Helium
|
Functions for managing the connection. More...
#include <he.h>
Go to the source code of this file.
Macros | |
#define | HE_WOLF_TIMEOUT_MULTIPLIER 100 |
#define | HE_WOLF_RENEGOTIATION_TIMEOUT_MULTIPLIER 1000 |
Functions | |
he_conn_t * | he_conn_create (void) |
Creates a Helium connection struct. More... | |
void | he_conn_destroy (he_conn_t *conn) |
Releases all memory allocate by Helium for this connection. More... | |
he_return_code_t | he_conn_is_valid_client (he_ssl_ctx_t *ssl_ctx, he_conn_t *conn) |
Checks whether the client conn has the basic values to allow Helium to connect. More... | |
he_return_code_t | he_conn_is_valid_server (he_ssl_ctx_t *ssl_ctx, he_conn_t *conn) |
Checks whether the client conn has the basic values to allow Helium to connect. More... | |
int | he_conn_set_username (he_conn_t *conn, const char *username) |
Set the username to authenticate with. More... | |
const char * | he_conn_get_username (const he_conn_t *conn) |
Get the username that Helium will authenticate with, previously set by he_conn_set_username. More... | |
bool | he_conn_is_username_set (const he_conn_t *conn) |
Check if the password has been set. More... | |
he_return_code_t | he_conn_set_password (he_conn_t *conn, const char *password) |
Sets the password Helium should use to authenticate with. More... | |
bool | he_conn_is_password_set (const he_conn_t *conn) |
Check if the password has been set. More... | |
he_return_code_t | he_conn_set_auth_buffer (he_conn_t *conn, uint8_t auth_type, uint8_t *buffer, uint16_t length) |
Sets the opaque buffer Helium should use to authenticate with. More... | |
bool | he_conn_is_auth_buffer_set (const he_conn_t *conn) |
Check if the auth buffer has been set. More... | |
int | he_conn_set_outside_mtu (he_conn_t *conn, int mtu) |
Set the MTU for the outside transport mechanism. Usually this will be the MTU of the devices Internet connection. More... | |
int | he_conn_get_outside_mtu (he_conn_t *conn) |
Get the MTU value for the outside transport mechanism. *. More... | |
bool | he_conn_is_outside_mtu_set (he_conn_t *conn) |
Check if the outside MTU has been set. More... | |
he_return_code_t | he_conn_set_context (he_conn_t *conn, void *data) |
Store a pointer in the context that will be made available in all Helium callbacks. More... | |
void * | he_conn_get_context (he_conn_t *conn) |
Retrieve the pointer to the user supplied context. More... | |
he_return_code_t | he_internal_conn_configure (he_conn_t *conn, he_ssl_ctx_t *ctx) |
he_return_code_t | he_conn_client_connect (he_conn_t *conn, he_ssl_ctx_t *ssl_ctx, he_plugin_chain_t *inside_plugins, he_plugin_chain_t *outside_plugins) |
Tries to establish a connection with a Helium server. More... | |
he_return_code_t | he_conn_server_connect (he_conn_t *conn, he_ssl_ctx_t *ssl_ctx, he_plugin_chain_t *inside_plugins, he_plugin_chain_t *outside_plugins) |
Tries to establish a connection with a Helium client. More... | |
he_return_code_t | he_conn_disconnect (he_conn_t *conn) |
Try to cleanly disconnect from the remote Helium instance (client or server). More... | |
void | he_internal_disconnect_and_shutdown (he_conn_t *conn) |
void | he_internal_change_conn_state (he_conn_t *conn, he_conn_state_t state) |
he_return_code_t | he_internal_send_message (he_conn_t *conn, uint8_t *message, uint16_t length) |
Sends a message over the secured tunnel. More... | |
he_return_code_t | he_internal_send_goodbye (he_conn_t *conn) |
he_return_code_t | he_internal_send_auth (he_conn_t *conn) |
he_return_code_t | he_conn_send_keepalive (he_conn_t *conn) |
Tell Helium to send a keepalive message. This can be used to avoid NAT timing out. More... | |
he_return_code_t | he_conn_schedule_renegotiation (he_conn_t *conn) |
Tell Helium to schedule a renegotiation. More... | |
he_return_code_t | he_internal_renegotiate_ssl (he_conn_t *conn) |
void | he_internal_update_timeout (he_conn_t *conn) |
Updates the timeout for a connectionand triggers the timeout callback if set. More... | |
int | he_conn_get_nudge_time (he_conn_t *conn) |
Returns the number of miliseconds that host application should wait before nudging Helium. More... | |
he_return_code_t | he_conn_nudge (he_conn_t *conn) |
Nudges Helium. More... | |
he_conn_state_t | he_conn_get_state (he_conn_t *conn) |
Returns the state that the conn is currently in. More... | |
uint64_t | he_conn_get_session_id (he_conn_t *conn) |
Returns the session ID for this connection. | |
he_return_code_t | he_conn_set_session_id (he_conn_t *conn, uint64_t session_id) |
Sets the session ID for this connection. | |
uint64_t | he_conn_get_pending_session_id (he_conn_t *conn) |
Returns the pending session ID for this connection, if there is one. More... | |
bool | he_conn_is_error_fatal (he_conn_t *conn, he_return_code_t error_msg) |
Returns true if a given error (a return from libhelium where he_return_code_t != HE_SUCCESS) is obviously fatal and should terminate the connection. More... | |
he_return_code_t | he_conn_rotate_session_id (he_conn_t *conn, uint64_t *new_session_id) |
Rotate the session ID for this connection. More... | |
bool | he_conn_supports_renegotiation (he_conn_t *conn) |
Whether this particular connection supports renegoation. More... | |
void | he_internal_generate_event (he_conn_t *conn, he_conn_event_t event) |
he_return_code_t | he_conn_set_protocol_version (he_conn_t *conn, uint8_t major_version, uint8_t minor_version) |
On the server, sets the major/minor version number for this connection. More... | |
size_t | he_internal_calculate_data_packet_length (he_conn_t *conn, size_t length) |
he_return_code_t | he_internal_generate_session_id (he_conn_t *conn, uint64_t *session_id_out) |
Generate a random session ID. More... | |
Functions for managing the connection.
he_return_code_t he_conn_client_connect | ( | he_conn_t * | conn, |
he_ssl_ctx_t * | ssl_ctx, | ||
he_plugin_chain_t * | inside_plugins, | ||
he_plugin_chain_t * | outside_plugins | ||
) |
Tries to establish a connection with a Helium server.
conn | A pointer to a valid Helium connection |
conn | A pointer to a valid connection conn |
ssl_ctx | A pointer to valid and started SSL context |
ctx_conn | A pointer to a valid SSL context connection |
outside_plugins | A pointer to a valid plugin chain |
This function has a lot of return codes as it is where Helium tries to apply and configure the crypto engine. All of the return codes except for HE_SUCCESS are effectively fatal errors. Trying to call he_conn_client_connect again without changing the connection is unlikely to succeed.
he_conn_t* he_conn_create | ( | void | ) |
Creates a Helium connection struct.
This function must be called to create the initial Helium connection for use with other functions
void he_conn_destroy | ( | he_conn_t * | conn | ) |
Releases all memory allocate by Helium for this connection.
conn | A pointer to a valid Helium connection |
It will first remove all of the callbacks which means no Helium callbacks will be triggered after calling this function. It is thus an error to call any Helium functions on this connection after it has been destroyed.
he_return_code_t he_conn_disconnect | ( | he_conn_t * | conn | ) |
Try to cleanly disconnect from the remote Helium instance (client or server).
void* he_conn_get_context | ( | he_conn_t * | conn | ) |
Retrieve the pointer to the user supplied context.
conn | A pointer to a valid HE context |
int he_conn_get_nudge_time | ( | he_conn_t * | conn | ) |
Returns the number of miliseconds that host application should wait before nudging Helium.
conn | A pointer to a valid connection |
int he_conn_get_outside_mtu | ( | he_conn_t * | conn | ) |
Get the MTU value for the outside transport mechanism. *.
conn | A pointer to a valid connection. @ return int The MTU value in bytes. |
uint64_t he_conn_get_pending_session_id | ( | he_conn_t * | conn | ) |
Returns the pending session ID for this connection, if there is one.
conn | A pointer to a valid connection |
he_conn_state_t he_conn_get_state | ( | he_conn_t * | conn | ) |
Returns the state that the conn is currently in.
conn | A pointer to a valid connection |
const char* he_conn_get_username | ( | const he_conn_t * | conn | ) |
Get the username that Helium will authenticate with, previously set by he_conn_set_username.
conn | A pointer to a valid connection |
bool he_conn_is_auth_buffer_set | ( | const he_conn_t * | conn | ) |
Check if the auth buffer has been set.
conn | A pointer to a valid connection |
It is anticipated that this feature will be used for implementing UIs that don't maintain their own connection state.
bool he_conn_is_error_fatal | ( | he_conn_t * | conn, |
he_return_code_t | error_msg | ||
) |
Returns true if a given error (a return from libhelium where he_return_code_t != HE_SUCCESS) is obviously fatal and should terminate the connection.
It is not required to call this function – users are welcome to capture their errors, close connections and reconnect even if this function returns false.
bool he_conn_is_outside_mtu_set | ( | he_conn_t * | conn | ) |
Check if the outside MTU has been set.
conn | A pointer to a valid connection |
It is anticipated that this feature will be used for implementing UIs that don't maintain their own connection state.
bool he_conn_is_password_set | ( | const he_conn_t * | conn | ) |
Check if the password has been set.
conn | A pointer to a valid connection |
It is anticipated that this feature will be used for implementing UIs that don't maintain their own connection state.
bool he_conn_is_username_set | ( | const he_conn_t * | conn | ) |
Check if the password has been set.
conn | A pointer to a valid connection |
It is anticipated that this feature will be used for implementing UIs that don't maintain their own connection state.
he_return_code_t he_conn_is_valid_client | ( | he_ssl_ctx_t * | ssl_ctx, |
he_conn_t * | conn | ||
) |
Checks whether the client conn has the basic values to allow Helium to connect.
ssl_ctx | A pointer to a valid SSL context |
conn | A pointer to a valid connection conn |
he_conn_client_connect
because that function will call this function before attempting to connect. he_return_code_t he_conn_is_valid_server | ( | he_ssl_ctx_t * | ssl_ctx, |
he_conn_t * | conn | ||
) |
Checks whether the client conn has the basic values to allow Helium to connect.
ssl_ctx | A pointer to a valid SSL context |
conn | A pointer to a valid connection conn |
he_conn_server_connect
because that function will call this function before attempting to connect. he_return_code_t he_conn_nudge | ( | he_conn_t * | conn | ) |
Nudges Helium.
conn | A pointer to a valid connection |
he_return_code_t he_conn_rotate_session_id | ( | he_conn_t * | conn, |
uint64_t * | new_session_id | ||
) |
Rotate the session ID for this connection.
After calling this function, the value returned by he_conn_get_session_id will NOT be updated. The value returned by he_conn_get_pending_session_id is guaranteed to be the same as the value pointed to by new_session_id if that parameter is not null.
After the event "HE_EVENT_PENDING_SESSION_ACKNOWLEDGED" fires, he_conn_get_pending_session_id will return 0, and the value for he_conn_get_session_id will be the same as the session ID generated by this call.
conn | A pointer to a valid connection | |
[out] | A | uint64_t pointer; if not null the value will be updated with the new session ID |
he_return_code_t he_conn_schedule_renegotiation | ( | he_conn_t * | conn | ) |
Tell Helium to schedule a renegotiation.
conn | A pointer to a valid connection |
Note that this schedules a key rotation or D/TLS renegotiation on the next time we process data on this connection; calling this function provides no time-based guarantees, only that when we see this connection again we will renegotiate.
he_return_code_t he_conn_send_keepalive | ( | he_conn_t * | conn | ) |
Tell Helium to send a keepalive message. This can be used to avoid NAT timing out.
conn | A pointer to a valid connection |
This is used to send a heartbeat message to a Helium server and get a reply. Its prmary use is to ensure that the connection doesn't time out due to NAT traversal. This feature is not mandatory, but as Helium cannot by itself know when to send these, it is up to the host application to call this function at the required intervals.
he_return_code_t he_conn_server_connect | ( | he_conn_t * | conn, |
he_ssl_ctx_t * | ssl_ctx, | ||
he_plugin_chain_t * | inside_plugins, | ||
he_plugin_chain_t * | outside_plugins | ||
) |
Tries to establish a connection with a Helium client.
conn | A pointer to a valid Helium connection |
ssl_ctx | A pointer to valid and started SSL context |
ctx_conn | A pointer to a valid SSL context connection |
plugins | A pointer to a valid plugin chain |
This function has a lot of return codes as it is where Helium tries to apply and configure the crypto engine. All of the return codes except for HE_SUCCESS are effectively fatal errors. Trying to call he_conn_client_connect again without changing the connection is unlikely to succeed.
he_return_code_t he_conn_set_auth_buffer | ( | he_conn_t * | conn, |
uint8_t | auth_type, | ||
uint8_t * | buffer, | ||
uint16_t | length | ||
) |
Sets the opaque buffer Helium should use to authenticate with.
conn | A pointer to a valid connection |
auth_type | the authentication type to pass to the server |
buffer | A pointer to the authentication buffer to use |
length | The length of the buffer |
he_return_code_t he_conn_set_context | ( | he_conn_t * | conn, |
void * | data | ||
) |
Store a pointer in the context that will be made available in all Helium callbacks.
conn | A valid connection |
data | A pointer to a user provided data structure |
Helium will interact with the host application primarily through the use of callback functions. To avoid the need for global variables, a pointer to some data structure can be set on the context. This context will be passed in all function callbacks as void pointer.
int he_conn_set_outside_mtu | ( | he_conn_t * | conn, |
int | mtu | ||
) |
Set the MTU for the outside transport mechanism. Usually this will be the MTU of the devices Internet connection.
conn | A pointer to a valid connection |
mtu | The MTU of the outside transport mechanism in bytes |
Setting the MTU will update the MSS clamp size to an optimal value for the new MTU.
he_return_code_t he_conn_set_password | ( | he_conn_t * | conn, |
const char * | password | ||
) |
Sets the password Helium should use to authenticate with.
conn | A pointer to a valid connection |
password | A pointer to the password |
he_return_code_t he_conn_set_protocol_version | ( | he_conn_t * | conn, |
uint8_t | major_version, | ||
uint8_t | minor_version | ||
) |
On the server, sets the major/minor version number for this connection.
conn | A pointer to a valid server connection |
major_version | |
minor_version |
int he_conn_set_username | ( | he_conn_t * | conn, |
const char * | username | ||
) |
Set the username to authenticate with.
conn | A pointer to a valid conn |
username | A pointer to the username |
bool he_conn_supports_renegotiation | ( | he_conn_t * | conn | ) |
Whether this particular connection supports renegoation.
Only pre-Dec 2020 clients won't support this.
he_return_code_t he_internal_generate_session_id | ( | he_conn_t * | conn, |
uint64_t * | session_id_out | ||
) |
Generate a random session ID.
context | A pointer to a valid SSL server context | |
[out] | session_id_out | A pointer to a uint64_t, where we will write the session ID |
he_return_code_t he_internal_send_message | ( | he_conn_t * | conn, |
uint8_t * | message, | ||
uint16_t | length | ||
) |
Sends a message over the secured tunnel.
conn | A pointer to a valid connection |
message | A pointer to the raw message to be sent |
length | The length of the message |
void he_internal_update_timeout | ( | he_conn_t * | conn | ) |
Updates the timeout for a connectionand triggers the timeout callback if set.
conn | A pointer to a valid connection |