tls_domain.h

Go to the documentation of this file.
00001 /*
00002  * Copyright (C) 2001-2003 FhG FOKUS
00003  * Copyright (C) 2005,2006 iptelorg GmbH
00004  *
00005  * Permission to use, copy, modify, and distribute this software for any
00006  * purpose with or without fee is hereby granted, provided that the above
00007  * copyright notice and this permission notice appear in all copies.
00008  *
00009  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
00010  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
00011  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
00012  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
00013  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
00014  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
00015  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
00016  */
00017 
00026 #ifndef _TLS_DOMAIN_H
00027 #define _TLS_DOMAIN_H
00028 
00029 #include "../../str.h"
00030 #include "../../ip_addr.h"
00031 #include <openssl/ssl.h>
00032 
00033 
00037 enum tls_method {
00038         TLS_METHOD_UNSPEC = 0,
00039         TLS_USE_SSLv2_cli,
00040         TLS_USE_SSLv2_srv,
00041         TLS_USE_SSLv2,
00042         TLS_USE_SSLv3_cli,
00043         TLS_USE_SSLv3_srv,
00044         TLS_USE_SSLv3,
00045         TLS_USE_TLSv1_cli,
00046         TLS_USE_TLSv1_srv,
00047         TLS_USE_TLSv1,
00048         TLS_USE_SSLv23_cli,
00049         TLS_USE_SSLv23_srv,
00050         TLS_USE_SSLv23,
00051         TLS_METHOD_MAX
00052 };
00053 
00054 
00058 enum tls_domain_type {
00059         TLS_DOMAIN_DEF = (1 << 0), 
00060         TLS_DOMAIN_SRV = (1 << 1), 
00061         TLS_DOMAIN_CLI = (1 << 2)  
00062 };
00063 
00064 
00068 typedef struct tls_domain {
00069         int type;
00070         struct ip_addr ip;
00071         unsigned short port;
00072         SSL_CTX** ctx;
00073         str cert_file;
00074         str pkey_file;
00075         int verify_cert;
00076         int verify_depth;
00077         str ca_file;
00078         int require_cert;
00079         str cipher_list;
00080         enum tls_method method;
00081         str crl_file;
00082         struct tls_domain* next;
00083 } tls_domain_t;
00084 
00085 
00089 typedef struct tls_domains_cfg {
00090         tls_domain_t* srv_default; 
00091         tls_domain_t* cli_default; 
00092         tls_domain_t* srv_list;    
00093         tls_domain_t* cli_list;    
00094         struct tls_domains_cfg* next; 
00095         int ref_count;             
00096 } tls_domains_cfg_t;
00097 
00098 
00108 tls_domain_t *tls_new_domain(int type, struct ip_addr *ip, 
00109                              unsigned short port);
00110 
00111 
00116 void tls_free_domain(tls_domain_t* d);
00117 
00118 
00124 char* tls_domain_str(tls_domain_t* d);
00125 
00126 
00127 
00134 tls_domains_cfg_t* tls_new_cfg(void);
00135 
00136 
00143 int tls_add_domain(tls_domains_cfg_t* cfg, tls_domain_t* d);
00144 
00145 
00156 int tls_fix_domains_cfg(tls_domains_cfg_t* cfg, tls_domain_t* srv_defaults,
00157                                 tls_domain_t* cli_defaults);
00158 
00159 
00168 tls_domain_t* tls_lookup_cfg(tls_domains_cfg_t* cfg, int type,
00169                                                                 struct ip_addr* ip, unsigned short port);
00170 
00171 
00176 void tls_free_cfg(tls_domains_cfg_t* cfg);
00177 
00178 
00182 void tls_destroy_cfg(void);
00183 
00184 #endif /* _TLS_DOMAIN_H */
Generated on Tue May 22 2012 13:10:17 for SIP Router by  doxygen 1.7.1