server: Add vty interface for the TLS configuration

Make the priority configurable, load DH params, allow to specify
certificates or anonymous operations.

Change-Id: I8ec3c0f8e1ee2089e1b7dacd9de842260930032f

2 files changed, 12 insertions, 0 deletions

diff --git a/include/osmo-pcap/osmo_pcap_server.h b/include/osmo-pcap/osmo_pcap_server.h
index 89c3df2..c1d318e 100644
--- a/include/osmo-pcap/osmo_pcap_server.h
+++ b/include/osmo-pcap/osmo_pcap_server.h
@@ -118,11 +118,18 @@ struct osmo_pcap_server {
 	void *zmq_publ;
 
 	/* tls base */
+	bool tls_on;
+	bool tls_allow_anon;
+	bool tls_allow_x509;
 	unsigned tls_log_level;
 	char *tls_priority;
 	char *tls_capath;
+	char *tls_crlfile;
 	char *tls_server_cert;
 	char *tls_server_key;
+	char *tls_dh_pkcs3;
+	gnutls_dh_params_t dh_params;
+	bool dh_params_allocated;
 
 	char *base_path;
 	off_t max_size;
diff --git a/include/osmo-pcap/osmo_tls.h b/include/osmo-pcap/osmo_tls.h
index 54fea4d..0637739 100644
--- a/include/osmo-pcap/osmo_tls.h
+++ b/include/osmo-pcap/osmo_tls.h
@@ -67,9 +67,14 @@ void osmo_tls_init(void);
 
 bool osmo_tls_init_client_session(struct osmo_pcap_client *client);
 
+
 bool osmo_tls_init_server_session(struct osmo_pcap_conn *conn, struct osmo_pcap_server *server);
 void osmo_tls_release(struct osmo_tls_session *);
 
 int osmo_tls_client_bfd_cb(struct osmo_fd *fd, unsigned int what);
 
 size_t osmo_tls_pending(struct osmo_tls_session *session);
+void osmo_tls_server_init(struct osmo_pcap_server *server);
+
+void osmo_tls_dh_load(struct osmo_pcap_server *server);
+void osmo_tls_dh_generate(struct osmo_pcap_server *server);