1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
|
<?xml version="1.0"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"
"http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd">
<refentry id="loudmouth-lm-ssl">
<refmeta>
<refentrytitle role="top_of_page">LmSSL</refentrytitle>
<manvolnum>3</manvolnum>
<refmiscinfo>LOUDMOUTH Library</refmiscinfo>
</refmeta>
<refnamediv>
<refname>LmSSL</refname>
<refpurpose>SSL struct for SSL support in Loudmouth</refpurpose>
<!--[<xref linkend="desc" endterm="desc.title"/>]-->
</refnamediv>
<refsynopsisdiv role="synopsis">
<title role="synopsis.title">Synopsis</title>
<synopsis>
<link linkend="LmSSL">LmSSL</link>;
enum <link linkend="LmCertificateStatus">LmCertificateStatus</link>;
enum <link linkend="LmSSLStatus">LmSSLStatus</link>;
enum <link linkend="LmSSLResponse">LmSSLResponse</link>;
<link linkend="LmSSLResponse">LmSSLResponse</link> (<link linkend="LmSSLFunction">*LmSSLFunction</link>) (<link linkend="LmSSL">LmSSL</link> *ssl,
<link linkend="LmSSLStatus">LmSSLStatus</link> status,
<link linkend="gpointer">gpointer</link> user_data);
<link linkend="LmSSL">LmSSL</link>* <link linkend="lm-ssl-new">lm_ssl_new</link> (const <link linkend="gchar">gchar</link> *expected_fingerprint,
<link linkend="LmSSLFunction">LmSSLFunction</link> ssl_function,
<link linkend="gpointer">gpointer</link> user_data,
<link linkend="GDestroyNotify">GDestroyNotify</link> notify);
<link linkend="gboolean">gboolean</link> <link linkend="lm-ssl-is-supported">lm_ssl_is_supported</link> (void);
const <link linkend="gchar">gchar</link>* <link linkend="lm-ssl-get-fingerprint">lm_ssl_get_fingerprint</link> (<link linkend="LmSSL">LmSSL</link> *ssl);
<link linkend="LmSSL">LmSSL</link>* <link linkend="lm-ssl-ref">lm_ssl_ref</link> (<link linkend="LmSSL">LmSSL</link> *ssl);
<link linkend="void">void</link> <link linkend="lm-ssl-unref">lm_ssl_unref</link> (<link linkend="LmSSL">LmSSL</link> *ssl);
</synopsis>
</refsynopsisdiv>
<refsect1 role="desc">
<title role="desc.title">Description</title>
<para>
Use this together with an <link linkend="LmConnection"><type>LmConnection</type></link> to get the connection to use SSL. Example of how to use the <link linkend="LmSSL"><type>LmSSL</type></link> API.
</para>
<informalexample><programlisting><![CDATA[
LmConnection *connection;
LmSSL *ssl;
connection = lm_connection_new ("myserver");
ssl = lm_ssl_new (NULL, my_ssl_func, NULL, NULL);
lm_connection_set_ssl (connection, ssl);
...
]]></programlisting></informalexample>
</refsect1>
<refsect1 role="details">
<title role="details.title">Details</title>
<refsect2>
<title><anchor id="LmSSL" role="struct"/>LmSSL</title>
<indexterm><primary>LmSSL</primary></indexterm><programlisting>typedef struct _LmSSL LmSSL;</programlisting>
<para>
This should not be accessed directly. Use the accessor functions as described below.
</para></refsect2>
<refsect2>
<title><anchor id="LmCertificateStatus" role="enum"/>enum LmCertificateStatus</title>
<indexterm><primary>LmCertificateStatus</primary></indexterm><programlisting>typedef enum {
LM_CERT_INVALID,
LM_CERT_ISSUER_NOT_FOUND,
LM_CERT_REVOKED,
} LmCertificateStatus;
</programlisting>
<para>
Provides information of the status of a certain certificate.
</para><variablelist role="enum">
<varlistentry>
<term><anchor id="LM-CERT-INVALID:CAPS" role="constant"/><literal>LM_CERT_INVALID</literal></term>
<listitem><simpara>The certificate is invalid.
</simpara></listitem>
</varlistentry>
<varlistentry>
<term><anchor id="LM-CERT-ISSUER-NOT-FOUND:CAPS" role="constant"/><literal>LM_CERT_ISSUER_NOT_FOUND</literal></term>
<listitem><simpara>The issuer of the certificate is not found.
</simpara></listitem>
</varlistentry>
<varlistentry>
<term><anchor id="LM-CERT-REVOKED:CAPS" role="constant"/><literal>LM_CERT_REVOKED</literal></term>
<listitem><simpara>The certificate has been revoked.
</simpara></listitem>
</varlistentry>
</variablelist></refsect2>
<refsect2>
<title><anchor id="LmSSLStatus" role="enum"/>enum LmSSLStatus</title>
<indexterm><primary>LmSSLStatus</primary></indexterm><programlisting>typedef enum {
LM_SSL_STATUS_NO_CERT_FOUND,
LM_SSL_STATUS_UNTRUSTED_CERT,
LM_SSL_STATUS_CERT_EXPIRED,
LM_SSL_STATUS_CERT_NOT_ACTIVATED,
LM_SSL_STATUS_CERT_HOSTNAME_MISMATCH,
LM_SSL_STATUS_CERT_FINGERPRINT_MISMATCH,
LM_SSL_STATUS_GENERIC_ERROR,
} LmSSLStatus;
</programlisting>
<para>
Provides information about something gone wrong when trying to setup the SSL connection.
</para><variablelist role="enum">
<varlistentry>
<term><anchor id="LM-SSL-STATUS-NO-CERT-FOUND:CAPS" role="constant"/><literal>LM_SSL_STATUS_NO_CERT_FOUND</literal></term>
<listitem><simpara>The server doesn't provide a certificate.
</simpara></listitem>
</varlistentry>
<varlistentry>
<term><anchor id="LM-SSL-STATUS-UNTRUSTED-CERT:CAPS" role="constant"/><literal>LM_SSL_STATUS_UNTRUSTED_CERT</literal></term>
<listitem><simpara>The certification can not be trusted.
</simpara></listitem>
</varlistentry>
<varlistentry>
<term><anchor id="LM-SSL-STATUS-CERT-EXPIRED:CAPS" role="constant"/><literal>LM_SSL_STATUS_CERT_EXPIRED</literal></term>
<listitem><simpara>The certificate has expired.
</simpara></listitem>
</varlistentry>
<varlistentry>
<term><anchor id="LM-SSL-STATUS-CERT-NOT-ACTIVATED:CAPS" role="constant"/><literal>LM_SSL_STATUS_CERT_NOT_ACTIVATED</literal></term>
<listitem><simpara>The certificate has not been activated.
</simpara></listitem>
</varlistentry>
<varlistentry>
<term><anchor id="LM-SSL-STATUS-CERT-HOSTNAME-MISMATCH:CAPS" role="constant"/><literal>LM_SSL_STATUS_CERT_HOSTNAME_MISMATCH</literal></term>
<listitem><simpara>The server hostname doesn't match the one in the certificate.
</simpara></listitem>
</varlistentry>
<varlistentry>
<term><anchor id="LM-SSL-STATUS-CERT-FINGERPRINT-MISMATCH:CAPS" role="constant"/><literal>LM_SSL_STATUS_CERT_FINGERPRINT_MISMATCH</literal></term>
<listitem><simpara>The fingerprint doesn't match your expected.
</simpara></listitem>
</varlistentry>
<varlistentry>
<term><anchor id="LM-SSL-STATUS-GENERIC-ERROR:CAPS" role="constant"/><literal>LM_SSL_STATUS_GENERIC_ERROR</literal></term>
<listitem><simpara>Some other error.
</simpara></listitem>
</varlistentry>
</variablelist></refsect2>
<refsect2>
<title><anchor id="LmSSLResponse" role="enum"/>enum LmSSLResponse</title>
<indexterm><primary>LmSSLResponse</primary></indexterm><programlisting>typedef enum {
LM_SSL_RESPONSE_CONTINUE,
LM_SSL_RESPONSE_STOP,
} LmSSLResponse;
</programlisting>
<para>
Used to inform <link linkend="LmConnection"><type>LmConnection</type></link> if you want to stop due to an error reported or if you want to continue to connect.
</para><variablelist role="enum">
<varlistentry>
<term><anchor id="LM-SSL-RESPONSE-CONTINUE:CAPS" role="constant"/><literal>LM_SSL_RESPONSE_CONTINUE</literal></term>
<listitem><simpara>Continue to connect.
</simpara></listitem>
</varlistentry>
<varlistentry>
<term><anchor id="LM-SSL-RESPONSE-STOP:CAPS" role="constant"/><literal>LM_SSL_RESPONSE_STOP</literal></term>
<listitem><simpara>Stop the connection.
</simpara></listitem>
</varlistentry>
</variablelist></refsect2>
<refsect2>
<title><anchor id="LmSSLFunction" role="function"/>LmSSLFunction ()</title>
<indexterm><primary>LmSSLFunction</primary></indexterm><programlisting><link linkend="LmSSLResponse">LmSSLResponse</link> (*LmSSLFunction) (<link linkend="LmSSL">LmSSL</link> *ssl,
<link linkend="LmSSLStatus">LmSSLStatus</link> status,
<link linkend="gpointer">gpointer</link> user_data);</programlisting>
<para>
This function is called if something goes wrong during the connecting phase.
</para><variablelist role="params">
<varlistentry><term><parameter>ssl</parameter> :</term>
<listitem><simpara>An <link linkend="LmSSL"><type>LmSSL</type></link>.
</simpara></listitem></varlistentry>
<varlistentry><term><parameter>status</parameter> :</term>
<listitem><simpara>The status informing what went wrong.
</simpara></listitem></varlistentry>
<varlistentry><term><parameter>user_data</parameter> :</term>
<listitem><simpara>User data provided in the callback.
</simpara></listitem></varlistentry>
<varlistentry><term><emphasis>Returns</emphasis> :</term><listitem><simpara>User should return <link linkend="LM-SSL-RESPONSE-CONTINUE:CAPS"><type>LM_SSL_RESPONSE_CONTINUE</type></link> if connection should proceed and otherwise <link linkend="LM-SSL-RESPONSE-STOP:CAPS"><type>LM_SSL_RESPONSE_STOP</type></link>.
</simpara></listitem></varlistentry>
</variablelist></refsect2>
<refsect2>
<title><anchor id="lm-ssl-new" role="function"/>lm_ssl_new ()</title>
<indexterm><primary>lm_ssl_new</primary></indexterm><programlisting><link linkend="LmSSL">LmSSL</link>* lm_ssl_new (const <link linkend="gchar">gchar</link> *expected_fingerprint,
<link linkend="LmSSLFunction">LmSSLFunction</link> ssl_function,
<link linkend="gpointer">gpointer</link> user_data,
<link linkend="GDestroyNotify">GDestroyNotify</link> notify);</programlisting>
<para>
Creates a new SSL struct, call <link linkend="lm-connection-set-ssl"><type>lm_connection_set_ssl</type></link> to use it.</para>
<para>
</para><variablelist role="params">
<varlistentry><term><parameter>expected_fingerprint</parameter> :</term>
<listitem><simpara> The expected fingerprint. <parameter>ssl_function</parameter> will be called if there is a mismatch. <link linkend="NULL:CAPS"><literal>NULL</literal></link> if you are not interested in this check.
</simpara></listitem></varlistentry>
<varlistentry><term><parameter>ssl_function</parameter> :</term>
<listitem><simpara> Callback called to inform the user of a problem during setting up the SSL connection and how to proceed. If <link linkend="NULL:CAPS"><literal>NULL</literal></link> is passed the default function that always continues will be used.
</simpara></listitem></varlistentry>
<varlistentry><term><parameter>user_data</parameter> :</term>
<listitem><simpara> Data sent with the callback.
</simpara></listitem></varlistentry>
<varlistentry><term><parameter>notify</parameter> :</term>
<listitem><simpara> Function to free <parameter>user_dataa</parameter> when the connection is finished. <link linkend="NULL:CAPS"><literal>NULL</literal></link> if <parameter>user_data</parameter> should not be freed.
</simpara></listitem></varlistentry>
<varlistentry><term><emphasis>Returns</emphasis> :</term><listitem><simpara> A new <link linkend="LmSSL"><type>LmSSL</type></link> struct.
</simpara></listitem></varlistentry>
</variablelist></refsect2>
<refsect2>
<title><anchor id="lm-ssl-is-supported" role="function"/>lm_ssl_is_supported ()</title>
<indexterm><primary>lm_ssl_is_supported</primary></indexterm><programlisting><link linkend="gboolean">gboolean</link> lm_ssl_is_supported (void);</programlisting>
<para>
Checks whether Loudmouth supports SSL or not.</para>
<para>
</para><variablelist role="params">
<varlistentry><term><emphasis>Returns</emphasis> :</term><listitem><simpara> <link linkend="TRUE:CAPS"><type>TRUE</type></link> if this installation of Loudmouth supports SSL, otherwise returns <link linkend="FALSE:CAPS"><type>FALSE</type></link>.
</simpara></listitem></varlistentry>
</variablelist></refsect2>
<refsect2>
<title><anchor id="lm-ssl-get-fingerprint" role="function"/>lm_ssl_get_fingerprint ()</title>
<indexterm><primary>lm_ssl_get_fingerprint</primary></indexterm><programlisting>const <link linkend="gchar">gchar</link>* lm_ssl_get_fingerprint (<link linkend="LmSSL">LmSSL</link> *ssl);</programlisting>
<para>
Returns the MD5 fingerprint of the remote server's certificate.</para>
<para>
</para><variablelist role="params">
<varlistentry><term><parameter>ssl</parameter> :</term>
<listitem><simpara> an <link linkend="LmSSL"><type>LmSSL</type></link>
</simpara></listitem></varlistentry>
<varlistentry><term><emphasis>Returns</emphasis> :</term><listitem><simpara> A 16-byte array representing the fingerprint or <link linkend="NULL:CAPS"><literal>NULL</literal></link> if unknown.
</simpara></listitem></varlistentry>
</variablelist></refsect2>
<refsect2>
<title><anchor id="lm-ssl-ref" role="function"/>lm_ssl_ref ()</title>
<indexterm><primary>lm_ssl_ref</primary></indexterm><programlisting><link linkend="LmSSL">LmSSL</link>* lm_ssl_ref (<link linkend="LmSSL">LmSSL</link> *ssl);</programlisting>
<para>
Adds a reference to <parameter>ssl</parameter>.</para>
<para>
</para><variablelist role="params">
<varlistentry><term><parameter>ssl</parameter> :</term>
<listitem><simpara> an <link linkend="LmSSL"><type>LmSSL</type></link>
</simpara></listitem></varlistentry>
<varlistentry><term><emphasis>Returns</emphasis> :</term><listitem><simpara> the ssl
</simpara></listitem></varlistentry>
</variablelist></refsect2>
<refsect2>
<title><anchor id="lm-ssl-unref" role="function"/>lm_ssl_unref ()</title>
<indexterm><primary>lm_ssl_unref</primary></indexterm><programlisting><link linkend="void">void</link> lm_ssl_unref (<link linkend="LmSSL">LmSSL</link> *ssl);</programlisting>
<para>
Removes a reference from <parameter>ssl</parameter>. When no more references are present
<parameter>ssl</parameter> is freed.</para>
<para>
</para><variablelist role="params">
<varlistentry><term><parameter>ssl</parameter> :</term>
<listitem><simpara> an <link linkend="LmSSL"><type>LmSSL</type></link>
</simpara></listitem></varlistentry>
</variablelist></refsect2>
</refsect1>
</refentry>
|
