From 83e82dba47aced4a93f9e431b4d8bca94c2f8517 Mon Sep 17 00:00:00 2001 From: Linus Nordberg Date: Thu, 11 Nov 2010 10:30:35 +0100 Subject: Bringing up TLS connections working. NOTE: Clean up of resources not yet sane. Expect resource leakages. NOTE: Most failure cases are not handled properly. With the wind at your back and the sun shining, it might work. --- lib/include/radsec/radsec-impl.h | 12 ++++++++++++ lib/include/radsec/radsec.h | 2 ++ 2 files changed, 14 insertions(+) (limited to 'lib/include') diff --git a/lib/include/radsec/radsec-impl.h b/lib/include/radsec/radsec-impl.h index 6e5ee83..2b3d878 100644 --- a/lib/include/radsec/radsec-impl.h +++ b/lib/include/radsec/radsec-impl.h @@ -5,6 +5,9 @@ #include #include +#if defined(RS_ENABLE_TLS) +#include +#endif /* Constants. */ #define RS_HEADER_LEN 4 @@ -32,6 +35,7 @@ struct rs_error { struct rs_peer { struct rs_connection *conn; + struct rs_realm *realm; struct evutil_addrinfo *addr; int fd; /* Socket. */ char is_connecting; /* FIXME: replace with a single state member */ @@ -45,6 +49,10 @@ struct rs_peer { struct rs_realm { char *name; enum rs_conn_type type; + char *cacertfile; + char *cacertpath; + char *certfile; + char *certkeyfile; struct rs_peer *peers; struct rs_realm *next; }; @@ -69,6 +77,10 @@ struct rs_connection { struct rs_error *err; int nextid; int user_dispatch_flag : 1; /* User does the dispatching. */ +#if defined(RS_ENABLE_TLS) + SSL_CTX *tls_ctx; + SSL *tls_ssl; +#endif }; struct rs_packet { diff --git a/lib/include/radsec/radsec.h b/lib/include/radsec/radsec.h index 8e97072..d80c296 100644 --- a/lib/include/radsec/radsec.h +++ b/lib/include/radsec/radsec.h @@ -18,6 +18,8 @@ enum rs_err_code { RSE_CONNERR = 10, RSE_CONFIG = 11, RSE_BADAUTH = 12, + RSE_INTERNAL = 13, + RSE_SSLERR = 14, RSE_SOME_ERROR = 21, }; -- cgit v1.1