2
* include/proto/ssl_sock.h
3
* This file contains definition for ssl stream socket operations
5
* Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
7
* This library is free software; you can redistribute it and/or
8
* modify it under the terms of the GNU Lesser General Public
9
* License as published by the Free Software Foundation, version 2.1
12
* This library is distributed in the hope that it will be useful,
13
* but WITHOUT ANY WARRANTY; without even the implied warranty of
14
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15
* Lesser General Public License for more details.
17
* You should have received a copy of the GNU Lesser General Public
18
* License along with this library; if not, write to the Free Software
19
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22
#ifndef _PROTO_SSL_SOCK_H
23
#define _PROTO_SSL_SOCK_H
24
#include <openssl/ssl.h>
26
#include <types/connection.h>
27
#include <types/listener.h>
28
#include <types/proxy.h>
29
#include <types/stream_interface.h>
31
extern struct xprt_ops ssl_sock;
33
extern int totalsslconns;
35
/* boolean, returns true if connection is over SSL */
37
int ssl_sock_is_ssl(struct connection *conn)
39
if (!conn || conn->xprt != &ssl_sock || !conn->xprt_ctx)
45
int ssl_sock_handshake(struct connection *conn, unsigned int flag);
46
int ssl_sock_prepare_ctx(struct bind_conf *bind_conf, SSL_CTX *ctx, struct proxy *proxy);
47
void ssl_sock_free_certs(struct bind_conf *bind_conf);
48
int ssl_sock_prepare_all_ctx(struct bind_conf *bind_conf, struct proxy *px);
49
int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *px);
50
void ssl_sock_free_all_ctx(struct bind_conf *bind_conf);
51
const char *ssl_sock_get_cipher_name(struct connection *conn);
52
const char *ssl_sock_get_proto_version(struct connection *conn);
53
char *ssl_sock_get_version(struct connection *conn);
54
int ssl_sock_get_cert_used(struct connection *conn);
55
char *ssl_sock_get_common_name(struct connection *conn);
56
unsigned int ssl_sock_get_verify_result(struct connection *conn);
57
#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
58
int ssl_sock_update_ocsp_response(struct chunk *ocsp_response, char **err);
61
#endif /* _PROTO_SSL_SOCK_H */