[thirdparty/strongswan.git] / src / libpttls / pt_tls_client.h

/*
 * Copyright (C) 2012 Martin Willi
 * Copyright (C) 2012 revosec AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

/**
 * @defgroup pt_tls_client pt_tls_client
 * @{ @ingroup pt_tls
 */

#ifndef PT_TLS_CLIENT_H_
#define PT_TLS_CLIENT_H_

#include <networking/host.h>
#include <utils/identification.h>

#include <tnc/tnccs/tnccs.h>

typedef struct pt_tls_client_t pt_tls_client_t;

/**
 * IF-T for TLS aka PT-TLS transport client.
 */
struct pt_tls_client_t {

	/**
	 * Perform an assessment.
	 *
	 * @param tnccs		upper layer TNC client used for assessment
	 * @return			status of assessment
	 */
	status_t (*run_assessment)(pt_tls_client_t *this, tnccs_t *tnccs);

	/**
	 * Destroy a pt_tls_client_t.
	 */
	void (*destroy)(pt_tls_client_t *this);
};

/**
 * Create a pt_tls_client instance.
 *
 * The client identity is used for:
 * - TLS authentication if an appropriate certificate is found
 * - SASL authentication if requested from the server
 *
 * @param address		address/port to run assessments against, gets owned
 * @param server		server identity to use for authentication, gets owned
 * @param client		client identity to use for authentication, gets owned
 * @return				PT-TLS context
 */
pt_tls_client_t *pt_tls_client_create(host_t *address, identification_t *server,
									  identification_t *client);

#endif /** PT_TLS_CLIENT_H_ @}*/
Commit	Line	Data
18d56a18 MW	1	/*
	2	* Copyright (C) 2012 Martin Willi
	3	* Copyright (C) 2012 revosec AG
	4	*
	5	* This program is free software; you can redistribute it and/or modify it
	6	* under the terms of the GNU General Public License as published by the
	7	* Free Software Foundation; either version 2 of the License, or (at your
	8	* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
	9	*
	10	* This program is distributed in the hope that it will be useful, but
	11	* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
	12	* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	13	* for more details.
	14	*/
	15
	16	/**
	17	* @defgroup pt_tls_client pt_tls_client
	18	* @{ @ingroup pt_tls
	19	*/
	20
	21	#ifndef PT_TLS_CLIENT_H_
	22	#define PT_TLS_CLIENT_H_
	23
04a9a99b MW	24	#include <networking/host.h>
	25	#include <utils/identification.h>
	26
18d56a18 MW	27	#include <tnc/tnccs/tnccs.h>
	28
	29	typedef struct pt_tls_client_t pt_tls_client_t;
	30
	31	/**
	32	* IF-T for TLS aka PT-TLS transport client.
	33	*/
	34	struct pt_tls_client_t {
	35
	36	/**
	37	* Perform an assessment.
	38	*
	39	* @param tnccs upper layer TNC client used for assessment
	40	* @return status of assessment
	41	*/
	42	status_t (run_assessment)(pt_tls_client_t this, tnccs_t *tnccs);
	43
	44	/**
	45	* Destroy a pt_tls_client_t.
	46	*/
	47	void (destroy)(pt_tls_client_t this);
	48	};
	49
	50	/**
	51	* Create a pt_tls_client instance.
	52	*
806126ea	53	* The client identity is used for:
b3ab7a48	54	* - TLS authentication if an appropriate certificate is found
806126ea MW	55	* - SASL authentication if requested from the server
806126ea MW	56	*
04a9a99b	57	* @param address address/port to run assessments against, gets owned
806126ea MW	58	* @param server server identity to use for authentication, gets owned
806126ea MW	59	* @param client client identity to use for authentication, gets owned
18d56a18 MW	60	* @return PT-TLS context
18d56a18 MW	61	*/
806126ea MW	62	pt_tls_client_t pt_tls_client_create(host_t address, identification_t *server,
806126ea MW	63	identification_t *client);
18d56a18 MW	64
18d56a18 MW	65	#endif /** PT_TLS_CLIENT_H_ @}*/