Correct PPTP server firewall rules chain.
[tomato/davidwu.git] / release / src / router / cyassl / include / openssl / ssl.h
blob1ae308d84bf32dda01cc334d179570d7b19381bd
1 /* ssl.h
3 * Copyright (C) 2006-2011 Sawtooth Consulting Ltd.
5 * This file is part of CyaSSL.
7 * CyaSSL is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * CyaSSL is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
23 /* ssl.h defines openssl compatibility layer
29 #ifndef CYASSL_OPENSSL_H_
30 #define CYASSL_OPENSSL_H_
32 #include "os_settings.h" /* for users not using preprocessor flags */
34 #ifndef NO_FILESYSTEM
35 #include <stdio.h> /* ERR_print fp */
36 #endif
38 #ifdef YASSL_PREFIX
39 #include "prefix_ssl.h"
40 #endif
42 #define CYASSL_VERSION "1.9.0"
44 #undef X509_NAME /* wincrypt.h clash */
46 #ifdef __cplusplus
47 extern "C" {
48 #endif
52 typedef struct SSL SSL;
53 typedef struct SSL_SESSION SSL_SESSION;
54 typedef struct SSL_METHOD SSL_METHOD;
55 typedef struct SSL_CTX SSL_CTX;
57 typedef struct X509 X509;
58 typedef struct X509_NAME X509_NAME;
59 typedef struct X509_CHAIN X509_CHAIN;
62 /* redeclare guard */
63 #define SSL_TYPES_DEFINED
68 typedef struct EVP_PKEY EVP_PKEY;
69 typedef struct RSA RSA;
70 typedef struct BIO BIO;
71 typedef struct BIO_METHOD BIO_METHOD;
72 typedef struct SSL_CIPHER SSL_CIPHER;
73 typedef struct X509_LOOKUP X509_LOOKUP;
74 typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD;
75 typedef struct X509_CRL X509_CRL;
76 typedef struct X509_EXTENSION X509_EXTENSION;
77 typedef struct ASN1_TIME ASN1_TIME;
78 typedef struct ASN1_INTEGER ASN1_INTEGER;
79 typedef struct ASN1_OBJECT ASN1_OBJECT;
80 typedef struct ASN1_STRING ASN1_STRING;
81 typedef struct CRYPTO_dynlock_value CRYPTO_dynlock_value;
83 #define ASN1_UTCTIME ASN1_TIME
85 typedef struct MD4_CTX {
86 int buffer[32]; /* big enough to hold, check size in Init */
87 } MD4_CTX;
90 typedef struct COMP_METHOD {
91 int type; /* stunnel dereference */
92 } COMP_METHOD;
95 typedef struct X509_STORE {
96 int cache; /* stunnel dereference */
97 } X509_STORE;
100 typedef struct X509_REVOKED {
101 ASN1_INTEGER* serialNumber; /* stunnel dereference */
102 } X509_REVOKED;
105 typedef struct X509_OBJECT {
106 union {
107 char* ptr;
108 X509_CRL* crl; /* stunnel dereference */
109 } data;
110 } X509_OBJECT;
113 /* in cyassl_int.h too, change there !! */
114 typedef struct X509_STORE_CTX {
115 int error;
116 int error_depth;
117 X509* current_cert; /* stunnel dereference */
118 char* domain; /* subject CN domain name */
119 /* in cyassl_int.h too, change there !! */
120 } X509_STORE_CTX;
123 SSL_METHOD *SSLv3_server_method(void);
124 SSL_METHOD *SSLv3_client_method(void);
125 SSL_METHOD *TLSv1_server_method(void);
126 SSL_METHOD *TLSv1_client_method(void);
127 SSL_METHOD *TLSv1_1_server_method(void);
128 SSL_METHOD *TLSv1_1_client_method(void);
129 SSL_METHOD *TLSv1_2_server_method(void);
130 SSL_METHOD *TLSv1_2_client_method(void);
132 #ifdef CYASSL_DTLS
133 SSL_METHOD *DTLSv1_client_method(void);
134 SSL_METHOD *DTLSv1_server_method(void);
135 #endif
137 #ifndef NO_FILESYSTEM
139 int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int);
140 int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int);
141 int SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*);
142 int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file);
143 int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int);
145 #ifdef CYASSL_DER_LOAD
146 int CyaSSL_CTX_load_verify_locations(SSL_CTX*, const char*, int);
147 #endif
149 #ifdef HAVE_NTRU
150 int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU
151 private key blob */
152 #endif
154 int CyaSSL_PemCertToDer(const char*, unsigned char*, int);
156 #endif /* NO_FILESYSTEM */
158 SSL_CTX* SSL_CTX_new(SSL_METHOD*);
159 SSL* SSL_new(SSL_CTX*);
160 int SSL_set_fd (SSL*, int);
161 int SSL_get_fd(const SSL*);
162 int SSL_connect(SSL*); /* please see note at top of README
163 if you get an error from connect */
164 int SSL_write(SSL*, const void*, int);
165 int SSL_read(SSL*, void*, int);
166 int SSL_accept(SSL*);
167 void SSL_CTX_free(SSL_CTX*);
168 void SSL_free(SSL*);
169 int SSL_shutdown(SSL*);
171 void SSL_CTX_set_quiet_shutdown(SSL_CTX*, int);
173 int SSL_get_error(SSL*, int);
175 int SSL_set_session(SSL *ssl, SSL_SESSION *session);
176 SSL_SESSION* SSL_get_session(SSL* ssl);
177 void SSL_flush_sessions(SSL_CTX *ctx, long tm);
180 typedef int (*VerifyCallback)(int, X509_STORE_CTX*);
181 typedef int (*pem_password_cb)(char*, int, int, void*);
183 void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback);
186 int SSL_pending(SSL*);
189 void SSL_load_error_strings(void);
190 int SSL_library_init(void);
191 long SSL_CTX_set_session_cache_mode(SSL_CTX*, long);
193 /* only supports full name from cipher_name[] delimited by : */
194 int SSL_CTX_set_cipher_list(SSL_CTX*, const char*);
196 char* ERR_error_string(unsigned long,char*);
197 void ERR_error_string_n(unsigned long e, char *buf, size_t len);
200 /* extras */
202 #define STACK_OF(x) x
204 int SSL_set_ex_data(SSL*, int, void*);
205 int SSL_get_shutdown(const SSL*);
206 int SSL_set_rfd(SSL*, int);
207 int SSL_set_wfd(SSL*, int);
208 void SSL_set_shutdown(SSL*, int);
209 int SSL_set_session_id_context(SSL*, const unsigned char*, unsigned int);
210 void SSL_set_connect_state(SSL*);
211 void SSL_set_accept_state(SSL*);
212 int SSL_session_reused(SSL*);
213 void SSL_SESSION_free(SSL_SESSION* session);
215 const char* SSL_get_version(SSL*);
216 SSL_CIPHER* SSL_get_current_cipher(SSL*);
217 char* SSL_CIPHER_description(SSL_CIPHER*, char*, int);
218 const char* SSL_CIPHER_get_name(const SSL_CIPHER* cipher);
219 SSL_SESSION* SSL_get1_session(SSL* ssl); /* what's ref count */
221 void X509_free(X509*);
222 void OPENSSL_free(void*);
224 int OCSP_parse_url(char* url, char** host, char** port, char** path, int* ssl);
226 SSL_METHOD* SSLv23_client_method(void);
227 SSL_METHOD* SSLv2_client_method(void);
228 SSL_METHOD* SSLv2_server_method(void);
230 void MD4_Init(MD4_CTX*);
231 void MD4_Update(MD4_CTX*, const void*, size_t);
232 void MD4_Final(unsigned char*, MD4_CTX*);
234 BIO* BIO_new(BIO_METHOD*);
235 int BIO_free(BIO*);
236 int BIO_free_all(BIO*);
237 int BIO_read(BIO*, void*, int);
238 int BIO_write(BIO*, const void*, int);
239 BIO* BIO_push(BIO*, BIO* append);
240 BIO* BIO_pop(BIO*);
241 int BIO_flush(BIO*);
242 int BIO_pending(BIO*);
244 BIO_METHOD* BIO_f_buffer(void);
245 long BIO_set_write_buffer_size(BIO*, long size);
246 BIO_METHOD* BIO_f_ssl(void);
247 BIO* BIO_new_socket(int sfd, int flag);
248 void SSL_set_bio(SSL*, BIO* rd, BIO* wr);
249 int BIO_eof(BIO*);
250 long BIO_set_ssl(BIO*, SSL*, int flag);
252 BIO_METHOD* BIO_s_mem(void);
253 BIO_METHOD* BIO_f_base64(void);
254 void BIO_set_flags(BIO*, int);
256 void OpenSSL_add_all_algorithms(void);
257 int SSLeay_add_ssl_algorithms(void);
258 int SSLeay_add_all_algorithms(void);
260 void RAND_screen(void);
261 const char* RAND_file_name(char*, size_t);
262 int RAND_write_file(const char*);
263 int RAND_load_file(const char*, long);
264 int RAND_egd(const char*);
266 COMP_METHOD* COMP_zlib(void);
267 COMP_METHOD* COMP_rle(void);
268 int SSL_COMP_add_compression_method(int, void*);
270 int SSL_get_ex_new_index(long, void*, void*, void*, void*);
272 void CRYPTO_set_id_callback(unsigned long (*f)(void));
273 void CRYPTO_set_locking_callback(void (*f)(int, int, const char*, int));
274 void CRYPTO_set_dynlock_create_callback(CRYPTO_dynlock_value* (*f)(const char*,
275 int));
276 void CRYPTO_set_dynlock_lock_callback(void (*f)(int, CRYPTO_dynlock_value*,
277 const char*, int));
278 void CRYPTO_set_dynlock_destroy_callback(void (*f)(CRYPTO_dynlock_value*,
279 const char*, int));
281 X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*);
282 int X509_STORE_CTX_get_error(X509_STORE_CTX*);
283 int X509_STORE_CTX_get_error_depth(X509_STORE_CTX*);
285 char* X509_NAME_oneline(X509_NAME*, char*, int);
286 X509_NAME* X509_get_issuer_name(X509*);
287 X509_NAME* X509_get_subject_name(X509*);
288 const char* X509_verify_cert_error_string(long);
290 int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long);
291 int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long);
292 X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void);
293 X509_LOOKUP_METHOD* X509_LOOKUP_file(void);
295 X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*);
296 X509_STORE* X509_STORE_new(void);
297 int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*,
298 X509_OBJECT*);
299 int X509_STORE_CTX_init(X509_STORE_CTX*, X509_STORE*, X509*, STACK_OF(X509)*);
300 void X509_STORE_CTX_cleanup(X509_STORE_CTX*);
302 ASN1_TIME* X509_CRL_get_lastUpdate(X509_CRL*);
303 ASN1_TIME* X509_CRL_get_nextUpdate(X509_CRL*);
305 EVP_PKEY* X509_get_pubkey(X509*);
306 int X509_CRL_verify(X509_CRL*, EVP_PKEY*);
307 void X509_STORE_CTX_set_error(X509_STORE_CTX*, int);
308 void X509_OBJECT_free_contents(X509_OBJECT*);
309 void EVP_PKEY_free(EVP_PKEY*);
310 int X509_cmp_current_time(const ASN1_TIME*);
311 int sk_X509_REVOKED_num(X509_REVOKED*);
313 X509_REVOKED* X509_CRL_get_REVOKED(X509_CRL*);
314 X509_REVOKED* sk_X509_REVOKED_value(X509_REVOKED*, int);
316 ASN1_INTEGER* X509_get_serialNumber(X509*);
318 int ASN1_TIME_print(BIO*, const ASN1_TIME*);
320 int ASN1_INTEGER_cmp(const ASN1_INTEGER*, const ASN1_INTEGER*);
321 long ASN1_INTEGER_get(const ASN1_INTEGER*);
323 STACK_OF(X509_NAME)* SSL_load_client_CA_file(const char*);
325 void SSL_CTX_set_client_CA_list(SSL_CTX*, STACK_OF(X509_NAME)*);
326 void* X509_STORE_CTX_get_ex_data(X509_STORE_CTX*, int);
327 int SSL_get_ex_data_X509_STORE_CTX_idx(void);
328 void* SSL_get_ex_data(const SSL*, int);
330 void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata);
331 void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb);
334 long SSL_CTX_set_timeout(SSL_CTX*, long);
335 void SSL_CTX_set_info_callback(SSL_CTX*, void (*)());
337 unsigned long ERR_peek_error(void);
338 int ERR_GET_REASON(int);
340 char* SSL_alert_type_string_long(int);
341 char* SSL_alert_desc_string_long(int);
342 char* SSL_state_string_long(SSL*);
344 void RSA_free(RSA*);
345 RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*);
346 void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int));
348 int PEM_def_callback(char*, int num, int w, void* key);
350 long SSL_CTX_sess_accept(SSL_CTX*);
351 long SSL_CTX_sess_connect(SSL_CTX*);
352 long SSL_CTX_sess_accept_good(SSL_CTX*);
353 long SSL_CTX_sess_connect_good(SSL_CTX*);
354 long SSL_CTX_sess_accept_renegotiate(SSL_CTX*);
355 long SSL_CTX_sess_connect_renegotiate(SSL_CTX*);
356 long SSL_CTX_sess_hits(SSL_CTX*);
357 long SSL_CTX_sess_cb_hits(SSL_CTX*);
358 long SSL_CTX_sess_cache_full(SSL_CTX*);
359 long SSL_CTX_sess_misses(SSL_CTX*);
360 long SSL_CTX_sess_timeouts(SSL_CTX*);
361 long SSL_CTX_sess_number(SSL_CTX*);
362 long SSL_CTX_sess_get_cache_size(SSL_CTX*);
365 #define SSL_DEFAULT_CIPHER_LIST "" /* default all */
366 #define RSA_F4 0x10001L
368 enum {
369 OCSP_NOCERTS = 1,
370 OCSP_NOINTERN = 2,
371 OCSP_NOSIGS = 4,
372 OCSP_NOCHAIN = 8,
373 OCSP_NOVERIFY = 16,
374 OCSP_NOEXPLICIT = 32,
375 OCSP_NOCASIGN = 64,
376 OCSP_NODELEGATED = 128,
377 OCSP_NOCHECKS = 256,
378 OCSP_TRUSTOTHER = 512,
379 OCSP_RESPID_KEY = 1024,
380 OCSP_NOTIME = 2048,
382 OCSP_CERTID = 2,
383 OCSP_REQUEST = 4,
384 OCSP_RESPONSE = 8,
385 OCSP_BASICRESP = 16,
387 ASN1_GENERALIZEDTIME = 4,
389 SSL_OP_MICROSOFT_SESS_ID_BUG = 1,
390 SSL_OP_NETSCAPE_CHALLENGE_BUG = 2,
391 SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 3,
392 SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG = 4,
393 SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER = 5,
394 SSL_OP_MSIE_SSLV2_RSA_PADDING = 6,
395 SSL_OP_SSLEAY_080_CLIENT_DH_BUG = 7,
396 SSL_OP_TLS_D5_BUG = 8,
397 SSL_OP_TLS_BLOCK_PADDING_BUG = 9,
398 SSL_OP_TLS_ROLLBACK_BUG = 10,
399 SSL_OP_ALL = 11,
400 SSL_OP_EPHEMERAL_RSA = 12,
401 SSL_OP_NO_SSLv3 = 13,
402 SSL_OP_NO_TLSv1 = 14,
403 SSL_OP_PKCS1_CHECK_1 = 15,
404 SSL_OP_PKCS1_CHECK_2 = 16,
405 SSL_OP_NETSCAPE_CA_DN_BUG = 17,
406 SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG = 18,
407 SSL_OP_SINGLE_DH_USE = 19,
408 SSL_OP_NO_TICKET = 20,
409 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS = 21,
410 SSL_OP_NO_QUERY_MTU = 22,
411 SSL_OP_COOKIE_EXCHANGE = 23,
412 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION = 24,
413 SSL_OP_SINGLE_ECDH_USE = 25,
414 SSL_OP_CIPHER_SERVER_PREFERENCE = 26,
416 SSL_MAX_SSL_SESSION_ID_LENGTH = 32,
418 EVP_R_BAD_DECRYPT = 2,
420 SSL_CB_LOOP = 4,
421 SSL_ST_CONNECT = 5,
422 SSL_ST_ACCEPT = 6,
423 SSL_CB_ALERT = 7,
424 SSL_CB_READ = 8,
425 SSL_CB_HANDSHAKE_DONE = 9,
427 SSL_MODE_ENABLE_PARTIAL_WRITE = 2,
429 BIO_FLAGS_BASE64_NO_NL = 1,
430 BIO_CLOSE = 1,
431 BIO_NOCLOSE = 0,
433 NID_undef = 0,
435 X509_FILETYPE_PEM = 8,
436 X509_LU_X509 = 9,
437 X509_LU_CRL = 12,
439 X509_V_ERR_CRL_SIGNATURE_FAILURE = 13,
440 X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 14,
441 X509_V_ERR_CRL_HAS_EXPIRED = 15,
442 X509_V_ERR_CERT_REVOKED = 16,
443 X509_V_ERR_CERT_CHAIN_TOO_LONG = 17,
444 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 18,
445 X509_V_ERR_CERT_NOT_YET_VALID = 19,
446 X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 20,
447 X509_V_ERR_CERT_HAS_EXPIRED = 21,
448 X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 22,
450 X509_V_OK = 0,
452 CRYPTO_LOCK = 1,
453 CRYPTO_NUM_LOCKS = 10,
457 /* extras end */
459 #ifndef NO_FILESYSTEM
460 /* CyaSSL extension, provide last error from SSL_get_error
461 since not using thread storage error queue */
462 void ERR_print_errors_fp(FILE*, int err);
463 #endif
465 enum { /* ssl Constants */
466 SSL_ERROR_NONE = 0, /* for most functions */
467 SSL_FAILURE = 0, /* for some functions */
468 SSL_SUCCESS = 1,
470 SSL_BAD_CERTTYPE = -8,
471 SSL_BAD_STAT = -7,
472 SSL_BAD_PATH = -6,
473 SSL_BAD_FILETYPE = -5,
474 SSL_BAD_FILE = -4,
475 SSL_NOT_IMPLEMENTED = -3,
476 SSL_UNKNOWN = -2,
477 SSL_FATAL_ERROR = -1,
479 SSL_FILETYPE_ASN1 = 2,
480 SSL_FILETYPE_PEM = 1,
481 SSL_FILETYPE_DEFAULT = 2, /* ASN1 */
482 SSL_FILETYPE_RAW = 3, /* NTRU raw key blob */
484 SSL_VERIFY_NONE = 0,
485 SSL_VERIFY_PEER = 1,
486 SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2,
487 SSL_VERIFY_CLIENT_ONCE = 4,
489 SSL_SESS_CACHE_OFF = 30,
490 SSL_SESS_CACHE_CLIENT = 31,
491 SSL_SESS_CACHE_SERVER = 32,
492 SSL_SESS_CACHE_BOTH = 33,
493 SSL_SESS_CACHE_NO_AUTO_CLEAR = 34,
494 SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35,
496 SSL_ERROR_WANT_READ = 2,
497 SSL_ERROR_WANT_WRITE = 3,
498 SSL_ERROR_WANT_CONNECT = 7,
499 SSL_ERROR_WANT_ACCEPT = 8,
500 SSL_ERROR_SYSCALL = 5,
501 SSL_ERROR_WANT_X509_LOOKUP = 83,
502 SSL_ERROR_ZERO_RETURN = 6,
503 SSL_ERROR_SSL = 85,
505 SSL_SENT_SHUTDOWN = 1,
506 SSL_RECEIVED_SHUTDOWN = 2,
507 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER = 4,
508 SSL_OP_NO_SSLv2 = 8,
510 SSL_R_SSL_HANDSHAKE_FAILURE = 101,
511 SSL_R_TLSV1_ALERT_UNKNOWN_CA = 102,
512 SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN = 103,
513 SSL_R_SSLV3_ALERT_BAD_CERTIFICATE = 104,
515 PEM_BUFSIZE = 1024,
519 #ifndef NO_PSK
520 typedef unsigned int (*psk_client_callback)(SSL*, const char*, char*,
521 unsigned int, unsigned char*, unsigned int);
522 void SSL_CTX_set_psk_client_callback(SSL_CTX*, psk_client_callback);
523 void SSL_set_psk_client_callback(SSL*, psk_client_callback);
525 const char* SSL_get_psk_identity_hint(const SSL*);
526 const char* SSL_get_psk_identity(const SSL*);
528 int SSL_CTX_use_psk_identity_hint(SSL_CTX*, const char*);
529 int SSL_use_psk_identity_hint(SSL*, const char*);
531 typedef unsigned int (*psk_server_callback)(SSL*, const char*,
532 unsigned char*, unsigned int);
533 void SSL_CTX_set_psk_server_callback(SSL_CTX*, psk_server_callback);
534 void SSL_set_psk_server_callback(SSL*, psk_server_callback);
536 #define PSK_TYPES_DEFINED
537 #endif /* NO_PSK */
540 /* extra begins */
542 enum { /* ERR Constants */
543 ERR_TXT_STRING = 1,
546 unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *);
548 unsigned long ERR_get_error(void);
549 void ERR_clear_error(void);
552 int RAND_status(void);
553 int RAND_bytes(unsigned char* buf, int num);
554 SSL_METHOD *SSLv23_server_method(void);
555 long SSL_CTX_set_options(SSL_CTX*, long);
556 int SSL_CTX_check_private_key(SSL_CTX*);
559 void ERR_free_strings(void);
560 void ERR_remove_state(unsigned long);
561 void EVP_cleanup(void);
563 void CRYPTO_cleanup_all_ex_data(void);
564 long SSL_CTX_set_mode(SSL_CTX* ctx, long mode);
565 long SSL_CTX_get_mode(SSL_CTX* ctx);
566 void SSL_CTX_set_default_read_ahead(SSL_CTX* ctx, int m);
568 long SSL_CTX_sess_set_cache_size(SSL_CTX*, long);
570 int SSL_CTX_set_default_verify_paths(SSL_CTX*);
571 int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*,
572 unsigned int);
574 X509* SSL_get_peer_certificate(SSL* ssl);
576 int SSL_want_read(SSL*);
577 int SSL_want_write(SSL*);
579 int BIO_printf(BIO*, const char*, ...);
580 int ASN1_UTCTIME_print(BIO*, const ASN1_UTCTIME*);
582 int sk_num(X509_REVOKED*);
583 void* sk_value(X509_REVOKED*, int);
585 /* stunnel 4.28 needs */
586 void* SSL_CTX_get_ex_data(const SSL_CTX*, int);
587 int SSL_CTX_set_ex_data(SSL_CTX*, int, void*);
588 void SSL_CTX_sess_set_get_cb(SSL_CTX*, SSL_SESSION*(*f)(SSL*, unsigned char*,
589 int, int*));
590 void SSL_CTX_sess_set_new_cb(SSL_CTX*, int (*f)(SSL*, SSL_SESSION*));
591 void SSL_CTX_sess_set_remove_cb(SSL_CTX*, void (*f)(SSL_CTX*, SSL_SESSION*));
593 int i2d_SSL_SESSION(SSL_SESSION*, unsigned char**);
594 SSL_SESSION* d2i_SSL_SESSION(SSL_SESSION**,const unsigned char**, long);
596 long SSL_SESSION_get_timeout(const SSL_SESSION*);
597 long SSL_SESSION_get_time(const SSL_SESSION*);
598 int SSL_CTX_get_ex_new_index(long, void*, void*, void*, void*);
600 /* extra ends */
603 /* CyaSSL extensions */
605 /* call before SSL_connect, if verifying will add name check to
606 date check and signature check */
607 int CyaSSL_check_domain_name(SSL* ssl, const char* dn);
609 int InitCyaSSL(void); /* need to call once to load library (session cache) */
610 int FreeCyaSSL(void); /* call when done to free session cache mutex */
612 int CyaSSL_Debugging_ON(void); /* turn logging on, only if compiled in */
613 void CyaSSL_Debugging_OFF(void); /* turn logging off */
615 int CyaSSL_set_compression(SSL* ssl); /* turn on CyaSSL data compression */
617 int CyaSSL_CTX_use_NTRUPrivateKey_file(SSL_CTX*, const char*); /* load NTRU
618 private key blob */
619 X509_CHAIN* CyaSSL_get_peer_chain(SSL* ssl); /* get CyaSSL peer X509_CHAIN */
620 int CyaSSL_get_chain_count(X509_CHAIN* chain); /* peer chain count */
621 int CyaSSL_get_chain_length(X509_CHAIN*, int idx); /* index cert length */
622 unsigned char* CyaSSL_get_chain_cert(X509_CHAIN*, int idx); /* index cert */
623 int CyaSSL_get_chain_cert_pem(X509_CHAIN*, int idx, unsigned char* buffer,
624 int inLen, int* outLen); /* get index cert in PEM */
625 const unsigned char* CyaSSL_get_sessionID(const SSL_SESSION* session);
627 #ifndef _WIN32
628 #ifndef NO_WRITEV
629 #include <sys/uio.h>
630 /* allow writev style writing */
631 int CyaSSL_writev(SSL* ssl, const struct iovec* iov, int iovcnt);
632 #endif
633 #endif
635 #if defined(NO_FILESYSTEM) || defined(MICRIUM)
637 int CyaSSL_CTX_load_verify_buffer(SSL_CTX*, const unsigned char*, long, int);
638 int CyaSSL_CTX_use_certificate_buffer(SSL_CTX*, const unsigned char*, long,int);
639 int CyaSSL_CTX_use_PrivateKey_buffer(SSL_CTX*, const unsigned char*, long, int);
640 int CyaSSL_CTX_use_certificate_chain_buffer(SSL_CTX*,const unsigned char*,long);
642 #endif /* NO_FILESYSTEM || MICRIUM */
645 /* I/O callbacks */
646 typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx);
647 typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx);
649 void CyaSSL_SetIORecv(SSL_CTX*, CallbackIORecv);
650 void CyaSSL_SetIOSend(SSL_CTX*, CallbackIOSend);
652 void CyaSSL_SetIOReadCtx(SSL* ssl, void *ctx);
653 void CyaSSL_SetIOWriteCtx(SSL* ssl, void *ctx);
656 #ifdef CYASSL_CALLBACKS
658 /* used internally by CyaSSL while OpenSSL types aren't */
659 #include "cyassl_callbacks.h"
661 typedef int (*HandShakeCallBack)(HandShakeInfo*);
662 typedef int (*TimeoutCallBack)(TimeoutInfo*);
664 /* CyaSSL connect extension allowing HandShakeCallBack and/or TimeoutCallBack
665 for diagnostics */
666 int CyaSSL_connect_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval);
667 int CyaSSL_accept_ex(SSL*, HandShakeCallBack, TimeoutCallBack, Timeval);
669 #endif /* CYASSL_CALLBACKS */
672 #ifdef __cplusplus
673 } /* extern "C" */
674 #endif
677 #endif /* CyaSSL_openssl_h__ */