vquic-tls.h 3.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100
  1. #ifndef HEADER_CURL_VQUIC_TLS_H
  2. #define HEADER_CURL_VQUIC_TLS_H
  3. /***************************************************************************
  4. * _ _ ____ _
  5. * Project ___| | | | _ \| |
  6. * / __| | | | |_) | |
  7. * | (__| |_| | _ <| |___
  8. * \___|\___/|_| \_\_____|
  9. *
  10. * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
  11. *
  12. * This software is licensed as described in the file COPYING, which
  13. * you should have received as part of this distribution. The terms
  14. * are also available at https://curl.se/docs/copyright.html.
  15. *
  16. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  17. * copies of the Software, and permit persons to whom the Software is
  18. * furnished to do so, under the terms of the COPYING file.
  19. *
  20. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  21. * KIND, either express or implied.
  22. *
  23. * SPDX-License-Identifier: curl
  24. *
  25. ***************************************************************************/
  26. #include "curl_setup.h"
  27. #include "bufq.h"
  28. #include "vtls/openssl.h"
  29. #if defined(USE_HTTP3) && \
  30. (defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL))
  31. #include "vtls/wolfssl.h"
  32. struct curl_tls_ctx {
  33. #ifdef USE_OPENSSL
  34. struct ossl_ctx ossl;
  35. #elif defined(USE_GNUTLS)
  36. struct gtls_ctx gtls;
  37. #elif defined(USE_WOLFSSL)
  38. struct wolfssl_ctx wssl;
  39. #endif
  40. };
  41. /**
  42. * Callback passed to `Curl_vquic_tls_init()` that can
  43. * do early initializations on the not otherwise configured TLS
  44. * instances created. This varies by TLS backend:
  45. * - openssl/wolfssl: SSL_CTX* has just been created
  46. * - gnutls: gtls_client_init() has run
  47. */
  48. typedef CURLcode Curl_vquic_tls_ctx_setup(struct Curl_cfilter *cf,
  49. struct Curl_easy *data,
  50. void *cb_user_data);
  51. /**
  52. * Initialize the QUIC TLS instances based of the SSL configurations
  53. * for the connection filter, transfer and peer.
  54. * @param ctx the TLS context to initialize
  55. * @param cf the connection filter involved
  56. * @param data the transfer involved
  57. * @param peer the peer that will be connected to
  58. * @param alpn the ALPN string in protocol format ((len+bytes+)+),
  59. * may be NULL
  60. * @param alpn_len the overall number of bytes in `alpn`
  61. * @param cb_setup optional callback for very early TLS config
  62. ± @param cb_user_data user_data param for callback
  63. * @param ssl_user_data optional pointer to set in TLS application context
  64. */
  65. CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx,
  66. struct Curl_cfilter *cf,
  67. struct Curl_easy *data,
  68. struct ssl_peer *peer,
  69. const char *alpn, size_t alpn_len,
  70. Curl_vquic_tls_ctx_setup *cb_setup,
  71. void *cb_user_data,
  72. void *ssl_user_data);
  73. /**
  74. * Cleanup all data that has been initialized.
  75. */
  76. void Curl_vquic_tls_cleanup(struct curl_tls_ctx *ctx);
  77. CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx,
  78. struct Curl_cfilter *cf,
  79. struct Curl_easy *data);
  80. /**
  81. * After the QUIC basic handshake has been, verify that the peer
  82. * (and its certificate) fulfill our requirements.
  83. */
  84. CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,
  85. struct Curl_cfilter *cf,
  86. struct Curl_easy *data,
  87. struct ssl_peer *peer);
  88. #endif /* !USE_HTTP3 && (USE_OPENSSL || USE_GNUTLS || USE_WOLFSSL) */
  89. #endif /* HEADER_CURL_VQUIC_TLS_H */