1 /* 2 BAREOS® - Backup Archiving REcovery Open Sourced 3 4 Copyright (C) 2005-2009 Free Software Foundation Europe e.V. 5 6 This program is Free Software; you can redistribute it and/or 7 modify it under the terms of version two of the GNU Lesser General 8 Public License as published by the Free Software Foundation plus 9 additions in the file LICENSE. 10 11 This program is distributed in the hope that it will be useful, but 12 WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 Lesser Affero General Public License for more details. 15 16 You should have received a copy of the GNU Affero General Public License 17 along with this program; if not, write to the Free Software 18 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19 02110-1301, USA. 20 */ 21 /* 22 * tls.h TLS support functions 23 * 24 * Author: Landon Fuller <landonf@threerings.net> 25 */ 26 27 #ifndef BAREOS_LIB_TLS_H_ 28 #define BAREOS_LIB_TLS_H_ 29 30 #include "include/bareos.h" 31 #include "lib/get_tls_psk_by_fqname_callback.h" 32 33 class BareosSocket; 34 class JobControlRecord; 35 class PskCredentials; 36 37 class Tls { 38 public: 39 Tls(); 40 virtual ~Tls(); 41 Tls(Tls& other) = delete; 42 43 virtual bool init() = 0; 44 45 enum class TlsImplementationType 46 { 47 kTlsUnknown, 48 kTlsOpenSsl 49 }; 50 static Tls* CreateNewTlsContext(Tls::TlsImplementationType type); 51 52 virtual void SetTlsPskClientContext(const PskCredentials& credentials) = 0; 53 virtual void SetTlsPskServerContext(ConfigurationParser* config) = 0; 54 55 virtual bool TlsPostconnectVerifyHost(JobControlRecord* jcr, 56 const char* host) = 0; 57 virtual bool TlsPostconnectVerifyCn( 58 JobControlRecord* jcr, 59 const std::vector<std::string>& verify_list) = 0; 60 61 virtual bool TlsBsockAccept(BareosSocket* bsock) = 0; 62 virtual int TlsBsockWriten(BareosSocket* bsock, 63 char* ptr, 64 int32_t nbytes) = 0; 65 virtual int TlsBsockReadn(BareosSocket* bsock, char* ptr, int32_t nbytes) = 0; 66 virtual bool TlsBsockConnect(BareosSocket* bsock) = 0; 67 virtual void TlsBsockShutdown(BareosSocket* bsock) = 0; 68 virtual void TlsLogConninfo(JobControlRecord* jcr, 69 const char* host, 70 int port, 71 const char* who) const = 0; TlsCipherGetName()72 virtual std::string TlsCipherGetName() const { return std::string(); } 73 74 virtual void SetCipherList(const std::string& cipherlist) = 0; 75 76 virtual void Setca_certfile_(const std::string& ca_certfile) = 0; 77 virtual void SetCaCertdir(const std::string& ca_certdir) = 0; 78 virtual void SetCrlfile(const std::string& crlfile_) = 0; 79 virtual void SetCertfile(const std::string& certfile_) = 0; 80 virtual void SetKeyfile(const std::string& keyfile_) = 0; 81 virtual void SetPemCallback(CRYPTO_PEM_PASSWD_CB pem_callback) = 0; 82 virtual void SetPemUserdata(void* pem_userdata) = 0; 83 virtual void SetDhFile(const std::string& dhfile_) = 0; 84 virtual void SetVerifyPeer(const bool& verify_peer) = 0; 85 virtual void SetTcpFileDescriptor(const int& fd) = 0; 86 }; 87 88 #endif /* BAREOS_LIB_TLS_H_ */ 89