Add required bindings to support openssl in libp2p-tls#6
Add required bindings to support openssl in libp2p-tls#6Stebalien merged 4 commits intolibp2p:masterfrom
Conversation
poonai
commented
May 23, 2020
- Binding for next_protos
- binding to add custom extenstion
- binding to retrive custom extension value
- add support to retrive custom extension value - add support to add custom protocol for protocol negotiation Signed-off-by: Tiger <rbalajis25@gmail.com>
…laji/create_obj_identifier
Signed-off-by: Tiger <rbalajis25@gmail.com>
|
Friendly ping @Stebalien |
|
Ah, thanks for the reminder. It looks like something dropped the initial notification. |
cert.go
Outdated
|
|
||
| // AddCustomExtension add custom extenstion to the certificate. | ||
| func (c *Certificate) AddCustomExtension(nid NID, value []byte) error { | ||
| if int(C.add_custom_ext(c.x, C.int(nid), (*C.char)(C.CBytes(value)), C.int(len(value)))) == 0 { |
There was a problem hiding this comment.
Aren't we copying value inside the C code? If so, I think we need to either free the copied string after calling this, or call (*C.char)(unsafe.Pointer(&value[0])) instead of C.CBytes.
Note: I'm not an expert in CGO so I really have no idea what's safe and what's not safe.
cert.go
Outdated
| // charToBytes converts c unisgned char to golang bytes | ||
| func charToBytes(src *C.uchar, sz int) []byte { | ||
| dest := make([]byte, sz) | ||
| copy(dest, (*(*[1024]byte)(unsafe.Pointer(src)))[:sz:sz]) |
There was a problem hiding this comment.
I don't think this is safe. This could cause us to read outside of a mapped page.
I think we need to call C.GoBytes (and maybe copy it? I'm not sure).
There was a problem hiding this comment.
Now, I'm using GoBytes.
Thanks for the suggestion.
Signed-off-by: Tiger <rbalajis25@gmail.com>
|
@Stebalien I've addressed your comments |
|
|
||
| // AddCustomExtension add custom extenstion to the certificate. | ||
| func (c *Certificate) AddCustomExtension(nid NID, value []byte) error { | ||
| val := (*C.char)(C.CBytes(value)) |
There was a problem hiding this comment.
Looking through the OpenSSL source, I'm not sure if this copy is strictly necessary or if we could just pass a pointer into go memory, but it doesn't hurt.
|
Thanks! |