Add TLS-SRP (RFC 5054) support

net/third_party/nss/ssl/ssl.h

 /*
  * This file contains prototypes for the public SSL functions.
  *
  * ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
  * 1.1 (the "License"); you may not use this file except in compliance with
  * the License. You may obtain a copy of the License at
  * http://www.mozilla.org/MPL/
@@ skipping 419 matching lines @@
 */
 SSL_IMPORT PRFileDesc *SSL_ReconfigFD(PRFileDesc *model, PRFileDesc *fd);
 
 /*
  * Set the client side argument for SSL to retrieve PKCS #11 pin.
  *      fd - the file descriptor for the connection in question
  *      a - pkcs11 application specific data
  */
 SSL_IMPORT SECStatus SSL_SetPKCS11PinArg(PRFileDesc *fd, void *a);
 
+
+/*
+ * Set the client side user name and password non-interactively.
+ */
+SSL_IMPORT SECStatus SSL_SetUserLogin(PRFileDesc *fd,
+                                      const char *u,
+                                      const char *p);
+
+/*
+ * This sets the client side callback for SSL to retrieve the user password.
+ *       fd - the file descriptor for the connection in question
+ * func - callback function pointer
+ *   pw - user password
+ */
+
+typedef SECStatus (PR_CALLBACK *SSLUserPasswdCB)(PRFileDesc *fd,
+                                                 SECItem *pw, void *arg);
+
+SSL_IMPORT SECStatus SSL_UserPasswdHook(PRFileDesc *fd, SSLUserPasswdCB func,
+                                                                void *arg);
+
+/*
+ * This sets the server side callback function for SSL to retrieve the SRP
+ * authentication parameters associated with a specific user login.
+ *   fd - the file descriptor of the connection
+ * func - pointer to the callback function
+ * user - username to lookup in app database
+ *  srp - SRP auth paramters supplied to SSL by app
+ */
+
+typedef SECStatus (PR_CALLBACK *SSLGetSRPParamsCB)(PRFileDesc *fd,
+                                                     SECKEYSRPParams *srp,
+                                                     void *arg);
+
+SSL_IMPORT SECStatus SSL_GetSRPParamsHook(PRFileDesc *fd,
+                                            SSLGetSRPParamsCB func, void *arg);
+
 /*
 ** This is a callback for dealing with server certs that are not authenticated
 ** by the client.  The client app can decide that it actually likes the
 ** cert by some external means and restart the connection.
 */
 typedef SECStatus (PR_CALLBACK *SSLBadCertHandler)(void *arg, PRFileDesc *fd);
 SSL_IMPORT SECStatus SSL_BadCertHook(PRFileDesc *fd, SSLBadCertHandler f, 
                                      void *arg);
 
 /*
@@ skipping 246 matching lines @@
  *   nation of France will permit to be imported into their country.
  * See documentation for the list.
  */
 SSL_IMPORT SECStatus NSS_SetFrancePolicy(void);
 
 SSL_IMPORT SSL3Statistics * SSL_GetStatistics(void);
 
 /* Report more information than SSL_SecurityStatus.
 ** Caller supplies the info struct.  Function fills it in.
 */
+SSL_IMPORT SECStatus SSL_GetChannelUsername(PRFileDesc *fd, SECItem *user);
 SSL_IMPORT SECStatus SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info,
                                         PRUintn len);
 SSL_IMPORT SECStatus SSL_GetCipherSuiteInfo(PRUint16 cipherSuite, 
                                         SSLCipherSuiteInfo *info, PRUintn len);
 
 /* Returnes negotiated through SNI host info. */
 SSL_IMPORT SECItem *SSL_GetNegotiatedHostInfo(PRFileDesc *fd);
 
 /*
 ** Return a new reference to the certificate that was most recently sent
@@ skipping 36 matching lines @@
 ** Did the handshake with the peer negotiate the given extension?
 ** Output parameter valid only if function returns SECSuccess
 */
 SSL_IMPORT SECStatus SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,
                                                       SSLExtensionType extId,
                                                       PRBool *yes);
 
 SEC_END_PROTOS
 
 #endif /* __ssl_h_ */