summaryrefslogtreecommitdiffstats
path: root/tdeio/kssl/kopenssl.h
diff options
context:
space:
mode:
Diffstat (limited to 'tdeio/kssl/kopenssl.h')
-rw-r--r--tdeio/kssl/kopenssl.h222
1 files changed, 191 insertions, 31 deletions
diff --git a/tdeio/kssl/kopenssl.h b/tdeio/kssl/kopenssl.h
index 6185821a4..be335b199 100644
--- a/tdeio/kssl/kopenssl.h
+++ b/tdeio/kssl/kopenssl.h
@@ -48,13 +48,22 @@ class KOpenSSLProxyPrivate;
#include <openssl/stack.h>
#include <openssl/bn.h>
#undef crypt
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#define STACK OPENSSL_STACK
+#else
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
#define STACK _STACK
#endif
#endif
+#endif
#include <kstaticdeleter.h>
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+typedef int (*X509_STORE_CTX_verify_cb)(int, X509_STORE_CTX *);
+typedef int X509_LOOKUP_TYPE;
+#endif
+
/**
* Dynamically load and wrap OpenSSL.
*
@@ -178,17 +187,14 @@ public:
*/
SSL_CIPHER *SSL_get_current_cipher(SSL *ssl);
- /*
- * SSL_set_options - manipulate SSL engine options
- * Note: These are all mapped to SSL_ctrl so call them as the comment
- * specifies but know that they use SSL_ctrl. They are #define
- * so they will map to the one in this class if called as a
- * member function of this class.
- */
- /* long SSL_set_options(SSL *ssl, long options); */
- /* Returns 0 if not reused, 1 if session id is reused */
- /* int SSL_session_reused(SSL *ssl); */
- long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg);
+ /* SSL_set_options - manipulate SSL engine options */
+ long _SSL_set_options(SSL *ssl, long options);
+
+ /* Returns 0 if not reused, 1 if session id is reused */
+ int _SSL_session_reused(SSL *ssl);
+
+ /* SSL control */
+ long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
/*
* RAND_egd - set the path to the EGD
@@ -233,9 +239,9 @@ public:
/*
- * SSLv23_client_method - return a SSLv23 client method object
+ * TLS_client_method - return client method object
*/
- SSL_METHOD *SSLv23_client_method();
+ SSL_METHOD *TLS_client_method();
/*
@@ -310,12 +316,38 @@ public:
/*
+ * X509_subject_name_cmp - compare subject name of two X509 objects
+ */
+ int X509_subject_name_cmp(const X509 *a, const X509 *b);
+
+
+ /*
* X509_dup - duplicate an X509 object
*/
X509 *X509_dup(X509 *x509);
/*
+ * X509_get0_signature - get signature and algorithm
+ */
+ void X509_get0_signature(const ASN1_BIT_STRING **psig,
+ const X509_ALGOR **palg, const X509 *x);
+
+
+
+ /*
+ *
+ */
+ ASN1_TIME *X509_getm_notAfter(const X509 *x);
+
+
+ /*
+ *
+ */
+ ASN1_TIME *X509_getm_notBefore(const X509 *x);
+
+
+ /*
* X509_STORE_CTX_new - create an X509 store context
*/
X509_STORE_CTX *X509_STORE_CTX_new(void);
@@ -328,15 +360,66 @@ public:
/*
- * X509_STORE_CTX_set_chain - set the certificate chain
+ * X509_STORE_CTX_set0_untrusted - set the certificate chain
*/
- void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x);
+ void X509_STORE_CTX_set0_untrusted(X509_STORE_CTX *v, STACK_OF(X509)* x);
+
/*
* X509_STORE_CTX_set_purpose - set the purpose of the certificate
*/
void X509_STORE_CTX_set_purpose(X509_STORE_CTX *v, int purpose);
+
+ /*
+ *
+ */
+ X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
+
+
+ /*
+ *
+ */
+ int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
+
+
+ /*
+ *
+ */
+ int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
+
+
+ /*
+ *
+ */
+ void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int s);
+
+
+ /*
+ *
+ */
+ void X509_STORE_set_verify_cb(X509_STORE *ctx,
+ X509_STORE_CTX_verify_cb verify_cb);
+
+
+ /*
+ *
+ */
+ STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v);
+
+
+ /*
+ *
+ */
+ X509_LOOKUP_TYPE X509_OBJECT_get_type(const X509_OBJECT *a);
+
+
+ /*
+ *
+ */
+ X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a);
+
+
/*
* X509_verify_cert - verify the certificate
*/
@@ -367,6 +450,18 @@ public:
/*
+ *
+ */
+ const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl);
+
+
+ /*
+ *
+ */
+ const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl);
+
+
+ /*
* X509_NAME_oneline - return the X509 data in a string
*/
char *X509_NAME_oneline(X509_NAME *a, char *buf, int size);
@@ -455,6 +550,11 @@ public:
int BIO_write(BIO *b, const void *data, int len);
/*
+ * BIO_get_data - retrieve (custom) data from BIO
+ */
+ void *BIO_get_data(BIO *a);
+
+ /*
* PEM_write_bio_X509 - write a PEM encoded cert to a BIO*
*/
int PEM_write_bio_X509(BIO *bp, X509 *x);
@@ -536,53 +636,51 @@ public:
/*
* Pop off the stack
*/
- char *sk_pop(STACK *s);
+ char *OPENSSL_sk_pop(STACK *s);
+
+ char *OPENSSL_sk_pop(void *s) { return OPENSSL_sk_pop(reinterpret_cast<STACK*>(s)); }
/*
* Free the stack
*/
- void sk_free(STACK *s);
+ void OPENSSL_sk_free(STACK *s);
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
- void sk_free(void *s) { return sk_free(reinterpret_cast<STACK*>(s)); }
-#endif
+ void OPENSSL_sk_free(void *s) { OPENSSL_sk_free(reinterpret_cast<STACK*>(s)); }
/*
* Number of elements in the stack
*/
- int sk_num(STACK *s);
+ int OPENSSL_sk_num(STACK *s);
+ int OPENSSL_sk_num(void *s) { return OPENSSL_sk_num(reinterpret_cast<STACK*>(s)); }
/*
* Value of element n in the stack
*/
- char *sk_value(STACK *s, int n);
+ char *OPENSSL_sk_value(STACK *s, int n);
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
- char *sk_value(void *s, int n) { return sk_value(reinterpret_cast<STACK*>(s), n); }
-#endif
+ char *OPENSSL_sk_value(void *s, int n) { return OPENSSL_sk_value(reinterpret_cast<STACK*>(s), n); }
/*
* Create a new stack
*/
- STACK *sk_new(int (*cmp)());
+ STACK *OPENSSL_sk_new(int (*cmp)());
/*
* Add an element to the stack
*/
- int sk_push(STACK *s, char *d);
+ int OPENSSL_sk_push(STACK *s, char *d);
-#if OPENSSL_VERSION_NUMBER >= 0x10000000L
- int sk_push(void *s, void *d) { return sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); }
-#endif
+ int OPENSSL_sk_push(void *s, void *d) { return OPENSSL_sk_push(reinterpret_cast<STACK*>(s), reinterpret_cast<char*>(d)); }
/*
* Duplicate the stack
*/
- STACK *sk_dup(STACK *s);
+ STACK *OPENSSL_sk_dup(const STACK *s);
+ STACK *OPENSSL_sk_dup(const void *s) { return OPENSSL_sk_dup(reinterpret_cast<const STACK*>(s)); }
/*
* Convert an ASN1_INTEGER to it's text form
@@ -824,12 +922,37 @@ public:
/*
+ * Get EVP private key type
+ */
+ int EVP_PKEY_base_id(const EVP_PKEY *pkey);
+
+
+ /*
* Assign a private key
*/
int EVP_PKEY_assign(EVP_PKEY *pkey, int type, char *key);
/*
+ * Get RSA key
+ */
+ RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
+
+
+ /*
+ * Get DSA key
+ */
+ DSA *EVP_PKEY_get0_DSA(EVP_PKEY *pkey);
+
+
+ /*
+ * RSA_get0_key - retreive key parameters
+ */
+ void RSA_get0_key(const RSA *r,
+ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
+
+
+ /*
* Generate a RSA key
*/
RSA *RSA_generate_key(int bits, unsigned long e, void
@@ -837,6 +960,20 @@ public:
/*
+ * DSA_get0_pqg - retreive key parameters
+ */
+ void DSA_get0_pqg(const DSA *d,
+ const BIGNUM **p, const BIGNUM **q, const BIGNUM **g);
+
+
+ /*
+ * DSA_get0_key - retreive key
+ */
+ void DSA_get0_key(const DSA *d,
+ const BIGNUM **pub_key, const BIGNUM **priv_key);
+
+
+ /*
* Create/destroy a certificate request
*/
X509_REQ *X509_REQ_new();
@@ -912,6 +1049,29 @@ public:
/* get list of available SSL_CIPHER's sorted by preference */
STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL* ssl);
+
+ /* cover KOpenSSLProxy API compatibility */
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L && OPENSSL_API_COMPAT < 0x10100000L
+# undef sk_dup
+# undef sk_free
+# undef sk_new
+# undef sk_num
+# undef sk_pop
+# undef sk_push
+# undef sk_value
+# undef X509_STORE_CTX_set_chain
+# undef SSLv23_client_method
+#endif
+ STACK *sk_dup(const STACK *s) KDE_DEPRECATED;
+ void sk_free(STACK *s) KDE_DEPRECATED;
+ STACK *sk_new(int (*cmp)()) KDE_DEPRECATED;
+ int sk_num(STACK *s) KDE_DEPRECATED;
+ char *sk_pop(STACK *s) KDE_DEPRECATED;
+ int sk_push(STACK *s, char *d) KDE_DEPRECATED;
+ char *sk_value(STACK *s, int n) KDE_DEPRECATED;
+ void X509_STORE_CTX_set_chain(X509_STORE_CTX *v, STACK_OF(X509)* x) KDE_DEPRECATED;
+ SSL_METHOD *SSLv23_client_method() KDE_DEPRECATED;
+
#endif
private:
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 07:43:05 +0000