1 /* 2 * $LynxId: tidy_tls.h,v 1.8 2015/10/12 00:28:18 tom Exp $ 3 * Copyright 2008-2013,2015 Thomas E. Dickey 4 */ 5 #ifndef TIDY_TLS_H 6 #define TIDY_TLS_H 7 8 #include <gnutls/gnutls.h> 9 10 #define OPENSSL_VERSION_NUMBER (0x0090604F) 11 #define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER 12 13 #define SSLeay_add_ssl_algorithms() SSL_library_init() 14 15 #define SSL_ST_OK (1) 16 17 #define SSL_OP_ALL (0x000FFFFF) 18 #define SSL_OP_NO_SSLv2 (0x00100000) 19 #define SSL_OP_NO_SSLv3 (0x00200000) 20 #define SSL_OP_NO_TLSv1 (0x00400000) 21 22 #define SSL_get_cipher_name(ssl) SSL_CIPHER_get_name(SSL_get_current_cipher(ssl)) 23 #define SSL_get_cipher(ssl) SSL_get_cipher_name(ssl) 24 #define SSL_get_cipher_bits(ssl,bp) SSL_CIPHER_get_bits(SSL_get_current_cipher(ssl),(bp)) 25 #define SSL_get_cipher_version(ssl) SSL_CIPHER_get_version(SSL_get_current_cipher(ssl)) 26 27 #define TIDY_TLS_BUFSIZE 256 28 29 typedef struct { 30 char common_name[TIDY_TLS_BUFSIZE]; 31 char country[TIDY_TLS_BUFSIZE]; 32 char email[TIDY_TLS_BUFSIZE]; 33 char locality_name[TIDY_TLS_BUFSIZE]; 34 char organization[TIDY_TLS_BUFSIZE]; 35 char organizational_unit_name[TIDY_TLS_BUFSIZE]; 36 char state_or_province_name[TIDY_TLS_BUFSIZE]; 37 } X509_NAME; 38 39 typedef struct _SSL SSL; 40 41 typedef gnutls_datum_t X509; 42 43 typedef struct { 44 unsigned connend; 45 struct { 46 int protocol[GNUTLS_MAX_ALGORITHM_NUM]; 47 int encrypts[GNUTLS_MAX_ALGORITHM_NUM]; 48 int compress[GNUTLS_MAX_ALGORITHM_NUM]; 49 int key_xchg[GNUTLS_MAX_ALGORITHM_NUM]; 50 int msg_code[GNUTLS_MAX_ALGORITHM_NUM]; 51 } priority; 52 } SSL_METHOD; 53 54 typedef struct { 55 SSL *ssl; 56 int error; 57 const gnutls_datum_t *cert_list; 58 #define current_cert cert_list 59 } X509_STORE_CTX; 60 61 typedef struct { 62 gnutls_certificate_type_t cert; 63 gnutls_cipher_algorithm_t encrypts; 64 gnutls_compression_method_t compress; 65 gnutls_kx_algorithm_t key_xchg; 66 gnutls_mac_algorithm_t msg_code; 67 gnutls_protocol_t protocol; 68 } SSL_CIPHER; 69 70 typedef struct _SSL_CTX { 71 SSL_METHOD *method; 72 char *certfile; 73 int certfile_type; 74 char *keyfile; 75 int keyfile_type; 76 unsigned long options; 77 78 int (*verify_callback) (int, X509_STORE_CTX *); 79 int verify_mode; 80 81 char *client_certfile; 82 int client_certfile_type; 83 char *client_keyfile; 84 int client_keyfile_type; 85 86 } SSL_CTX; 87 88 struct _SSL { 89 gnutls_session_t gnutls_state; 90 91 gnutls_certificate_client_credentials gnutls_cred; 92 93 SSL_CTX *ctx; 94 SSL_CIPHER ciphersuite; 95 96 int last_error; 97 int shutdown; 98 int state; 99 unsigned long options; 100 101 int (*verify_callback) (int, X509_STORE_CTX *); 102 int verify_mode; 103 104 gnutls_transport_ptr_t rfd; 105 gnutls_transport_ptr_t wfd; 106 107 void *sendbuffer; 108 size_t bytes_sent; 109 }; 110 111 /* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options 112 * are 'ored' with SSL_VERIFY_PEER if they are desired */ 113 #define SSL_VERIFY_PEER 0x01 114 /* *INDENT-OFF* */ 115 extern SSL *SSL_new(SSL_CTX * ctx); 116 extern SSL_CIPHER *SSL_get_current_cipher(SSL * ssl); 117 extern SSL_CTX *SSL_CTX_new(SSL_METHOD * method); 118 extern SSL_METHOD *SSLv23_client_method(void); 119 extern const X509 *SSL_get_peer_certificate(SSL * ssl); 120 extern X509_NAME *X509_get_issuer_name(const X509 * cert); 121 extern X509_NAME *X509_get_subject_name(const X509 * cert); 122 extern char *X509_NAME_oneline(X509_NAME * name, char *buf, int len); 123 extern const char *ERR_error_string(unsigned long e, char *buf); 124 extern const char *RAND_file_name(char *buf, size_t len); 125 extern const char *SSL_CIPHER_get_name(SSL_CIPHER * cipher); 126 extern const char *SSL_CIPHER_get_version(SSL_CIPHER * cipher); 127 extern int RAND_bytes(unsigned char *buf, int num); 128 extern int RAND_load_file(const char *name, long maxbytes); 129 extern int RAND_status(void); 130 extern int RAND_write_file(const char *name); 131 extern int SSL_CIPHER_get_bits(SSL_CIPHER * cipher, int *bits); 132 extern int SSL_CTX_set_default_verify_paths(SSL_CTX * ctx); 133 extern int SSL_connect(SSL * ssl); 134 extern int SSL_library_init(void); 135 extern int SSL_read(SSL * ssl, void *buf, int len); 136 extern int SSL_set_fd(SSL * ssl, int fd); 137 extern int SSL_write(SSL * ssl, const void *buf, int len); 138 extern unsigned long ERR_get_error(void); 139 extern unsigned long SSL_CTX_set_options(SSL_CTX * ctx, unsigned long options); 140 extern void RAND_seed(const void *buf, int num); 141 extern void SSL_CTX_free(SSL_CTX * ctx); 142 extern void SSL_CTX_set_verify(SSL_CTX * ctx, int verify_mode, int (*verify_callback) (int, X509_STORE_CTX *)); 143 extern void SSL_free(SSL * ssl); 144 extern void SSL_load_error_strings(void); 145 /* *INDENT-ON* */ 146 147 #endif /* TIDY_TLS_H */ 148