vquic-tls.h (4757B)
1 #ifndef HEADER_CURL_VQUIC_TLS_H 2 #define HEADER_CURL_VQUIC_TLS_H 3 /*************************************************************************** 4 * _ _ ____ _ 5 * Project ___| | | | _ \| | 6 * / __| | | | |_) | | 7 * | (__| |_| | _ <| |___ 8 * \___|\___/|_| \_\_____| 9 * 10 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 11 * 12 * This software is licensed as described in the file COPYING, which 13 * you should have received as part of this distribution. The terms 14 * are also available at https://curl.se/docs/copyright.html. 15 * 16 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 17 * copies of the Software, and permit persons to whom the Software is 18 * furnished to do so, under the terms of the COPYING file. 19 * 20 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 21 * KIND, either express or implied. 22 * 23 * SPDX-License-Identifier: curl 24 * 25 ***************************************************************************/ 26 27 #include "../curl_setup.h" 28 #include "../bufq.h" 29 #include "../vtls/vtls.h" 30 #include "../vtls/vtls_int.h" 31 #include "../vtls/openssl.h" 32 33 #if defined(USE_HTTP3) && \ 34 (defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL)) 35 36 #include "../vtls/wolfssl.h" 37 38 struct ssl_peer; 39 struct Curl_ssl_session; 40 struct curl_tlssessioninfo; 41 42 struct curl_tls_ctx { 43 #ifdef USE_OPENSSL 44 struct ossl_ctx ossl; 45 #elif defined(USE_GNUTLS) 46 struct gtls_ctx gtls; 47 #elif defined(USE_WOLFSSL) 48 struct wssl_ctx wssl; 49 #endif 50 }; 51 52 /** 53 * Callback passed to `Curl_vquic_tls_init()` that can 54 * do early initializations on the not otherwise configured TLS 55 * instances created. This varies by TLS backend: 56 * - openssl/wolfssl: SSL_CTX* has just been created 57 * - gnutls: gtls_client_init() has run 58 */ 59 typedef CURLcode Curl_vquic_tls_ctx_setup(struct Curl_cfilter *cf, 60 struct Curl_easy *data, 61 void *cb_user_data); 62 63 typedef CURLcode Curl_vquic_session_reuse_cb(struct Curl_cfilter *cf, 64 struct Curl_easy *data, 65 struct alpn_spec *alpns, 66 struct Curl_ssl_session *scs, 67 bool *do_early_data); 68 69 /** 70 * Initialize the QUIC TLS instances based of the SSL configurations 71 * for the connection filter, transfer and peer. 72 * @param ctx the TLS context to initialize 73 * @param cf the connection filter involved 74 * @param data the transfer involved 75 * @param peer the peer that will be connected to 76 * @param alpns the ALPN specifications to negotiate, may be NULL 77 * @param cb_setup optional callback for early TLS config 78 * @param cb_user_data user_data param for callback 79 * @param ssl_user_data optional pointer to set in TLS application context 80 * @param session_reuse_cb callback to handle session reuse, signal early data 81 */ 82 CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx, 83 struct Curl_cfilter *cf, 84 struct Curl_easy *data, 85 struct ssl_peer *peer, 86 const struct alpn_spec *alpns, 87 Curl_vquic_tls_ctx_setup *cb_setup, 88 void *cb_user_data, 89 void *ssl_user_data, 90 Curl_vquic_session_reuse_cb *session_reuse_cb); 91 92 /** 93 * Cleanup all data that has been initialized. 94 */ 95 void Curl_vquic_tls_cleanup(struct curl_tls_ctx *ctx); 96 97 CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx, 98 struct Curl_cfilter *cf, 99 struct Curl_easy *data); 100 101 /** 102 * After the QUIC basic handshake has been, verify that the peer 103 * (and its certificate) fulfill our requirements. 104 */ 105 CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx, 106 struct Curl_cfilter *cf, 107 struct Curl_easy *data, 108 struct ssl_peer *peer); 109 110 bool Curl_vquic_tls_get_ssl_info(struct curl_tls_ctx *ctx, 111 bool give_ssl_ctx, 112 struct curl_tlssessioninfo *info); 113 114 void Curl_vquic_report_handshake(struct curl_tls_ctx *ctx, 115 struct Curl_cfilter *cf, 116 struct Curl_easy *data); 117 118 #endif /* !USE_HTTP3 && (USE_OPENSSL || USE_GNUTLS || USE_WOLFSSL) */ 119 120 #endif /* HEADER_CURL_VQUIC_TLS_H */