← Back to branch summary

~ubuntu-branches/ubuntu/trusty/nginx/trusty-proposed

« back to all changes in this revision

Viewing changes to src/event/ngx_event_openssl.h

  • Committer: Package Import Robot
  • Author(s): Kartik Mistry
  • Date: 2013-04-25 12:51:45 UTC
  • mfrom: (1.3.28)
  • mto: (1.3.29) (15.1.2 experimental)
  • mto: This revision was merged to the branch mainline in revision 64.
  • Revision ID: package-import@ubuntu.com-20130425125145-ugl0wor6bq0u5eae
Tags: upstream-1.4.0
ImportĀ upstreamĀ versionĀ 1.4.0

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/event/ngx_event_openssl.h
1
1
 
2
2
/*
3
3
 * Copyright (C) Igor Sysoev
 
4
 * Copyright (C) Nginx, Inc.
4
5
 */
5
6
 
6
7
 
13
14
 
14
15
#include <openssl/ssl.h>
15
16
#include <openssl/err.h>
16
 
 
17
 
#if OPENSSL_VERSION_NUMBER >= 0x00907000
18
17
#include <openssl/conf.h>
19
18
#include <openssl/engine.h>
20
 
#define NGX_SSL_ENGINE   1
21
 
#endif
 
19
#include <openssl/evp.h>
 
20
#include <openssl/ocsp.h>
22
21
 
23
22
#define NGX_SSL_NAME     "OpenSSL"
24
23
 
45
44
    ngx_event_handler_pt        saved_write_handler;
46
45
 
47
46
    unsigned                    handshaked:1;
 
47
    unsigned                    renegotiation:1;
48
48
    unsigned                    buffer:1;
49
49
    unsigned                    no_wait_shutdown:1;
50
50
    unsigned                    no_send_shutdown:1;
83
83
 
84
84
 
85
85
 
86
 
#define NGX_SSL_SSLv2    2
87
 
#define NGX_SSL_SSLv3    4
88
 
#define NGX_SSL_TLSv1    8
 
86
#define NGX_SSL_SSLv2    0x0002
 
87
#define NGX_SSL_SSLv3    0x0004
 
88
#define NGX_SSL_TLSv1    0x0008
 
89
#define NGX_SSL_TLSv1_1  0x0010
 
90
#define NGX_SSL_TLSv1_2  0x0020
89
91
 
90
92
 
91
93
#define NGX_SSL_BUFFER   1
100
102
    ngx_str_t *cert, ngx_str_t *key);
101
103
ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
102
104
    ngx_str_t *cert, ngx_int_t depth);
103
 
ngx_int_t ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl);
 
105
ngx_int_t ngx_ssl_trusted_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
 
106
    ngx_str_t *cert, ngx_int_t depth);
 
107
ngx_int_t ngx_ssl_crl(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *crl);
 
108
ngx_int_t ngx_ssl_stapling(ngx_conf_t *cf, ngx_ssl_t *ssl,
 
109
    ngx_str_t *file, ngx_str_t *responder, ngx_uint_t verify);
 
110
ngx_int_t ngx_ssl_stapling_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl,
 
111
    ngx_resolver_t *resolver, ngx_msec_t resolver_timeout);
 
112
RSA *ngx_ssl_rsa512_key_callback(SSL *ssl, int is_export, int key_length);
 
113
ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file);
 
114
ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name);
104
115
ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
105
116
    ssize_t builtin_session_cache, ngx_shm_zone_t *shm_zone, time_t timeout);
 
117
ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data);
106
118
ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c,
107
119
    ngx_uint_t flags);
108
120
 
115
127
#define ngx_ssl_get_server_conf(ssl_ctx)                                      \
116
128
    SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_server_conf_index)
117
129
 
 
130
#define ngx_ssl_verify_error_optional(n)                                      \
 
131
    (n == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT                              \
 
132
     || n == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN                             \
 
133
     || n == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY                     \
 
134
     || n == X509_V_ERR_CERT_UNTRUSTED                                        \
 
135
     || n == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE)
 
136
 
118
137
 
119
138
ngx_int_t ngx_ssl_get_protocol(ngx_connection_t *c, ngx_pool_t *pool,
120
139
    ngx_str_t *s);
121
140
ngx_int_t ngx_ssl_get_cipher_name(ngx_connection_t *c, ngx_pool_t *pool,
122
141
    ngx_str_t *s);
 
142
ngx_int_t ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool,
 
143
    ngx_str_t *s);
 
144
ngx_int_t ngx_ssl_get_raw_certificate(ngx_connection_t *c, ngx_pool_t *pool,
 
145
    ngx_str_t *s);
 
146
ngx_int_t ngx_ssl_get_certificate(ngx_connection_t *c, ngx_pool_t *pool,
 
147
    ngx_str_t *s);
123
148
ngx_int_t ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool,
124
149
    ngx_str_t *s);
125
150
ngx_int_t ngx_ssl_get_issuer_dn(ngx_connection_t *c, ngx_pool_t *pool,
126
151
    ngx_str_t *s);
127
152
ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool,
128
153
    ngx_str_t *s);
 
154
ngx_int_t ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool,
 
155
    ngx_str_t *s);
129
156
 
130
157
 
131
158
ngx_int_t ngx_ssl_handshake(ngx_connection_t *c);
144
171
extern int  ngx_ssl_connection_index;
145
172
extern int  ngx_ssl_server_conf_index;
146
173
extern int  ngx_ssl_session_cache_index;
 
174
extern int  ngx_ssl_certificate_index;
 
175
extern int  ngx_ssl_stapling_index;
147
176
 
148
177
 
149
178
#endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */