]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/security/forward.h
2 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 #ifndef SQUID_SRC_SECURITY_FORWARD_H
10 #define SQUID_SRC_SECURITY_FORWARD_H
12 #include "security/Context.h"
13 #include "security/Session.h"
16 #if HAVE_GNUTLS_X509_H
17 #include <gnutls/x509.h>
21 #include <unordered_set>
24 // Macro to be used to define the C++ wrapper functor of the sk_*_pop_free
25 // OpenSSL family of functions. The C++ functor is suffixed with the _free_wrapper
27 #define sk_dtor_wrapper(sk_object, argument_type, freefunction) \
28 struct sk_object ## _free_wrapper { \
29 void operator()(argument_type a) { sk_object ## _pop_free(a, freefunction); } \
31 #endif /* USE_OPENSSL */
33 /* flags a SSL connection can be configured with */
34 #define SSL_FLAG_NO_DEFAULT_CA (1<<0)
35 #define SSL_FLAG_DELAYED_AUTH (1<<1)
36 #define SSL_FLAG_DONT_VERIFY_PEER (1<<2)
37 #define SSL_FLAG_DONT_VERIFY_DOMAIN (1<<3)
38 #define SSL_FLAG_NO_SESSION_REUSE (1<<4)
39 #define SSL_FLAG_VERIFY_CRL (1<<5)
40 #define SSL_FLAG_VERIFY_CRL_ALL (1<<6)
42 /// Network/connection security abstraction layer
47 CtoCpp1(X509_free
, X509
*)
48 typedef Security::LockingPointer
<X509
, X509_free_cpp
, CRYPTO_LOCK_X509
> CertPointer
;
50 CtoCpp1(gnutls_x509_crt_deinit
, gnutls_x509_crt_t
)
51 typedef Security::LockingPointer
<struct gnutls_x509_crt_int
, gnutls_x509_crt_deinit
, -1> CertPointer
;
53 typedef void * CertPointer
;
57 CtoCpp1(X509_CRL_free
, X509_CRL
*)
58 typedef LockingPointer
<X509_CRL
, X509_CRL_free_cpp
, CRYPTO_LOCK_X509_CRL
> CrlPointer
;
60 CtoCpp1(gnutls_x509_crl_deinit
, gnutls_x509_crl_t
)
61 typedef Security::LockingPointer
<struct gnutls_x509_crl_int
, gnutls_x509_crl_deinit
, -1> CrlPointer
;
63 typedef void *CrlPointer
;
66 typedef std::list
<Security::CertPointer
> CertList
;
68 typedef std::list
<Security::CrlPointer
> CertRevokeList
;
71 CtoCpp1(DH_free
, DH
*);
72 typedef Security::LockingPointer
<DH
, DH_free_cpp
, CRYPTO_LOCK_DH
> DhePointer
;
74 typedef void *DhePointer
;
77 class EncryptorAnswer
;
79 /// Squid defined error code (<0), an error code returned by X.509 API, or SSL_ERROR_NONE
80 typedef int ErrorCode
;
82 /// set of Squid defined TLS error codes
83 /// \note using std::unordered_set ensures values are unique, with fast lookup
84 typedef std::unordered_set
<Security::ErrorCode
> Errors
;
91 } // namespace Security
93 #endif /* SQUID_SRC_SECURITY_FORWARD_H */