From 0f0a1dfd2fa25b0d0a0f5b0fc997a858eee04f64 Mon Sep 17 00:00:00 2001
From: Mark Hellegers <mark@firedisk.net>
Date: Sun, 22 May 2016 21:02:03 +0200
Subject: [PATCH] Add support for TLS SNI
---
headers/os/net/NetworkAddress.h | 1 +
headers/os/net/SecureSocket.h | 4 +--
src/kits/network/libnetapi/NetworkAddress.cpp | 40 +++++++++++++++------------
src/kits/network/libnetapi/SecureSocket.cpp | 17 ++++++++----
4 files changed, 36 insertions(+), 26 deletions(-)
diff --git a/headers/os/net/NetworkAddress.h b/headers/os/net/NetworkAddress.h
index 865ed73..717108a 100644
|
a
|
b
|
private:
|
| 149 | 149 | private: |
| 150 | 150 | sockaddr_storage fAddress; |
| 151 | 151 | status_t fStatus; |
| | 152 | BString fHostName; |
| 152 | 153 | }; |
| 153 | 154 | |
| 154 | 155 | |
diff --git a/headers/os/net/SecureSocket.h b/headers/os/net/SecureSocket.h
index ebf1e15..fe55cc6 100644
|
a
|
b
|
public:
|
| 42 | 42 | virtual ssize_t Write(const void* buffer, size_t size); |
| 43 | 43 | |
| 44 | 44 | protected: |
| 45 | | status_t _SetupCommon( |
| 46 | | status_t _SetupConnect( |
| | 45 | status_t _SetupCommon(const char* host = NULL); |
| | 46 | status_t _SetupConnect(const char* host = NULL); |
| 47 | 47 | status_t _SetupAccept(); |
| 48 | 48 | |
| 49 | 49 | private: |
diff --git a/src/kits/network/libnetapi/NetworkAddress.cpp b/src/kits/network/libnetapi/NetworkAddress.cpp
index 57de4bc..2bfbcd1 100644
|
a
|
b
|
BNetworkAddress::BNetworkAddress(const in6_addr& address, uint16 port)
|
| 129 | 129 | BNetworkAddress::BNetworkAddress(const BNetworkAddress& other) |
| 130 | 130 | : |
| 131 | 131 | fAddress(other.fAddress), |
| 132 | | fStatus(other.fStatus) |
| | 132 | fStatus(other.fStatus), |
| | 133 | fHostName(other.fHostName) |
| 133 | 134 | { |
| 134 | 135 | } |
| 135 | 136 | |
| … |
… |
BNetworkAddress::Unset()
|
| 151 | 152 | { |
| 152 | 153 | fAddress.ss_family = AF_UNSPEC; |
| 153 | 154 | fAddress.ss_len = 2; |
| | 155 | fHostName = ""; |
| 154 | 156 | fStatus = B_OK; |
| 155 | 157 | } |
| 156 | 158 | |
| … |
… |
BNetworkAddress::SetTo(const char* host, uint16 port, uint32 flags)
|
| 170 | 172 | |
| 171 | 173 | uint32 cookie = 0; |
| 172 | 174 | status = resolver->GetNextAddress(AF_INET6, &cookie, *this); |
| 173 | | if (status == B_OK) { |
| 174 | | fStatus = B_OK; |
| 175 | | return B_OK; |
| | 175 | if (status != B_OK) { |
| | 176 | cookie = 0; |
| | 177 | status = resolver->GetNextAddress(&cookie, *this); |
| | 178 | if (status != B_OK) |
| | 179 | Unset(); |
| 176 | 180 | } |
| 177 | | |
| 178 | | cookie = 0; |
| 179 | | status = resolver->GetNextAddress(&cookie, *this); |
| 180 | | if (status != B_OK) |
| 181 | | Unset(); |
| | 181 | fHostName = host; |
| 182 | 182 | fStatus = status; |
| 183 | 183 | return status; |
| 184 | 184 | } |
| … |
… |
BNetworkAddress::SetTo(const char* host, const char* service, uint32 flags)
|
| 199 | 199 | |
| 200 | 200 | uint32 cookie = 0; |
| 201 | 201 | status = resolver->GetNextAddress(AF_INET6, &cookie, *this); |
| 202 | | if (status == B_OK) { |
| 203 | | fStatus = B_OK; |
| 204 | | return B_OK; |
| | 202 | if (status != B_OK) { |
| | 203 | cookie = 0; |
| | 204 | status = resolver->GetNextAddress(&cookie, *this); |
| | 205 | if (status != B_OK) |
| | 206 | Unset(); |
| 205 | 207 | } |
| 206 | | |
| 207 | | cookie = 0; |
| 208 | | status = resolver->GetNextAddress(&cookie, *this); |
| 209 | | if (status != B_OK) |
| 210 | | Unset(); |
| | 208 | fHostName = host; |
| 211 | 209 | fStatus = status; |
| 212 | 210 | return status; |
| 213 | 211 | } |
| … |
… |
BNetworkAddress::SetTo(int family, const char* host, uint16 port, uint32 flags)
|
| 235 | 233 | status = resolver->GetNextAddress(&cookie, *this); |
| 236 | 234 | if (status != B_OK) |
| 237 | 235 | Unset(); |
| | 236 | fHostName = host; |
| 238 | 237 | fStatus = status; |
| 239 | 238 | return status; |
| 240 | 239 | } |
| … |
… |
BNetworkAddress::SetTo(int family, const char* host, const char* service,
|
| 263 | 262 | status = resolver->GetNextAddress(&cookie, *this); |
| 264 | 263 | if (status != B_OK) |
| 265 | 264 | Unset(); |
| | 265 | fHostName = host; |
| 266 | 266 | fStatus = status; |
| 267 | 267 | return status; |
| 268 | 268 | } |
| … |
… |
BNetworkAddress::SetTo(const BNetworkAddress& other)
|
| 372 | 372 | { |
| 373 | 373 | fAddress = other.fAddress; |
| 374 | 374 | fStatus = other.fStatus; |
| | 375 | fHostName = other.fHostName; |
| 375 | 376 | } |
| 376 | 377 | |
| 377 | 378 | |
| … |
… |
BString
|
| 1047 | 1048 | BNetworkAddress::HostName() const |
| 1048 | 1049 | { |
| 1049 | 1050 | // TODO: implement host name lookup |
| 1050 | | return ToString(false); |
| | 1051 | return fHostName; |
| 1051 | 1052 | } |
| 1052 | 1053 | |
| 1053 | 1054 | |
| … |
… |
BNetworkAddress&
|
| 1159 | 1160 | BNetworkAddress::operator=(const BNetworkAddress& other) |
| 1160 | 1161 | { |
| 1161 | 1162 | memcpy(&fAddress, &other.fAddress, other.fAddress.ss_len); |
| | 1163 | fHostName = other.fHostName; |
| 1162 | 1164 | fStatus = other.fStatus; |
| 1163 | 1165 | |
| 1164 | 1166 | return *this; |
| … |
… |
BNetworkAddress::_ParseLinkAddress(const char* address)
|
| 1291 | 1293 | |
| 1292 | 1294 | address += 3; |
| 1293 | 1295 | } |
| | 1296 | |
| | 1297 | fHostName = address; |
| 1294 | 1298 | |
| 1295 | 1299 | SetToLinkLevel(linkAddress, length); |
| 1296 | 1300 | return B_OK; |
diff --git a/src/kits/network/libnetapi/SecureSocket.cpp b/src/kits/network/libnetapi/SecureSocket.cpp
index ef66cf8..773a6eb 100644
|
a
|
b
|
BSecureSocket::Connect(const BNetworkAddress& peer, bigtime_t timeout)
|
| 297 | 297 | if (status != B_OK) |
| 298 | 298 | return status; |
| 299 | 299 | |
| 300 | | return _SetupConnect( |
| | 300 | return _SetupConnect(peer.HostName().String()); |
| 301 | 301 | } |
| 302 | 302 | |
| 303 | 303 | |
| … |
… |
BSecureSocket::Write(const void* buffer, size_t size)
|
| 381 | 381 | |
| 382 | 382 | |
| 383 | 383 | status_t |
| 384 | | BSecureSocket::_SetupCommon( |
| | 384 | BSecureSocket::_SetupCommon(const char* host) |
| 385 | 385 | { |
| 386 | 386 | // Do this only after BSocket::Connect has checked wether we're already |
| 387 | 387 | // connected. We don't want to kill an existing SSL session, as that would |
| … |
… |
BSecureSocket::_SetupCommon()
|
| 399 | 399 | BIO_set_fd(fPrivate->fBIO, fSocket, BIO_NOCLOSE); |
| 400 | 400 | SSL_set_bio(fPrivate->fSSL, fPrivate->fBIO, fPrivate->fBIO); |
| 401 | 401 | SSL_set_ex_data(fPrivate->fSSL, Private::sDataIndex, this); |
| | 402 | if (host != NULL) { |
| | 403 | BString hostString = host; |
| | 404 | if (hostString != "") |
| | 405 | SSL_set_tlsext_host_name(fPrivate->fSSL, host); |
| | 406 | } |
| 402 | 407 | |
| 403 | 408 | return B_OK; |
| 404 | 409 | } |
| 405 | 410 | |
| 406 | 411 | |
| 407 | 412 | status_t |
| 408 | | BSecureSocket::_SetupConnect( |
| | 413 | BSecureSocket::_SetupConnect(const char* host) |
| 409 | 414 | { |
| 410 | | status_t error = _SetupCommon( |
| | 415 | status_t error = _SetupCommon(host); |
| 411 | 416 | if (error != B_OK) |
| 412 | 417 | return error; |
| 413 | 418 | |
| … |
… |
BSecureSocket::InitCheck()
|
| 529 | 534 | |
| 530 | 535 | |
| 531 | 536 | status_t |
| 532 | | BSecureSocket::_SetupCommon( |
| | 537 | BSecureSocket::_SetupCommon(const char* host) |
| 533 | 538 | { |
| 534 | 539 | return B_UNSUPPORTED; |
| 535 | 540 | } |
| 536 | 541 | |
| 537 | 542 | |
| 538 | 543 | status_t |
| 539 | | BSecureSocket::_SetupConnect( |
| | 544 | BSecureSocket::_SetupConnect(const char* host) |
| 540 | 545 | { |
| 541 | 546 | return B_UNSUPPORTED; |
| 542 | 547 | } |
