]> git.ipfire.org Git - thirdparty/strongswan.git/blob - src/libtls/tls_alert.h
projects / thirdparty / strongswan.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update copyright headers after acquisition by secunet
[thirdparty/strongswan.git] / src / libtls / tls_alert.h
1 /*
2 * Copyright (C) 2010 Martin Willi
3 *
4 * Copyright (C) secunet Security Networks AG
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2 of the License, or (at your
9 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 *
11 * This program is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * for more details.
15 */
16
17 /**
18 * @defgroup tls_alert tls_alert
19 * @{ @ingroup libtls
20 */
21
22 #ifndef TLS_ALERT_H_
23 #define TLS_ALERT_H_
24
25 #include <library.h>
26
27 typedef struct tls_alert_t tls_alert_t;
28 typedef enum tls_alert_level_t tls_alert_level_t;
29 typedef enum tls_alert_desc_t tls_alert_desc_t;
30
31 /**
32 * Level of a TLS alert
33 */
34 enum tls_alert_level_t {
35 TLS_WARNING = 1,
36 TLS_FATAL = 2,
37 };
38
39 /**
40 * Description of a TLS alert
41 */
42 enum tls_alert_desc_t {
43 TLS_CLOSE_NOTIFY = 0,
44 TLS_UNEXPECTED_MESSAGE = 10,
45 TLS_BAD_RECORD_MAC = 20,
46 TLS_DECRYPTION_FAILED = 21,
47 TLS_RECORD_OVERFLOW = 22,
48 TLS_DECOMPRESSION_FAILURE = 30,
49 TLS_HANDSHAKE_FAILURE = 40,
50 TLS_NO_CERTIFICATE = 41,
51 TLS_BAD_CERTIFICATE = 42,
52 TLS_UNSUPPORTED_CERTIFICATE = 43,
53 TLS_CERTIFICATE_REVOKED = 44,
54 TLS_CERTIFICATE_EXPIRED = 45,
55 TLS_CERTIFICATE_UNKNOWN = 46,
56 TLS_ILLEGAL_PARAMETER = 47,
57 TLS_UNKNOWN_CA = 48,
58 TLS_ACCESS_DENIED = 49,
59 TLS_DECODE_ERROR = 50,
60 TLS_DECRYPT_ERROR = 51,
61 TLS_EXPORT_RESTRICTION = 60,
62 TLS_PROTOCOL_VERSION = 70,
63 TLS_INSUFFICIENT_SECURITY = 71,
64 TLS_INTERNAL_ERROR = 80,
65 TLS_INAPPROPRIATE_FALLBACK = 86,
66 TLS_USER_CANCELED = 90,
67 TLS_NO_RENEGOTIATION = 100,
68 TLS_MISSING_EXTENSION = 109,
69 TLS_UNSUPPORTED_EXTENSION = 110,
70 TLS_CERTIFICATE_UNOBTAINABLE = 111,
71 TLS_RECOGNIZED_NAME = 112,
72 TLS_BAD_CERTIFICATE_STATUS_RESPONSE = 113,
73 TLS_BAD_CERTIFICATE_HASH_VALUE = 114,
74 TLS_UNKNOWN_PSK_IDENTITY = 115,
75 TLS_CERTIFICATE_REQUIRED = 116,
76 TLS_NO_APPLICATION_PROTOCOL = 120,
77 };
78
79 /**
80 * Enum names for alert descriptions
81 */
82 extern enum_name_t *tls_alert_desc_names;
83
84 /**
85 * TLS alert handling.
86 */
87 struct tls_alert_t {
88
89 /**
90 * Add an alert to the TLS alert queue, will be sent.
91 *
92 * @param level level of TLS alert
93 * @param description description of alert
94 */
95 void (*add)(tls_alert_t *this, tls_alert_level_t level,
96 tls_alert_desc_t description);
97
98 /**
99 * Get an alert pushed to the alert queue, to send.
100 *
101 * @param level receives TLS alert level
102 * @param description receives TLS alert description
103 * @return TRUE if returned an alert
104 */
105 bool (*get)(tls_alert_t *this, tls_alert_level_t *level,
106 tls_alert_desc_t *description);
107
108 /**
109 * Did a fatal alert occur?.
110 *
111 * @return TRUE if a fatal alert has occurred
112 */
113 bool (*fatal)(tls_alert_t *this);
114
115 /**
116 * Process a received TLS alert.
117 *
118 * @param level level of received alert
119 * @param description alert description
120 * @return status to pass down to TLS stack
121 */
122 status_t (*process)(tls_alert_t *this, tls_alert_level_t level,
123 tls_alert_desc_t description);
124
125 /**
126 * Destroy a tls_alert_t.
127 */
128 void (*destroy)(tls_alert_t *this);
129 };
130
131 /**
132 * Create a tls_alert instance.
133 */
134 tls_alert_t *tls_alert_create();
135
136 #endif /** TLS_ALERT_H_ @}*/
Unnamed repository; edit this file 'description' to name the repository.