src/login-common/ssl-proxy.h

	ssl-proxy.h revision 42a6ae32e417eb19b48ef312b988d0a527b85ed7
2454dfa32c93c20a8522c6ed42fe057baaac9f9aStephan Bosch#ifndef SSL_PROXY_H
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainen#define SSL_PROXY_H
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainen
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenstruct ip_addr;
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenstruct ssl_proxy;
dfa2201c6ac8ddb2d2798dee15662cfe774e644eMartti Rannanjärvistruct login_settings;
d39a04db2f4d0599cb9b5f03a9aa10a3c234453cTimo Sirainenstruct client;
f7423cbbd9dea363a5df18ebb96da055a977ae79Timo Sirainen
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenextern bool ssl_initialized;
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainen
a3fe8c0c54d87822f4b4f8f0d10caac611861b2bTimo Sirainentypedef int ssl_handshake_callback_t(void *context);
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainen
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainen/* establish SSL connection with the given fd, returns a new fd which you
c99fe55d4535d839a6ad0735c4719e076a1adb2cTimo Sirainen   must use from now on, or -1 if error occurred. Unless -1 is returned,
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainen   the given fd must be simply forgotten. */
96d19229e5f322411eb84446e5477d8170cfa5afTimo Sirainenint ssl_proxy_alloc(int fd, const struct ip_addr *ip, pool_t set_pool,
7891c8e6debdcfec552cb1beea2a0230fe89957bTimo Sirainen		    const struct login_settings *set,
5a6343181a5183b1ae1c39d40fc5a1deb3b840d9Timo Sirainen		    struct ssl_proxy **proxy_r);
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenint ssl_proxy_client_alloc(int fd, struct ip_addr *ip, pool_t set_pool,
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainen			   const struct login_settings *set,
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainen			   ssl_handshake_callback_t *callback, void *context,
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainen			   struct ssl_proxy **proxy_r);
d176f84ce5ca2073f4dfbafb457b9c74f6bf0d76Timo Sirainenvoid ssl_proxy_start(struct ssl_proxy *proxy);
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenvoid ssl_proxy_set_client(struct ssl_proxy *proxy, struct client *client);
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenbool ssl_proxy_has_valid_client_cert(const struct ssl_proxy *proxy) ATTR_PURE;
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenbool ssl_proxy_has_broken_client_cert(struct ssl_proxy *proxy);
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenint ssl_proxy_cert_match_name(struct ssl_proxy *proxy, const char *verify_name);
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenconst char *ssl_proxy_get_peer_name(struct ssl_proxy *proxy);
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenbool ssl_proxy_is_handshaked(const struct ssl_proxy *proxy) ATTR_PURE;
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenconst char *ssl_proxy_get_last_error(const struct ssl_proxy *proxy) ATTR_PURE;
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenconst char *ssl_proxy_get_security_string(struct ssl_proxy *proxy);
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenconst char *ssl_proxy_get_compression(struct ssl_proxy *proxy);
8d3278a82b964217d95c340ec6f82037cdc59d19Timo Sirainenvoid ssl_proxy_free(struct ssl_proxy **proxy);
cf0ad1a0bddb0787f3d7b408a96d721a8b2a98a3Timo Sirainen
cf0ad1a0bddb0787f3d7b408a96d721a8b2a98a3Timo Sirainen/* Return number of active SSL proxies */
cf0ad1a0bddb0787f3d7b408a96d721a8b2a98a3Timo Sirainenunsigned int ssl_proxy_get_count(void) ATTR_PURE;
cf0ad1a0bddb0787f3d7b408a96d721a8b2a98a3Timo Sirainen
cf0ad1a0bddb0787f3d7b408a96d721a8b2a98a3Timo Sirainenvoid ssl_proxy_init(void);
86791365b10f45982c88e70f2eb94fd6c3fea151Timo Sirainenvoid ssl_proxy_deinit(void);
86791365b10f45982c88e70f2eb94fd6c3fea151Timo Sirainen
86791365b10f45982c88e70f2eb94fd6c3fea151Timo Sirainen#endif
86791365b10f45982c88e70f2eb94fd6c3fea151Timo Sirainen