/*
- * "$Id$"
- *
* Private HTTP definitions for CUPS.
*
- * Copyright 2007-2014 by Apple Inc.
+ * Copyright 2007-2017 by Apple Inc.
* Copyright 1997-2007 by Easy Software Products, all rights reserved.
*
* These coded instructions, statements, and computer programs are the
* property of Apple Inc. and are protected by Federal copyright
* law. Distribution and use rights are outlined in the file "LICENSE.txt"
* which should have been included with this file. If this file is
- * file is missing or damaged, see the license at "http://www.cups.org/".
+ * missing or damaged, see the license at "http://www.cups.org/".
*
* This file is subject to the Apple OS-Developed Software exception.
*/
# if defined(__APPLE__) && !defined(_SOCKLEN_T)
/*
- * MacOS X 10.2.x does not define socklen_t, and in fact uses an int instead of
+ * macOS 10.2.x does not define socklen_t, and in fact uses an int instead of
* unsigned type for length values...
*/
# ifdef __cplusplus
extern "C" {
# endif /* __cplusplus */
+# ifndef _SECURITY_VERSION_GREATER_THAN_57610_
+typedef CF_OPTIONS(uint32_t, SecKeyUsage) {
+ kSecKeyUsageAll = 0x7FFFFFFF
+};
+# endif /* !_SECURITY_VERSION_GREATER_THAN_57610_ */
+extern const void * kSecCSRChallengePassword;
+extern const void * kSecSubjectAltName;
+extern const void * kSecCertificateKeyUsage;
+extern const void * kSecCSRBasicContraintsPathLen;
+extern const void * kSecCertificateExtensions;
+extern const void * kSecCertificateExtensionsEncoded;
+extern const void * kSecOidCommonName;
+extern const void * kSecOidCountryName;
+extern const void * kSecOidStateProvinceName;
+extern const void * kSecOidLocalityName;
+extern const void * kSecOidOrganization;
+extern const void * kSecOidOrganizationalUnit;
extern SecCertificateRef SecCertificateCreateWithBytes(CFAllocatorRef allocator, const UInt8 *bytes, CFIndex length);
extern bool SecCertificateIsValid(SecCertificateRef certificate, CFAbsoluteTime verifyTime);
extern CFAbsoluteTime SecCertificateNotValidAfter(SecCertificateRef certificate);
+extern SecCertificateRef SecGenerateSelfSignedCertificate(CFArrayRef subject, CFDictionaryRef parameters, SecKeyRef publicKey, SecKeyRef privateKey);
+extern SecIdentityRef SecIdentityCreate(CFAllocatorRef allocator, SecCertificateRef certificate, SecKeyRef privateKey);
# ifdef __cplusplus
}
# endif /* __cplusplus */
#define _HTTP_RESOLVE_FQDN 2 /* Resolve to a FQDN */
#define _HTTP_RESOLVE_FAXOUT 4 /* Resolve FaxOut service? */
-#define _HTTP_TLS_ALLOW_RC4 1 /* Allow RC4 cipher suites */
-#define _HTTP_TLS_ALLOW_SSL3 1 /* Allow SSL 3.0 */
+#define _HTTP_TLS_UNCHANGED 0 /* Don't change TLS options */
+#define _HTTP_TLS_NONE 1 /* No TLS options */
+#define _HTTP_TLS_ALLOW_RC4 2 /* Allow RC4 cipher suites */
+#define _HTTP_TLS_ALLOW_SSL3 4 /* Allow SSL 3.0 */
+#define _HTTP_TLS_ALLOW_DH 8 /* Allow DH/DHE key negotiation */
+#define _HTTP_TLS_DENY_TLS10 16 /* Deny TLS 1.0 */
+#define _HTTP_TLS_DENY_CBC 32 /* Deny CBC cipher suites */
+#define _HTTP_TLS_ONLY_TLS10 64 /* Only use TLS 1.0 */
/*
# if !defined(HAVE_SECBASEPRIV_H) && defined(HAVE_CSSMERRORSTRING) /* Declare prototype for function in that header... */
extern const char *cssmErrorString(int error);
# endif /* !HAVE_SECBASEPRIV_H && HAVE_CSSMERRORSTRING */
-# ifndef HAVE_SECITEMPRIV_H /* Declare constants from that header... */
-extern const CFTypeRef kSecClassCertificate;
-extern const CFTypeRef kSecClassIdentity;
-# endif /* !HAVE_SECITEMPRIV_H */
# if !defined(HAVE_SECIDENTITYSEARCHPRIV_H) && defined(HAVE_SECIDENTITYSEARCHCREATEWITHPOLICY) /* Declare prototype for function in that header... */
extern OSStatus SecIdentitySearchCreateWithPolicy(SecPolicyRef policy,
CFStringRef idString, CSSM_KEYUSE keyUsage,
extern size_t _httpTLSPending(http_t *http);
extern int _httpTLSRead(http_t *http, char *buf, int len);
extern int _httpTLSSetCredentials(http_t *http);
-extern void _httpTLSSetOptions(int options);
+extern void _httpTLSSetOptions(unsigned int options);
extern int _httpTLSStart(http_t *http);
extern void _httpTLSStop(http_t *http);
extern int _httpTLSWrite(http_t *http, const char *buf, int len);
# endif /* __cplusplus */
#endif /* !_CUPS_HTTP_PRIVATE_H_ */
-
-/*
- * End of "$Id$".
- */