include/net-snmp/library/snmpTLSBaseDomain.h - vendor/opensource/netsnmp - Git at Google

 #ifndef _SNMPTLSBASEDOMAIN_H
 #define _SNMPTLSBASEDOMAIN_H

 #ifdef __cplusplus
 extern          "C" {
 #endif

 #include <net-snmp/library/snmp_transport.h>
 #include <net-snmp/library/asn1.h>
 #include <net-snmp/library/container.h>

 /* OpenSSL Includes */
 #include "openssl/bio.h"
 #include "openssl/ssl.h"
 #include "openssl/err.h"

 /*
  * Prototypes
  */

     void netsnmp_tlsbase_ctor(void);
     void netsnmp_init_tlsbase(void);
     const char * _x509_get_error(int x509failvalue, const char *location);
     void _openssl_log_error(int rc, SSL *con, const char *location);

     /* will likely go away */
     SSL_CTX *get_client_ctx(void);
     SSL_CTX *get_server_ctx(void);

 #define NETSNMP_TLSBASE_IS_CLIENT     0x01
 #define NETSNMP_TLSBASE_CERT_FP_VERIFIED 0x02

     /*
      * _Internal_ structures
      */
     typedef struct _netsnmpTLSBaseData_s {
        int                        flags;
        SSL_CTX                   *ssl_context;
        SSL                       *ssl;
        BIO                       *sslbio;
        BIO                       *accept_bio;
        BIO                       *accepted_bio;
        char                      *securityName;
        char                      *addr_string;
        struct sockaddr_in         addr;
        char                      *our_identity;
        char                      *their_identity;
        char                      *their_fingerprint;
        char                      *their_hostname;
        char                      *trust_cert;
        netsnmp_indexed_addr_pair *remote_addr;
     } _netsnmpTLSBaseData;

 #define VRFY_PARENT_WAS_OK 1
     typedef struct _netsnmp_verify_info_s {
        int flags;
     } _netsnmp_verify_info;

     SSL_CTX *sslctx_client_setup(const SSL_METHOD *,
                                  _netsnmpTLSBaseData *tlsbase);
     SSL_CTX *sslctx_server_setup(const SSL_METHOD *);

     int netsnmp_tlsbase_verify_server_cert(SSL *ssl,
                                            _netsnmpTLSBaseData *tlsdata);
     int netsnmp_tlsbase_verify_client_cert(SSL *ssl,
                                            _netsnmpTLSBaseData *tlsdata);
     int netsnmp_tlsbase_extract_security_name(SSL *ssl, _netsnmpTLSBaseData *tlsdata);
     _netsnmpTLSBaseData *netsnmp_tlsbase_allocate_tlsdata(netsnmp_transport *t,
                                                           int isserver);
     int netsnmp_tlsbase_wrapup_recv(netsnmp_tmStateReference *tmStateRef,
                                     _netsnmpTLSBaseData *tlsdata,
                                     void **opaque, int *olength);
     int netsnmp_tlsbase_config(struct netsnmp_transport_s *t,
                                const char *token, const char *value);

     int netsnmp_tlsbase_session_init(struct netsnmp_transport_s *,
                                      struct snmp_session *sess);
     int tls_get_verify_info_index(void);

     void netsnmp_tlsbase_free_tlsdata(_netsnmpTLSBaseData *tlsbase);
 #ifdef __cplusplus
 }
 #endif
 #endif/*_SNMPTLSBASEDOMAIN_H*/
	#ifndef _SNMPTLSBASEDOMAIN_H
	#define _SNMPTLSBASEDOMAIN_H

	#ifdef __cplusplus
	extern "C" {
	#endif

	#include <net-snmp/library/snmp_transport.h>
	#include <net-snmp/library/asn1.h>
	#include <net-snmp/library/container.h>

	/* OpenSSL Includes */
	#include "openssl/bio.h"
	#include "openssl/ssl.h"
	#include "openssl/err.h"

	/*
	* Prototypes
	*/

	void netsnmp_tlsbase_ctor(void);
	void netsnmp_init_tlsbase(void);
	const char * _x509_get_error(int x509failvalue, const char *location);
	void _openssl_log_error(int rc, SSL con, const char location);

	/* will likely go away */
	SSL_CTX *get_client_ctx(void);
	SSL_CTX *get_server_ctx(void);

	#define NETSNMP_TLSBASE_IS_CLIENT 0x01
	#define NETSNMP_TLSBASE_CERT_FP_VERIFIED 0x02

	/*
	* _Internal_ structures
	*/
	typedef struct _netsnmpTLSBaseData_s {
	int flags;
	SSL_CTX *ssl_context;
	SSL *ssl;
	BIO *sslbio;
	BIO *accept_bio;
	BIO *accepted_bio;
	char *securityName;
	char *addr_string;
	struct sockaddr_in addr;
	char *our_identity;
	char *their_identity;
	char *their_fingerprint;
	char *their_hostname;
	char *trust_cert;
	netsnmp_indexed_addr_pair *remote_addr;
	} _netsnmpTLSBaseData;

	#define VRFY_PARENT_WAS_OK 1
	typedef struct _netsnmp_verify_info_s {
	int flags;
	} _netsnmp_verify_info;

	SSL_CTX sslctx_client_setup(const SSL_METHOD ,
	_netsnmpTLSBaseData *tlsbase);
	SSL_CTX sslctx_server_setup(const SSL_METHOD );

	int netsnmp_tlsbase_verify_server_cert(SSL *ssl,
	_netsnmpTLSBaseData *tlsdata);
	int netsnmp_tlsbase_verify_client_cert(SSL *ssl,
	_netsnmpTLSBaseData *tlsdata);
	int netsnmp_tlsbase_extract_security_name(SSL ssl, _netsnmpTLSBaseData tlsdata);
	_netsnmpTLSBaseData netsnmp_tlsbase_allocate_tlsdata(netsnmp_transport t,
	int isserver);
	int netsnmp_tlsbase_wrapup_recv(netsnmp_tmStateReference *tmStateRef,
	_netsnmpTLSBaseData *tlsdata,
	void *opaque, int olength);
	int netsnmp_tlsbase_config(struct netsnmp_transport_s *t,
	const char token, const char value);

	int netsnmp_tlsbase_session_init(struct netsnmp_transport_s *,
	struct snmp_session *sess);
	int tls_get_verify_info_index(void);

	void netsnmp_tlsbase_free_tlsdata(_netsnmpTLSBaseData *tlsbase);
	#ifdef __cplusplus
	}
	#endif
	#endif/_SNMPTLSBASEDOMAIN_H/