net-snmp 5.7
snmpTLSBaseDomain.h
00001 #ifndef _SNMPTLSBASEDOMAIN_H
00002 #define _SNMPTLSBASEDOMAIN_H
00003 
00004 #ifdef __cplusplus
00005 extern          "C" {
00006 #endif
00007 
00008 #include <net-snmp/library/snmp_transport.h>
00009 #include <net-snmp/library/asn1.h>
00010 #include <net-snmp/library/container.h>
00011 
00012 /* OpenSSL Includes */
00013 #include "openssl/bio.h"
00014 #include "openssl/ssl.h"
00015 #include "openssl/err.h"
00016 
00017 /*
00018  * Prototypes
00019  */
00020 
00021     void netsnmp_tlsbase_ctor(void);
00022     void netsnmp_init_tlsbase(void);
00023     const char * _x509_get_error(int x509failvalue, const char *location);
00024     void _openssl_log_error(int rc, SSL *con, const char *location);
00025 
00026     /* will likely go away */
00027     SSL_CTX *get_client_ctx(void);
00028     SSL_CTX *get_server_ctx(void);
00029 
00030 #define NETSNMP_TLSBASE_IS_CLIENT     0x01
00031 #define NETSNMP_TLSBASE_CERT_FP_VERIFIED 0x02
00032 
00033     /*
00034      * _Internal_ structures
00035      */
00036     typedef struct _netsnmpTLSBaseData_s {
00037        int                        flags;
00038        SSL_CTX                   *ssl_context;
00039        SSL                       *ssl;
00040        BIO                       *sslbio;
00041        BIO                       *accept_bio;
00042        BIO                       *accepted_bio;
00043        char                      *securityName;
00044        char                      *addr_string;
00045        netsnmp_indexed_addr_pair *addr;
00046        char                      *our_identity;
00047        char                      *their_identity;
00048        char                      *their_fingerprint;
00049        char                      *their_hostname;
00050        char                      *trust_cert;
00051     } _netsnmpTLSBaseData;
00052 
00053 #define VRFY_PARENT_WAS_OK 1
00054     typedef struct _netsnmp_verify_info_s {
00055        int flags;
00056     } _netsnmp_verify_info;
00057 
00058     SSL_CTX *sslctx_client_setup(const SSL_METHOD *,
00059                                  _netsnmpTLSBaseData *tlsbase);
00060     SSL_CTX *sslctx_server_setup(const SSL_METHOD *);
00061 
00062     int netsnmp_tlsbase_verify_server_cert(SSL *ssl,
00063                                            _netsnmpTLSBaseData *tlsdata);
00064     int netsnmp_tlsbase_verify_client_cert(SSL *ssl,
00065                                            _netsnmpTLSBaseData *tlsdata);
00066     int netsnmp_tlsbase_extract_security_name(SSL *ssl, _netsnmpTLSBaseData *tlsdata);
00067     _netsnmpTLSBaseData *netsnmp_tlsbase_allocate_tlsdata(netsnmp_transport *t,
00068                                                           int isserver);
00069     int netsnmp_tlsbase_wrapup_recv(netsnmp_tmStateReference *tmStateRef,
00070                                     _netsnmpTLSBaseData *tlsdata,
00071                                     void **opaque, int *olength);
00072     int netsnmp_tlsbase_config(struct netsnmp_transport_s *t,
00073                                const char *token, const char *value);
00074 
00075     int netsnmp_tlsbase_session_init(struct netsnmp_transport_s *,
00076                                      struct snmp_session *sess);
00077     int tls_get_verify_info_index(void);
00078 
00079     void netsnmp_tlsbase_free_tlsdata(_netsnmpTLSBaseData *tlsbase);
00080 #ifdef __cplusplus
00081 }
00082 #endif
00083 #endif/*_SNMPTLSBASEDOMAIN_H*/
Generated on Thu Jul 14 2011 for net-snmp by  doxygen 1.7.4