Initial NSS support for TLS.

This is enough to get a chutney network to bootstrap, though a bunch of work remains.
author: Nick Mathewson <nickm@torproject.org> 2018-08-17 11:24:50 -0400
committer: Nick Mathewson <nickm@torproject.org> 2018-09-04 14:52:35 -0400
commit: 5205c7fd903cb5bd751812bddb5497ac76e1f30b (patch)
tree: eeb20f1e5485c32dc364d9ead768c6740c56e561 /src/lib/tls/tortls.h
parent: c567b8fcb4e4851d6db19946cce8c4d5e75535f5 (diff)
download: tor-5205c7fd903cb5bd751812bddb5497ac76e1f30b.tar.gz
tor-5205c7fd903cb5bd751812bddb5497ac76e1f30b.zip
1 files changed, 21 insertions, 2 deletions
diff --git a/src/lib/tls/tortls.h b/src/lib/tls/tortls.h
index 306d321cd4..7bbb42b2fd 100644
--- a/src/lib/tls/tortls.h
+++ b/src/lib/tls/tortls.h
@@ -13,10 +13,25 @@
 
 #include "lib/crypt_ops/crypto_rsa.h"
 #include "lib/testsupport/testsupport.h"
+#include "lib/net/nettypes.h"
 
 /* Opaque structure to hold a TLS connection. */
 typedef struct tor_tls_t tor_tls_t;
 
+#ifdef TORTLS_PRIVATE
+#ifdef ENABLE_OPENSSL
+struct ssl_st;
+struct ssl_ctx_st;
+struct ssl_session_st;
+typedef struct ssl_ctx_st tor_tls_context_impl_t;
+typedef struct ssl_st tor_tls_impl_t;
+#else
+struct PRFileDesc;
+typedef struct PRFileDesc tor_tls_context_impl_t;
+typedef struct PRFileDesc tor_tls_impl_t;
+#endif
+#endif
+
 struct tor_x509_cert_t;
 
 /* Possible return values for most tor_tls_* functions. */
@@ -73,7 +88,7 @@ int tor_tls_context_init(unsigned flags,
 void tor_tls_context_incref(tor_tls_context_t *ctx);
 void tor_tls_context_decref(tor_tls_context_t *ctx);
 tor_tls_context_t *tor_tls_context_get(int is_server);
-tor_tls_t *tor_tls_new(int sock, int is_server);
+tor_tls_t *tor_tls_new(tor_socket_t sock, int is_server);
 void tor_tls_set_logged_address(tor_tls_t *tls, const char *address);
 void tor_tls_set_renegotiate_callback(tor_tls_t *tls,
                                       void (*cb)(tor_tls_t *, void *arg),
@@ -121,13 +136,17 @@ MOCK_DECL(int,tor_tls_export_key_material,(
                      size_t context_len,
                      const char *label));
 
+#ifdef ENABLE_OPENSSL
 /* Log and abort if there are unhandled TLS errors in OpenSSL's error stack.
  */
 #define check_no_tls_errors() check_no_tls_errors_(__FILE__,__LINE__)
-
 void check_no_tls_errors_(const char *fname, int line);
+
 void tor_tls_log_one_error(tor_tls_t *tls, unsigned long err,
                            int severity, int domain, const char *doing);
+#else
+#define check_no_tls_errors() STMT_NIL
+#endif
 
 int tor_tls_get_my_certs(int server,
                          const struct tor_x509_cert_t **link_cert_out,
author	Nick Mathewson <nickm@torproject.org>	2018-08-17 11:24:50 -0400
committer	Nick Mathewson <nickm@torproject.org>	2018-09-04 14:52:35 -0400
commit	5205c7fd903cb5bd751812bddb5497ac76e1f30b (patch)
tree	eeb20f1e5485c32dc364d9ead768c6740c56e561 /src/lib/tls/tortls.h
parent	c567b8fcb4e4851d6db19946cce8c4d5e75535f5 (diff)
download	tor-5205c7fd903cb5bd751812bddb5497ac76e1f30b.tar.gz tor-5205c7fd903cb5bd751812bddb5497ac76e1f30b.zip