1*1c60b9acSAndroid Build Coastguard Worker /*
2*1c60b9acSAndroid Build Coastguard Worker * LWA auth support for Secure Streams
3*1c60b9acSAndroid Build Coastguard Worker *
4*1c60b9acSAndroid Build Coastguard Worker * libwebsockets - small server side websockets and web server implementation
5*1c60b9acSAndroid Build Coastguard Worker *
6*1c60b9acSAndroid Build Coastguard Worker * Copyright (C) 2019 - 2020 Andy Green <[email protected]>
7*1c60b9acSAndroid Build Coastguard Worker *
8*1c60b9acSAndroid Build Coastguard Worker * Permission is hereby granted, free of charge, to any person obtaining a copy
9*1c60b9acSAndroid Build Coastguard Worker * of this software and associated documentation files (the "Software"), to
10*1c60b9acSAndroid Build Coastguard Worker * deal in the Software without restriction, including without limitation the
11*1c60b9acSAndroid Build Coastguard Worker * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
12*1c60b9acSAndroid Build Coastguard Worker * sell copies of the Software, and to permit persons to whom the Software is
13*1c60b9acSAndroid Build Coastguard Worker * furnished to do so, subject to the following conditions:
14*1c60b9acSAndroid Build Coastguard Worker *
15*1c60b9acSAndroid Build Coastguard Worker * The above copyright notice and this permission notice shall be included in
16*1c60b9acSAndroid Build Coastguard Worker * all copies or substantial portions of the Software.
17*1c60b9acSAndroid Build Coastguard Worker *
18*1c60b9acSAndroid Build Coastguard Worker * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19*1c60b9acSAndroid Build Coastguard Worker * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20*1c60b9acSAndroid Build Coastguard Worker * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21*1c60b9acSAndroid Build Coastguard Worker * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22*1c60b9acSAndroid Build Coastguard Worker * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
23*1c60b9acSAndroid Build Coastguard Worker * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24*1c60b9acSAndroid Build Coastguard Worker * IN THE SOFTWARE.
25*1c60b9acSAndroid Build Coastguard Worker */
26*1c60b9acSAndroid Build Coastguard Worker
27*1c60b9acSAndroid Build Coastguard Worker #include <private-lib-core.h>
28*1c60b9acSAndroid Build Coastguard Worker
29*1c60b9acSAndroid Build Coastguard Worker typedef struct ss_api_amazon_auth {
30*1c60b9acSAndroid Build Coastguard Worker struct lws_ss_handle *ss;
31*1c60b9acSAndroid Build Coastguard Worker void *opaque_data;
32*1c60b9acSAndroid Build Coastguard Worker /* ... application specific state ... */
33*1c60b9acSAndroid Build Coastguard Worker struct lejp_ctx jctx;
34*1c60b9acSAndroid Build Coastguard Worker size_t pos;
35*1c60b9acSAndroid Build Coastguard Worker int expires_secs;
36*1c60b9acSAndroid Build Coastguard Worker } ss_api_amazon_auth_t;
37*1c60b9acSAndroid Build Coastguard Worker
38*1c60b9acSAndroid Build Coastguard Worker static const char * const lejp_tokens_lwa[] = {
39*1c60b9acSAndroid Build Coastguard Worker "access_token",
40*1c60b9acSAndroid Build Coastguard Worker "expires_in",
41*1c60b9acSAndroid Build Coastguard Worker };
42*1c60b9acSAndroid Build Coastguard Worker
43*1c60b9acSAndroid Build Coastguard Worker typedef enum {
44*1c60b9acSAndroid Build Coastguard Worker LSSPPT_ACCESS_TOKEN,
45*1c60b9acSAndroid Build Coastguard Worker LSSPPT_EXPIRES_IN,
46*1c60b9acSAndroid Build Coastguard Worker } lejp_tokens_t;
47*1c60b9acSAndroid Build Coastguard Worker
48*1c60b9acSAndroid Build Coastguard Worker enum {
49*1c60b9acSAndroid Build Coastguard Worker AUTH_IDX_LWA,
50*1c60b9acSAndroid Build Coastguard Worker AUTH_IDX_ROOT,
51*1c60b9acSAndroid Build Coastguard Worker };
52*1c60b9acSAndroid Build Coastguard Worker
53*1c60b9acSAndroid Build Coastguard Worker static void
lws_ss_sys_auth_api_amazon_com_kick(lws_sorted_usec_list_t * sul)54*1c60b9acSAndroid Build Coastguard Worker lws_ss_sys_auth_api_amazon_com_kick(lws_sorted_usec_list_t *sul)
55*1c60b9acSAndroid Build Coastguard Worker {
56*1c60b9acSAndroid Build Coastguard Worker struct lws_context *context = lws_container_of(sul, struct lws_context,
57*1c60b9acSAndroid Build Coastguard Worker sul_api_amazon_com_kick);
58*1c60b9acSAndroid Build Coastguard Worker
59*1c60b9acSAndroid Build Coastguard Worker lws_state_transition_steps(&context->mgr_system,
60*1c60b9acSAndroid Build Coastguard Worker LWS_SYSTATE_OPERATIONAL);
61*1c60b9acSAndroid Build Coastguard Worker }
62*1c60b9acSAndroid Build Coastguard Worker
63*1c60b9acSAndroid Build Coastguard Worker static void
lws_ss_sys_auth_api_amazon_com_renew(lws_sorted_usec_list_t * sul)64*1c60b9acSAndroid Build Coastguard Worker lws_ss_sys_auth_api_amazon_com_renew(lws_sorted_usec_list_t *sul)
65*1c60b9acSAndroid Build Coastguard Worker {
66*1c60b9acSAndroid Build Coastguard Worker struct lws_context *context = lws_container_of(sul, struct lws_context,
67*1c60b9acSAndroid Build Coastguard Worker sul_api_amazon_com);
68*1c60b9acSAndroid Build Coastguard Worker
69*1c60b9acSAndroid Build Coastguard Worker lws_ss_sys_auth_api_amazon_com(context);
70*1c60b9acSAndroid Build Coastguard Worker }
71*1c60b9acSAndroid Build Coastguard Worker
72*1c60b9acSAndroid Build Coastguard Worker static signed char
auth_api_amazon_com_parser_cb(struct lejp_ctx * ctx,char reason)73*1c60b9acSAndroid Build Coastguard Worker auth_api_amazon_com_parser_cb(struct lejp_ctx *ctx, char reason)
74*1c60b9acSAndroid Build Coastguard Worker {
75*1c60b9acSAndroid Build Coastguard Worker ss_api_amazon_auth_t *m = (ss_api_amazon_auth_t *)ctx->user;
76*1c60b9acSAndroid Build Coastguard Worker struct lws_context *context = (struct lws_context *)m->opaque_data;
77*1c60b9acSAndroid Build Coastguard Worker lws_system_blob_t *blob;
78*1c60b9acSAndroid Build Coastguard Worker
79*1c60b9acSAndroid Build Coastguard Worker if (!(reason & LEJP_FLAG_CB_IS_VALUE) || !ctx->path_match)
80*1c60b9acSAndroid Build Coastguard Worker return 0;
81*1c60b9acSAndroid Build Coastguard Worker
82*1c60b9acSAndroid Build Coastguard Worker switch (ctx->path_match - 1) {
83*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_ACCESS_TOKEN:
84*1c60b9acSAndroid Build Coastguard Worker if (!ctx->npos)
85*1c60b9acSAndroid Build Coastguard Worker break;
86*1c60b9acSAndroid Build Coastguard Worker
87*1c60b9acSAndroid Build Coastguard Worker blob = lws_system_get_blob(context, LWS_SYSBLOB_TYPE_AUTH,
88*1c60b9acSAndroid Build Coastguard Worker AUTH_IDX_LWA);
89*1c60b9acSAndroid Build Coastguard Worker if (!blob)
90*1c60b9acSAndroid Build Coastguard Worker return -1;
91*1c60b9acSAndroid Build Coastguard Worker
92*1c60b9acSAndroid Build Coastguard Worker if (lws_system_blob_heap_append(blob,
93*1c60b9acSAndroid Build Coastguard Worker (const uint8_t *)ctx->buf,
94*1c60b9acSAndroid Build Coastguard Worker ctx->npos)) {
95*1c60b9acSAndroid Build Coastguard Worker lwsl_err("%s: unable to store auth token\n", __func__);
96*1c60b9acSAndroid Build Coastguard Worker
97*1c60b9acSAndroid Build Coastguard Worker return -1;
98*1c60b9acSAndroid Build Coastguard Worker }
99*1c60b9acSAndroid Build Coastguard Worker break;
100*1c60b9acSAndroid Build Coastguard Worker case LSSPPT_EXPIRES_IN:
101*1c60b9acSAndroid Build Coastguard Worker m->expires_secs = atoi(ctx->buf);
102*1c60b9acSAndroid Build Coastguard Worker lws_sul_schedule(context, 0, &context->sul_api_amazon_com,
103*1c60b9acSAndroid Build Coastguard Worker lws_ss_sys_auth_api_amazon_com_renew,
104*1c60b9acSAndroid Build Coastguard Worker (lws_usec_t)m->expires_secs * LWS_US_PER_SEC);
105*1c60b9acSAndroid Build Coastguard Worker break;
106*1c60b9acSAndroid Build Coastguard Worker }
107*1c60b9acSAndroid Build Coastguard Worker
108*1c60b9acSAndroid Build Coastguard Worker return 0;
109*1c60b9acSAndroid Build Coastguard Worker }
110*1c60b9acSAndroid Build Coastguard Worker
111*1c60b9acSAndroid Build Coastguard Worker /* secure streams payload interface */
112*1c60b9acSAndroid Build Coastguard Worker
113*1c60b9acSAndroid Build Coastguard Worker static lws_ss_state_return_t
ss_api_amazon_auth_rx(void * userobj,const uint8_t * buf,size_t len,int flags)114*1c60b9acSAndroid Build Coastguard Worker ss_api_amazon_auth_rx(void *userobj, const uint8_t *buf, size_t len, int flags)
115*1c60b9acSAndroid Build Coastguard Worker {
116*1c60b9acSAndroid Build Coastguard Worker ss_api_amazon_auth_t *m = (ss_api_amazon_auth_t *)userobj;
117*1c60b9acSAndroid Build Coastguard Worker struct lws_context *context = (struct lws_context *)m->opaque_data;
118*1c60b9acSAndroid Build Coastguard Worker lws_system_blob_t *ab;
119*1c60b9acSAndroid Build Coastguard Worker #if !defined(LWS_WITH_NO_LOGS)
120*1c60b9acSAndroid Build Coastguard Worker size_t total;
121*1c60b9acSAndroid Build Coastguard Worker #endif
122*1c60b9acSAndroid Build Coastguard Worker int n;
123*1c60b9acSAndroid Build Coastguard Worker
124*1c60b9acSAndroid Build Coastguard Worker ab = lws_system_get_blob(context, LWS_SYSBLOB_TYPE_AUTH, AUTH_IDX_LWA);
125*1c60b9acSAndroid Build Coastguard Worker /* coverity */
126*1c60b9acSAndroid Build Coastguard Worker if (!ab)
127*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_DISCONNECT_ME;
128*1c60b9acSAndroid Build Coastguard Worker
129*1c60b9acSAndroid Build Coastguard Worker if (buf) {
130*1c60b9acSAndroid Build Coastguard Worker if (flags & LWSSS_FLAG_SOM) {
131*1c60b9acSAndroid Build Coastguard Worker lejp_construct(&m->jctx, auth_api_amazon_com_parser_cb,
132*1c60b9acSAndroid Build Coastguard Worker m, lejp_tokens_lwa,
133*1c60b9acSAndroid Build Coastguard Worker LWS_ARRAY_SIZE(lejp_tokens_lwa));
134*1c60b9acSAndroid Build Coastguard Worker lws_system_blob_heap_empty(ab);
135*1c60b9acSAndroid Build Coastguard Worker }
136*1c60b9acSAndroid Build Coastguard Worker
137*1c60b9acSAndroid Build Coastguard Worker n = lejp_parse(&m->jctx, buf, (int)len);
138*1c60b9acSAndroid Build Coastguard Worker if (n < 0) {
139*1c60b9acSAndroid Build Coastguard Worker lejp_destruct(&m->jctx);
140*1c60b9acSAndroid Build Coastguard Worker lws_system_blob_destroy(
141*1c60b9acSAndroid Build Coastguard Worker lws_system_get_blob(context,
142*1c60b9acSAndroid Build Coastguard Worker LWS_SYSBLOB_TYPE_AUTH,
143*1c60b9acSAndroid Build Coastguard Worker AUTH_IDX_LWA));
144*1c60b9acSAndroid Build Coastguard Worker
145*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_DISCONNECT_ME;
146*1c60b9acSAndroid Build Coastguard Worker }
147*1c60b9acSAndroid Build Coastguard Worker }
148*1c60b9acSAndroid Build Coastguard Worker if (!(flags & LWSSS_FLAG_EOM))
149*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_OK;
150*1c60b9acSAndroid Build Coastguard Worker
151*1c60b9acSAndroid Build Coastguard Worker /* we should have the auth token now */
152*1c60b9acSAndroid Build Coastguard Worker
153*1c60b9acSAndroid Build Coastguard Worker #if !defined(LWS_WITH_NO_LOGS)
154*1c60b9acSAndroid Build Coastguard Worker total = lws_system_blob_get_size(ab);
155*1c60b9acSAndroid Build Coastguard Worker lwsl_notice("%s: acquired %u-byte api.amazon.com auth token, exp %ds\n",
156*1c60b9acSAndroid Build Coastguard Worker __func__, (unsigned int)total, m->expires_secs);
157*1c60b9acSAndroid Build Coastguard Worker #endif
158*1c60b9acSAndroid Build Coastguard Worker
159*1c60b9acSAndroid Build Coastguard Worker lejp_destruct(&m->jctx);
160*1c60b9acSAndroid Build Coastguard Worker
161*1c60b9acSAndroid Build Coastguard Worker /* we move the system state at auth connection close */
162*1c60b9acSAndroid Build Coastguard Worker
163*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_DISCONNECT_ME;
164*1c60b9acSAndroid Build Coastguard Worker }
165*1c60b9acSAndroid Build Coastguard Worker
166*1c60b9acSAndroid Build Coastguard Worker static lws_ss_state_return_t
ss_api_amazon_auth_tx(void * userobj,lws_ss_tx_ordinal_t ord,uint8_t * buf,size_t * len,int * flags)167*1c60b9acSAndroid Build Coastguard Worker ss_api_amazon_auth_tx(void *userobj, lws_ss_tx_ordinal_t ord, uint8_t *buf,
168*1c60b9acSAndroid Build Coastguard Worker size_t *len, int *flags)
169*1c60b9acSAndroid Build Coastguard Worker {
170*1c60b9acSAndroid Build Coastguard Worker ss_api_amazon_auth_t *m = (ss_api_amazon_auth_t *)userobj;
171*1c60b9acSAndroid Build Coastguard Worker struct lws_context *context = (struct lws_context *)m->opaque_data;
172*1c60b9acSAndroid Build Coastguard Worker lws_system_blob_t *ab;
173*1c60b9acSAndroid Build Coastguard Worker size_t total;
174*1c60b9acSAndroid Build Coastguard Worker int n;
175*1c60b9acSAndroid Build Coastguard Worker
176*1c60b9acSAndroid Build Coastguard Worker /*
177*1c60b9acSAndroid Build Coastguard Worker * We send out auth slot AUTH_IDX_ROOT, it's the LWA user / device
178*1c60b9acSAndroid Build Coastguard Worker * identity token
179*1c60b9acSAndroid Build Coastguard Worker */
180*1c60b9acSAndroid Build Coastguard Worker
181*1c60b9acSAndroid Build Coastguard Worker ab = lws_system_get_blob(context, LWS_SYSBLOB_TYPE_AUTH, AUTH_IDX_ROOT);
182*1c60b9acSAndroid Build Coastguard Worker if (!ab)
183*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_DESTROY_ME;
184*1c60b9acSAndroid Build Coastguard Worker
185*1c60b9acSAndroid Build Coastguard Worker total = lws_system_blob_get_size(ab);
186*1c60b9acSAndroid Build Coastguard Worker
187*1c60b9acSAndroid Build Coastguard Worker n = lws_system_blob_get(ab, buf, len, m->pos);
188*1c60b9acSAndroid Build Coastguard Worker if (n < 0)
189*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_TX_DONT_SEND;
190*1c60b9acSAndroid Build Coastguard Worker
191*1c60b9acSAndroid Build Coastguard Worker if (!m->pos)
192*1c60b9acSAndroid Build Coastguard Worker *flags |= LWSSS_FLAG_SOM;
193*1c60b9acSAndroid Build Coastguard Worker
194*1c60b9acSAndroid Build Coastguard Worker m->pos += *len;
195*1c60b9acSAndroid Build Coastguard Worker
196*1c60b9acSAndroid Build Coastguard Worker if (m->pos == total) {
197*1c60b9acSAndroid Build Coastguard Worker *flags |= LWSSS_FLAG_EOM;
198*1c60b9acSAndroid Build Coastguard Worker m->pos = 0; /* for next time */
199*1c60b9acSAndroid Build Coastguard Worker }
200*1c60b9acSAndroid Build Coastguard Worker
201*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_OK;
202*1c60b9acSAndroid Build Coastguard Worker }
203*1c60b9acSAndroid Build Coastguard Worker
204*1c60b9acSAndroid Build Coastguard Worker static lws_ss_state_return_t
ss_api_amazon_auth_state(void * userobj,void * sh,lws_ss_constate_t state,lws_ss_tx_ordinal_t ack)205*1c60b9acSAndroid Build Coastguard Worker ss_api_amazon_auth_state(void *userobj, void *sh, lws_ss_constate_t state,
206*1c60b9acSAndroid Build Coastguard Worker lws_ss_tx_ordinal_t ack)
207*1c60b9acSAndroid Build Coastguard Worker {
208*1c60b9acSAndroid Build Coastguard Worker ss_api_amazon_auth_t *m = (ss_api_amazon_auth_t *)userobj;
209*1c60b9acSAndroid Build Coastguard Worker struct lws_context *context = (struct lws_context *)m->opaque_data;
210*1c60b9acSAndroid Build Coastguard Worker lws_system_blob_t *ab;
211*1c60b9acSAndroid Build Coastguard Worker size_t s;
212*1c60b9acSAndroid Build Coastguard Worker
213*1c60b9acSAndroid Build Coastguard Worker lwsl_info("%s: %s, ord 0x%x\n", __func__, lws_ss_state_name((int)state),
214*1c60b9acSAndroid Build Coastguard Worker (unsigned int)ack);
215*1c60b9acSAndroid Build Coastguard Worker
216*1c60b9acSAndroid Build Coastguard Worker ab = lws_system_get_blob(context, LWS_SYSBLOB_TYPE_AUTH, AUTH_IDX_ROOT);
217*1c60b9acSAndroid Build Coastguard Worker /* coverity */
218*1c60b9acSAndroid Build Coastguard Worker if (!ab)
219*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_DESTROY_ME;
220*1c60b9acSAndroid Build Coastguard Worker
221*1c60b9acSAndroid Build Coastguard Worker switch (state) {
222*1c60b9acSAndroid Build Coastguard Worker case LWSSSCS_CREATING:
223*1c60b9acSAndroid Build Coastguard Worker //if (lws_ss_set_metadata(m->ss, "ctype", "application/json", 16))
224*1c60b9acSAndroid Build Coastguard Worker // return LWSSSSRET_DESTROY_ME;
225*1c60b9acSAndroid Build Coastguard Worker /* fallthru */
226*1c60b9acSAndroid Build Coastguard Worker case LWSSSCS_CONNECTING:
227*1c60b9acSAndroid Build Coastguard Worker s = lws_system_blob_get_size(ab);
228*1c60b9acSAndroid Build Coastguard Worker if (!s)
229*1c60b9acSAndroid Build Coastguard Worker lwsl_debug("%s: no auth blob\n", __func__);
230*1c60b9acSAndroid Build Coastguard Worker m->pos = 0;
231*1c60b9acSAndroid Build Coastguard Worker return lws_ss_request_tx_len(m->ss, (unsigned long)s);
232*1c60b9acSAndroid Build Coastguard Worker
233*1c60b9acSAndroid Build Coastguard Worker case LWSSSCS_DISCONNECTED:
234*1c60b9acSAndroid Build Coastguard Worker /*
235*1c60b9acSAndroid Build Coastguard Worker * We defer moving the system state forward until we have
236*1c60b9acSAndroid Build Coastguard Worker * closed our connection + tls for the auth action... this is
237*1c60b9acSAndroid Build Coastguard Worker * because on small systems, we need that memory recovered
238*1c60b9acSAndroid Build Coastguard Worker * before we can make another connection subsequently.
239*1c60b9acSAndroid Build Coastguard Worker *
240*1c60b9acSAndroid Build Coastguard Worker * At this point, we're ultimately being called from within
241*1c60b9acSAndroid Build Coastguard Worker * the wsi close process, the tls tunnel is not freed yet.
242*1c60b9acSAndroid Build Coastguard Worker * Use a sul to actually do it next time around the event loop
243*1c60b9acSAndroid Build Coastguard Worker * when the close process for the auth wsi has completed and
244*1c60b9acSAndroid Build Coastguard Worker * the related tls is already freed.
245*1c60b9acSAndroid Build Coastguard Worker */
246*1c60b9acSAndroid Build Coastguard Worker s = lws_system_blob_get_size(ab);
247*1c60b9acSAndroid Build Coastguard Worker
248*1c60b9acSAndroid Build Coastguard Worker if (s && context->mgr_system.state != LWS_SYSTATE_OPERATIONAL)
249*1c60b9acSAndroid Build Coastguard Worker lws_sul_schedule(context, 0,
250*1c60b9acSAndroid Build Coastguard Worker &context->sul_api_amazon_com_kick,
251*1c60b9acSAndroid Build Coastguard Worker lws_ss_sys_auth_api_amazon_com_kick, 1);
252*1c60b9acSAndroid Build Coastguard Worker
253*1c60b9acSAndroid Build Coastguard Worker context->hss_auth = NULL;
254*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_DESTROY_ME;
255*1c60b9acSAndroid Build Coastguard Worker
256*1c60b9acSAndroid Build Coastguard Worker default:
257*1c60b9acSAndroid Build Coastguard Worker break;
258*1c60b9acSAndroid Build Coastguard Worker }
259*1c60b9acSAndroid Build Coastguard Worker
260*1c60b9acSAndroid Build Coastguard Worker return LWSSSSRET_OK;
261*1c60b9acSAndroid Build Coastguard Worker }
262*1c60b9acSAndroid Build Coastguard Worker
263*1c60b9acSAndroid Build Coastguard Worker int
lws_ss_sys_auth_api_amazon_com(struct lws_context * context)264*1c60b9acSAndroid Build Coastguard Worker lws_ss_sys_auth_api_amazon_com(struct lws_context *context)
265*1c60b9acSAndroid Build Coastguard Worker {
266*1c60b9acSAndroid Build Coastguard Worker lws_ss_info_t ssi;
267*1c60b9acSAndroid Build Coastguard Worker
268*1c60b9acSAndroid Build Coastguard Worker if (context->hss_auth) /* already exists */
269*1c60b9acSAndroid Build Coastguard Worker return 0;
270*1c60b9acSAndroid Build Coastguard Worker
271*1c60b9acSAndroid Build Coastguard Worker /* We're making an outgoing secure stream ourselves */
272*1c60b9acSAndroid Build Coastguard Worker
273*1c60b9acSAndroid Build Coastguard Worker memset(&ssi, 0, sizeof(ssi));
274*1c60b9acSAndroid Build Coastguard Worker ssi.handle_offset = offsetof(ss_api_amazon_auth_t, ss);
275*1c60b9acSAndroid Build Coastguard Worker ssi.opaque_user_data_offset = offsetof(ss_api_amazon_auth_t, opaque_data);
276*1c60b9acSAndroid Build Coastguard Worker ssi.rx = ss_api_amazon_auth_rx;
277*1c60b9acSAndroid Build Coastguard Worker ssi.tx = ss_api_amazon_auth_tx;
278*1c60b9acSAndroid Build Coastguard Worker ssi.state = ss_api_amazon_auth_state;
279*1c60b9acSAndroid Build Coastguard Worker ssi.user_alloc = sizeof(ss_api_amazon_auth_t);
280*1c60b9acSAndroid Build Coastguard Worker ssi.streamtype = "api_amazon_com_auth";
281*1c60b9acSAndroid Build Coastguard Worker
282*1c60b9acSAndroid Build Coastguard Worker if (lws_ss_create(context, 0, &ssi, context, &context->hss_auth,
283*1c60b9acSAndroid Build Coastguard Worker NULL, NULL)) {
284*1c60b9acSAndroid Build Coastguard Worker lwsl_info("%s: Create LWA auth ss failed (policy?)\n", __func__);
285*1c60b9acSAndroid Build Coastguard Worker return 1;
286*1c60b9acSAndroid Build Coastguard Worker }
287*1c60b9acSAndroid Build Coastguard Worker
288*1c60b9acSAndroid Build Coastguard Worker return 0;
289*1c60b9acSAndroid Build Coastguard Worker }
290