-
Notifications
You must be signed in to change notification settings - Fork 171
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds support for the 'get_finished' and 'get_peer_finished' functions #250
Conversation
Can you rebase on master and explain why these functions are useful? |
@movitto maybe add a simple example to the documentation, would be sufficient to explain how to use it and why. |
@ioquatix thanks for taking a look at this. I just rebased and force pushed, the branch should now be up to date. We need this to incorporate it in a ruby implementation of the rippled (server behind the XRP blockchain/crypto-currency) peer-communication protocol. During the initial handshake, rippled uses the get_finished and get_peer_finished functions as the basis of a unique "session signature" used to authenticate the session. I can't attest to the design considerations that went into using these functions in that capacity (I don't work for ripple labs, nor was I involved in those discussions) but for the time being we'll need access to it from ruby to complete the handshake. You can see how we use it in our XRP client library. Thanks again for looking at this and feel free to let me know if there is anything else I can do to get this in! |
I think there is one issue - this won't compile on Windows because even thought we have C99, we don't have support for VLA on Windows compiler (wtf Microsoft).
Can probably be replaced with
@mame do you mind commenting if this is the right approach? |
ext/openssl/ossl_ssl.c
Outdated
@@ -2295,6 +2295,54 @@ ossl_ssl_get_verify_result(VALUE self) | |||
return INT2NUM(SSL_get_verify_result(ssl)); | |||
} | |||
|
|||
/* | |||
* call-seq: | |||
* ssl.peer_finished => "finished message" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rename this to finished_message
ext/openssl/ossl_ssl.c
Outdated
if(len == 0) | ||
return Qnil; | ||
|
||
char buf[len]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Use ALLOCA_N
as suggested.
ext/openssl/ossl_ssl.c
Outdated
|
||
/* | ||
* call-seq: | ||
* ssl.get_peer_finished => "peer finished message" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rename this to peer_finished_message
Sorry to make this more complicated for what is a fairly simple feature, but some tests would be great too. I mentioned in the review should we call this |
@ioquatix ok cool, I addressed all feedback:
Let me know if there is anything else! |
If you can rebase this on master and all tests pass I will merge. |
Callback will be invoked with new ssl connection upon acceptance by server. Default is empty proc.
Thanks for your effort! |
@ioquatix thanks for merging! |
Returns latest 'finished' messages sent and received.