X-Git-Url: http://git.samba.org/?a=blobdiff_plain;f=source4%2Flib%2Ftls%2Ftls.h;h=f80282b9ccd51102483037a23af126b843e6580a;hb=046d35497b6614f42;hp=8f6eb67976485e357d8196fa020a259b66fa0f5d;hpb=97d489b21c692815adc4849538a5db7340439e7f;p=metze%2Fsamba%2Fwip.git

diff --git a/source4/lib/tls/tls.h b/source4/lib/tls/tls.h
index 8f6eb6797648..f80282b9ccd5 100644
--- a/source4/lib/tls/tls.h
+++ b/source4/lib/tls/tls.h
@@ -7,7 +7,7 @@
    
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
+   the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
    
    This program is distributed in the hope that it will be useful,
@@ -16,8 +16,7 @@
    GNU General Public License for more details.
    
    You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
 #ifndef _TLS_H_
@@ -25,10 +24,12 @@
 
 #include "lib/socket/socket.h"
 
+struct loadparm_context;
+
 /*
   call tls_initialise() once per task to startup the tls subsystem
 */
-struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx);
+struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
 
 /*
   call tls_init_server() on each new server connection
@@ -41,26 +42,138 @@ struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx);
 */
 struct socket_context *tls_init_server(struct tls_params *parms,
 				    struct socket_context *sock, 
-				    struct fd_event *fde,
+				    struct tevent_fd *fde,
 				    const char *plain_chars);
 
 /*
   call tls_init_client() on each new client connection
 */
 struct socket_context *tls_init_client(struct socket_context *sock, 
-				    struct fd_event *fde);
+				    struct tevent_fd *fde,
+				    const char *cafile);
 
 /*
   return True if a connection used tls
 */
-BOOL tls_enabled(struct socket_context *tls);
+bool tls_enabled(struct socket_context *tls);
 
 
 /*
   true if tls support is compiled in
 */
-BOOL tls_support(struct tls_params *parms);
+bool tls_support(struct tls_params *parms);
 
 const struct socket_ops *socket_tls_ops(enum socket_type type);
 
+struct tstream_context;
+struct tstream_tls_params;
+
+/**
+ * @brief Initiate a TLS tunnel on top of a given tstream
+ *
+ * @param[in]  mem_ctx
+ * @param[in]  ev
+ *
+ * @param[in]  plain_stream		The plain tstream which is used as transport.
+ *					It's important that the caller keeps the "plain"
+ *					tstream_context arround during the whole life
+ *					time of the "tls" tstream_context!
+ *					Note: tstream_disconnect_send()/recv() doesn't
+ *					disconnect the "plain" tstream_context.
+ *
+ * @param[in]  tls_params		...
+ *
+ * @return
+ *
+ * @see tstream_tls_connect_recv
+ */
+#ifdef DOXYGEN
+struct tevent_req *tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+					    struct tevent_context *ev,
+					    struct tstream_context *plain_stream,
+					    struct tstream_tls_params *tls_params);
+#else
+struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+					     struct tevent_context *ev,
+					     struct tstream_context *plain_stream,
+					     struct tstream_tls_params *tls_params,
+					     const char *location);
+#define tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params); \
+	_tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params, __location__)
 #endif
+
+/**
+ * @brief Receives the async result of tevent_tls_connect_send
+ *
+ * @param[in]  req
+ *
+ * @param[out] perrno
+ *
+ * @param[in]  mem_ctx
+ *
+ * @param[out] tls_stream
+ *
+ * @return
+ *
+ * @see tstream_tls_connect_send
+ */
+int tstream_tls_connect_recv(struct tevent_req *req,
+			     int *perrno,
+			     TALLOC_CTX *mem_ctx,
+			     struct tstream_context **tls_stream);
+
+/**
+ * @brief Accept a TLS tunnel on top of a given tstream
+ *
+ * @param[in]  mem_ctx
+ * @param[in]  ev
+ *
+ * @param[in]  plain_stream		The plain tstream which is used as transport.
+ *					It's important that the caller keeps the "plain"
+ *					tstream_context arround during the whole life
+ *					time of the "tls" tstream_context!
+ *					Note: tstream_disconnect_send()/recv() doesn't
+ *					disconnect the "plain" tstream_context.
+ *
+ * @param[in]  tls_params		...
+ *
+ * @return
+ *
+ * @see tstream_tls_accept_recv
+ */
+#ifdef DOXYGEN
+struct tevent_req *tstream_tls_accept_send(TALLOC_CTX *mem_ctx,
+					   struct tevent_context *ev,
+					   struct tstream_context *plain_stream,
+					   struct tstream_tls_params *tls_params);
+#else
+struct tevent_req *_tstream_tls_accept_send(TALLOC_CTX *mem_ctx,
+					    struct tevent_context *ev,
+					    struct tstream_context *plain_stream,
+					    struct tstream_tls_params *tls_params,
+					    const char *location);
+#define tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params); \
+	_tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params, __location__)
+#endif
+
+/**
+ * @brief Receives the async result of tevent_tls_accept_send
+ *
+ * @param[in]  req
+ *
+ * @param[out] perrno
+ *
+ * @param[in]  mem_ctx
+ *
+ * @param[out] tls_stream
+ *
+ * @return
+ *
+ * @see tstream_tls_accept_send
+ */
+int tstream_tls_accept_recv(struct tevent_req *req,
+			    int *perrno,
+			    TALLOC_CTX *mem_ctx,
+			    struct tstream_context **tls_stream);
+
+#endif /* _TLS_H_ */