/*
 * ejabberd external authentication program
 *
 * (c) Alexander Vdolainen 2013, 2018, 2019, 2021 <alex@vapaa.xyz>
 *
 * this is free software: you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published
 * by the Free Software Foundation, either version 2 of the License, or
 * (at your option) any later version.
 *
 * this is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.";
 *
 */

#ifndef __TLSPORT_H__
#define __TLSPORT_H__

struct tlsport {
  int fd;
  SSL *ssl;
  SSL_CTX *sslctx;
};

typedef enum {
  TLSIO_READ = 1,
  TLSIO_WRITE = 2,
} tls_io_dir_t;

/* this function shall be called before main loop */
int ssllib_init(void);

/* this one after mainloop and/or on exit */
int ssllib_free(void);

/* creates a TLS connection (all info is in struct tlsport).
 * returns -1 on error, 0 otherwise.
 * first string is a hostname, second is a port or service name
 */
int tls_connect(const char *, const char *, struct tlsport *);

/* gracefully shutdown TLS connection and free resources
 * it's always freeing and closing, but in case of wrong
 * shutdown procedure returns -1, 0 otherwise.
 */
int tls_close(struct tlsport *);

/* read or write (depends on tls_io_dir_t) data via tlsport
 * returns amount of bytes ridden or written, -1 in case of error
 */
ssize_t tls_io(struct tlsport *, void *, size_t, tls_io_dir_t);

#endif /* __TLSPORT_H__ */