void ressl_config_insecure_no_verify(struct ressl_config *config);
void ressl_config_verify(struct ressl_config *config);
-struct ressl *ressl_new(void);
+struct ressl *ressl_client(void);
int ressl_configure(struct ressl *ctx, struct ressl_config *config);
void ressl_reset(struct ressl *ctx);
void ressl_free(struct ressl *ctx);
#include <ressl.h>
#include "ressl_internal.h"
+struct ressl *
+ressl_client(void)
+{
+ struct ressl *ctx;
+
+ if ((ctx = ressl_new()) == NULL)
+ return (NULL);
+
+ ctx->flags |= RESSL_CLIENT;
+
+ return (ctx);
+}
+
int
ressl_connect(struct ressl *ctx, const char *host, const char *port)
{
char *hs = NULL, *ps = NULL;
int rv = -1, s = -1, ret;
+ if ((ctx->flags & RESSL_CLIENT) == 0) {
+ ressl_set_error(ctx, "not a client context");
+ goto err;
+ }
+
if (host == NULL) {
ressl_set_error(ctx, "host not specified");
goto err;
X509 *cert = NULL;
int ret;
+ if ((ctx->flags & RESSL_CLIENT) == 0) {
+ ressl_set_error(ctx, "not a client context");
+ goto err;
+ }
+
ctx->socket = socket;
/* XXX - add a configuration option to control versions. */
int verify_depth;
};
+#define RESSL_CLIENT (1 << 0)
+#define RESSL_SERVER (1 << 1)
+
struct ressl {
struct ressl_config *config;
+ uint64_t flags;
int err;
char *errmsg;
SSL_CTX *ssl_ctx;
};
+struct ressl *ressl_new(void);
+
int ressl_check_hostname(X509 *cert, const char *host);
int ressl_host_port(const char *hostport, char **host, char **port);
int ressl_set_error(struct ressl *ctx, char *fmt, ...);
projects / openbsd / commitdiff