Separated cipherspec checking and switching, allowing us to defer the second
[strongswan.git] / src / libtls / tls_handshake.h
index 6703b34..bea0024 100644 (file)
@@ -24,8 +24,9 @@
 typedef struct tls_handshake_t tls_handshake_t;
 
 #include "tls.h"
 typedef struct tls_handshake_t tls_handshake_t;
 
 #include "tls.h"
-#include "tls_reader.h"
-#include "tls_writer.h"
+
+#include <bio/bio_reader.h>
+#include <bio/bio_writer.h>
 
 /**
  * TLS handshake state machine interface.
 
 /**
  * TLS handshake state machine interface.
@@ -44,7 +45,7 @@ struct tls_handshake_t {
         *                                      - DESTROY_ME if a fatal TLS alert received
         */
        status_t (*process)(tls_handshake_t *this,
         *                                      - DESTROY_ME if a fatal TLS alert received
         */
        status_t (*process)(tls_handshake_t *this,
-                                               tls_handshake_type_t type, tls_reader_t *reader);
+                                               tls_handshake_type_t type, bio_reader_t *reader);
 
        /**
         * Build TLS handshake messages to send out.
 
        /**
         * Build TLS handshake messages to send out.
@@ -58,21 +59,22 @@ struct tls_handshake_t {
         *                                      - INVALID_STATE if more input to process() required
         */
        status_t (*build)(tls_handshake_t *this,
         *                                      - INVALID_STATE if more input to process() required
         */
        status_t (*build)(tls_handshake_t *this,
-                                         tls_handshake_type_t *type, tls_writer_t *writer);
+                                         tls_handshake_type_t *type, bio_writer_t *writer);
 
        /**
 
        /**
-        * Check if the cipher spec for outgoing messages has changed.
+        * Check if the cipher spec should be changed for outgoing messages.
         *
         *
-        * @return                      TRUE if cipher spec changed
+        * @param inbound       TRUE to check for inbound cipherspec change
+        * @return                      TRUE if cipher spec should be changed
         */
         */
-       bool (*cipherspec_changed)(tls_handshake_t *this);
+       bool (*cipherspec_changed)(tls_handshake_t *this, bool inbound);
 
        /**
 
        /**
-        * Change the cipher spec for incoming messages.
+        * Change the cipher for a direction.
         *
         *
-        * @return                      TRUE if cipher spec changed
+        * @param inbound       TRUE to change inbound cipherspec, FALSE for outbound
         */
         */
-       bool (*change_cipherspec)(tls_handshake_t *this);
+       void (*change_cipherspec)(tls_handshake_t *this, bool inbound);
 
        /**
         * Check if the finished message was decoded successfully.
 
        /**
         * Check if the finished message was decoded successfully.