tport_tls.h 2.58 KB
Newer Older
Pekka Pessi's avatar
Pekka Pessi committed
1 2 3 4 5 6 7
/*
 * This file is part of the Sofia-SIP package
 *
 * Copyright (C) 2005 Nokia Corporation.
 *
 * Contact: Pekka Pessi <pekka.pessi@nokia.com>
 *
8
 * This library is free software; you can redistribute it and/or
Pekka Pessi's avatar
Pekka Pessi committed
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
 * modify it under the terms of the GNU Lesser General Public License
 * as published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA
 *
 */

#ifndef TPORT_TLS_H /** Defined when <tport_tls.h> has been included. */
Pekka Pessi's avatar
Pekka Pessi committed
26
#define TPORT_TLS_H REMOVED_RCS_ID
Pekka Pessi's avatar
Pekka Pessi committed
27 28 29 30 31 32 33
/**@IFILE tport_tls.h
 * @brief TLS interface
 * 
 * @author Mikko Haataja <ext-Mikko.A.Haataja@nokia.com>
 *
 * Copyright 2001, 2002 Nokia Research Center.  All rights reserved.
 *
Pekka Pessi's avatar
Pekka Pessi committed
34
 * @date Last modified: Mon Aug  8 19:10:17 2005 ppessi
Pekka Pessi's avatar
Pekka Pessi committed
35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74
 *
 */

#define TLS_MAX_HOSTS (16)

typedef struct tls_s tls_t;

typedef struct tls_issues_s {
  int  verify_depth;    /* if 0, then do nothing                      */
  int   configured;	/* If non-zero, complain about certificate errors */
  char *cert;		/* CERT file name. File format is PEM         */
  char *key;		/* Private key file. PEM format               */
  char *randFile;       /* Seed file for the PRNG (default: tls_seed.dat) */
  char *CAfile;		/* PEM file of CA's                           */
  char *CApath;		/* PEM file path of CA's		      */
  char *cipher;         /* Should be one of the above defined ciphers *
			 * or NULL (default: "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
                         */
  int   version;	/* For tls1, version is 1. When ssl3/ssl2 is 
			 * used, it is 0. */
} tls_issues_t;

tls_t *tls_init_master(tls_issues_t *tls_issues);
tls_t *tls_init_slave(tls_t *tls_master, int sock);
tls_t *tls_init_client(tls_t *tls_master, int sock);
void tls_free(tls_t *tls);
int tls_get_socket(tls_t *tls);
int tls_read(tls_t *tls);
void *tls_read_buffer(tls_t *tls, int N);
int tls_want_read(tls_t *tls, int events);
int tls_pending(tls_t const *tls);

int tls_write(tls_t *tls, void *buf, int size);
int tls_want_write(tls_t *tls, int events);

int tls_check_hosts(tls_t *tls, char const *hosts[TLS_MAX_HOSTS]);

int tls_events(tls_t const *tls, int flags);

#endif