diff options
Diffstat (limited to 'src/rexmpp_tls.h')
-rw-r--r-- | src/rexmpp_tls.h | 82 |
1 files changed, 76 insertions, 6 deletions
diff --git a/src/rexmpp_tls.h b/src/rexmpp_tls.h index 24ba042..4a966ca 100644 --- a/src/rexmpp_tls.h +++ b/src/rexmpp_tls.h @@ -20,6 +20,8 @@ to write logs and read other values (including server socket). #include "rexmpp.h" #include "config.h" +#define DTLS_SRTP_BUF_SIZE 0x4000 + typedef struct rexmpp_tls rexmpp_tls_t; /** @@ -43,6 +45,8 @@ struct rexmpp_tls { size_t tls_session_data_size; gnutls_session_t gnutls_session; gnutls_certificate_credentials_t gnutls_cred; + char dtls_buf[DTLS_SRTP_BUF_SIZE]; + size_t dtls_buf_len; }; #elif defined(USE_OPENSSL) #include <openssl/ssl.h> @@ -54,6 +58,8 @@ enum rexmpp_openssl_direction { struct rexmpp_tls { SSL_CTX *openssl_ctx; SSL *openssl_conn; + BIO *bio_conn; + BIO *bio_io; enum rexmpp_openssl_direction openssl_direction; }; #else @@ -66,26 +72,90 @@ int rexmpp_tls_init(rexmpp_t *s); void rexmpp_tls_cleanup(rexmpp_t *s); void rexmpp_tls_deinit(rexmpp_t *s); -rexmpp_tls_err_t rexmpp_tls_connect(rexmpp_t *s); -rexmpp_tls_err_t rexmpp_tls_disconnect(rexmpp_t *s); +rexmpp_tls_t *rexmpp_tls_ctx_new (rexmpp_t *s, int dtls); +void rexmpp_tls_ctx_free (rexmpp_tls_t *tls_ctx); + +void rexmpp_tls_session_free (rexmpp_tls_t *tls_ctx); + +rexmpp_tls_err_t rexmpp_tls_connect (rexmpp_t *s); +rexmpp_tls_err_t rexmpp_tls_handshake (rexmpp_t *s, rexmpp_tls_t *tls_ctx); +rexmpp_tls_err_t rexmpp_tls_disconnect (rexmpp_t *s, rexmpp_tls_t *tls_ctx); +rexmpp_tls_err_t +rexmpp_dtls_connect (rexmpp_t *s, + rexmpp_tls_t *tls_ctx, + void *user_data, + int client); +void rexmpp_dtls_feed(rexmpp_t *s, rexmpp_tls_t *tls_ctx, uint8_t *buf, size_t len); + +int +rexmpp_tls_srtp_get_keys (rexmpp_t *s, + rexmpp_tls_t *tls_ctx, + size_t key_len, + size_t salt_len, + unsigned char *key_mat); -rexmpp_tls_err_t rexmpp_tls_send(rexmpp_t *s, void *data, size_t data_size, ssize_t *written); -rexmpp_tls_err_t rexmpp_tls_recv(rexmpp_t *s, void *data, size_t data_size, ssize_t *received); +rexmpp_tls_err_t +rexmpp_tls_send (rexmpp_t *s, + rexmpp_tls_t *tls_ctx, + void *data, + size_t data_size, + ssize_t *written); +rexmpp_tls_err_t +rexmpp_tls_recv (rexmpp_t *s, + rexmpp_tls_t *tls_ctx, + void *data, + size_t data_size, + ssize_t *received); +unsigned int rexmpp_dtls_timeout (rexmpp_t *s, rexmpp_tls_t *tls_ctx); int rexmpp_tls_fds(rexmpp_t *s, fd_set *read_fds, fd_set *write_fds); /** - @brief Sets credentials for both client authentication to the - server (SASL EXTERNAL) and DTLS connections in Jingle sessions. + @brief Sets credentials for a given TLS context: either provided + ones or defined for the whole ::rexmpp structure. */ rexmpp_tls_err_t rexmpp_tls_set_x509_key_file (rexmpp_t *s, + rexmpp_tls_t *tls_ctx, const char *cert_file, const char *key_file); rexmpp_tls_err_t rexmpp_tls_set_x509_trust_file (rexmpp_t *s, + rexmpp_tls_t *tls_ctx, const char *cert_file); +int rexmpp_tls_peer_fp (rexmpp_t *s, + rexmpp_tls_t *tls_ctx, + const char *algo_str, + char *raw_fp, + char *fp_str, + size_t *fp_size); + +int rexmpp_tls_my_fp (rexmpp_t *s, + char *raw_fp, + char *fp_str, + size_t *fp_size); + +int rexmpp_tls_session_fp (rexmpp_t *s, + rexmpp_tls_t *tls_ctx, + const char *algo_str, + char *raw_fp, + char *fp_str, + size_t *fp_size); + +int rexmpp_x509_cert_fp (rexmpp_t *s, + const char *algo_str, + void *cert, + char *raw_fp, + char *fp_str, + size_t *fp_size); + +int rexmpp_x509_raw_cert_fp (rexmpp_t *s, + const char *algo_str, + const void *raw_cert, + char *raw_fp, + char *fp_str, + size_t *fp_size); #endif |