summaryrefslogtreecommitdiff
path: root/lib/rsp_tlscommon.h
diff options
context:
space:
mode:
authorLinus Nordberg <linus@nordu.net>2010-11-11 10:30:35 +0100
committerLinus Nordberg <linus@nordu.net>2010-11-11 10:30:35 +0100
commit83e82dba47aced4a93f9e431b4d8bca94c2f8517 (patch)
tree7ff1779ea924d557b6ded9bd21c0cc8a65f062dd /lib/rsp_tlscommon.h
parentf9b25cad24ec4e3e89e818457beb29cbe08eed0c (diff)
Bringing up TLS connections working.
NOTE: Clean up of resources not yet sane. Expect resource leakages. NOTE: Most failure cases are not handled properly. With the wind at your back and the sun shining, it might work.
Diffstat (limited to 'lib/rsp_tlscommon.h')
-rw-r--r--lib/rsp_tlscommon.h40
1 files changed, 40 insertions, 0 deletions
diff --git a/lib/rsp_tlscommon.h b/lib/rsp_tlscommon.h
new file mode 100644
index 0000000..d7e0930
--- /dev/null
+++ b/lib/rsp_tlscommon.h
@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2006-2008 Stig Venaas <venaas@uninett.no>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ */
+
+#include <openssl/ssl.h>
+
+struct tls {
+ char *name;
+ char *cacertfile;
+ char *cacertpath;
+ char *certfile;
+ char *certkeyfile;
+ char *certkeypwd;
+ uint8_t crlcheck;
+ char **policyoids;
+ uint32_t cacheexpiry;
+ uint32_t tlsexpiry;
+ uint32_t dtlsexpiry;
+ X509_VERIFY_PARAM *vpm;
+ SSL_CTX *tlsctx;
+ SSL_CTX *dtlsctx;
+};
+
+#if defined(RADPROT_TLS) || defined(RADPROT_DTLS)
+void ssl_init();
+struct tls *tlsgettls(char *alt1, char *alt2);
+SSL_CTX *tlsgetctx(uint8_t type, struct tls *t);
+X509 *verifytlscert(SSL *ssl);
+int verifyconfcert(X509 *cert, struct clsrvconf *conf);
+int conftls_cb(struct gconffile **cf, void *arg, char *block, char *opt, char *val);
+int addmatchcertattr(struct clsrvconf *conf);
+#endif
+
+/* Local Variables: */
+/* c-file-style: "stroustrup" */
+/* End: */