ck_ssl.h 4.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175
  1. /*
  2. C K _ S S L . H -- OpenSSL Interface Header for C-Kermit
  3. Copyright (C) 1985, 2015,
  4. Trustees of Columbia University in the City of New York.
  5. All rights reserved. See the C-Kermit COPYING.TXT file or the
  6. copyright text in the ckcmai.c module for disclaimer and permissions.
  7. Author: Jeffrey E Altman (jaltman@secure-endpoints.com)
  8. Secure Endpoints Inc., New York City
  9. */
  10. #ifdef CK_SSL
  11. #ifndef CK_ANSIC
  12. #define NOPROTO
  13. #endif /* CK_ANSIC */
  14. #ifdef COMMENT /* Not for C-Kermit 7.1 */
  15. #ifdef KRB5
  16. #ifndef NOSSLK5
  17. #ifndef SSL_KRB5
  18. #define SSL_KRB5
  19. #endif /* SSL_KRB5 */
  20. #endif /* NOSSLK5 */
  21. #endif /* KRB5 */
  22. #endif /* COMMENT */
  23. #ifdef OS2
  24. #ifndef ZLIB
  25. #define ZLIB
  26. #endif /* ZLIB */
  27. #endif /* OS2 */
  28. #ifdef ZLIB
  29. #include <openssl/comp.h>
  30. #endif /* ZLIB */
  31. /* We place the following to avoid loading openssl/mdc2.h since it
  32. * relies on the OpenSSL des.h. Since we do not need the MDC2
  33. * definitions there is no reason to have it included by openssl/evp.h
  34. */
  35. #define OPENSSL_NO_MDC2
  36. #ifdef OPENSSL_100
  37. #define OPENSSL_098
  38. /* Different major/minor version or development version of OpenSSL
  39. * means ABI may break compatibility.
  40. * Modified by Adam Friedlander for OpenSSL >= 1.0.0
  41. */
  42. #define COMPAT_VERSION_MASK 0xffff000f
  43. #else
  44. /* Different major/minor/fix/development (not patch) version of OpenSSL
  45. * means ABI may break compatibility. */
  46. #define COMPAT_VERSION_MASK 0xffffff0f
  47. #endif /* OPENSSL_100 */
  48. #ifdef OPENSSL_098
  49. #define OPENSSL_097
  50. #endif /* OPENSSL_098 */
  51. #ifdef CK_DES
  52. #include <openssl/des.h>
  53. #endif /* CK_DES */
  54. #include <openssl/ssl.h>
  55. #include <openssl/x509v3.h>
  56. #include <openssl/rand.h>
  57. #include <openssl/x509_vfy.h>
  58. #include <openssl/err.h>
  59. #include <openssl/pem.h>
  60. #include <openssl/bn.h>
  61. #include <openssl/blowfish.h>
  62. #include <openssl/dh.h>
  63. #include <openssl/rc4.h>
  64. #include <openssl/cast.h>
  65. #include <openssl/dsa.h>
  66. #include <openssl/rsa.h>
  67. #include <openssl/md5.h>
  68. #include <openssl/sha.h>
  69. #include <openssl/evp.h>
  70. #include <openssl/hmac.h>
  71. #ifdef SSL_KRB5
  72. #include <openssl/kssl.h>
  73. #endif /* SSL_KRB5 */
  74. extern BIO *bio_err;
  75. extern SSL *ssl_con;
  76. extern SSL_CTX *ssl_ctx;
  77. extern int ssl_debug_flag;
  78. extern int ssl_only_flag;
  79. extern int ssl_active_flag;
  80. extern int ssl_verify_flag;
  81. extern int ssl_verbose_flag;
  82. extern int ssl_certsok_flag;
  83. extern int ssl_dummy_flag;
  84. extern int ssl_verify_depth;
  85. extern char *ssl_rsa_cert_file;
  86. extern char *ssl_rsa_cert_chain_file;
  87. extern char *ssl_rsa_key_file;
  88. extern char *ssl_dsa_cert_file;
  89. extern char *ssl_dsa_cert_chain_file;
  90. extern char *ssl_dh_key_file;
  91. extern char *ssl_cipher_list;
  92. extern char *ssl_crl_file;
  93. extern char *ssl_crl_dir;
  94. extern char *ssl_verify_file;
  95. extern char *ssl_verify_dir;
  96. extern char *ssl_dh_param_file;
  97. extern char *ssl_rnd_file;
  98. extern SSL_CTX *tls_ctx;
  99. extern SSL *tls_con;
  100. extern int tls_only_flag;
  101. extern int tls_active_flag;
  102. extern int x509_cert_valid;
  103. extern X509_STORE *crl_store;
  104. extern int ssl_raw_flag;
  105. extern int tls_raw_flag;
  106. #ifndef NOHTTP
  107. extern SSL_CTX *tls_http_ctx;
  108. extern SSL *tls_http_con;
  109. extern int tls_http_active_flag;
  110. #endif /* NOHTTP */
  111. extern int ssl_initialized;
  112. _PROTOTYP(VOID ssl_once_init,(void));
  113. _PROTOTYP(int ssl_tn_init,(int));
  114. _PROTOTYP(int ssl_http_init,(char *));
  115. _PROTOTYP(int ck_ssl_http_client,(int,char *));
  116. _PROTOTYP(int ssl_display_connect_details,(SSL *,int,int));
  117. _PROTOTYP(int ssl_server_verify_callback,(int, X509_STORE_CTX *));
  118. _PROTOTYP(int ssl_client_verify_callback,(int, X509_STORE_CTX *));
  119. _PROTOTYP(int ssl_reply,(int, unsigned char *, int));
  120. _PROTOTYP(int ssl_is,(unsigned char *, int));
  121. _PROTOTYP(int ck_ssl_incoming,(int));
  122. _PROTOTYP(int ck_ssl_outgoing,(int));
  123. _PROTOTYP(int tls_is_user_valid,(SSL *, const char *));
  124. _PROTOTYP(char * ssl_get_dnsName,(SSL *));
  125. _PROTOTYP(char * ssl_get_commonName,(SSL *));
  126. _PROTOTYP(char * ssl_get_issuer_name,(SSL *));
  127. _PROTOTYP(char * ssl_get_subject_name,(SSL *));
  128. _PROTOTYP(int ssl_get_client_finished,(char *, int));
  129. _PROTOTYP(int ssl_get_server_finished,(char *, int));
  130. _PROTOTYP(int ssl_passwd_callback,(char *, int, int, VOID *));
  131. _PROTOTYP(VOID ssl_client_info_callback,(const SSL *,int, int));
  132. _PROTOTYP(int ssl_anonymous_cipher,(SSL * ssl));
  133. _PROTOTYP(int tls_load_certs,(SSL_CTX * ctx, SSL * con, int server));
  134. _PROTOTYP(int ssl_verify_crl,(int, X509_STORE_CTX *));
  135. _PROTOTYP(int tls_is_krb5,(int));
  136. _PROTOTYP(int X509_userok,(X509 *,const char *));
  137. _PROTOTYP(int ck_X509_save_cert_to_user_store,(X509 *));
  138. /* SMS 2007/02/15 */
  139. _PROTOTYP(int ssl_check_server_name,(SSL * ssl, char * hostname));
  140. #ifdef COMMENT
  141. /* [jt] 2013/11/21 - Kermit 95 is no longer a special case */
  142. #ifdef OS2
  143. #include "ckosslc.h"
  144. #include "ckossl.h"
  145. #endif /* OS2 */
  146. #endif /* COMMENT */
  147. #define SSL_CLIENT 0
  148. #define SSL_SERVER 1
  149. #define SSL_HTTP 2
  150. #define SSL_ERR_BFSZ 4096
  151. #ifdef SSL_KRB5
  152. #define DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:+KRB5:+ADH:+EXP"
  153. #else
  154. #define DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:+ADH:+EXP"
  155. #endif /* SSL_KRB5 */
  156. #endif /* CK_SSL */