xref: /titanic_44/usr/src/uts/common/inet/kssl/ksslapi.h (revision 7e10efc8e2b1c917999691b0843a6f72e7593e44)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef	_INET_KSSL_KSSLAPI_H
27 #define	_INET_KSSL_KSSLAPI_H
28 
29 #pragma ident	"%Z%%M%	%I%	%E% SMI"
30 
31 /*
32  * The kernel SSL proxy interface
33  */
34 
35 
36 #ifdef	__cplusplus
37 extern "C" {
38 #endif
39 
40 #include	<sys/socket.h>
41 #include	<netinet/in.h>
42 
43 /* return status for the kssl API functions */
44 
45 typedef enum {
46 	KSSL_STS_OK,	/* No further processing required */
47 	KSSL_STS_ERR	/* bogus argument  ... */
48 } kssl_status_t;
49 
50 /* Endpoint type */
51 typedef	enum {
52 	KSSL_NO_PROXY = 0,	/* Not configured for use with KSSL */
53 	KSSL_IS_PROXY,		/* Acts as a proxy for someone else */
54 	KSSL_HAS_PROXY		/* A proxy is handling its work */
55 } kssl_endpt_type_t;
56 
57 /* Return codes/commands from kssl_handle_record */
58 typedef enum {
59 	KSSL_CMD_NOT_SUPPORTED,	/* Not supported */
60 	KSSL_CMD_SEND,		/* send this packet out on the wire */
61 	KSSL_CMD_DELIVER_PROXY,	/* deliver this packet to proxy listener */
62 	KSSL_CMD_DELIVER_SSL,	/* Deliver to the SSL listener */
63 	KSSL_CMD_NONE,		/* consider it consumed. (ACK it, ... */
64 	KSSL_CMD_QUEUED		/* Queued, a call back will finish it */
65 } kssl_cmd_t;
66 
67 typedef enum {
68 	KSSL_EVENT_CLOSE	/* close this context */
69 } kssl_event_t;
70 
71 /* Un opaque context of an SSL connection */
72 typedef void *kssl_ctx_t;
73 
74 /* Un opaque handle for an SSL map entry */
75 typedef	void *kssl_ent_t;
76 
77 #define	SSL3_HDR_LEN		5
78 #define	SSL3_WROFFSET		7	/* 5 hdr + 2 byte-alignment */
79 #define	SSL3_MAX_TAIL_LEN	36	/* 16 AES blocks +  20 SHA1 digest */
80 #define	SSL3_MAX_RECORD_LEN	16384 - 1 - SSL3_HDR_LEN - SSL3_MAX_TAIL_LEN
81 
82 
83 kssl_endpt_type_t kssl_check_proxy(mblk_t *, void *, kssl_ent_t *);
84 
85 kssl_status_t kssl_init_context(kssl_ent_t, uint32_t, int, kssl_ctx_t *);
86 
87 void kssl_hold_ent(kssl_ent_t);
88 void kssl_release_ent(kssl_ent_t, void *, kssl_endpt_type_t);
89 void *kssl_find_fallback(kssl_ent_t);
90 
91 void kssl_hold_ctx(kssl_ctx_t);
92 void kssl_release_ctx(kssl_ctx_t);
93 
94 typedef void (*kssl_callback_t)(void *arg, mblk_t *mp, kssl_cmd_t cmd);
95 
96 kssl_cmd_t kssl_input(kssl_ctx_t, mblk_t *, mblk_t **, boolean_t *,
97     kssl_callback_t cbfn, void *arg);
98 
99 kssl_cmd_t kssl_handle_mblk(kssl_ctx_t, mblk_t **, mblk_t **);
100 
101 mblk_t *kssl_build_record(kssl_ctx_t, mblk_t *);
102 
103 
104 #ifdef	__cplusplus
105 }
106 #endif
107 
108 #endif	/* _INET_KSSL_KSSLAPI_H */
109