diff --git a/client.c b/client.c index 53aaa18..ab62c55 100644 --- a/client.c +++ b/client.c @@ -69,8 +69,8 @@ static unsigned int psk_client_callback(SSL *ssl, const char *hint, char *identi } static int dtls_client_connect(const struct keyentry_t *keyentry, const char *host_port) { - struct generic_ssl_ctx_t gctx; - create_generic_ssl_context(&gctx, false); + struct generic_tls_ctx_t gctx; + create_generic_tls_context(&gctx, false); SSL_CTX_set_psk_client_callback(gctx.ctx, psk_client_callback); @@ -121,7 +121,7 @@ static int dtls_client_connect(const struct keyentry_t *keyentry, const char *ho } } BIO_free_all(conn); - free_generic_ssl_context(&gctx); + free_generic_tls_context(&gctx); return 0; } diff --git a/openssl.c b/openssl.c index 06bd5d0..fb22fc6 100644 --- a/openssl.c +++ b/openssl.c @@ -36,32 +36,32 @@ bool openssl_init(void) { return true; } -bool create_generic_ssl_context(struct generic_ssl_ctx_t *gctx, bool server) { - memset(gctx, 0, sizeof(struct generic_ssl_ctx_t)); +bool create_generic_tls_context(struct generic_tls_ctx_t *gctx, bool server) { + memset(gctx, 0, sizeof(struct generic_tls_ctx_t)); gctx->conf_ctx = SSL_CONF_CTX_new(); if (!gctx->conf_ctx) { - log_openssl(LLVL_FATAL, "Cannot initialize SSL generic context config context."); + log_openssl(LLVL_FATAL, "Cannot initialize TLS generic context config context."); return false; } if (server) { gctx->method = TLS_server_method(); if (!gctx->method) { - log_openssl(LLVL_FATAL, "Cannot initialize SSL server method."); + log_openssl(LLVL_FATAL, "Cannot initialize TLS server method."); return false; } } else { gctx->method = TLS_client_method(); if (!gctx->method) { - log_openssl(LLVL_FATAL, "Cannot initialize SSL client method."); + log_openssl(LLVL_FATAL, "Cannot initialize TLS client method."); return false; } } gctx->ctx = SSL_CTX_new(gctx->method); if (!gctx->ctx) { - log_openssl(LLVL_FATAL, "Cannot initialize SSL generic context context."); + log_openssl(LLVL_FATAL, "Cannot initialize TLS generic context context."); return false; } @@ -75,12 +75,12 @@ bool create_generic_ssl_context(struct generic_ssl_ctx_t *gctx, bool server) { SSL_CTX_set_options(gctx->ctx, flags); if (!SSL_CTX_set_min_proto_version(gctx->ctx, TLS1_2_VERSION)) { - log_openssl(LLVL_FATAL, "Cannot set SSL generic context minimal version."); + log_openssl(LLVL_FATAL, "Cannot set TLS generic context minimal version."); return false; } if (!SSL_CTX_set_cipher_list(gctx->ctx, "ECDHE-PSK-CHACHA20-POLY1305")) { - log_openssl(LLVL_FATAL, "Cannot set SSL generic context cipher suites."); + log_openssl(LLVL_FATAL, "Cannot set TLS generic context cipher suites."); return false; } @@ -88,20 +88,20 @@ bool create_generic_ssl_context(struct generic_ssl_ctx_t *gctx, bool server) { * (PSK); however for the future we want to have proper crypto here as * well. */ if (!SSL_CTX_set1_sigalgs_list(gctx->ctx, "ECDSA+SHA256:RSA+SHA256:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA512:RSA+SHA512")) { - log_openssl(LLVL_FATAL, "Cannot set SSL signature algorithms."); + log_openssl(LLVL_FATAL, "Cannot set TLS generic context signature algorithms."); return false; } /* TODO: When X448 becomes available, include it here. */ if (!SSL_CTX_set1_curves_list(gctx->ctx, "X25519")) { - log_openssl(LLVL_FATAL, "Cannot set SSL generic context ECDHE curves."); + log_openssl(LLVL_FATAL, "Cannot set TLS generic context ECDHE curves."); return false; } return true; } -void free_generic_ssl_context(struct generic_ssl_ctx_t *gctx) { +void free_generic_tls_context(struct generic_tls_ctx_t *gctx) { SSL_CTX_free(gctx->ctx); gctx->ctx = NULL; diff --git a/openssl.h b/openssl.h index 3e89655..cd2e072 100644 --- a/openssl.h +++ b/openssl.h @@ -27,7 +27,7 @@ #include #include -struct generic_ssl_ctx_t { +struct generic_tls_ctx_t { SSL_CONF_CTX *conf_ctx; const SSL_METHOD *method; SSL_CTX *ctx; @@ -35,8 +35,8 @@ struct generic_ssl_ctx_t { /*************** AUTO GENERATED SECTION FOLLOWS ***************/ bool openssl_init(void); -bool create_generic_ssl_context(struct generic_ssl_ctx_t *gctx, bool server); -void free_generic_ssl_context(struct generic_ssl_ctx_t *gctx); +bool create_generic_tls_context(struct generic_tls_ctx_t *gctx, bool server); +void free_generic_tls_context(struct generic_tls_ctx_t *gctx); /*************** AUTO GENERATED SECTION ENDS ***************/ #endif diff --git a/server.c b/server.c index badea68..c5a7752 100644 --- a/server.c +++ b/server.c @@ -181,8 +181,8 @@ bool dtls_server(const struct keyentry_t *key, const struct options_t *options) return true; } - struct generic_ssl_ctx_t gctx; - create_generic_ssl_context(&gctx, true); + struct generic_tls_ctx_t gctx; + create_generic_tls_context(&gctx, true); server_key = key; { @@ -195,7 +195,7 @@ bool dtls_server(const struct keyentry_t *key, const struct options_t *options) int tcp_sock = create_tcp_socket(options->port); if (tcp_sock == -1) { log_msg(LLVL_ERROR, "Cannot start server without server socket."); - free_generic_ssl_context(&gctx); + free_generic_tls_context(&gctx); return false; } @@ -203,7 +203,7 @@ bool dtls_server(const struct keyentry_t *key, const struct options_t *options) if (tcp_sock == -1) { log_msg(LLVL_ERROR, "Cannot broadcast without announcement UDP socket."); close(tcp_sock); - free_generic_ssl_context(&gctx); + free_generic_tls_context(&gctx); return false; } @@ -233,7 +233,7 @@ bool dtls_server(const struct keyentry_t *key, const struct options_t *options) log_libc(LLVL_ERROR, "Unable to accept(2)"); close(udp_sock); close(tcp_sock); - free_generic_ssl_context(&gctx); + free_generic_tls_context(&gctx); return false; } @@ -295,7 +295,7 @@ bool dtls_server(const struct keyentry_t *key, const struct options_t *options) close(udp_sock); close(tcp_sock); - free_generic_ssl_context(&gctx); + free_generic_tls_context(&gctx); return true; }