iostream-openssl.h revision 8bcf6fd065a71ae0ca6dc76989250e819d08d7f6
13479101da29577f7789d6f61faa1da3e2f7434aTimo Sirainen# define ASN1_STRING_get0_data(str) ASN1_STRING_data(str)
d185226aa3dc88a9ee9f16b4c8b2e38000ac8b96Timo Sirainen /* SSL clients: host where we connected to */
d185226aa3dc88a9ee9f16b4c8b2e38000ac8b96Timo Sirainen /* SSL servers: host requested by the client via SNI */
e98de01b5644c88b6053e2921eb5e9a506fe263fTimo Sirainen /* copied settings */
095481fee84040436ce2dccca472c9bb1df4d5bbTimo Sirainen bool verbose, verbose_invalid_cert, allow_invalid_cert;
ac645fe16c0619771c0a961db91df16485513c52Timo Sirainen ssl_iostream_handshake_callback_t *handshake_callback;
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenstruct istream *openssl_i_stream_create_ssl(struct ssl_iostream *ssl_io);
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenstruct ostream *openssl_o_stream_create_ssl(struct ssl_iostream *ssl_io);
ba1c847d0af4afe4787ed470d0c818e948e184e2Timo Sirainenint openssl_iostream_context_init_client(const struct ssl_iostream_settings *set,
ba1c847d0af4afe4787ed470d0c818e948e184e2Timo Sirainen const char **error_r);
ba1c847d0af4afe4787ed470d0c818e948e184e2Timo Sirainenint openssl_iostream_context_init_server(const struct ssl_iostream_settings *set,
ba1c847d0af4afe4787ed470d0c818e948e184e2Timo Sirainen const char **error_r);
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenvoid openssl_iostream_context_deinit(struct ssl_iostream_context *ctx);
9f7ba3807f77209a65e0faa56cac8545b06cd116Aki Tuomiint openssl_iostream_load_key(const struct ssl_iostream_cert *set,
831f3bcdde51fa388462eda1daa555e90651ca2eTimo Sirainenint openssl_cert_match_name(SSL *ssl, const char *verify_name);
6a4212e6d7c41de83bcac63edec3118e6a7a0f68Timo Sirainenint openssl_get_protocol_options(const char *protocols);
6a4212e6d7c41de83bcac63edec3118e6a7a0f68Timo Sirainen (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1)
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen/* Sync plain_input/plain_output streams with BIOs. Returns TRUE if at least
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen one byte was read/written. */
8bcf6fd065a71ae0ca6dc76989250e819d08d7f6Aki Tuomibool openssl_iostream_bio_sync(struct ssl_iostream *ssl_io,
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen/* Call when there's more data available in plain_input/plain_output.
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen Returns 1 if it's ok to continue with SSL_read/SSL_write, 0 if not
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen (still handshaking), -1 if error occurred. */
8bcf6fd065a71ae0ca6dc76989250e819d08d7f6Aki Tuomiint openssl_iostream_more(struct ssl_iostream *ssl_io,
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen/* Returns 1 if the operation should be retried (we read/wrote more data),
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen 0 if the operation should retried later once more data has been
21fed972adb354b92771eefad27f8ac8cbd5dd45Timo Sirainen read/written, -1 if a fatal error occurred (errno is set). */
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenint openssl_iostream_handle_error(struct ssl_iostream *ssl_io, int ret,
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenconst char *openssl_iostream_error(void);
3faa1040e5a3f9f35ffad29110216094ab2f5880Timo Sirainenconst char *openssl_iostream_key_load_error(void);
8b5d186ec2f8b56ded72a7f45a70b7542caad9d0Timo Sirainenopenssl_iostream_use_certificate_error(const char *cert, const char *set_name);