src/login-common/login-proxy.h

	login-proxy.h revision 2598b2f36365b52d9754b9348a5be29569293e46
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter#ifndef LOGIN_PROXY_H
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter#define LOGIN_PROXY_H
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walterstruct client;
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walterstruct login_proxy;
fcd8093c58638dc7c4f9cddfc97f273b94ce2eadStef Walter
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walterenum login_proxy_ssl_flags {
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter    /* Use SSL/TLS enabled */
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter    PROXY_SSL_FLAG_YES  = 0x01,
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter    /* Don't do SSL handshake immediately after connected */
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter    PROXY_SSL_FLAG_STARTTLS = 0x02,
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter    /* Don't require that the received certificate is valid */
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter    PROXY_SSL_FLAG_ANY_CERT = 0x04
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter};
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walterstruct login_proxy_settings {
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter    const char *host;
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter    unsigned int port;
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter    unsigned int connect_timeout_msecs;
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter    enum login_proxy_ssl_flags ssl_flags;
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter};
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter/* Called when new input comes from proxy. */
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Waltertypedef void proxy_callback_t(void *context);
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter/* Create a proxy to given host. Returns NULL if failed. Given callback is
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter   called when new input is available from proxy. */
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walterstruct login_proxy *
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walterlogin_proxy_new(struct client *client, const struct login_proxy_settings *set,
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter        proxy_callback_t *callback, void *context);
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter#ifdef CONTEXT_TYPE_SAFETY
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter#  define login_proxy_new(client, set, callback, context) \
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter    ({(void)(1 ? 0 : callback(context)); \
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter      login_proxy_new(client, set, \
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter        (proxy_callback_t *)callback, context); })
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter#else
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter#  define login_proxy_new(client, set, callback, context) \
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter      login_proxy_new(client, set, (proxy_callback_t *)callback, context)
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter#endif
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter/* Free the proxy. This should be called if authentication fails. */
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Waltervoid login_proxy_free(struct login_proxy **proxy);
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter/* Return TRUE if host/port/destuser combination points to same as current
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter   connection. */
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walterbool login_proxy_is_ourself(const struct client *client, const char *host,
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter                unsigned int port, const char *destuser);
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter/* Detach proxy from client. This is done after the authentication is
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter   successful and all that is left is the dummy proxying. */
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Waltervoid login_proxy_detach(struct login_proxy *proxy, struct istream *client_input,
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter            struct ostream *client_output);
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walter/* STARTTLS command was issued. */
b699c4d7f85a5404be1d1ee9450331aea869b886Stef Walterint login_proxy_starttls(struct login_proxy *proxy);
fcd8093c58638dc7c4f9cddfc97f273b94ce2eadStef Walter
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walterstruct istream *login_proxy_get_istream(struct login_proxy *proxy);
fcd8093c58638dc7c4f9cddfc97f273b94ce2eadStef Walterstruct ostream *login_proxy_get_ostream(struct login_proxy *proxy);
fcd8093c58638dc7c4f9cddfc97f273b94ce2eadStef Walter
fcd8093c58638dc7c4f9cddfc97f273b94ce2eadStef Walterconst char *login_proxy_get_host(const struct login_proxy *proxy) ATTR_PURE;
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walterunsigned int login_proxy_get_port(const struct login_proxy *proxy) ATTR_PURE;
fcd8093c58638dc7c4f9cddfc97f273b94ce2eadStef Walterenum login_proxy_ssl_flags
fcd8093c58638dc7c4f9cddfc97f273b94ce2eadStef Walterlogin_proxy_get_ssl_flags(const struct login_proxy *proxy) ATTR_PURE;
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Waltervoid login_proxy_deinit(void);
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter#endif
dff909d473f43a6bd0f0286fa2d279c0ebe945c6Stef Walter