mirror of https://github.com/sipwise/kamailio.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
100 lines
2.9 KiB
100 lines
2.9 KiB
/*
|
|
* TLS module - main server part
|
|
*
|
|
* Copyright (C) 2005-2010 iptelorg GmbH
|
|
*
|
|
* This file is part of Kamailio, a free SIP server.
|
|
*
|
|
* Permission to use, copy, modify, and distribute this software for any
|
|
* purpose with or without fee is hereby granted, provided that the above
|
|
* copyright notice and this permission notice appear in all copies.
|
|
*
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
*/
|
|
|
|
/** main tls part (implements the tls hooks that are called from the tcp code).
|
|
* @file tls_server.h
|
|
* @ingroup tls
|
|
* Module: @ref tls
|
|
*/
|
|
|
|
|
|
#ifndef _TLS_SERVER_H
|
|
#define _TLS_SERVER_H
|
|
|
|
#include <stdio.h>
|
|
#include "../../tcp_conn.h"
|
|
#include "tls_domain.h"
|
|
#include "tls_ct_wrq.h"
|
|
|
|
enum tls_conn_states {
|
|
S_TLS_NONE = 0,
|
|
S_TLS_ACCEPTING,
|
|
S_TLS_CONNECTING,
|
|
S_TLS_ESTABLISHED
|
|
};
|
|
|
|
struct tls_rd_buf {
|
|
unsigned int pos; /* current position */
|
|
unsigned int size; /* total size (buf) */
|
|
unsigned char buf[1];
|
|
};
|
|
|
|
/* tls conn flags */
|
|
#define F_TLS_CON_WR_WANTS_RD 1 /* write wants read */
|
|
#define F_TLS_CON_HANDSHAKED 2 /* connection is handshaked */
|
|
#define F_TLS_CON_RENEGOTIATION 4 /* renegotiation by clinet */
|
|
|
|
struct tls_extra_data {
|
|
tls_domains_cfg_t* cfg; /* Configuration used for this connection */
|
|
SSL* ssl; /* SSL context used for the connection */
|
|
BIO* rwbio; /* bio used for read/write
|
|
(openssl code might add buffering BIOs so
|
|
it's better to remember our original BIO) */
|
|
tls_ct_q* ct_wq;
|
|
struct tls_rd_buf* enc_rd_buf;
|
|
unsigned int flags;
|
|
enum tls_conn_states state;
|
|
};
|
|
|
|
|
|
/* return true if write wants read */
|
|
#define tls_write_wants_read(tls_ed) (tls_ed->flags & F_TLS_CON_WR_WANTS_RD)
|
|
|
|
|
|
/*
|
|
* Called when new tcp connection is accepted
|
|
*/
|
|
int tls_h_tcpconn_init(struct tcp_connection *c, int sock);
|
|
|
|
/*
|
|
* clean the extra data upon connection shut down
|
|
*/
|
|
void tls_h_tcpconn_clean(struct tcp_connection *c);
|
|
|
|
/*
|
|
* shut down the TLS connection
|
|
*/
|
|
void tls_h_close(struct tcp_connection *c, int fd);
|
|
|
|
int tls_encode_f(struct tcp_connection *c,
|
|
const char ** pbuf, unsigned int* plen,
|
|
const char** rest_buf, unsigned int* rest_len,
|
|
snd_flags_t* send_flags) ;
|
|
|
|
int tls_read_f(struct tcp_connection *c, int* flags);
|
|
|
|
int tls_h_fix_read_conn(struct tcp_connection *c);
|
|
|
|
int tls_connect(struct tcp_connection *c, int* error);
|
|
int tls_accept(struct tcp_connection *c, int* error);
|
|
|
|
void tls_lookup_event_routes(void);
|
|
#endif /* _TLS_SERVER_H */
|