BLOG | DOCUMENTATION | TRAC

Home --> Documentations --> PJLIB Reference

ssl_sock.h
Go to the documentation of this file.
1 /* $Id: ssl_sock.h 4862 2014-06-19 09:42:02Z nanang $ */
2 /*
3  * Copyright (C) 2009-2011 Teluu Inc. (http://www.teluu.com)
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  */
19 #ifndef __PJ_SSL_SOCK_H__
20 #define __PJ_SSL_SOCK_H__
21 
27 #include <pj/ioqueue.h>
28 #include <pj/sock.h>
29 #include <pj/sock_qos.h>
30 
31 
33 
54 
55 
61 
62 
64 {
69 
74 
79 
84 
90 
95 
102 
107 
112 
117 
125 
130 
132 
133 
134 typedef enum pj_ssl_cert_name_type
135 {
136  PJ_SSL_CERT_NAME_UNKNOWN = 0,
137  PJ_SSL_CERT_NAME_RFC822,
138  PJ_SSL_CERT_NAME_DNS,
139  PJ_SSL_CERT_NAME_URI,
140  PJ_SSL_CERT_NAME_IP
141 } pj_ssl_cert_name_type;
142 
146 typedef struct pj_ssl_cert_info {
147 
148  unsigned version;
154  struct {
159  } subject;
161  struct {
162  pj_str_t cn;
163  pj_str_t info;
165  } issuer;
167  struct {
172  } validity;
174  struct {
175  unsigned cnt;
176  struct {
177  pj_ssl_cert_name_type type;
180  } *entry;
181  } subj_alt_name;
185 
186 
199  const pj_str_t *CA_file,
200  const pj_str_t *cert_file,
201  const pj_str_t *privkey_file,
202  const pj_str_t *privkey_pass,
203  pj_ssl_cert_t **p_cert);
204 
205 
218  const char *indent,
219  char *buf,
220  pj_size_t buf_size);
221 
222 
236  pj_uint32_t verify_status,
237  const char *error_strings[],
238  unsigned *count);
239 
240 
244 typedef enum pj_ssl_cipher {
245 
246  /* Unsupported cipher */
247  PJ_TLS_UNKNOWN_CIPHER = -1,
248 
249  /* NULL */
250  PJ_TLS_NULL_WITH_NULL_NULL = 0x00000000,
251 
252  /* TLS/SSLv3 */
253  PJ_TLS_RSA_WITH_NULL_MD5 = 0x00000001,
254  PJ_TLS_RSA_WITH_NULL_SHA = 0x00000002,
255  PJ_TLS_RSA_WITH_NULL_SHA256 = 0x0000003B,
256  PJ_TLS_RSA_WITH_RC4_128_MD5 = 0x00000004,
257  PJ_TLS_RSA_WITH_RC4_128_SHA = 0x00000005,
258  PJ_TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x0000000A,
259  PJ_TLS_RSA_WITH_AES_128_CBC_SHA = 0x0000002F,
260  PJ_TLS_RSA_WITH_AES_256_CBC_SHA = 0x00000035,
261  PJ_TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003C,
262  PJ_TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x0000003D,
263  PJ_TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x0000000D,
264  PJ_TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000010,
265  PJ_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x00000013,
266  PJ_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000016,
267  PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x00000030,
268  PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x00000031,
269  PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x00000032,
270  PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x00000033,
271  PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x00000036,
272  PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x00000037,
273  PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x00000038,
274  PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x00000039,
275  PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x0000003E,
276  PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003F,
277  PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x00000040,
278  PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x00000067,
279  PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x00000068,
280  PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x00000069,
281  PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x0000006A,
282  PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x0000006B,
283  PJ_TLS_DH_anon_WITH_RC4_128_MD5 = 0x00000018,
284  PJ_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x0000001B,
285  PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x00000034,
286  PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x0000003A,
287  PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x0000006C,
288  PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x0000006D,
289 
290  /* TLS (deprecated) */
291  PJ_TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x00000003,
292  PJ_TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x00000006,
293  PJ_TLS_RSA_WITH_IDEA_CBC_SHA = 0x00000007,
294  PJ_TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000008,
295  PJ_TLS_RSA_WITH_DES_CBC_SHA = 0x00000009,
296  PJ_TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0000000B,
297  PJ_TLS_DH_DSS_WITH_DES_CBC_SHA = 0x0000000C,
298  PJ_TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0000000E,
299  PJ_TLS_DH_RSA_WITH_DES_CBC_SHA = 0x0000000F,
300  PJ_TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x00000011,
301  PJ_TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x00000012,
302  PJ_TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000014,
303  PJ_TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x00000015,
304  PJ_TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x00000017,
305  PJ_TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x00000019,
306  PJ_TLS_DH_anon_WITH_DES_CBC_SHA = 0x0000001A,
307 
308  /* SSLv3 */
309  PJ_SSL_FORTEZZA_KEA_WITH_NULL_SHA = 0x0000001C,
310  PJ_SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 0x0000001D,
311  PJ_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 0x0000001E,
312 
313  /* SSLv2 */
314  PJ_SSL_CK_RC4_128_WITH_MD5 = 0x00010080,
315  PJ_SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x00020080,
316  PJ_SSL_CK_RC2_128_CBC_WITH_MD5 = 0x00030080,
317  PJ_SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x00040080,
318  PJ_SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x00050080,
319  PJ_SSL_CK_DES_64_CBC_WITH_MD5 = 0x00060040,
320  PJ_SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x000700C0
321 
322 } pj_ssl_cipher;
323 
324 
334  unsigned *cipher_num);
335 
336 
345 
346 
355 PJ_DECL(const char*) pj_ssl_cipher_name(pj_ssl_cipher cipher);
356 
357 
368 PJ_DECL(pj_ssl_cipher) pj_ssl_cipher_id(const char *cipher_name);
369 
370 
374 typedef struct pj_ssl_sock_cb
375 {
402  pj_bool_t (*on_data_read)(pj_ssl_sock_t *ssock,
403  void *data,
404  pj_size_t size,
405  pj_status_t status,
406  pj_size_t *remainder);
427  pj_bool_t (*on_data_recvfrom)(pj_ssl_sock_t *ssock,
428  void *data,
429  pj_size_t size,
430  const pj_sockaddr_t *src_addr,
431  int addr_len,
432  pj_status_t status);
433 
447  pj_bool_t (*on_data_sent)(pj_ssl_sock_t *ssock,
449  pj_ssize_t sent);
450 
465  pj_bool_t (*on_accept_complete)(pj_ssl_sock_t *ssock,
466  pj_ssl_sock_t *newsock,
467  const pj_sockaddr_t *src_addr,
468  int src_addr_len);
469 
482  pj_bool_t (*on_connect_complete)(pj_ssl_sock_t *ssock,
483  pj_status_t status);
484 
486 
487 
491 typedef enum pj_ssl_sock_proto
492 {
501 
502 
506 typedef struct pj_ssl_sock_info
507 {
513 
518 
524 
529 
534 
539 
544 
549 
553  unsigned long last_native_err;
554 
559 
561 
562 
566 typedef struct pj_ssl_sock_param
567 {
578 
584  int sock_af;
585 
592 
598 
605 
610 
614  void *user_data;
615 
622 
635  unsigned async_cnt;
636 
651 
666 
676 
686 
692  unsigned ciphers_num;
693 
699 
707 
714 
722 
733 
741 
750 
759 
767 
775 
784 
786 
787 
794 PJ_DECL(void) pj_ssl_sock_param_default(pj_ssl_sock_param *param);
795 
796 
807  const pj_ssl_sock_param *param,
808  pj_ssl_sock_t **p_ssock);
809 
810 
827  pj_ssl_sock_t *ssock,
828  pj_pool_t *pool,
829  const pj_ssl_cert_t *cert);
830 
831 
841 
842 
856  void *user_data);
857 
866 PJ_DECL(void*) pj_ssl_sock_get_user_data(pj_ssl_sock_t *ssock);
867 
868 
878  pj_ssl_sock_info *info);
879 
880 
904  pj_pool_t *pool,
905  unsigned buff_size,
906  pj_uint32_t flags);
907 
923  pj_pool_t *pool,
924  unsigned buff_size,
925  void *readbuf[],
926  pj_uint32_t flags);
927 
942  pj_pool_t *pool,
943  unsigned buff_size,
944  pj_uint32_t flags);
945 
961  pj_pool_t *pool,
962  unsigned buff_size,
963  void *readbuf[],
964  pj_uint32_t flags);
965 
988  const void *data,
989  pj_ssize_t *size,
990  unsigned flags);
991 
1014  pj_ioqueue_op_key_t *send_key,
1015  const void *data,
1016  pj_ssize_t *size,
1017  unsigned flags,
1018  const pj_sockaddr_t *addr,
1019  int addr_len);
1020 
1021 
1043  pj_pool_t *pool,
1044  const pj_sockaddr_t *local_addr,
1045  int addr_len);
1046 
1047 
1067  pj_pool_t *pool,
1068  const pj_sockaddr_t *localaddr,
1069  const pj_sockaddr_t *remaddr,
1070  int addr_len);
1071 
1072 
1088 
1089 
1095 
1096 #endif /* __PJ_SSL_SOCK_H__ */
pj_str_t cn
Definition: ssl_sock.h:155
struct pj_timer_heap_t pj_timer_heap_t
Definition: types.h:221
pj_bool_t verify_peer
Definition: ssl_sock.h:713
Definition: ssl_sock.h:496
pj_time_val end
Definition: ssl_sock.h:169
Definition: ssl_sock.h:495
pj_bool_t reuse_addr
Definition: ssl_sock.h:740
pj_ssl_cert_info * remote_cert_info
Definition: ssl_sock.h:543
pj_ioqueue_t * ioqueue
Definition: ssl_sock.h:597
pj_status_t pj_ssl_sock_get_info(pj_ssl_sock_t *ssock, pj_ssl_sock_info *info)
struct pj_ssl_cert_info::@3 issuer
pj_ssl_cert_verify_flag_t
Definition: ssl_sock.h:63
int pj_bool_t
Definition: types.h:71
Definition: ssl_sock.h:111
pj_qos_params qos_params
Definition: ssl_sock.h:758
pj_ssl_cipher pj_ssl_cipher_id(const char *cipher_name)
struct pj_ssl_cert_info::@4 validity
Definition: sock.h:625
Definition: ssl_sock.h:73
pj_time_val timeout
Definition: ssl_sock.h:706
unsigned async_cnt
Definition: ssl_sock.h:635
pj_ssl_sock_proto
Definition: ssl_sock.h:491
Definition: types.h:382
pj_uint8_t serial_no[20]
Definition: ssl_sock.h:150
pj_qos_type qos_type
Definition: ssl_sock.h:749
Definition: ssl_sock.h:499
pj_status_t pj_ssl_sock_sendto(pj_ssl_sock_t *ssock, pj_ioqueue_op_key_t *send_key, const void *data, pj_ssize_t *size, unsigned flags, const pj_sockaddr_t *addr, int addr_len)
pj_ssl_cipher
Definition: ssl_sock.h:244
Socket QoS API.
pj_status_t pj_ssl_cipher_get_availables(pj_ssl_cipher ciphers[], unsigned *cipher_num)
pj_status_t pj_ssl_sock_close(pj_ssl_sock_t *ssock)
pj_status_t pj_ssl_sock_start_recvfrom2(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, void *readbuf[], pj_uint32_t flags)
unsigned long last_native_err
Definition: ssl_sock.h:553
pj_size_t send_buffer_size
Definition: ssl_sock.h:675
struct pj_ssl_cert_info::@5 subj_alt_name
Definition: ssl_sock.h:124
pj_ssl_sock_cb cb
Definition: ssl_sock.h:609
pj_size_t read_buffer_size
Definition: ssl_sock.h:685
pj_ssl_sock_proto proto
Definition: ssl_sock.h:517
int pj_status_t
Definition: types.h:68
Definition: sock.h:603
pj_str_t name
Definition: ssl_sock.h:179
Definition: ssl_sock.h:106
pj_status_t pj_ssl_cert_get_verify_status_strings(pj_uint32_t verify_status, const char *error_strings[], unsigned *count)
pj_status_t pj_ssl_sock_start_read(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, pj_uint32_t flags)
Definition: ioqueue.h:209
struct pj_ssl_cert_t pj_ssl_cert_t
Definition: ssl_sock.h:60
void pj_sockaddr_t
Definition: types.h:267
unsigned ciphers_num
Definition: ssl_sock.h:692
pj_timer_heap_t * timer_heap
Definition: ssl_sock.h:604
Definition: types.h:119
struct pj_ssl_cert_info::@5::@6 * entry
int sock_af
Definition: ssl_sock.h:584
pj_status_t pj_ssl_sock_create(pj_pool_t *pool, const pj_ssl_sock_param *param, pj_ssl_sock_t **p_ssock)
struct pj_grp_lock_t pj_grp_lock_t
Definition: types.h:242
pj_status_t pj_ssl_sock_renegotiate(pj_ssl_sock_t *ssock)
pj_bool_t sockopt_ignore_error
Definition: ssl_sock.h:783
Definition: ssl_sock.h:101
struct pj_ioqueue_t pj_ioqueue_t
Definition: types.h:210
unsigned int pj_uint32_t
Definition: types.h:43
pj_bool_t qos_ignore_error
Definition: ssl_sock.h:766
Definition: ssl_sock.h:89
Definition: ssl_sock.h:493
pj_bool_t pj_ssl_cipher_is_supported(pj_ssl_cipher cipher)
pj_status_t pj_ssl_cert_load_from_files(pj_pool_t *pool, const pj_str_t *CA_file, const pj_str_t *cert_file, const pj_str_t *privkey_file, const pj_str_t *privkey_pass, pj_ssl_cert_t **p_cert)
struct pj_ssl_sock_t pj_ssl_sock_t
Definition: ssl_sock.h:53
pj_status_t pj_ssl_sock_start_recvfrom(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, pj_uint32_t flags)
#define PJ_END_DECL
Definition: config.h:1067
pj_bool_t require_client_cert
Definition: ssl_sock.h:721
Definition: ssl_sock.h:78
I/O Dispatching Mechanism.
pj_status_t pj_ssl_sock_start_accept(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_sockaddr_t *local_addr, int addr_len)
Definition: ssl_sock.h:146
Definition: ssl_sock.h:116
pj_ssl_cipher cipher
Definition: ssl_sock.h:523
Definition: ssl_sock.h:566
unsigned version
Definition: ssl_sock.h:148
#define PJ_BEGIN_DECL
Definition: config.h:1066
pj_qos_type
Definition: sock_qos.h:233
pj_status_t pj_ssl_sock_set_user_data(pj_ssl_sock_t *ssock, void *user_data)
struct pj_ssl_cert_info::@2 subject
int concurrency
Definition: ssl_sock.h:650
pj_bool_t gmt
Definition: ssl_sock.h:170
pj_uint32_t verify_status
Definition: ssl_sock.h:548
long pj_ssize_t
Definition: types.h:64
pj_ssize_t pj_ssl_cert_info_dump(const pj_ssl_cert_info *ci, const char *indent, char *buf, pj_size_t buf_size)
Definition: ssl_sock.h:94
pj_ssl_sock_proto proto
Definition: ssl_sock.h:621
pj_str_t server_name
Definition: ssl_sock.h:732
int sock_type
Definition: ssl_sock.h:591
unsigned char pj_uint8_t
Definition: types.h:55
Definition: pool.h:313
Socket Abstraction.
Definition: ssl_sock.h:374
Definition: ssl_sock.h:68
pj_grp_lock_t * grp_lock
Definition: ssl_sock.h:558
pj_sockopt_params sockopt_params
Definition: ssl_sock.h:774
pj_status_t pj_ssl_sock_set_certificate(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_ssl_cert_t *cert)
Definition: ssl_sock.h:83
pj_bool_t established
Definition: ssl_sock.h:512
pj_status_t pj_ssl_sock_start_read2(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, void *readbuf[], pj_uint32_t flags)
Definition: ssl_sock.h:506
pj_status_t pj_ssl_sock_start_connect(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_sockaddr_t *localaddr, const pj_sockaddr_t *remaddr, int addr_len)
pj_sockaddr local_addr
Definition: ssl_sock.h:528
void * pj_ssl_sock_get_user_data(pj_ssl_sock_t *ssock)
pj_ssl_cert_info * local_cert_info
Definition: ssl_sock.h:538
pj_str_t info
Definition: ssl_sock.h:156
Definition: ssl_sock.h:129
void pj_ssl_sock_param_default(pj_ssl_sock_param *param)
Definition: ssl_sock.h:494
Definition: sock_qos.h:271
pj_sockaddr remote_addr
Definition: ssl_sock.h:533
pj_time_val start
Definition: ssl_sock.h:168
const char * pj_ssl_cipher_name(pj_ssl_cipher cipher)
pj_grp_lock_t * grp_lock
Definition: ssl_sock.h:577
Definition: ssl_sock.h:498
Definition: activesock.c:270
pj_status_t pj_ssl_sock_send(pj_ssl_sock_t *ssock, pj_ioqueue_op_key_t *send_key, const void *data, pj_ssize_t *size, unsigned flags)
unsigned cnt
Definition: ssl_sock.h:175
size_t pj_size_t
Definition: types.h:58
pj_ssl_cert_name_type type
Definition: ssl_sock.h:177
void * user_data
Definition: ssl_sock.h:614
pj_bool_t whole_data
Definition: ssl_sock.h:665
pj_ssl_cipher * ciphers
Definition: ssl_sock.h:698

 


PJLIB Open Source, high performance, small footprint, and very very portable framework
Copyright (C) 2006-2009 Teluu Inc.