zxid
21 results

 view release on metacpan or  search on metacpan

hiinit.c  view on Meta::CPAN 

  pthread_cond_init(&shf->todo_cond, 0);
  pthread_mutex_init(&shf->todo_mut.ptmut, MUTEXATTR);

  shf->poll_tok.kind = HI_POLLT;          /* Permanently labeled as poll_tok (there is only 1) */
  shf->poll_tok.proto = HIPROTO_POLL_ON;  /* Mark poll token as available */

  shf->max_evs = MIN(nfd, 1024);
#ifdef LINUX
  shf->ep = epoll_create(nfd);
  if (shf->ep == -1) { perror("epoll"); exit(1); }
  ZMALLOCN(shf->evs, sizeof(struct epoll_event) * shf->max_evs);
#endif
#ifdef SUNOS
  shf->ep = open("/dev/poll", O_RDWR);
  if (shf->ep == -1) { perror("open(/dev/poll)"); exit(1); }
  ZMALLOCN(shf->evs, sizeof(struct pollfd) * shf->max_evs);
#endif
#if defined(MACOSX) || defined(FREEBSD)
  shf->ep = kqueue();
  if (shf->ep == -1) { perror("kqueue()"); exit(1); }
  ZMALLOCN(shf->evs, sizeof(struct kevent) * shf->max_evs);
#endif

  pthread_mutex_init(&shf->ent_mut.ptmut, MUTEXATTR);

  shf->max_chs = nch;
  ZMALLOCN(shf->chs, sizeof(struct hi_ch) * shf->max_chs);

#ifdef USE_OPENSSL
  SSL_load_error_strings();
  SSL_library_init();
#if 0
  shf->ssl_ctx = SSL_CTX_new(SSLv23_method());
#else
  shf->ssl_ctx = SSL_CTX_new(TLSv1_method());
#endif
  if (!shf->ssl_ctx) {
    ERR("SSL context initialization problem %d", 0);
    zx_report_openssl_err("new_shuffler-ssl_ctx");
    return 0;
  }
  INFO("OpenSSL header-version(%lx) lib-version(%lx)(%s) %s %s %s %s", OPENSSL_VERSION_NUMBER, SSLeay(), SSLeay_version(SSLEAY_VERSION), SSLeay_version(SSLEAY_CFLAGS), SSLeay_version(SSLEAY_BUILT_ON), SSLeay_version(SSLEAY_PLATFORM), SSLeay_version(S...
  if (errmac_debug>1)
    SSL_CTX_set_info_callback(shf->ssl_ctx, zxbus_info_cb);

  /*SSL_CTX_set_mode(shf->ssl_ctx, SSL_MODE_AUTO_RETRY); R/W only return w/complete. We use nonblocking I/O. */

  /* Verification strategy: do not attempt verification at SSL layer. Instead
   * check the result afterwards against metadata based cert. However,
   * we need to specify SSL_VERIFY_PEER to cause server to ask for ClientTLS.
   * Normally this would cause the verification to happen, but we supply
   * a callback that effectively causes verification to pass in any case,
   * so that we postpone it to the moment when we see CONNECT. */
  SSL_CTX_set_verify(shf->ssl_ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, zxbus_verify_cb);
  //SSL_CTX_set_cert_verify_callback(shf->ssl_ctx, zxbus_cert_verify_cb, cf);

  /*SSL_CTX_load_verify_locations() SSL_CTX_set_client_CA_list(3) SSL_CTX_set_cert_store(3) */
  if (!zxbus_cf->enc_cert)
    zxbus_cf->enc_cert = zxid_read_cert(zxbus_cf, "enc-nopw-cert.pem");
  if (!zxbus_cf->enc_pkey)
    zxbus_cf->enc_pkey = zxid_read_private_key(zxbus_cf, "enc-nopw-cert.pem");
  if (!SSL_CTX_use_certificate(shf->ssl_ctx, zxbus_cf->enc_cert)) {
    ERR("SSL certificate problem %d", 0);
    zx_report_openssl_err("new_shuffler-cert");
    return 0;
  }
  if (!SSL_CTX_use_PrivateKey(shf->ssl_ctx, zxbus_cf->enc_pkey)) {
    ERR("SSL private key problem %d", 0);
    zx_report_openssl_err("new_shuffler-privkey");
    return 0;
  }
  if (!SSL_CTX_check_private_key(shf->ssl_ctx)) {
    ERR("SSL certificate-private key consistency problem %d", 0);
    zx_report_openssl_err("new_shuffler-chk-privkey");
    return 0;
  }
#endif
  return shf;
}

/* EOF  --  hiinit.c */



( run in 2.684 seconds using v1.01-cache-2.11-cpan-5a3173703d6 )