1 /*
2    BAREOS® - Backup Archiving REcovery Open Sourced
3 
4    Copyright (C) 2005-2009 Free Software Foundation Europe e.V.
5 
6    This program is Free Software; you can redistribute it and/or
7    modify it under the terms of version two of the GNU Lesser General
8    Public License as published by the Free Software Foundation plus
9    additions in the file LICENSE.
10 
11    This program is distributed in the hope that it will be useful, but
12    WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14    Lesser Affero General Public License for more details.
15 
16    You should have received a copy of the GNU Affero General Public License
17    along with this program; if not, write to the Free Software
18    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
19    02110-1301, USA.
20 */
21 /*
22  * tls.h TLS support functions
23  *
24  * Author: Landon Fuller <landonf@threerings.net>
25  */
26 
27 #ifndef BAREOS_LIB_TLS_H_
28 #define BAREOS_LIB_TLS_H_
29 
30 #include "include/bareos.h"
31 #include "lib/get_tls_psk_by_fqname_callback.h"
32 
33 class BareosSocket;
34 class JobControlRecord;
35 class PskCredentials;
36 
37 class Tls {
38  public:
39   Tls();
40   virtual ~Tls();
41   Tls(Tls& other) = delete;
42 
43   virtual bool init() = 0;
44 
45   enum class TlsImplementationType
46   {
47     kTlsUnknown,
48     kTlsOpenSsl
49   };
50   static Tls* CreateNewTlsContext(Tls::TlsImplementationType type);
51 
52   virtual void SetTlsPskClientContext(const PskCredentials& credentials) = 0;
53   virtual void SetTlsPskServerContext(ConfigurationParser* config) = 0;
54 
55   virtual bool TlsPostconnectVerifyHost(JobControlRecord* jcr,
56                                         const char* host) = 0;
57   virtual bool TlsPostconnectVerifyCn(
58       JobControlRecord* jcr,
59       const std::vector<std::string>& verify_list) = 0;
60 
61   virtual bool TlsBsockAccept(BareosSocket* bsock) = 0;
62   virtual int TlsBsockWriten(BareosSocket* bsock,
63                              char* ptr,
64                              int32_t nbytes) = 0;
65   virtual int TlsBsockReadn(BareosSocket* bsock, char* ptr, int32_t nbytes) = 0;
66   virtual bool TlsBsockConnect(BareosSocket* bsock) = 0;
67   virtual void TlsBsockShutdown(BareosSocket* bsock) = 0;
68   virtual void TlsLogConninfo(JobControlRecord* jcr,
69                               const char* host,
70                               int port,
71                               const char* who) const = 0;
TlsCipherGetName()72   virtual std::string TlsCipherGetName() const { return std::string(); }
73 
74   virtual void SetCipherList(const std::string& cipherlist) = 0;
75 
76   virtual void Setca_certfile_(const std::string& ca_certfile) = 0;
77   virtual void SetCaCertdir(const std::string& ca_certdir) = 0;
78   virtual void SetCrlfile(const std::string& crlfile_) = 0;
79   virtual void SetCertfile(const std::string& certfile_) = 0;
80   virtual void SetKeyfile(const std::string& keyfile_) = 0;
81   virtual void SetPemCallback(CRYPTO_PEM_PASSWD_CB pem_callback) = 0;
82   virtual void SetPemUserdata(void* pem_userdata) = 0;
83   virtual void SetDhFile(const std::string& dhfile_) = 0;
84   virtual void SetVerifyPeer(const bool& verify_peer) = 0;
85   virtual void SetTcpFileDescriptor(const int& fd) = 0;
86 };
87 
88 #endif /* BAREOS_LIB_TLS_H_ */
89