BLOG | DOCUMENTATION | TRAC

Home --> Documentations --> PJLIB Reference

ssl_sock.h
Go to the documentation of this file.
1 /* $Id: ssl_sock.h 5087 2015-05-07 04:48:19Z nanang $ */
2 /*
3  * Copyright (C) 2009-2011 Teluu Inc. (http://www.teluu.com)
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  */
19 #ifndef __PJ_SSL_SOCK_H__
20 #define __PJ_SSL_SOCK_H__
21 
27 #include <pj/ioqueue.h>
28 #include <pj/sock.h>
29 #include <pj/sock_qos.h>
30 
31 
33 
54 
55 
61 
62 
64 {
69 
74 
79 
84 
90 
95 
102 
107 
112 
117 
125 
130 
132 
133 
134 typedef enum pj_ssl_cert_name_type
135 {
136  PJ_SSL_CERT_NAME_UNKNOWN = 0,
137  PJ_SSL_CERT_NAME_RFC822,
138  PJ_SSL_CERT_NAME_DNS,
139  PJ_SSL_CERT_NAME_URI,
140  PJ_SSL_CERT_NAME_IP
141 } pj_ssl_cert_name_type;
142 
146 typedef struct pj_ssl_cert_info {
147 
148  unsigned version;
154  struct {
159  } subject;
161  struct {
162  pj_str_t cn;
163  pj_str_t info;
165  } issuer;
167  struct {
172  } validity;
174  struct {
175  unsigned cnt;
176  struct {
177  pj_ssl_cert_name_type type;
180  } *entry;
181  } subj_alt_name;
185 
186 
202  const pj_str_t *CA_file,
203  const pj_str_t *cert_file,
204  const pj_str_t *privkey_file,
205  const pj_str_t *privkey_pass,
206  pj_ssl_cert_t **p_cert);
207 
228  pj_pool_t *pool,
229  const pj_str_t *CA_file,
230  const pj_str_t *CA_path,
231  const pj_str_t *cert_file,
232  const pj_str_t *privkey_file,
233  const pj_str_t *privkey_pass,
234  pj_ssl_cert_t **p_cert);
235 
236 
249  const char *indent,
250  char *buf,
251  pj_size_t buf_size);
252 
253 
267  pj_uint32_t verify_status,
268  const char *error_strings[],
269  unsigned *count);
270 
271 
275 typedef enum pj_ssl_cipher {
276 
277  /* Unsupported cipher */
278  PJ_TLS_UNKNOWN_CIPHER = -1,
279 
280  /* NULL */
281  PJ_TLS_NULL_WITH_NULL_NULL = 0x00000000,
282 
283  /* TLS/SSLv3 */
284  PJ_TLS_RSA_WITH_NULL_MD5 = 0x00000001,
285  PJ_TLS_RSA_WITH_NULL_SHA = 0x00000002,
286  PJ_TLS_RSA_WITH_NULL_SHA256 = 0x0000003B,
287  PJ_TLS_RSA_WITH_RC4_128_MD5 = 0x00000004,
288  PJ_TLS_RSA_WITH_RC4_128_SHA = 0x00000005,
289  PJ_TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x0000000A,
290  PJ_TLS_RSA_WITH_AES_128_CBC_SHA = 0x0000002F,
291  PJ_TLS_RSA_WITH_AES_256_CBC_SHA = 0x00000035,
292  PJ_TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003C,
293  PJ_TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x0000003D,
294  PJ_TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x0000000D,
295  PJ_TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000010,
296  PJ_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x00000013,
297  PJ_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000016,
298  PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x00000030,
299  PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x00000031,
300  PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x00000032,
301  PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x00000033,
302  PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x00000036,
303  PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x00000037,
304  PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x00000038,
305  PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x00000039,
306  PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x0000003E,
307  PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003F,
308  PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x00000040,
309  PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x00000067,
310  PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x00000068,
311  PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x00000069,
312  PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x0000006A,
313  PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x0000006B,
314  PJ_TLS_DH_anon_WITH_RC4_128_MD5 = 0x00000018,
315  PJ_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x0000001B,
316  PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x00000034,
317  PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x0000003A,
318  PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x0000006C,
319  PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x0000006D,
320 
321  /* TLS (deprecated) */
322  PJ_TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x00000003,
323  PJ_TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x00000006,
324  PJ_TLS_RSA_WITH_IDEA_CBC_SHA = 0x00000007,
325  PJ_TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000008,
326  PJ_TLS_RSA_WITH_DES_CBC_SHA = 0x00000009,
327  PJ_TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0000000B,
328  PJ_TLS_DH_DSS_WITH_DES_CBC_SHA = 0x0000000C,
329  PJ_TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0000000E,
330  PJ_TLS_DH_RSA_WITH_DES_CBC_SHA = 0x0000000F,
331  PJ_TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x00000011,
332  PJ_TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x00000012,
333  PJ_TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000014,
334  PJ_TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x00000015,
335  PJ_TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x00000017,
336  PJ_TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x00000019,
337  PJ_TLS_DH_anon_WITH_DES_CBC_SHA = 0x0000001A,
338 
339  /* SSLv3 */
340  PJ_SSL_FORTEZZA_KEA_WITH_NULL_SHA = 0x0000001C,
341  PJ_SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 0x0000001D,
342  PJ_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 0x0000001E,
343 
344  /* SSLv2 */
345  PJ_SSL_CK_RC4_128_WITH_MD5 = 0x00010080,
346  PJ_SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x00020080,
347  PJ_SSL_CK_RC2_128_CBC_WITH_MD5 = 0x00030080,
348  PJ_SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x00040080,
349  PJ_SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x00050080,
350  PJ_SSL_CK_DES_64_CBC_WITH_MD5 = 0x00060040,
351  PJ_SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x000700C0
352 
353 } pj_ssl_cipher;
354 
355 
365  unsigned *cipher_num);
366 
367 
376 
377 
386 PJ_DECL(const char*) pj_ssl_cipher_name(pj_ssl_cipher cipher);
387 
388 
399 PJ_DECL(pj_ssl_cipher) pj_ssl_cipher_id(const char *cipher_name);
400 
401 
405 typedef struct pj_ssl_sock_cb
406 {
433  pj_bool_t (*on_data_read)(pj_ssl_sock_t *ssock,
434  void *data,
435  pj_size_t size,
436  pj_status_t status,
437  pj_size_t *remainder);
458  pj_bool_t (*on_data_recvfrom)(pj_ssl_sock_t *ssock,
459  void *data,
460  pj_size_t size,
461  const pj_sockaddr_t *src_addr,
462  int addr_len,
463  pj_status_t status);
464 
478  pj_bool_t (*on_data_sent)(pj_ssl_sock_t *ssock,
480  pj_ssize_t sent);
481 
496  pj_bool_t (*on_accept_complete)(pj_ssl_sock_t *ssock,
497  pj_ssl_sock_t *newsock,
498  const pj_sockaddr_t *src_addr,
499  int src_addr_len);
500 
513  pj_bool_t (*on_connect_complete)(pj_ssl_sock_t *ssock,
514  pj_status_t status);
515 
517 
518 
523 typedef enum pj_ssl_sock_proto
524 {
529 
534 
539 
544 
549 
554 
559  PJ_SSL_SOCK_PROTO_SSL23 = (1 << 16) - 1,
560 
565 
567 
568 
572 typedef struct pj_ssl_sock_info
573 {
579 
585 
591 
596 
601 
606 
611 
616 
620  unsigned long last_native_err;
621 
626 
628 
629 
633 typedef struct pj_ssl_sock_param
634 {
645 
651  int sock_af;
652 
659 
665 
672 
677 
681  void *user_data;
682 
690 
703  unsigned async_cnt;
704 
719 
734 
744 
754 
761  unsigned ciphers_num;
762 
768 
776 
783 
791 
802 
810 
819 
828 
836 
844 
853 
855 
856 
863 PJ_DECL(void) pj_ssl_sock_param_default(pj_ssl_sock_param *param);
864 
865 
876  const pj_ssl_sock_param *param,
877  pj_ssl_sock_t **p_ssock);
878 
879 
896  pj_ssl_sock_t *ssock,
897  pj_pool_t *pool,
898  const pj_ssl_cert_t *cert);
899 
900 
910 
911 
925  void *user_data);
926 
935 PJ_DECL(void*) pj_ssl_sock_get_user_data(pj_ssl_sock_t *ssock);
936 
937 
947  pj_ssl_sock_info *info);
948 
949 
973  pj_pool_t *pool,
974  unsigned buff_size,
975  pj_uint32_t flags);
976 
992  pj_pool_t *pool,
993  unsigned buff_size,
994  void *readbuf[],
995  pj_uint32_t flags);
996 
1011  pj_pool_t *pool,
1012  unsigned buff_size,
1013  pj_uint32_t flags);
1014 
1030  pj_pool_t *pool,
1031  unsigned buff_size,
1032  void *readbuf[],
1033  pj_uint32_t flags);
1034 
1057  const void *data,
1058  pj_ssize_t *size,
1059  unsigned flags);
1060 
1083  pj_ioqueue_op_key_t *send_key,
1084  const void *data,
1085  pj_ssize_t *size,
1086  unsigned flags,
1087  const pj_sockaddr_t *addr,
1088  int addr_len);
1089 
1090 
1112  pj_pool_t *pool,
1113  const pj_sockaddr_t *local_addr,
1114  int addr_len);
1115 
1116 
1136  pj_pool_t *pool,
1137  const pj_sockaddr_t *localaddr,
1138  const pj_sockaddr_t *remaddr,
1139  int addr_len);
1140 
1141 
1157 
1158 
1164 
1165 #endif /* __PJ_SSL_SOCK_H__ */
pj_str_t cn
Definition: ssl_sock.h:155
struct pj_timer_heap_t pj_timer_heap_t
Definition: types.h:221
pj_bool_t verify_peer
Definition: ssl_sock.h:782
Definition: ssl_sock.h:559
pj_time_val end
Definition: ssl_sock.h:169
Definition: ssl_sock.h:538
pj_uint32_t proto
Definition: ssl_sock.h:584
pj_bool_t reuse_addr
Definition: ssl_sock.h:809
pj_ssl_cert_info * remote_cert_info
Definition: ssl_sock.h:610
pj_ioqueue_t * ioqueue
Definition: ssl_sock.h:664
pj_status_t pj_ssl_sock_get_info(pj_ssl_sock_t *ssock, pj_ssl_sock_info *info)
struct pj_ssl_cert_info::@3 issuer
pj_ssl_cert_verify_flag_t
Definition: ssl_sock.h:63
int pj_bool_t
Definition: types.h:71
Definition: ssl_sock.h:111
pj_qos_params qos_params
Definition: ssl_sock.h:827
pj_ssl_cipher pj_ssl_cipher_id(const char *cipher_name)
struct pj_ssl_cert_info::@4 validity
Definition: sock.h:625
Definition: ssl_sock.h:73
pj_time_val timeout
Definition: ssl_sock.h:775
unsigned async_cnt
Definition: ssl_sock.h:703
pj_ssl_sock_proto
Definition: ssl_sock.h:523
Definition: types.h:382
pj_uint8_t serial_no[20]
Definition: ssl_sock.h:150
pj_qos_type qos_type
Definition: ssl_sock.h:818
Definition: ssl_sock.h:564
pj_status_t pj_ssl_sock_sendto(pj_ssl_sock_t *ssock, pj_ioqueue_op_key_t *send_key, const void *data, pj_ssize_t *size, unsigned flags, const pj_sockaddr_t *addr, int addr_len)
pj_ssl_cipher
Definition: ssl_sock.h:275
Socket QoS API.
pj_status_t pj_ssl_cipher_get_availables(pj_ssl_cipher ciphers[], unsigned *cipher_num)
pj_status_t pj_ssl_sock_close(pj_ssl_sock_t *ssock)
pj_status_t pj_ssl_sock_start_recvfrom2(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, void *readbuf[], pj_uint32_t flags)
unsigned long last_native_err
Definition: ssl_sock.h:620
pj_size_t send_buffer_size
Definition: ssl_sock.h:743
struct pj_ssl_cert_info::@5 subj_alt_name
Definition: ssl_sock.h:124
pj_ssl_sock_cb cb
Definition: ssl_sock.h:676
pj_size_t read_buffer_size
Definition: ssl_sock.h:753
int pj_status_t
Definition: types.h:68
Definition: sock.h:603
pj_str_t name
Definition: ssl_sock.h:179
Definition: ssl_sock.h:106
pj_status_t pj_ssl_cert_get_verify_status_strings(pj_uint32_t verify_status, const char *error_strings[], unsigned *count)
pj_status_t pj_ssl_sock_start_read(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, pj_uint32_t flags)
Definition: ioqueue.h:209
struct pj_ssl_cert_t pj_ssl_cert_t
Definition: ssl_sock.h:60
void pj_sockaddr_t
Definition: types.h:267
unsigned ciphers_num
Definition: ssl_sock.h:761
pj_timer_heap_t * timer_heap
Definition: ssl_sock.h:671
pj_uint32_t proto
Definition: ssl_sock.h:689
Definition: types.h:119
struct pj_ssl_cert_info::@5::@6 * entry
int sock_af
Definition: ssl_sock.h:651
pj_status_t pj_ssl_sock_create(pj_pool_t *pool, const pj_ssl_sock_param *param, pj_ssl_sock_t **p_ssock)
struct pj_grp_lock_t pj_grp_lock_t
Definition: types.h:242
pj_status_t pj_ssl_sock_renegotiate(pj_ssl_sock_t *ssock)
Definition: ssl_sock.h:553
pj_bool_t sockopt_ignore_error
Definition: ssl_sock.h:852
Definition: ssl_sock.h:101
struct pj_ioqueue_t pj_ioqueue_t
Definition: types.h:210
unsigned int pj_uint32_t
Definition: types.h:43
pj_bool_t qos_ignore_error
Definition: ssl_sock.h:835
Definition: ssl_sock.h:89
Definition: ssl_sock.h:528
pj_bool_t pj_ssl_cipher_is_supported(pj_ssl_cipher cipher)
pj_status_t pj_ssl_cert_load_from_files(pj_pool_t *pool, const pj_str_t *CA_file, const pj_str_t *cert_file, const pj_str_t *privkey_file, const pj_str_t *privkey_pass, pj_ssl_cert_t **p_cert)
struct pj_ssl_sock_t pj_ssl_sock_t
Definition: ssl_sock.h:53
pj_status_t pj_ssl_sock_start_recvfrom(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, pj_uint32_t flags)
#define PJ_END_DECL
Definition: config.h:1096
pj_bool_t require_client_cert
Definition: ssl_sock.h:790
Definition: ssl_sock.h:78
I/O Dispatching Mechanism.
pj_status_t pj_ssl_sock_start_accept(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_sockaddr_t *local_addr, int addr_len)
Definition: ssl_sock.h:146
Definition: ssl_sock.h:116
pj_ssl_cipher cipher
Definition: ssl_sock.h:590
Definition: ssl_sock.h:633
unsigned version
Definition: ssl_sock.h:148
#define PJ_BEGIN_DECL
Definition: config.h:1095
pj_qos_type
Definition: sock_qos.h:233
pj_status_t pj_ssl_sock_set_user_data(pj_ssl_sock_t *ssock, void *user_data)
struct pj_ssl_cert_info::@2 subject
int concurrency
Definition: ssl_sock.h:718
pj_bool_t gmt
Definition: ssl_sock.h:170
pj_uint32_t verify_status
Definition: ssl_sock.h:615
long pj_ssize_t
Definition: types.h:64
pj_ssize_t pj_ssl_cert_info_dump(const pj_ssl_cert_info *ci, const char *indent, char *buf, pj_size_t buf_size)
Definition: ssl_sock.h:94
pj_str_t server_name
Definition: ssl_sock.h:801
int sock_type
Definition: ssl_sock.h:658
unsigned char pj_uint8_t
Definition: types.h:55
Definition: pool.h:313
Socket Abstraction.
Definition: ssl_sock.h:405
Definition: ssl_sock.h:548
Definition: ssl_sock.h:68
pj_grp_lock_t * grp_lock
Definition: ssl_sock.h:625
pj_sockopt_params sockopt_params
Definition: ssl_sock.h:843
pj_status_t pj_ssl_sock_set_certificate(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_ssl_cert_t *cert)
Definition: ssl_sock.h:83
pj_bool_t established
Definition: ssl_sock.h:578
pj_status_t pj_ssl_sock_start_read2(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, void *readbuf[], pj_uint32_t flags)
Definition: ssl_sock.h:572
pj_status_t pj_ssl_sock_start_connect(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_sockaddr_t *localaddr, const pj_sockaddr_t *remaddr, int addr_len)
pj_sockaddr local_addr
Definition: ssl_sock.h:595
void * pj_ssl_sock_get_user_data(pj_ssl_sock_t *ssock)
pj_ssl_cert_info * local_cert_info
Definition: ssl_sock.h:605
pj_str_t info
Definition: ssl_sock.h:156
Definition: ssl_sock.h:129
void pj_ssl_sock_param_default(pj_ssl_sock_param *param)
Definition: ssl_sock.h:543
Definition: sock_qos.h:271
pj_sockaddr remote_addr
Definition: ssl_sock.h:600
pj_time_val start
Definition: ssl_sock.h:168
const char * pj_ssl_cipher_name(pj_ssl_cipher cipher)
pj_grp_lock_t * grp_lock
Definition: ssl_sock.h:644
Definition: ssl_sock.h:533
Definition: activesock.c:270
pj_status_t pj_ssl_cert_load_from_files2(pj_pool_t *pool, const pj_str_t *CA_file, const pj_str_t *CA_path, const pj_str_t *cert_file, const pj_str_t *privkey_file, const pj_str_t *privkey_pass, pj_ssl_cert_t **p_cert)
pj_status_t pj_ssl_sock_send(pj_ssl_sock_t *ssock, pj_ioqueue_op_key_t *send_key, const void *data, pj_ssize_t *size, unsigned flags)
unsigned cnt
Definition: ssl_sock.h:175
size_t pj_size_t
Definition: types.h:58
pj_ssl_cert_name_type type
Definition: ssl_sock.h:177
void * user_data
Definition: ssl_sock.h:681
pj_bool_t whole_data
Definition: ssl_sock.h:733
pj_ssl_cipher * ciphers
Definition: ssl_sock.h:767

 


PJLIB Open Source, high performance, small footprint, and very very portable framework
Copyright (C) 2006-2009 Teluu Inc.