libevent
|
OpenSSL support for bufferevents. More...
#include <event2/visibility.h>
#include <event2/event-config.h>
#include <event2/bufferevent.h>
#include <event2/util.h>
Go to the source code of this file.
Enumerations | |
enum | bufferevent_ssl_state { BUFFEREVENT_SSL_OPEN = 0, BUFFEREVENT_SSL_CONNECTING = 1, BUFFEREVENT_SSL_ACCEPTING = 2 } |
The state of an SSL object to be used when creating a new SSL bufferevent. | |
Functions | |
EVENT2_EXPORT_SYMBOL unsigned long | bufferevent_get_openssl_error (struct bufferevent *bev) |
Return the most recent OpenSSL error reported on an SSL bufferevent. More... | |
EVENT2_EXPORT_SYMBOL struct bufferevent * | bufferevent_openssl_filter_new (struct event_base *base, struct bufferevent *underlying, struct ssl_st *ssl, enum bufferevent_ssl_state state, int options) |
Create a new SSL bufferevent to send its data over another bufferevent. More... | |
EVENT2_EXPORT_SYMBOL int | bufferevent_openssl_get_allow_dirty_shutdown (struct bufferevent *bev) |
Control how to report dirty SSL shutdowns. More... | |
EVENT2_EXPORT_SYMBOL struct ssl_st * | bufferevent_openssl_get_ssl (struct bufferevent *bufev) |
Return the underlying openssl SSL * object for an SSL bufferevent. More... | |
EVENT2_EXPORT_SYMBOL void | bufferevent_openssl_set_allow_dirty_shutdown (struct bufferevent *bev, int allow_dirty_shutdown) |
EVENT2_EXPORT_SYMBOL struct bufferevent * | bufferevent_openssl_socket_new (struct event_base *base, evutil_socket_t fd, struct ssl_st *ssl, enum bufferevent_ssl_state state, int options) |
Create a new SSL bufferevent to send its data over an SSL * on a socket. More... | |
EVENT2_EXPORT_SYMBOL int | bufferevent_ssl_renegotiate (struct bufferevent *bev) |
Tells a bufferevent to begin SSL renegotiation. More... | |
OpenSSL support for bufferevents.
EVENT2_EXPORT_SYMBOL unsigned long bufferevent_get_openssl_error | ( | struct bufferevent * | bev | ) |
Return the most recent OpenSSL error reported on an SSL bufferevent.
EVENT2_EXPORT_SYMBOL struct bufferevent* bufferevent_openssl_filter_new | ( | struct event_base * | base, |
struct bufferevent * | underlying, | ||
struct ssl_st * | ssl, | ||
enum bufferevent_ssl_state | state, | ||
int | options | ||
) |
Create a new SSL bufferevent to send its data over another bufferevent.
base | An event_base to use to detect reading and writing. It must also be the base for the underlying bufferevent. |
underlying | A socket to use for this SSL |
ssl | A SSL* object from openssl. |
state | The current state of the SSL connection |
options | One or more bufferevent_options |
EVENT2_EXPORT_SYMBOL int bufferevent_openssl_get_allow_dirty_shutdown | ( | struct bufferevent * | bev | ) |
Control how to report dirty SSL shutdowns.
If the peer (or the network, or an attacker) closes the TCP connection before closing the SSL channel, and the protocol is SSL >= v3, this is a "dirty" shutdown. If allow_dirty_shutdown is 0 (default), this is reported as BEV_EVENT_ERROR.
If instead allow_dirty_shutdown=1, a dirty shutdown is reported as BEV_EVENT_EOF.
(Note that if the protocol is < SSLv3, you will always receive BEV_EVENT_EOF, since SSL 2 and earlier cannot distinguish a secure connection close from a dirty one. This is one reason (among many) not to use SSL 2.)
EVENT2_EXPORT_SYMBOL struct ssl_st* bufferevent_openssl_get_ssl | ( | struct bufferevent * | bufev | ) |
Return the underlying openssl SSL * object for an SSL bufferevent.
EVENT2_EXPORT_SYMBOL struct bufferevent* bufferevent_openssl_socket_new | ( | struct event_base * | base, |
evutil_socket_t | fd, | ||
struct ssl_st * | ssl, | ||
enum bufferevent_ssl_state | state, | ||
int | options | ||
) |
Create a new SSL bufferevent to send its data over an SSL * on a socket.
base | An event_base to use to detect reading and writing |
fd | A socket to use for this SSL |
ssl | A SSL* object from openssl. |
state | The current state of the SSL connection |
options | One or more bufferevent_options |
EVENT2_EXPORT_SYMBOL int bufferevent_ssl_renegotiate | ( | struct bufferevent * | bev | ) |
Tells a bufferevent to begin SSL renegotiation.