Rework/simplify the TLS plugin interface (LibVLC <-> tls plugin).

Remove the singleton pattern. Still very much work in progress.

include/vlc_common.h

@@ -411,7 +411,6 @@ typedef struct httpd_redirect_t httpd_redirect_t;
 typedef struct httpd_stream_t httpd_stream_t;
 
 /* TLS support */
-typedef struct tls_t tls_t;
 typedef struct tls_server_t tls_server_t;
 typedef struct tls_session_t tls_session_t;
 

include/vlc_objects.h

@@ -60,7 +60,7 @@
 #define VLC_OBJECT_FILTER      (-22)
 #define VLC_OBJECT_VOD         (-23)
 #define VLC_OBJECT_SPU         (-24)
-#define VLC_OBJECT_TLS         (-25)
+/*#define VLC_OBJECT_xxx         (-25) - formerly TLS */
 #define VLC_OBJECT_SD          (-26)
 #define VLC_OBJECT_XML         (-27)
 #define VLC_OBJECT_OSDMENU     (-28)

include/vlc_tls.h

 /*****************************************************************************
- * tls.c: TLS wrapper
+ * tls.c: Transport Layer Security API
  *****************************************************************************
- * Copyright (C) 2004-2005 the VideoLAN team
+ * Copyright (C) 2004-2007 the VideoLAN team
  * $Id$
  *
  * Authors: Rémi Denis-Courmont <rem # videolan.org>
@@ -30,26 +30,14 @@
 
 # include <vlc_network.h>
 
-struct tls_t
-{
-    VLC_COMMON_MEMBERS
-
-    /* Module properties */
-    module_t  *p_module;
-    void *p_sys;
-
-    tls_server_t * (*pf_server_create) ( tls_t *, const char *,
-                                         const char * );
-    tls_session_t * (*pf_client_create) ( tls_t * );
-};
+typedef struct tls_server_sys_t tls_server_sys_t;
 
 struct tls_server_t
 {
     VLC_COMMON_MEMBERS
 
-    void *p_sys;
-
-    void (*pf_delete) ( tls_server_t * );
+    module_t  *p_module;
+    tls_server_sys_t *p_sys;
 
     int (*pf_add_CA) ( tls_server_t *, const char * );
     int (*pf_add_CRL) ( tls_server_t *, const char * );
@@ -57,11 +45,14 @@ struct tls_server_t
     tls_session_t * (*pf_session_prepare) ( tls_server_t * );
 };
 
+typedef struct tls_session_sys_t tls_session_sys_t;
+
 struct tls_session_t
 {
     VLC_COMMON_MEMBERS
 
-    void *p_sys;
+    module_t  *p_module;
+    tls_session_sys_t *p_sys;
 
     struct virtual_socket_t sock;
     int (*pf_handshake) ( tls_session_t *, int, const char * );

src/misc/objects.c

@@ -299,10 +299,6 @@ void * __vlc_object_create( vlc_object_t *p_this, int i_type )
             i_size = sizeof( vod_t );
             psz_type = "vod server";
             break;
-        case VLC_OBJECT_TLS:
-            i_size = sizeof( tls_t );
-            psz_type = "tls";
-            break;
         case VLC_OBJECT_XML:
             i_size = sizeof( xml_t );
             psz_type = "xml";

src/network/tls.c

@@ -27,121 +27,70 @@
  */
 
 #include <vlc/vlc.h>
+#include "libvlc.h"
 
 #include <vlc_tls.h>
 
-static tls_t *
-tls_Init( vlc_object_t *p_this )
-{
-    tls_t *p_tls;
-    vlc_value_t lockval;
-
-    var_Create( p_this->p_libvlc, "tls_mutex", VLC_VAR_MUTEX );
-    var_Get( p_this->p_libvlc, "tls_mutex", &lockval );
-    vlc_mutex_lock( lockval.p_address );
-
-    p_tls = vlc_object_find( p_this, VLC_OBJECT_TLS, FIND_ANYWHERE );
-
-    if( p_tls == NULL )
-    {
-        p_tls = vlc_object_create( p_this, VLC_OBJECT_TLS );
-        if( p_tls == NULL )
-        {
-            vlc_mutex_unlock( lockval.p_address );
-            return NULL;
-        }
-
-        p_tls->p_module = module_Need( p_tls, "tls", 0, 0 );
-        if( p_tls->p_module == NULL )
-        {
-            msg_Err( p_tls, "TLS/SSL provider not found" );
-            vlc_mutex_unlock( lockval.p_address );
-            vlc_object_destroy( p_tls );
-            return NULL;
-        }
-
-        vlc_object_attach( p_tls, p_this->p_libvlc );
-        vlc_object_yield( p_tls );
-        msg_Dbg( p_tls, "TLS/SSL provider initialized" );
-    }
-    vlc_mutex_unlock( lockval.p_address );
-
-    return p_tls;
-}
-
-static void
-tls_Deinit( tls_t *p_tls )
-{
-    int i;
-    vlc_value_t lockval;
-
-    var_Get( p_tls->p_libvlc, "tls_mutex", &lockval );
-    vlc_mutex_lock( lockval.p_address );
-
-    vlc_object_release( p_tls );
- 
-    i = p_tls->i_refcount;
-    if( i == 0 )
-        vlc_object_detach( p_tls );
-
-    vlc_mutex_unlock( lockval.p_address );
-
-    if( i == 0 )
-    {
-        module_Unneed( p_tls, p_tls->p_module );
-        msg_Dbg( p_tls, "TLS/SSL provider deinitialized" );
-        vlc_object_destroy( p_tls );
-    }
-}
-
 /**
  * Allocates a whole server's TLS credentials.
  *
- * @param psz_cert required (Unicode) path to an x509 certificate.
- * @param psz_key required (Unicode) path to the PKCS private key for
- * the certificate.
+ * @param cert_path required (Unicode) path to an x509 certificate,
+ *                  if NULL, anonymous key exchange will be used.
+ * @param key_path (UTF-8) path to the PKCS private key for the certificate,
+ *                 if NULL; cert_path will be used.
  *
  * @return NULL on error.
  */
 tls_server_t *
-tls_ServerCreate( vlc_object_t *p_this, const char *psz_cert,
-                  const char *psz_key )
+tls_ServerCreate (vlc_object_t *obj, const char *cert_path,
+                  const char *key_path)
 {
-    tls_t *p_tls;
-    tls_server_t *p_server;
+    tls_server_t *srv;
 
-    p_tls = tls_Init( p_this );
-    if( p_tls == NULL )
+    srv = (tls_server_t *)vlc_custom_create (obj, sizeof (*srv),
+                                             VLC_OBJECT_GENERIC,
+                                             "tls server");
+    if (srv == NULL)
         return NULL;
 
-    if( psz_key == NULL )
-        psz_key = psz_cert;
+    var_Create (srv, "tls-x509-cert", VLC_VAR_STRING);
+    var_Create (srv, "tls-x509-key", VLC_VAR_STRING);
 
-    p_server = p_tls->pf_server_create( p_tls, psz_cert, psz_key );
-    if( p_server != NULL )
+    if (cert_path != NULL)
     {
-        msg_Dbg( p_tls, "TLS/SSL server initialized" );
-        return p_server;
+        var_SetString (srv, "tls-x509-cert", cert_path);
+
+        if (key_path == NULL)
+            key_path = cert_path;
+        var_SetString (srv, "tls-x509-key", key_path);
     }
-    else
-        msg_Err( p_tls, "TLS/SSL server error" );
 
-    tls_Deinit( p_tls );
-    return NULL;
+    srv->p_module = module_Need (srv, "tls server", 0, 0);
+    if (srv->p_module == NULL)
+    {
+        msg_Err (srv, "TLS server plugin not available");
+        vlc_object_destroy (srv);
+        return NULL;
+    }
+
+    vlc_object_attach (srv, obj);
+    msg_Dbg (srv, "TLS server plugin initialized");
+    return srv;
 }
 
 
 /**
  * Releases data allocated with tls_ServerCreate.
+ * @param srv TLS server object to be destroyed, or NULL
  */
-void
-tls_ServerDelete( tls_server_t *p_server )
+void tls_ServerDelete (tls_server_t *srv)
 {
-    tls_t *p_tls = (tls_t *)p_server->p_parent;
+    if (srv == NULL)
+        return;
 
-    p_server->pf_delete( p_server );
-
-    tls_Deinit( p_tls );
+    module_Unneed (srv, srv->p_module);
+    vlc_object_detach (srv);
+    vlc_object_destroy (srv);
 }
 
 
@@ -156,36 +105,38 @@ tls_ServerDelete( tls_server_t *p_server )
  * @return NULL on error.
  **/
 tls_session_t *
-tls_ClientCreate( vlc_object_t *p_this, int fd, const char *psz_hostname )
+tls_ClientCreate (vlc_object_t *obj, int fd, const char *psz_hostname)
 {
-    tls_t *p_tls;
-    tls_session_t *p_session;
+    tls_session_t *cl;
+
+    cl = (tls_session_t *)vlc_custom_create (obj, sizeof (*cl),
+                                             VLC_OBJECT_GENERIC,
+                                             "tls client");
+    if (cl == NULL)
+        return NULL;
 
-    p_tls = tls_Init( p_this );
-    if( p_tls == NULL )
+    cl->p_module = module_Need (cl, "tls client", 0, 0);
+    if (cl->p_module == NULL)
+    {
+        msg_Err (cl, "TLS client plugin not available");
+        vlc_object_destroy (cl);
         return NULL;
- 
-    p_session = p_tls->pf_client_create( p_tls );
-    if( p_session != NULL )
+    }
+
+    int val = tls_ClientSessionHandshake (cl, fd, psz_hostname);
+    while (val > 0)
+        val = tls_SessionContinueHandshake (cl);
+
+    if (val == 0)
     {
-        int i_val;
-
-        for( i_val = tls_ClientSessionHandshake( p_session, fd,
-                                                 psz_hostname );
-             i_val > 0;
-             i_val = tls_SessionContinueHandshake( p_session ) );
-
-        if( i_val == 0 )
-        {
-            msg_Dbg( p_this, "TLS/SSL client initialized" );
-            return p_session;
-        }
-        msg_Err( p_this, "TLS/SSL session handshake error" );
+        msg_Dbg (cl, "TLS client session initialized");
+        vlc_object_attach (cl, obj);
+        return cl;
     }
-    else
-        msg_Err( p_this, "TLS/SSL client error" );
+    msg_Err (cl, "TLS client session handshake error");
 
-    tls_Deinit( p_tls );
+    module_Unneed (cl, cl->p_module);
+    vlc_object_destroy (cl);
     return NULL;
 }
 
@@ -194,12 +145,12 @@ tls_ClientCreate( vlc_object_t *p_this, int fd, const char *psz_hostname )
  * Releases data allocated with tls_ClientCreate.
  * It is your job to close the underlying socket.
  */
-void
-tls_ClientDelete( tls_session_t *p_session )
+void tls_ClientDelete (tls_session_t *cl)
 {
-    tls_t *p_tls = (tls_t *)p_session->p_parent;
-
-    p_session->pf_close( p_session );
+    if (cl == NULL)
+        return;
 
-    tls_Deinit( p_tls );
+    module_Unneed (cl, cl->p_module);
+    vlc_object_detach (cl);
+    vlc_object_destroy (cl);
 }