1 files changed, 165 insertions, 0 deletions
diff --git a/src/regress/lib/libtls/gotls/tls.go b/src/regress/lib/libtls/gotls/tls.go
new file mode 100644
index 0000000000..7f490492bc
--- /dev/null
+++ b/src/regress/lib/libtls/gotls/tls.go
@@ -0,0 +1,165 @@
+// Package tls provides a Go interface to the libtls library.
+package tls
+/*
+#cgo LDFLAGS: -ltls -lssl -lcrypto
+#include <stdlib.h>
+#include <tls.h>
+typedef void *tls;
+*/
+import "C"
+import (
+        "errors"
+        "fmt"
+        "unsafe"
+)
+// TLSConfig provides configuration options for a TLS context.
+type TLSConfig struct {
+        caFile *C.char
+        tlsCfg *C.struct_tls_config
+}
+// TLS encapsulates the TLS context.
+type TLS struct {
+        cfg *TLSConfig
+        ctx *C.struct_tls
+}
+// Init initialises the TLS library.
+func Init() error {
+        if C.tls_init() != 0 {
+                return errors.New("initialisation failed")
+        }
+        return nil
+}
+// NewConfig returns a new TLS configuration.
+func NewConfig() (*TLSConfig, error) {
+        cfg := C.tls_config_new()
+        if cfg == nil {
+                return nil, errors.New("failed to allocate config")
+        }
+        return &TLSConfig{
+                tlsCfg: cfg,
+        }, nil
+}
+// SetCAFile sets the CA file to be used for connections.
+func (c *TLSConfig) SetCAFile(filename string) {
+        if c.caFile != nil {
+                C.free(unsafe.Pointer(c.caFile))
+        }
+        c.caFile = C.CString(filename)
+        C.tls_config_set_ca_file(c.tlsCfg, c.caFile)
+}
+// InsecureNoVerifyCert disables certificate verification for the connection.
+func (c *TLSConfig) InsecureNoVerifyCert() {
+        C.tls_config_insecure_noverifycert(c.tlsCfg)
+}
+// InsecureNoVerifyHost disables hostname verification for the connection.
+func (c *TLSConfig) InsecureNoVerifyHost() {
+        C.tls_config_insecure_noverifyhost(c.tlsCfg)
+}
+// SetSecure enables verification for the connection.
+func (c *TLSConfig) SetVerify() {
+        C.tls_config_verify(c.tlsCfg)
+}
+// Free frees resources associated with the TLS configuration.
+func (c *TLSConfig) Free() {
+        if c.tlsCfg == nil {
+                return
+        }
+        C.tls_config_free(c.tlsCfg)
+        c.tlsCfg = nil
+}
+// NewClient returns a new TLS client context, using the optional configuration.
+// If no configuration is specified the default configuration will be used.
+func NewClient(config *TLSConfig) (*TLS, error) {
+        var sslCfg *C.struct_tls_config
+        if config != nil {
+                sslCfg = config.tlsCfg
+        }
+        ctx := C.tls_client()
+        if ctx == nil {
+                return nil, errors.New("tls client failed")
+        }
+        if C.tls_configure(ctx, sslCfg) != 0 {
+                return nil, errors.New("tls configure failed")
+        }
+        return &TLS{
+                cfg: config,
+                ctx: ctx,
+        }, nil
+}
+// Error returns the error message from the TLS context.
+func (t *TLS) Error() string {
+        if msg := C.tls_error(t.ctx); msg != nil {
+                return C.GoString(msg)
+        }
+        return ""
+}
+// Connect attempts to establish an TLS connection to the specified host on
+// the given port. The host may optionally contain a colon separated port
+// value if the port string is specified as an empty string.
+func (t *TLS) Connect(host, port string) error {
+        h := C.CString(host)
+        var p *C.char
+        if port != "" {
+                p = C.CString(port)
+        }
+        defer C.free(unsafe.Pointer(h))
+        defer C.free(unsafe.Pointer(p))
+        if C.tls_connect(t.ctx, h, p) != 0 {
+                return fmt.Errorf("connect failed: %v", t.Error())
+        }
+        return nil
+}
+// Read reads data the TLS connection into the given buffer.
+func (t *TLS) Read(buf []byte) (int, error) {
+        var inlen C.size_t
+        if C.tls_read(t.ctx, unsafe.Pointer(&buf[0]), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(&inlen))) != 0 {
+                return -1, fmt.Errorf("read failed: %v", t.Error())
+        }
+        return int(inlen), nil
+}
+// Write writes the given data to the TLS connection.
+func (t *TLS) Write(buf []byte) (int, error) {
+        var outlen C.size_t
+        p := C.CString(string(buf))
+        defer C.free(unsafe.Pointer(p))
+        if C.tls_write(t.ctx, unsafe.Pointer(p), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(&outlen))) != 0 {
+                return -1, fmt.Errorf("write failed: %v", t.Error())
+        }
+        return int(outlen), nil
+}
+// Close closes the TLS connection.
+func (t *TLS) Close() error {
+        if C.tls_close(t.ctx) != 0 {
+                return fmt.Errorf("close failed: %v", t.Error())
+        }
+        return nil
+}
+// Free frees resources associated with the TLS context.
+func (t *TLS) Free() {
+        if t.ctx == nil {
+                return
+        }
+        C.tls_free(t.ctx)
+        t.ctx = nil
+}

diff --git a/src/regress/lib/libtls/gotls/tls.go b/src/regress/lib/libtls/gotls/tls.go new file mode 100644 index 0000000000..7f490492bc --- /dev/null +++ b/src/regress/lib/libtls/gotls/tls.go
@@ -0,0 +1,165 @@
	1	// Package tls provides a Go interface to the libtls library.
	2	package tls
	3
	4	/*
	5	#cgo LDFLAGS: -ltls -lssl -lcrypto
	6
	7	#include <stdlib.h>
	8
	9	#include <tls.h>
	10
	11	typedef void *tls;
	12	*/
	13	import "C"
	14
	15	import (
	16	"errors"
	17	"fmt"
	18	"unsafe"
	19	)
	20
	21	// TLSConfig provides configuration options for a TLS context.
	22	type TLSConfig struct {
	23	caFile *C.char
	24	tlsCfg *C.struct_tls_config
	25	}
	26
	27	// TLS encapsulates the TLS context.
	28	type TLS struct {
	29	cfg *TLSConfig
	30	ctx *C.struct_tls
	31	}
	32
	33	// Init initialises the TLS library.
	34	func Init() error {
	35	if C.tls_init() != 0 {
	36	return errors.New("initialisation failed")
	37	}
	38	return nil
	39	}
	40
	41	// NewConfig returns a new TLS configuration.
	42	func NewConfig() (*TLSConfig, error) {
	43	cfg := C.tls_config_new()
	44	if cfg == nil {
	45	return nil, errors.New("failed to allocate config")
	46	}
	47	return &TLSConfig{
	48	tlsCfg: cfg,
	49	}, nil
	50	}
	51
	52	// SetCAFile sets the CA file to be used for connections.
	53	func (c *TLSConfig) SetCAFile(filename string) {
	54	if c.caFile != nil {
	55	C.free(unsafe.Pointer(c.caFile))
	56	}
	57	c.caFile = C.CString(filename)
	58	C.tls_config_set_ca_file(c.tlsCfg, c.caFile)
	59	}
	60
	61	// InsecureNoVerifyCert disables certificate verification for the connection.
	62	func (c *TLSConfig) InsecureNoVerifyCert() {
	63	C.tls_config_insecure_noverifycert(c.tlsCfg)
	64	}
	65
	66	// InsecureNoVerifyHost disables hostname verification for the connection.
	67	func (c *TLSConfig) InsecureNoVerifyHost() {
	68	C.tls_config_insecure_noverifyhost(c.tlsCfg)
	69	}
	70
	71	// SetSecure enables verification for the connection.
	72	func (c *TLSConfig) SetVerify() {
	73	C.tls_config_verify(c.tlsCfg)
	74	}
	75
	76	// Free frees resources associated with the TLS configuration.
	77	func (c *TLSConfig) Free() {
	78	if c.tlsCfg == nil {
	79	return
	80	}
	81	C.tls_config_free(c.tlsCfg)
	82	c.tlsCfg = nil
	83	}
	84
	85	// NewClient returns a new TLS client context, using the optional configuration.
	86	// If no configuration is specified the default configuration will be used.
	87	func NewClient(config TLSConfig) (TLS, error) {
	88	var sslCfg *C.struct_tls_config
	89	if config != nil {
	90	sslCfg = config.tlsCfg
	91	}
	92	ctx := C.tls_client()
	93	if ctx == nil {
	94	return nil, errors.New("tls client failed")
	95	}
	96	if C.tls_configure(ctx, sslCfg) != 0 {
	97	return nil, errors.New("tls configure failed")
	98	}
	99	return &TLS{
	100	cfg: config,
	101	ctx: ctx,
	102	}, nil
	103	}
	104
	105	// Error returns the error message from the TLS context.
	106	func (t *TLS) Error() string {
	107	if msg := C.tls_error(t.ctx); msg != nil {
	108	return C.GoString(msg)
	109	}
	110	return ""
	111	}
	112
	113	// Connect attempts to establish an TLS connection to the specified host on
	114	// the given port. The host may optionally contain a colon separated port
	115	// value if the port string is specified as an empty string.
	116	func (t *TLS) Connect(host, port string) error {
	117	h := C.CString(host)
	118	var p *C.char
	119	if port != "" {
	120	p = C.CString(port)
	121	}
	122	defer C.free(unsafe.Pointer(h))
	123	defer C.free(unsafe.Pointer(p))
	124	if C.tls_connect(t.ctx, h, p) != 0 {
	125	return fmt.Errorf("connect failed: %v", t.Error())
	126	}
	127	return nil
	128	}
	129
	130	// Read reads data the TLS connection into the given buffer.
	131	func (t *TLS) Read(buf []byte) (int, error) {
	132	var inlen C.size_t
	133	if C.tls_read(t.ctx, unsafe.Pointer(&buf[0]), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(&inlen))) != 0 {
	134	return -1, fmt.Errorf("read failed: %v", t.Error())
	135	}
	136	return int(inlen), nil
	137	}
	138
	139	// Write writes the given data to the TLS connection.
	140	func (t *TLS) Write(buf []byte) (int, error) {
	141	var outlen C.size_t
	142	p := C.CString(string(buf))
	143	defer C.free(unsafe.Pointer(p))
	144	if C.tls_write(t.ctx, unsafe.Pointer(p), C.size_t(len(buf)), (*C.size_t)(unsafe.Pointer(&outlen))) != 0 {
	145	return -1, fmt.Errorf("write failed: %v", t.Error())
	146	}
	147	return int(outlen), nil
	148	}
	149
	150	// Close closes the TLS connection.
	151	func (t *TLS) Close() error {
	152	if C.tls_close(t.ctx) != 0 {
	153	return fmt.Errorf("close failed: %v", t.Error())
	154	}
	155	return nil
	156	}
	157
	158	// Free frees resources associated with the TLS context.
	159	func (t *TLS) Free() {
	160	if t.ctx == nil {
	161	return
	162	}
	163	C.tls_free(t.ctx)
	164	t.ctx = nil
	165	}