s4:lib/tls: fix enabled logic in tstream_tls_params_server()

[metze/samba/wip.git] / source4 / lib / tls / tls.h

diff --git a/source4/lib/tls/tls.h b/source4/lib/tls/tls.h
index 8f6eb67976485e357d8196fa020a259b66fa0f5d..e1bd9edb51cf1b3637ae7695f4cce46e0e0fee68 100644 (file)
--- a/source4/lib/tls/tls.h
+++ b/source4/lib/tls/tls.h
@@ -7,7 +7,7 @@
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by

-   the Free Software Foundation; either version 2 of the License, or
+   the Free Software Foundation; either version 3 of the License, or

    (at your option) any later version.
    
    This program is distributed in the hope that it will be useful,
    (at your option) any later version.
    
    This program is distributed in the hope that it will be useful,


@@ -16,8 +16,7 @@
    GNU General Public License for more details.
    
    You should have received a copy of the GNU General Public License
    GNU General Public License for more details.
    
    You should have received a copy of the GNU General Public License

-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.

 */
 
 #ifndef _TLS_H_
 */
 
 #ifndef _TLS_H_


@@ -25,10 +24,12 @@
 
 #include "lib/socket/socket.h"
 
 
 #include "lib/socket/socket.h"
 

+struct loadparm_context;
+

 /*
   call tls_initialise() once per task to startup the tls subsystem
 */
 /*
   call tls_initialise() once per task to startup the tls subsystem
 */

-struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx);
+struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);

 
 /*
   call tls_init_server() on each new server connection
 
 /*
   call tls_init_server() on each new server connection


@@ -41,26 +42,73 @@ struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx);
 */
 struct socket_context *tls_init_server(struct tls_params *parms,
                                    struct socket_context *sock, 
 */
 struct socket_context *tls_init_server(struct tls_params *parms,
                                    struct socket_context *sock, 

-                                   struct fd_event *fde,
+                                   struct tevent_fd *fde,

                                    const char *plain_chars);
 
 /*
   call tls_init_client() on each new client connection
 */
 struct socket_context *tls_init_client(struct socket_context *sock, 
                                    const char *plain_chars);
 
 /*
   call tls_init_client() on each new client connection
 */
 struct socket_context *tls_init_client(struct socket_context *sock, 

-                                   struct fd_event *fde);
+                                   struct tevent_fd *fde,
+                                   const char *cafile);

 
 /*
   return True if a connection used tls
 */
 
 /*
   return True if a connection used tls
 */

-BOOL tls_enabled(struct socket_context *tls);
+bool tls_enabled(struct socket_context *tls);

 
 
 /*
   true if tls support is compiled in
 */
 
 
 /*
   true if tls support is compiled in
 */

-BOOL tls_support(struct tls_params *parms);
+bool tls_support(struct tls_params *parms);

 
 const struct socket_ops *socket_tls_ops(enum socket_type type);
 
 
 const struct socket_ops *socket_tls_ops(enum socket_type type);
 

-#endif
+struct tstream_context;
+struct tstream_tls_params;
+
+NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx,
+                                  const char *ca_file,
+                                  const char *crl_file,
+                                  struct tstream_tls_params **_tlsp);
+
+NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
+                                  const char *dns_host_name,
+                                  bool enabled,
+                                  const char *key_file,
+                                  const char *cert_file,
+                                  const char *ca_file,
+                                  const char *crl_file,
+                                  const char *dhp_file,
+                                  struct tstream_tls_params **_params);
+
+bool tstream_tls_params_enabled(struct tstream_tls_params *params);
+
+struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+                                            struct tevent_context *ev,
+                                            struct tstream_context *plain_stream,
+                                            struct tstream_tls_params *tls_params,
+                                            const char *location);
+#define tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params); \
+       _tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params, __location__)
+
+int tstream_tls_connect_recv(struct tevent_req *req,
+                            int *perrno,
+                            TALLOC_CTX *mem_ctx,
+                            struct tstream_context **tls_stream);
+
+struct tevent_req *_tstream_tls_accept_send(TALLOC_CTX *mem_ctx,
+                                           struct tevent_context *ev,
+                                           struct tstream_context *plain_stream,
+                                           struct tstream_tls_params *tls_params,
+                                           const char *location);
+#define tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params) \
+       _tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params, __location__)
+
+int tstream_tls_accept_recv(struct tevent_req *req,
+                           int *perrno,
+                           TALLOC_CTX *mem_ctx,
+                           struct tstream_context **tls_stream);
+
+#endif /* _TLS_H_ */