tortls_st.h 2.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475
  1. /* Copyright (c) 2003, Roger Dingledine
  2. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
  3. * Copyright (c) 2007-2018, The Tor Project, Inc. */
  4. /* See LICENSE for licensing information */
  5. #ifndef TOR_TORTLS_ST_H
  6. #define TOR_TORTLS_ST_H
  7. #include "lib/net/socket.h"
  8. #define TOR_TLS_MAGIC 0x71571571
  9. typedef enum {
  10. TOR_TLS_ST_HANDSHAKE, TOR_TLS_ST_OPEN, TOR_TLS_ST_GOTCLOSE,
  11. TOR_TLS_ST_SENTCLOSE, TOR_TLS_ST_CLOSED, TOR_TLS_ST_RENEGOTIATE,
  12. TOR_TLS_ST_BUFFEREVENT
  13. } tor_tls_state_t;
  14. #define tor_tls_state_bitfield_t ENUM_BF(tor_tls_state_t)
  15. struct tor_tls_context_t {
  16. int refcnt;
  17. tor_tls_context_impl_t *ctx;
  18. struct tor_x509_cert_t *my_link_cert;
  19. struct tor_x509_cert_t *my_id_cert;
  20. struct tor_x509_cert_t *my_auth_cert;
  21. crypto_pk_t *link_key;
  22. crypto_pk_t *auth_key;
  23. };
  24. /** Holds a SSL object and its associated data. Members are only
  25. * accessed from within tortls.c.
  26. */
  27. struct tor_tls_t {
  28. uint32_t magic;
  29. tor_tls_context_t *context; /** A link to the context object for this tls. */
  30. tor_tls_impl_t *ssl; /**< An OpenSSL SSL object or NSS PRFileDesc. */
  31. tor_socket_t socket; /**< The underlying file descriptor for this TLS
  32. * connection. */
  33. char *address; /**< An address to log when describing this connection. */
  34. tor_tls_state_bitfield_t state : 3; /**< The current SSL state,
  35. * depending on which operations
  36. * have completed successfully. */
  37. unsigned int isServer:1; /**< True iff this is a server-side connection */
  38. unsigned int wasV2Handshake:1; /**< True iff the original handshake for
  39. * this connection used the updated version
  40. * of the connection protocol (client sends
  41. * different cipher list, server sends only
  42. * one certificate). */
  43. /** True iff we should call negotiated_callback when we're done reading. */
  44. unsigned int got_renegotiate:1;
  45. #ifdef ENABLE_OPENSSL
  46. /** Return value from tor_tls_classify_client_ciphers, or 0 if we haven't
  47. * called that function yet. */
  48. int8_t client_cipher_list_type;
  49. size_t wantwrite_n; /**< 0 normally, >0 if we returned wantwrite last
  50. * time. */
  51. /** Last values retrieved from BIO_number_read()/write(); see
  52. * tor_tls_get_n_raw_bytes() for usage.
  53. */
  54. unsigned long last_write_count;
  55. unsigned long last_read_count;
  56. /** If set, a callback to invoke whenever the client tries to renegotiate
  57. * the handshake. */
  58. void (*negotiated_callback)(tor_tls_t *tls, void *arg);
  59. /** Argument to pass to negotiated_callback. */
  60. void *callback_arg;
  61. #endif
  62. #ifdef ENABLE_NSS
  63. /** Last values retried from tor_get_prfiledesc_byte_counts(). */
  64. uint64_t last_write_count;
  65. uint64_t last_read_count;
  66. #endif
  67. };
  68. #endif