about summary refs log tree commit diff stats
path: root/WWW/Library/Implementation/tidy_tls.h
blob: 56b3636015c8d54c288a3916cda91ede94cc292a (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
/*
 * $LynxId: tidy_tls.h,v 1.8 2015/10/12 00:28:18 tom Exp $
 * Copyright 2008-2013,2015 Thomas E. Dickey
 */
#ifndef TIDY_TLS_H
#define TIDY_TLS_H

#include <gnutls/gnutls.h>

#define OPENSSL_VERSION_NUMBER (0x0090604F)
#define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER

#define SSLeay_add_ssl_algorithms()   SSL_library_init()

#define SSL_ST_OK       (1)

#define SSL_OP_ALL      (0x000FFFFF)
#define SSL_OP_NO_SSLv2 (0x00100000)
#define SSL_OP_NO_SSLv3 (0x00200000)
#define SSL_OP_NO_TLSv1 (0x00400000)

#define SSL_get_cipher_name(ssl)    SSL_CIPHER_get_name(SSL_get_current_cipher(ssl))
#define SSL_get_cipher(ssl)         SSL_get_cipher_name(ssl)
#define SSL_get_cipher_bits(ssl,bp) SSL_CIPHER_get_bits(SSL_get_current_cipher(ssl),(bp))
#define SSL_get_cipher_version(ssl) SSL_CIPHER_get_version(SSL_get_current_cipher(ssl))

#define TIDY_TLS_BUFSIZE 256

typedef struct {
    char common_name[TIDY_TLS_BUFSIZE];
    char country[TIDY_TLS_BUFSIZE];
    char email[TIDY_TLS_BUFSIZE];
    char locality_name[TIDY_TLS_BUFSIZE];
    char organization[TIDY_TLS_BUFSIZE];
    char organizational_unit_name[TIDY_TLS_BUFSIZE];
    char state_or_province_name[TIDY_TLS_BUFSIZE];
} X509_NAME;

typedef struct _SSL SSL;

typedef gnutls_datum_t X509;

typedef struct {
    unsigned connend;
    struct {
	int protocol[GNUTLS_MAX_ALGORITHM_NUM];
	int encrypts[GNUTLS_MAX_ALGORITHM_NUM];
	int compress[GNUTLS_MAX_ALGORITHM_NUM];
	int key_xchg[GNUTLS_MAX_ALGORITHM_NUM];
	int msg_code[GNUTLS_MAX_ALGORITHM_NUM];
    } priority;
} SSL_METHOD;

typedef struct {
    SSL *ssl;
    int error;
    const gnutls_datum_t *cert_list;
#define current_cert cert_list
} X509_STORE_CTX;

typedef struct {
    gnutls_certificate_type_t cert;
    gnutls_cipher_algorithm_t encrypts;
    gnutls_compression_method_t compress;
    gnutls_kx_algorithm_t key_xchg;
    gnutls_mac_algorithm_t msg_code;
    gnutls_protocol_t protocol;
} SSL_CIPHER;

typedef struct _SSL_CTX {
    SSL_METHOD *method;
    char *certfile;
    int certfile_type;
    char *keyfile;
    int keyfile_type;
    unsigned long options;

    int (*verify_callback) (int, X509_STORE_CTX *);
    int verify_mode;

    char *client_certfile;
    int client_certfile_type;
    char *client_keyfile;
    int client_keyfile_type;

} SSL_CTX;

struct _SSL {
    gnutls_session_t gnutls_state;

    gnutls_certificate_client_credentials gnutls_cred;

    SSL_CTX *ctx;
    SSL_CIPHER ciphersuite;

    int last_error;
    int shutdown;
    int state;
    unsigned long options;

    int (*verify_callback) (int, X509_STORE_CTX *);
    int verify_mode;

    gnutls_transport_ptr_t rfd;
    gnutls_transport_ptr_t wfd;

    void *sendbuffer;
    size_t bytes_sent;
};

/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
 * are 'ored' with SSL_VERIFY_PEER if they are desired */
#define SSL_VERIFY_PEER			0x01
/* *INDENT-OFF* */
extern SSL *SSL_new(SSL_CTX * ctx);
extern SSL_CIPHER *SSL_get_current_cipher(SSL * ssl);
extern SSL_CTX *SSL_CTX_new(SSL_METHOD * method);
extern SSL_METHOD *SSLv23_client_method(void);
extern const X509 *SSL_get_peer_certificate(SSL * ssl);
extern X509_NAME *X509_get_issuer_name(const X509 * cert);
extern X509_NAME *X509_get_subject_name(const X509 * cert);
extern char *X509_NAME_oneline(X509_NAME * name, char *buf, int len);
extern const char *ERR_error_string(unsigned long e, char *buf);
extern const char *RAND_file_name(char *buf, size_t len);
extern const char *SSL_CIPHER_get_name(SSL_CIPHER * cipher);
extern const char *SSL_CIPHER_get_version(SSL_CIPHER * cipher);
extern int RAND_bytes(unsigned char *buf, int num);
extern int RAND_load_file(const char *name, long maxbytes);
extern int RAND_status(void);
extern int RAND_write_file(const char *name);
extern int SSL_CIPHER_get_bits(SSL_CIPHER * cipher, int *bits);
extern int SSL_CTX_set_default_verify_paths(SSL_CTX * ctx);
extern int SSL_connect(SSL * ssl);
extern int SSL_library_init(void);
extern int SSL_read(SSL * ssl, void *buf, int len);
extern int SSL_set_fd(SSL * ssl, int fd);
extern int SSL_write(SSL * ssl, const void *buf, int len);
extern unsigned long ERR_get_error(void);
extern unsigned long SSL_CTX_set_options(SSL_CTX * ctx, unsigned long options);
extern void RAND_seed(const void *buf, int num);
extern void SSL_CTX_free(SSL_CTX * ctx);
extern void SSL_CTX_set_verify(SSL_CTX * ctx, int verify_mode, int (*verify_callback) (int, X509_STORE_CTX *));
extern void SSL_free(SSL * ssl);
extern void SSL_load_error_strings(void);
/* *INDENT-ON* */

#endif /* TIDY_TLS_H */