actube/src/cw/cw_setup_dtls.c

#include "cw.h"
#include "cfg.h"
#include "dbg.h"



static int get_psk(struct cw_Conn *conn, const char *username, uint8_t ** psk,
		   unsigned int *len)
{
	char key[CW_CFG_MAX_KEY_LEN];
	cw_Val_t *result;
	sprintf(key, "%s/%s", "psk", username);
	stop();
//	result = cw_ktv_get(conn->local_cfg, key, CW_TYPE_BSTR16);
	if (result == NULL) {
		if (conn->dtls_psk != NULL) {
			*psk = bstr16_data(conn->dtls_psk);
			*len = bstr16_len(conn->dtls_psk);
			return 1;
		}
		return 0;
	}

	if (result == NULL)
		return 0;
	*psk = result->type->data(result);
	*len = result->type->len(result);
	return 1;
}


/**
 * @brief Setup DTLS parameters from config
 * @param conn
 * @param cfg
 * @param prefix
 * @param default_cipher
 * @return 
 */
int cw_setup_dtls(struct cw_Conn *conn, cw_Cfg_t * cfg, const char *prefix,
		  char *default_cipher)
{
	char key[CW_CFG_MAX_KEY_LEN];
	const char *ssl_cert, *ssl_key;
	uint8_t security;

	security = 0;

	sprintf(key, "%s/%s", prefix, "ssl-cipher");
	conn->dtls_cipher = cw_cfg_get(cfg, key, default_cipher);

	sprintf(key, "%s/%s", prefix, "ssl-psk");
	conn->dtls_psk = (bstr16_t)cw_cfg_get(cfg, key, NULL);

	sprintf(key, "%s/%s", prefix, "ssl-psk-enable");
	conn->dtls_psk_enable = cw_cfg_get_bool(cfg, key, 0);

	if (conn->dtls_psk_enable) {
		security |= CAPWAP_FLAG_AC_SECURITY_S;
	}



	sprintf(key, "%s/%s", prefix, "ssl-certfile");
	ssl_cert = cw_cfg_get(cfg, key, NULL);
	sprintf(key, "%s/%s", prefix, "ssl-keyfile");
	ssl_key = cw_cfg_get(cfg, key, NULL);

	if (ssl_cert != NULL && ssl_key != NULL) {
		conn->dtls_cert_file = ssl_cert;
		conn->dtls_key_file = ssl_key;
		sprintf(key, "%s/%s", prefix, "ssl-keypass");
		conn->dtls_key_pass = cw_cfg_get(cfg, key, NULL);
		security |= CAPWAP_FLAG_AC_SECURITY_X;
	}

	sprintf(key, "%s/%s", prefix, "ssl-dhbits");
	conn->dtls_dhbits = cw_cfg_get_word(cfg, key, 1024);

	conn->dtls_get_psk = get_psk;
	return security;
}