]>
Commit | Line | Data |
---|---|---|
fcfdf7f9 | 1 | /* |
ef57eb7b | 2 | * Copyright (C) 1996-2016 The Squid Software Foundation and contributors |
fcfdf7f9 AJ |
3 | * |
4 | * Squid software is distributed under GPLv2+ license and includes | |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
7 | */ | |
8 | ||
9 | #ifndef SQUID_SRC_SECURITY_FORWARD_H | |
10 | #define SQUID_SRC_SECURITY_FORWARD_H | |
11 | ||
12 | #include "security/Context.h" | |
63b8c4d7 | 13 | #include "security/Session.h" |
f97700a0 AJ |
14 | |
15 | #if USE_GNUTLS | |
16 | #if HAVE_GNUTLS_X509_H | |
17 | #include <gnutls/x509.h> | |
18 | #endif | |
19 | #endif | |
6b19d1f9 | 20 | #include <list> |
83f8d8f9 | 21 | #include <unordered_set> |
fcfdf7f9 | 22 | |
48c7e8cb AJ |
23 | #if USE_OPENSSL |
24 | // Macro to be used to define the C++ wrapper functor of the sk_*_pop_free | |
25 | // OpenSSL family of functions. The C++ functor is suffixed with the _free_wrapper | |
26 | // extension | |
27 | #define sk_dtor_wrapper(sk_object, argument_type, freefunction) \ | |
28 | struct sk_object ## _free_wrapper { \ | |
29 | void operator()(argument_type a) { sk_object ## _pop_free(a, freefunction); } \ | |
30 | } | |
31 | #endif /* USE_OPENSSL */ | |
32 | ||
b24e9ae7 AJ |
33 | /* flags a SSL connection can be configured with */ |
34 | #define SSL_FLAG_NO_DEFAULT_CA (1<<0) | |
35 | #define SSL_FLAG_DELAYED_AUTH (1<<1) | |
36 | #define SSL_FLAG_DONT_VERIFY_PEER (1<<2) | |
37 | #define SSL_FLAG_DONT_VERIFY_DOMAIN (1<<3) | |
38 | #define SSL_FLAG_NO_SESSION_REUSE (1<<4) | |
39 | #define SSL_FLAG_VERIFY_CRL (1<<5) | |
40 | #define SSL_FLAG_VERIFY_CRL_ALL (1<<6) | |
41 | ||
fcfdf7f9 AJ |
42 | /// Network/connection security abstraction layer |
43 | namespace Security | |
44 | { | |
45 | ||
f97700a0 AJ |
46 | #if USE_OPENSSL |
47 | CtoCpp1(X509_free, X509 *) | |
48 | typedef Security::LockingPointer<X509, X509_free_cpp, CRYPTO_LOCK_X509> CertPointer; | |
49 | #elif USE_GNUTLS | |
50 | CtoCpp1(gnutls_x509_crt_deinit, gnutls_x509_crt_t) | |
51 | typedef Security::LockingPointer<struct gnutls_x509_crt_int, gnutls_x509_crt_deinit, -1> CertPointer; | |
52 | #else | |
53 | typedef void * CertPointer; | |
54 | #endif | |
55 | ||
6b19d1f9 AJ |
56 | #if USE_OPENSSL |
57 | CtoCpp1(X509_CRL_free, X509_CRL *) | |
58 | typedef LockingPointer<X509_CRL, X509_CRL_free_cpp, CRYPTO_LOCK_X509_CRL> CrlPointer; | |
59 | #elif USE_GNUTLS | |
60 | CtoCpp1(gnutls_x509_crl_deinit, gnutls_x509_crl_t) | |
61 | typedef Security::LockingPointer<struct gnutls_x509_crl_int, gnutls_x509_crl_deinit, -1> CrlPointer; | |
62 | #else | |
63 | typedef void *CrlPointer; | |
64 | #endif | |
65 | ||
a34d1d2d CT |
66 | typedef std::list<Security::CertPointer> CertList; |
67 | ||
4b5ea8a6 CT |
68 | typedef std::list<Security::CrlPointer> CertRevokeList; |
69 | ||
104deb98 AJ |
70 | #if USE_OPENSSL |
71 | CtoCpp1(DH_free, DH *); | |
72 | typedef Security::LockingPointer<DH, DH_free_cpp, CRYPTO_LOCK_DH> DhePointer; | |
73 | #else | |
74 | typedef void *DhePointer; | |
75 | #endif | |
76 | ||
a72b6e88 | 77 | class EncryptorAnswer; |
13cd7dee AJ |
78 | |
79 | /// Squid defined error code (<0), an error code returned by X.509 API, or SSL_ERROR_NONE | |
80 | typedef int ErrorCode; | |
81 | ||
83f8d8f9 AJ |
82 | /// set of Squid defined TLS error codes |
83 | /// \note using std::unordered_set ensures values are unique, with fast lookup | |
84 | typedef std::unordered_set<Security::ErrorCode> Errors; | |
85 | ||
d1d72d43 | 86 | class KeyData; |
a72b6e88 AJ |
87 | class PeerConnector; |
88 | class PeerOptions; | |
89 | class ServerOptions; | |
d1d72d43 | 90 | |
fcfdf7f9 AJ |
91 | } // namespace Security |
92 | ||
93 | #endif /* SQUID_SRC_SECURITY_FORWARD_H */ | |
94 |