xref: /titanic_41/usr/src/uts/common/inet/kssl/ksslapi.h (revision 5aefb6555731130ca4fd295960123d71f2d21fe8) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 /*
23  * Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 #ifndef	_INET_KSSL_KSSLAPI_H
28 #define	_INET_KSSL_KSSLAPI_H
29 
30 #pragma ident	"%Z%%M%	%I%	%E% SMI"
31 
32 /*
33  * The kernel SSL proxy interface
34  */
35 
36 
37 #ifdef	__cplusplus
38 extern "C" {
39 #endif
40 
41 #include	<sys/socket.h>
42 #include	<netinet/in.h>
43 
44 /* return status for the kssl API functions */
45 
46 typedef enum {
47 	KSSL_STS_OK,	/* No further processing required */
48 	KSSL_STS_ERR	/* bogus argument  ... */
49 } kssl_status_t;
50 
51 /* Endpoint type */
52 typedef	enum {
53 	KSSL_NO_PROXY = 0,	/* Not configured for use with KSSL */
54 	KSSL_IS_PROXY,		/* Acts as a proxy for someone else */
55 	KSSL_HAS_PROXY		/* A proxy is handling its work */
56 } kssl_endpt_type_t;
57 
58 /* Return codes/commands from kssl_handle_record */
59 typedef enum {
60 	KSSL_CMD_NOT_SUPPORTED,	/* Not supported */
61 	KSSL_CMD_SEND,		/* send this packet out on the wire */
62 	KSSL_CMD_DELIVER_PROXY,	/* deliver this packet to proxy listener */
63 	KSSL_CMD_DELIVER_SSL,	/* Deliver to the SSL listener */
64 	KSSL_CMD_NONE,		/* consider it consumed. (ACK it, ... */
65 	KSSL_CMD_QUEUED		/* Queued, a call back will finish it */
66 } kssl_cmd_t;
67 
68 typedef enum {
69 	KSSL_EVENT_CLOSE	/* close this context */
70 } kssl_event_t;
71 
72 /* Un opaque context of an SSL connection */
73 typedef void *kssl_ctx_t;
74 
75 /* Un opaque handle for an SSL map entry */
76 typedef	void *kssl_ent_t;
77 
78 #define	SSL3_HDR_LEN		5
79 #define	SSL3_WROFFSET		7	/* 5 hdr + 2 byte-alignment */
80 #define	SSL3_MAX_TAIL_LEN	36	/* 16 AES blocks +  20 SHA1 digest */
81 #define	SSL3_MAX_RECORD_LEN	16384 - 1 - SSL3_HDR_LEN - SSL3_MAX_TAIL_LEN
82 
83 
84 kssl_endpt_type_t kssl_check_proxy(mblk_t *, void *, kssl_ent_t *);
85 
86 kssl_status_t kssl_init_context(kssl_ent_t, uint32_t, int, kssl_ctx_t *);
87 
88 void kssl_hold_ent(kssl_ent_t);
89 void kssl_release_ent(kssl_ent_t, void *, kssl_endpt_type_t);
90 void *kssl_find_fallback(kssl_ent_t);
91 
92 void kssl_hold_ctx(kssl_ctx_t);
93 void kssl_release_ctx(kssl_ctx_t);
94 
95 typedef void (*kssl_callback_t)(void *arg, mblk_t *mp, kssl_cmd_t cmd);
96 
97 kssl_cmd_t kssl_input(kssl_ctx_t, mblk_t *, mblk_t **, boolean_t *,
98     kssl_callback_t cbfn, void *arg);
99 
100 kssl_cmd_t kssl_handle_record(kssl_ctx_t, mblk_t **, mblk_t **);
101 
102 mblk_t *kssl_build_record(kssl_ctx_t, mblk_t *);
103 
104 
105 #ifdef	__cplusplus
106 }
107 #endif
108 
109 #endif	/* _INET_KSSL_KSSLAPI_H */
110