asio: Use internal ssl context and engine impl

Implement asio-ssl layer with three classes in asio::ssl::mbedtls: * context -- replaces SSL_CTX, used mainly as a container to options, certs, keys * engine -- replaces SSL, implements the actual mbedtls operations * bio -- implements openssl BIO specifically tailered to mbedtls and its asio usage Further updates: * asio: Used shared_ptr<> for bio pairs * asio: Add error checks to mbedtls-bio * asio: Address potential ssl-context ownership issue * asio: Address potential bio-engine ownership issue * Original commit: espressif/esp-idf@d823106aa6
2025-07-21 06:22:21 +02:00 · 2021-10-14 10:17:24 +02:00
parent abbc8d9c5a
commit f605fdd632
25 changed files with 1014 additions and 321 deletions
--- a/components/asio/port/include/openssl_stub.hpp
+++ b/components/asio/port/include/openssl_stub.hpp
@ -0,0 +1,46 @@
+//
+// SPDX-FileCopyrightText: 2021 Espressif Systems (Shanghai) CO LTD
+//
+// SPDX-License-Identifier: BSL-1.0
+//
+
+#pragma once
+
+//
+// Supply OpenSSL macros and flags for asio-ssl header files
+//
+#define OPENSSL_VERSION_NUMBER 0x10100001L
+
+#define SSL_R_SHORT_READ 219
+#define SSL_OP_ALL 0
+#define SSL_OP_SINGLE_DH_USE 0
+#define SSL_OP_NO_COMPRESSION 0
+
+#define SSL_OP_NO_SSLv2					0x01000000L
+#define SSL_OP_NO_SSLv3					0x02000000L
+#define SSL_OP_NO_TLSv1					0x04000000L
+
+#define SSL_VERIFY_NONE                 0x00
+#define SSL_VERIFY_PEER                 0x01
+#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+#define SSL_VERIFY_CLIENT_ONCE          0x04
+
+//
+// Implement asio-ssl layer with these three classes in asio::ssl::mbedtls
+//
+namespace asio {
+namespace ssl {
+namespace mbedtls {
+
+class engine;
+class bio;
+class shared_ctx;
+} } } // namespace asio::ssl::mbedtls
+
+//
+// Supply OpenSSL types as aliases to mbedtls classes
+//
+using X509_STORE_CTX=void;
+using BIO=asio::ssl::mbedtls::bio;
+using SSL_CTX=asio::ssl::mbedtls::shared_ctx;
+using SSL=asio::ssl::mbedtls::engine;