diff options
Diffstat (limited to 'tls_compat.h')
| -rw-r--r-- | tls_compat.h | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/tls_compat.h b/tls_compat.h new file mode 100644 index 0000000..3283fa4 --- /dev/null +++ b/tls_compat.h @@ -0,0 +1,60 @@ +#ifndef TLS_COMPAT_H +#define TLS_COMPAT_H + +#if !defined(NOSSL) || !NOSSL + +#include <openssl/ssl.h> +#include <openssl/err.h> +#include <openssl/x509v3.h> + +#define TLS_PROTOCOLS_ALL 0xffffffff + +typedef struct tls { + SSL *ssl; + SSL_CTX *ctx; + int fd; +} *tls_t; + +typedef struct tls_config { + SSL_CTX *ctx; + int verify_depth; + int noverifycert; + int noverifyname; + int noverifytime; + int muststaple; + int session_fd; +} *tls_config_t; + +#define TLS_WANT_POLLIN SSL_ERROR_WANT_READ +#define TLS_WANT_POLLOUT SSL_ERROR_WANT_WRITE + +tls_config_t tls_config_new(void); +void tls_config_free(tls_config_t config); +int tls_config_set_ca_file(tls_config_t config, const char *ca_file); +int tls_config_set_ca_path(tls_config_t config, const char *ca_path); +int tls_config_set_ciphers(tls_config_t config, const char *ciphers); +void tls_config_insecure_noverifycert(tls_config_t config); +void tls_config_insecure_noverifyname(tls_config_t config); +void tls_config_verify(tls_config_t config); +int tls_config_set_verify_depth(tls_config_t config, int depth); +void tls_config_ocsp_require_stapling(tls_config_t config); +void tls_config_insecure_noverifytime(tls_config_t config); +int tls_config_set_session_fd(tls_config_t config, int fd); +int tls_config_parse_protocols(uint32_t *protocols, const char *protostr); +int tls_config_set_protocols(tls_config_t config, uint32_t protocols); +const char *tls_config_error(tls_config_t config); + +tls_t tls_client(void); +int tls_configure(tls_t ctx, tls_config_t config); +int tls_connect_socket(tls_t ctx, int s, const char *servername); +int tls_handshake(tls_t ctx); +int tls_read(tls_t ctx, void *buf, size_t buflen); +int tls_write(tls_t ctx, const void *buf, size_t buflen); +int tls_close(tls_t ctx); +void tls_free(tls_t ctx); +const char *tls_error(tls_t ctx); +int tls_conn_session_resumed(tls_t ctx); + +#endif + +#endif \ No newline at end of file |