Main Page | Modules | Data Structures | Directories | File List | Data Fields | Globals

tls.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (c) 2005, 2006 by KoanLogic s.r.l. <http://www.koanlogic.com>
00003  * All rights reserved.
00004  *
00005  * This file is part of KLone, and as such it is subject to the license stated
00006  * in the LICENSE file which you have received as part of this distribution.
00007  *
00008  * $Id: tls.h,v 1.9 2006/01/09 12:38:38 tat Exp $
00009  */
00010 
00011 #ifndef _KLONE_TLS_H_
00012 #define _KLONE_TLS_H_
00013 
00014 #include "klone_conf.h"
00015 #include <u/libu.h>
00016 #ifdef HAVE_LIBOPENSSL
00017 #include <openssl/ssl.h>
00018 
00019 #ifdef __cplusplus
00020 extern "C" {
00021 #endif
00022 
00023 /* (pseudo) unique data to feed the PRNG */
00024 struct tls_rand_seed_s 
00025 {
00026     pid_t   pid;
00027     long    t1, t2;
00028     void    *stack;
00029 };
00030 
00031 /* SSL_CTX initialization parameters.  Mapping of "verify_client" configuration
00032  * directive to vmode is done in the following way:
00033  *  "none"      -> SSL_VERIFY_NONE
00034  *  "optional"  -> SSL_VERIFY_PEER
00035  *  "require"   -> SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT */
00036 struct tls_ctx_args_s
00037 {
00038     const char *cert;       /* server certificate file (PEM) */
00039     const char *key;        /* server private key (PEM) */
00040     const char *certchain;  /* Server Certificate Authorities (PEM) */
00041     const char *ca;         /* Client Certification Authorities file (PEM) */
00042     const char *dh;         /* Diffie-Hellman parameters (PEM) */
00043     int         depth;      /* max depth for the cert chain verification */
00044     int         vmode;      /* SSL verification mode */
00045 };
00046 
00047 typedef struct tls_rand_seed_s tls_rand_seed_t;
00048 typedef struct tls_ctx_args_s tls_ctx_args_t;
00049 
00050 
00051 SSL_CTX *tls_init_ctx (tls_ctx_args_t *);
00052 int     tls_load_ctx_args(u_config_t *, tls_ctx_args_t **);
00053 char    *tls_get_error (void);
00054 
00055 #ifdef __cplusplus
00056 }
00057 #endif 
00058 
00059 #endif /* HAVE_LIBOPENSSL */
00060 
00061 #endif /* !_KLONE_TLS_H */

←Products
© 2005-2006 - KoanLogic S.r.l. - All rights reserved