BLOG | DOCUMENTATION | TRAC

Home --> Documentations --> PJLIB Reference

ssl_sock.h
Go to the documentation of this file.
1 /* $Id: ssl_sock.h 5238 2016-01-27 09:55:13Z riza $ */
2 /*
3  * Copyright (C) 2009-2011 Teluu Inc. (http://www.teluu.com)
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  */
19 #ifndef __PJ_SSL_SOCK_H__
20 #define __PJ_SSL_SOCK_H__
21 
27 #include <pj/ioqueue.h>
28 #include <pj/sock.h>
29 #include <pj/sock_qos.h>
30 
31 
33 
54 
55 
61 
62 
64 {
69 
74 
79 
84 
90 
95 
102 
107 
112 
117 
125 
130 
132 
133 
134 typedef enum pj_ssl_cert_name_type
135 {
136  PJ_SSL_CERT_NAME_UNKNOWN = 0,
137  PJ_SSL_CERT_NAME_RFC822,
138  PJ_SSL_CERT_NAME_DNS,
139  PJ_SSL_CERT_NAME_URI,
140  PJ_SSL_CERT_NAME_IP
141 } pj_ssl_cert_name_type;
142 
146 typedef struct pj_ssl_cert_info {
147 
148  unsigned version;
154  struct {
159  } subject;
161  struct {
162  pj_str_t cn;
163  pj_str_t info;
165  } issuer;
167  struct {
172  } validity;
174  struct {
175  unsigned cnt;
176  struct {
177  pj_ssl_cert_name_type type;
180  } *entry;
181  } subj_alt_name;
188 
189 
205  const pj_str_t *CA_file,
206  const pj_str_t *cert_file,
207  const pj_str_t *privkey_file,
208  const pj_str_t *privkey_pass,
209  pj_ssl_cert_t **p_cert);
210 
231  pj_pool_t *pool,
232  const pj_str_t *CA_file,
233  const pj_str_t *CA_path,
234  const pj_str_t *cert_file,
235  const pj_str_t *privkey_file,
236  const pj_str_t *privkey_pass,
237  pj_ssl_cert_t **p_cert);
238 
239 
252  const char *indent,
253  char *buf,
254  pj_size_t buf_size);
255 
256 
270  pj_uint32_t verify_status,
271  const char *error_strings[],
272  unsigned *count);
273 
274 
278 typedef enum pj_ssl_cipher {
279 
280  /* Unsupported cipher */
281  PJ_TLS_UNKNOWN_CIPHER = -1,
282 
283  /* NULL */
284  PJ_TLS_NULL_WITH_NULL_NULL = 0x00000000,
285 
286  /* TLS/SSLv3 */
287  PJ_TLS_RSA_WITH_NULL_MD5 = 0x00000001,
288  PJ_TLS_RSA_WITH_NULL_SHA = 0x00000002,
289  PJ_TLS_RSA_WITH_NULL_SHA256 = 0x0000003B,
290  PJ_TLS_RSA_WITH_RC4_128_MD5 = 0x00000004,
291  PJ_TLS_RSA_WITH_RC4_128_SHA = 0x00000005,
292  PJ_TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x0000000A,
293  PJ_TLS_RSA_WITH_AES_128_CBC_SHA = 0x0000002F,
294  PJ_TLS_RSA_WITH_AES_256_CBC_SHA = 0x00000035,
295  PJ_TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003C,
296  PJ_TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x0000003D,
297  PJ_TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x0000000D,
298  PJ_TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000010,
299  PJ_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x00000013,
300  PJ_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000016,
301  PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x00000030,
302  PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x00000031,
303  PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x00000032,
304  PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x00000033,
305  PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x00000036,
306  PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x00000037,
307  PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x00000038,
308  PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x00000039,
309  PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x0000003E,
310  PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003F,
311  PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x00000040,
312  PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x00000067,
313  PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x00000068,
314  PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x00000069,
315  PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x0000006A,
316  PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x0000006B,
317  PJ_TLS_DH_anon_WITH_RC4_128_MD5 = 0x00000018,
318  PJ_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x0000001B,
319  PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x00000034,
320  PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x0000003A,
321  PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x0000006C,
322  PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x0000006D,
323 
324  /* TLS (deprecated) */
325  PJ_TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x00000003,
326  PJ_TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x00000006,
327  PJ_TLS_RSA_WITH_IDEA_CBC_SHA = 0x00000007,
328  PJ_TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000008,
329  PJ_TLS_RSA_WITH_DES_CBC_SHA = 0x00000009,
330  PJ_TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0000000B,
331  PJ_TLS_DH_DSS_WITH_DES_CBC_SHA = 0x0000000C,
332  PJ_TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0000000E,
333  PJ_TLS_DH_RSA_WITH_DES_CBC_SHA = 0x0000000F,
334  PJ_TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x00000011,
335  PJ_TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x00000012,
336  PJ_TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000014,
337  PJ_TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x00000015,
338  PJ_TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x00000017,
339  PJ_TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x00000019,
340  PJ_TLS_DH_anon_WITH_DES_CBC_SHA = 0x0000001A,
341 
342  /* SSLv3 */
343  PJ_SSL_FORTEZZA_KEA_WITH_NULL_SHA = 0x0000001C,
344  PJ_SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 0x0000001D,
345  PJ_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 0x0000001E,
346 
347  /* SSLv2 */
348  PJ_SSL_CK_RC4_128_WITH_MD5 = 0x00010080,
349  PJ_SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x00020080,
350  PJ_SSL_CK_RC2_128_CBC_WITH_MD5 = 0x00030080,
351  PJ_SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x00040080,
352  PJ_SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x00050080,
353  PJ_SSL_CK_DES_64_CBC_WITH_MD5 = 0x00060040,
354  PJ_SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x000700C0
355 
356 } pj_ssl_cipher;
357 
358 
368  unsigned *cipher_num);
369 
370 
379 
380 
389 PJ_DECL(const char*) pj_ssl_cipher_name(pj_ssl_cipher cipher);
390 
391 
402 PJ_DECL(pj_ssl_cipher) pj_ssl_cipher_id(const char *cipher_name);
403 
404 
408 typedef struct pj_ssl_sock_cb
409 {
436  pj_bool_t (*on_data_read)(pj_ssl_sock_t *ssock,
437  void *data,
438  pj_size_t size,
439  pj_status_t status,
440  pj_size_t *remainder);
461  pj_bool_t (*on_data_recvfrom)(pj_ssl_sock_t *ssock,
462  void *data,
463  pj_size_t size,
464  const pj_sockaddr_t *src_addr,
465  int addr_len,
466  pj_status_t status);
467 
481  pj_bool_t (*on_data_sent)(pj_ssl_sock_t *ssock,
483  pj_ssize_t sent);
484 
499  pj_bool_t (*on_accept_complete)(pj_ssl_sock_t *ssock,
500  pj_ssl_sock_t *newsock,
501  const pj_sockaddr_t *src_addr,
502  int src_addr_len);
503 
516  pj_bool_t (*on_connect_complete)(pj_ssl_sock_t *ssock,
517  pj_status_t status);
518 
520 
521 
526 typedef enum pj_ssl_sock_proto
527 {
532 
537 
542 
547 
552 
557 
562  PJ_SSL_SOCK_PROTO_SSL23 = (1 << 16) - 1,
563 
568 
570 
571 
575 typedef struct pj_ssl_sock_info
576 {
582 
588 
594 
599 
604 
609 
614 
619 
623  unsigned long last_native_err;
624 
629 
631 
632 
636 typedef struct pj_ssl_sock_param
637 {
648 
654  int sock_af;
655 
662 
668 
675 
680 
684  void *user_data;
685 
693 
706  unsigned async_cnt;
707 
722 
737 
747 
757 
764  unsigned ciphers_num;
765 
771 
779 
786 
794 
805 
813 
822 
831 
839 
847 
856 
858 
859 
866 PJ_DECL(void) pj_ssl_sock_param_default(pj_ssl_sock_param *param);
867 
868 
876 PJ_DECL(void) pj_ssl_sock_param_copy(pj_pool_t *pool,
877  pj_ssl_sock_param *dst,
878  const pj_ssl_sock_param *src);
879 
880 
891  const pj_ssl_sock_param *param,
892  pj_ssl_sock_t **p_ssock);
893 
894 
911  pj_ssl_sock_t *ssock,
912  pj_pool_t *pool,
913  const pj_ssl_cert_t *cert);
914 
915 
925 
926 
940  void *user_data);
941 
950 PJ_DECL(void*) pj_ssl_sock_get_user_data(pj_ssl_sock_t *ssock);
951 
952 
962  pj_ssl_sock_info *info);
963 
964 
988  pj_pool_t *pool,
989  unsigned buff_size,
990  pj_uint32_t flags);
991 
1007  pj_pool_t *pool,
1008  unsigned buff_size,
1009  void *readbuf[],
1010  pj_uint32_t flags);
1011 
1026  pj_pool_t *pool,
1027  unsigned buff_size,
1028  pj_uint32_t flags);
1029 
1045  pj_pool_t *pool,
1046  unsigned buff_size,
1047  void *readbuf[],
1048  pj_uint32_t flags);
1049 
1072  const void *data,
1073  pj_ssize_t *size,
1074  unsigned flags);
1075 
1098  pj_ioqueue_op_key_t *send_key,
1099  const void *data,
1100  pj_ssize_t *size,
1101  unsigned flags,
1102  const pj_sockaddr_t *addr,
1103  int addr_len);
1104 
1105 
1127  pj_pool_t *pool,
1128  const pj_sockaddr_t *local_addr,
1129  int addr_len);
1130 
1131 
1148 PJ_DECL(pj_status_t)
1150  pj_pool_t *pool,
1151  const pj_sockaddr_t *local_addr,
1152  int addr_len,
1153  const pj_ssl_sock_param *newsock_param);
1154 
1155 
1175  pj_pool_t *pool,
1176  const pj_sockaddr_t *localaddr,
1177  const pj_sockaddr_t *remaddr,
1178  int addr_len);
1179 
1180 
1196 
1197 
1203 
1204 #endif /* __PJ_SSL_SOCK_H__ */
pj_str_t cn
Definition: ssl_sock.h:155
struct pj_timer_heap_t pj_timer_heap_t
Definition: types.h:221
pj_bool_t verify_peer
Definition: ssl_sock.h:785
Definition: ssl_sock.h:562
pj_time_val end
Definition: ssl_sock.h:169
Definition: ssl_sock.h:541
pj_uint32_t proto
Definition: ssl_sock.h:587
pj_bool_t reuse_addr
Definition: ssl_sock.h:812
pj_ssl_cert_info * remote_cert_info
Definition: ssl_sock.h:613
pj_ioqueue_t * ioqueue
Definition: ssl_sock.h:667
pj_status_t pj_ssl_sock_get_info(pj_ssl_sock_t *ssock, pj_ssl_sock_info *info)
struct pj_ssl_cert_info::@3 issuer
pj_ssl_cert_verify_flag_t
Definition: ssl_sock.h:63
int pj_bool_t
Definition: types.h:71
Definition: ssl_sock.h:111
pj_qos_params qos_params
Definition: ssl_sock.h:830
pj_ssl_cipher pj_ssl_cipher_id(const char *cipher_name)
struct pj_ssl_cert_info::@4 validity
Definition: sock.h:625
Definition: ssl_sock.h:73
pj_time_val timeout
Definition: ssl_sock.h:778
unsigned async_cnt
Definition: ssl_sock.h:706
pj_ssl_sock_proto
Definition: ssl_sock.h:526
Definition: types.h:382
pj_uint8_t serial_no[20]
Definition: ssl_sock.h:150
pj_qos_type qos_type
Definition: ssl_sock.h:821
Definition: ssl_sock.h:567
pj_status_t pj_ssl_sock_sendto(pj_ssl_sock_t *ssock, pj_ioqueue_op_key_t *send_key, const void *data, pj_ssize_t *size, unsigned flags, const pj_sockaddr_t *addr, int addr_len)
pj_ssl_cipher
Definition: ssl_sock.h:278
Socket QoS API.
pj_status_t pj_ssl_cipher_get_availables(pj_ssl_cipher ciphers[], unsigned *cipher_num)
pj_status_t pj_ssl_sock_close(pj_ssl_sock_t *ssock)
pj_status_t pj_ssl_sock_start_recvfrom2(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, void *readbuf[], pj_uint32_t flags)
unsigned long last_native_err
Definition: ssl_sock.h:623
pj_size_t send_buffer_size
Definition: ssl_sock.h:746
struct pj_ssl_cert_info::@5 subj_alt_name
Definition: ssl_sock.h:124
pj_ssl_sock_cb cb
Definition: ssl_sock.h:679
pj_size_t read_buffer_size
Definition: ssl_sock.h:756
int pj_status_t
Definition: types.h:68
Definition: sock.h:603
pj_str_t name
Definition: ssl_sock.h:179
Definition: ssl_sock.h:106
pj_status_t pj_ssl_cert_get_verify_status_strings(pj_uint32_t verify_status, const char *error_strings[], unsigned *count)
pj_status_t pj_ssl_sock_start_read(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, pj_uint32_t flags)
pj_status_t pj_ssl_sock_start_accept2(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_sockaddr_t *local_addr, int addr_len, const pj_ssl_sock_param *newsock_param)
Definition: ioqueue.h:209
struct pj_ssl_cert_t pj_ssl_cert_t
Definition: ssl_sock.h:60
void pj_sockaddr_t
Definition: types.h:267
unsigned ciphers_num
Definition: ssl_sock.h:764
pj_timer_heap_t * timer_heap
Definition: ssl_sock.h:674
pj_uint32_t proto
Definition: ssl_sock.h:692
Definition: types.h:119
struct pj_ssl_cert_info::@5::@6 * entry
int sock_af
Definition: ssl_sock.h:654
pj_status_t pj_ssl_sock_create(pj_pool_t *pool, const pj_ssl_sock_param *param, pj_ssl_sock_t **p_ssock)
struct pj_grp_lock_t pj_grp_lock_t
Definition: types.h:242
pj_status_t pj_ssl_sock_renegotiate(pj_ssl_sock_t *ssock)
Definition: ssl_sock.h:556
pj_bool_t sockopt_ignore_error
Definition: ssl_sock.h:855
Definition: ssl_sock.h:101
struct pj_ioqueue_t pj_ioqueue_t
Definition: types.h:210
unsigned int pj_uint32_t
Definition: types.h:43
pj_bool_t qos_ignore_error
Definition: ssl_sock.h:838
Definition: ssl_sock.h:89
Definition: ssl_sock.h:531
pj_str_t raw
Definition: ssl_sock.h:184
pj_bool_t pj_ssl_cipher_is_supported(pj_ssl_cipher cipher)
pj_status_t pj_ssl_cert_load_from_files(pj_pool_t *pool, const pj_str_t *CA_file, const pj_str_t *cert_file, const pj_str_t *privkey_file, const pj_str_t *privkey_pass, pj_ssl_cert_t **p_cert)
struct pj_ssl_sock_t pj_ssl_sock_t
Definition: ssl_sock.h:53
pj_status_t pj_ssl_sock_start_recvfrom(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, pj_uint32_t flags)
#define PJ_END_DECL
Definition: config.h:1096
pj_bool_t require_client_cert
Definition: ssl_sock.h:793
Definition: ssl_sock.h:78
I/O Dispatching Mechanism.
pj_status_t pj_ssl_sock_start_accept(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_sockaddr_t *local_addr, int addr_len)
Definition: ssl_sock.h:146
Definition: ssl_sock.h:116
pj_ssl_cipher cipher
Definition: ssl_sock.h:593
Definition: ssl_sock.h:636
unsigned version
Definition: ssl_sock.h:148
#define PJ_BEGIN_DECL
Definition: config.h:1095
pj_qos_type
Definition: sock_qos.h:233
pj_status_t pj_ssl_sock_set_user_data(pj_ssl_sock_t *ssock, void *user_data)
struct pj_ssl_cert_info::@2 subject
int concurrency
Definition: ssl_sock.h:721
pj_bool_t gmt
Definition: ssl_sock.h:170
pj_uint32_t verify_status
Definition: ssl_sock.h:618
long pj_ssize_t
Definition: types.h:64
pj_ssize_t pj_ssl_cert_info_dump(const pj_ssl_cert_info *ci, const char *indent, char *buf, pj_size_t buf_size)
Definition: ssl_sock.h:94
pj_str_t server_name
Definition: ssl_sock.h:804
int sock_type
Definition: ssl_sock.h:661
unsigned char pj_uint8_t
Definition: types.h:55
Definition: pool.h:313
Socket Abstraction.
Definition: ssl_sock.h:408
Definition: ssl_sock.h:551
Definition: ssl_sock.h:68
pj_grp_lock_t * grp_lock
Definition: ssl_sock.h:628
pj_sockopt_params sockopt_params
Definition: ssl_sock.h:846
void pj_ssl_sock_param_copy(pj_pool_t *pool, pj_ssl_sock_param *dst, const pj_ssl_sock_param *src)
pj_status_t pj_ssl_sock_set_certificate(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_ssl_cert_t *cert)
Definition: ssl_sock.h:83
pj_bool_t established
Definition: ssl_sock.h:581
pj_status_t pj_ssl_sock_start_read2(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, void *readbuf[], pj_uint32_t flags)
Definition: ssl_sock.h:575
pj_status_t pj_ssl_sock_start_connect(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_sockaddr_t *localaddr, const pj_sockaddr_t *remaddr, int addr_len)
pj_sockaddr local_addr
Definition: ssl_sock.h:598
void * pj_ssl_sock_get_user_data(pj_ssl_sock_t *ssock)
pj_ssl_cert_info * local_cert_info
Definition: ssl_sock.h:608
pj_str_t info
Definition: ssl_sock.h:156
Definition: ssl_sock.h:129
void pj_ssl_sock_param_default(pj_ssl_sock_param *param)
Definition: ssl_sock.h:546
Definition: sock_qos.h:271
pj_sockaddr remote_addr
Definition: ssl_sock.h:603
pj_time_val start
Definition: ssl_sock.h:168
const char * pj_ssl_cipher_name(pj_ssl_cipher cipher)
pj_grp_lock_t * grp_lock
Definition: ssl_sock.h:647
Definition: ssl_sock.h:536
Definition: activesock.c:270
pj_status_t pj_ssl_cert_load_from_files2(pj_pool_t *pool, const pj_str_t *CA_file, const pj_str_t *CA_path, const pj_str_t *cert_file, const pj_str_t *privkey_file, const pj_str_t *privkey_pass, pj_ssl_cert_t **p_cert)
pj_status_t pj_ssl_sock_send(pj_ssl_sock_t *ssock, pj_ioqueue_op_key_t *send_key, const void *data, pj_ssize_t *size, unsigned flags)
unsigned cnt
Definition: ssl_sock.h:175
size_t pj_size_t
Definition: types.h:58
pj_ssl_cert_name_type type
Definition: ssl_sock.h:177
void * user_data
Definition: ssl_sock.h:684
pj_bool_t whole_data
Definition: ssl_sock.h:736
pj_ssl_cipher * ciphers
Definition: ssl_sock.h:770

 


PJLIB Open Source, high performance, small footprint, and very very portable framework
Copyright (C) 2006-2009 Teluu Inc.