123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111 |
- #ifndef HEADER_CURL_VQUIC_TLS_H
- #define HEADER_CURL_VQUIC_TLS_H
- /***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- * SPDX-License-Identifier: curl
- *
- ***************************************************************************/
- #include "curl_setup.h"
- #include "bufq.h"
- #include "vtls/vtls.h"
- #include "vtls/openssl.h"
- #if defined(USE_HTTP3) && \
- (defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL))
- #include "vtls/wolfssl.h"
- struct ssl_peer;
- struct Curl_ssl_session;
- struct curl_tls_ctx {
- #ifdef USE_OPENSSL
- struct ossl_ctx ossl;
- #elif defined(USE_GNUTLS)
- struct gtls_ctx gtls;
- #elif defined(USE_WOLFSSL)
- struct wolfssl_ctx wssl;
- #endif
- };
- /**
- * Callback passed to `Curl_vquic_tls_init()` that can
- * do early initializations on the not otherwise configured TLS
- * instances created. This varies by TLS backend:
- * - openssl/wolfssl: SSL_CTX* has just been created
- * - gnutls: gtls_client_init() has run
- */
- typedef CURLcode Curl_vquic_tls_ctx_setup(struct Curl_cfilter *cf,
- struct Curl_easy *data,
- void *cb_user_data);
- typedef CURLcode Curl_vquic_session_reuse_cb(struct Curl_cfilter *cf,
- struct Curl_easy *data,
- struct Curl_ssl_session *scs,
- bool *do_early_data);
- /**
- * Initialize the QUIC TLS instances based of the SSL configurations
- * for the connection filter, transfer and peer.
- * @param ctx the TLS context to initialize
- * @param cf the connection filter involved
- * @param data the transfer involved
- * @param peer the peer that will be connected to
- * @param alpn the ALPN string in protocol format ((len+bytes+)+),
- * may be NULL
- * @param alpn_len the overall number of bytes in `alpn`
- * @param cb_setup optional callback for early TLS config
- * @param cb_user_data user_data param for callback
- * @param ssl_user_data optional pointer to set in TLS application context
- * @param session_reuse_cb callback to handle session reuse, signal early data
- */
- CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx,
- struct Curl_cfilter *cf,
- struct Curl_easy *data,
- struct ssl_peer *peer,
- const char *alpn, size_t alpn_len,
- Curl_vquic_tls_ctx_setup *cb_setup,
- void *cb_user_data,
- void *ssl_user_data,
- Curl_vquic_session_reuse_cb *session_reuse_cb);
- /**
- * Cleanup all data that has been initialized.
- */
- void Curl_vquic_tls_cleanup(struct curl_tls_ctx *ctx);
- CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx,
- struct Curl_cfilter *cf,
- struct Curl_easy *data);
- /**
- * After the QUIC basic handshake has been, verify that the peer
- * (and its certificate) fulfill our requirements.
- */
- CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,
- struct Curl_cfilter *cf,
- struct Curl_easy *data,
- struct ssl_peer *peer);
- #endif /* !USE_HTTP3 && (USE_OPENSSL || USE_GNUTLS || USE_WOLFSSL) */
- #endif /* HEADER_CURL_VQUIC_TLS_H */
|