7 * SQUID Internet Object Cache http://squid.nlanr.net/Squid/
8 * ----------------------------------------------------------
10 * Squid is the result of efforts by numerous individuals from the
11 * Internet community. Development is led by Duane Wessels of the
12 * National Laboratory for Applied Network Research and funded by the
13 * National Science Foundation. Squid is Copyrighted (C) 1998 by
14 * Duane Wessels and the University of California San Diego. Please
15 * see the COPYRIGHT file for full details. Squid incorporates
16 * software developed and/or copyrighted by other sources. Please see
17 * the CREDITS file for full details.
19 * This program is free software; you can redistribute it and/or modify
20 * it under the terms of the GNU General Public License as published by
21 * the Free Software Foundation; either version 2 of the License, or
22 * (at your option) any later version.
24 * This program is distributed in the hope that it will be useful,
25 * but WITHOUT ANY WARRANTY; without even the implied warranty of
26 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
27 * GNU General Public License for more details.
29 * You should have received a copy of the GNU General Public License
30 * along with this program; if not, write to the Free Software
31 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
35 #ifndef SQUID_SSL_SUPPORT_H
36 #define SQUID_SSL_SUPPORT_H
39 #if HAVE_OPENSSL_SSL_H
40 #include <openssl/ssl.h>
42 #if HAVE_OPENSSL_ERR_H
43 #include <openssl/err.h>
45 #if HAVE_OPENSSL_ENGINE_H
46 #include <openssl/engine.h>
50 \defgroup ServerProtocolSSLAPI Server-Side SSL API
51 \ingroup ServerProtocol
54 /// \ingroup ServerProtocolSSLAPI
55 SSL_CTX
*sslCreateServerContext(const char *certfile
, const char *keyfile
, int version
, const char *cipher
, const char *options
, const char *flags
, const char *clientCA
, const char *CAfile
, const char *CApath
, const char *CRLfile
, const char *dhpath
, const char *context
);
57 /// \ingroup ServerProtocolSSLAPI
58 SSL_CTX
*sslCreateClientContext(const char *certfile
, const char *keyfile
, int version
, const char *cipher
, const char *options
, const char *flags
, const char *CAfile
, const char *CApath
, const char *CRLfile
);
60 /// \ingroup ServerProtocolSSLAPI
61 int ssl_read_method(int, char *, int);
63 /// \ingroup ServerProtocolSSLAPI
64 int ssl_write_method(int, const char *, int);
66 /// \ingroup ServerProtocolSSLAPI
67 void ssl_shutdown_method(int);
70 /// \ingroup ServerProtocolSSLAPI
71 const char *sslGetUserEmail(SSL
*ssl
);
73 /// \ingroup ServerProtocolSSLAPI
74 typedef char const *SSLGETATTRIBUTE(SSL
*, const char *);
76 /// \ingroup ServerProtocolSSLAPI
77 SSLGETATTRIBUTE sslGetUserAttribute
;
79 /// \ingroup ServerProtocolSSLAPI
80 SSLGETATTRIBUTE sslGetCAAttribute
;
82 /// \ingroup ServerProtocolSSLAPI
83 const char *sslGetUserCertificatePEM(SSL
*ssl
);
85 /// \ingroup ServerProtocolSSLAPI
86 const char *sslGetUserCertificateChainPEM(SSL
*ssl
);
88 typedef int ssl_error_t
;
89 ssl_error_t
sslParseErrorString(const char *name
);
90 const char *sslFindErrorString(ssl_error_t value
);
92 // Custom SSL errors; assumes all official errors are positive
93 #define SQUID_X509_V_ERR_DOMAIN_MISMATCH -1
94 // All SSL errors range: from smallest (negative) custom to largest SSL error
95 #define SQUID_SSL_ERROR_MIN SQUID_X509_V_ERR_DOMAIN_MISMATCH
96 #define SQUID_SSL_ERROR_MAX INT_MAX
102 /** \cond AUTODOCS-IGNORE */
107 /// \ingroup ServerProtocolSSLAPI
109 int SSL_set_fd(SSL
*ssl
, int fd
)
111 return ::SSL_set_fd(ssl
, _get_osfhandle(fd
));
114 /// \ingroup ServerProtocolSSLAPI
115 #define SSL_set_fd(ssl,fd) Squid::SSL_set_fd(ssl,fd)
117 } /* namespace Squid */
121 /// \ingroup ServerProtocolSSLAPI
122 #define SSL_set_fd(s,f) (SSL_set_fd(s, _get_osfhandle(f)))
124 #endif /* __cplusplus */
126 #endif /* _SQUID_MSWIN_ */
128 #endif /* SQUID_SSL_SUPPORT_H */