Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
sudo-project
GitHub Repository: sudo-project/sudo
 Path: blob/main/logsrvd/tls_common.h
1532 views
1
/*

2
 * SPDX-License-Identifier: ISC

3
 *

4
 * Copyright (c) 2021 Todd C. Miller <[email protected]>

5
 *

6
 * Permission to use, copy, modify, and distribute this software for any

7
 * purpose with or without fee is hereby granted, provided that the above

8
 * copyright notice and this permission notice appear in all copies.

9
 *

10
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

11
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

12
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

13
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

14
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

15
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

16
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

17
 */

18


19
#ifndef SUDO_TLS_COMMON_H

20
#define SUDO_TLS_COMMON_H

21


22
#include <config.h>

23


24
#if defined(HAVE_OPENSSL)

25
# if defined(HAVE_WOLFSSL)

26
#  include <wolfssl/options.h>

27
# endif

28
# include <openssl/ssl.h>

29
# include <openssl/err.h>

30
# include <sudo_ssl_compat.h>

31


32
struct tls_client_closure {

33
    SSL *ssl;

34
    void *parent_closure;

35
    struct sudo_event_base *evbase;	/* duplicated */

36
    struct sudo_event *tls_connect_ev;

37
    struct peer_info *peer_name;

38
    struct timespec connect_timeout;

39
    bool (*start_fn)(struct tls_client_closure *);

40
    bool tls_connect_state;

41
};

42


43
/* tls_client.c */

44
void tls_connect_cb(int sock, int what, void *v);

45
bool tls_client_setup(int sock, const char *ca_bundle_file, const char *cert_file, const char *key_file, const char *dhparam_file, const char *ciphers_v12, const char *ciphers_v13, bool verify_server, bool check_peer, struct tls_client_closure *closure);

46
bool tls_ctx_client_setup(SSL_CTX *ssl_ctx, int sock, struct tls_client_closure *closure);

47


48
/* tls_init.c */

49
SSL_CTX *init_tls_context(const char *ca_bundle_file, const char *cert_file, const char *key_file, const char *dhparam_file, const char *ciphers_v12, const char *ciphers_v13, bool verify_cert);

50


51
#endif /* HAVE_OPENSSL */

52


53
#endif /* SUDO_TLS_COMMON_H */

54


55