Changeset 792a93b for lib/ssl_client.h


Ignore:
Timestamp:
2011-12-23T12:44:08Z (12 years ago)
Author:
Wilmer van der Gaast <wilmer@…>
Branches:
master
Children:
200e151
Parents:
2d93a51e (diff), 41658da (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Merging SSL certificate verification for GnuTLS, with help from AopicieR.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • lib/ssl_client.h

    r2d93a51e r792a93b  
    3737/* Some generic error codes. Especially SSL_AGAIN is important if you
    3838   want to do asynchronous I/O. */
     39#define NSS_VERIFY_ERROR -2
     40#define OPENSSL_VERIFY_ERROR -1
    3941#define SSL_OK            0
    4042#define SSL_NOHANDSHAKE   1
    4143#define SSL_AGAIN         2
     44#define VERIFY_CERT_ERROR 2
     45#define VERIFY_CERT_INVALID 4
     46#define VERIFY_CERT_REVOKED 8
     47#define VERIFY_CERT_SIGNER_NOT_FOUND 16
     48#define VERIFY_CERT_SIGNER_NOT_CA 32
     49#define VERIFY_CERT_INSECURE_ALGORITHM 64
     50#define VERIFY_CERT_NOT_ACTIVATED 128
     51#define VERIFY_CERT_EXPIRED 256
     52#define VERIFY_CERT_WRONG_HOSTNAME 512
    4253
    4354extern int ssl_errno;
    4455
    4556/* This is what your callback function should look like. */
    46 typedef gboolean (*ssl_input_function)(gpointer, void*, b_input_condition);
     57typedef gboolean (*ssl_input_function)(gpointer, int, void*, b_input_condition);
    4758
    4859
     
    5364   ready to be used for SSL traffic. This is all done asynchronously, no
    5465   blocking I/O! (Except for the DNS lookups, for now...) */
    55 G_MODULE_EXPORT void *ssl_connect( char *host, int port, ssl_input_function func, gpointer data );
     66G_MODULE_EXPORT void *ssl_connect( char *host, int port, gboolean verify, ssl_input_function func, gpointer data );
    5667
    5768/* Start an SSL session on an existing fd. Useful for STARTTLS functionality,
    5869   for example in Jabber. */
    59 G_MODULE_EXPORT void *ssl_starttls( int fd, ssl_input_function func, gpointer data );
     70G_MODULE_EXPORT void *ssl_starttls( int fd, char *hostname, gboolean verify, ssl_input_function func, gpointer data );
    6071
    6172/* Obviously you need special read/write functions to read data. */
     
    90101G_MODULE_EXPORT b_input_condition ssl_getdirection( void *conn );
    91102
     103/* Converts a verification bitfield passed to ssl_input_function into
     104   a more useful string. Or NULL if it had no useful bits set. */
     105G_MODULE_EXPORT char *ssl_verify_strerror( int code );
     106
    92107G_MODULE_EXPORT size_t ssl_des3_encrypt(const unsigned char *key, size_t key_len, const unsigned char *input, size_t input_len, const unsigned char *iv, unsigned char **res);
Note: See TracChangeset for help on using the changeset viewer.