|
0
|
1
|
|
|
2 /*
|
|
|
3 * Copyright (C) Igor Sysoev
|
|
|
4 */
|
|
|
5
|
|
|
6
|
|
|
7 #ifndef _NGX_EVENT_OPENSSL_H_INCLUDED_
|
|
|
8 #define _NGX_EVENT_OPENSSL_H_INCLUDED_
|
|
|
9
|
|
|
10
|
|
|
11 #include <ngx_config.h>
|
|
|
12 #include <ngx_core.h>
|
|
|
13
|
|
|
14 #include <openssl/ssl.h>
|
|
|
15 #include <openssl/err.h>
|
|
|
16
|
|
90
|
17 #if OPENSSL_VERSION_NUMBER >= 0x00907000
|
|
|
18 #include <openssl/engine.h>
|
|
96
|
19 #define NGX_SSL_ENGINE 1
|
|
90
|
20 #endif
|
|
|
21
|
|
96
|
22 #define NGX_SSL_NAME "OpenSSL"
|
|
|
23
|
|
|
24
|
|
|
25 typedef struct {
|
|
|
26 SSL_CTX *ctx;
|
|
|
27 RSA *rsa512_key;
|
|
|
28 ngx_log_t *log;
|
|
|
29 } ngx_ssl_t;
|
|
90
|
30
|
|
0
|
31
|
|
|
32 typedef struct {
|
|
96
|
33 SSL *connection;
|
|
196
|
34
|
|
96
|
35 ngx_int_t last;
|
|
|
36 ngx_buf_t *buf;
|
|
|
37
|
|
|
38 ngx_connection_handler_pt handler;
|
|
0
|
39
|
|
96
|
40 ngx_event_handler_pt saved_read_handler;
|
|
|
41 ngx_event_handler_pt saved_write_handler;
|
|
28
|
42
|
|
96
|
43 unsigned handshaked:1;
|
|
|
44 unsigned buffer:1;
|
|
|
45 unsigned no_wait_shutdown:1;
|
|
|
46 unsigned no_send_shutdown:1;
|
|
|
47 } ngx_ssl_connection_t;
|
|
0
|
48
|
|
|
49
|
|
126
|
50 #define ngx_ssl_session_t SSL_SESSION
|
|
|
51
|
|
|
52
|
|
96
|
53 #define NGX_SSL_SSLv2 2
|
|
|
54 #define NGX_SSL_SSLv3 4
|
|
|
55 #define NGX_SSL_TLSv1 8
|
|
0
|
56
|
|
|
57
|
|
96
|
58 #define NGX_SSL_BUFFER 1
|
|
126
|
59 #define NGX_SSL_CLIENT 2
|
|
0
|
60
|
|
96
|
61 #define NGX_SSL_BUFSIZE 16384
|
|
0
|
62
|
|
|
63
|
|
196
|
64 #define NGX_SSL_VERIFY SSL_VERIFY_PEER
|
|
|
65
|
|
|
66
|
|
0
|
67 ngx_int_t ngx_ssl_init(ngx_log_t *log);
|
|
96
|
68 ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols);
|
|
112
|
69 ngx_int_t ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
|
|
|
70 ngx_str_t *cert, ngx_str_t *key);
|
|
196
|
71 ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
|
|
|
72 ngx_str_t *cert);
|
|
96
|
73 ngx_int_t ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl);
|
|
|
74 ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c,
|
|
92
|
75 ngx_uint_t flags);
|
|
126
|
76
|
|
|
77 ngx_int_t ngx_ssl_set_session(ngx_connection_t *c, ngx_ssl_session_t *session);
|
|
160
|
78 #define ngx_ssl_get_session(c) SSL_get1_session(c->ssl->connection)
|
|
|
79 #define ngx_ssl_free_session SSL_SESSION_free
|
|
|
80
|
|
|
81
|
|
|
82 u_char *ngx_ssl_get_protocol(ngx_connection_t *c);
|
|
|
83 u_char *ngx_ssl_get_cipher_name(ngx_connection_t *c);
|
|
196
|
84 ngx_int_t ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool,
|
|
|
85 ngx_str_t *s);
|
|
|
86 ngx_int_t ngx_ssl_get_issuer_dn(ngx_connection_t *c, ngx_pool_t *pool,
|
|
|
87 ngx_str_t *s);
|
|
|
88
|
|
160
|
89
|
|
126
|
90
|
|
96
|
91 ngx_int_t ngx_ssl_handshake(ngx_connection_t *c);
|
|
18
|
92 ssize_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size);
|
|
88
|
93 ssize_t ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size);
|
|
126
|
94 ssize_t ngx_ssl_recv_chain(ngx_connection_t *c, ngx_chain_t *cl);
|
|
0
|
95 ngx_chain_t *ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in,
|
|
38
|
96 off_t limit);
|
|
0
|
97 ngx_int_t ngx_ssl_shutdown(ngx_connection_t *c);
|
|
132
|
98 void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
|
|
38
|
99 char *fmt, ...);
|
|
58
|
100 void ngx_ssl_cleanup_ctx(void *data);
|
|
0
|
101
|
|
|
102
|
|
|
103 #endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */
|
