-
Notifications
You must be signed in to change notification settings - Fork 20
Add required bindings to support openssl in libp2p-tls #6
Conversation
poonai
commented
May 23, 2020
- Binding for next_protos
- binding to add custom extenstion
- binding to retrive custom extension value
- add support to retrive custom extension value - add support to add custom protocol for protocol negotiation Signed-off-by: Tiger <[email protected]>
…laji/create_obj_identifier
Signed-off-by: Tiger <[email protected]>
Friendly ping @Stebalien |
Ah, thanks for the reminder. It looks like something dropped the initial notification. |
cert.go
Outdated
@@ -331,6 +331,14 @@ func (c *Certificate) AddExtension(nid NID, value string) error { | |||
return nil | |||
} | |||
|
|||
// AddCustomExtension add custom extenstion to the certificate. | |||
func (c *Certificate) AddCustomExtension(nid NID, value []byte) error { | |||
if int(C.add_custom_ext(c.x, C.int(nid), (*C.char)(C.CBytes(value)), C.int(len(value)))) == 0 { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Aren't we copying value
inside the C code? If so, I think we need to either free the copied string after calling this, or call (*C.char)(unsafe.Pointer(&value[0]))
instead of C.CBytes
.
Note: I'm not an expert in CGO so I really have no idea what's safe and what's not safe.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've freed the memory
cert.go
Outdated
// charToBytes converts c unisgned char to golang bytes | ||
func charToBytes(src *C.uchar, sz int) []byte { | ||
dest := make([]byte, sz) | ||
copy(dest, (*(*[1024]byte)(unsafe.Pointer(src)))[:sz:sz]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think this is safe. This could cause us to read outside of a mapped page.
I think we need to call C.GoBytes
(and maybe copy it? I'm not sure).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Now, I'm using GoBytes.
Thanks for the suggestion.
Signed-off-by: Tiger <[email protected]>
@Stebalien I've addressed your comments |
@@ -331,6 +331,16 @@ func (c *Certificate) AddExtension(nid NID, value string) error { | |||
return nil | |||
} | |||
|
|||
// AddCustomExtension add custom extenstion to the certificate. | |||
func (c *Certificate) AddCustomExtension(nid NID, value []byte) error { | |||
val := (*C.char)(C.CBytes(value)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking through the OpenSSL source, I'm not sure if this copy is strictly necessary or if we could just pass a pointer into go memory, but it doesn't hurt.
Thanks! |