13479101da29577f7789d6f61faa1da3e2f7434aTimo Sirainen# define ASN1_STRING_get0_data(str) ASN1_STRING_data(str)
d185226aa3dc88a9ee9f16b4c8b2e38000ac8b96Timo Sirainen /* SSL clients: host where we connected to */
d185226aa3dc88a9ee9f16b4c8b2e38000ac8b96Timo Sirainen /* SSL servers: host requested by the client via SNI */
e98de01b5644c88b6053e2921eb5e9a506fe263fTimo Sirainen /* copied settings */
095481fee84040436ce2dccca472c9bb1df4d5bbTimo Sirainen bool verbose, verbose_invalid_cert, allow_invalid_cert;
ac645fe16c0619771c0a961db91df16485513c52Timo Sirainen ssl_iostream_handshake_callback_t *handshake_callback;
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenstruct istream *openssl_i_stream_create_ssl(struct ssl_iostream *ssl_io);
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenstruct ostream *openssl_o_stream_create_ssl(struct ssl_iostream *ssl_io);
15aa67e8a9dd7fc631d58ce13c54fe004bb4d0c1Timo Sirainenint openssl_iostream_global_init(const struct ssl_iostream_settings *set,
15aa67e8a9dd7fc631d58ce13c54fe004bb4d0c1Timo Sirainen const char **error_r);
ba1c847d0af4afe4787ed470d0c818e948e184e2Timo Sirainenint openssl_iostream_context_init_client(const struct ssl_iostream_settings *set,
ba1c847d0af4afe4787ed470d0c818e948e184e2Timo Sirainen const char **error_r);
ba1c847d0af4afe4787ed470d0c818e948e184e2Timo Sirainenint openssl_iostream_context_init_server(const struct ssl_iostream_settings *set,
ba1c847d0af4afe4787ed470d0c818e948e184e2Timo Sirainen const char **error_r);
96359599bbd4a2d704c3f343ff4c2fcd03f0dd02Timo Sirainenvoid openssl_iostream_context_ref(struct ssl_iostream_context *ctx);
96359599bbd4a2d704c3f343ff4c2fcd03f0dd02Timo Sirainenvoid openssl_iostream_context_unref(struct ssl_iostream_context *ctx);
9f7ba3807f77209a65e0faa56cac8545b06cd116Aki Tuomiint openssl_iostream_load_key(const struct ssl_iostream_cert *set,
bbafd34da224c399700956db6819643e1d3b3ce7Timo Sirainenbool openssl_cert_match_name(SSL *ssl, const char *verify_name,
bbafd34da224c399700956db6819643e1d3b3ce7Timo Sirainen const char **reason_r);
6a4212e6d7c41de83bcac63edec3118e6a7a0f68Timo Sirainen (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1)
976dee5384c4827dc648c9bc53825390521c388eMartti Rannanjärvi/* opt_r is used with SSL_set_options() and version_r is used with
976dee5384c4827dc648c9bc53825390521c388eMartti Rannanjärvi SSL_set_min_proto_version(). Using either method should enable the same SSL
976dee5384c4827dc648c9bc53825390521c388eMartti Rannanjärvi protocol versions. */
976dee5384c4827dc648c9bc53825390521c388eMartti Rannanjärviint openssl_min_protocol_to_options(const char *min_protocol, long *opt_r,
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen/* Sync plain_input/plain_output streams with BIOs. Returns TRUE if at least
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen one byte was read/written. */
8bcf6fd065a71ae0ca6dc76989250e819d08d7f6Aki Tuomibool openssl_iostream_bio_sync(struct ssl_iostream *ssl_io,
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen/* Call when there's more data available in plain_input/plain_output.
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen Returns 1 if it's ok to continue with SSL_read/SSL_write, 0 if not
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen (still handshaking), -1 if error occurred. */
8bcf6fd065a71ae0ca6dc76989250e819d08d7f6Aki Tuomiint openssl_iostream_more(struct ssl_iostream *ssl_io,
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen/* Returns 1 if the operation should be retried (we read/wrote more data),
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen 0 if the operation should retried later once more data has been
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen read/written, -1 if a fatal error occurred (errno is set). */
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenint openssl_iostream_handle_error(struct ssl_iostream *ssl_io, int ret,
14a07d2bb34f1d52fce3e3218799f271f118d501Timo Sirainenvoid openssl_iostream_set_error(struct ssl_iostream *ssl_io, const char *str);
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenconst char *openssl_iostream_error(void);
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenconst char *openssl_iostream_key_load_error(void);
8b5d186ec2f8b56ded72a7f45a70b7542caad9d0Timo Sirainenopenssl_iostream_use_certificate_error(const char *cert, const char *set_name);