summaryrefslogtreecommitdiff
path: root/src/openvpn/ssl_verify_polarssl.h
diff options
context:
space:
mode:
authorAlberto Gonzalez Iniesta <agi@inittab.org>2016-11-21 09:37:33 +0100
committerAlberto Gonzalez Iniesta <agi@inittab.org>2016-11-21 09:37:33 +0100
commit20c8675ba46bda97330a4117c459a59a9f1c465e (patch)
treed888c714fb61947dd79dc44b64a4aaae2f70bfb7 /src/openvpn/ssl_verify_polarssl.h
parentffca24bed7a03d95585ad02278667abe75d8b272 (diff)
New upstream version 2.4~beta1upstream/2.4_beta1
Diffstat (limited to 'src/openvpn/ssl_verify_polarssl.h')
-rw-r--r--src/openvpn/ssl_verify_polarssl.h80
1 files changed, 0 insertions, 80 deletions
diff --git a/src/openvpn/ssl_verify_polarssl.h b/src/openvpn/ssl_verify_polarssl.h
deleted file mode 100644
index b5157ed..0000000
--- a/src/openvpn/ssl_verify_polarssl.h
+++ /dev/null
@@ -1,80 +0,0 @@
-/*
- * OpenVPN -- An application to securely tunnel IP networks
- * over a single TCP/UDP port, with support for SSL/TLS-based
- * session authentication and key exchange,
- * packet encryption, packet authentication, and
- * packet compression.
- *
- * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
- * Copyright (C) 2010 Fox Crypto B.V. <openvpn@fox-it.com>
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program (see the file COPYING included with this
- * distribution); if not, write to the Free Software Foundation, Inc.,
- * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-/**
- * @file Control Channel Verification Module PolarSSL backend
- */
-
-#ifndef SSL_VERIFY_POLARSSL_H_
-#define SSL_VERIFY_POLARSSL_H_
-
-#include "syshead.h"
-#include "misc.h"
-#include "manage.h"
-#include <polarssl/x509_crt.h>
-
-#ifndef __OPENVPN_X509_CERT_T_DECLARED
-#define __OPENVPN_X509_CERT_T_DECLARED
-typedef x509_crt openvpn_x509_cert_t;
-#endif
-
-/** @name Function for authenticating a new connection from a remote OpenVPN peer
- * @{ */
-
-/**
- * Verify that the remote OpenVPN peer's certificate allows setting up a
- * VPN tunnel.
- * @ingroup control_tls
- *
- * This callback function is called when a new TLS session is being setup to
- * determine whether the remote OpenVPN peer's certificate is allowed to
- * connect. It is called for once for every certificate in the chain. The
- * callback functionality is configured in the \c init_ssl() function, which
- * calls the PolarSSL library's \c ssl_set_verify_callback() function with \c
- * verify_callback() as its callback argument.
- *
- * It checks *flags and registers the certificate hash. If these steps succeed,
- * it calls the \c verify_cert() function, which performs OpenVPN-specific
- * verification.
- *
- * @param session_obj - The OpenVPN \c tls_session associated with this object,
- * as set during SSL session setup.
- * @param cert - The certificate used by PolarSSL.
- * @param cert_depth - The depth of the current certificate in the chain, with
- * 0 being the actual certificate.
- * @param flags - Whether the remote OpenVPN peer's certificate
- * passed verification. A value of 0 means it
- * verified successfully, any other value means it
- * failed. \c verify_callback() is considered to have
- * ok'ed this certificate if flags is 0 when it returns.
- *
- * @return The return value is 0 unless a fatal error occurred.
- */
-int verify_callback (void *session_obj, x509_crt *cert, int cert_depth,
- int *flags);
-
-/** @} name Function for authenticating a new connection from a remote OpenVPN peer */
-
-#endif /* SSL_VERIFY_POLARSSL_H_ */