summaryrefslogtreecommitdiff
path: root/src/rexmpp_tls.h
blob: 24ba042e3adb506a4ebc75c36a9bb37139ca739f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91

/**
   @file rexmpp_tls.h
   @brief TLS abstraction
   @author defanor <defanor@uberspace.net>
   @date 2021
   @copyright MIT license.

These functions only alter the rexmpp structure's tls member (in
particular, they don't change other state variables), but use rexmpp_t
to write logs and read other values (including server socket).

*/


#ifndef REXMPP_TLS_H
#define REXMPP_TLS_H

#include <stdint.h>

#include "rexmpp.h"
#include "config.h"

typedef struct rexmpp_tls rexmpp_tls_t;

/**
   @brief TLS operation results.
*/
enum rexmpp_tls_err {
  REXMPP_TLS_SUCCESS,
  REXMPP_TLS_E_AGAIN,
  REXMPP_TLS_E_OTHER
};

typedef enum rexmpp_tls_err rexmpp_tls_err_t;

/**
   @brief TLS context.
*/
#if defined(USE_GNUTLS)
#include <gnutls/gnutls.h>
struct rexmpp_tls {
  void *tls_session_data;
  size_t tls_session_data_size;
  gnutls_session_t gnutls_session;
  gnutls_certificate_credentials_t gnutls_cred;
};
#elif defined(USE_OPENSSL)
#include <openssl/ssl.h>
enum rexmpp_openssl_direction {
  REXMPP_OPENSSL_NONE,
  REXMPP_OPENSSL_READ,
  REXMPP_OPENSSL_WRITE
};
struct rexmpp_tls {
  SSL_CTX *openssl_ctx;
  SSL *openssl_conn;
  enum rexmpp_openssl_direction openssl_direction;
};
#else
struct rexmpp_tls {
  int dummy;
};
#endif

int rexmpp_tls_init(rexmpp_t *s);
void rexmpp_tls_cleanup(rexmpp_t *s);
void rexmpp_tls_deinit(rexmpp_t *s);

rexmpp_tls_err_t rexmpp_tls_connect(rexmpp_t *s);
rexmpp_tls_err_t rexmpp_tls_disconnect(rexmpp_t *s);

rexmpp_tls_err_t rexmpp_tls_send(rexmpp_t *s, void *data, size_t data_size, ssize_t *written);
rexmpp_tls_err_t rexmpp_tls_recv(rexmpp_t *s, void *data, size_t data_size, ssize_t *received);

int rexmpp_tls_fds(rexmpp_t *s, fd_set *read_fds, fd_set *write_fds);

/**
   @brief Sets credentials for both client authentication to the
   server (SASL EXTERNAL) and DTLS connections in Jingle sessions.
*/
rexmpp_tls_err_t
rexmpp_tls_set_x509_key_file (rexmpp_t *s,
                              const char *cert_file,
                              const char *key_file);

rexmpp_tls_err_t
rexmpp_tls_set_x509_trust_file (rexmpp_t *s,
                                const char *cert_file);


#endif
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-28 17:26:40 +0000