Commit 07ac736f authored by Simon Morlat's avatar Simon Morlat

fix crash in tls test.

cleaniups
parent 1b4e2dde
......@@ -75,8 +75,8 @@ BELLESIP_EXPORT belle_sip_server_transaction_t *belle_sip_transaction_terminated
* auth event mode
* */
typedef enum belle_sip_auth_mode {
BELLE_SIP_AUTH_MODE_HTTP_DIGEST, /** Disgest authentication has been requested by the server*/
BELLE_SIP_AUTH_MODE_TLS /** Client certificates has bee requested by the server*/
BELLE_SIP_AUTH_MODE_HTTP_DIGEST, /** Digest authentication has been requested by the server*/
BELLE_SIP_AUTH_MODE_TLS /** Client certificate has been requested by the server*/
} belle_sip_auth_mode_t;
BELLESIP_EXPORT void belle_sip_auth_event_destroy(belle_sip_auth_event_t* event);
......
......@@ -176,10 +176,12 @@ BELLE_SIP_DECLARE_CUSTOM_VPTR_BEGIN(belle_sip_channel_t,belle_sip_source_t)
void (*close)(belle_sip_channel_t *obj);
BELLE_SIP_DECLARE_CUSTOM_VPTR_END
/**
/*
* tls client certificate authentication. might be relevant for both tls and dtls channels.Only implemented in tls channel for now
* **/
void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_channel_t *obj, belle_sip_certificates_chain_t* cert_chain);
void belle_sip_tls_channel_set_client_certificate_key(belle_sip_channel_t *obj, belle_sip_signing_key_t* key);
*/
void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_tls_channel_t *obj, belle_sip_certificates_chain_t* cert_chain);
void belle_sip_tls_channel_set_client_certificate_key(belle_sip_tls_channel_t *obj, belle_sip_signing_key_t* key);
#define BELLE_SIP_TLS_CHANNEL(obj) BELLE_SIP_CAST(obj,belle_sip_tls_channel_t)
#endif
......@@ -285,15 +285,17 @@ static int channel_on_event(belle_sip_channel_listener_t *obj, belle_sip_channel
}
return 0;
}
static int channel_on_auth_requested(belle_sip_channel_listener_t *obj, belle_sip_channel_t *chan, const char* distinguished_name){
if (BELLE_SIP_IS_INSTANCE_OF(chan,belle_sip_tls_channel_t)) {
belle_sip_provider_t *prov=BELLE_SIP_PROVIDER(obj);
belle_sip_auth_event_t* auth_event = belle_sip_auth_event_create(NULL,NULL);
belle_sip_tls_channel_t *tls_chan=BELLE_SIP_TLS_CHANNEL(chan);
auth_event->mode=BELLE_SIP_AUTH_MODE_TLS;
belle_sip_auth_event_set_distinguished_name(auth_event,distinguished_name);
BELLE_SIP_PROVIDER_INVOKE_LISTENERS(prov->listeners,process_auth_requested,auth_event);
belle_sip_tls_channel_set_client_certificates_chain(chan,auth_event->cert);
belle_sip_tls_channel_set_client_certificate_key(chan,auth_event->key);
belle_sip_tls_channel_set_client_certificates_chain(tls_chan,auth_event->cert);
belle_sip_tls_channel_set_client_certificate_key(tls_chan,auth_event->key);
belle_sip_auth_event_destroy(auth_event);
}
return 0;
......
......@@ -21,7 +21,7 @@
#ifdef HAVE_POLARSSL
/* Uncomment to get very verbose polarssl logs*/
#define ENABLE_POLARSSL_LOGS
//#define ENABLE_POLARSSL_LOGS
#include <polarssl/ssl.h>
#include <polarssl/version.h>
#include <polarssl/error.h>
......@@ -160,8 +160,7 @@ static int tls_channel_handshake(belle_sip_tls_channel_t *channel) {
ssl_set_own_cert(&channel->sslctx,&channel->client_cert_chain->cert,&channel->client_cert_key->key);
#else
if ((err=ssl_set_own_cert_rsa(&channel->sslctx,&channel->client_cert_chain->cert,&channel->client_cert_key->key))) {
char tmp[128];
error_strerror(err,tmp,sizeof(tmp));
error_strerror(err,tmp,sizeof(tmp)-1);
belle_sip_error("Channel [%p] cannot ssl_set_own_cert_rsa [%s]",channel,tmp);
}
......@@ -359,16 +358,14 @@ belle_sip_channel_t * belle_sip_channel_new_tls(belle_sip_tls_listening_point_t
return (belle_sip_channel_t*)obj;
}
void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_channel_t *obj, belle_sip_certificates_chain_t* cert_chain) {
belle_sip_tls_channel_t* channel = (belle_sip_tls_channel_t*)obj;
belle_sip_object_ref(cert_chain);
void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_tls_channel_t *channel, belle_sip_certificates_chain_t* cert_chain) {
if (cert_chain) belle_sip_object_ref(cert_chain);
if (channel->client_cert_chain) belle_sip_object_unref(channel->client_cert_chain);
channel->client_cert_chain=cert_chain;
}
void belle_sip_tls_channel_set_client_certificate_key(belle_sip_channel_t *obj, belle_sip_signing_key_t* key) {
belle_sip_tls_channel_t* channel = (belle_sip_tls_channel_t*)obj;
belle_sip_object_ref(key);
void belle_sip_tls_channel_set_client_certificate_key(belle_sip_tls_channel_t *channel, belle_sip_signing_key_t* key){
if (key) belle_sip_object_ref(key);
if (channel->client_cert_key) belle_sip_object_unref(channel->client_cert_key);
channel->client_cert_key=key;
......@@ -376,10 +373,10 @@ void belle_sip_tls_channel_set_client_certificate_key(belle_sip_channel_t *obj,
#else /*HAVE_POLLAR_SSL*/
void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_channel_t *obj, belle_sip_certificates_chain_t* cert_chain) {
void belle_sip_tls_channel_set_client_certificates_chain(belle_sibelle_sip_tls_channel_tp_channel_t *obj, belle_sip_certificates_chain_t* cert_chain) {
belle_sip_error("belle_sip_channel_set_client_certificate_chain requires TLS");
}
void belle_sip_tls_channel_set_client_certificate_key(belle_sip_channel_t *obj, belle_sip_signing_key_t* key) {
void belle_sip_tls_channel_set_client_certificate_key(belle_sip_tls_channel_t *obj, belle_sip_signing_key_t* key) {
belle_sip_error("belle_sip_channel_set_client_certificate_key requires TLS");
}
#endif
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment