search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
uwrap: Add mutex in uwrap_destructor().
[Samba.git] / source4 / lib / tls / tls.h
blobed3c81ee2b4e804d3cf86c53ab9d1eddcda58956
1 /*
2 Unix SMB/CIFS implementation.
3
4 transport layer security handling code
5
6 Copyright (C) Andrew Tridgell 2005
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #ifndef _TLS_H_
23 #define _TLS_H_
24
25 #include "lib/socket/socket.h"
26
27 struct loadparm_context;
28
29 /*
30 call tls_initialise() once per task to startup the tls subsystem
31 */
32 struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
33
34 /*
35 call tls_init_server() on each new server connection
36
37 the 'plain_chars' parameter is a list of chars that when they occur
38 as the first character from the client on the connection tell the
39 tls code that this is a non-tls connection. This can be used to have
40 tls and non-tls servers on the same port. If this is NULL then only
41 tls connections will be allowed
42 */
43 struct socket_context *tls_init_server(struct tls_params *parms,
44 struct socket_context *sock,
45 struct tevent_fd *fde,
46 const char *plain_chars);
47
48 /*
49 call tls_init_client() on each new client connection
50 */
51 struct socket_context *tls_init_client(struct socket_context *sock,
52 struct tevent_fd *fde,
53 const char *cafile);
54
55 /*
56 return True if a connection used tls
57 */
58 bool tls_enabled(struct socket_context *tls);
59
60
61 const struct socket_ops *socket_tls_ops(enum socket_type type);
62
63 struct tstream_context;
64 struct tstream_tls_params;
65
66 NTSTATUS tstream_tls_params_client(TALLOC_CTX *mem_ctx,
67 const char *ca_file,
68 const char *crl_file,
69 struct tstream_tls_params **_tlsp);
70
71 NTSTATUS tstream_tls_params_server(TALLOC_CTX *mem_ctx,
72 const char *dns_host_name,
73 bool enabled,
74 const char *key_file,
75 const char *cert_file,
76 const char *ca_file,
77 const char *crl_file,
78 const char *dhp_file,
79 struct tstream_tls_params **_params);
80
81 bool tstream_tls_params_enabled(struct tstream_tls_params *params);
82
83 struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
84 struct tevent_context *ev,
85 struct tstream_context *plain_stream,
86 struct tstream_tls_params *tls_params,
87 const char *location);
88 #define tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params); \
89 _tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params, __location__)
90
91 int tstream_tls_connect_recv(struct tevent_req *req,
92 int *perrno,
93 TALLOC_CTX *mem_ctx,
94 struct tstream_context **tls_stream);
95
96 struct tevent_req *_tstream_tls_accept_send(TALLOC_CTX *mem_ctx,
97 struct tevent_context *ev,
98 struct tstream_context *plain_stream,
99 struct tstream_tls_params *tls_params,
100 const char *location);
101 #define tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params) \
102 _tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params, __location__)
103
104 int tstream_tls_accept_recv(struct tevent_req *req,
105 int *perrno,
106 TALLOC_CTX *mem_ctx,
107 struct tstream_context **tls_stream);
108
109 #endif /* _TLS_H_ */
Samba GIT mirror