actube/src/cw/cw_setup_dtls.c

83 lines
1.9 KiB
C
Raw Normal View History

#include "cw.h"
2022-08-09 09:52:30 +02:00
#include "cfg.h"
2022-08-09 22:35:47 +02:00
static int get_psk(struct cw_Conn *conn, const char *username, uint8_t ** psk,
2022-08-09 09:52:30 +02:00
unsigned int *len)
{
char key[CW_KTV_MAX_KEY_LEN];
2022-08-09 09:52:30 +02:00
cw_Val_t *result;
sprintf(key, "%s/%s", "psk", username);
result = cw_ktv_get(conn->local_cfg, key, CW_TYPE_BSTR16);
if (result == NULL) {
if (conn->dtls_psk != NULL) {
*psk = bstr16_data(conn->dtls_psk);
*len = bstr16_len(conn->dtls_psk);
return 1;
}
return 0;
}
2022-08-09 09:52:30 +02:00
if (result == NULL)
return 0;
*psk = result->type->data(result);
*len = result->type->len(result);
return 1;
}
/**
* @brief Setup DTLS parameters from config
* @param conn
* @param cfg
* @param prefix
* @param default_cipher
* @return
*/
2022-08-09 22:35:47 +02:00
int cw_setup_dtls(struct cw_Conn *conn, mavl_t cfg, const char *prefix,
2022-08-09 09:52:30 +02:00
char *default_cipher)
{
char key[CW_KTV_MAX_KEY_LEN];
2022-08-09 09:52:30 +02:00
char *ssl_cert, *ssl_key;
uint8_t security;
2022-08-09 09:52:30 +02:00
security = 0;
2022-08-09 09:52:30 +02:00
sprintf(key, "%s/%s", prefix, "ssl-cipher");
conn->dtls_cipher = cw_cfg_get(cfg, key, default_cipher);
sprintf(key, "%s/%s", prefix, "ssl-psk");
conn->dtls_psk = cw_cfg_get(cfg, key, NULL);
sprintf(key, "%s/%s", prefix, "ssl-psk-enable");
conn->dtls_psk_enable = cw_cfg_get_bool(cfg, key, "flase");
if (conn->dtls_psk_enable) {
security |= CAPWAP_FLAG_AC_SECURITY_S;
}
2022-08-09 09:52:30 +02:00
sprintf(key, "%s/%s", prefix, "ssl-certfile");
ssl_cert = cw_cfg_get(conn->local_cfg, key, NULL);
sprintf(key, "%s/%s", prefix, "ssl-keyfile");
ssl_key = cw_cfg_get(conn->local_cfg, key, NULL);
if (ssl_cert != NULL && ssl_key != NULL) {
conn->dtls_cert_file = ssl_cert;
conn->dtls_key_file = ssl_key;
2022-08-09 09:52:30 +02:00
sprintf(key, "%s/%s", prefix, "ssl-keypass");
conn->dtls_key_pass = cw_cfg_get(cfg, key, NULL);
security |= CAPWAP_FLAG_AC_SECURITY_X;
}
2022-08-09 09:52:30 +02:00
sprintf(key, "%s/%s", prefix, "ssl-dhbits");
conn->dtls_dhbits = cw_cfg_get_word(cfg, key, "1024");
conn->dtls_get_psk = get_psk;
return security;
2022-07-31 17:15:32 +02:00
}