|
1 /* |
|
2 * CDDL HEADER START |
|
3 * |
|
4 * The contents of this file are subject to the terms of the |
|
5 * Common Development and Distribution License, Version 1.0 only |
|
6 * (the "License"). You may not use this file except in compliance |
|
7 * with the License. |
|
8 * |
|
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
|
10 * or http://www.opensolaris.org/os/licensing. |
|
11 * See the License for the specific language governing permissions |
|
12 * and limitations under the License. |
|
13 * |
|
14 * When distributing Covered Code, include this CDDL HEADER in each |
|
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
|
16 * If applicable, add the following below this CDDL HEADER, with the |
|
17 * fields enclosed by brackets "[]" replaced with your own identifying |
|
18 * information: Portions Copyright [yyyy] [name of copyright owner] |
|
19 * |
|
20 * CDDL HEADER END |
|
21 */ |
|
22 /* |
|
23 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. |
|
24 * Use is subject to license terms. |
|
25 */ |
|
26 |
|
27 #ifndef _INET_KSSL_KSSLAPI_H |
|
28 #define _INET_KSSL_KSSLAPI_H |
|
29 |
|
30 #pragma ident "%Z%%M% %I% %E% SMI" |
|
31 |
|
32 /* |
|
33 * The kernel SSL proxy interface |
|
34 */ |
|
35 |
|
36 |
|
37 #ifdef __cplusplus |
|
38 extern "C" { |
|
39 #endif |
|
40 |
|
41 #include <sys/socket.h> |
|
42 #include <netinet/in.h> |
|
43 |
|
44 /* return status for the kssl API functions */ |
|
45 |
|
46 typedef enum { |
|
47 KSSL_STS_OK, /* No further processing required */ |
|
48 KSSL_STS_ERR /* bogus argument ... */ |
|
49 } kssl_status_t; |
|
50 |
|
51 /* Endpoint type */ |
|
52 typedef enum { |
|
53 KSSL_NO_PROXY = 0, /* Not configured for use with KSSL */ |
|
54 KSSL_IS_PROXY, /* Acts as a proxy for someone else */ |
|
55 KSSL_HAS_PROXY /* A proxy is handling its work */ |
|
56 } kssl_endpt_type_t; |
|
57 |
|
58 /* Return codes/commands from kssl_handle_record */ |
|
59 typedef enum { |
|
60 KSSL_CMD_NOT_SUPPORTED, /* Not supported */ |
|
61 KSSL_CMD_SEND, /* send this packet out on the wire */ |
|
62 KSSL_CMD_DELIVER_PROXY, /* deliver this packet to proxy listener */ |
|
63 KSSL_CMD_DELIVER_SSL, /* Deliver to the SSL listener */ |
|
64 KSSL_CMD_NONE, /* consider it consumed. (ACK it, ... */ |
|
65 KSSL_CMD_QUEUED /* Queued, a call back will finish it */ |
|
66 } kssl_cmd_t; |
|
67 |
|
68 typedef enum { |
|
69 KSSL_EVENT_CLOSE /* close this context */ |
|
70 } kssl_event_t; |
|
71 |
|
72 /* Un opaque context of an SSL connection */ |
|
73 typedef void *kssl_ctx_t; |
|
74 |
|
75 /* Un opaque handle for an SSL map entry */ |
|
76 typedef void *kssl_ent_t; |
|
77 |
|
78 #define SSL3_HDR_LEN 5 |
|
79 #define SSL3_WROFFSET 7 /* 5 hdr + 2 byte-alignment */ |
|
80 #define SSL3_MAX_TAIL_LEN 36 /* 16 AES blocks + 20 SHA1 digest */ |
|
81 #define SSL3_MAX_RECORD_LEN 16384 - 1 - SSL3_HDR_LEN - SSL3_MAX_TAIL_LEN |
|
82 |
|
83 |
|
84 kssl_endpt_type_t kssl_check_proxy(mblk_t *, void *, kssl_ent_t *); |
|
85 |
|
86 kssl_status_t kssl_init_context(kssl_ent_t, uint32_t, int, kssl_ctx_t *); |
|
87 |
|
88 void kssl_hold_ent(kssl_ent_t); |
|
89 void kssl_release_ent(kssl_ent_t, void *, kssl_endpt_type_t); |
|
90 void *kssl_find_fallback(kssl_ent_t); |
|
91 |
|
92 void kssl_hold_ctx(kssl_ctx_t); |
|
93 void kssl_release_ctx(kssl_ctx_t); |
|
94 |
|
95 typedef void (*kssl_callback_t)(void *arg, mblk_t *mp, kssl_cmd_t cmd); |
|
96 |
|
97 kssl_cmd_t kssl_input(kssl_ctx_t, mblk_t *, mblk_t **, boolean_t *, |
|
98 kssl_callback_t cbfn, void *arg); |
|
99 |
|
100 kssl_cmd_t kssl_handle_record(kssl_ctx_t, mblk_t **, mblk_t **); |
|
101 |
|
102 mblk_t *kssl_build_record(kssl_ctx_t, mblk_t *); |
|
103 |
|
104 |
|
105 #ifdef __cplusplus |
|
106 } |
|
107 #endif |
|
108 |
|
109 #endif /* _INET_KSSL_KSSLAPI_H */ |