1 | /* |
---|
2 | C K _ S S L . H -- OpenSSL Interface Header for C-Kermit |
---|
3 | |
---|
4 | Copyright (C) 1985, 2001, |
---|
5 | Trustees of Columbia University in the City of New York. |
---|
6 | All rights reserved. See the C-Kermit COPYING.TXT file or the |
---|
7 | copyright text in the ckcmai.c module for disclaimer and permissions. |
---|
8 | |
---|
9 | Author: Jeffrey E Altman (jaltman@columbia.edu) |
---|
10 | */ |
---|
11 | |
---|
12 | #ifdef CK_SSL |
---|
13 | #ifndef CK_ANSIC |
---|
14 | #define NOPROTO |
---|
15 | #endif /* CK_ANSIC */ |
---|
16 | |
---|
17 | #ifdef COMMENT /* Not for C-Kermit 7.1 */ |
---|
18 | #ifdef KRB5 |
---|
19 | #ifndef NOSSLK5 |
---|
20 | #ifndef SSL_KRB5 |
---|
21 | #define SSL_KRB5 |
---|
22 | #endif /* SSL_KRB5 */ |
---|
23 | #endif /* NOSSLK5 */ |
---|
24 | #endif /* KRB5 */ |
---|
25 | #endif /* COMMENT */ |
---|
26 | |
---|
27 | #ifdef OS2 |
---|
28 | #ifndef ZLIB |
---|
29 | #define ZLIB |
---|
30 | #endif /* ZLIB */ |
---|
31 | #endif /* OS2 */ |
---|
32 | |
---|
33 | #ifdef ZLIB |
---|
34 | #include <openssl/comp.h> |
---|
35 | #endif /* ZLIB */ |
---|
36 | /* We place the following to avoid loading openssl/mdc2.h since it |
---|
37 | * relies on the OpenSSL des.h. Since we do not need the MDC2 |
---|
38 | * definitions there is no reason to have it included by openssl/evp.h |
---|
39 | */ |
---|
40 | #define OPENSSL_NO_MDC2 |
---|
41 | #include <openssl/des.h> |
---|
42 | #include <openssl/ssl.h> |
---|
43 | #include <openssl/x509v3.h> |
---|
44 | #include <openssl/rand.h> |
---|
45 | #include <openssl/x509_vfy.h> |
---|
46 | #include <openssl/err.h> |
---|
47 | #include <openssl/pem.h> |
---|
48 | #include <openssl/bn.h> |
---|
49 | #include <openssl/blowfish.h> |
---|
50 | #include <openssl/dh.h> |
---|
51 | #include <openssl/rc4.h> |
---|
52 | #include <openssl/cast.h> |
---|
53 | #include <openssl/dsa.h> |
---|
54 | #include <openssl/rsa.h> |
---|
55 | #include <openssl/md5.h> |
---|
56 | #include <openssl/sha.h> |
---|
57 | #include <openssl/evp.h> |
---|
58 | #include <openssl/hmac.h> |
---|
59 | #ifdef SSL_KRB5 |
---|
60 | #include <openssl/kssl.h> |
---|
61 | #endif /* SSL_KRB5 */ |
---|
62 | |
---|
63 | extern BIO *bio_err; |
---|
64 | extern SSL *ssl_con; |
---|
65 | extern SSL_CTX *ssl_ctx; |
---|
66 | extern int ssl_debug_flag; |
---|
67 | extern int ssl_only_flag; |
---|
68 | extern int ssl_active_flag; |
---|
69 | extern int ssl_verify_flag; |
---|
70 | extern int ssl_verbose_flag; |
---|
71 | extern int ssl_certsok_flag; |
---|
72 | extern int ssl_dummy_flag; |
---|
73 | extern int ssl_verify_depth; |
---|
74 | |
---|
75 | extern char *ssl_rsa_cert_file; |
---|
76 | extern char *ssl_rsa_cert_chain_file; |
---|
77 | extern char *ssl_rsa_key_file; |
---|
78 | extern char *ssl_dsa_cert_file; |
---|
79 | extern char *ssl_dsa_cert_chain_file; |
---|
80 | extern char *ssl_dh_key_file; |
---|
81 | extern char *ssl_cipher_list; |
---|
82 | extern char *ssl_crl_file; |
---|
83 | extern char *ssl_crl_dir; |
---|
84 | extern char *ssl_verify_file; |
---|
85 | extern char *ssl_verify_dir; |
---|
86 | extern char *ssl_dh_param_file; |
---|
87 | extern char *ssl_rnd_file; |
---|
88 | |
---|
89 | extern SSL_CTX *tls_ctx; |
---|
90 | extern SSL *tls_con; |
---|
91 | extern int tls_only_flag; |
---|
92 | extern int tls_active_flag; |
---|
93 | extern int x509_cert_valid; |
---|
94 | extern X509_STORE *crl_store; |
---|
95 | |
---|
96 | #ifndef NOHTTP |
---|
97 | extern SSL_CTX *tls_http_ctx; |
---|
98 | extern SSL *tls_http_con; |
---|
99 | extern int tls_http_active_flag; |
---|
100 | #endif /* NOHTTP */ |
---|
101 | |
---|
102 | extern int ssl_initialized; |
---|
103 | |
---|
104 | _PROTOTYP(VOID ssl_once_init,(void)); |
---|
105 | _PROTOTYP(int ssl_tn_init,(int)); |
---|
106 | _PROTOTYP(int ssl_http_init,(char *)); |
---|
107 | _PROTOTYP(int ck_ssl_http_client,(int,char *)); |
---|
108 | _PROTOTYP(int ssl_display_connect_details,(SSL *,int,int)); |
---|
109 | _PROTOTYP(int ssl_server_verify_callback,(int, X509_STORE_CTX *)); |
---|
110 | _PROTOTYP(int ssl_client_verify_callback,(int, X509_STORE_CTX *)); |
---|
111 | _PROTOTYP(int ssl_reply,(int, unsigned char *, int)); |
---|
112 | _PROTOTYP(int ssl_is,(unsigned char *, int)); |
---|
113 | _PROTOTYP(int ck_ssl_incoming,(int)); |
---|
114 | _PROTOTYP(int ck_ssl_outgoing,(int)); |
---|
115 | _PROTOTYP(int tls_is_user_valid,(SSL *, const char *)); |
---|
116 | _PROTOTYP(char * ssl_get_dnsName,(SSL *)); |
---|
117 | _PROTOTYP(char * ssl_get_commonName,(SSL *)); |
---|
118 | _PROTOTYP(char * ssl_get_issuer_name,(SSL *)); |
---|
119 | _PROTOTYP(char * ssl_get_subject_name,(SSL *)); |
---|
120 | _PROTOTYP(int ssl_get_client_finished,(char *, int)); |
---|
121 | _PROTOTYP(int ssl_get_server_finished,(char *, int)); |
---|
122 | _PROTOTYP(int ssl_passwd_callback,(char *, int, int, VOID *)); |
---|
123 | _PROTOTYP(VOID ssl_client_info_callback,(const SSL *,int, int)); |
---|
124 | _PROTOTYP(int ssl_anonymous_cipher,(SSL * ssl)); |
---|
125 | _PROTOTYP(int tls_load_certs,(SSL_CTX * ctx, SSL * con, int server)); |
---|
126 | _PROTOTYP(int ssl_verify_crl,(int, X509_STORE_CTX *)); |
---|
127 | _PROTOTYP(int tls_is_krb5,(int)); |
---|
128 | _PROTOTYP(int X509_userok,(X509 *,const char *)); |
---|
129 | _PROTOTYP(int ck_X509_save_cert_to_user_store,(X509 *)); |
---|
130 | #ifdef OS2 |
---|
131 | #include "ckosslc.h" |
---|
132 | #include "ckossl.h" |
---|
133 | #endif /* OS2 */ |
---|
134 | |
---|
135 | #define SSL_CLIENT 0 |
---|
136 | #define SSL_SERVER 1 |
---|
137 | #define SSL_HTTP 2 |
---|
138 | |
---|
139 | #define SSL_ERR_BFSZ 4096 |
---|
140 | |
---|
141 | #ifdef SSL_KRB5 |
---|
142 | #define DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:+KRB5:+ADH:+EXP" |
---|
143 | #else |
---|
144 | #define DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:+ADH:+EXP" |
---|
145 | #endif /* SSL_KRB5 */ |
---|
146 | #endif /* CK_SSL */ |
---|