2 * Copyright (c) 2021 Eivind Næss. All rights reserved.
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in
13 * the documentation and/or other materials provided with the
16 * 3. The name(s) of the authors of this software must not be used to
17 * endorse or promote products derived from this software without
18 * prior written permission.
20 * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO
21 * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
22 * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY
23 * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
24 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
25 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
26 * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
35 * Structure used in verifying the peer certificate
40 * Initialize the SSL library
47 const SSL_METHOD* tls_method();
50 * Configure the SSL options
52 int tls_set_opts(SSL_CTX *ctx);
55 * Configure the SSL context's max TLS version
57 int tls_set_version(SSL_CTX *ctx, const char *max_version);
60 * Configure the SSL context's verify callback
62 int tls_set_verify(SSL_CTX *ctx, int depth);
65 * Configure the SSL verify information
67 int tls_set_verify_info(SSL *ssl, const char *peer_name, const char *peer_cert_file,
68 bool client, struct tls_info **out);
71 * Free the tls_info structure and it's members
73 void tls_free_verify_info(struct tls_info **in);
76 * Configure the SSL context's CRL details
78 int tls_set_crl(SSL_CTX *ctx, const char *crl_dir, const char *crl_file);
81 * Configure the SSL context's CA verify locations
83 int tls_set_ca(SSL_CTX *ctx, const char *ca_dir, const char *ca_file);
86 * Log all errors from ssl library
88 void tls_log_sslerr( void );
90 #endif /* PPP_TLS_H */