diff options
| author | Andrew Tridgell <tridge@samba.org> | 2005-06-19 04:20:27 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:18:29 -0500 |
| commit | 225d5a334fca1a52714f0120d0961236db0f236c (patch) | |
| tree | 36c73bf7a722766cf4f7fb66416225d61bae59f0 /source4/lib/tls/tls.h | |
| parent | aa6b2dcb9bdff582ac7628f0c2511de12da57242 (diff) | |
| download | samba-225d5a334fca1a52714f0120d0961236db0f236c.tar.gz samba-225d5a334fca1a52714f0120d0961236db0f236c.tar.bz2 samba-225d5a334fca1a52714f0120d0961236db0f236c.zip | |
r7742: abstracted out the tls code from the web server, so that our other servers
can easily become tls enabled. This will be used to add support for ldaps
(This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
Diffstat (limited to 'source4/lib/tls/tls.h')
| -rw-r--r-- | source4/lib/tls/tls.h | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/source4/lib/tls/tls.h b/source4/lib/tls/tls.h new file mode 100644 index 0000000000..f87d49d9eb --- /dev/null +++ b/source4/lib/tls/tls.h @@ -0,0 +1,61 @@ +/* + Unix SMB/CIFS implementation. + + transport layer security handling code + + Copyright (C) Andrew Tridgell 2005 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/* + call tls_initialise() once per task to startup the tls subsystem +*/ +struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx); + +/* + call tls_init_server() on each new server connection + + the 'plain_chars' parameter is a list of chars that when they occur + as the first character from the client on the connection tell the + tls code that this is a non-tls connection. This can be used to have + tls and non-tls servers on the same port. If this is NULL then only + tls connections will be allowed +*/ +struct tls_context *tls_init_server(struct tls_params *parms, + struct socket_context *sock, + struct fd_event *fde, + const char *plain_chars); + +/* + call these to send and receive data. They behave like socket_send() and socket_recv() + */ +NTSTATUS tls_socket_recv(struct tls_context *tls, void *buf, size_t wantlen, + size_t *nread); +NTSTATUS tls_socket_send(struct tls_context *tls, const DATA_BLOB *blob, + size_t *sendlen); + +/* + return True if a connection used tls +*/ +BOOL tls_enabled(struct tls_context *tls); + + +/* + true if tls support is compiled in +*/ +BOOL tls_support(struct tls_params *parms); + + |