TLS/SSL session credentials caching

git-svn-id: svn+ssh://svn.gna.org/svn/gnustep/libs/base/trunk@35860 72102866-910b-0410-8b05-ffd578937521
2025-05-30 16:30:41 +00:00 · 2012-12-06 09:40:11 +00:00 · 2012-12-06 09:40:11 +00:00 · 1dfbc90769
commit 1dfbc90769
parent f48e2d038f
4 changed files with 399 additions and 168 deletions
--- a/Source/GSTLS.h
+++ b/Source/GSTLS.h
@ -113,6 +113,31 @@ extern NSString * const GSTLSVerify;
 - (gnutls_x509_privkey_t) key;
@end

+/* This encapsulates a credentials setup for a sessions
+ */
+@interface      GSTLSCredentials : GSTLSObject
+{
+  NSDate                                *when;
+  NSString                              *name;
+  GSTLSPrivateKey                       *key;
+  GSTLSCertificateList                  *list;
+  GSTLSDHParams                         *dhParams;
+  BOOL                                  trust;
+  gnutls_certificate_credentials_t      certcred;
+}
+ (GSTLSCredentials*) credentialsFromCAFile: (NSString*)ca
+                              defaultCAFile: (NSString*)dca
+                                 revokeFile: (NSString*)rv
+                          defaultRevokeFile: (NSString*)drv
+                            certificateFile: (NSString*)cf
+                         certificateKeyFile: (NSString*)ck
+                     certificateKeyPassword: (NSString*)cp
+                                   asClient: (BOOL)client
+                                      debug: (BOOL)debug;
+- (gnutls_certificate_credentials_t) credentials;
+- (BOOL) trust;
+@end
+

 /* Declare a pointer to a function to be used for I/O
 */
@ -127,14 +152,13 @@ typedef ssize_t (*GSTLSIOW)(gnutls_transport_ptr_t, const void *, size_t);
@interface      GSTLSSession : GSTLSObject
 {
  NSDictionary                          *opts;
-  GSTLSPrivateKey                       *key;
-  GSTLSCertificateList                  *list;
-  GSTLSDHParams                         *dhParams;
-  gnutls_certificate_credentials_t      certcred;
+  GSTLSCredentials                      *credentials;
+  NSString                              *problem;
  BOOL                                  outgoing;
  BOOL                                  active;
  BOOL                                  handshake;
  BOOL                                  setup;
+  BOOL                                  debug;
@public
  gnutls_session_t                      session;
 }
@ -164,6 +188,11 @@ typedef ssize_t (*GSTLSIOW)(gnutls_transport_ptr_t, const void *, size_t);
 */
 - (BOOL) handshake;

+/* After a failed handshake, this should contain a description of the
+ * failure reason.
+ */
+- (NSString*) problem;
+
 /* Read data from the session.
 */
 - (NSInteger) read: (void*)buf length: (NSUInteger)len;