1 files changed, 72 insertions, 0 deletions
diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h
new file mode 100644
index 0000000000..da696e228d
--- /dev/null
+++ b/src/lib/libtls/tls_internal.h
@@ -0,0 +1,72 @@
+/* $OpenBSD: tls_internal.h,v 1.1 2014/10/31 13:46:17 jsing Exp $ */
+/*
+ * Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
+ * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+#ifndef HEADER_TLS_INTERNAL_H
+#define HEADER_TLS_INTERNAL_H
+#include <openssl/ssl.h>
+#define HTTPS_PORT "443"
+#define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"
+struct tls_config {
+        const char *ca_file;
+        const char *ca_path;
+        const char *cert_file;
+        char *cert_mem;
+        size_t cert_len;
+        const char *ciphers;
+        int ecdhcurve;
+        const char *key_file;
+        char *key_mem;
+        size_t key_len;
+        uint32_t protocols;
+        int verify_cert;
+        int verify_host;
+        int verify_depth;
+};
+#define TLS_CLIENT              (1 << 0)
+#define TLS_SERVER              (1 << 1)
+#define TLS_SERVER_CONN (1 << 2)
+struct tls {
+        struct tls_config *config;
+        uint64_t flags;
+        int err;
+        char *errmsg;
+        int socket;
+        SSL *ssl_conn;
+        SSL_CTX *ssl_ctx;
+};
+struct tls *tls_new(void);
+struct tls *tls_server_conn(struct tls *ctx);
+int tls_check_hostname(X509 *cert, const char *host);
+int tls_configure_keypair(struct tls *ctx);
+int tls_configure_server(struct tls *ctx);
+int tls_configure_ssl(struct tls *ctx);
+int tls_host_port(const char *hostport, char **host, char **port);
+int tls_set_error(struct tls *ctx, char *fmt, ...);
+#endif /* HEADER_TLS_INTERNAL_H */

diff --git a/src/lib/libtls/tls_internal.h b/src/lib/libtls/tls_internal.h new file mode 100644 index 0000000000..da696e228d --- /dev/null +++ b/src/lib/libtls/tls_internal.h
@@ -0,0 +1,72 @@
	1	/* $OpenBSD: tls_internal.h,v 1.1 2014/10/31 13:46:17 jsing Exp $ */
	2	/*
	3	* Copyright (c) 2014 Jeremie Courreges-Anglas <jca@openbsd.org>
	4	* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
	5	*
	6	* Permission to use, copy, modify, and distribute this software for any
	7	* purpose with or without fee is hereby granted, provided that the above
	8	* copyright notice and this permission notice appear in all copies.
	9	*
	10	* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	11	* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	12	* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	13	* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	14	* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	15	* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	16	* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	17	*/
	18
	19	#ifndef HEADER_TLS_INTERNAL_H
	20	#define HEADER_TLS_INTERNAL_H
	21
	22	#include <openssl/ssl.h>
	23
	24	#define HTTPS_PORT "443"
	25
	26	#define _PATH_SSL_CA_FILE "/etc/ssl/cert.pem"
	27
	28	struct tls_config {
	29	const char *ca_file;
	30	const char *ca_path;
	31	const char *cert_file;
	32	char *cert_mem;
	33	size_t cert_len;
	34	const char *ciphers;
	35	int ecdhcurve;
	36	const char *key_file;
	37	char *key_mem;
	38	size_t key_len;
	39	uint32_t protocols;
	40	int verify_cert;
	41	int verify_host;
	42	int verify_depth;
	43	};
	44
	45	#define TLS_CLIENT (1 << 0)
	46	#define TLS_SERVER (1 << 1)
	47	#define TLS_SERVER_CONN (1 << 2)
	48
	49	struct tls {
	50	struct tls_config *config;
	51	uint64_t flags;
	52
	53	int err;
	54	char *errmsg;
	55
	56	int socket;
	57
	58	SSL *ssl_conn;
	59	SSL_CTX *ssl_ctx;
	60	};
	61
	62	struct tls *tls_new(void);
	63	struct tls tls_server_conn(struct tls ctx);
	64
	65	int tls_check_hostname(X509 cert, const char host);
	66	int tls_configure_keypair(struct tls *ctx);
	67	int tls_configure_server(struct tls *ctx);
	68	int tls_configure_ssl(struct tls *ctx);
	69	int tls_host_port(const char hostport, char host, char *port);
	70	int tls_set_error(struct tls ctx, char fmt, ...);
	71
	72	#endif /* HEADER_TLS_INTERNAL_H */