| blob | aadacc5e9a125036a544056e524ad214c78614f8 |
1 /* $NetBSD$ */
3 /*++
4 /* NAME
5 /* tls_level 3
6 /* SUMMARY
7 /* TLS security level conversion
8 /* SYNOPSIS
9 /* #include <tls.h>
10 /*
11 /* int tls_level_lookup(name)
12 /* const char *name;
13 /*
14 /* const char *str_tls_level(level)
15 /* int level;
16 /* DESCRIPTION
17 /* The macros in this module convert TLS levels from symbolic
18 /* name to internal form and vice versa. The macros are safe
19 /* because they evaluate their arguments only once.
20 /*
21 /* tls_level_lookup() converts a TLS level from symbolic name
22 /* to internal form. When an unknown level is specified,
23 /* tls_level_lookup() logs no warning, and returns TLS_LEV_INVALID.
24 /*
25 /* str_tls_level() converts a TLS level from internal form to
26 /* symbolic name. The result is a null pointer for an unknown
27 /* level.
28 /* SEE ALSO
29 /* name_code(3) name to number mapping
30 /* LICENSE
31 /* .ad
32 /* .fi
33 /* The Secure Mailer license must be distributed with this software.
34 /* AUTHOR(S)
35 /* Wietse Venema
36 /* IBM T.J. Watson Research
37 /* P.O. Box 704
38 /* Yorktown Heights, NY 10598, USA
39 /*
40 /* Victor Duchovni
41 /* Morgan Stanley
42 /*--*/
44 /* System library. */
46 #include <sys_defs.h>
48 /* Utility library. */
50 #include <name_code.h>
52 /* TLS library. */
54 #include <tls.h>
56 /* Application-specific. */
58 /*
59 * Order is critical:
60 *
61 * Levels > "encrypt" are expected to match a peer certificate.
62 *
63 * Levels >= "verify" are expected to require a valid CA trust-chain
64 *
65 * This forces "fingerprint" between "encrypt" and "verify".
66 */
75 };