c1 --- /dev/null +++ b/include/compat/sys/time.h @@ -0,0 +1,28 @@ +/* + * Public domain + * sys/time.h compatibility shim + */ + +#ifndef LIBCRYPTOCOMPAT_SYS_TIME_H +#define LIBCRYPTOCOMPAT_SYS_TIME_H + +#ifdef _MSC_VER +#include <winsock2.h> +int gettimeofday(struct timeval *tp, void *tzp); +#else +#include_next <sys/time.h> +#endif + +#ifndef timersub +#define timersub(tvp, uvp, vvp) \ + do { \ + (vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec; \ + (vvp)->tv_usec = (tvp)->tv_usec - (uvp)->tv_usec; \ + if ((vvp)->tv_usec < 0) { \ + (vvp)->tv_sec--; \ + (vvp)->tv_usec += 1000000; \ + } \ + } while (0) +#endif + +#endif diff --git a/include/compat/sys/types.h b/include/compat/sys/types.h new file mode 100644 index 0000000..4967843 --- /dev/null +++ b/include/compat/sys/types.h @@ -0,0 +1,81 @@ +/* + * Public domain + * sys/types.h compatibility shim + */ + +#ifdef _MSC_VER +#if _MSC_VER >= 1900 +#include <../ucrt/sys/types.h> +#else +#include <../include/sys/types.h> +#endif +#else +#include_next <sys/types.h> +#endif + +#ifndef LIBCRYPTOCOMPAT_SYS_TYPES_H +#define LIBCRYPTOCOMPAT_SYS_TYPES_H + +#include <stdint.h> + +#ifdef __MINGW32__ +#include <_bsd_types.h> +typedef uint32_t in_addr_t; +typedef uint32_t uid_t; +#endif + +#ifdef _MSC_VER +typedef unsigned char u_char; +typedef unsigned short u_short; +typedef unsigned int u_int; +typedef uint32_t in_addr_t; +typedef uint32_t mode_t; +typedef uint32_t uid_t; + +#include <basetsd.h> +typedef SSIZE_T ssize_t; + +#ifndef SSIZE_MAX +#ifdef _WIN64 +#define SSIZE_MAX _I64_MAX +#else +#define SSIZE_MAX INT_MAX +#endif +#endif + +#endif + +#if !defined(HAVE_ATTRIBUTE__BOUNDED__) && !defined(__bounded__) +# define __bounded__(x, y, z) +#endif + +#if !defined(HAVE_ATTRIBUTE__DEAD) && !defined(__dead) +#ifdef _MSC_VER +#define __dead __declspec(noreturn) +#else +#define __dead __attribute__((__noreturn__)) +#endif +#endif + +#ifdef _WIN32 +#define __warn_references(sym,msg) +#else + +#ifndef __warn_references + +#ifndef __STRING +#define __STRING(x) #x +#endif + +#if defined(__GNUC__) && defined (HAS_GNU_WARNING_LONG) +#define __warn_references(sym,msg) \ + __asm__(".section .gnu.warning." __STRING(sym) \ + "\n\t.ascii \"" msg "\"\n\t.text"); +#else +#define __warn_references(sym,msg) +#endif + +#endif /* __warn_references */ +#endif /* _WIN32 */ + +#endif diff --git a/include/compat/time.h b/include/compat/time.h new file mode 100644 index 0000000..540807d --- /dev/null +++ b/include/compat/time.h @@ -0,0 +1,60 @@ +/* + * Public domain + * sys/time.h compatibility shim + */ + +#ifdef _MSC_VER +#if _MSC_VER >= 1900 +#include <../ucrt/time.h> +#else +#include <../include/time.h> +#endif +#else +#include_next <time.h> +#endif + +#ifndef LIBCRYPTOCOMPAT_TIME_H +#define LIBCRYPTOCOMPAT_TIME_H + +#ifdef _WIN32 +struct tm *__gmtime_r(const time_t * t, struct tm * tm); +#define gmtime_r(tp, tm) __gmtime_r(tp, tm) +#endif + +#ifndef HAVE_TIMEGM +time_t timegm(struct tm *tm); +#endif + +#ifndef CLOCK_MONOTONIC +#define CLOCK_MONOTONIC CLOCK_REALTIME +#endif + +#ifndef CLOCK_REALTIME +#define CLOCK_REALTIME 0 +#endif + +#ifndef _WIN32 +#ifndef HAVE_CLOCK_GETTIME +typedef int clockid_t; +int clock_gettime(clockid_t clock_id, struct timespec *tp); +#endif + +#ifdef timespecsub +#define HAVE_TIMESPECSUB +#endif + +#ifndef HAVE_TIMESPECSUB +#define timespecsub(tsp, usp, vsp) \ + do { \ + (vsp)->tv_sec = (tsp)->tv_sec - (usp)->tv_sec; \ + (vsp)->tv_nsec = (tsp)->tv_nsec - (usp)->tv_nsec; \ + if ((vsp)->tv_nsec < 0) { \ + (vsp)->tv_sec--; \ + (vsp)->tv_nsec += 1000000000L; \ + } \ + } while (0) +#endif + +#endif + +#endif diff --git a/include/compat/unistd.h b/include/compat/unistd.h new file mode 100644 index 0000000..5e6ab1d --- /dev/null +++ b/include/compat/unistd.h @@ -0,0 +1,78 @@ +/* + * Public domain + * unistd.h compatibility shim + */ + +#ifndef LIBCRYPTOCOMPAT_UNISTD_H +#define LIBCRYPTOCOMPAT_UNISTD_H + +#ifndef _MSC_VER + +#include_next <unistd.h> + +#ifdef __MINGW32__ +int ftruncate(int fd, off_t length); +uid_t getuid(void); +ssize_t pread(int d, void *buf, size_t nbytes, off_t offset); +ssize_t pwrite(int d, const void *buf, size_t nbytes, off_t offset); +#endif + +#else + +#include <stdlib.h> +#include <io.h> +#include <process.h> + +#define STDOUT_FILENO 1 +#define STDERR_FILENO 2 + +#define R_OK 4 +#define W_OK 2 +#define X_OK 0 +#define F_OK 0 + +#define SEEK_SET 0 +#define SEEK_CUR 1 +#define SEEK_END 2 + +#define access _access + +#ifdef _MSC_VER +#include <windows.h> +static inline unsigned int sleep(unsigned int seconds) +{ + Sleep(seconds * 1000); + return seconds; +} +#endif + +int ftruncate(int fd, off_t length); +uid_t getuid(void); +ssize_t pread(int d, void *buf, size_t nbytes, off_t offset); +ssize_t pwrite(int d, const void *buf, size_t nbytes, off_t offset); + +#endif + +#ifndef HAVE_GETENTROPY +int getentropy(void *buf, size_t buflen); +#else +/* + * Solaris 11.3 adds getentropy(2), but defines the function in sys/random.h + */ +#if defined(__sun) +#include <sys/random.h> +#endif +#endif + +#ifndef HAVE_GETPAGESIZE +int getpagesize(void); +#endif + +#define pledge(request, paths) 0 +#define unveil(path, permissions) 0 + +#ifndef HAVE_PIPE2 +int pipe2(int fildes[2], int flags); +#endif + +#endif diff --git a/include/compat/win32netcompat.h b/include/compat/win32netcompat.h new file mode 100644 index 0000000..eabebe9 --- /dev/null +++ b/include/compat/win32netcompat.h @@ -0,0 +1,57 @@ +/* + * Public domain + * + * BSD socket emulation code for Winsock2 + * Brent Cook <bcook@openbsd.org> + */ + +#ifndef LIBCRYPTOCOMPAT_WIN32NETCOMPAT_H +#define LIBCRYPTOCOMPAT_WIN32NETCOMPAT_H + +#ifdef _WIN32 + +#include <ws2tcpip.h> +#include <errno.h> +#include <unistd.h> + +#ifndef SHUT_RDWR +#define SHUT_RDWR SD_BOTH +#endif +#ifndef SHUT_RD +#define SHUT_RD SD_RECEIVE +#endif +#ifndef SHUT_WR +#define SHUT_WR SD_SEND +#endif + +int posix_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen); + +int posix_open(const char *path, ...); + +int posix_close(int fd); + +ssize_t posix_read(int fd, void *buf, size_t count); + +ssize_t posix_write(int fd, const void *buf, size_t count); + +int posix_getsockopt(int sockfd, int level, int optname, + void *optval, socklen_t *optlen); + +int posix_setsockopt(int sockfd, int level, int optname, + const void *optval, socklen_t optlen); + +#ifndef NO_REDEF_POSIX_FUNCTIONS +#define connect(sockfd, addr, addrlen) posix_connect(sockfd, addr, addrlen) +#define open(path, ...) posix_open(path, __VA_ARGS__) +#define close(fd) posix_close(fd) +#define read(fd, buf, count) posix_read(fd, buf, count) +#define write(fd, buf, count) posix_write(fd, buf, count) +#define getsockopt(sockfd, level, optname, optval, optlen) \ + posix_getsockopt(sockfd, level, optname, optval, optlen) +#define setsockopt(sockfd, level, optname, optval, optlen) \ + posix_setsockopt(sockfd, level, optname, optval, optlen) +#endif + +#endif + +#endif diff --git a/include/tls.h b/include/tls.h new file mode 100644 index 0000000..de6d257 --- /dev/null +++ b/include/tls.h @@ -0,0 +1,226 @@ +/* $OpenBSD: tls.h,v 1.58 2020/01/22 06:44:02 beck Exp $ */ +/* + * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef HEADER_TLS_H +#define HEADER_TLS_H + +#ifdef __cplusplus +extern "C" { +#endif + +#ifdef _MSC_VER +#ifndef LIBRESSL_INTERNAL +#include <basetsd.h> +typedef SSIZE_T ssize_t; +#endif +#endif + +#include <sys/types.h> + +#include <stddef.h> +#include <stdint.h> + +#define TLS_API 20200120 + +#define TLS_PROTOCOL_TLSv1_0 (1 << 1) +#define TLS_PROTOCOL_TLSv1_1 (1 << 2) +#define TLS_PROTOCOL_TLSv1_2 (1 << 3) +#define TLS_PROTOCOL_TLSv1_3 (1 << 4) + +#define TLS_PROTOCOL_TLSv1 \ + (TLS_PROTOCOL_TLSv1_0|TLS_PROTOCOL_TLSv1_1|\ + TLS_PROTOCOL_TLSv1_2|TLS_PROTOCOL_TLSv1_3) + +#define TLS_PROTOCOLS_ALL TLS_PROTOCOL_TLSv1 +#define TLS_PROTOCOLS_DEFAULT (TLS_PROTOCOL_TLSv1_2|TLS_PROTOCOL_TLSv1_3) + +#define TLS_WANT_POLLIN -2 +#define TLS_WANT_POLLOUT -3 + +/* RFC 6960 Section 2.3 */ +#define TLS_OCSP_RESPONSE_SUCCESSFUL 0 +#define TLS_OCSP_RESPONSE_MALFORMED 1 +#define TLS_OCSP_RESPONSE_INTERNALERROR 2 +#define TLS_OCSP_RESPONSE_TRYLATER 3 +#define TLS_OCSP_RESPONSE_SIGREQUIRED 4 +#define TLS_OCSP_RESPONSE_UNAUTHORIZED 5 + +/* RFC 6960 Section 2.2 */ +#define TLS_OCSP_CERT_GOOD 0 +#define TLS_OCSP_CERT_REVOKED 1 +#define TLS_OCSP_CERT_UNKNOWN 2 + +/* RFC 5280 Section 5.3.1 */ +#define TLS_CRL_REASON_UNSPECIFIED 0 +#define TLS_CRL_REASON_KEY_COMPROMISE 1 +#define TLS_CRL_REASON_CA_COMPROMISE 2 +#define TLS_CRL_REASON_AFFILIATION_CHANGED 3 +#define TLS_CRL_REASON_SUPERSEDED 4 +#define TLS_CRL_REASON_CESSATION_OF_OPERATION 5 +#define TLS_CRL_REASON_CERTIFICATE_HOLD 6 +#define TLS_CRL_REASON_REMOVE_FROM_CRL 8 +#define TLS_CRL_REASON_PRIVILEGE_WITHDRAWN 9 +#define TLS_CRL_REASON_AA_COMPROMISE 10 + +#define TLS_MAX_SESSION_ID_LENGTH 32 +#define TLS_TICKET_KEY_SIZE 48 + +struct tls; +struct tls_config; + +typedef ssize_t (*tls_read_cb)(struct tls *_ctx, void *_buf, size_t _buflen, + void *_cb_arg); +typedef ssize_t (*tls_write_cb)(struct tls *_ctx, const void *_buf, + size_t _buflen, void *_cb_arg); + +int tls_init(void); + +const char *tls_config_error(struct tls_config *_config); +const char *tls_error(struct tls *_ctx); + +struct tls_config *tls_config_new(void); +void tls_config_free(struct tls_config *_config); + +const char *tls_default_ca_cert_file(void); + +int tls_config_add_keypair_file(struct tls_config *_config, + const char *_cert_file, const char *_key_file); +int tls_config_add_keypair_mem(struct tls_config *_config, const uint8_t *_cert, + size_t _cert_len, const uint8_t *_key, size_t _key_len); +int tls_config_add_keypair_ocsp_file(struct tls_config *_config, + const char *_cert_file, const char *_key_file, + const char *_ocsp_staple_file); +int tls_config_add_keypair_ocsp_mem(struct tls_config *_config, const uint8_t *_cert, + size_t _cert_len, const uint8_t *_key, size_t _key_len, + const uint8_t *_staple, size_t _staple_len); +int tls_config_set_alpn(struct tls_config *_config, const char *_alpn); +int tls_config_set_ca_file(struct tls_config *_config, const char *_ca_file); +int tls_config_set_ca_path(struct tls_config *_config, const char *_ca_path); +int tls_config_set_ca_mem(struct tls_config *_config, const uint8_t *_ca, + size_t _len); +int tls_config_set_cert_file(struct tls_config *_config, + const char *_cert_file); +int tls_config_set_cert_mem(struct tls_config *_config, const uint8_t *_cert, + size_t _len); +int tls_config_set_ciphers(struct tls_config *_config, const char *_ciphers); +int tls_config_set_crl_file(struct tls_config *_config, const char *_crl_file); +int tls_config_set_crl_mem(struct tls_config *_config, const uint8_t *_crl, + size_t _len); +int tls_config_set_dheparams(struct tls_config *_config, const char *_params); +int tls_config_set_ecdhecurve(struct tls_config *_config, const char *_curve); +int tls_config_set_ecdhecurves(struct tls_config *_config, const char *_curves); +int tls_config_set_key_file(struct tls_config *_config, const char *_key_file); +int tls_config_set_key_mem(struct tls_config *_config, const uint8_t *_key, + size_t _len); +int tls_config_set_keypair_file(struct tls_config *_config, + const char *_cert_file, const char *_key_file); +int tls_config_set_keypair_mem(struct tls_config *_config, const uint8_t *_cert, + size_t _cert_len, const uint8_t *_key, size_t _key_len); +int tls_config_set_keypair_ocsp_file(struct tls_config *_config, + const char *_cert_file, const char *_key_file, const char *_staple_file); +int tls_config_set_keypair_ocsp_mem(struct tls_config *_config, const uint8_t *_cert, + size_t _cert_len, const uint8_t *_key, size_t _key_len, + const uint8_t *_staple, size_t staple_len); +int tls_config_set_ocsp_staple_mem(struct tls_config *_config, + const uint8_t *_staple, size_t _len); +int tls_config_set_ocsp_staple_file(struct tls_config *_config, + const char *_staple_file); +int tls_config_set_protocols(struct tls_config *_config, uint32_t _protocols); +int tls_config_set_session_fd(struct tls_config *_config, int _session_fd); +int tls_config_set_verify_depth(struct tls_config *_config, int _verify_depth); + +void tls_config_prefer_ciphers_client(struct tls_config *_config); +void tls_config_prefer_ciphers_server(struct tls_config *_config); + +void tls_config_insecure_noverifycert(struct tls_config *_config); +void tls_config_insecure_noverifyname(struct tls_config *_config); +void tls_config_insecure_noverifytime(struct tls_config *_config); +void tls_config_verify(struct tls_config *_config); + +void tls_config_ocsp_require_stapling(struct tls_config *_config); +void tls_config_verify_client(struct tls_config *_config); +void tls_config_verify_client_optional(struct tls_config *_config); + +void tls_config_clear_keys(struct tls_config *_config); +int tls_config_parse_protocols(uint32_t *_protocols, const char *_protostr); + +int tls_config_set_session_id(struct tls_config *_config, + const unsigned char *_session_id, size_t _len); +int tls_config_set_session_lifetime(struct tls_config *_config, int _lifetime); +int tls_config_add_ticket_key(struct tls_config *_config, uint32_t _keyrev, + unsigned char *_key, size_t _keylen); + +struct tls *tls_client(void); +struct tls *tls_server(void); +int tls_configure(struct tls *_ctx, struct tls_config *_config); +void tls_reset(struct tls *_ctx); +void tls_free(struct tls *_ctx); + +int tls_accept_fds(struct tls *_ctx, struct tls **_cctx, int _fd_read, + int _fd_write); +int tls_accept_socket(struct tls *_ctx, struct tls **_cctx, int _socket); +int tls_accept_cbs(struct tls *_ctx, struct tls **_cctx, + tls_read_cb _read_cb, tls_write_cb _write_cb, void *_cb_arg); +int tls_connect(struct tls *_ctx, const char *_host, const char *_port); +int tls_connect_fds(struct tls *_ctx, int _fd_read, int _fd_write, + const char *_servername); +int tls_connect_servername(struct tls *_ctx, const char *_host, + const char *_port, const char *_servername); +int tls_connect_socket(struct tls *_ctx, int _s, const char *_servername); +int tls_connect_cbs(struct tls *_ctx, tls_read_cb _read_cb, + tls_write_cb _write_cb, void *_cb_arg, const char *_servername); +int tls_handshake(struct tls *_ctx); +ssize_t tls_read(struct tls *_ctx, void *_buf, size_t _buflen); +ssize_t tls_write(struct tls *_ctx, const void *_buf, size_t _buflen); +int tls_close(struct tls *_ctx); + +int tls_peer_cert_provided(struct tls *_ctx); +int tls_peer_cert_contains_name(struct tls *_ctx, const char *_name); + +const char *tls_peer_cert_hash(struct tls *_ctx); +const char *tls_peer_cert_issuer(struct tls *_ctx); +const char *tls_peer_cert_subject(struct tls *_ctx); +time_t tls_peer_cert_notbefore(struct tls *_ctx); +time_t tls_peer_cert_notafter(struct tls *_ctx); +const uint8_t *tls_peer_cert_chain_pem(struct tls *_ctx, size_t *_len); + +const char *tls_conn_alpn_selected(struct tls *_ctx); +const char *tls_conn_cipher(struct tls *_ctx); +int tls_conn_cipher_strength(struct tls *_ctx); +const char *tls_conn_servername(struct tls *_ctx); +int tls_conn_session_resumed(struct tls *_ctx); +const char *tls_conn_version(struct tls *_ctx); + +uint8_t *tls_load_file(const char *_file, size_t *_len, char *_password); +void tls_unload_file(uint8_t *_buf, size_t len); + +int tls_ocsp_process_response(struct tls *_ctx, const unsigned char *_response, + size_t _size); +int tls_peer_ocsp_cert_status(struct tls *_ctx); +int tls_peer_ocsp_crl_reason(struct tls *_ctx); +time_t tls_peer_ocsp_next_update(struct tls *_ctx); +int tls_peer_ocsp_response_status(struct tls *_ctx); +const char *tls_peer_ocsp_result(struct tls *_ctx); +time_t tls_peer_ocsp_revocation_time(struct tls *_ctx); +time_t tls_peer_ocsp_this_update(struct tls *_ctx); +const char *tls_peer_ocsp_url(struct tls *_ctx); + +#ifdef __cplusplus +} +#endif + +#endif /* HEADER_TLS_H */ |