1*6236dae4SAndroid Build Coastguard Worker #ifndef HEADER_CURL_GTLS_H 2*6236dae4SAndroid Build Coastguard Worker #define HEADER_CURL_GTLS_H 3*6236dae4SAndroid Build Coastguard Worker /*************************************************************************** 4*6236dae4SAndroid Build Coastguard Worker * _ _ ____ _ 5*6236dae4SAndroid Build Coastguard Worker * Project ___| | | | _ \| | 6*6236dae4SAndroid Build Coastguard Worker * / __| | | | |_) | | 7*6236dae4SAndroid Build Coastguard Worker * | (__| |_| | _ <| |___ 8*6236dae4SAndroid Build Coastguard Worker * \___|\___/|_| \_\_____| 9*6236dae4SAndroid Build Coastguard Worker * 10*6236dae4SAndroid Build Coastguard Worker * Copyright (C) Daniel Stenberg, <[email protected]>, et al. 11*6236dae4SAndroid Build Coastguard Worker * 12*6236dae4SAndroid Build Coastguard Worker * This software is licensed as described in the file COPYING, which 13*6236dae4SAndroid Build Coastguard Worker * you should have received as part of this distribution. The terms 14*6236dae4SAndroid Build Coastguard Worker * are also available at https://curl.se/docs/copyright.html. 15*6236dae4SAndroid Build Coastguard Worker * 16*6236dae4SAndroid Build Coastguard Worker * You may opt to use, copy, modify, merge, publish, distribute and/or sell 17*6236dae4SAndroid Build Coastguard Worker * copies of the Software, and permit persons to whom the Software is 18*6236dae4SAndroid Build Coastguard Worker * furnished to do so, under the terms of the COPYING file. 19*6236dae4SAndroid Build Coastguard Worker * 20*6236dae4SAndroid Build Coastguard Worker * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 21*6236dae4SAndroid Build Coastguard Worker * KIND, either express or implied. 22*6236dae4SAndroid Build Coastguard Worker * 23*6236dae4SAndroid Build Coastguard Worker * SPDX-License-Identifier: curl 24*6236dae4SAndroid Build Coastguard Worker * 25*6236dae4SAndroid Build Coastguard Worker ***************************************************************************/ 26*6236dae4SAndroid Build Coastguard Worker 27*6236dae4SAndroid Build Coastguard Worker #include "curl_setup.h" 28*6236dae4SAndroid Build Coastguard Worker #include <curl/curl.h> 29*6236dae4SAndroid Build Coastguard Worker 30*6236dae4SAndroid Build Coastguard Worker #ifdef USE_GNUTLS 31*6236dae4SAndroid Build Coastguard Worker 32*6236dae4SAndroid Build Coastguard Worker #include <gnutls/gnutls.h> 33*6236dae4SAndroid Build Coastguard Worker #include "timeval.h" 34*6236dae4SAndroid Build Coastguard Worker 35*6236dae4SAndroid Build Coastguard Worker #ifdef HAVE_GNUTLS_SRP 36*6236dae4SAndroid Build Coastguard Worker /* the function exists */ 37*6236dae4SAndroid Build Coastguard Worker #ifdef USE_TLS_SRP 38*6236dae4SAndroid Build Coastguard Worker /* the functionality is not disabled */ 39*6236dae4SAndroid Build Coastguard Worker #define USE_GNUTLS_SRP 40*6236dae4SAndroid Build Coastguard Worker #endif 41*6236dae4SAndroid Build Coastguard Worker #endif 42*6236dae4SAndroid Build Coastguard Worker 43*6236dae4SAndroid Build Coastguard Worker struct Curl_easy; 44*6236dae4SAndroid Build Coastguard Worker struct Curl_cfilter; 45*6236dae4SAndroid Build Coastguard Worker struct ssl_primary_config; 46*6236dae4SAndroid Build Coastguard Worker struct ssl_config_data; 47*6236dae4SAndroid Build Coastguard Worker struct ssl_peer; 48*6236dae4SAndroid Build Coastguard Worker struct ssl_connect_data; 49*6236dae4SAndroid Build Coastguard Worker 50*6236dae4SAndroid Build Coastguard Worker struct gtls_shared_creds { 51*6236dae4SAndroid Build Coastguard Worker gnutls_certificate_credentials_t creds; 52*6236dae4SAndroid Build Coastguard Worker char *CAfile; /* CAfile path used to generate X509 store */ 53*6236dae4SAndroid Build Coastguard Worker struct curltime time; /* when the shared creds was created */ 54*6236dae4SAndroid Build Coastguard Worker size_t refcount; 55*6236dae4SAndroid Build Coastguard Worker BIT(trust_setup); /* x509 anchors + CRLs have been set up */ 56*6236dae4SAndroid Build Coastguard Worker }; 57*6236dae4SAndroid Build Coastguard Worker 58*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_gtls_shared_creds_create(struct Curl_easy *data, 59*6236dae4SAndroid Build Coastguard Worker struct gtls_shared_creds **pcreds); 60*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_gtls_shared_creds_up_ref(struct gtls_shared_creds *creds); 61*6236dae4SAndroid Build Coastguard Worker void Curl_gtls_shared_creds_free(struct gtls_shared_creds **pcreds); 62*6236dae4SAndroid Build Coastguard Worker 63*6236dae4SAndroid Build Coastguard Worker struct gtls_ctx { 64*6236dae4SAndroid Build Coastguard Worker gnutls_session_t session; 65*6236dae4SAndroid Build Coastguard Worker struct gtls_shared_creds *shared_creds; 66*6236dae4SAndroid Build Coastguard Worker #ifdef USE_GNUTLS_SRP 67*6236dae4SAndroid Build Coastguard Worker gnutls_srp_client_credentials_t srp_client_cred; 68*6236dae4SAndroid Build Coastguard Worker #endif 69*6236dae4SAndroid Build Coastguard Worker CURLcode io_result; /* result of last IO cfilter operation */ 70*6236dae4SAndroid Build Coastguard Worker BIT(sent_shutdown); 71*6236dae4SAndroid Build Coastguard Worker }; 72*6236dae4SAndroid Build Coastguard Worker 73*6236dae4SAndroid Build Coastguard Worker typedef CURLcode Curl_gtls_ctx_setup_cb(struct Curl_cfilter *cf, 74*6236dae4SAndroid Build Coastguard Worker struct Curl_easy *data, 75*6236dae4SAndroid Build Coastguard Worker void *user_data); 76*6236dae4SAndroid Build Coastguard Worker 77*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_gtls_ctx_init(struct gtls_ctx *gctx, 78*6236dae4SAndroid Build Coastguard Worker struct Curl_cfilter *cf, 79*6236dae4SAndroid Build Coastguard Worker struct Curl_easy *data, 80*6236dae4SAndroid Build Coastguard Worker struct ssl_peer *peer, 81*6236dae4SAndroid Build Coastguard Worker const unsigned char *alpn, size_t alpn_len, 82*6236dae4SAndroid Build Coastguard Worker struct ssl_connect_data *connssl, 83*6236dae4SAndroid Build Coastguard Worker Curl_gtls_ctx_setup_cb *cb_setup, 84*6236dae4SAndroid Build Coastguard Worker void *cb_user_data, 85*6236dae4SAndroid Build Coastguard Worker void *ssl_user_data); 86*6236dae4SAndroid Build Coastguard Worker 87*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_gtls_client_trust_setup(struct Curl_cfilter *cf, 88*6236dae4SAndroid Build Coastguard Worker struct Curl_easy *data, 89*6236dae4SAndroid Build Coastguard Worker struct gtls_ctx *gtls); 90*6236dae4SAndroid Build Coastguard Worker 91*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_gtls_verifyserver(struct Curl_easy *data, 92*6236dae4SAndroid Build Coastguard Worker gnutls_session_t session, 93*6236dae4SAndroid Build Coastguard Worker struct ssl_primary_config *config, 94*6236dae4SAndroid Build Coastguard Worker struct ssl_config_data *ssl_config, 95*6236dae4SAndroid Build Coastguard Worker struct ssl_peer *peer, 96*6236dae4SAndroid Build Coastguard Worker const char *pinned_key); 97*6236dae4SAndroid Build Coastguard Worker 98*6236dae4SAndroid Build Coastguard Worker /* Extract TLS session and place in cache, if configured. */ 99*6236dae4SAndroid Build Coastguard Worker CURLcode Curl_gtls_update_session_id(struct Curl_cfilter *cf, 100*6236dae4SAndroid Build Coastguard Worker struct Curl_easy *data, 101*6236dae4SAndroid Build Coastguard Worker gnutls_session_t session, 102*6236dae4SAndroid Build Coastguard Worker struct ssl_peer *peer, 103*6236dae4SAndroid Build Coastguard Worker const char *alpn); 104*6236dae4SAndroid Build Coastguard Worker 105*6236dae4SAndroid Build Coastguard Worker extern const struct Curl_ssl Curl_ssl_gnutls; 106*6236dae4SAndroid Build Coastguard Worker 107*6236dae4SAndroid Build Coastguard Worker #endif /* USE_GNUTLS */ 108*6236dae4SAndroid Build Coastguard Worker #endif /* HEADER_CURL_GTLS_H */ 109