About to break everything with SSL conversion

luprex/core/cpp/driver-linux.cpp

@@ -17,6 +17,12 @@
 #include <arpa/inet.h>
 #include <sys/types.h>
 #include <netdb.h>
+#include <openssl/ssl.h>
+#include <openssl/rsa.h>
+#include <openssl/x509.h>
+#include <openssl/evp.h>
+#include <openssl/err.h>
+
 using SOCKET=int;
 const int INVALID_SOCKET = -1;
 using SocketVector = std::vector<SOCKET>;
@@ -140,6 +146,19 @@ SocketVector accept_on_socket(SOCKET listen_socket) {
     }
 }
 
+SSL_CTX *new_ssl_context(bool server_cert, bool root_certs, const std::string &require_cert) {
+    SSL_CTX *ctx = SSL_CTX_new(TLS_method());
+    SSL_CTX_set_mode(ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+    SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
+    // server_cert is not implemented yet.
+    if (root_certs) {
+        SSL_CTX_set_default_verify_paths(ctx);
+        SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
+    }
+    // require_cert is not implemented yet.
+    return ctx;
+}
+
 class MonoClock {
 private:
     struct timespec base_;
@@ -177,6 +196,8 @@ public:
         int chid;
         ChanState state;
         SOCKET socket;
+        SSL_CTX *ssl_ctx;
+        SSL *ssl;
     };
 
     DrivenEngine *driven_;
@@ -186,12 +207,9 @@ public:
     std::map<int, SOCKET> listen_sockets_;
     std::unique_ptr<char[]> chbuf;
 
-    void init(DrivenEngine *de) {
+    SSL_CTX *ssl_ctx_with_root_certs_;
-        driven_ = de;
+    SSL_CTX *ssl_ctx_with_server_certs_;
-        any_inactive_ = false;
+    SSL_CTX *ssl_ctx_with_no_certs_;
-        short_sleep_ = false;
-        chbuf.reset(new char[65536]);
-    }
 
     void handle_listen_ports() {
         std::set<int> listenports;
@@ -216,11 +234,25 @@ public:
     
     void close_channel(ChanInfo &chan, const std::string &err) {
         assert(chan.state != CHAN_INACTIVE);
+        // Close the SSL channel.
+        if (chan.ssl != nullptr) {
+            SSL_free(chan.ssl);
+            chan.ssl = nullptr;
+        }
+        // Close the SSL_CTX
+        if (chan.ssl_ctx != nullptr) {
+            SSL_CTX_free(chan.ssl_ctx);
+            chan.ssl_ctx = nullptr;
+        }
+        // Close the socket.
+        assert(chan.socket != INVALID_SOCKET);
         assert(close(chan.socket) == 0);
+        chan.socket = INVALID_SOCKET;
+        // Close everything else.
         driven_->drv_notify_close(chan.chid, err);
         chan.state = CHAN_INACTIVE;
-        chan.socket = INVALID_SOCKET;
         chan.chid = -1;
+        // Set global variables.
         any_inactive_ = true;
         short_sleep_ = true;
     }
@@ -397,11 +429,18 @@ public:
 
     void drive(DrivenEngine *de, int argc, char *argv[]) {
         enableRawMode();
-        init(de);
+        driven_ = de;
+        any_inactive_ = false;
+        short_sleep_ = false;
+        chbuf.reset(new char[65536]);
+        ssl_ctx_with_root_certs_ = new_ssl_context(false, true, "");
+        ssl_ctx_with_server_certs_ = new_ssl_context(true, false, "");
+        ssl_ctx_with_no_certs_ = new_ssl_context(false, false, "");
         DrivenEngine::set(de);
         driven_->drv_set_lua_source(util::read_lua_source("lua"));
         driven_->drv_invoke_event_init(argc, argv);
         handle_listen_ports();
+
         while (!de->drv_get_stop_driver()) {
             short_sleep_ = false;
             handle_lua_source();
@@ -415,6 +454,13 @@ public:
             driven_->drv_set_clock(monoclock.get());
             de->drv_invoke_event_update();
         }
+        
+        for (ChanInfo &chan : chans_) {
+            close_channel(chan, "");
+        }
+        SSL_CTX_free(ssl_ctx_with_no_certs_);
+        SSL_CTX_free(ssl_ctx_with_root_certs_);
+        SSL_CTX_free(ssl_ctx_with_server_certs_);
         DrivenEngine::set(nullptr);
     }
 };