pacemaker 3.0.1-16e74fc4da
Scalable High-Availability cluster resource manager
Loading...
Searching...
No Matches
tls_internal.h
Go to the documentation of this file.
1/*
2 * Copyright 2024-2025 the Pacemaker project contributors
3 *
4 * The version control history for this file may have further details.
5 *
6 * This source code is licensed under the GNU Lesser General Public License
7 * version 2.1 or later (LGPLv2.1+) WITHOUT ANY WARRANTY.
8 */
9
10#ifndef PCMK__CRM_COMMON_TLS_INTERNAL__H
11#define PCMK__CRM_COMMON_TLS_INTERNAL__H
12
13#include <gnutls/gnutls.h> // gnutls_session_t, gnutls_dh_params_t, etc.
14
15#include <crm/common/ipc_internal.h> // pcmk__client_t
16#include <crm/common/remote_internal.h> // pcmk__remote_t
17
18#ifdef __cplusplus
19extern "C" {
20#endif
21
22typedef struct {
23 bool server;
24 gnutls_dh_params_t dh_params;
25 gnutls_credentials_type_t cred_type;
26
27 const char *ca_file;
28 const char *cert_file;
29 const char *crl_file;
30 const char *key_file;
31
32 union {
33 gnutls_anon_server_credentials_t anon_s;
34 gnutls_anon_client_credentials_t anon_c;
35 gnutls_certificate_credentials_t cert;
36 gnutls_psk_server_credentials_t psk_s;
37 gnutls_psk_client_credentials_t psk_c;
38 } credentials;
39} pcmk__tls_t;
40
47void pcmk__free_tls(pcmk__tls_t *tls);
48
63int pcmk__init_tls(pcmk__tls_t **tls, bool server,
64 gnutls_credentials_type_t cred_type);
65
81int pcmk__init_tls_dh(gnutls_dh_params_t *dh_params);
82
92gnutls_session_t pcmk__new_tls_session(pcmk__tls_t *tls, int csock);
93
94int pcmk__tls_get_client_sock(const pcmk__remote_t *remote);
95
106void pcmk__tls_add_psk_key(pcmk__tls_t *tls, gnutls_datum_t *key);
107
118void pcmk__tls_add_psk_callback(pcmk__tls_t *tls,
119 gnutls_psk_server_credentials_function *cb);
120
132int pcmk__read_handshake_data(const pcmk__client_t *client);
133
141void pcmk__tls_check_cert_expiration(gnutls_session_t session);
142
155int pcmk__tls_client_handshake(pcmk__remote_t *remote, int timeout_sec,
156 int *gnutls_rc);
157
169int pcmk__tls_client_try_handshake(pcmk__remote_t *remote, int *gnutls_rc);
170
178bool pcmk__x509_enabled(void);
179
180#ifdef __cplusplus
181}
182#endif
183
184#endif // PCMK__CRM_COMMON_TLS_INTERNAL__H
remote_internal.h
ipc_internal.h
pcmk__client_s
Definition ipc_internal.h:163
pcmk__remote_s
Definition ipc_internal.h:105
pcmk__tls_t
Definition tls_internal.h:22
pcmk__tls_t::psk_s
gnutls_psk_server_credentials_t psk_s
Definition tls_internal.h:36
pcmk__tls_t::psk_c
gnutls_psk_client_credentials_t psk_c
Definition tls_internal.h:37
pcmk__tls_t::cert_file
const char * cert_file
Definition tls_internal.h:28
pcmk__tls_t::server
bool server
Definition tls_internal.h:23
pcmk__tls_t::cred_type
gnutls_credentials_type_t cred_type
Definition tls_internal.h:25
pcmk__tls_t::key_file
const char * key_file
Definition tls_internal.h:30
pcmk__tls_t::ca_file
const char * ca_file
Definition tls_internal.h:27
pcmk__tls_t::anon_s
gnutls_anon_server_credentials_t anon_s
Definition tls_internal.h:33
pcmk__tls_t::dh_params
gnutls_dh_params_t dh_params
Definition tls_internal.h:24
pcmk__tls_t::anon_c
gnutls_anon_client_credentials_t anon_c
Definition tls_internal.h:34
pcmk__tls_t::cert
gnutls_certificate_credentials_t cert
Definition tls_internal.h:35
pcmk__tls_t::crl_file
const char * crl_file
Definition tls_internal.h:29
pcmk__tls_add_psk_callback
void pcmk__tls_add_psk_callback(pcmk__tls_t *tls, gnutls_psk_server_credentials_function *cb)
Definition tls.c:462
pcmk__tls_add_psk_key
void pcmk__tls_add_psk_key(pcmk__tls_t *tls, gnutls_datum_t *key)
Definition tls.c:454
pcmk__tls_get_client_sock
int pcmk__tls_get_client_sock(const pcmk__remote_t *remote)
Definition tls.c:418
pcmk__tls_client_try_handshake
int pcmk__tls_client_try_handshake(pcmk__remote_t *remote, int *gnutls_rc)
Definition tls.c:510
pcmk__free_tls
void pcmk__free_tls(pcmk__tls_t *tls)
Definition tls.c:149
pcmk__x509_enabled
bool pcmk__x509_enabled(void)
Definition tls.c:560
pcmk__init_tls
int pcmk__init_tls(pcmk__tls_t **tls, bool server, gnutls_credentials_type_t cred_type)
Definition tls.c:183
pcmk__tls_client_handshake
int pcmk__tls_client_handshake(pcmk__remote_t *remote, int timeout_sec, int *gnutls_rc)
Definition tls.c:543
pcmk__tls_check_cert_expiration
void pcmk__tls_check_cert_expiration(gnutls_session_t session)
Definition tls.c:469
pcmk__read_handshake_data
int pcmk__read_handshake_data(const pcmk__client_t *client)
Definition tls.c:429
pcmk__init_tls_dh
int pcmk__init_tls_dh(gnutls_dh_params_t *dh_params)
Definition tls.c:278
pcmk__new_tls_session
gnutls_session_t pcmk__new_tls_session(pcmk__tls_t *tls, int csock)
Definition tls.c:317
Generated on Thu Aug 7 2025 12:04:47 for pacemaker by doxygen 1.12.0