Annotation of embedaddon/nginx/src/event/ngx_event_openssl.h, revision 1.1

1.1     ! misho       1: 
        !             2: /*
        !             3:  * Copyright (C) Igor Sysoev
        !             4:  * Copyright (C) Nginx, Inc.
        !             5:  */
        !             6: 
        !             7: 
        !             8: #ifndef _NGX_EVENT_OPENSSL_H_INCLUDED_
        !             9: #define _NGX_EVENT_OPENSSL_H_INCLUDED_
        !            10: 
        !            11: 
        !            12: #include <ngx_config.h>
        !            13: #include <ngx_core.h>
        !            14: 
        !            15: #include <openssl/ssl.h>
        !            16: #include <openssl/err.h>
        !            17: #include <openssl/conf.h>
        !            18: #include <openssl/engine.h>
        !            19: #include <openssl/evp.h>
        !            20: #include <openssl/ocsp.h>
        !            21: 
        !            22: #define NGX_SSL_NAME     "OpenSSL"
        !            23: 
        !            24: 
        !            25: #define ngx_ssl_session_t       SSL_SESSION
        !            26: #define ngx_ssl_conn_t          SSL
        !            27: 
        !            28: 
        !            29: typedef struct {
        !            30:     SSL_CTX                    *ctx;
        !            31:     ngx_log_t                  *log;
        !            32: } ngx_ssl_t;
        !            33: 
        !            34: 
        !            35: typedef struct {
        !            36:     ngx_ssl_conn_t             *connection;
        !            37: 
        !            38:     ngx_int_t                   last;
        !            39:     ngx_buf_t                  *buf;
        !            40: 
        !            41:     ngx_connection_handler_pt   handler;
        !            42: 
        !            43:     ngx_event_handler_pt        saved_read_handler;
        !            44:     ngx_event_handler_pt        saved_write_handler;
        !            45: 
        !            46:     unsigned                    handshaked:1;
        !            47:     unsigned                    renegotiation:1;
        !            48:     unsigned                    buffer:1;
        !            49:     unsigned                    no_wait_shutdown:1;
        !            50:     unsigned                    no_send_shutdown:1;
        !            51: } ngx_ssl_connection_t;
        !            52: 
        !            53: 
        !            54: #define NGX_SSL_NO_SCACHE            -2
        !            55: #define NGX_SSL_NONE_SCACHE          -3
        !            56: #define NGX_SSL_NO_BUILTIN_SCACHE    -4
        !            57: #define NGX_SSL_DFLT_BUILTIN_SCACHE  -5
        !            58: 
        !            59: 
        !            60: #define NGX_SSL_MAX_SESSION_SIZE  4096
        !            61: 
        !            62: typedef struct ngx_ssl_sess_id_s  ngx_ssl_sess_id_t;
        !            63: 
        !            64: struct ngx_ssl_sess_id_s {
        !            65:     ngx_rbtree_node_t           node;
        !            66:     u_char                     *id;
        !            67:     size_t                      len;
        !            68:     u_char                     *session;
        !            69:     ngx_queue_t                 queue;
        !            70:     time_t                      expire;
        !            71: #if (NGX_PTR_SIZE == 8)
        !            72:     void                       *stub;
        !            73:     u_char                      sess_id[32];
        !            74: #endif
        !            75: };
        !            76: 
        !            77: 
        !            78: typedef struct {
        !            79:     ngx_rbtree_t                session_rbtree;
        !            80:     ngx_rbtree_node_t           sentinel;
        !            81:     ngx_queue_t                 expire_queue;
        !            82: } ngx_ssl_session_cache_t;
        !            83: 
        !            84: 
        !            85: 
        !            86: #define NGX_SSL_SSLv2    0x0002
        !            87: #define NGX_SSL_SSLv3    0x0004
        !            88: #define NGX_SSL_TLSv1    0x0008
        !            89: #define NGX_SSL_TLSv1_1  0x0010
        !            90: #define NGX_SSL_TLSv1_2  0x0020
        !            91: 
        !            92: 
        !            93: #define NGX_SSL_BUFFER   1
        !            94: #define NGX_SSL_CLIENT   2
        !            95: 
        !            96: #define NGX_SSL_BUFSIZE  16384
        !            97: 
        !            98: 
        !            99: ngx_int_t ngx_ssl_init(ngx_log_t *log);
        !           100: ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data);
        !           101: ngx_int_t ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
        !           102:     ngx_str_t *cert, ngx_str_t *key);
        !           103: ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
        !           104:     ngx_str_t *cert, ngx_int_t depth);
        !           105: ngx_int_t ngx_ssl_trusted_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
        !           106:     ngx_str_t *cert, ngx_int_t depth);
        !           107: ngx_int_t ngx_ssl_crl(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *crl);
        !           108: ngx_int_t ngx_ssl_stapling(ngx_conf_t *cf, ngx_ssl_t *ssl,
        !           109:     ngx_str_t *file, ngx_str_t *responder, ngx_uint_t verify);
        !           110: ngx_int_t ngx_ssl_stapling_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl,
        !           111:     ngx_resolver_t *resolver, ngx_msec_t resolver_timeout);
        !           112: RSA *ngx_ssl_rsa512_key_callback(SSL *ssl, int is_export, int key_length);
        !           113: ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file);
        !           114: ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name);
        !           115: ngx_int_t ngx_ssl_session_cache(ngx_ssl_t *ssl, ngx_str_t *sess_ctx,
        !           116:     ssize_t builtin_session_cache, ngx_shm_zone_t *shm_zone, time_t timeout);
        !           117: ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data);
        !           118: ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c,
        !           119:     ngx_uint_t flags);
        !           120: 
        !           121: void ngx_ssl_remove_cached_session(SSL_CTX *ssl, ngx_ssl_session_t *sess);
        !           122: ngx_int_t ngx_ssl_set_session(ngx_connection_t *c, ngx_ssl_session_t *session);
        !           123: #define ngx_ssl_get_session(c)      SSL_get1_session(c->ssl->connection)
        !           124: #define ngx_ssl_free_session        SSL_SESSION_free
        !           125: #define ngx_ssl_get_connection(ssl_conn)                                      \
        !           126:     SSL_get_ex_data(ssl_conn, ngx_ssl_connection_index)
        !           127: #define ngx_ssl_get_server_conf(ssl_ctx)                                      \
        !           128:     SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_server_conf_index)
        !           129: 
        !           130: #define ngx_ssl_verify_error_optional(n)                                      \
        !           131:     (n == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT                              \
        !           132:      || n == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN                             \
        !           133:      || n == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY                     \
        !           134:      || n == X509_V_ERR_CERT_UNTRUSTED                                        \
        !           135:      || n == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE)
        !           136: 
        !           137: 
        !           138: ngx_int_t ngx_ssl_get_protocol(ngx_connection_t *c, ngx_pool_t *pool,
        !           139:     ngx_str_t *s);
        !           140: ngx_int_t ngx_ssl_get_cipher_name(ngx_connection_t *c, ngx_pool_t *pool,
        !           141:     ngx_str_t *s);
        !           142: ngx_int_t ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool,
        !           143:     ngx_str_t *s);
        !           144: ngx_int_t ngx_ssl_get_raw_certificate(ngx_connection_t *c, ngx_pool_t *pool,
        !           145:     ngx_str_t *s);
        !           146: ngx_int_t ngx_ssl_get_certificate(ngx_connection_t *c, ngx_pool_t *pool,
        !           147:     ngx_str_t *s);
        !           148: ngx_int_t ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool,
        !           149:     ngx_str_t *s);
        !           150: ngx_int_t ngx_ssl_get_issuer_dn(ngx_connection_t *c, ngx_pool_t *pool,
        !           151:     ngx_str_t *s);
        !           152: ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool,
        !           153:     ngx_str_t *s);
        !           154: ngx_int_t ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool,
        !           155:     ngx_str_t *s);
        !           156: 
        !           157: 
        !           158: ngx_int_t ngx_ssl_handshake(ngx_connection_t *c);
        !           159: ssize_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size);
        !           160: ssize_t ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size);
        !           161: ssize_t ngx_ssl_recv_chain(ngx_connection_t *c, ngx_chain_t *cl);
        !           162: ngx_chain_t *ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in,
        !           163:     off_t limit);
        !           164: void ngx_ssl_free_buffer(ngx_connection_t *c);
        !           165: ngx_int_t ngx_ssl_shutdown(ngx_connection_t *c);
        !           166: void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
        !           167:     char *fmt, ...);
        !           168: void ngx_ssl_cleanup_ctx(void *data);
        !           169: 
        !           170: 
        !           171: extern int  ngx_ssl_connection_index;
        !           172: extern int  ngx_ssl_server_conf_index;
        !           173: extern int  ngx_ssl_session_cache_index;
        !           174: extern int  ngx_ssl_certificate_index;
        !           175: extern int  ngx_ssl_stapling_index;
        !           176: 
        !           177: 
        !           178: #endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>