Rename the context allocation from ressl_new to ressl_client, which makes

it completely obvious what the context is for. Ensure client functions are used on client contexts.
author: jsing <> 2014-07-13 23:17:29 +0000
committer: jsing <> 2014-07-13 23:17:29 +0000
commit: 90b541a2592f0fcd2c02ac451cfbc1cbdc345888 (patch)
tree: 10c93fe3f57aedfd81afcb7321f36d5a44350668 /src
parent: 52d7e6dec2e1e75fcac1a3f02ca708176e0c1ee9 (diff)
download: openbsd-90b541a2592f0fcd2c02ac451cfbc1cbdc345888.tar.gz
openbsd-90b541a2592f0fcd2c02ac451cfbc1cbdc345888.tar.bz2
openbsd-90b541a2592f0fcd2c02ac451cfbc1cbdc345888.zip
3 files changed, 30 insertions, 1 deletions
diff --git a/src/lib/libressl/ressl.h b/src/lib/libressl/ressl.h
index 766335aa0c..e7e0a9c51b 100644
--- a/src/lib/libressl/ressl.h
+++ b/src/lib/libressl/ressl.h
@@ -36,7 +36,7 @@ void ressl_config_set_verify_depth(struct ressl_config *config,
 void ressl_config_insecure_no_verify(struct ressl_config *config);
 void ressl_config_verify(struct ressl_config *config);
-struct ressl *ressl_new(void);
+struct ressl *ressl_client(void);
 int ressl_configure(struct ressl *ctx, struct ressl_config *config);
 void ressl_reset(struct ressl *ctx);
 void ressl_free(struct ressl *ctx);
diff --git a/src/lib/libressl/ressl_client.c b/src/lib/libressl/ressl_client.c
index 2e4f253856..1d1ad72b86 100644
--- a/src/lib/libressl/ressl_client.c
+++ b/src/lib/libressl/ressl_client.c
@@ -28,6 +28,19 @@
 #include <ressl.h>
 #include "ressl_internal.h"
+struct ressl *
+ressl_client(void)
+{
+        struct ressl *ctx;
+        if ((ctx = ressl_new()) == NULL)
+                return (NULL);
+        ctx->flags |= RESSL_CLIENT;
+        return (ctx);
+}
 int
 ressl_connect(struct ressl *ctx, const char *host, const char *port)
 {
@@ -36,6 +49,11 @@ ressl_connect(struct ressl *ctx, const char *host, const char *port)
        char *hs = NULL, *ps = NULL;
        int rv = -1, s = -1, ret;
+        if ((ctx->flags & RESSL_CLIENT) == 0) {
+                ressl_set_error(ctx, "not a client context");
+                goto err;
+        }
        if (host == NULL) {
                ressl_set_error(ctx, "host not specified");
                goto err;
@@ -108,6 +126,11 @@ ressl_connect_socket(struct ressl *ctx, int socket, const char *hostname)
        X509 *cert = NULL;
        int ret;
+        if ((ctx->flags & RESSL_CLIENT) == 0) {
+                ressl_set_error(ctx, "not a client context");
+                goto err;
+        }
        ctx->socket = socket;
        /* XXX - add a configuration option to control versions. */
diff --git a/src/lib/libressl/ressl_internal.h b/src/lib/libressl/ressl_internal.h
index f4eec10e63..260ae8e1f9 100644
--- a/src/lib/libressl/ressl_internal.h
+++ b/src/lib/libressl/ressl_internal.h
@@ -33,8 +33,12 @@ struct ressl_config {
        int verify_depth;
 };
+#define RESSL_CLIENT            (1 << 0)
+#define RESSL_SERVER            (1 << 1)
 struct ressl {
        struct ressl_config *config;
+        uint64_t flags;
        int err;
        char *errmsg;
@@ -45,6 +49,8 @@ struct ressl {
        SSL_CTX *ssl_ctx;
 };
+struct ressl *ressl_new(void);
 int ressl_check_hostname(X509 *cert, const char *host);
 int ressl_host_port(const char *hostport, char **host, char **port);
 int ressl_set_error(struct ressl *ctx, char *fmt, ...);
author	jsing <>	2014-07-13 23:17:29 +0000
committer	jsing <>	2014-07-13 23:17:29 +0000
commit	90b541a2592f0fcd2c02ac451cfbc1cbdc345888 (patch)
tree	10c93fe3f57aedfd81afcb7321f36d5a44350668 /src
parent	52d7e6dec2e1e75fcac1a3f02ca708176e0c1ee9 (diff)
download	openbsd-90b541a2592f0fcd2c02ac451cfbc1cbdc345888.tar.gz openbsd-90b541a2592f0fcd2c02ac451cfbc1cbdc345888.tar.bz2 openbsd-90b541a2592f0fcd2c02ac451cfbc1cbdc345888.zip