1 #ifndef HEADER_CURL_VQUIC_TLS_H 2 #define HEADER_CURL_VQUIC_TLS_H 3 /*************************************************************************** 4 * _ _ ____ _ 5 * Project ___| | | | _ \| | 6 * / __| | | | |_) | | 7 * | (__| |_| | _ <| |___ 8 * \___|\___/|_| \_\_____| 9 * 10 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 11 * 12 * This software is licensed as described in the file COPYING, which 13 * you should have received as part of this distribution. The terms 14 * are also available at https://curl.se/docs/copyright.html. 15 * 16 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 17 * copies of the Software, and permit persons to whom the Software is 18 * furnished to do so, under the terms of the COPYING file. 19 * 20 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 21 * KIND, either express or implied. 22 * 23 * SPDX-License-Identifier: curl 24 * 25 ***************************************************************************/ 26 27 #include "curl_setup.h" 28 #include "bufq.h" 29 #include "vtls/vtls.h" 30 #include "vtls/openssl.h" 31 32 #if defined(USE_HTTP3) && \ 33 (defined(USE_OPENSSL) || defined(USE_GNUTLS) || defined(USE_WOLFSSL)) 34 35 #include "vtls/wolfssl.h" 36 37 struct ssl_peer; 38 39 struct curl_tls_ctx { 40 #ifdef USE_OPENSSL 41 struct ossl_ctx ossl; 42 #elif defined(USE_GNUTLS) 43 struct gtls_ctx gtls; 44 #elif defined(USE_WOLFSSL) 45 struct wolfssl_ctx wssl; 46 #endif 47 }; 48 49 /** 50 * Callback passed to `Curl_vquic_tls_init()` that can 51 * do early initializations on the not otherwise configured TLS 52 * instances created. This varies by TLS backend: 53 * - openssl/wolfssl: SSL_CTX* has just been created 54 * - gnutls: gtls_client_init() has run 55 */ 56 typedef CURLcode Curl_vquic_tls_ctx_setup(struct Curl_cfilter *cf, 57 struct Curl_easy *data, 58 void *cb_user_data); 59 60 /** 61 * Initialize the QUIC TLS instances based of the SSL configurations 62 * for the connection filter, transfer and peer. 63 * @param ctx the TLS context to initialize 64 * @param cf the connection filter involved 65 * @param data the transfer involved 66 * @param peer the peer that will be connected to 67 * @param alpn the ALPN string in protocol format ((len+bytes+)+), 68 * may be NULL 69 * @param alpn_len the overall number of bytes in `alpn` 70 * @param cb_setup optional callback for early TLS config 71 ± @param cb_user_data user_data param for callback 72 * @param ssl_user_data optional pointer to set in TLS application context 73 */ 74 CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx, 75 struct Curl_cfilter *cf, 76 struct Curl_easy *data, 77 struct ssl_peer *peer, 78 const char *alpn, size_t alpn_len, 79 Curl_vquic_tls_ctx_setup *cb_setup, 80 void *cb_user_data, 81 void *ssl_user_data); 82 83 /** 84 * Cleanup all data that has been initialized. 85 */ 86 void Curl_vquic_tls_cleanup(struct curl_tls_ctx *ctx); 87 88 CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx, 89 struct Curl_cfilter *cf, 90 struct Curl_easy *data); 91 92 /** 93 * After the QUIC basic handshake has been, verify that the peer 94 * (and its certificate) fulfill our requirements. 95 */ 96 CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx, 97 struct Curl_cfilter *cf, 98 struct Curl_easy *data, 99 struct ssl_peer *peer); 100 101 #endif /* !USE_HTTP3 && (USE_OPENSSL || USE_GNUTLS || USE_WOLFSSL) */ 102 103 #endif /* HEADER_CURL_VQUIC_TLS_H */ 104
