first implementation of TLS server client authentication check

The TLS server now checks the client fingerprint. This works, but
is highly experimental. Needs to be refined for practice. Also:
- implemented permittedPeers helper construct to store names
- changed omfwd implementation to use new permittedPeers

1 files changed, 8 insertions, 1 deletions

diff --git a/runtime/netstrms.h b/runtime/netstrms.h
index 1d1cc892..3f686af6 100644
--- a/runtime/netstrms.h
+++ b/runtime/netstrms.h
@@ -32,6 +32,9 @@ struct netstrms_s {
 	uchar *pBaseDrvrName;	/**< nsd base driver name to use, or NULL if system default */
 	uchar *pDrvrName;	/**< full base driver name (set when driver is loaded) */
 	int iDrvrMode;		/**< current default driver mode */
+	uchar *pszDrvrAuthMode;	/**< current driver authentication mode */
+	permittedPeers_t *pPermPeers;/**< current driver's permitted peers */
+
 	nsd_if_t Drvr;		/**< our stream driver */
 };
 
@@ -44,7 +47,11 @@ BEGINinterface(netstrms) /* name must also be changed in ENDinterface macro! */
 	rsRetVal (*CreateStrm)(netstrms_t *pThis, netstrm_t **ppStrm);
 	rsRetVal (*SetDrvrName)(netstrms_t *pThis, uchar *pszName);
 	rsRetVal (*SetDrvrMode)(netstrms_t *pThis, int iMode);
-	int (*GetDrvrMode)(netstrms_t *pThis);
+	rsRetVal (*SetDrvrAuthMode)(netstrms_t *pThis, uchar*);
+	rsRetVal (*SetDrvrPermPeers)(netstrms_t *pThis, permittedPeers_t*);
+	int      (*GetDrvrMode)(netstrms_t *pThis);
+	uchar*   (*GetDrvrAuthMode)(netstrms_t *pThis);
+	permittedPeers_t* (*GetDrvrPermPeers)(netstrms_t *pThis);
 ENDinterface(netstrms)
 #define netstrmsCURR_IF_VERSION 1 /* increment whenever you change the interface structure! */