Collaboration diagram for TLS communication interface module:

Modules
	TLS Output IFC

	TLS Input IFC

Data Structures
union	tls_socket_addr

Macros
#define	MAX_RECOVERY_TRY 10

#define	RECOVERY_WAIT_USEC 500000

#define	USEC_IN_SEC 1000000

#define	ACK_MESS_SIZE 1

#define	CRIT_1VS2SEND 10000

#define	MAX(a, b) ((a)<(b)?(b):(a))

#define	MIN(a, b) ((a)>(b)?(b):(a))

Functions
static SSL_CTX *	tlsserver_create_context ()

static SSL_CTX *	tlsclient_create_context ()

static int	verify_certificate (SSL *arg)
	Verify context of ssl. More...

static int	tls_server_configure_ctx (const char cert, SSL_CTX ctx)
	Configure context of ssl server. More...

static int	tls_configure_ctx (SSL_CTX ctx, const char key, const char crt, const char ca)
	Configure ssl context of new connection. More...

static void *	get_in_addr (struct sockaddr *sa)
	Get sockaddr, IPv4 or IPv6. More...

Detailed Description

Macro Definition Documentation

◆ ACK_MESS_SIZE

#define ACK_MESS_SIZE 1

Definition at line 93 of file ifc_tls.c.

◆ CRIT_1VS2SEND

#define CRIT_1VS2SEND 10000

Definition at line 94 of file ifc_tls.c.

◆ MAX

#define MAX	(	a,
		b
	)	((a)<(b)?(b):(a))

Definition at line 96 of file ifc_tls.c.

◆ MAX_RECOVERY_TRY

#define MAX_RECOVERY_TRY 10

Definition at line 89 of file ifc_tls.c.

◆ MIN

#define MIN	(	a,
		b
	)	((a)>(b)?(b):(a))

Definition at line 99 of file ifc_tls.c.

◆ RECOVERY_WAIT_USEC

#define RECOVERY_WAIT_USEC 500000

Definition at line 91 of file ifc_tls.c.

◆ USEC_IN_SEC

#define USEC_IN_SEC 1000000

Definition at line 92 of file ifc_tls.c.

Function Documentation

◆ get_in_addr()

static void* get_in_addr ( struct sockaddr * sa )

static

Get sockaddr, IPv4 or IPv6.

Parameters

[in] sa structure with input socket address

Returns: converted ponter to address

Definition at line 263 of file ifc_tls.c.

◆ tls_configure_ctx()

static int tls_configure_ctx	(	SSL_CTX *	ctx,
		const char *	key,
		const char *	crt,
		const char *	ca
	)

static

Configure ssl context of new connection.

Parameters

[in]	ctx	ssl context to be configured
[in]	key	path to keyfile
[in]	crt	path to certfile
[in]	ca	path to CA file

Returns: 1 on failure, 0 on success Loading certificate and key to SSL_CTX. Setting location of CA that is used for verification of incomming certificates. Also forcing peer to send it's certificate.

Definition at line 210 of file ifc_tls.c.

◆ tls_server_configure_ctx()

static int tls_server_configure_ctx	(	const char *	cert,
		SSL_CTX *	ctx
	)

static

Configure context of ssl server.

Parameters

[in]	cert	path to certfile
[in]	ctx	ssl context to be configured

Returns: 1 on failure, 0 on success Disabling undesired versions of TLS/SSL and adding supported CAs to SSL_CTX.

Definition at line 175 of file ifc_tls.c.

◆ tlsclient_create_context()

static SSL_CTX* tlsclient_create_context ( )

static

Definition at line 125 of file ifc_tls.c.

◆ tlsserver_create_context()

static SSL_CTX* tlsserver_create_context ( )

static

Definition at line 102 of file ifc_tls.c.

◆ verify_certificate()

static int verify_certificate ( SSL * arg )

static

Verify context of ssl.

Parameters

[in] arg pointer to SSL (usually stored in tls_receiver_private_t resp. in an array of tlsclient_s inside tls_sender_private_t for input resp. output IFC)

Returns: 1 on failure, 0 on success Disabling undesired versions of TLS/SSL and adding supported CAs to SSL_CTX.

Definition at line 147 of file ifc_tls.c.

Modules

Data Structures

Macros

Functions

Detailed Description

Macro Definition Documentation

◆ ACK_MESS_SIZE

◆ CRIT_1VS2SEND

◆ MAX

◆ MAX_RECOVERY_TRY

◆ MIN

◆ RECOVERY_WAIT_USEC

◆ USEC_IN_SEC

Function Documentation

◆ get_in_addr()

◆ tls_configure_ctx()

◆ tls_server_configure_ctx()

◆ tlsclient_create_context()

◆ tlsserver_create_context()

◆ verify_certificate()