Mercurial > hg > xemacs-beta

view src/tls.h @ 5891:a0e751d6c3ad

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Import the #'clear-string API from GNU, use it in tls.c src/ChangeLog addition: 2015-04-18 Aidan Kehoe <kehoea@parhasard.net> * sequence.c (Fclear_string): New, API from GNU. Zero a string's contents, making sure the text is not kept around even when the string's data is reallocated because of a changed character length. * sequence.c (syms_of_sequence): Make it available to Lisp. * lisp.h: Make it available to C code. * tls.c (nss_pk11_password): Use it. * tls.c (gnutls_pk11_password): Use it. * tls.c (openssl_password): Use it. tests/ChangeLog addition: 2015-04-18 Aidan Kehoe <kehoea@parhasard.net> * automated/lisp-tests.el: Test #'clear-string, just added. Unfortunately there's no way to be certain from Lisp that the old password data has been erased after realloc; it may be worth adding a test to tests.c, but *we'll be reading memory we shouldn't be*, so that gives me pause.
author Aidan Kehoe <kehoea@parhasard.net>
date Sat, 18 Apr 2015 23:00:14 +0100
parents d59bfb050ca8
children
line wrap: on
line source

/* Transport Layer Security implementation -- header file.
   Copyright (C) 2014 Jerry James

This file is part of XEmacs.

XEmacs is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation, either version 3 of the License, or (at your
option) any later version.

XEmacs is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
for more details.

You should have received a copy of the GNU General Public License
along with XEmacs.  If not, see <http://www.gnu.org/licenses/>. */

/* Synched up with: Not in FSF. */

/* Written by Jerry James. */

#ifndef INCLUDED_tls_h_
#define INCLUDED_tls_h_

extern Lisp_Object Qtls_error;

void syms_of_tls (void);
void vars_of_tls (void);
void init_tls (void);

#ifdef WITH_TLS

#ifdef HAVE_NSS
#include <prio.h>

#define TLS_SETUP_SOCK 0

typedef struct tls_state
{
  PRFileDesc *tls_file_desc;
  int tls_refcount;
} tls_state_t;
#endif

#ifdef HAVE_GNUTLS
#include <gnutls/gnutls.h>

#define TLS_SETUP_SOCK 1

typedef struct tls_state
{
  gnutls_session_t tls_session;
  int tls_refcount;
} tls_state_t;
#endif

#ifdef HAVE_OPENSSL
# include <openssl/ssl.h>

#define TLS_SETUP_SOCK 1

typedef struct tls_state
{
  SSL *tls_connection;
  int tls_refcount;
} tls_state_t;
#endif

tls_state_t *tls_open (int, const Extbyte *);
tls_state_t *tls_negotiate (int, const Extbyte *, Lisp_Object);
void tls_close_connection (tls_state_t *);
Lisp_Object make_tls_output_stream (tls_state_t *);
Lisp_Object make_tls_input_stream (tls_state_t *);
int tls_get_fd (tls_state_t *);
Bytecount tls_read (tls_state_t *, unsigned char *, Bytecount, unsigned int);
Bytecount tls_write (tls_state_t *, const unsigned char *, Bytecount,
		     unsigned int);
int tls_close (tls_state_t *);
#else /* WITH_TLS */
typedef int tls_state_t;
#define TLS_SETUP_SOCK 1
#define tls_open(x,y) ({						\
      signal_error (Qtls_error, "TLS support unavailable", Qnil);	\
      NULL; })
#define tls_negotiate(x,y,z) NULL
#define make_tls_input_stream(x) ({					\
      signal_error (Qtls_error, "TLS support unavailable", Qnil);	\
      NULL; })
#define make_tls_output_stream(x) ({					\
      signal_error (Qtls_error, "TLS support unavailable", Qnil);	\
      NULL; })
#define tls_get_fd(x)		-1
#define tls_read(w,x,y,z)	-1
#define tls_write(w,x,y,z)	-1
#define tls_close(x)		-1
#endif /* WITH_TLS */

#endif /* INCLUDED_tls_h_ */