BLOG | DOCUMENTATION | TRAC

Home --> Documentations --> PJLIB Reference

ssl_sock.h
Go to the documentation of this file.
1 /* $Id: ssl_sock.h 4506 2013-04-26 06:01:43Z bennylp $ */
2 /*
3  * Copyright (C) 2009-2011 Teluu Inc. (http://www.teluu.com)
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 2 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program; if not, write to the Free Software
17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18  */
19 #ifndef __PJ_SSL_SOCK_H__
20 #define __PJ_SSL_SOCK_H__
21 
27 #include <pj/ioqueue.h>
28 #include <pj/sock.h>
29 #include <pj/sock_qos.h>
30 
31 
33 
54 
55 
61 
62 
64 {
69 
74 
79 
84 
90 
95 
102 
107 
112 
117 
125 
130 
132 
133 
134 typedef enum pj_ssl_cert_name_type
135 {
136  PJ_SSL_CERT_NAME_UNKNOWN = 0,
137  PJ_SSL_CERT_NAME_RFC822,
138  PJ_SSL_CERT_NAME_DNS,
139  PJ_SSL_CERT_NAME_URI,
140  PJ_SSL_CERT_NAME_IP
141 } pj_ssl_cert_name_type;
142 
146 typedef struct pj_ssl_cert_info {
147 
148  unsigned version;
154  struct {
159  } subject;
161  struct {
162  pj_str_t cn;
163  pj_str_t info;
165  } issuer;
167  struct {
172  } validity;
174  struct {
175  unsigned cnt;
176  struct {
177  pj_ssl_cert_name_type type;
180  } *entry;
181  } subj_alt_name;
185 
186 
199  const pj_str_t *CA_file,
200  const pj_str_t *cert_file,
201  const pj_str_t *privkey_file,
202  const pj_str_t *privkey_pass,
203  pj_ssl_cert_t **p_cert);
204 
205 
218  const char *indent,
219  char *buf,
220  pj_size_t buf_size);
221 
222 
236  pj_uint32_t verify_status,
237  const char *error_strings[],
238  unsigned *count);
239 
240 
244 typedef enum pj_ssl_cipher {
245 
246  /* NULL */
247  PJ_TLS_NULL_WITH_NULL_NULL = 0x00000000,
248 
249  /* TLS/SSLv3 */
250  PJ_TLS_RSA_WITH_NULL_MD5 = 0x00000001,
251  PJ_TLS_RSA_WITH_NULL_SHA = 0x00000002,
252  PJ_TLS_RSA_WITH_NULL_SHA256 = 0x0000003B,
253  PJ_TLS_RSA_WITH_RC4_128_MD5 = 0x00000004,
254  PJ_TLS_RSA_WITH_RC4_128_SHA = 0x00000005,
255  PJ_TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x0000000A,
256  PJ_TLS_RSA_WITH_AES_128_CBC_SHA = 0x0000002F,
257  PJ_TLS_RSA_WITH_AES_256_CBC_SHA = 0x00000035,
258  PJ_TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003C,
259  PJ_TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x0000003D,
260  PJ_TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x0000000D,
261  PJ_TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000010,
262  PJ_TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x00000013,
263  PJ_TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x00000016,
264  PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x00000030,
265  PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x00000031,
266  PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x00000032,
267  PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x00000033,
268  PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x00000036,
269  PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x00000037,
270  PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x00000038,
271  PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x00000039,
272  PJ_TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x0000003E,
273  PJ_TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x0000003F,
274  PJ_TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x00000040,
275  PJ_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x00000067,
276  PJ_TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x00000068,
277  PJ_TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x00000069,
278  PJ_TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x0000006A,
279  PJ_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x0000006B,
280  PJ_TLS_DH_anon_WITH_RC4_128_MD5 = 0x00000018,
281  PJ_TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x0000001B,
282  PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x00000034,
283  PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x0000003A,
284  PJ_TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x0000006C,
285  PJ_TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x0000006D,
286 
287  /* TLS (deprecated) */
288  PJ_TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x00000003,
289  PJ_TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x00000006,
290  PJ_TLS_RSA_WITH_IDEA_CBC_SHA = 0x00000007,
291  PJ_TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000008,
292  PJ_TLS_RSA_WITH_DES_CBC_SHA = 0x00000009,
293  PJ_TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0000000B,
294  PJ_TLS_DH_DSS_WITH_DES_CBC_SHA = 0x0000000C,
295  PJ_TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0000000E,
296  PJ_TLS_DH_RSA_WITH_DES_CBC_SHA = 0x0000000F,
297  PJ_TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x00000011,
298  PJ_TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x00000012,
299  PJ_TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x00000014,
300  PJ_TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x00000015,
301  PJ_TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x00000017,
302  PJ_TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x00000019,
303  PJ_TLS_DH_anon_WITH_DES_CBC_SHA = 0x0000001A,
304 
305  /* SSLv3 */
306  PJ_SSL_FORTEZZA_KEA_WITH_NULL_SHA = 0x0000001C,
307  PJ_SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 0x0000001D,
308  PJ_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA = 0x0000001E,
309 
310  /* SSLv2 */
311  PJ_SSL_CK_RC4_128_WITH_MD5 = 0x00010080,
312  PJ_SSL_CK_RC4_128_EXPORT40_WITH_MD5 = 0x00020080,
313  PJ_SSL_CK_RC2_128_CBC_WITH_MD5 = 0x00030080,
314  PJ_SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5 = 0x00040080,
315  PJ_SSL_CK_IDEA_128_CBC_WITH_MD5 = 0x00050080,
316  PJ_SSL_CK_DES_64_CBC_WITH_MD5 = 0x00060040,
317  PJ_SSL_CK_DES_192_EDE3_CBC_WITH_MD5 = 0x000700C0
318 
319 } pj_ssl_cipher;
320 
321 
331  unsigned *cipher_num);
332 
333 
342 
343 
352 PJ_DECL(const char*) pj_ssl_cipher_name(pj_ssl_cipher cipher);
353 
354 
363 PJ_DECL(pj_ssl_cipher) pj_ssl_cipher_id(const char *cipher_name);
364 
365 
369 typedef struct pj_ssl_sock_cb
370 {
397  pj_bool_t (*on_data_read)(pj_ssl_sock_t *ssock,
398  void *data,
399  pj_size_t size,
400  pj_status_t status,
401  pj_size_t *remainder);
422  pj_bool_t (*on_data_recvfrom)(pj_ssl_sock_t *ssock,
423  void *data,
424  pj_size_t size,
425  const pj_sockaddr_t *src_addr,
426  int addr_len,
427  pj_status_t status);
428 
442  pj_bool_t (*on_data_sent)(pj_ssl_sock_t *ssock,
444  pj_ssize_t sent);
445 
460  pj_bool_t (*on_accept_complete)(pj_ssl_sock_t *ssock,
461  pj_ssl_sock_t *newsock,
462  const pj_sockaddr_t *src_addr,
463  int src_addr_len);
464 
477  pj_bool_t (*on_connect_complete)(pj_ssl_sock_t *ssock,
478  pj_status_t status);
479 
481 
482 
486 typedef enum pj_ssl_sock_proto
487 {
496 
497 
501 typedef struct pj_ssl_sock_info
502 {
508 
513 
519 
524 
529 
534 
539 
544 
548  unsigned long last_native_err;
549 
551 
552 
556 typedef struct pj_ssl_sock_param
557 {
563  int sock_af;
564 
571 
577 
584 
589 
593  void *user_data;
594 
601 
614  unsigned async_cnt;
615 
630 
645 
655 
665 
671  unsigned ciphers_num;
672 
678 
686 
693 
701 
712 
720 
729 
738 
746 
747 
749 
750 
757 PJ_DECL(void) pj_ssl_sock_param_default(pj_ssl_sock_param *param);
758 
759 
770  const pj_ssl_sock_param *param,
771  pj_ssl_sock_t **p_ssock);
772 
773 
790  pj_ssl_sock_t *ssock,
791  pj_pool_t *pool,
792  const pj_ssl_cert_t *cert);
793 
794 
804 
805 
819  void *user_data);
820 
829 PJ_DECL(void*) pj_ssl_sock_get_user_data(pj_ssl_sock_t *ssock);
830 
831 
841  pj_ssl_sock_info *info);
842 
843 
867  pj_pool_t *pool,
868  unsigned buff_size,
869  pj_uint32_t flags);
870 
886  pj_pool_t *pool,
887  unsigned buff_size,
888  void *readbuf[],
889  pj_uint32_t flags);
890 
905  pj_pool_t *pool,
906  unsigned buff_size,
907  pj_uint32_t flags);
908 
924  pj_pool_t *pool,
925  unsigned buff_size,
926  void *readbuf[],
927  pj_uint32_t flags);
928 
951  const void *data,
952  pj_ssize_t *size,
953  unsigned flags);
954 
977  pj_ioqueue_op_key_t *send_key,
978  const void *data,
979  pj_ssize_t *size,
980  unsigned flags,
981  const pj_sockaddr_t *addr,
982  int addr_len);
983 
984 
1006  pj_pool_t *pool,
1007  const pj_sockaddr_t *local_addr,
1008  int addr_len);
1009 
1010 
1030  pj_pool_t *pool,
1031  const pj_sockaddr_t *localaddr,
1032  const pj_sockaddr_t *remaddr,
1033  int addr_len);
1034 
1035 
1051 
1052 
1058 
1059 #endif /* __PJ_SSL_SOCK_H__ */
pj_str_t cn
Definition: ssl_sock.h:155
struct pj_timer_heap_t pj_timer_heap_t
Definition: types.h:221
pj_bool_t verify_peer
Definition: ssl_sock.h:692
Definition: ssl_sock.h:491
pj_time_val end
Definition: ssl_sock.h:169
Definition: ssl_sock.h:490
pj_bool_t reuse_addr
Definition: ssl_sock.h:719
pj_ssl_cert_info * remote_cert_info
Definition: ssl_sock.h:538
struct pj_ssl_cert_info::@1 subject
pj_ioqueue_t * ioqueue
Definition: ssl_sock.h:576
pj_status_t pj_ssl_sock_get_info(pj_ssl_sock_t *ssock, pj_ssl_sock_info *info)
pj_ssl_cert_verify_flag_t
Definition: ssl_sock.h:63
int pj_bool_t
Definition: types.h:71
Definition: ssl_sock.h:111
pj_qos_params qos_params
Definition: ssl_sock.h:737
pj_ssl_cipher pj_ssl_cipher_id(const char *cipher_name)
Definition: ssl_sock.h:73
pj_time_val timeout
Definition: ssl_sock.h:685
unsigned async_cnt
Definition: ssl_sock.h:614
pj_ssl_sock_proto
Definition: ssl_sock.h:486
struct pj_ssl_cert_info::@4 subj_alt_name
Definition: types.h:382
pj_uint8_t serial_no[20]
Definition: ssl_sock.h:150
pj_qos_type qos_type
Definition: ssl_sock.h:728
Definition: ssl_sock.h:494
pj_status_t pj_ssl_sock_sendto(pj_ssl_sock_t *ssock, pj_ioqueue_op_key_t *send_key, const void *data, pj_ssize_t *size, unsigned flags, const pj_sockaddr_t *addr, int addr_len)
pj_ssl_cipher
Definition: ssl_sock.h:244
Socket QoS API.
pj_status_t pj_ssl_cipher_get_availables(pj_ssl_cipher ciphers[], unsigned *cipher_num)
pj_status_t pj_ssl_sock_close(pj_ssl_sock_t *ssock)
pj_status_t pj_ssl_sock_start_recvfrom2(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, void *readbuf[], pj_uint32_t flags)
unsigned long last_native_err
Definition: ssl_sock.h:548
pj_size_t send_buffer_size
Definition: ssl_sock.h:654
Definition: ssl_sock.h:124
pj_ssl_sock_cb cb
Definition: ssl_sock.h:588
pj_size_t read_buffer_size
Definition: ssl_sock.h:664
pj_ssl_sock_proto proto
Definition: ssl_sock.h:512
int pj_status_t
Definition: types.h:68
Definition: sock.h:603
pj_str_t name
Definition: ssl_sock.h:179
Definition: ssl_sock.h:106
pj_status_t pj_ssl_cert_get_verify_status_strings(pj_uint32_t verify_status, const char *error_strings[], unsigned *count)
pj_status_t pj_ssl_sock_start_read(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, pj_uint32_t flags)
Definition: ioqueue.h:209
struct pj_ssl_cert_t pj_ssl_cert_t
Definition: ssl_sock.h:60
void pj_sockaddr_t
Definition: types.h:267
unsigned ciphers_num
Definition: ssl_sock.h:671
pj_timer_heap_t * timer_heap
Definition: ssl_sock.h:583
Definition: types.h:119
int sock_af
Definition: ssl_sock.h:563
pj_status_t pj_ssl_sock_create(pj_pool_t *pool, const pj_ssl_sock_param *param, pj_ssl_sock_t **p_ssock)
pj_status_t pj_ssl_sock_renegotiate(pj_ssl_sock_t *ssock)
Definition: ssl_sock.h:101
struct pj_ioqueue_t pj_ioqueue_t
Definition: types.h:210
unsigned int pj_uint32_t
Definition: types.h:43
pj_bool_t qos_ignore_error
Definition: ssl_sock.h:745
Definition: ssl_sock.h:89
Definition: ssl_sock.h:488
pj_bool_t pj_ssl_cipher_is_supported(pj_ssl_cipher cipher)
pj_status_t pj_ssl_cert_load_from_files(pj_pool_t *pool, const pj_str_t *CA_file, const pj_str_t *cert_file, const pj_str_t *privkey_file, const pj_str_t *privkey_pass, pj_ssl_cert_t **p_cert)
struct pj_ssl_sock_t pj_ssl_sock_t
Definition: ssl_sock.h:53
pj_status_t pj_ssl_sock_start_recvfrom(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, pj_uint32_t flags)
#define PJ_END_DECL
Definition: config.h:1067
pj_bool_t require_client_cert
Definition: ssl_sock.h:700
Definition: ssl_sock.h:78
I/O Dispatching Mechanism.
pj_status_t pj_ssl_sock_start_accept(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_sockaddr_t *local_addr, int addr_len)
Definition: ssl_sock.h:146
Definition: ssl_sock.h:116
pj_ssl_cipher cipher
Definition: ssl_sock.h:518
Definition: ssl_sock.h:556
struct pj_ssl_cert_info::@3 validity
unsigned version
Definition: ssl_sock.h:148
#define PJ_BEGIN_DECL
Definition: config.h:1066
pj_qos_type
Definition: sock_qos.h:233
pj_status_t pj_ssl_sock_set_user_data(pj_ssl_sock_t *ssock, void *user_data)
int concurrency
Definition: ssl_sock.h:629
pj_bool_t gmt
Definition: ssl_sock.h:170
pj_uint32_t verify_status
Definition: ssl_sock.h:543
long pj_ssize_t
Definition: types.h:64
pj_ssize_t pj_ssl_cert_info_dump(const pj_ssl_cert_info *ci, const char *indent, char *buf, pj_size_t buf_size)
struct pj_ssl_cert_info::@4::@5 * entry
Definition: ssl_sock.h:94
pj_ssl_sock_proto proto
Definition: ssl_sock.h:600
pj_str_t server_name
Definition: ssl_sock.h:711
int sock_type
Definition: ssl_sock.h:570
unsigned char pj_uint8_t
Definition: types.h:55
Definition: pool.h:313
Socket Abstraction.
Definition: ssl_sock.h:369
Definition: ssl_sock.h:68
pj_status_t pj_ssl_sock_set_certificate(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_ssl_cert_t *cert)
Definition: ssl_sock.h:83
pj_bool_t established
Definition: ssl_sock.h:507
pj_status_t pj_ssl_sock_start_read2(pj_ssl_sock_t *ssock, pj_pool_t *pool, unsigned buff_size, void *readbuf[], pj_uint32_t flags)
Definition: ssl_sock.h:501
pj_status_t pj_ssl_sock_start_connect(pj_ssl_sock_t *ssock, pj_pool_t *pool, const pj_sockaddr_t *localaddr, const pj_sockaddr_t *remaddr, int addr_len)
pj_sockaddr local_addr
Definition: ssl_sock.h:523
void * pj_ssl_sock_get_user_data(pj_ssl_sock_t *ssock)
pj_ssl_cert_info * local_cert_info
Definition: ssl_sock.h:533
pj_str_t info
Definition: ssl_sock.h:156
struct pj_ssl_cert_info::@2 issuer
Definition: ssl_sock.h:129
void pj_ssl_sock_param_default(pj_ssl_sock_param *param)
Definition: ssl_sock.h:489
Definition: sock_qos.h:271
pj_sockaddr remote_addr
Definition: ssl_sock.h:528
pj_time_val start
Definition: ssl_sock.h:168
const char * pj_ssl_cipher_name(pj_ssl_cipher cipher)
Definition: ssl_sock.h:493
Definition: activesock.c:270
pj_status_t pj_ssl_sock_send(pj_ssl_sock_t *ssock, pj_ioqueue_op_key_t *send_key, const void *data, pj_ssize_t *size, unsigned flags)
unsigned cnt
Definition: ssl_sock.h:175
size_t pj_size_t
Definition: types.h:58
pj_ssl_cert_name_type type
Definition: ssl_sock.h:177
void * user_data
Definition: ssl_sock.h:593
pj_bool_t whole_data
Definition: ssl_sock.h:644
pj_ssl_cipher * ciphers
Definition: ssl_sock.h:677

 


PJLIB Open Source, high performance, small footprint, and very very portable framework
Copyright (C) 2006-2009 Teluu Inc.