1*fb52cf35Schristos /* $NetBSD: tls_proxy_context_print.c,v 1.3 2022/10/08 16:12:50 christos Exp $ */
2e09e275dSchristos
3e09e275dSchristos /*++
4e09e275dSchristos /* NAME
5e09e275dSchristos /* tls_proxy_context_print
6e09e275dSchristos /* SUMMARY
7e09e275dSchristos /* write TLS_ATTR_STATE structure to stream
8e09e275dSchristos /* SYNOPSIS
9e09e275dSchristos /* #include <tls_proxy.h>
10e09e275dSchristos /*
11e09e275dSchristos /* int tls_proxy_context_print(print_fn, stream, flags, ptr)
12*fb52cf35Schristos /* ATTR_PRINT_COMMON_FN print_fn;
13e09e275dSchristos /* VSTREAM *stream;
14e09e275dSchristos /* int flags;
15*fb52cf35Schristos /* const void *ptr;
16e09e275dSchristos /* DESCRIPTION
17e09e275dSchristos /* tls_proxy_context_print() writes the public members of a
18e09e275dSchristos /* TLS_ATTR_STATE structure to the named stream using the
19e09e275dSchristos /* specified attribute print routine. tls_proxy_context_print()
20e09e275dSchristos /* is meant to be passed as a call-back to attr_print(), thusly:
21e09e275dSchristos /*
22*fb52cf35Schristos /* ... SEND_ATTR_FUNC(tls_proxy_context_print, (const void *) tls_context), ...
23e09e275dSchristos /* DIAGNOSTICS
24e09e275dSchristos /* Fatal: out of memory.
25e09e275dSchristos /* LICENSE
26e09e275dSchristos /* .ad
27e09e275dSchristos /* .fi
28e09e275dSchristos /* The Secure Mailer license must be distributed with this software.
29e09e275dSchristos /* AUTHOR(S)
30e09e275dSchristos /* Wietse Venema
31e09e275dSchristos /* IBM T.J. Watson Research
32e09e275dSchristos /* P.O. Box 704
33e09e275dSchristos /* Yorktown Heights, NY 10598, USA
34e09e275dSchristos /*
35e09e275dSchristos /* Wietse Venema
36e09e275dSchristos /* Google, Inc.
37e09e275dSchristos /* 111 8th Avenue
38e09e275dSchristos /* New York, NY 10011, USA
39e09e275dSchristos /*--*/
40e09e275dSchristos
41e09e275dSchristos #ifdef USE_TLS
42e09e275dSchristos
43e09e275dSchristos /* System library. */
44e09e275dSchristos
45e09e275dSchristos #include <sys_defs.h>
46e09e275dSchristos
47e09e275dSchristos /* Utility library */
48e09e275dSchristos
49e09e275dSchristos #include <attr.h>
50e09e275dSchristos
51e09e275dSchristos /* TLS library. */
52e09e275dSchristos
53e09e275dSchristos #include <tls.h>
54e09e275dSchristos #include <tls_proxy.h>
55e09e275dSchristos
56e09e275dSchristos /* tls_proxy_context_print - send TLS session state over stream */
57e09e275dSchristos
tls_proxy_context_print(ATTR_PRINT_COMMON_FN print_fn,VSTREAM * fp,int flags,const void * ptr)58*fb52cf35Schristos int tls_proxy_context_print(ATTR_PRINT_COMMON_FN print_fn, VSTREAM *fp,
59*fb52cf35Schristos int flags, const void *ptr)
60e09e275dSchristos {
61*fb52cf35Schristos const TLS_SESS_STATE *tp = (const TLS_SESS_STATE *) ptr;
62e09e275dSchristos int ret;
63e09e275dSchristos
64e09e275dSchristos #define STRING_OR_EMPTY(s) ((s) ? (s) : "")
65e09e275dSchristos
66e09e275dSchristos ret = print_fn(fp, flags | ATTR_FLAG_MORE,
67e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_PEER_CN,
68e09e275dSchristos STRING_OR_EMPTY(tp->peer_CN)),
69e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_ISSUER_CN,
70e09e275dSchristos STRING_OR_EMPTY(tp->issuer_CN)),
71e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_PEER_CERT_FPT,
72e09e275dSchristos STRING_OR_EMPTY(tp->peer_cert_fprint)),
73e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_PEER_PKEY_FPT,
74e09e275dSchristos STRING_OR_EMPTY(tp->peer_pkey_fprint)),
75*fb52cf35Schristos SEND_ATTR_INT(TLS_ATTR_SEC_LEVEL,
76*fb52cf35Schristos tp->level),
77e09e275dSchristos SEND_ATTR_INT(TLS_ATTR_PEER_STATUS,
78e09e275dSchristos tp->peer_status),
79e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_CIPHER_PROTOCOL,
80e09e275dSchristos STRING_OR_EMPTY(tp->protocol)),
81e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_CIPHER_NAME,
82e09e275dSchristos STRING_OR_EMPTY(tp->cipher_name)),
83e09e275dSchristos SEND_ATTR_INT(TLS_ATTR_CIPHER_USEBITS,
84e09e275dSchristos tp->cipher_usebits),
85e09e275dSchristos SEND_ATTR_INT(TLS_ATTR_CIPHER_ALGBITS,
86e09e275dSchristos tp->cipher_algbits),
87e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_KEX_NAME,
88e09e275dSchristos STRING_OR_EMPTY(tp->kex_name)),
89e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_KEX_CURVE,
90e09e275dSchristos STRING_OR_EMPTY(tp->kex_curve)),
91e09e275dSchristos SEND_ATTR_INT(TLS_ATTR_KEX_BITS,
92e09e275dSchristos tp->kex_bits),
93e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_CLNT_SIG_NAME,
94e09e275dSchristos STRING_OR_EMPTY(tp->clnt_sig_name)),
95e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_CLNT_SIG_CURVE,
96e09e275dSchristos STRING_OR_EMPTY(tp->clnt_sig_curve)),
97e09e275dSchristos SEND_ATTR_INT(TLS_ATTR_CLNT_SIG_BITS,
98e09e275dSchristos tp->clnt_sig_bits),
99e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_CLNT_SIG_DGST,
100e09e275dSchristos STRING_OR_EMPTY(tp->clnt_sig_dgst)),
101e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_SRVR_SIG_NAME,
102e09e275dSchristos STRING_OR_EMPTY(tp->srvr_sig_name)),
103e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_SRVR_SIG_CURVE,
104e09e275dSchristos STRING_OR_EMPTY(tp->srvr_sig_curve)),
105e09e275dSchristos SEND_ATTR_INT(TLS_ATTR_SRVR_SIG_BITS,
106e09e275dSchristos tp->srvr_sig_bits),
107e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_SRVR_SIG_DGST,
108e09e275dSchristos STRING_OR_EMPTY(tp->srvr_sig_dgst)),
109e09e275dSchristos SEND_ATTR_STR(TLS_ATTR_NAMADDR,
110e09e275dSchristos STRING_OR_EMPTY(tp->namaddr)),
111e09e275dSchristos ATTR_TYPE_END);
112e09e275dSchristos /* Do not flush the stream. */
113e09e275dSchristos return (ret);
114e09e275dSchristos }
115e09e275dSchristos
116e09e275dSchristos #endif
117