#define SSL_H_INCLUDED
/*********************************************************************
*
-* File : $Source: /cvsroot/ijbswa/current/ssl.h,v $
+* File : $Source: $
*
* Purpose : File with TLS/SSL extension. Contains methods for
* creating, using and closing TLS/SSL connections.
#include "project.h"
-/*
- * Values for flag determining certificate validity.
- * These values are compatible with return value of function
- * mbedtls_ssl_get_verify_result(). There is no value for
- * "invalid certificate", this value is set by the function
- * mbedtls_ssl_get_verify_result().
- */
-#define SSL_CERT_VALID 0
-#define SSL_CERT_NOT_VERIFIED 0xFFFFFFFF
-
-/* Variables for one common RNG for all SSL use */
-static mbedtls_ctr_drbg_context ctr_drbg;
-static mbedtls_entropy_context entropy;
-static int rng_seeded;
-
/* Boolean functions to get information about TLS/SSL connections */
extern int client_use_ssl(const struct client_state *csp);
extern int server_use_ssl(const struct client_state *csp);
-extern size_t is_ssl_pending(mbedtls_ssl_context *ssl);
+extern size_t is_ssl_pending(struct ssl_attr *ssl_attr);
extern int tunnel_established_successfully(const char *response, unsigned int response_len);
/* Functions for sending and receiving data over TLS/SSL connections */
-extern int ssl_send_data(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len);
-extern int ssl_send_data_delayed(mbedtls_ssl_context *ssl, const unsigned char *buf,
+extern int ssl_send_data(struct ssl_attr *ssl_attr, const unsigned char *buf, size_t len);
+extern int ssl_send_data_delayed(struct ssl_attr *ssl_attr, const unsigned char *buf,
size_t len, unsigned int delay);
-extern int ssl_recv_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t maxLen);
-extern long ssl_flush_socket(mbedtls_ssl_context *ssl, struct iob *iob);
+extern int ssl_recv_data(struct ssl_attr *ssl_attr, unsigned char *buf, size_t maxLen);
+extern long ssl_flush_socket(struct ssl_attr *ssl_attr, struct iob *iob);
extern void ssl_send_certificate_error(struct client_state *csp);
/* Functions for opening and closing TLS/SSL connections */
extern int create_client_ssl_connection(struct client_state *csp);
extern int create_server_ssl_connection(struct client_state *csp);
extern void close_client_and_server_ssl_connections(struct client_state *csp);
+extern void close_server_ssl_connection(struct client_state *csp);
extern void close_client_ssl_connection(struct client_state *csp);
+/* misc helper functions */
+extern int ssl_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
+ const unsigned char *src, size_t slen );
+extern void ssl_crt_verify_info(char *buf, size_t size, struct client_state *csp);
+extern void ssl_release(void);
+
#endif /* ndef SSL_H_INCLUDED */
projects / privoxy.git / blobdiff