trap-manager: Wait for install to finish before uninstalling
[strongswan.git] / src / libtls / tls_alert.h
1 /*
2 * Copyright (C) 2010 Martin Willi
3 * Copyright (C) 2010 revosec AG
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 /**
17 * @defgroup tls_alert tls_alert
18 * @{ @ingroup libtls
19 */
20
21 #ifndef TLS_ALERT_H_
22 #define TLS_ALERT_H_
23
24 #include <library.h>
25
26 typedef struct tls_alert_t tls_alert_t;
27 typedef enum tls_alert_level_t tls_alert_level_t;
28 typedef enum tls_alert_desc_t tls_alert_desc_t;
29
30 /**
31 * Level of a TLS alert
32 */
33 enum tls_alert_level_t {
34 TLS_WARNING = 1,
35 TLS_FATAL = 2,
36 };
37
38 /**
39 * Description of a TLS alert
40 */
41 enum tls_alert_desc_t {
42 TLS_CLOSE_NOTIFY = 0,
43 TLS_UNEXPECTED_MESSAGE = 10,
44 TLS_BAD_RECORD_MAC = 20,
45 TLS_DECRYPTION_FAILED = 21,
46 TLS_RECORD_OVERFLOW = 22,
47 TLS_DECOMPRESSION_FAILURE = 30,
48 TLS_HANDSHAKE_FAILURE = 40,
49 TLS_NO_CERTIFICATE = 41,
50 TLS_BAD_CERTIFICATE = 42,
51 TLS_UNSUPPORTED_CERTIFICATE = 43,
52 TLS_CERTIFICATE_REVOKED = 44,
53 TLS_CERTIFICATE_EXPIRED = 45,
54 TLS_CERTIFICATE_UNKNOWN = 46,
55 TLS_ILLEGAL_PARAMETER = 47,
56 TLS_UNKNOWN_CA = 48,
57 TLS_ACCESS_DENIED = 49,
58 TLS_DECODE_ERROR = 50,
59 TLS_DECRYPT_ERROR = 51,
60 TLS_EXPORT_RESTRICTION = 60,
61 TLS_PROTOCOL_VERSION = 70,
62 TLS_INSUFFICIENT_SECURITY = 71,
63 TLS_INTERNAL_ERROR = 80,
64 TLS_USER_CANCELED = 90,
65 TLS_NO_RENEGOTIATION = 100,
66 TLS_UNSUPPORTED_EXTENSION = 110,
67 };
68
69 /**
70 * Enum names for alert descriptions
71 */
72 extern enum_name_t *tls_alert_desc_names;
73
74 /**
75 * TLS alert handling.
76 */
77 struct tls_alert_t {
78
79 /**
80 * Add an alert to the TLS alert queue, will be sent.
81 *
82 * @param level level of TLS alert
83 * @param description description of alert
84 */
85 void (*add)(tls_alert_t *this, tls_alert_level_t level,
86 tls_alert_desc_t description);
87
88 /**
89 * Get an alert pushed to the alert queue, to send.
90 *
91 * @param level receives TLS alert level
92 * @param description receives TLS alert description
93 * @return TRUE if returned an alert
94 */
95 bool (*get)(tls_alert_t *this, tls_alert_level_t *level,
96 tls_alert_desc_t *description);
97
98 /**
99 * Did a fatal alert occur?.
100 *
101 * @return TRUE if a fatal alert has occurred
102 */
103 bool (*fatal)(tls_alert_t *this);
104
105 /**
106 * Process a received TLS alert.
107 *
108 * @param level level of received alert
109 * @param description alert description
110 * @return status to pass down to TLS stack
111 */
112 status_t (*process)(tls_alert_t *this, tls_alert_level_t level,
113 tls_alert_desc_t description);
114
115 /**
116 * Destroy a tls_alert_t.
117 */
118 void (*destroy)(tls_alert_t *this);
119 };
120
121 /**
122 * Create a tls_alert instance.
123 */
124 tls_alert_t *tls_alert_create();
125
126 #endif /** TLS_ALERT_H_ @}*/