Add hssl_ctx_new, hssl_ctx_free

docs/API.md

@@ -422,6 +422,9 @@
 - hio_is_ssl
 - hio_get_ssl
 - hio_set_ssl
+- hio_get_ssl_ctx
+- hio_set_ssl_ctx
+- hio_new_ssl_ctx
 - hio_setcb_accept
 - hio_setcb_connect
 - hio_setcb_read
@@ -466,11 +469,6 @@
 - network_logger
 - nlog_listen
 
-### nmap.h
-- nmap_discover
-- segment_discover
-- host_discover
-
 ## evpp
 - class Buffer
 - class Channel
@@ -483,6 +481,21 @@
 - class UdpClient
 - class UdpServer
 
+## ssl
+- hssl_ctx_init
+- hssl_ctx_cleanup
+- hssl_ctx_instance
+- hssl_ctx_new
+- hssl_ctx_free
+- hssl_new
+- hssl_free
+- hssl_accept
+- hssl_connnect
+- hssl_read
+- hssl_write
+- hssl_close
+- hssl_set_sni_hostname
+
 ## protocol
 
 ### dns.h

ssl/appletls.c

@@ -762,20 +762,19 @@ const char* hssl_backend() {
 }
 
 typedef struct appletls_ctx {
-    SecIdentityRef cert;
-    hssl_ctx_init_param_t* param;
+    SecIdentityRef  cert;
+    hssl_ctx_opt_t* param;
 } appletls_ctx_t;
 
-hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
+hssl_ctx_t hssl_ctx_new(hssl_ctx_opt_t* param) {
     appletls_ctx_t* ctx = (appletls_ctx_t*)malloc(sizeof(appletls_ctx_t));
     if (ctx == NULL) return NULL;
     ctx->cert = NULL;
     ctx->param = param;
-    g_ssl_ctx = ctx;
     return ctx;
 }
 
-void hssl_ctx_cleanup(hssl_ctx_t ssl_ctx) {
+void hssl_ctx_free(hssl_ctx_t ssl_ctx) {
     if (ssl_ctx == NULL) return;
     appletls_ctx_t* ctx = (appletls_ctx_t*)ssl_ctx;
     if (ctx->cert) {

ssl/gnutls.c

@@ -10,7 +10,7 @@ const char* hssl_backend() {
 
 typedef gnutls_certificate_credentials_t gnutls_ctx_t;
 
-hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
+hssl_ctx_t hssl_ctx_new(hssl_ctx_opt_t* param) {
     static int s_initialized = 0;
     if (s_initialized == 0) {
         gnutls_global_init();
@@ -70,19 +70,14 @@ hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
             gnutls_certificate_set_x509_system_trust(ctx);
         }
     }
-
-    g_ssl_ctx = ctx;
     return ctx;
 error:
     gnutls_certificate_free_credentials(ctx);
     return NULL;
 }
 
-void hssl_ctx_cleanup(hssl_ctx_t ssl_ctx) {
+void hssl_ctx_free(hssl_ctx_t ssl_ctx) {
     if (!ssl_ctx) return;
-    if (g_ssl_ctx == ssl_ctx) {
-        g_ssl_ctx = NULL;
-    }
     gnutls_ctx_t ctx = (gnutls_ctx_t)ssl_ctx;
     gnutls_certificate_free_credentials(ctx);
 }

ssl/hssl.c

@@ -2,9 +2,23 @@
 
 hssl_ctx_t g_ssl_ctx = NULL;
 
+hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
+    if (g_ssl_ctx == NULL) {
+        hssl_ctx_t ssl_ctx = hssl_ctx_new(param);
+    }
+    return g_ssl_ctx;
+}
+
+void hssl_ctx_cleanup(hssl_ctx_t ssl_ctx) {
+    hssl_ctx_free(ssl_ctx);
+    if (g_ssl_ctx == ssl_ctx) {
+        g_ssl_ctx = NULL;
+    }
+}
+
 hssl_ctx_t hssl_ctx_instance() {
     if (g_ssl_ctx == NULL) {
-        g_ssl_ctx = hssl_ctx_init(NULL);
+        g_ssl_ctx = hssl_ctx_new(NULL);
     }
     return g_ssl_ctx;
 }

ssl/hssl.h

@@ -39,7 +39,7 @@ typedef struct {
     const char* ca_path;
     short       verify_peer;
     short       endpoint; // HSSL_SERVER / HSSL_CLIENT
-} hssl_ctx_init_param_t;
+} hssl_ctx_opt_t, hssl_ctx_init_param_t;
 
 BEGIN_EXTERN_C
 
@@ -64,6 +64,9 @@ HV_EXPORT hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param);
 HV_EXPORT void hssl_ctx_cleanup(hssl_ctx_t ssl_ctx);
 HV_EXPORT hssl_ctx_t hssl_ctx_instance();
 
+HV_EXPORT hssl_ctx_t hssl_ctx_new(hssl_ctx_opt_t* opt);
+HV_EXPORT void hssl_ctx_free(hssl_ctx_t ssl_ctx);
+
 HV_EXPORT hssl_t hssl_new(hssl_ctx_t ssl_ctx, int fd);
 HV_EXPORT void hssl_free(hssl_t ssl);
 

ssl/mbedtls.c

@@ -36,7 +36,7 @@ struct mbedtls_ctx {
 #endif
 };
 
-hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
+hssl_ctx_t hssl_ctx_new(hssl_ctx_opt_t* param) {
     struct mbedtls_ctx* ctx = (struct mbedtls_ctx*)malloc(sizeof(struct mbedtls_ctx));
     if (ctx == NULL) return NULL;
 
@@ -93,19 +93,14 @@ hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
             goto error;
         }
     }
-
-    g_ssl_ctx = ctx;
     return ctx;
 error:
     free(ctx);
     return NULL;
 }
 
-void hssl_ctx_cleanup(hssl_ctx_t ssl_ctx) {
+void hssl_ctx_free(hssl_ctx_t ssl_ctx) {
     if (!ssl_ctx) return;
-    if (g_ssl_ctx == ssl_ctx) {
-        g_ssl_ctx = NULL;
-    }
     struct mbedtls_ctx *mctx = (struct mbedtls_ctx *)ssl_ctx;
     mbedtls_x509_crt_free(&mctx->cert);
     mbedtls_pk_free(&mctx->pkey);

ssl/nossl.c

@@ -6,12 +6,12 @@ const char* hssl_backend() {
     return "nossl";
 }
 
-hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
+hssl_ctx_t hssl_ctx_new(hssl_ctx_opt_t* opt) {
     fprintf(stderr, "Please recompile WITH_SSL.\n");
     return NULL;
 }
 
-void hssl_ctx_cleanup(hssl_ctx_t ssl_ctx) {
+void hssl_ctx_free(hssl_ctx_t ssl_ctx) {
 }
 
 hssl_t hssl_new(hssl_ctx_t ssl_ctx, int fd) {

ssl/openssl.c

@@ -13,7 +13,7 @@ const char* hssl_backend() {
     return "openssl";
 }
 
-hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
+hssl_ctx_t hssl_ctx_new(hssl_ctx_opt_t* param) {
     static int s_initialized = 0;
     if (s_initialized == 0) {
 #if OPENSSL_VERSION_NUMBER < 0x10100000L
@@ -74,19 +74,14 @@ hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
         SSL_CTX_set_default_verify_paths(ctx);
     }
     SSL_CTX_set_verify(ctx, mode, NULL);
-
-    g_ssl_ctx = ctx;
     return ctx;
 error:
     SSL_CTX_free(ctx);
     return NULL;
 }
 
-void hssl_ctx_cleanup(hssl_ctx_t ssl_ctx) {
+void hssl_ctx_free(hssl_ctx_t ssl_ctx) {
     if (!ssl_ctx) return;
-    if (g_ssl_ctx == ssl_ctx) {
-        g_ssl_ctx = NULL;
-    }
     SSL_CTX_free((SSL_CTX*)ssl_ctx);
 }
 

ssl/wintls.c

@@ -6,12 +6,12 @@ const char* hssl_backend() {
     return "nossl";
 }
 
-hssl_ctx_t hssl_ctx_init(hssl_ctx_init_param_t* param) {
+hssl_ctx_t hssl_ctx_new(hssl_ctx_opt_t* opt) {
     fprintf(stderr, "Please recompile WITH_SSL.\n");
     return NULL;
 }
 
-void hssl_ctx_cleanup(hssl_ctx_t ssl_ctx) {
+void hssl_ctx_free(hssl_ctx_t ssl_ctx) {
 }
 
 hssl_t hssl_new(hssl_ctx_t ssl_ctx, int fd) {