diff options
Diffstat (limited to 'src/libpttls/pt_tls_client.h')
| -rw-r--r-- | src/libpttls/pt_tls_client.h | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/src/libpttls/pt_tls_client.h b/src/libpttls/pt_tls_client.h new file mode 100644 index 000000000..1d418d181 --- /dev/null +++ b/src/libpttls/pt_tls_client.h @@ -0,0 +1,65 @@ +/* + * Copyright (C) 2012 Martin Willi + * Copyright (C) 2012 revosec AG + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup pt_tls_client pt_tls_client + * @{ @ingroup pt_tls + */ + +#ifndef PT_TLS_CLIENT_H_ +#define PT_TLS_CLIENT_H_ + +#include <networking/host.h> +#include <utils/identification.h> + +#include <tnc/tnccs/tnccs.h> + +typedef struct pt_tls_client_t pt_tls_client_t; + +/** + * IF-T for TLS aka PT-TLS transport client. + */ +struct pt_tls_client_t { + + /** + * Perform an assessment. + * + * @param tnccs upper layer TNC client used for assessment + * @return status of assessment + */ + status_t (*run_assessment)(pt_tls_client_t *this, tnccs_t *tnccs); + + /** + * Destroy a pt_tls_client_t. + */ + void (*destroy)(pt_tls_client_t *this); +}; + +/** + * Create a pt_tls_client instance. + * + * The client identity is used for: + * - TLS authentication if an appropirate certificate is found + * - SASL authentication if requested from the server + * + * @param address address/port to run assessments against, gets owned + * @param server server identity to use for authentication, gets owned + * @param client client identity to use for authentication, gets owned + * @return PT-TLS context + */ +pt_tls_client_t *pt_tls_client_create(host_t *address, identification_t *server, + identification_t *client); + +#endif /** PT_TLS_CLIENT_H_ @}*/ |