sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Code
9704249ccc
samba-mirror/source4/lib/tls/tls.h

69 lines
2.0 KiB
C
Raw Normal View History

r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
/*
Unix SMB/CIFS implementation.
transport layer security handling code
Copyright (C) Andrew Tridgell 2005
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
r23792: convert Samba4 to GPLv3 There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-07-10 06:07:03 +04:00
the Free Software Foundation; either version 3 of the License, or
r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
r23792: convert Samba4 to GPLv3 There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-07-10 06:07:03 +04:00
along with this program. If not, see <http://www.gnu.org/licenses/>.
r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
*/
r11596: switched the libcli/raw/ code over to using the lib/stream/ generic packet parsing code. This simplifies the logic in the raw client library a fair bit (This used to be commit f8d43f1f67876360e1295d85a3c3702d1d60ed7b)
2005-11-09 11:13:41 +03:00
#ifndef _TLS_H_
#define _TLS_H_
r15829: we need to include socket.h before we can use enum socket_type this fixes a compiler warning metze (This used to be commit dbf82fff10f1b5c3894b9600d98f81ee10e3d876)
2006-05-23 08:41:09 +04:00
#include "lib/socket/socket.h"
r26238: Add a loadparm context parameter to torture_context, remove more uses of global_loadparm. (This used to be commit a33a5530545086b81a3b205aa109dff11c546926)
2007-12-03 02:28:22 +03:00
struct loadparm_context;
r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
/*
call tls_initialise() once per task to startup the tls subsystem
*/
r26238: Add a loadparm context parameter to torture_context, remove more uses of global_loadparm. (This used to be commit a33a5530545086b81a3b205aa109dff11c546926)
2007-12-03 02:28:22 +03:00
struct tls_params *tls_initialise(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
/*
call tls_init_server() on each new server connection
the 'plain_chars' parameter is a list of chars that when they occur
as the first character from the client on the connection tell the
tls code that this is a non-tls connection. This can be used to have
tls and non-tls servers on the same port. If this is NULL then only
tls connections will be allowed
*/
r15400: Move the TLS code behind the socket interface. This reduces caller complexity, because the TLS code is now called just like any other socket. (A new socket context is returned by the tls_init_server and tls_init_client routines). When TLS is not available, the original socket is returned. Andrew Bartlett (This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
2006-05-03 00:15:47 +04:00
struct socket_context *tls_init_server(struct tls_params *parms,
r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
struct socket_context *sock,
s4:lib/tevent: rename structs list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
2008-12-29 22:24:57 +03:00
struct tevent_fd *fde,
r15400: Move the TLS code behind the socket interface. This reduces caller complexity, because the TLS code is now called just like any other socket. (A new socket context is returned by the tls_init_server and tls_init_client routines). When TLS is not available, the original socket is returned. Andrew Bartlett (This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
2006-05-03 00:15:47 +04:00
const char *plain_chars);
r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
r7769: added client support in the tls library api (This used to be commit 71ee6a1df542b95c61217de71e6f56b8ce9d81b5)
2005-06-20 05:15:47 +04:00
/*
call tls_init_client() on each new client connection
*/
r15400: Move the TLS code behind the socket interface. This reduces caller complexity, because the TLS code is now called just like any other socket. (A new socket context is returned by the tls_init_server and tls_init_client routines). When TLS is not available, the original socket is returned. Andrew Bartlett (This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
2006-05-03 00:15:47 +04:00
struct socket_context *tls_init_client(struct socket_context *sock,
s4:lib/tevent: rename structs list="" list="$list event_context:tevent_context" list="$list fd_event:tevent_fd" list="$list timed_event:tevent_timer" for s in $list; do o=`echo $s | cut -d ':' -f1` n=`echo $s | cut -d ':' -f2` r=`git grep "struct $o" |cut -d ':' -f1 |sort -u` files=`echo "$r" | grep -v source3 | grep -v nsswitch | grep -v packaging4` for f in $files; do cat $f | sed -e "s/struct $o/struct $n/g" > $f.tmp mv $f.tmp $f done done metze
2008-12-29 22:24:57 +03:00
struct tevent_fd *fde,
r26238: Add a loadparm context parameter to torture_context, remove more uses of global_loadparm. (This used to be commit a33a5530545086b81a3b205aa109dff11c546926)
2007-12-03 02:28:22 +03:00
const char *cafile);
r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
/*
return True if a connection used tls
*/
r24712: No longer expose the 'BOOL' data type in any interfaces. (This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
2007-08-27 22:10:19 +04:00
bool tls_enabled(struct socket_context *tls);
r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
/*
true if tls support is compiled in
*/
r24712: No longer expose the 'BOOL' data type in any interfaces. (This used to be commit 1ce32673d960c8b05b6c1b1b99e1976a402417ae)
2007-08-27 22:10:19 +04:00
bool tls_support(struct tls_params *parms);
r7742: abstracted out the tls code from the web server, so that our other servers can easily become tls enabled. This will be used to add support for ldaps (This used to be commit 950500f603725349d2a0e22878e83dd1b5975f9f)
2005-06-19 08:20:27 +04:00
r15400: Move the TLS code behind the socket interface. This reduces caller complexity, because the TLS code is now called just like any other socket. (A new socket context is returned by the tls_init_server and tls_init_client routines). When TLS is not available, the original socket is returned. Andrew Bartlett (This used to be commit 09b2f30dfa7a640f5187b4933204e9680be61497)
2006-05-03 00:15:47 +04:00
const struct socket_ops *socket_tls_ops(enum socket_type type);
r7747: - simplified the ldap server buffer handling - got rid of the special cases for sasl buffers - added a tls_socket_pending() call to determine how much data is waiting on a tls connection - removed the attempt at async handling of ldap calls. The buffers/sockets are all async, but the calls themselves are sync. (This used to be commit 73cb4aad229d08e17e22d5792580bd43a61b142a)
2005-06-19 13:31:34 +04:00
r11596: switched the libcli/raw/ code over to using the lib/stream/ generic packet parsing code. This simplifies the logic in the raw client library a fair bit (This used to be commit f8d43f1f67876360e1295d85a3c3702d1d60ed7b)
2005-11-09 11:13:41 +03:00
#endif
Copy Permalink