projects / thirdparty / squid.git / blame
| Commit | Line | Data |
|---|---|---|
| fcfdf7f9 | 1 | /* |
| ef57eb7b | 2 | * Copyright (C) 1996-2016 The Squid Software Foundation and contributors |
| fcfdf7f9 AJ |
3 | * |
| 4 | * Squid software is distributed under GPLv2+ license and includes | |
| 5 | * contributions from numerous individuals and organizations. | |
| 6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
| 7 | */ | |
| 8 | ||
| 9 | #ifndef SQUID_SRC_SECURITY_FORWARD_H | |
| 10 | #define SQUID_SRC_SECURITY_FORWARD_H | |
| 11 | ||
| 12 | #include "security/Context.h" | |
| 63b8c4d7 | 13 | #include "security/Session.h" |
| f97700a0 AJ |
14 | |
| 15 | #if USE_GNUTLS | |
| 16 | #if HAVE_GNUTLS_X509_H | |
| 17 | #include <gnutls/x509.h> | |
| 18 | #endif | |
| 19 | #endif | |
| 6b19d1f9 | 20 | #include <list> |
| 83f8d8f9 | 21 | #include <unordered_set> |
| fcfdf7f9 | 22 | |
| 48c7e8cb AJ |
23 | #if USE_OPENSSL |
| 24 | // Macro to be used to define the C++ wrapper functor of the sk_*_pop_free | |
| 25 | // OpenSSL family of functions. The C++ functor is suffixed with the _free_wrapper | |
| 26 | // extension | |
| 27 | #define sk_dtor_wrapper(sk_object, argument_type, freefunction) \ | |
| 28 | struct sk_object ## _free_wrapper { \ | |
| 29 | void operator()(argument_type a) { sk_object ## _pop_free(a, freefunction); } \ | |
| 30 | } | |
| 31 | #endif /* USE_OPENSSL */ | |
| 32 | ||
| b24e9ae7 AJ |
33 | /* flags a SSL connection can be configured with */ |
| 34 | #define SSL_FLAG_NO_DEFAULT_CA (1<<0) | |
| 35 | #define SSL_FLAG_DELAYED_AUTH (1<<1) | |
| 36 | #define SSL_FLAG_DONT_VERIFY_PEER (1<<2) | |
| 37 | #define SSL_FLAG_DONT_VERIFY_DOMAIN (1<<3) | |
| 38 | #define SSL_FLAG_NO_SESSION_REUSE (1<<4) | |
| 39 | #define SSL_FLAG_VERIFY_CRL (1<<5) | |
| 40 | #define SSL_FLAG_VERIFY_CRL_ALL (1<<6) | |
| 41 | ||
| fcfdf7f9 AJ |
42 | /// Network/connection security abstraction layer |
| 43 | namespace Security | |
| 44 | { | |
| 45 | ||
| f97700a0 AJ |
46 | #if USE_OPENSSL |
| 47 | CtoCpp1(X509_free, X509 *) | |
| 48 | typedef Security::LockingPointer<X509, X509_free_cpp, CRYPTO_LOCK_X509> CertPointer; | |
| 49 | #elif USE_GNUTLS | |
| 50 | CtoCpp1(gnutls_x509_crt_deinit, gnutls_x509_crt_t) | |
| 51 | typedef Security::LockingPointer<struct gnutls_x509_crt_int, gnutls_x509_crt_deinit, -1> CertPointer; | |
| 52 | #else | |
| 53 | typedef void * CertPointer; | |
| 54 | #endif | |
| 55 | ||
| 6b19d1f9 AJ |
56 | #if USE_OPENSSL |
| 57 | CtoCpp1(X509_CRL_free, X509_CRL *) | |
| 58 | typedef LockingPointer<X509_CRL, X509_CRL_free_cpp, CRYPTO_LOCK_X509_CRL> CrlPointer; | |
| 59 | #elif USE_GNUTLS | |
| 60 | CtoCpp1(gnutls_x509_crl_deinit, gnutls_x509_crl_t) | |
| 61 | typedef Security::LockingPointer<struct gnutls_x509_crl_int, gnutls_x509_crl_deinit, -1> CrlPointer; | |
| 62 | #else | |
| 63 | typedef void *CrlPointer; | |
| 64 | #endif | |
| 65 | ||
| a34d1d2d CT |
66 | typedef std::list<Security::CertPointer> CertList; |
| 67 | ||
| 4b5ea8a6 CT |
68 | typedef std::list<Security::CrlPointer> CertRevokeList; |
| 69 | ||
| 104deb98 AJ |
70 | #if USE_OPENSSL |
| 71 | CtoCpp1(DH_free, DH *); | |
| 72 | typedef Security::LockingPointer<DH, DH_free_cpp, CRYPTO_LOCK_DH> DhePointer; | |
| 73 | #else | |
| 74 | typedef void *DhePointer; | |
| 75 | #endif | |
| 76 | ||
| a72b6e88 | 77 | class EncryptorAnswer; |
| 13cd7dee AJ |
78 | |
| 79 | /// Squid defined error code (<0), an error code returned by X.509 API, or SSL_ERROR_NONE | |
| 80 | typedef int ErrorCode; | |
| 81 | ||
| 83f8d8f9 AJ |
82 | /// set of Squid defined TLS error codes |
| 83 | /// \note using std::unordered_set ensures values are unique, with fast lookup | |
| 84 | typedef std::unordered_set<Security::ErrorCode> Errors; | |
| 85 | ||
| d1d72d43 | 86 | class KeyData; |
| a72b6e88 AJ |
87 | class PeerConnector; |
| 88 | class PeerOptions; | |
| 89 | class ServerOptions; | |
| d1d72d43 | 90 | |
| fcfdf7f9 AJ |
91 | } // namespace Security |
| 92 | ||
| 93 | #endif /* SQUID_SRC_SECURITY_FORWARD_H */ | |
| 94 |