Code to load SSL certs from dir, and ssl overhaul

luprex/core/cpp/driver-linux.cpp

@@ -3,8 +3,8 @@
 #include "wrap-string.hpp"
 
 #include "driver-util.hpp"
+#include "driver-ssl.hpp"
 #include "drivenengine.hpp"
-#include "dummycert.hpp"
 #include "util.hpp"
 #include "source.hpp"
 
@@ -12,6 +12,7 @@
 #include <cstdio>
 #include <cstring>
 #include <cassert>
+
 #include <poll.h>
 #include <sys/time.h>
 #include <fcntl.h>
@@ -25,21 +26,13 @@
 #include <sys/personality.h>
 #include <netdb.h>
 #include <malloc.h>
-#include <openssl/ssl.h>
-#include <openssl/rsa.h>
-#include <openssl/x509.h>
-#include <openssl/evp.h>
-#include <openssl/err.h>
-#include <openssl/bio.h>
-#include <openssl/pem.h>
-#include <openssl/conf.h>
 
 using SOCKET=int;
 const int INVALID_SOCKET = -1;
 
 struct termios orig_termios;
 
-static std::string strerror_str(int err) {
+std::string strerror_str(int err) {
     char errbuf[256];
     return strerror_r(err, errbuf, 256);
 }
@@ -226,24 +219,8 @@ static int console_read(char *bytes, int nbytes) {
     return read(0, bytes, nbytes);
 }
 
-static void ssl_ctx_use_dummycert(SSL_CTX *ctx);
-
-static SSL_CTX *new_ssl_server_context() {
-    SSL_CTX *ctx = SSL_CTX_new(TLS_method());
-    SSL_CTX_set_mode(ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
-    SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
-    SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, nullptr);
-    ssl_ctx_use_dummycert(ctx);
-    return ctx;
-}
-
-static SSL_CTX *new_ssl_client_context(int verify) {
-    SSL_CTX *ctx = SSL_CTX_new(TLS_method());
-    SSL_CTX_set_mode(ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
-    SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
+static void ssl_load_certificate_authorities(SSL_CTX *ctx) {
     SSL_CTX_set_default_verify_paths(ctx);
-    SSL_CTX_set_verify(ctx, verify, nullptr);
-    return ctx;
 }
 
 static void disable_randomization(int argc, char *argv[]) {