diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 07:30:55 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 07:30:55 +0000 |
commit | 17e81f2cd1843f01838245eae7b5ed5edf83d6be (patch) | |
tree | a0f685dff11ce5a2dc546a7b46a48bae5d1c0140 /examples/tls_server_context_gnutls.cc | |
parent | Initial commit. (diff) | |
download | ngtcp2-upstream.tar.xz ngtcp2-upstream.zip |
Adding upstream version 0.12.1+dfsg.upstream/0.12.1+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'examples/tls_server_context_gnutls.cc')
-rw-r--r-- | examples/tls_server_context_gnutls.cc | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/examples/tls_server_context_gnutls.cc b/examples/tls_server_context_gnutls.cc new file mode 100644 index 0000000..5b2be55 --- /dev/null +++ b/examples/tls_server_context_gnutls.cc @@ -0,0 +1,99 @@ +/* + * ngtcp2 + * + * Copyright (c) 2020 ngtcp2 contributors + * + * Permission is hereby granted, free of charge, to any person obtaining + * a copy of this software and associated documentation files (the + * "Software"), to deal in the Software without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Software, and to + * permit persons to whom the Software is furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + */ +#include "tls_server_context_gnutls.h" + +#include <iostream> + +#include "server_base.h" +#include "template.h" + +// Based on https://github.com/ueno/ngtcp2-gnutls-examples + +extern Config config; + +namespace { +int anti_replay_db_add_func(void *dbf, time_t exp_time, + const gnutls_datum_t *key, + const gnutls_datum_t *data) { + return 0; +} +} // namespace + +TLSServerContext::TLSServerContext() : cred_{nullptr}, session_ticket_key_{} { + gnutls_anti_replay_init(&anti_replay_); + gnutls_anti_replay_set_add_function(anti_replay_, anti_replay_db_add_func); + gnutls_anti_replay_set_ptr(anti_replay_, nullptr); +} + +TLSServerContext::~TLSServerContext() { + gnutls_anti_replay_deinit(anti_replay_); + gnutls_free(session_ticket_key_.data); + gnutls_certificate_free_credentials(cred_); +} + +gnutls_certificate_credentials_t +TLSServerContext::get_certificate_credentials() const { + return cred_; +} + +const gnutls_datum_t *TLSServerContext::get_session_ticket_key() const { + return &session_ticket_key_; +} + +gnutls_anti_replay_t TLSServerContext::get_anti_replay() const { + return anti_replay_; +} + +int TLSServerContext::init(const char *private_key_file, const char *cert_file, + AppProtocol app_proto) { + if (auto rv = gnutls_certificate_allocate_credentials(&cred_); rv != 0) { + std::cerr << "gnutls_certificate_allocate_credentials failed: " + << gnutls_strerror(rv) << std::endl; + return -1; + } + + if (auto rv = gnutls_certificate_set_x509_system_trust(cred_); rv < 0) { + std::cerr << "gnutls_certificate_set_x509_system_trust failed: " + << gnutls_strerror(rv) << std::endl; + return -1; + } + + if (auto rv = gnutls_certificate_set_x509_key_file( + cred_, cert_file, private_key_file, GNUTLS_X509_FMT_PEM); + rv != 0) { + std::cerr << "gnutls_certificate_set_x509_key_file failed: " + << gnutls_strerror(rv) << std::endl; + return -1; + } + + if (auto rv = gnutls_session_ticket_key_generate(&session_ticket_key_); + rv != 0) { + std::cerr << "gnutls_session_ticket_key_generate failed: " + << gnutls_strerror(rv) << std::endl; + return -1; + } + + return 0; +} |