diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/osmo-pcap/Makefile.am | 2 | ||||
-rw-r--r-- | include/osmo-pcap/common.h | 1 | ||||
-rw-r--r-- | include/osmo-pcap/osmo_pcap_client.h | 16 | ||||
-rw-r--r-- | include/osmo-pcap/osmo_tls.h | 65 |
4 files changed, 83 insertions, 1 deletions
diff --git a/include/osmo-pcap/Makefile.am b/include/osmo-pcap/Makefile.am index 1a446bc..b71e70c 100644 --- a/include/osmo-pcap/Makefile.am +++ b/include/osmo-pcap/Makefile.am @@ -1 +1 @@ -noinst_HEADERS = common.h osmo_pcap_client.h osmo_pcap_server.h wireformat.h +noinst_HEADERS = common.h osmo_pcap_client.h osmo_pcap_server.h wireformat.h osmo_tls.h diff --git a/include/osmo-pcap/common.h b/include/osmo-pcap/common.h index b8f8110..fff452f 100644 --- a/include/osmo-pcap/common.h +++ b/include/osmo-pcap/common.h @@ -34,6 +34,7 @@ enum { DCLIENT, DSERVER, DVTY, + DTLS, Debug_LastEntry, }; diff --git a/include/osmo-pcap/osmo_pcap_client.h b/include/osmo-pcap/osmo_pcap_client.h index 4367e4c..b8ceb38 100644 --- a/include/osmo-pcap/osmo_pcap_client.h +++ b/include/osmo-pcap/osmo_pcap_client.h @@ -20,6 +20,8 @@ * */ +#include "osmo_tls.h" + #include <inttypes.h> #include <pcap.h> @@ -64,6 +66,20 @@ struct osmo_pcap_client { struct osmo_wqueue wqueue; struct osmo_timer_list timer; + /* TLS handling */ + bool tls_on; + bool tls_verify; + char *tls_hostname; + char *tls_capath; + char *tls_priority; + + char *tls_client_cert; + char *tls_client_key; + + unsigned tls_log_level; + + struct osmo_tls_session tls_session; + /* statistics */ struct rate_ctr_group *ctrg; }; diff --git a/include/osmo-pcap/osmo_tls.h b/include/osmo-pcap/osmo_tls.h new file mode 100644 index 0000000..bfc813e --- /dev/null +++ b/include/osmo-pcap/osmo_tls.h @@ -0,0 +1,65 @@ +/* + * osmo-pcap TLS code + * + * (C) 2016 by Holger Hans Peter Freyther <holger@moiji-mobile.com> + * All Rights Reserved + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +#pragma once + +#include <gnutls/gnutls.h> +#include <gnutls/abstract.h> + +#include <stdbool.h> + +struct osmo_fd; +struct osmo_wqueue; +struct osmo_pcap_client; + +struct osmo_tls_session { + bool in_use; + bool need_handshake; + bool need_resend; + gnutls_session_t session; + + /* any credentials */ + bool anon_alloc; + gnutls_anon_client_credentials_t anon_cred; + + /* a x509 cert credential */ + bool cert_alloc; + gnutls_certificate_credentials_t cert_cred; + + /* the private certificate */ + bool pcert_alloc; + gnutls_pcert_st pcert; + + /* the private key in _RAM_ */ + bool privk_alloc; + gnutls_privkey_t privk; + + struct osmo_wqueue *wqueue; + + void (*error)(struct osmo_tls_session *session); + void (*handshake_done)(struct osmo_tls_session *session); +}; + +void osmo_tls_init(void); + +bool osmo_tls_init_client_session(struct osmo_pcap_client *client); +void osmo_tls_release(struct osmo_tls_session *); + +int osmo_tls_client_bfd_cb(struct osmo_fd *fd, unsigned int what); |