1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
/*<copyright>
* <year>1999-2008</year>
* <holder>Ericsson AB, All Rights Reserved</holder>
*</copyright>
*<legalnotice>
* The contents of this file are subject to the Erlang Public License,
* Version 1.1, (the "License"); you may not use this file except in
* compliance with the License. You should have received a copy of the
* Erlang Public License along with this software. If not, it can be
* retrieved online at http://www.erlang.org/.
*
* Software distributed under the License is distributed on an "AS IS"
* basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
* the License for the specific language governing rights and limitations
* under the License.
*
* The Initial Developer of the Original Code is Ericsson AB.
*</legalnotice>
*/
/*
* Purpose: Header file for adaptions to various SSL packages.
*/
#ifndef ESOCK_SSL_H
#define ESOCK_SSL_H
#include <sys/types.h>
#include <stdio.h>
#include "esock.h"
typedef struct {
const char *compile_version;/* version of OpenSSL when compiling esock */
const char *lib_version; /* version of OpenSSL in library */
} esock_version;
/* Variables to be set by certain functions (see below) */
char *esock_ssl_errstr;
/* Ephemeral RSA and DH */
int ephemeral_rsa, ephemeral_dh;
/* Protocol version (sslv2, sslv3, tlsv1) */
int protocol_version;
/* version info */
esock_version *esock_ssl_version(void);
/* ciphers info */
char *esock_ssl_ciphers(void);
/* seeding */
void esock_ssl_seed(void *buf, int len);
/* Initialization and finalization of SSL */
int esock_ssl_init(void);
void esock_ssl_finish(void);
/* Freeing of SSL resources for a connection */
void esock_ssl_free(Connection *cp);
/* Print error diagnostics to a file pointer */
void esock_ssl_print_errors_fp(FILE *fp);
/* All functions below have to return >= 0 on success, and < 0 on
* failure.
*
* If the return indicates a failure (return value < 0) and the failure
* is temporary the error context (sock_errno()/sock_set_errno()) must
* be set to ERRNO_BLOCK.
*
* If the failure is permanent, the error context must be set to something
* else than ERRNO_BLOCK, and `esock_ssl_errstr' must be set to point to
* short diagnostic string describing the error.
*/
int esock_ssl_accept_init(Connection *cp, void *listenssl);
int esock_ssl_connect_init(Connection *cp);
int esock_ssl_listen_init(Connection *cp);
/* All functions below may involve non-blocking I/O with a temporary
* failure. Hence they have to have the error context set to
* ERRNO_BLOCK, or else have esock_ssl_errstr set to point to a
* diagnostic string, in case the return value is < 0. If the return
* value is 0, cp->eof and cp->bp are set, if appropritate.
*/
int esock_ssl_accept(Connection *cp);
int esock_ssl_connect(Connection *cp);
int esock_ssl_read(Connection *cp, char *buf, int len);
int esock_ssl_write(Connection *cp, char *buf, int len);
int esock_ssl_shutdown(Connection *cp);
/* Peer certificate */
int esock_ssl_getpeercert(Connection *cp, unsigned char **buf);
int esock_ssl_getpeercertchain(Connection *cp, unsigned char **buf);
/* Sessions */
int esock_ssl_session_reused(Connection *cp);
/* Protocol version and cipher of established connection */
int esock_ssl_getprotocol_version(Connection *cp, char **buf);
int esock_ssl_getcipher(Connection *cp, char **buf);
#endif
|