blob: 59c9bdcbb1855af2e7164069888dde62de614443 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
/*************************************************************************
> File Name: cert_session.h
> Author:
> Mail:
> Created Time: Fri 01 Jun 2018 02:01:08 AM PDT
************************************************************************/
#ifndef _CERT_SESSION_H
#define _CERT_SESSION_H
#include <event2/event_compat.h>
#include "rt_sync.h"
#include <openssl/opensslv.h>
#include <openssl/ssl.h>
#include <openssl/err.h>
#include <openssl/rand.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
/*
* SHA0 was removed in OpenSSL 1.1.0, including OPENSSL_NO_SHA0.
*/
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(OPENSSL_NO_SHA0)
#define OPENSSL_NO_SHA0
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000L
#define ASN1_STRING_get0_data(value) ASN1_STRING_data(value)
#define SSL_is_server(ssl) (ssl->type != SSL_ST_CONNECT)
#define X509_get_signature_nid(x509) (OBJ_obj2nid(x509->sig_alg->algorithm))
int DH_set0_pqg(DH *, BIGNUM *, BIGNUM *, BIGNUM *);
#endif
/*
* The constructors returning a SSL_METHOD * were changed to return
* a const SSL_METHOD * between 0.9.8 and 1.0.0.
*/
#if (OPENSSL_VERSION_NUMBER < 0x1000000fL)
#define CONST_SSL_METHOD SSL_METHOD
#else /* >= OpenSSL 1.0.0 */
#define CONST_SSL_METHOD const SSL_METHOD
#endif /* >= OpensSL 1.0.0 */
/*
* SSL_OP_NO_* is used as an indication that OpenSSL is sufficiently recent
* to have the respective protocol implemented.
*
* OPENSSL_NO_SSL2 indicates the complete removal of SSL 2.0 support.
*
* OPENSSL_NO_SSL3 indicates that no SSL 3.0 connections will be made by
* default, but support is still present, unless OPENSSL_NO_SSL3_METHOD is
* also defined.
*/
#if defined(SSL_OP_NO_SSLv2) && !defined(OPENSSL_NO_SSL2) && \
defined(WITH_SSLV2)
#define HAVE_SSLV2
#endif /* SSL_OP_NO_SSLv2 && !OPENSSL_NO_SSL2 && WITH_SSLV2 */
#if defined(SSL_OP_NO_SSLv3) && !defined(OPENSSL_NO_SSL3_METHOD)
#define HAVE_SSLV3
#endif /* SSL_OP_NO_SSLv2 && !OPENSSL_NO_SSL3_METHOD */
#ifdef SSL_OP_NO_TLSv1
#define HAVE_TLSV10
#endif /* SSL_OP_NO_TLSv1 */
#ifdef SSL_OP_NO_TLSv1_1
#define HAVE_TLSV11
#endif /* SSL_OP_NO_TLSv1_1 */
#ifdef SSL_OP_NO_TLSv1_2
#define HAVE_TLSV12
#endif /* SSL_OP_NO_TLSv1_2 */
struct x509_object_ctx
{
X509 *root;
EVP_PKEY *key;
X509 *insec_root;
EVP_PKEY *insec_key;
};
typedef struct {
int id;
rt_pthread pid; /* unique ID of this thread */
evutil_socket_t accept_fd;
rt_pthread_attr *attr;
struct event_base *base;
struct x509_object_ctx def;
struct redisAsyncContext *cl_ctx;
struct redisContext *sync;
void * (*routine)(void *); /** Executive entry */
} x509_forge_thread;
int cert_store_session_init(const char *main_profile);
void sigproc(int __attribute__((__unused__))sig);
#endif
|
