1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
#ifndef TLS_COMPAT_H
#define TLS_COMPAT_H
#if !defined(NOSSL) || !NOSSL
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/x509v3.h>
#define TLS_PROTOCOLS_ALL 0xffffffff
typedef struct tls {
SSL *ssl;
SSL_CTX *ctx;
int fd;
} *tls_t;
typedef struct tls_config {
SSL_CTX *ctx;
int verify_depth;
int noverifycert;
int noverifyname;
int noverifytime;
int muststaple;
int session_fd;
} *tls_config_t;
#define TLS_WANT_POLLIN SSL_ERROR_WANT_READ
#define TLS_WANT_POLLOUT SSL_ERROR_WANT_WRITE
tls_config_t tls_config_new(void);
void tls_config_free(tls_config_t config);
int tls_config_set_ca_file(tls_config_t config, const char *ca_file);
int tls_config_set_ca_path(tls_config_t config, const char *ca_path);
int tls_config_set_ciphers(tls_config_t config, const char *ciphers);
void tls_config_insecure_noverifycert(tls_config_t config);
void tls_config_insecure_noverifyname(tls_config_t config);
void tls_config_verify(tls_config_t config);
int tls_config_set_verify_depth(tls_config_t config, int depth);
void tls_config_ocsp_require_stapling(tls_config_t config);
void tls_config_insecure_noverifytime(tls_config_t config);
int tls_config_set_session_fd(tls_config_t config, int fd);
int tls_config_parse_protocols(uint32_t *protocols, const char *protostr);
int tls_config_set_protocols(tls_config_t config, uint32_t protocols);
const char *tls_config_error(tls_config_t config);
tls_t tls_client(void);
int tls_configure(tls_t ctx, tls_config_t config);
int tls_connect_socket(tls_t ctx, int s, const char *servername);
int tls_handshake(tls_t ctx);
int tls_verify_hostname(tls_t ctx, const char *hostname);
int tls_read(tls_t ctx, void *buf, size_t buflen);
int tls_write(tls_t ctx, const void *buf, size_t buflen);
int tls_close(tls_t ctx);
void tls_free(tls_t ctx);
const char *tls_error(tls_t ctx);
int tls_conn_session_resumed(tls_t ctx);
#endif
#endif
|