This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef _TLS_H_
#define _TLS_H_
+#include "lib/socket/socket.h"
+
+struct loadparm_context;
+
/*
call tls_initialise() once per task to startup the tls subsystem
*/
-struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx);
+struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
/*
call tls_init_server() on each new server connection
*/
struct socket_context *tls_init_server(struct tls_params *parms,
struct socket_context *sock,
- struct fd_event *fde,
+ struct tevent_fd *fde,
const char *plain_chars);
/*
call tls_init_client() on each new client connection
*/
struct socket_context *tls_init_client(struct socket_context *sock,
- struct fd_event *fde);
+ struct tevent_fd *fde,
+ const char *cafile);
/*
return True if a connection used tls
*/
-BOOL tls_enabled(struct socket_context *tls);
+bool tls_enabled(struct socket_context *tls);
/*
true if tls support is compiled in
*/
-BOOL tls_support(struct tls_params *parms);
+bool tls_support(struct tls_params *parms);
const struct socket_ops *socket_tls_ops(enum socket_type type);
+struct tstream_context;
+struct tstream_tls_params;
+
+/**
+ * @brief Initiate a TLS tunnel on top of a given tstream
+ *
+ * @param[in] mem_ctx
+ * @param[in] ev
+ *
+ * @param[in] plain_stream The plain tstream which is used as transport.
+ * It's important that the caller keeps the "plain"
+ * tstream_context arround during the whole life
+ * time of the "tls" tstream_context!
+ * Note: tstream_disconnect_send()/recv() doesn't
+ * disconnect the "plain" tstream_context.
+ *
+ * @param[in] tls_params ...
+ *
+ * @return
+ *
+ * @see tstream_tls_connect_recv
+ */
+#ifdef DOXYGEN
+struct tevent_req *tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *plain_stream,
+ struct tstream_tls_params *tls_params);
+#else
+struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *plain_stream,
+ struct tstream_tls_params *tls_params,
+ const char *location);
+#define tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params); \
+ _tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params, __location__)
+#endif
+
+/**
+ * @brief Receives the async result of tevent_tls_connect_send
+ *
+ * @param[in] req
+ *
+ * @param[out] perrno
+ *
+ * @param[in] mem_ctx
+ *
+ * @param[out] tls_stream
+ *
+ * @return
+ *
+ * @see tstream_tls_connect_send
+ */
+int tstream_tls_connect_recv(struct tevent_req *req,
+ int *perrno,
+ TALLOC_CTX *mem_ctx,
+ struct tstream_context **tls_stream);
+
+/**
+ * @brief Accept a TLS tunnel on top of a given tstream
+ *
+ * @param[in] mem_ctx
+ * @param[in] ev
+ *
+ * @param[in] plain_stream The plain tstream which is used as transport.
+ * It's important that the caller keeps the "plain"
+ * tstream_context arround during the whole life
+ * time of the "tls" tstream_context!
+ * Note: tstream_disconnect_send()/recv() doesn't
+ * disconnect the "plain" tstream_context.
+ *
+ * @param[in] tls_params ...
+ *
+ * @return
+ *
+ * @see tstream_tls_accept_recv
+ */
+#ifdef DOXYGEN
+struct tevent_req *tstream_tls_accept_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *plain_stream,
+ struct tstream_tls_params *tls_params);
+#else
+struct tevent_req *_tstream_tls_accept_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *plain_stream,
+ struct tstream_tls_params *tls_params,
+ const char *location);
+#define tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params); \
+ _tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params, __location__)
#endif
+
+/**
+ * @brief Receives the async result of tevent_tls_accept_send
+ *
+ * @param[in] req
+ *
+ * @param[out] perrno
+ *
+ * @param[in] mem_ctx
+ *
+ * @param[out] tls_stream
+ *
+ * @return
+ *
+ * @see tstream_tls_accept_send
+ */
+int tstream_tls_accept_recv(struct tevent_req *req,
+ int *perrno,
+ TALLOC_CTX *mem_ctx,
+ struct tstream_context **tls_stream);
+
+#endif /* _TLS_H_ */
git.samba.org / metze / samba / wip.git / blobdiff