SIP Router: tls_server.h Source File

Go to the documentation of this file.
00001 /*
00002  * $Id$
00003  *
00004  * TLS module - main server part
00005  * 
00006  * Copyright (C) 2001-2003 FhG FOKUS
00007  * Copyright (C) 2005-2010 iptelorg GmbH
00008  *
00009  * This file is part of SIP-router, a free SIP server.
00010  *
00011  * Permission to use, copy, modify, and distribute this software for any
00012  * purpose with or without fee is hereby granted, provided that the above
00013  * copyright notice and this permission notice appear in all copies.
00014  *
00015  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
00016  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
00017  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
00018  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
00019  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
00020  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
00021  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
00022  */
00030 #ifndef _TLS_SERVER_H
00031 #define _TLS_SERVER_H
00032 
00033 #include <stdio.h>
00034 #include "../../tcp_conn.h"
00035 #include "tls_domain.h"
00036 #include "tls_ct_wrq.h"
00037 
00038 enum tls_conn_states {
00039                                                 S_TLS_NONE = 0,
00040                                                 S_TLS_ACCEPTING,
00041                                                 S_TLS_CONNECTING,
00042                                                 S_TLS_ESTABLISHED
00043                                         };
00044 
00045 struct tls_rd_buf {
00046         unsigned int pos; /* current position */
00047         unsigned int size; /* total size (buf) */
00048         unsigned char buf[1];
00049 };
00050 
00051 /* tls conn flags */
00052 #define F_TLS_CON_WR_WANTS_RD    1 /* write wants read */
00053 #define F_TLS_CON_HANDSHAKED     2 /* connection is handshaked */
00054 #define F_TLS_CON_RENEGOTIATION  4 /* renegotiation by clinet */
00055 
00056 struct tls_extra_data {
00057         tls_domains_cfg_t* cfg; /* Configuration used for this connection */
00058         SSL* ssl;               /* SSL context used for the connection */
00059         BIO* rwbio;             /* bio used for read/write
00060                                                            (openssl code might add buffering BIOs so
00061                                                             it's better to remember our original BIO) */
00062         tls_ct_q* ct_wq;
00063         struct tls_rd_buf* enc_rd_buf;
00064         unsigned int flags;
00065         enum  tls_conn_states state;
00066 };
00067 
00068 
00069 /* return true if write wants read */
00070 #define tls_write_wants_read(tls_ed) (tls_ed->flags & F_TLS_CON_WR_WANTS_RD)
00071 
00072 
00073 /*
00074  * Called when new tcp connection is accepted 
00075  */
00076 int tls_h_tcpconn_init(struct tcp_connection *c, int sock);
00077 
00078 /*
00079  * clean the extra data upon connection shut down 
00080  */
00081 void tls_h_tcpconn_clean(struct tcp_connection *c);
00082 
00083 /*
00084  * shut down the TLS connection 
00085  */
00086 void tls_h_close(struct tcp_connection *c, int fd);
00087 
00088 int tls_encode_f(struct tcp_connection *c,
00089                                         const char ** pbuf, unsigned int* plen,
00090                                                 const char** rest_buf, unsigned int* rest_len,
00091                                                 snd_flags_t* send_flags) ;
00092 
00093 int tls_read_f(struct tcp_connection *c, int* flags);
00094 
00095 int tls_h_fix_read_conn(struct tcp_connection *c);
00096 
00097 int tls_connect(struct tcp_connection *c, int* error);
00098 int tls_accept(struct tcp_connection *c, int* error);
00099 #endif /* _TLS_SERVER_H */