[ADD] add ssl interface directory - 2

netserver.c

@@ -45,7 +45,7 @@ netserver_mgr_t *netserver_create(uint32_t max_conns, uint32_t flag) {
         return NULL;
     }
     if (flag & NS_USE_TLS) {
-#if NS_SUPPORT_TLS
+#if NS_ENABLE_SSL
         mgr->flag |= NS_USE_TLS;
 #else
         NS_LOG("TLS SUPPORT NOT AVAILABLE");

netserver.h

@@ -19,6 +19,17 @@ typedef struct _netserver_mgr {
     uint32_t flag;                 // status flag
 } netserver_mgr_t;
 
+/**
+ * netserver options
+ */
+typedef struct _netserver_opt {
+#if NS_ENABLE_SSL
+    const char *server_key;
+    const char *server_cert;
+    const char *ca_cert;
+#endif
+} netserver_opt_t;
+
 /**
  * API definition
  */

ns_cfg.h

@@ -0,0 +1,6 @@
+#ifndef __NS_CFG_H
+#define __NS_CFG_H
+
+#define NS_ENABLE_SSL 1
+
+#endif /* __NS_CFG_H */

ns_session.c

@@ -113,9 +113,9 @@ int ns_session_close(netserver_mgr_t *mgr, ns_session_t *session) {
         }
         NS_FREE(session);
     }
-#if NS_SUPPORT_TLS
-    ns_tls_free(session->tls_backend);
-    session->tls_backend = NULL;
+#if NS_ENABLE_SSL
+    ns_tls_free(session->ssl_if_data);
+    session->ssl_if_data = NULL;
 #endif
     return 0;
 }

ns_session.h

@@ -21,8 +21,8 @@ typedef struct _ns_session {
     uint32_t flag;
     struct _ns_session *next;
     void *user_data;
-#if NS_SUPPORT_TLS
-    void *tls_backend;
+#if NS_ENABLE_SSL
+    void *ssl_if_data;
 #else
     void *unused_data; /* To keep the size of the structure the same */
 #endif

ns_types.h

@@ -3,6 +3,7 @@
 
 #include <string.h>
 #include <stdint.h>
+#include "ns_cfg.h"
 
 #define NS_MEMCPY(d, s, l)   memcpy((d), (s), (l))
 #define NS_MEMSET(b, c, l)   memset((b), (c), (l))

ssl_if/wolfssl/ns_ssl_if.c

@@ -12,6 +12,67 @@
 #include <wolfssl/options.h>
 #include <wolfssl/ssl.h>
 
-void *ns_ssl_if_context_create(void) {
+#include "netserver.h"
+#include "ns_session.h"
+
+typedef struct _wolfssl_backend {
+    WOLFSSL *ssl;
+    void *user_data;
+} wolfssl_backend_t;
+
+/**
+ * Name:    ns_ssl_if_context_create
+ * Brief:   create ssl interface context
+ * Input:
+ * @mgr:        netserver manager
+ * @opts:       SSL options
+ * Output:  success:0,error:-1
+ */
+int ns_ssl_if_context_create(netserver_mgr_t *mgr, netserver_opt_t *opts) {
+    WOLFSSL_CTX *ctx = NULL;
+    WOLFSSL_METHOD *method = NULL;
+
+    /* Init wolfSSL library */
+    wolfSSL_Init();
+
+    /* Create wolfSSL context */
+    method = wolfTLSv1_2_server_method();
+    ctx = wolfSSL_CTX_new(method);
+    if (ctx == NULL) {
+        NS_LOG("wolfSSL context create failed.");
+        return NULL;
+    }
+
+    /* Load private key and certificate */
+    if (opts->server_cert == NULL || opts->server_key == NULL) {
+        NS_LOG("private key or certificate path error,please check!");
+        return NULL;
+    }
+    if (wolfSSL_CTX_use_PrivateKey_file(ctx, opts->server_key,
+                                        SSL_FILETYPE_PEM) != SSL_SUCCESS) {
+        NS_LOG("load private key %s failed.", opts->server_key);
+        goto exit;
+    }
+    if (wolfSSL_CTX_use_certificate_file(ctx, opts->server_cert,
+                                         SSL_FILETYPE_PEM) != SSL_SUCCESS) {
+        NS_LOG("load certificate %s failed.", opts->server_cert);
+        goto exit;
+    }
+
+    mgr->listener->ssl_if_data = ctx;
+    return 0;
+exit:
+    if (ctx) wolfSSL_CTX_free(ctx);
+    wolfSSL_Cleanup();
+    return -1;
+}
+
+int ns_ssl_if_handshake(netserver_mgr_t *mgr, ns_session_t *conn) {
+    WOLFSSL *ssl = NULL;
+    ssl = wolfSSL_new((WOLFSSL_CTX *)mgr->listener->ssl_if_data);
+    if (ssl == NULL) {
+        NS_LOG("SSL session create failed.");
+        return -1;
+    }
     
 }