Annotation of embedaddon/strongswan/src/libpttls/pt_tls.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2012 Martin Willi
! 3: * Copyright (C) 2012 revosec AG
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify it
! 6: * under the terms of the GNU General Public License as published by the
! 7: * Free Software Foundation; either version 2 of the License, or (at your
! 8: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 9: *
! 10: * This program is distributed in the hope that it will be useful, but
! 11: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 12: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 13: * for more details.
! 14: */
! 15:
! 16: /**
! 17: * @defgroup pt_tls libpttls
! 18: *
! 19: * @addtogroup pt_tls
! 20: * @{
! 21: */
! 22:
! 23: #ifndef PT_TLS_H_
! 24: #define PT_TLS_H_
! 25:
! 26: #include <bio/bio_reader.h>
! 27: #include <bio/bio_writer.h>
! 28: #include <tls_socket.h>
! 29:
! 30: /**
! 31: * PT-TLS version we support
! 32: */
! 33: #define PT_TLS_VERSION 1
! 34:
! 35: /**
! 36: * Length of a PT-TLS header
! 37: */
! 38: #define PT_TLS_HEADER_LEN 16
! 39:
! 40: /**
! 41: * Maximum size of a PT-TLS message
! 42: */
! 43: #define PT_TLS_MAX_MESSAGE_LEN 128 * TLS_MAX_FRAGMENT_LEN - PT_TLS_HEADER_LEN
! 44:
! 45: /**
! 46: * Default PT-TLS port
! 47: */
! 48: #define PT_TLS_PORT 271
! 49:
! 50: typedef enum pt_tls_message_type_t pt_tls_message_type_t;
! 51: typedef enum pt_tls_sasl_result_t pt_tls_sasl_result_t;
! 52: typedef enum pt_tls_auth_t pt_tls_auth_t;
! 53:
! 54: /**
! 55: * Message types, as defined by NEA PT-TLS
! 56: */
! 57: enum pt_tls_message_type_t {
! 58: PT_TLS_EXPERIMENTAL = 0,
! 59: PT_TLS_VERSION_REQUEST = 1,
! 60: PT_TLS_VERSION_RESPONSE = 2,
! 61: PT_TLS_SASL_MECHS = 3,
! 62: PT_TLS_SASL_MECH_SELECTION = 4,
! 63: PT_TLS_SASL_AUTH_DATA = 5,
! 64: PT_TLS_SASL_RESULT = 6,
! 65: PT_TLS_PB_TNC_BATCH = 7,
! 66: PT_TLS_ERROR = 8,
! 67: };
! 68:
! 69: extern enum_name_t *pt_tls_message_type_names;
! 70:
! 71: /**
! 72: * Result code for a single SASL mechanism, as sent in PT_TLS_SASL_RESULT
! 73: */
! 74: enum pt_tls_sasl_result_t {
! 75: PT_TLS_SASL_RESULT_SUCCESS = 0,
! 76: PT_TLS_SASL_RESULT_FAILURE = 1,
! 77: PT_TLS_SASL_RESULT_ABORT = 2,
! 78: PT_TLS_SASL_RESULT_MECH_FAILURE = 3,
! 79: };
! 80:
! 81: extern enum_name_t *pt_tls_sasl_result_names;
! 82:
! 83: /**
! 84: * Client authentication to require as PT-TLS server.
! 85: */
! 86: enum pt_tls_auth_t {
! 87: /** don't require TLS client certificate or request SASL authentication */
! 88: PT_TLS_AUTH_NONE,
! 89: /** require TLS certificate authentication, no SASL */
! 90: PT_TLS_AUTH_TLS,
! 91: /** do SASL regardless of TLS certificate authentication */
! 92: PT_TLS_AUTH_SASL,
! 93: /* if client does not authenticate with a TLS certificate, request SASL */
! 94: PT_TLS_AUTH_TLS_OR_SASL,
! 95: /* require both, TLS certificate authentication and SASL */
! 96: PT_TLS_AUTH_TLS_AND_SASL,
! 97: };
! 98:
! 99: /**
! 100: * Read a PT-TLS message, create reader over Message Value.
! 101: *
! 102: * @param tls TLS socket to read from
! 103: * @param vendor receives Message Type Vendor ID from header
! 104: * @param type receives Message Type from header
! 105: * @param identifier receives Message Identifier
! 106: * @return reader over message value, NULL on error
! 107: */
! 108: bio_reader_t* pt_tls_read(tls_socket_t *tls, uint32_t *vendor,
! 109: uint32_t *type, uint32_t *identifier);
! 110:
! 111: /**
! 112: * Prepend a PT-TLS header to a writer, send data, destroy writer.
! 113: *
! 114: * @param tls TLS socket to write to
! 115: * @param type Message Type to write
! 116: * @param identifier Message Identifier to write
! 117: * @param data Message value to write
! 118: * @return TRUE if data written successfully
! 119: */
! 120: bool pt_tls_write(tls_socket_t *tls, pt_tls_message_type_t type,
! 121: uint32_t identifier, chunk_t data);
! 122:
! 123: /**
! 124: * Dummy libpttls initialization function needed for integrity test
! 125: */
! 126: void libpttls_init(void);
! 127:
! 128: #endif /** PT_TLS_H_ @}*/
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to pt_tls.h CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libpttls