diff options
Diffstat (limited to 'modules/mbedtls')
-rw-r--r-- | modules/mbedtls/crypto_mbedtls.h | 6 | ||||
-rw-r--r-- | modules/mbedtls/dtls_server_mbedtls.h | 2 | ||||
-rw-r--r-- | modules/mbedtls/packet_peer_mbed_dtls.cpp | 42 | ||||
-rw-r--r-- | modules/mbedtls/packet_peer_mbed_dtls.h | 4 | ||||
-rw-r--r-- | modules/mbedtls/register_types.cpp | 4 | ||||
-rw-r--r-- | modules/mbedtls/stream_peer_mbedtls.cpp | 38 | ||||
-rw-r--r-- | modules/mbedtls/stream_peer_mbedtls.h | 8 | ||||
-rw-r--r-- | modules/mbedtls/tls_context_mbedtls.cpp (renamed from modules/mbedtls/ssl_context_mbedtls.cpp) | 32 | ||||
-rw-r--r-- | modules/mbedtls/tls_context_mbedtls.h (renamed from modules/mbedtls/ssl_context_mbedtls.h) | 20 |
9 files changed, 78 insertions, 78 deletions
diff --git a/modules/mbedtls/crypto_mbedtls.h b/modules/mbedtls/crypto_mbedtls.h index 5ba7e9cbf6..f129ef6f11 100644 --- a/modules/mbedtls/crypto_mbedtls.h +++ b/modules/mbedtls/crypto_mbedtls.h @@ -39,7 +39,7 @@ #include <mbedtls/ssl.h> class CryptoMbedTLS; -class SSLContextMbedTLS; +class TLSContextMbedTLS; class CryptoKeyMbedTLS : public CryptoKey { private: mbedtls_pk_context pkey; @@ -69,7 +69,7 @@ public: _FORCE_INLINE_ void unlock() { locks--; } friend class CryptoMbedTLS; - friend class SSLContextMbedTLS; + friend class TLSContextMbedTLS; }; class X509CertificateMbedTLS : public X509Certificate { @@ -98,7 +98,7 @@ public: _FORCE_INLINE_ void unlock() { locks--; } friend class CryptoMbedTLS; - friend class SSLContextMbedTLS; + friend class TLSContextMbedTLS; }; class HMACContextMbedTLS : public HMACContext { diff --git a/modules/mbedtls/dtls_server_mbedtls.h b/modules/mbedtls/dtls_server_mbedtls.h index a6626c9f65..0c9f10b5ed 100644 --- a/modules/mbedtls/dtls_server_mbedtls.h +++ b/modules/mbedtls/dtls_server_mbedtls.h @@ -32,7 +32,7 @@ #define DTLS_SERVER_MBEDTLS_H #include "core/io/dtls_server.h" -#include "ssl_context_mbedtls.h" +#include "tls_context_mbedtls.h" class DTLSServerMbedTLS : public DTLSServer { private: diff --git a/modules/mbedtls/packet_peer_mbed_dtls.cpp b/modules/mbedtls/packet_peer_mbed_dtls.cpp index 78a06ff4a1..e84d95773d 100644 --- a/modules/mbedtls/packet_peer_mbed_dtls.cpp +++ b/modules/mbedtls/packet_peer_mbed_dtls.cpp @@ -79,7 +79,7 @@ int PacketPeerMbedDTLS::bio_recv(void *ctx, unsigned char *buf, size_t len) { } void PacketPeerMbedDTLS::_cleanup() { - ssl_ctx->clear(); + tls_ctx->clear(); base = Ref<PacketPeer>(); status = STATUS_DISCONNECTED; } @@ -91,16 +91,16 @@ int PacketPeerMbedDTLS::_set_cookie() { uint16_t port = base->get_packet_port(); memcpy(client_id, addr.get_ipv6(), 16); memcpy(&client_id[16], (uint8_t *)&port, 2); - return mbedtls_ssl_set_client_transport_id(ssl_ctx->get_context(), client_id, 18); + return mbedtls_ssl_set_client_transport_id(tls_ctx->get_context(), client_id, 18); } Error PacketPeerMbedDTLS::_do_handshake() { int ret = 0; - while ((ret = mbedtls_ssl_handshake(ssl_ctx->get_context())) != 0) { + while ((ret = mbedtls_ssl_handshake(tls_ctx->get_context())) != 0) { if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { if (ret != MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED) { ERR_PRINT("TLS handshake error: " + itos(ret)); - SSLContextMbedTLS::print_mbedtls_error(ret); + TLSContextMbedTLS::print_mbedtls_error(ret); } _cleanup(); status = STATUS_ERROR; @@ -121,12 +121,12 @@ Error PacketPeerMbedDTLS::connect_to_peer(Ref<PacketPeerUDP> p_base, bool p_vali int ret = 0; int authmode = p_validate_certs ? MBEDTLS_SSL_VERIFY_REQUIRED : MBEDTLS_SSL_VERIFY_NONE; - Error err = ssl_ctx->init_client(MBEDTLS_SSL_TRANSPORT_DATAGRAM, authmode, p_ca_certs); + Error err = tls_ctx->init_client(MBEDTLS_SSL_TRANSPORT_DATAGRAM, authmode, p_ca_certs); ERR_FAIL_COND_V(err != OK, err); - mbedtls_ssl_set_hostname(ssl_ctx->get_context(), p_for_hostname.utf8().get_data()); - mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, nullptr); - mbedtls_ssl_set_timer_cb(ssl_ctx->get_context(), &timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay); + mbedtls_ssl_set_hostname(tls_ctx->get_context(), p_for_hostname.utf8().get_data()); + mbedtls_ssl_set_bio(tls_ctx->get_context(), this, bio_send, bio_recv, nullptr); + mbedtls_ssl_set_timer_cb(tls_ctx->get_context(), &timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay); status = STATUS_HANDSHAKING; @@ -139,13 +139,13 @@ Error PacketPeerMbedDTLS::connect_to_peer(Ref<PacketPeerUDP> p_base, bool p_vali } Error PacketPeerMbedDTLS::accept_peer(Ref<PacketPeerUDP> p_base, Ref<CryptoKey> p_key, Ref<X509Certificate> p_cert, Ref<X509Certificate> p_ca_chain, Ref<CookieContextMbedTLS> p_cookies) { - Error err = ssl_ctx->init_server(MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_VERIFY_NONE, p_key, p_cert, p_cookies); + Error err = tls_ctx->init_server(MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_VERIFY_NONE, p_key, p_cert, p_cookies); ERR_FAIL_COND_V(err != OK, err); base = p_base; base->set_blocking_mode(false); - mbedtls_ssl_session_reset(ssl_ctx->get_context()); + mbedtls_ssl_session_reset(tls_ctx->get_context()); int ret = _set_cookie(); if (ret != 0) { @@ -153,8 +153,8 @@ Error PacketPeerMbedDTLS::accept_peer(Ref<PacketPeerUDP> p_base, Ref<CryptoKey> ERR_FAIL_V_MSG(FAILED, "Error setting DTLS client cookie"); } - mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, nullptr); - mbedtls_ssl_set_timer_cb(ssl_ctx->get_context(), &timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay); + mbedtls_ssl_set_bio(tls_ctx->get_context(), this, bio_send, bio_recv, nullptr); + mbedtls_ssl_set_timer_cb(tls_ctx->get_context(), &timer, mbedtls_timing_set_delay, mbedtls_timing_get_delay); status = STATUS_HANDSHAKING; @@ -173,11 +173,11 @@ Error PacketPeerMbedDTLS::put_packet(const uint8_t *p_buffer, int p_bytes) { return OK; } - int ret = mbedtls_ssl_write(ssl_ctx->get_context(), p_buffer, p_bytes); + int ret = mbedtls_ssl_write(tls_ctx->get_context(), p_buffer, p_bytes); if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { ret = 0; // non blocking io } else if (ret <= 0) { - SSLContextMbedTLS::print_mbedtls_error(ret); + TLSContextMbedTLS::print_mbedtls_error(ret); _cleanup(); return ERR_CONNECTION_ERROR; } @@ -190,7 +190,7 @@ Error PacketPeerMbedDTLS::get_packet(const uint8_t **r_buffer, int &r_bytes) { r_bytes = 0; - int ret = mbedtls_ssl_read(ssl_ctx->get_context(), packet_buffer, PACKET_BUFFER_SIZE); + int ret = mbedtls_ssl_read(tls_ctx->get_context(), packet_buffer, PACKET_BUFFER_SIZE); if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { ret = 0; // non blocking io } else if (ret <= 0) { @@ -200,7 +200,7 @@ Error PacketPeerMbedDTLS::get_packet(const uint8_t **r_buffer, int &r_bytes) { } else { _cleanup(); status = STATUS_ERROR; - SSLContextMbedTLS::print_mbedtls_error(ret); + TLSContextMbedTLS::print_mbedtls_error(ret); } return ERR_CONNECTION_ERROR; } @@ -220,7 +220,7 @@ void PacketPeerMbedDTLS::poll() { ERR_FAIL_COND(!base.is_valid()); - int ret = mbedtls_ssl_read(ssl_ctx->get_context(), nullptr, 0); + int ret = mbedtls_ssl_read(tls_ctx->get_context(), nullptr, 0); if (ret < 0 && ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) { @@ -229,7 +229,7 @@ void PacketPeerMbedDTLS::poll() { } else { _cleanup(); status = STATUS_ERROR; - SSLContextMbedTLS::print_mbedtls_error(ret); + TLSContextMbedTLS::print_mbedtls_error(ret); } } } @@ -237,7 +237,7 @@ void PacketPeerMbedDTLS::poll() { int PacketPeerMbedDTLS::get_available_packet_count() const { ERR_FAIL_COND_V(status != STATUS_CONNECTED, 0); - return mbedtls_ssl_get_bytes_avail(&(ssl_ctx->ssl)) > 0 ? 1 : 0; + return mbedtls_ssl_get_bytes_avail(&(tls_ctx->tls)) > 0 ? 1 : 0; } int PacketPeerMbedDTLS::get_max_packet_size() const { @@ -245,7 +245,7 @@ int PacketPeerMbedDTLS::get_max_packet_size() const { } PacketPeerMbedDTLS::PacketPeerMbedDTLS() { - ssl_ctx.instantiate(); + tls_ctx.instantiate(); } PacketPeerMbedDTLS::~PacketPeerMbedDTLS() { @@ -261,7 +261,7 @@ void PacketPeerMbedDTLS::disconnect_from_peer() { int ret = 0; // Send SSL close notification, blocking, but ignore other errors. do { - ret = mbedtls_ssl_close_notify(ssl_ctx->get_context()); + ret = mbedtls_ssl_close_notify(tls_ctx->get_context()); } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); } diff --git a/modules/mbedtls/packet_peer_mbed_dtls.h b/modules/mbedtls/packet_peer_mbed_dtls.h index 5f2f42cd30..cc79057d67 100644 --- a/modules/mbedtls/packet_peer_mbed_dtls.h +++ b/modules/mbedtls/packet_peer_mbed_dtls.h @@ -32,7 +32,7 @@ #define PACKET_PEER_MBED_DTLS_H #include "core/io/packet_peer_dtls.h" -#include "ssl_context_mbedtls.h" +#include "tls_context_mbedtls.h" #include <mbedtls/timing.h> @@ -56,7 +56,7 @@ private: void _cleanup(); protected: - Ref<SSLContextMbedTLS> ssl_ctx; + Ref<TLSContextMbedTLS> tls_ctx; mbedtls_timing_delay_context timer; Error _do_handshake(); diff --git a/modules/mbedtls/register_types.cpp b/modules/mbedtls/register_types.cpp index 2d4a18b3fc..675091b617 100644 --- a/modules/mbedtls/register_types.cpp +++ b/modules/mbedtls/register_types.cpp @@ -45,7 +45,7 @@ void initialize_mbedtls_module(ModuleInitializationLevel p_level) { } CryptoMbedTLS::initialize_crypto(); - StreamPeerMbedTLS::initialize_ssl(); + StreamPeerMbedTLS::initialize_tls(); PacketPeerMbedDTLS::initialize_dtls(); DTLSServerMbedTLS::initialize(); } @@ -57,6 +57,6 @@ void uninitialize_mbedtls_module(ModuleInitializationLevel p_level) { DTLSServerMbedTLS::finalize(); PacketPeerMbedDTLS::finalize_dtls(); - StreamPeerMbedTLS::finalize_ssl(); + StreamPeerMbedTLS::finalize_tls(); CryptoMbedTLS::finalize_crypto(); } diff --git a/modules/mbedtls/stream_peer_mbedtls.cpp b/modules/mbedtls/stream_peer_mbedtls.cpp index 0bf4ca7032..a97c6bd916 100644 --- a/modules/mbedtls/stream_peer_mbedtls.cpp +++ b/modules/mbedtls/stream_peer_mbedtls.cpp @@ -74,18 +74,18 @@ int StreamPeerMbedTLS::bio_recv(void *ctx, unsigned char *buf, size_t len) { } void StreamPeerMbedTLS::_cleanup() { - ssl_ctx->clear(); + tls_ctx->clear(); base = Ref<StreamPeer>(); status = STATUS_DISCONNECTED; } Error StreamPeerMbedTLS::_do_handshake() { int ret = 0; - while ((ret = mbedtls_ssl_handshake(ssl_ctx->get_context())) != 0) { + while ((ret = mbedtls_ssl_handshake(tls_ctx->get_context())) != 0) { if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) { // An error occurred. ERR_PRINT("TLS handshake error: " + itos(ret)); - SSLContextMbedTLS::print_mbedtls_error(ret); + TLSContextMbedTLS::print_mbedtls_error(ret); disconnect_from_stream(); status = STATUS_ERROR; return FAILED; @@ -108,11 +108,11 @@ Error StreamPeerMbedTLS::connect_to_stream(Ref<StreamPeer> p_base, bool p_valida base = p_base; int authmode = p_validate_certs ? MBEDTLS_SSL_VERIFY_REQUIRED : MBEDTLS_SSL_VERIFY_NONE; - Error err = ssl_ctx->init_client(MBEDTLS_SSL_TRANSPORT_STREAM, authmode, p_ca_certs); + Error err = tls_ctx->init_client(MBEDTLS_SSL_TRANSPORT_STREAM, authmode, p_ca_certs); ERR_FAIL_COND_V(err != OK, err); - mbedtls_ssl_set_hostname(ssl_ctx->get_context(), p_for_hostname.utf8().get_data()); - mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, nullptr); + mbedtls_ssl_set_hostname(tls_ctx->get_context(), p_for_hostname.utf8().get_data()); + mbedtls_ssl_set_bio(tls_ctx->get_context(), this, bio_send, bio_recv, nullptr); status = STATUS_HANDSHAKING; @@ -127,12 +127,12 @@ Error StreamPeerMbedTLS::connect_to_stream(Ref<StreamPeer> p_base, bool p_valida Error StreamPeerMbedTLS::accept_stream(Ref<StreamPeer> p_base, Ref<CryptoKey> p_key, Ref<X509Certificate> p_cert, Ref<X509Certificate> p_ca_chain) { ERR_FAIL_COND_V(p_base.is_null(), ERR_INVALID_PARAMETER); - Error err = ssl_ctx->init_server(MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_VERIFY_NONE, p_key, p_cert); + Error err = tls_ctx->init_server(MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_VERIFY_NONE, p_key, p_cert); ERR_FAIL_COND_V(err != OK, err); base = p_base; - mbedtls_ssl_set_bio(ssl_ctx->get_context(), this, bio_send, bio_recv, nullptr); + mbedtls_ssl_set_bio(tls_ctx->get_context(), this, bio_send, bio_recv, nullptr); status = STATUS_HANDSHAKING; @@ -173,7 +173,7 @@ Error StreamPeerMbedTLS::put_partial_data(const uint8_t *p_data, int p_bytes, in return OK; } - int ret = mbedtls_ssl_write(ssl_ctx->get_context(), p_data, p_bytes); + int ret = mbedtls_ssl_write(tls_ctx->get_context(), p_data, p_bytes); if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { // Non blocking IO ret = 0; @@ -182,7 +182,7 @@ Error StreamPeerMbedTLS::put_partial_data(const uint8_t *p_data, int p_bytes, in disconnect_from_stream(); return ERR_FILE_EOF; } else if (ret <= 0) { - SSLContextMbedTLS::print_mbedtls_error(ret); + TLSContextMbedTLS::print_mbedtls_error(ret); disconnect_from_stream(); return ERR_CONNECTION_ERROR; } @@ -216,7 +216,7 @@ Error StreamPeerMbedTLS::get_partial_data(uint8_t *p_buffer, int p_bytes, int &r r_received = 0; - int ret = mbedtls_ssl_read(ssl_ctx->get_context(), p_buffer, p_bytes); + int ret = mbedtls_ssl_read(tls_ctx->get_context(), p_buffer, p_bytes); if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { ret = 0; // non blocking io } else if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) { @@ -224,7 +224,7 @@ Error StreamPeerMbedTLS::get_partial_data(uint8_t *p_buffer, int p_bytes, int &r disconnect_from_stream(); return ERR_FILE_EOF; } else if (ret <= 0) { - SSLContextMbedTLS::print_mbedtls_error(ret); + TLSContextMbedTLS::print_mbedtls_error(ret); disconnect_from_stream(); return ERR_CONNECTION_ERROR; } @@ -245,7 +245,7 @@ void StreamPeerMbedTLS::poll() { // We could pass nullptr as second parameter, but some behaviour sanitizers don't seem to like that. // Passing a 1 byte buffer to workaround it. uint8_t byte; - int ret = mbedtls_ssl_read(ssl_ctx->get_context(), &byte, 0); + int ret = mbedtls_ssl_read(tls_ctx->get_context(), &byte, 0); if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) { // Nothing to read/write (non blocking IO) @@ -254,7 +254,7 @@ void StreamPeerMbedTLS::poll() { disconnect_from_stream(); return; } else if (ret < 0) { - SSLContextMbedTLS::print_mbedtls_error(ret); + TLSContextMbedTLS::print_mbedtls_error(ret); disconnect_from_stream(); return; } @@ -269,11 +269,11 @@ void StreamPeerMbedTLS::poll() { int StreamPeerMbedTLS::get_available_bytes() const { ERR_FAIL_COND_V(status != STATUS_CONNECTED, 0); - return mbedtls_ssl_get_bytes_avail(&(ssl_ctx->ssl)); + return mbedtls_ssl_get_bytes_avail(&(tls_ctx->tls)); } StreamPeerMbedTLS::StreamPeerMbedTLS() { - ssl_ctx.instantiate(); + tls_ctx.instantiate(); } StreamPeerMbedTLS::~StreamPeerMbedTLS() { @@ -288,7 +288,7 @@ void StreamPeerMbedTLS::disconnect_from_stream() { Ref<StreamPeerTCP> tcp = base; if (tcp.is_valid() && tcp->get_status() == StreamPeerTCP::STATUS_CONNECTED) { // We are still connected on the socket, try to send close notify. - mbedtls_ssl_close_notify(ssl_ctx->get_context()); + mbedtls_ssl_close_notify(tls_ctx->get_context()); } _cleanup(); @@ -306,12 +306,12 @@ StreamPeerTLS *StreamPeerMbedTLS::_create_func() { return memnew(StreamPeerMbedTLS); } -void StreamPeerMbedTLS::initialize_ssl() { +void StreamPeerMbedTLS::initialize_tls() { _create = _create_func; available = true; } -void StreamPeerMbedTLS::finalize_ssl() { +void StreamPeerMbedTLS::finalize_tls() { available = false; _create = nullptr; } diff --git a/modules/mbedtls/stream_peer_mbedtls.h b/modules/mbedtls/stream_peer_mbedtls.h index 12d06d05ed..9219269539 100644 --- a/modules/mbedtls/stream_peer_mbedtls.h +++ b/modules/mbedtls/stream_peer_mbedtls.h @@ -32,7 +32,7 @@ #define STREAM_PEER_MBEDTLS_H #include "core/io/stream_peer_tls.h" -#include "ssl_context_mbedtls.h" +#include "tls_context_mbedtls.h" class StreamPeerMbedTLS : public StreamPeerTLS { private: @@ -48,7 +48,7 @@ private: void _cleanup(); protected: - Ref<SSLContextMbedTLS> ssl_ctx; + Ref<TLSContextMbedTLS> tls_ctx; Error _do_handshake(); @@ -69,8 +69,8 @@ public: virtual int get_available_bytes() const; - static void initialize_ssl(); - static void finalize_ssl(); + static void initialize_tls(); + static void finalize_tls(); StreamPeerMbedTLS(); ~StreamPeerMbedTLS(); diff --git a/modules/mbedtls/ssl_context_mbedtls.cpp b/modules/mbedtls/tls_context_mbedtls.cpp index e2dad074cc..1ae7bc0436 100644 --- a/modules/mbedtls/ssl_context_mbedtls.cpp +++ b/modules/mbedtls/tls_context_mbedtls.cpp @@ -1,5 +1,5 @@ /*************************************************************************/ -/* ssl_context_mbedtls.cpp */ +/* tls_context_mbedtls.cpp */ /*************************************************************************/ /* This file is part of: */ /* GODOT ENGINE */ @@ -28,7 +28,7 @@ /* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ /*************************************************************************/ -#include "ssl_context_mbedtls.h" +#include "tls_context_mbedtls.h" static void my_debug(void *ctx, int level, const char *file, int line, @@ -37,7 +37,7 @@ static void my_debug(void *ctx, int level, fflush(stdout); } -void SSLContextMbedTLS::print_mbedtls_error(int p_ret) { +void TLSContextMbedTLS::print_mbedtls_error(int p_ret) { printf("mbedtls error: returned -0x%x\n\n", -p_ret); fflush(stdout); } @@ -82,12 +82,12 @@ CookieContextMbedTLS::~CookieContextMbedTLS() { clear(); } -/// SSLContextMbedTLS +/// TLSContextMbedTLS -Error SSLContextMbedTLS::_setup(int p_endpoint, int p_transport, int p_authmode) { +Error TLSContextMbedTLS::_setup(int p_endpoint, int p_transport, int p_authmode) { ERR_FAIL_COND_V_MSG(inited, ERR_ALREADY_IN_USE, "This SSL context is already active"); - mbedtls_ssl_init(&ssl); + mbedtls_ssl_init(&tls); mbedtls_ssl_config_init(&conf); mbedtls_ctr_drbg_init(&ctr_drbg); mbedtls_entropy_init(&entropy); @@ -110,7 +110,7 @@ Error SSLContextMbedTLS::_setup(int p_endpoint, int p_transport, int p_authmode) return OK; } -Error SSLContextMbedTLS::init_server(int p_transport, int p_authmode, Ref<CryptoKeyMbedTLS> p_pkey, Ref<X509CertificateMbedTLS> p_cert, Ref<CookieContextMbedTLS> p_cookies) { +Error TLSContextMbedTLS::init_server(int p_transport, int p_authmode, Ref<CryptoKeyMbedTLS> p_pkey, Ref<X509CertificateMbedTLS> p_cert, Ref<CookieContextMbedTLS> p_cookies) { ERR_FAIL_COND_V(!p_pkey.is_valid(), ERR_INVALID_PARAMETER); ERR_FAIL_COND_V(!p_cert.is_valid(), ERR_INVALID_PARAMETER); @@ -146,11 +146,11 @@ Error SSLContextMbedTLS::init_server(int p_transport, int p_authmode, Ref<Crypto cookies = p_cookies; mbedtls_ssl_conf_dtls_cookies(&conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check, &(cookies->cookie_ctx)); } - mbedtls_ssl_setup(&ssl, &conf); + mbedtls_ssl_setup(&tls, &conf); return OK; } -Error SSLContextMbedTLS::init_client(int p_transport, int p_authmode, Ref<X509CertificateMbedTLS> p_valid_cas) { +Error TLSContextMbedTLS::init_client(int p_transport, int p_authmode, Ref<X509CertificateMbedTLS> p_valid_cas) { Error err = _setup(MBEDTLS_SSL_IS_CLIENT, p_transport, p_authmode); ERR_FAIL_COND_V(err != OK, err); @@ -172,15 +172,15 @@ Error SSLContextMbedTLS::init_client(int p_transport, int p_authmode, Ref<X509Ce // Set valid CAs mbedtls_ssl_conf_ca_chain(&conf, &(cas->cert), nullptr); - mbedtls_ssl_setup(&ssl, &conf); + mbedtls_ssl_setup(&tls, &conf); return OK; } -void SSLContextMbedTLS::clear() { +void TLSContextMbedTLS::clear() { if (!inited) { return; } - mbedtls_ssl_free(&ssl); + mbedtls_ssl_free(&tls); mbedtls_ssl_config_free(&conf); mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); @@ -198,14 +198,14 @@ void SSLContextMbedTLS::clear() { inited = false; } -mbedtls_ssl_context *SSLContextMbedTLS::get_context() { +mbedtls_ssl_context *TLSContextMbedTLS::get_context() { ERR_FAIL_COND_V(!inited, nullptr); - return &ssl; + return &tls; } -SSLContextMbedTLS::SSLContextMbedTLS() { +TLSContextMbedTLS::TLSContextMbedTLS() { } -SSLContextMbedTLS::~SSLContextMbedTLS() { +TLSContextMbedTLS::~TLSContextMbedTLS() { clear(); } diff --git a/modules/mbedtls/ssl_context_mbedtls.h b/modules/mbedtls/tls_context_mbedtls.h index 5883388311..5e7b3dc46e 100644 --- a/modules/mbedtls/ssl_context_mbedtls.h +++ b/modules/mbedtls/tls_context_mbedtls.h @@ -1,5 +1,5 @@ /*************************************************************************/ -/* ssl_context_mbedtls.h */ +/* tls_context_mbedtls.h */ /*************************************************************************/ /* This file is part of: */ /* GODOT ENGINE */ @@ -28,8 +28,8 @@ /* SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ /*************************************************************************/ -#ifndef SSL_CONTEXT_MBEDTLS_H -#define SSL_CONTEXT_MBEDTLS_H +#ifndef TLS_CONTEXT_MBEDTLS_H +#define TLS_CONTEXT_MBEDTLS_H #include "crypto_mbedtls.h" @@ -44,10 +44,10 @@ #include <mbedtls/ssl.h> #include <mbedtls/ssl_cookie.h> -class SSLContextMbedTLS; +class TLSContextMbedTLS; class CookieContextMbedTLS : public RefCounted { - friend class SSLContextMbedTLS; + friend class TLSContextMbedTLS; protected: bool inited = false; @@ -63,7 +63,7 @@ public: ~CookieContextMbedTLS(); }; -class SSLContextMbedTLS : public RefCounted { +class TLSContextMbedTLS : public RefCounted { protected: bool inited = false; @@ -73,7 +73,7 @@ public: Ref<X509CertificateMbedTLS> certs; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; - mbedtls_ssl_context ssl; + mbedtls_ssl_context tls; mbedtls_ssl_config conf; Ref<CookieContextMbedTLS> cookies; @@ -86,8 +86,8 @@ public: mbedtls_ssl_context *get_context(); - SSLContextMbedTLS(); - ~SSLContextMbedTLS(); + TLSContextMbedTLS(); + ~TLSContextMbedTLS(); }; -#endif // SSL_CONTEXT_MBEDTLS_H +#endif // TLS_CONTEXT_MBEDTLS_H |