#ifndef TLS_COMPAT_H #define TLS_COMPAT_H #if !defined(NOSSL) || !NOSSL #include #include #include #define TLS_PROTOCOLS_ALL 0xffffffff typedef struct tls { SSL *ssl; SSL_CTX *ctx; int fd; } *tls_t; typedef struct tls_config { SSL_CTX *ctx; int verify_depth; int noverifycert; int noverifyname; int noverifytime; int muststaple; int session_fd; } *tls_config_t; #define TLS_WANT_POLLIN SSL_ERROR_WANT_READ #define TLS_WANT_POLLOUT SSL_ERROR_WANT_WRITE tls_config_t tls_config_new(void); void tls_config_free(tls_config_t config); int tls_config_set_ca_file(tls_config_t config, const char *ca_file); int tls_config_set_ca_path(tls_config_t config, const char *ca_path); int tls_config_set_ciphers(tls_config_t config, const char *ciphers); void tls_config_insecure_noverifycert(tls_config_t config); void tls_config_insecure_noverifyname(tls_config_t config); void tls_config_verify(tls_config_t config); int tls_config_set_verify_depth(tls_config_t config, int depth); void tls_config_ocsp_require_stapling(tls_config_t config); void tls_config_insecure_noverifytime(tls_config_t config); int tls_config_set_session_fd(tls_config_t config, int fd); int tls_config_parse_protocols(uint32_t *protocols, const char *protostr); int tls_config_set_protocols(tls_config_t config, uint32_t protocols); const char *tls_config_error(tls_config_t config); tls_t tls_client(void); int tls_configure(tls_t ctx, tls_config_t config); int tls_connect_socket(tls_t ctx, int s, const char *servername); int tls_handshake(tls_t ctx); int tls_verify_hostname(tls_t ctx, const char *hostname); int tls_read(tls_t ctx, void *buf, size_t buflen); int tls_write(tls_t ctx, const void *buf, size_t buflen); int tls_close(tls_t ctx); void tls_free(tls_t ctx); const char *tls_error(tls_t ctx); int tls_conn_session_resumed(tls_t ctx); #endif #endif