From 25e44fc1e666fb333b3c53bcda90e44b0b74bf19 Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Tue, 25 Mar 2014 15:39:58 +0100
Subject: implement optional SSL certificate validation (including CN host
 check)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
---
 uclient.h | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

(limited to 'uclient.h')

diff --git a/uclient.h b/uclient.h
index 11a1955..79ec0b7 100644
--- a/uclient.h
+++ b/uclient.h
@@ -8,6 +8,13 @@
 struct uclient_cb;
 struct uclient_backend;
 
+enum uclient_error_code {
+	UCLIENT_ERROR_UNKNOWN,
+	UCLIENT_ERROR_CONNECT,
+	UCLIENT_ERROR_SSL_INVALID_CERT,
+	UCLIENT_ERROR_SSL_CN_MISMATCH,
+};
+
 struct uclient {
 	const struct uclient_backend *backend;
 	const struct uclient_cb *cb;
@@ -16,7 +23,7 @@ struct uclient {
 	void *priv;
 
 	bool eof;
-	bool error;
+	int error_code;
 	int status_code;
 	struct blob_attr *meta;
 
@@ -28,7 +35,7 @@ struct uclient_cb {
 	void (*data_sent)(struct uclient *cl);
 	void (*data_eof)(struct uclient *cl);
 	void (*header_done)(struct uclient *cl);
-	void (*error)(struct uclient *cl);
+	void (*error)(struct uclient *cl, int code);
 };
 
 struct uclient *uclient_new(const char *url, const struct uclient_cb *cb);
@@ -54,6 +61,6 @@ int uclient_http_reset_headers(struct uclient *cl, const char *name, const char
 int uclient_http_set_request_type(struct uclient *cl, const char *type);
 bool uclient_http_redirect(struct uclient *cl);
 
-int uclient_http_set_ssl_ctx(struct uclient *cl, struct ustream_ssl_ctx *ctx);
+int uclient_http_set_ssl_ctx(struct uclient *cl, struct ustream_ssl_ctx *ctx, bool require_validation);
 
 #endif
-- 
cgit v1.2.1