--- /dev/null
+/** @file ssl.h
+ * @brief Declarations for ssl handler.
+ * @version $Id$
+ */
+#ifndef INCLUDED_ssl_h
+#define INCLUDED_ssl_h
+#include "ircd_osdep.h"
+
+enum SSLFlag {
+ SSLFLAG_INCOMING,
+ SSLFLAG_OUTGOING,
+ SSLFLAG_READY,
+ SSLFLAG_HANDSHAKE,
+ SSLFLAG_HANDSHAKE_R,
+ SSLFLAG_HANDSHAKE_W,
+
+ SSLFLAG_LAST
+};
+
+/** Declare flagset type for ssl flags. */
+DECLARE_FLAGSET(SSLFlags, SSLFLAG_LAST);
+
+enum SSLDataType {
+ SSLData_Client
+};
+
+#if defined(HAVE_GNUTLS_GNUTLS_H)
+#include <gnutls/gnutls.h>
+
+struct SSLConnection {
+ struct SSLFlags flags;
+ gnutls_session_t session;
+ gnutls_certificate_client_credentials credentials;
+};
+
+struct SSLListener {
+ struct SSLFlags flags;
+ gnutls_priority_t priority;
+ gnutls_certificate_credentials_t credentials;
+};
+
+#elif defined(HAVE_OPENSSL_SSL_H)
+#include <openssl/rand.h>
+#include <openssl/ssl.h>
+#include <openssl/err.h>
+
+struct SSLConnection {
+ struct SSLFlags flags;
+ SSL *session;
+};
+
+struct SSLOutConnection {
+ struct SSLFlags flags;
+ SSL *session;
+ SSL_CTX *context;
+};
+
+struct SSLListener {
+ struct SSLFlags flags;
+
+ SSL *listener;
+ SSL_CTX *context;
+};
+
+#else
+
+struct SSLConnection {
+ struct SSLFlags flags;
+ //just unused
+};
+
+struct SSLListener {
+ struct SSLFlags flags;
+ //just unused
+};
+#endif
+
+#define ssl_handshake(x) (FlagHas(&(x)->flags, SSLFLAG_HANDSHAKE))
+#define ssl_wantwrite(x) (FlagHas(&(x)->flags, SSLFLAG_HANDSHAKE_W))
+#define ssl_wantread(x) (FlagHas(&(x)->flags, SSLFLAG_HANDSHAKE_R))
+
+
+extern void ssl_free_connection(struct SSLConnection *connection);
+extern void ssl_free_listener(struct SSLListener *listener);
+
+extern struct SSLListener *ssl_create_listener();
+extern struct SSLConnection *ssl_create_connect(int fd, void *data, enum SSLDataType datatype);
+
+extern struct SSLConnection *ssl_start_handshake_listener(struct SSLListener *listener, int fd, void *data, enum SSLDataType datatype);
+extern void ssl_start_handshake_connect(struct SSLConnection *connection);
+
+IOResult ssl_recv_decrypt(struct SSLConnection *connection, char *buf, unsigned int buflen, unsigned int *len);
+IOResult ssl_send_encrypt(struct SSLConnection *connection, struct MsgQ* buf, unsigned int *count_in, unsigned int *count_out);
+IOResult ssl_send_encrypt_plain(struct SSLConnection *connection, char *buf, int len);
+extern int ssl_connection_flush(struct SSLConnection *connection);
+
+#endif /* INCLUDED_parse_h */