Indicates that the application is providing the routines to perform
read, write, and control functions. The callback parameter
is the address of a gsk_iocallback structure. Each entry in
the structure overrides the corresponding SSL runtime routine. A NULL
entry will cause the current callback routine to be used or the SSL
runtime routine will be used if there is no callback routine. GSK_IO_CALLBACK
can be specified for an SSL environment or an SSL connection. The
routine specified by the
io_read entry is used to read data
from the network. The
fd parameter is the socket descriptor,
the
buffer parameter is the address of the data buffer, the
count parameter
is the buffer size, and the
user_data parameter is the user
data address. The function return value should be 0 if the connection
has been closed by the remote partner, -1 if an error is detected,
or the number of bytes read from the network. The error code is returned
in the
errno runtime variable. The default routine uses the
recv() library
routine to read data from the network.
int io_read (
int fd,
void * buffer,
int count,
char * user_data)
The routine
specified by the
io_write entry is used to write data to the
network. The
fd parameter is the socket descriptor, the
buffer parameter
is the address of the data buffer, the
count parameter is the
data length, and the
user_data parameter is the user data address.
The function return value should be -1 if an error is detected or
the number of bytes written to the network. The error code is returned
in the
errno runtime variable. The default routine uses the
send() library
routine to write data to the network.
int io_write (
int fd,
void * buffer,
int count,
char * user_data)
The routine
specified by the
io_getpeerid entry is used to get the 32-bit
network identifier for the remote partner. The
fd parameter
is the socket descriptor and the
user_data parameter is the
user data address. However, the
io_getpeerid entry is deprecated
and should not be used since it does not support IPv6 networks which
use a 16-byte network identifier. Instead, the
io_getpeername entry
should be used for both IPv4 and IPv6 networks. The
io_getpeerid entry
will not be used if the
io_getpeername entry is not NULL.
unsigned long io_getpeerid (
int fd,
char * user_data)
The
routine specified by the
io_setsocketoptions entry is used
to set socket options. The
fd parameter is the socket descriptor,
the
cmd parameter is the function to be performed, and the
user_data parameter
is the user data address. The return value should be -1 if an error
is detected and 0 otherwise. The error code is returned in the
errno runtime
variable. The
io_setsocketoptions() routine is called by the
gsk_secure_socket_init() routine
before initiating the SSL handshake (GSK_SET_SOCKET_STATE_FOR_HANDSHAKE)
and again upon completion of the SSL handshake (GSK_SET_SOCKET_STATE_FOR_READ_WRITE).
The default
io_setsocketoptions() routine puts the socket into
blocking mode for GSK_SET_SOCKET_STATE_FOR_HANDSHAKE and restores
the original mode for GSK_SET_SOCKET_STATE_FOR_READ_WRITE.
int io_setsocketoptions (
int fd,
int cmd,
char * user_data)
The
routine specified by the
io_getpeername entry is used to get
the network identifier for the remote partner. The
fd parameter
is the socket descriptor, the
buffer parameter is the address
of the return buffer, the length parameter is the size of the return
buffer, and the
user_data parameter is the user data address.
Upon return, the
length parameter should contain the actual
length of the network identifier. The function return value should
be -1 if an error is detected and 0 otherwise. The error code is returned
in the
errno runtime variable. The default routine uses the
getpeername() library
routine and returns the IP address of the remote partner (4 bytes
for IPv4 and 16 bytes for IPv6) followed by the 2-byte port number.
int io_getpeername (
int fd,
void * buffer,
int * length,
char * user_data)
Indicates that the application is providing the routines to be
called when a session renegotiation has been initiated or completed
to establish a new session key or have the session cipher reset. The
callback parameter is the address of a gsk_reset_callback structure.GSK_SESSION_RESET_CALLBACK
can be specified for an SSL environment or an SSL connection. The
callback is only invoked when using SSL V3, TLS V1.0, or higher protocols.
The
routine specified by the
Reset_Init entry is called when a
session renegotiation has been initiated, and the SSL client has commenced
the renegotiation process. The
con_handle parameter is the
handle for the SSL connection.
void (Reset_Init) (
gsk_handle con_handle)
The
Reset_Complete routine
is called when a session renegotiation has been completed. If session
renegotiation does not successfully complete, for example because
of renegotiation not being allowed, then the
Reset_Complete routine
is not invoked even though the
Reset_Init routine was called
at the commencement of renegotiation. The
con_handle parameter
is the handle for the SSL connection.
void (Reset_Complete) (
gsk_handle con_handle)
Indicates that the application is providing the routines to maintain
the session identifier cache. The callback parameter is the address
of a gsk_sidcache_callback structure. GSK_SID_CACHE_CALLBACK can
be specified only for an SSL environment and will be used only for
SSL servers (the internal cache is always used for SSL clients). The
routine specified by the
Get entry is called to retrieve an
entry from the session identifier cache. The
session_id parameter
is the session identifier, the
session_id_length parameter
is the length of the session identifier, and the
ssl_version parameter
is the SSL protocol version number (GSK_SSLVERSION_V2 or GSK_SSLVERSION_V3).
The function return value is the address of the session data buffer
or NULL if an error is detected. The
FreeDataBuffer routine
will be called to release the session data buffer when it is no longer
needed by the SSL run time.
gsk_data_buffer * Get (
const unsigned char * session_id,
unsigned int session_id_length,
gsk_sslversion ssl_version)
The
routine specified by the
Put entry is called to store an entry
in the session identifier cache. The
ssl_session_data parameter
is the session data, the
session_id parameter is the session
identifier, the
session_id_length parameter is the length of
the session identifier, and the
ssl_version parameter is the
SSL protocol version number (GSK_SSLVERSION_V2 or GSK_SSLVERSION_V3).
The function return value is ignored and can be a NULL address. The
callback routine must make its own copy of the session data since
the SSL structure will be released when the connection is closed.
gsk_data_buffer * Put (
gsk_data_buffer * ssl_session_data,
const unsigned char * session_id,
unsigned int session_id_length,
gsk_sslversion ssl_version)
The
routine specified by the
Delete entry is called to remove an
entry from the session identifier cache. The
session_id parameter
is the session identifier, the
session_id_length parameter
is the length of the session identifier, and the
ssl_version parameter
is the SSL protocol version number (GSK_SSLVERSION_V2 or GSK_SSLVERSION_V3).
void Delete (
const unsigned char * session_id,
unsigned int session_id_length,
gsk_sslversion ssl_version)
The
routine specified by the
FreeDataBuffer entry is called to
release the data buffer returned by the
Get routine.
void FreeDataBuffer (
gsk_data_buffer * ssl_session_data)