/* ========================================================================== * libevnet/src/tls.h - OpenSSL interface for libevnet. * -------------------------------------------------------------------------- * Copyright (c) 2003 William Ahern * Copyright (c) 2004 Barracuda Networks, Inc. * Copyright (c) 2006 William Ahern * * Permission is hereby granted, free of charge, to any person obtaining a * copy of this software and associated documentation files (the "Software"), * to deal in the Software without restriction, including without limitation * the rights to use, copy, modify, merge, publish, distribute, sublicense, * and/or sell copies of the Software, and to permit persons to whom the * Software is furnished to do so, subject to the following conditions: * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN * NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE * USE OR OTHER DEALINGS IN THE SOFTWARE. * ========================================================================== */ #ifndef EVNET_TLS_H #define EVNET_TLS_H #include /* ssize_t */ #ifdef USE_OPENSSL #include /* Don't force caller to include this. */ #else #define SSL void #define SSL_CTX void #endif struct event_base; struct arena_prototype; enum tls_errno { TLS_ESUCCESS, TLS_ESYSTEM, TLS_EOPENSSL, TLS_ETIMEDOUT, TLS_ECANCELLED, }; /* enum tls_errno */ extern const char *tls_errlist[]; extern const int tls_nerr; enum tls_versions { TLS_VERSION_1 = 1 << 0, SSL_VERSION_2 = 1 << 1, SSL_VERSION_3 = 1 << 2, }; /* enum tls_versions */ enum tls_state { TLS_S_DISCONNECTED = 0, TLS_S_CONNECTED = 1 << 0, TLS_S_VERIFIED = 1 << 1, TLS_S_NEED_READ = 1 << 2, TLS_S_NEED_WRITE = 1 << 3, TLS_S_MODE_ACCEPT = 1 << 4, TLS_S_MODE_CONNECT = 1 << 5, }; /* enum tls_state */ struct tls_identity; struct tls; struct tls_info { struct { char name[32]; unsigned int bits; } cipher; struct { char name[32]; enum tls_versions id; } version; }; /* struct tls_info */ struct tls_options { enum tls_versions versions; int require_trust; int (*is_trusted)(struct tls *, SSL *); }; /* struct tls_options */ extern const struct tls_options tls_options_initializer; extern const struct tls_options tls_defaults; enum tls_errno tls_reset(void); enum tls_errno tls_init(void); struct tls_identity *tls_identity_open(const struct tls_options *, const struct arena_prototype *, enum tls_errno *); void tls_identity_close(struct tls_identity *); enum tls_errno tls_identity_certify(struct tls_identity *, const char *, const char *); enum tls_errno tls_identity_trust(struct tls_identity *, const char *); SSL_CTX *tls_identity_peek(struct tls_identity *); struct tls *tls_open(int fd, struct tls_identity *, struct event_base *, const struct arena_prototype *, enum tls_errno *); void tls_close(struct tls *); int tls_pending(struct tls *); void tls_cancel(struct tls *, int); SSL *tls_peek(struct tls *); typedef void (*tls_read_cb)(struct tls *, void *, size_t, enum tls_errno, void *); #ifndef WIN32 ssize_t tls_read(struct tls *, void *, size_t, tls_read_cb, void *, struct timeval *); #else long tls_read(struct tls *, void *, size_t, tls_read_cb, void *, struct timeval *); #endif typedef void (*tls_write_cb)(struct tls *, void *, size_t, enum tls_errno, void *); #ifndef WIN32 ssize_t tls_write(struct tls *, const void *, size_t, tls_read_cb, void *, struct timeval *); #else long tls_write(struct tls *, const void *, size_t, tls_read_cb, void *, struct timeval *); #endif typedef void (*tls_accept_cb)(struct tls *, enum tls_errno, void *); enum tls_errno tls_accept(struct tls *, tls_accept_cb, void *, struct timeval *); typedef void (*tls_connect_cb)(struct tls *, enum tls_errno, void *); enum tls_errno tls_connect(struct tls *, tls_connect_cb, void *, struct timeval *); int tls_state(struct tls *); struct tls_info *tls_info(struct tls *); enum tls_errno tls_errno(struct tls *); const char *tls_strerror(struct tls *); #endif /* EVNET_TLS_H */