nativenet: drop unused Socket_TCP_SSL

This removes the dependency of libpanda on OpenSSL.
2025-09-28 07:48:37 -04:00 · 2020-01-20 11:56:27 +01:00 · 2020-01-20 11:56:27 +01:00 · 4819e2ce3a
commit 4819e2ce3a
parent 2bf60b4361
7 changed files with 3 additions and 331 deletions
--- a/makepanda/makepanda.py
+++ b/makepanda/makepanda.py
@ -3478,10 +3478,10 @@ PyTargetAdd('p3pnmimage_pfmFile_ext.obj', opts=OPTS, input='pfmFile_ext.cxx')
 # DIRECTORY: panda/src/nativenet/
 #

-OPTS=['DIR:panda/src/nativenet', 'OPENSSL', 'BUILDING:PANDA']
+OPTS=['DIR:panda/src/nativenet', 'BUILDING:PANDA']
 TargetAdd('p3nativenet_composite1.obj', opts=OPTS, input='p3nativenet_composite1.cxx')

-OPTS=['DIR:panda/src/nativenet', 'OPENSSL']
+OPTS=['DIR:panda/src/nativenet']
 IGATEFILES=GetDirectoryContents('panda/src/nativenet', ["*.h", "*_composite*.cxx"])
 TargetAdd('libp3nativenet.in', opts=OPTS, input=IGATEFILES)
 TargetAdd('libp3nativenet.in', opts=['IMOD:panda3d.core', 'ILIB:libp3nativenet', 'SRCDIR:panda/src/nativenet'])
@ -3794,7 +3794,7 @@ TargetAdd('libp3dxml.in', opts=['IMOD:panda3d.core', 'ILIB:libp3dxml', 'SRCDIR:p
 #

 OPTS=['DIR:panda/metalibs/panda', 'BUILDING:PANDA', 'JPEG', 'PNG', 'HARFBUZZ',
-    'TIFF', 'OPENEXR', 'ZLIB', 'OPENSSL', 'FREETYPE', 'FFTW', 'ADVAPI', 'WINSOCK2',
+    'TIFF', 'OPENEXR', 'ZLIB', 'FREETYPE', 'FFTW', 'ADVAPI', 'WINSOCK2',
    'SQUISH', 'NVIDIACG', 'VORBIS', 'OPUS', 'WINUSER', 'WINMM', 'WINGDI', 'IPHLPAPI',
    'SETUPAPI', 'IOKIT']

--- a/makepanda/makepanda.vcproj
+++ b/makepanda/makepanda.vcproj
@ -3848,7 +3848,6 @@
 				<File RelativePath="..\panda\src\nativenet\buffered_datagramconnection.h"></File>
 				<File RelativePath="..\panda\src\nativenet\socket_tcp_listen.cxx"></File>
 				<File RelativePath="..\panda\src\nativenet\buffered_datagramreader.i"></File>
-				<File RelativePath="..\panda\src\nativenet\socket_tcp_ssl.h"></File>
 				<File RelativePath="..\panda\src\nativenet\ringbuffer.i"></File>
 				<File RelativePath="..\panda\src\nativenet\membuffer.h"></File>
 				<File RelativePath="..\panda\src\nativenet\time_accumulator.h"></File>
@ -3859,7 +3858,6 @@
 				<File RelativePath="..\panda\src\nativenet\config_nativenet.h"></File>
 				<File RelativePath="..\panda\src\nativenet\socket_udp.cxx"></File>
 				<File RelativePath="..\panda\src\nativenet\ringbuffer.h"></File>
-				<File RelativePath="..\panda\src\nativenet\socket_tcp_ssl.cxx"></File>
 				<File RelativePath="..\panda\src\nativenet\time_out.h"></File>
 			</Filter>
 			<Filter Name="physics">
--- a/panda/src/nativenet/config_nativenet.cxx
+++ b/panda/src/nativenet/config_nativenet.cxx
@ -16,7 +16,6 @@
 #include "socket_ip.h"
 #include "socket_tcp.h"
 #include "socket_tcp_listen.h"
-#include "socket_tcp_ssl.h"
 #include "socket_udp_incoming.h"
 #include "socket_udp_outgoing.h"
 #include "socket_udp.h"
@ -55,9 +54,6 @@ init_libnativenet() {
  Socket_IP::init_type();
  Socket_TCP::init_type();
  Socket_TCP_Listen::init_type();
-#ifdef HAVE_OPENSSL
-  Socket_TCP_SSL::init_type();
-#endif
  Socket_UDP_Incoming::init_type();
  Socket_UDP_Outgoing::init_type();
  Socket_UDP::init_type();
--- a/panda/src/nativenet/p3nativenet_composite1.cxx
+++ b/panda/src/nativenet/p3nativenet_composite1.cxx
@ -4,7 +4,6 @@
 #include "socket_ip.cxx"
 #include "socket_tcp.cxx"
 #include "socket_tcp_listen.cxx"
-#include "socket_tcp_ssl.cxx"
 #include "socket_udp.cxx"
 #include "socket_udp_incoming.cxx"
 #include "socket_udp_outgoing.cxx"
--- a/panda/src/nativenet/socket_ip.h
+++ b/panda/src/nativenet/socket_ip.h
@ -56,7 +56,6 @@ private:
  friend class Socket_TCP_Listen;
  friend class Socket_UDP_Incoming;
  friend class Socket_UDP_Outgoing;
-  friend class Socket_TCP_SSL;

 public:
  static TypeHandle get_class_type() {
--- a/panda/src/nativenet/socket_tcp_ssl.cxx
+++ b/panda/src/nativenet/socket_tcp_ssl.cxx
@ -1,21 +0,0 @@
-/**
- * PANDA 3D SOFTWARE
- * Copyright (c) Carnegie Mellon University.  All rights reserved.
- *
- * All use of this software is subject to the terms of the revised BSD
- * license.  You should have received a copy of this license along
- * with this source code in a file named "LICENSE."
- *
- * @file socket_tcp_ssl.cxx
- * @author drose
- * @date 2007-03-01
- */
-
-#include "socket_tcp_ssl.h"
-
-#ifdef HAVE_OPENSSL
-
-SSL_CTX *global_ssl_ctx;
-TypeHandle Socket_TCP_SSL::_type_handle;
-
-#endif  // HAVE_OPENSSL
--- a/panda/src/nativenet/socket_tcp_ssl.h
+++ b/panda/src/nativenet/socket_tcp_ssl.h
@ -1,299 +0,0 @@
-#ifndef __SOCKET_TCP_SSL_H__
-#define __SOCKET_TCP_SSL_H__
-
-#include "pandabase.h"
-#include "config_nativenet.h"
-#include "socket_ip.h"
-#include "numeric_types.h"
-
-#ifdef HAVE_OPENSSL
-
-#include <openssl/rsa.h>       /* SSLeay stuff */
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-
-extern EXPCL_PANDA_NATIVENET SSL_CTX *global_ssl_ctx;
-
-struct SSlStartup {
-  SSlStartup() {
-    const SSL_METHOD *meth;
-    SSLeay_add_ssl_algorithms();
-    // meth = SSLv23_server_method();
-    meth = SSLv23_method();
-    SSL_load_error_strings();
-    // I hate this cast, but older versions of OpenSSL need it.
-    global_ssl_ctx = SSL_CTX_new((SSL_METHOD *) meth);
-  }
-
-  ~SSlStartup() {
-    SSL_CTX_free (global_ssl_ctx);
-    global_ssl_ctx = nullptr;
-  }
-
-  bool isactive() { return global_ssl_ctx != nullptr; };
-};
-
-/**
- *
- */
-class EXPCL_PANDA_NATIVENET Socket_TCP_SSL : public Socket_IP {
-public:
-  inline Socket_TCP_SSL(SOCKET);
-  inline Socket_TCP_SSL() : _ssl(nullptr) {}
-
-  virtual inline ~Socket_TCP_SSL()
-  {
-      CleanSslUp();
-  }
-
-  inline int SetNoDelay();
-  inline int SetLinger(int interval_seconds = 0);
-  inline int DontLinger();
-
-  inline int SetSendBufferSize(int insize);
-  inline bool ActiveOpen(const Socket_Address &theaddress);
-  inline int SendData(const char *data, int size);
-  inline int RecvData(char *data, int size);
-  inline bool ErrorIs_WouldBlocking(int err);
-
-  inline SSL *get_ssl() { return _ssl; };
-
-  inline void DetailErrorFormat(void);
-
-private:
-  SSL *_ssl;
-
-  void CleanSslUp() {
-    if (_ssl != nullptr) {
-      SSL_shutdown(_ssl);
-      SSL_free(_ssl);
-      _ssl = nullptr;
-    }
-  }
-
-public:
-  static TypeHandle get_class_type() {
-    return _type_handle;
-  }
-  static void init_type() {
-    Socket_IP::init_type();
-    register_type(_type_handle, "Socket_TCP_SSL",
-                  Socket_IP::get_class_type());
-  }
-  virtual TypeHandle get_type() const {
-    return get_class_type();
-  }
-  virtual TypeHandle force_init_type() {init_type(); return get_class_type();}
-
-private:
-  static TypeHandle _type_handle;
-};
-
-/**
- *
- */
-inline Socket_TCP_SSL::
-Socket_TCP_SSL(SOCKET sck) : ::Socket_IP(sck) {
-  // right know this will only work for a accepted ie a server socket ??
-  SetNonBlocking(); // maybe should be blocking?
-
-  _ssl = SSL_new(global_ssl_ctx);
-  if (_ssl == nullptr) {
-    return;
-  }
-
-  SSL_set_fd(_ssl, (int)GetSocket());
-
-  SSL_accept(_ssl);
-  ERR_clear_error();
-
-  // printf(" Ssl Accept = %d \n",err);
-}
-
-/**
- * Disable Nagle algorithm.  Don't delay send to coalesce packets
- */
-inline int Socket_TCP_SSL::
-SetNoDelay() {
-  int nodel = 1;
-  int ret1;
-  ret1 = setsockopt(_socket, IPPROTO_TCP, TCP_NODELAY, (char *)&nodel, sizeof(nodel));
-
-  if (ret1 != 0) {
-    return BASIC_ERROR;
-  }
-  return ALL_OK;
-}
-
-/**
- * will control the behavior of SO_LINGER for a TCP socket
- */
-int Socket_TCP_SSL::
-SetLinger(int interval_seconds) {
-  linger ll;
-  ll.l_linger = interval_seconds;
-  ll.l_onoff = 1;
-  int ret1 = setsockopt(_socket, SOL_SOCKET, SO_LINGER, (const char *)&ll, sizeof(linger));
-  if (ret1 != 0) {
-    return BASIC_ERROR;
-  }
-  return ALL_OK;
-}
-
-/**
- * Turn off the linger flag.  The socket will quickly release buffered items
- * and free up OS resources.  You may lose a stream if you use this flag and
- * do not negotiate the close at the application layer.
- */
-int Socket_TCP_SSL::
-DontLinger() {
-  linger ll;
-  ll.l_linger = 0;
-  ll.l_onoff = 0;
-  int ret1 = setsockopt(_socket, SOL_SOCKET, SO_LINGER, (const char *)&ll, sizeof(linger));
-  if (ret1 != 0) {
-    return BASIC_ERROR;
-  }
-  return ALL_OK;
-}
-
-/**
- * Just like it sounds.  Sets a buffered socket recv buffer size.  This
- * function does not refuse ranges outside hard-coded OS limits
- */
-int Socket_TCP_SSL::
-SetSendBufferSize(int insize) {
-  if (setsockopt(_socket, (int) SOL_SOCKET, (int) SO_SNDBUF, (char *) &insize, sizeof(int))) {
-    return BASIC_ERROR;
-  }
-  return ALL_OK;
-}
-
-/**
-* This function will try and set the socket up for active open to a specified
-* address and port provided by the input parameter
-*/
-bool Socket_TCP_SSL::
-ActiveOpen(const Socket_Address &theaddress) {
-  _socket = DO_NEWTCP(theaddress.get_family());
-  if (_socket == BAD_SOCKET) {
-    return false;
-  }
-
-  if (DO_CONNECT(_socket, &theaddress.GetAddressInfo()) != 0) {
-    return ErrorClose();
-  }
-
-  _ssl = SSL_new(global_ssl_ctx);
-  if (_ssl == nullptr) {
-    return false;
-  }
-  SSL_set_fd(_ssl, (int)GetSocket());
-  if (SSL_connect(_ssl) == -1) {
-    return false;
-  }
-  return true;
-
-  // return SetSslUp();
-}
-
-/**
- * Ok Lets Send the Data - if error 0 if socket closed for write or lengh is 0
- * + bytes writen ( May be smaller than requested)
- */
-inline int Socket_TCP_SSL::
-SendData(const char *data, int size) {
-  if (_ssl == nullptr) {
-    return -1;
-  }
-
-// ERR_clear_error();
-
-  return SSL_write(_ssl, data, size);
-}
-
-/**
- * Read the data from the connection - if error 0 if socket closed for read or
- * length is 0 + bytes read ( May be smaller than requested)
- */
-inline int Socket_TCP_SSL::
-RecvData(char *data, int len) {
-  if (_ssl == nullptr) {
-    return -1;
-  }
-
-  ERR_clear_error();
-
-  return SSL_read(_ssl, data, len);
-}
-
-/**
- * Is last error a blocking error ?? True is last error was a blocking error
- */
-inline bool Socket_TCP_SSL::
-ErrorIs_WouldBlocking(int err) {
-  if (_ssl == nullptr || err >= 0) {
-    nativenet_cat.warning()
-      << "Socket_TCP_SSL::ErrorIs_WouldBlocking->Called With Error number "
-      << err << " or _ssl is NULL\n";
-      return false;
-  }
-
-  int ssl_error_code = SSL_get_error(_ssl,err);
-  bool answer = false;
-
-  switch(ssl_error_code) {
-  case SSL_ERROR_WANT_READ:
-  case SSL_ERROR_WANT_WRITE:
-  case SSL_ERROR_WANT_CONNECT:
-// case SSL_ERROR_WANT_ACCEPT:
-    answer = true;
-    break;
-// hmm not sure we need this .. hmmmm
-  case SSL_ERROR_SYSCALL:
-    if(GETERROR() == LOCAL_BLOCKING_ERROR) {
-      answer = true;
-    } else {
-        DetailErrorFormat();
-// LOGWARNING("Socket_TCP_SSL::ErrorIs_WouldBlocking-> Not A blocking Error1
-// SSl_CODe=[%d] OS=[%d]",ssl_error_code,GETERROR());
-    }
-    break;
-  default:
-    DetailErrorFormat();
-// LOGWARNING("Socket_TCP_SSL::ErrorIs_WouldBlocking-> Not A blocking Error2
-// SSl_CODe=[%d] OS=[%d]",ssl_error_code,GETERROR());
-    answer = false;
-    break;
-  }
-
-// ERR_clear_error();
-  return answer;
-}
-
-inline void Socket_TCP_SSL::
-DetailErrorFormat(void) {
-  return; // turn on for debuging
-
-  uint32_t l;
-  char buf[256];
-  char buf2[4096];
-  const char *file,*data;
-  int line,flags;
-  uint32_t es;
-
-  es = CRYPTO_thread_id();
-  while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0) {
-    ERR_error_string_n(l, buf, sizeof(buf));
-    BIO_snprintf(buf2, sizeof(buf2), "***%lu:%s:%s:%d:%s\n", (unsigned long) es, buf, file, line, (flags & ERR_TXT_STRING) ? data : "NoText");
-    nativenet_cat.warning()
-      << "Socket_TCP_SSL::DetailErrorFormat->[" << buf2 << "]\n";
-  }
-}
-
-#endif  // HAVE_OPENSSL
-
-#endif //__SOCKET_TCP_SSL_H__