diff options
author | Andreas Baumann <mail@andreasbaumann.cc> | 2015-01-09 09:46:07 +0100 |
---|---|---|
committer | Andreas Baumann <mail@andreasbaumann.cc> | 2015-01-09 09:46:07 +0100 |
commit | 5ac03256db0fe4ca7e3ad1117d096c3a76368b76 (patch) | |
tree | c767808892cc7f013b87174ad3b31c23508b5fa5 /release/src/router/cyassl/include/openssl/ssl.h | |
parent | d89b5dc1509c66ccbed1dbc7ed0e09264ea3179e (diff) | |
download | tomato-5ac03256db0fe4ca7e3ad1117d096c3a76368b76.tar.gz tomato-5ac03256db0fe4ca7e3ad1117d096c3a76368b76.tar.bz2 |
backported CyaSSL/OpenSSL support for internal webserver instead of MatrixSSL
Diffstat (limited to 'release/src/router/cyassl/include/openssl/ssl.h')
-rw-r--r-- | release/src/router/cyassl/include/openssl/ssl.h | 677 |
1 files changed, 677 insertions, 0 deletions
diff --git a/release/src/router/cyassl/include/openssl/ssl.h b/release/src/router/cyassl/include/openssl/ssl.h new file mode 100644 index 00000000..1ae308d8 --- /dev/null +++ b/release/src/router/cyassl/include/openssl/ssl.h @@ -0,0 +1,677 @@ +/* ssl.h + * + * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/* ssl.h defines openssl compatibility layer + * + */ + + + +#ifndef CYASSL_OPENSSL_H_ +#define CYASSL_OPENSSL_H_ + +#include "os_settings.h" /* for users not using preprocessor flags */ + +#ifndef NO_FILESYSTEM + #include <stdio.h> /* ERR_print fp */ +#endif + +#ifdef YASSL_PREFIX + #include "prefix_ssl.h" +#endif + +#define CYASSL_VERSION "1.9.0" + +#undef X509_NAME /* wincrypt.h clash */ + +#ifdef __cplusplus + extern "C" { +#endif + + + +typedef struct SSL SSL; +typedef struct SSL_SESSION SSL_SESSION; +typedef struct SSL_METHOD SSL_METHOD; +typedef struct SSL_CTX SSL_CTX; + +typedef struct X509 X509; +typedef struct X509_NAME X509_NAME; +typedef struct X509_CHAIN X509_CHAIN; + + +/* redeclare guard */ +#define SSL_TYPES_DEFINED + + + + +typedef struct EVP_PKEY EVP_PKEY; +typedef struct RSA RSA; +typedef struct BIO BIO; +typedef struct BIO_METHOD BIO_METHOD; +typedef struct SSL_CIPHER SSL_CIPHER; +typedef struct X509_LOOKUP X509_LOOKUP; +typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD; +typedef struct X509_CRL X509_CRL; +typedef struct X509_EXTENSION X509_EXTENSION; +typedef struct ASN1_TIME ASN1_TIME; +typedef struct ASN1_INTEGER ASN1_INTEGER; +typedef struct ASN1_OBJECT ASN1_OBJECT; +typedef struct ASN1_STRING ASN1_STRING; +typedef struct CRYPTO_dynlock_value CRYPTO_dynlock_value; + +#define ASN1_UTCTIME ASN1_TIME + +typedef struct MD4_CTX { + int buffer[32]; /* big enough to hold, check size in Init */ +} MD4_CTX; + + +typedef struct COMP_METHOD { + int type; /* stunnel dereference */ +} COMP_METHOD; + + +typedef struct X509_STORE { + int cache; /* stunnel dereference */ +} X509_STORE; + + +typedef struct X509_REVOKED { + ASN1_INTEGER* serialNumber; /* stunnel dereference */ +} X509_REVOKED; + + +typedef struct X509_OBJECT { + union { + char* ptr; + X509_CRL* crl; /* stunnel dereference */ + } data; +} X509_OBJECT; + + +/* in cyassl_int.h too, change there !! */ +typedef struct X509_STORE_CTX { + int error; + int error_depth; + X509* current_cert; /* stunnel dereference */ + char* domain; /* subject CN domain name */ + /* in cyassl_int.h too, change there !! */ +} X509_STORE_CTX; + + +SSL_METHOD *SSLv3_server_method(void); +SSL_METHOD *SSLv3_client_method(void); +SSL_METHOD *TLSv1_server_method(void); +SSL_METHOD *TLSv1_client_method(void); +SSL_METHOD *TLSv1_1_server_method(void); +SSL_METHOD *TLSv1_1_client_method(void); +SSL_METHOD *TLSv1_2_server_method(void); +SSL_METHOD *TLSv1_2_client_method(void); + +#ifdef CYASSL_DTLS + SSL_METHOD *DTLSv1_client_method(void); + SSL_METHOD *DTLSv1_server_method(void); +#endif + +#ifndef NO_FILESYSTEM + +int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int); +int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int); +int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*); +int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); +int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int); + +#ifdef CYASSL_DER_LOAD + int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int); +#endif + +#ifdef HAVE_NTRU + int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU + private key blob */ +#endif + +int CyaSSL_PemCertToDer(const char*, unsigned char*, int); + +#endif /* NO_FILESYSTEM */ + +SSL_CTX* SSL_CTX_new(SSL_METHOD*); +SSL* SSL_new(SSL_CTX*); +int SSL_set_fd (SSL*, int); +int SSL_get_fd(const SSL*); +int SSL_connect(SSL*); /* please see note at top of README + if you get an error from connect */ +int SSL_write(SSL*, const void*, int); +int SSL_read(SSL*, void*, int); +int SSL_accept(SSL*); +void SSL_CTX_free(SSL_CTX*); +void SSL_free(SSL*); +int SSL_shutdown(SSL*); + +void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int); + +int SSL_get_error(SSL*, int); + +int SSL_set_session(SSL *ssl, SSL_SESSION *session); +SSL_SESSION* SSL_get_session(SSL* ssl); +void SSL_flush_sessions(SSL_CTX *ctx, long tm); + + +typedef int (*VerifyCallback)(int, X509_STORE_CTX*); +typedef int (*pem_password_cb)(char*, int, int, void*); + +void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback); + + +int SSL_pending(SSL*); + + +void SSL_load_error_strings(void); +int SSL_library_init(void); +long SSL_CTX_set_session_cache_mode(SSL_CTX*, long); + +/* only supports full name from cipher_name[] delimited by : */ +int SSL_CTX_set_cipher_list(SSL_CTX*, const char*); + +char* ERR_error_string(unsigned long,char*); +void ERR_error_string_n(unsigned long e, char *buf, size_t len); + + +/* extras */ + +#define STACK_OF(x) x + +int SSL_set_ex_data(SSL*, int, void*); +int SSL_get_shutdown(const SSL*); +int SSL_set_rfd(SSL*, int); +int SSL_set_wfd(SSL*, int); +void SSL_set_shutdown(SSL*, int); +int SSL_set_session_id_context(SSL*, const unsigned char*, unsigned int); +void SSL_set_connect_state(SSL*); +void SSL_set_accept_state(SSL*); +int SSL_session_reused(SSL*); +void SSL_SESSION_free(SSL_SESSION* session); + +const char* SSL_get_version(SSL*); +SSL_CIPHER* SSL_get_current_cipher(SSL*); +char* SSL_CIPHER_description(SSL_CIPHER*, char*, int); +const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher); +SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */ + +void X509_free(X509*); +void OPENSSL_free(void*); + +int OCSP_parse_url(char* url, char** host, char** port, char** path, int* ssl); + +SSL_METHOD* SSLv23_client_method(void); +SSL_METHOD* SSLv2_client_method(void); +SSL_METHOD* SSLv2_server_method(void); + +void MD4_Init(MD4_CTX*); +void MD4_Update(MD4_CTX*, const void*, size_t); +void MD4_Final(unsigned char*, MD4_CTX*); + +BIO* BIO_new(BIO_METHOD*); +int BIO_free(BIO*); +int BIO_free_all(BIO*); +int BIO_read(BIO*, void*, int); +int BIO_write(BIO*, const void*, int); +BIO* BIO_push(BIO*, BIO* append); +BIO* BIO_pop(BIO*); +int BIO_flush(BIO*); +int BIO_pending(BIO*); + +BIO_METHOD* BIO_f_buffer(void); +long BIO_set_write_buffer_size(BIO*, long size); +BIO_METHOD* BIO_f_ssl(void); +BIO* BIO_new_socket(int sfd, int flag); +void SSL_set_bio(SSL*, BIO* rd, BIO* wr); +int BIO_eof(BIO*); +long BIO_set_ssl(BIO*, SSL*, int flag); + +BIO_METHOD* BIO_s_mem(void); +BIO_METHOD* BIO_f_base64(void); +void BIO_set_flags(BIO*, int); + +void OpenSSL_add_all_algorithms(void); +int SSLeay_add_ssl_algorithms(void); +int SSLeay_add_all_algorithms(void); + +void RAND_screen(void); +const char* RAND_file_name(char*, size_t); +int RAND_write_file(const char*); +int RAND_load_file(const char*, long); +int RAND_egd(const char*); + +COMP_METHOD* COMP_zlib(void); +COMP_METHOD* COMP_rle(void); +int SSL_COMP_add_compression_method(int, void*); + +int SSL_get_ex_new_index(long, void*, void*, void*, void*); + +void CRYPTO_set_id_callback(unsigned long (*f)(void)); +void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, int)); +void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f)(const char*, + int)); +void CRYPTO_set_dynlock_lock_callback(void (*f)(int, CRYPTO_dynlock_value*, + const char*, int)); +void CRYPTO_set_dynlock_destroy_callback(void (*f)(CRYPTO_dynlock_value*, + const char*, int)); + +X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*); +int X509_STORE_CTX_get_error(X509_STORE_CTX*); +int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*); + +char* X509_NAME_oneline(X509_NAME*, char*, int); +X509_NAME* X509_get_issuer_name(X509*); +X509_NAME* X509_get_subject_name(X509*); +const char* X509_verify_cert_error_string(long); + +int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long); +int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long); +X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void); +X509_LOOKUP_METHOD* X509_LOOKUP_file(void); + +X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*); +X509_STORE* X509_STORE_new(void); +int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*, + X509_OBJECT*); +int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*, STACK_OF(X509)*); +void X509_STORE_CTX_cleanup(X509_STORE_CTX*); + +ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*); +ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*); + +EVP_PKEY* X509_get_pubkey(X509*); +int X509_CRL_verify(X509_CRL*, EVP_PKEY*); +void X509_STORE_CTX_set_error(X509_STORE_CTX*, int); +void X509_OBJECT_free_contents(X509_OBJECT*); +void EVP_PKEY_free(EVP_PKEY*); +int X509_cmp_current_time(const ASN1_TIME*); +int sk_X509_REVOKED_num(X509_REVOKED*); + +X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*); +X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int); + +ASN1_INTEGER* X509_get_serialNumber(X509*); + +int ASN1_TIME_print(BIO*, const ASN1_TIME*); + +int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*); +long ASN1_INTEGER_get(const ASN1_INTEGER*); + +STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*); + +void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*); +void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int); +int SSL_get_ex_data_X509_STORE_CTX_idx(void); +void* SSL_get_ex_data(const SSL*, int); + +void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata); +void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb); + + +long SSL_CTX_set_timeout(SSL_CTX*, long); +void SSL_CTX_set_info_callback(SSL_CTX*, void (*)()); + +unsigned long ERR_peek_error(void); +int ERR_GET_REASON(int); + +char* SSL_alert_type_string_long(int); +char* SSL_alert_desc_string_long(int); +char* SSL_state_string_long(SSL*); + +void RSA_free(RSA*); +RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*); +void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int)); + +int PEM_def_callback(char*, int num, int w, void* key); + +long SSL_CTX_sess_accept(SSL_CTX*); +long SSL_CTX_sess_connect(SSL_CTX*); +long SSL_CTX_sess_accept_good(SSL_CTX*); +long SSL_CTX_sess_connect_good(SSL_CTX*); +long SSL_CTX_sess_accept_renegotiate(SSL_CTX*); +long SSL_CTX_sess_connect_renegotiate(SSL_CTX*); +long SSL_CTX_sess_hits(SSL_CTX*); +long SSL_CTX_sess_cb_hits(SSL_CTX*); +long SSL_CTX_sess_cache_full(SSL_CTX*); +long SSL_CTX_sess_misses(SSL_CTX*); +long SSL_CTX_sess_timeouts(SSL_CTX*); +long SSL_CTX_sess_number(SSL_CTX*); +long SSL_CTX_sess_get_cache_size(SSL_CTX*); + + +#define SSL_DEFAULT_CIPHER_LIST "" /* default all */ +#define RSA_F4 0x10001L + +enum { + OCSP_NOCERTS = 1, + OCSP_NOINTERN = 2, + OCSP_NOSIGS = 4, + OCSP_NOCHAIN = 8, + OCSP_NOVERIFY = 16, + OCSP_NOEXPLICIT = 32, + OCSP_NOCASIGN = 64, + OCSP_NODELEGATED = 128, + OCSP_NOCHECKS = 256, + OCSP_TRUSTOTHER = 512, + OCSP_RESPID_KEY = 1024, + OCSP_NOTIME = 2048, + + OCSP_CERTID = 2, + OCSP_REQUEST = 4, + OCSP_RESPONSE = 8, + OCSP_BASICRESP = 16, + + ASN1_GENERALIZEDTIME = 4, + + SSL_OP_MICROSOFT_SESS_ID_BUG = 1, + SSL_OP_NETSCAPE_CHALLENGE_BUG = 2, + SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3, + SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4, + SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5, + SSL_OP_MSIE_SSLV2_RSA_PADDING = 6, + SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7, + SSL_OP_TLS_D5_BUG = 8, + SSL_OP_TLS_BLOCK_PADDING_BUG = 9, + SSL_OP_TLS_ROLLBACK_BUG = 10, + SSL_OP_ALL = 11, + SSL_OP_EPHEMERAL_RSA = 12, + SSL_OP_NO_SSLv3 = 13, + SSL_OP_NO_TLSv1 = 14, + SSL_OP_PKCS1_CHECK_1 = 15, + SSL_OP_PKCS1_CHECK_2 = 16, + SSL_OP_NETSCAPE_CA_DN_BUG = 17, + SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18, + SSL_OP_SINGLE_DH_USE = 19, + SSL_OP_NO_TICKET = 20, + SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21, + SSL_OP_NO_QUERY_MTU = 22, + SSL_OP_COOKIE_EXCHANGE = 23, + SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24, + SSL_OP_SINGLE_ECDH_USE = 25, + SSL_OP_CIPHER_SERVER_PREFERENCE = 26, + + SSL_MAX_SSL_SESSION_ID_LENGTH = 32, + + EVP_R_BAD_DECRYPT = 2, + + SSL_CB_LOOP = 4, + SSL_ST_CONNECT = 5, + SSL_ST_ACCEPT = 6, + SSL_CB_ALERT = 7, + SSL_CB_READ = 8, + SSL_CB_HANDSHAKE_DONE = 9, + + SSL_MODE_ENABLE_PARTIAL_WRITE = 2, + + BIO_FLAGS_BASE64_NO_NL = 1, + BIO_CLOSE = 1, + BIO_NOCLOSE = 0, + + NID_undef = 0, + + X509_FILETYPE_PEM = 8, + X509_LU_X509 = 9, + X509_LU_CRL = 12, + + X509_V_ERR_CRL_SIGNATURE_FAILURE = 13, + X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14, + X509_V_ERR_CRL_HAS_EXPIRED = 15, + X509_V_ERR_CERT_REVOKED = 16, + X509_V_ERR_CERT_CHAIN_TOO_LONG = 17, + X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18, + X509_V_ERR_CERT_NOT_YET_VALID = 19, + X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20, + X509_V_ERR_CERT_HAS_EXPIRED = 21, + X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22, + + X509_V_OK = 0, + + CRYPTO_LOCK = 1, + CRYPTO_NUM_LOCKS = 10, + +}; + +/* extras end */ + +#ifndef NO_FILESYSTEM +/* CyaSSL extension, provide last error from SSL_get_error + since not using thread storage error queue */ +void ERR_print_errors_fp(FILE*, int err); +#endif + +enum { /* ssl Constants */ + SSL_ERROR_NONE = 0, /* for most functions */ + SSL_FAILURE = 0, /* for some functions */ + SSL_SUCCESS = 1, + + SSL_BAD_CERTTYPE = -8, + SSL_BAD_STAT = -7, + SSL_BAD_PATH = -6, + SSL_BAD_FILETYPE = -5, + SSL_BAD_FILE = -4, + SSL_NOT_IMPLEMENTED = -3, + SSL_UNKNOWN = -2, + SSL_FATAL_ERROR = -1, + + SSL_FILETYPE_ASN1 = 2, + SSL_FILETYPE_PEM = 1, + SSL_FILETYPE_DEFAULT = 2, /* ASN1 */ + SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */ + + SSL_VERIFY_NONE = 0, + SSL_VERIFY_PEER = 1, + SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2, + SSL_VERIFY_CLIENT_ONCE = 4, + + SSL_SESS_CACHE_OFF = 30, + SSL_SESS_CACHE_CLIENT = 31, + SSL_SESS_CACHE_SERVER = 32, + SSL_SESS_CACHE_BOTH = 33, + SSL_SESS_CACHE_NO_AUTO_CLEAR = 34, + SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35, + + SSL_ERROR_WANT_READ = 2, + SSL_ERROR_WANT_WRITE = 3, + SSL_ERROR_WANT_CONNECT = 7, + SSL_ERROR_WANT_ACCEPT = 8, + SSL_ERROR_SYSCALL = 5, + SSL_ERROR_WANT_X509_LOOKUP = 83, + SSL_ERROR_ZERO_RETURN = 6, + SSL_ERROR_SSL = 85, + + SSL_SENT_SHUTDOWN = 1, + SSL_RECEIVED_SHUTDOWN = 2, + SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4, + SSL_OP_NO_SSLv2 = 8, + + SSL_R_SSL_HANDSHAKE_FAILURE = 101, + SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102, + SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103, + SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104, + + PEM_BUFSIZE = 1024, +}; + + +#ifndef NO_PSK + typedef unsigned int (*psk_client_callback)(SSL*, const char*, char*, + unsigned int, unsigned char*, unsigned int); + void SSL_CTX_set_psk_client_callback(SSL_CTX*, psk_client_callback); + void SSL_set_psk_client_callback(SSL*, psk_client_callback); + + const char* SSL_get_psk_identity_hint(const SSL*); + const char* SSL_get_psk_identity(const SSL*); + + int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*); + int SSL_use_psk_identity_hint(SSL*, const char*); + + typedef unsigned int (*psk_server_callback)(SSL*, const char*, + unsigned char*, unsigned int); + void SSL_CTX_set_psk_server_callback(SSL_CTX*, psk_server_callback); + void SSL_set_psk_server_callback(SSL*, psk_server_callback); + + #define PSK_TYPES_DEFINED +#endif /* NO_PSK */ + + +/* extra begins */ + +enum { /* ERR Constants */ + ERR_TXT_STRING = 1, +}; + +unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *); + +unsigned long ERR_get_error(void); +void ERR_clear_error(void); + + +int RAND_status(void); +int RAND_bytes(unsigned char* buf, int num); +SSL_METHOD *SSLv23_server_method(void); +long SSL_CTX_set_options(SSL_CTX*, long); +int SSL_CTX_check_private_key(SSL_CTX*); + + +void ERR_free_strings(void); +void ERR_remove_state(unsigned long); +void EVP_cleanup(void); + +void CRYPTO_cleanup_all_ex_data(void); +long SSL_CTX_set_mode(SSL_CTX* ctx, long mode); +long SSL_CTX_get_mode(SSL_CTX* ctx); +void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m); + +long SSL_CTX_sess_set_cache_size(SSL_CTX*, long); + +int SSL_CTX_set_default_verify_paths(SSL_CTX*); +int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*, + unsigned int); + +X509* SSL_get_peer_certificate(SSL* ssl); + +int SSL_want_read(SSL*); +int SSL_want_write(SSL*); + +int BIO_printf(BIO*, const char*, ...); +int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*); + +int sk_num(X509_REVOKED*); +void* sk_value(X509_REVOKED*, int); + +/* stunnel 4.28 needs */ +void* SSL_CTX_get_ex_data(const SSL_CTX*, int); +int SSL_CTX_set_ex_data(SSL_CTX*, int, void*); +void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*, unsigned char*, + int, int*)); +void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*, SSL_SESSION*)); +void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*, SSL_SESSION*)); + +int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**); +SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**, long); + +long SSL_SESSION_get_timeout(const SSL_SESSION*); +long SSL_SESSION_get_time(const SSL_SESSION*); +int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*); + +/* extra ends */ + + +/* CyaSSL extensions */ + +/* call before SSL_connect, if verifying will add name check to + date check and signature check */ +int CyaSSL_check_domain_name(SSL* ssl, const char* dn); + +int InitCyaSSL(void); /* need to call once to load library (session cache) */ +int FreeCyaSSL(void); /* call when done to free session cache mutex */ + +int CyaSSL_Debugging_ON(void); /* turn logging on, only if compiled in */ +void CyaSSL_Debugging_OFF(void); /* turn logging off */ + +int CyaSSL_set_compression(SSL* ssl); /* turn on CyaSSL data compression */ + +int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU + private key blob */ +X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl); /* get CyaSSL peer X509_CHAIN */ +int CyaSSL_get_chain_count(X509_CHAIN* chain); /* peer chain count */ +int CyaSSL_get_chain_length(X509_CHAIN*, int idx); /* index cert length */ +unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); /* index cert */ +int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, unsigned char* buffer, + int inLen, int* outLen); /* get index cert in PEM */ +const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* session); + +#ifndef _WIN32 + #ifndef NO_WRITEV + #include <sys/uio.h> + /* allow writev style writing */ + int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt); + #endif +#endif + +#if defined(NO_FILESYSTEM) || defined(MICRIUM) + +int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*, long, int); +int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int); +int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*, long, int); +int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*,const unsigned char*,long); + +#endif /* NO_FILESYSTEM || MICRIUM */ + + +/* I/O callbacks */ +typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx); +typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx); + +void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv); +void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend); + +void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx); +void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx); + + +#ifdef CYASSL_CALLBACKS + +/* used internally by CyaSSL while OpenSSL types aren't */ +#include "cyassl_callbacks.h" + +typedef int (*HandShakeCallBack)(HandShakeInfo*); +typedef int (*TimeoutCallBack)(TimeoutInfo*); + +/* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack + for diagnostics */ +int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval); +int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval); + +#endif /* CYASSL_CALLBACKS */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CyaSSL_openssl_h__ */ |