tport_tls.h 2.6 KB
Newer Older
Pekka Pessi's avatar
Pekka Pessi committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74
/*
 * This file is part of the Sofia-SIP package
 *
 * Copyright (C) 2005 Nokia Corporation.
 *
 * Contact: Pekka Pessi <pekka.pessi@nokia.com>
 *
 * * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public License
 * as published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA
 *
 */

#ifndef TPORT_TLS_H /** Defined when <tport_tls.h> has been included. */
#define TPORT_TLS_H $Id: tport_tls.h,v 1.2 2005/08/08 19:10:17 ppessi Exp $
/**@IFILE tport_tls.h
 * @brief TLS interface
 * 
 * @author Mikko Haataja <ext-Mikko.A.Haataja@nokia.com>
 *
 * Copyright 2001, 2002 Nokia Research Center.  All rights reserved.
 *
 * $Date: 2005/08/08 19:10:17 $
 *
 */

#define TLS_MAX_HOSTS (16)

typedef struct tls_s tls_t;

typedef struct tls_issues_s {
  int  verify_depth;    /* if 0, then do nothing                      */
  int   configured;	/* If non-zero, complain about certificate errors */
  char *cert;		/* CERT file name. File format is PEM         */
  char *key;		/* Private key file. PEM format               */
  char *randFile;       /* Seed file for the PRNG (default: tls_seed.dat) */
  char *CAfile;		/* PEM file of CA's                           */
  char *CApath;		/* PEM file path of CA's		      */
  char *cipher;         /* Should be one of the above defined ciphers *
			 * or NULL (default: "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
                         */
  int   version;	/* For tls1, version is 1. When ssl3/ssl2 is 
			 * used, it is 0. */
} tls_issues_t;

tls_t *tls_init_master(tls_issues_t *tls_issues);
tls_t *tls_init_slave(tls_t *tls_master, int sock);
tls_t *tls_init_client(tls_t *tls_master, int sock);
void tls_free(tls_t *tls);
int tls_get_socket(tls_t *tls);
int tls_read(tls_t *tls);
void *tls_read_buffer(tls_t *tls, int N);
int tls_want_read(tls_t *tls, int events);
int tls_pending(tls_t const *tls);

int tls_write(tls_t *tls, void *buf, int size);
int tls_want_write(tls_t *tls, int events);

int tls_check_hosts(tls_t *tls, char const *hosts[TLS_MAX_HOSTS]);

int tls_events(tls_t const *tls, int flags);

#endif