Logo ROOT  

Reference Guide
 
Loading...
Searching...
No Matches
openssl_dl.inl
Go to the documentation of this file.
1/* Copyright (c) 2013-2021 the Civetweb developers
2 * Copyright (c) 2004-2013 Sergey Lyubka
3 *
4 * Permission is hereby granted, free of charge, to any person obtaining a copy
5 * of this software and associated documentation files (the "Software"), to deal
6 * in the Software without restriction, including without limitation the rights
7 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8 * copies of the Software, and to permit persons to whom the Software is
9 * furnished to do so, subject to the following conditions:
10 *
11 * The above copyright notice and this permission notice shall be included in
12 * all copies or substantial portions of the Software.
13 *
14 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
20 * THE SOFTWARE.
21 */
22
23
24typedef struct ssl_st SSL;
25typedef struct ssl_method_st SSL_METHOD;
26typedef struct ssl_ctx_st SSL_CTX;
27typedef struct x509_store_ctx_st X509_STORE_CTX;
28typedef struct x509_name X509_NAME;
29typedef struct asn1_integer ASN1_INTEGER;
30typedef struct bignum BIGNUM;
31typedef struct ossl_init_settings_st OPENSSL_INIT_SETTINGS;
32typedef struct evp_md EVP_MD;
33typedef struct x509 X509;
34
35
36#define SSL_CTRL_OPTIONS (32)
37#define SSL_CTRL_CLEAR_OPTIONS (77)
38#define SSL_CTRL_SET_ECDH_AUTO (94)
39
40#define OPENSSL_INIT_NO_LOAD_SSL_STRINGS 0x00100000L
41#define OPENSSL_INIT_LOAD_SSL_STRINGS 0x00200000L
42#define OPENSSL_INIT_LOAD_CRYPTO_STRINGS 0x00000002L
43
44#define SSL_VERIFY_NONE (0)
45#define SSL_VERIFY_PEER (1)
46#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT (2)
47#define SSL_VERIFY_CLIENT_ONCE (4)
48
49#define SSL_OP_ALL (0x80000BFFul)
50
51#define SSL_OP_NO_SSLv2 (0x01000000ul)
52#define SSL_OP_NO_SSLv3 (0x02000000ul)
53#define SSL_OP_NO_TLSv1 (0x04000000ul)
54#define SSL_OP_NO_TLSv1_2 (0x08000000ul)
55#define SSL_OP_NO_TLSv1_1 (0x10000000ul)
56#define SSL_OP_NO_TLSv1_3 (0x20000000ul)
57#define SSL_OP_SINGLE_DH_USE (0x00100000ul)
58#define SSL_OP_CIPHER_SERVER_PREFERENCE (0x00400000ul)
59#define SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION (0x00010000ul)
60#define SSL_OP_NO_COMPRESSION (0x00020000ul)
61#define SSL_OP_NO_RENEGOTIATION (0x40000000ul)
62
63#define SSL_CB_HANDSHAKE_START (0x10)
64#define SSL_CB_HANDSHAKE_DONE (0x20)
65
66#define SSL_ERROR_NONE (0)
67#define SSL_ERROR_SSL (1)
68#define SSL_ERROR_WANT_READ (2)
69#define SSL_ERROR_WANT_WRITE (3)
70#define SSL_ERROR_WANT_X509_LOOKUP (4)
71#define SSL_ERROR_SYSCALL (5) /* see errno */
72#define SSL_ERROR_ZERO_RETURN (6)
73#define SSL_ERROR_WANT_CONNECT (7)
74#define SSL_ERROR_WANT_ACCEPT (8)
75
76#define TLSEXT_TYPE_server_name (0)
77#define TLSEXT_NAMETYPE_host_name (0)
78#define SSL_TLSEXT_ERR_OK (0)
79#define SSL_TLSEXT_ERR_ALERT_WARNING (1)
80#define SSL_TLSEXT_ERR_ALERT_FATAL (2)
81#define SSL_TLSEXT_ERR_NOACK (3)
82
83#define SSL_SESS_CACHE_BOTH (3)
84
85enum ssl_func_category {
86 TLS_Mandatory, /* required for HTTPS */
87 TLS_ALPN, /* required for Application Layer Protocol Negotiation */
88 TLS_END_OF_LIST
89};
90
91/* Check if all TLS functions/features are available */
92static int tls_feature_missing[TLS_END_OF_LIST] = {0};
93
94struct ssl_func {
95 const char *name; /* SSL function name */
96 enum ssl_func_category required; /* Mandatory or optional */
97 void (*ptr)(void); /* Function pointer */
98};
99
100
101#if (defined(OPENSSL_API_1_1) || defined(OPENSSL_API_3_0)) \
102 && !defined(NO_SSL_DL)
103
104#define SSL_free (*(void (*)(SSL *))ssl_sw[0].ptr)
105#define SSL_accept (*(int (*)(SSL *))ssl_sw[1].ptr)
106#define SSL_connect (*(int (*)(SSL *))ssl_sw[2].ptr)
107#define SSL_read (*(int (*)(SSL *, void *, int))ssl_sw[3].ptr)
108#define SSL_write (*(int (*)(SSL *, const void *, int))ssl_sw[4].ptr)
109#define SSL_get_error (*(int (*)(SSL *, int))ssl_sw[5].ptr)
110#define SSL_set_fd (*(int (*)(SSL *, SOCKET))ssl_sw[6].ptr)
111#define SSL_new (*(SSL * (*)(SSL_CTX *)) ssl_sw[7].ptr)
112#define SSL_CTX_new (*(SSL_CTX * (*)(SSL_METHOD *)) ssl_sw[8].ptr)
113#define TLS_server_method (*(SSL_METHOD * (*)(void)) ssl_sw[9].ptr)
114#define OPENSSL_init_ssl \
115 (*(int (*)(uint64_t opts, \
116 const OPENSSL_INIT_SETTINGS *settings))ssl_sw[10] \
117 .ptr)
118#define SSL_CTX_use_PrivateKey_file \
119 (*(int (*)(SSL_CTX *, const char *, int))ssl_sw[11].ptr)
120#define SSL_CTX_use_certificate_file \
121 (*(int (*)(SSL_CTX *, const char *, int))ssl_sw[12].ptr)
122#define SSL_CTX_set_default_passwd_cb \
123 (*(void (*)(SSL_CTX *, mg_callback_t))ssl_sw[13].ptr)
124#define SSL_CTX_free (*(void (*)(SSL_CTX *))ssl_sw[14].ptr)
125#define SSL_CTX_use_certificate_chain_file \
126 (*(int (*)(SSL_CTX *, const char *))ssl_sw[15].ptr)
127#define TLS_client_method (*(SSL_METHOD * (*)(void)) ssl_sw[16].ptr)
128#define SSL_pending (*(int (*)(SSL *))ssl_sw[17].ptr)
129#define SSL_CTX_set_verify \
130 (*(void (*)(SSL_CTX *, \
131 int, \
132 int (*verify_callback)(int, X509_STORE_CTX *)))ssl_sw[18] \
133 .ptr)
134#define SSL_shutdown (*(int (*)(SSL *))ssl_sw[19].ptr)
135#define SSL_CTX_load_verify_locations \
136 (*(int (*)(SSL_CTX *, const char *, const char *))ssl_sw[20].ptr)
137#define SSL_CTX_set_default_verify_paths (*(int (*)(SSL_CTX *))ssl_sw[21].ptr)
138#define SSL_CTX_set_verify_depth (*(void (*)(SSL_CTX *, int))ssl_sw[22].ptr)
139#define SSL_get_peer_certificate (*(X509 * (*)(SSL *)) ssl_sw[23].ptr)
140#define SSL_get_version (*(const char *(*)(SSL *))ssl_sw[24].ptr)
141#define SSL_get_current_cipher (*(SSL_CIPHER * (*)(SSL *)) ssl_sw[25].ptr)
142#define SSL_CIPHER_get_name \
143 (*(const char *(*)(const SSL_CIPHER *))ssl_sw[26].ptr)
144#define SSL_CTX_check_private_key (*(int (*)(SSL_CTX *))ssl_sw[27].ptr)
145#define SSL_CTX_set_session_id_context \
146 (*(int (*)(SSL_CTX *, const unsigned char *, unsigned int))ssl_sw[28].ptr)
147#define SSL_CTX_ctrl (*(long (*)(SSL_CTX *, int, long, void *))ssl_sw[29].ptr)
148#define SSL_CTX_set_cipher_list \
149 (*(int (*)(SSL_CTX *, const char *))ssl_sw[30].ptr)
150#define SSL_CTX_set_options \
151 (*(unsigned long (*)(SSL_CTX *, unsigned long))ssl_sw[31].ptr)
152#define SSL_CTX_set_info_callback \
153 (*(void (*)(SSL_CTX * ctx, void (*callback)(const SSL *, int, int))) \
154 ssl_sw[32] \
155 .ptr)
156#define SSL_get_ex_data (*(char *(*)(const SSL *, int))ssl_sw[33].ptr)
157#define SSL_set_ex_data (*(void (*)(SSL *, int, char *))ssl_sw[34].ptr)
158#define SSL_CTX_callback_ctrl \
159 (*(long (*)(SSL_CTX *, int, void (*)(void)))ssl_sw[35].ptr)
160#define SSL_get_servername \
161 (*(const char *(*)(const SSL *, int type))ssl_sw[36].ptr)
162#define SSL_set_SSL_CTX (*(SSL_CTX * (*)(SSL *, SSL_CTX *)) ssl_sw[37].ptr)
163#define SSL_ctrl (*(long (*)(SSL *, int, long, void *))ssl_sw[38].ptr)
164#define SSL_CTX_set_alpn_protos \
165 (*(int (*)(SSL_CTX *, const unsigned char *, unsigned))ssl_sw[39].ptr)
166typedef int (*tSSL_alpn_select_cb)(SSL *ssl,
167 const unsigned char **out,
168 unsigned char *outlen,
169 const unsigned char *in,
170 unsigned int inlen,
171 void *arg);
172#define SSL_CTX_set_alpn_select_cb \
173 (*(void (*)(SSL_CTX *, tSSL_alpn_select_cb, void *))ssl_sw[40].ptr)
174typedef int (*tSSL_next_protos_advertised_cb)(SSL *ssl,
175 const unsigned char **out,
176 unsigned int *outlen,
177 void *arg);
178#define SSL_CTX_set_next_protos_advertised_cb \
179 (*(void (*)(SSL_CTX *, tSSL_next_protos_advertised_cb, void *))ssl_sw[41] \
180 .ptr)
181
182#define SSL_CTX_set_timeout (*(long (*)(SSL_CTX *, long))ssl_sw[42].ptr)
183
184#define SSL_CTX_clear_options(ctx, op) \
185 SSL_CTX_ctrl((ctx), SSL_CTRL_CLEAR_OPTIONS, (op), NULL)
186#define SSL_CTX_set_ecdh_auto(ctx, onoff) \
187 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, onoff, NULL)
188
189#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
190#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
191#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
192#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
193 SSL_CTX_callback_ctrl(ctx, \
194 SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, \
195 (void (*)(void))cb)
196#define SSL_set_tlsext_host_name(ctx, arg) \
197 SSL_ctrl(ctx, SSL_CTRL_SET_TLSEXT_HOSTNAME, 0, (void *)arg)
198
199#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
200#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
201
202#define SSL_set_app_data(s, arg) (SSL_set_ex_data(s, 0, (char *)arg))
203#define SSL_get_app_data(s) (SSL_get_ex_data(s, 0))
204
205#define SSL_CTX_sess_set_cache_size(ctx, size) SSL_CTX_ctrl(ctx, 42, size, NULL)
206#define SSL_CTX_set_session_cache_mode(ctx, mode) \
207 SSL_CTX_ctrl(ctx, 44, mode, NULL)
208
209
210#define ERR_get_error (*(unsigned long (*)(void))crypto_sw[0].ptr)
211#define ERR_error_string (*(char *(*)(unsigned long, char *))crypto_sw[1].ptr)
212#define CONF_modules_unload (*(void (*)(int))crypto_sw[2].ptr)
213#define X509_free (*(void (*)(X509 *))crypto_sw[3].ptr)
214#define X509_get_subject_name (*(X509_NAME * (*)(X509 *)) crypto_sw[4].ptr)
215#define X509_get_issuer_name (*(X509_NAME * (*)(X509 *)) crypto_sw[5].ptr)
216#define X509_NAME_oneline \
217 (*(char *(*)(X509_NAME *, char *, int))crypto_sw[6].ptr)
218#define X509_get_serialNumber (*(ASN1_INTEGER * (*)(X509 *)) crypto_sw[7].ptr)
219#define EVP_get_digestbyname \
220 (*(const EVP_MD *(*)(const char *))crypto_sw[8].ptr)
221#define EVP_Digest \
222 (*(int (*)( \
223 const void *, size_t, void *, unsigned int *, const EVP_MD *, void *)) \
224 crypto_sw[9] \
225 .ptr)
226#define i2d_X509 (*(int (*)(X509 *, unsigned char **))crypto_sw[10].ptr)
227#define BN_bn2hex (*(char *(*)(const BIGNUM *a))crypto_sw[11].ptr)
228#define ASN1_INTEGER_to_BN \
229 (*(BIGNUM * (*)(const ASN1_INTEGER *ai, BIGNUM *bn)) crypto_sw[12].ptr)
230#define BN_free (*(void (*)(const BIGNUM *a))crypto_sw[13].ptr)
231#define CRYPTO_free (*(void (*)(void *addr))crypto_sw[14].ptr)
232#define ERR_clear_error (*(void (*)(void))crypto_sw[15].ptr)
233
234#define OPENSSL_free(a) CRYPTO_free(a)
235
236#define OPENSSL_REMOVE_THREAD_STATE()
237
238/* init_ssl_ctx() function updates this array.
239 * It loads SSL library dynamically and changes NULLs to the actual addresses
240 * of respective functions. The macros above (like SSL_connect()) are really
241 * just calling these functions indirectly via the pointer. */
242static struct ssl_func ssl_sw[] = {
243 {"SSL_free", TLS_Mandatory, NULL},
244 {"SSL_accept", TLS_Mandatory, NULL},
245 {"SSL_connect", TLS_Mandatory, NULL},
246 {"SSL_read", TLS_Mandatory, NULL},
247 {"SSL_write", TLS_Mandatory, NULL},
248 {"SSL_get_error", TLS_Mandatory, NULL},
249 {"SSL_set_fd", TLS_Mandatory, NULL},
250 {"SSL_new", TLS_Mandatory, NULL},
251 {"SSL_CTX_new", TLS_Mandatory, NULL},
252 {"TLS_server_method", TLS_Mandatory, NULL},
253 {"OPENSSL_init_ssl", TLS_Mandatory, NULL},
254 {"SSL_CTX_use_PrivateKey_file", TLS_Mandatory, NULL},
255 {"SSL_CTX_use_certificate_file", TLS_Mandatory, NULL},
256 {"SSL_CTX_set_default_passwd_cb", TLS_Mandatory, NULL},
257 {"SSL_CTX_free", TLS_Mandatory, NULL},
258 {"SSL_CTX_use_certificate_chain_file", TLS_Mandatory, NULL},
259 {"TLS_client_method", TLS_Mandatory, NULL},
260 {"SSL_pending", TLS_Mandatory, NULL},
261 {"SSL_CTX_set_verify", TLS_Mandatory, NULL},
262 {"SSL_shutdown", TLS_Mandatory, NULL},
263 {"SSL_CTX_load_verify_locations", TLS_Mandatory, NULL},
264 {"SSL_CTX_set_default_verify_paths", TLS_Mandatory, NULL},
265 {"SSL_CTX_set_verify_depth", TLS_Mandatory, NULL},
266#if defined(OPENSSL_API_3_0)
267 {"SSL_get1_peer_certificate", TLS_Mandatory, NULL},
268#else
269 {"SSL_get_peer_certificate", TLS_Mandatory, NULL},
270#endif
271 {"SSL_get_version", TLS_Mandatory, NULL},
272 {"SSL_get_current_cipher", TLS_Mandatory, NULL},
273 {"SSL_CIPHER_get_name", TLS_Mandatory, NULL},
274 {"SSL_CTX_check_private_key", TLS_Mandatory, NULL},
275 {"SSL_CTX_set_session_id_context", TLS_Mandatory, NULL},
276 {"SSL_CTX_ctrl", TLS_Mandatory, NULL},
277 {"SSL_CTX_set_cipher_list", TLS_Mandatory, NULL},
278 {"SSL_CTX_set_options", TLS_Mandatory, NULL},
279 {"SSL_CTX_set_info_callback", TLS_Mandatory, NULL},
280 {"SSL_get_ex_data", TLS_Mandatory, NULL},
281 {"SSL_set_ex_data", TLS_Mandatory, NULL},
282 {"SSL_CTX_callback_ctrl", TLS_Mandatory, NULL},
283 {"SSL_get_servername", TLS_Mandatory, NULL},
284 {"SSL_set_SSL_CTX", TLS_Mandatory, NULL},
285 {"SSL_ctrl", TLS_Mandatory, NULL},
286 {"SSL_CTX_set_alpn_protos", TLS_ALPN, NULL},
287 {"SSL_CTX_set_alpn_select_cb", TLS_ALPN, NULL},
288 {"SSL_CTX_set_next_protos_advertised_cb", TLS_ALPN, NULL},
289 {"SSL_CTX_set_timeout", TLS_Mandatory, NULL},
290 {NULL, TLS_END_OF_LIST, NULL}};
291
292
293/* Similar array as ssl_sw. These functions could be located in different
294 * lib. */
295static struct ssl_func crypto_sw[] = {
296 {"ERR_get_error", TLS_Mandatory, NULL},
297 {"ERR_error_string", TLS_Mandatory, NULL},
298 {"CONF_modules_unload", TLS_Mandatory, NULL},
299 {"X509_free", TLS_Mandatory, NULL},
300 {"X509_get_subject_name", TLS_Mandatory, NULL},
301 {"X509_get_issuer_name", TLS_Mandatory, NULL},
302 {"X509_NAME_oneline", TLS_Mandatory, NULL},
303 {"X509_get_serialNumber", TLS_Mandatory, NULL},
304 {"EVP_get_digestbyname", TLS_Mandatory, NULL},
305 {"EVP_Digest", TLS_Mandatory, NULL},
306 {"i2d_X509", TLS_Mandatory, NULL},
307 {"BN_bn2hex", TLS_Mandatory, NULL},
308 {"ASN1_INTEGER_to_BN", TLS_Mandatory, NULL},
309 {"BN_free", TLS_Mandatory, NULL},
310 {"CRYPTO_free", TLS_Mandatory, NULL},
311 {"ERR_clear_error", TLS_Mandatory, NULL},
312 {NULL, TLS_END_OF_LIST, NULL}};
313#endif
314
315
316#if defined(OPENSSL_API_1_0)
317
318#define SSL_free (*(void (*)(SSL *))ssl_sw[0].ptr)
319#define SSL_accept (*(int (*)(SSL *))ssl_sw[1].ptr)
320#define SSL_connect (*(int (*)(SSL *))ssl_sw[2].ptr)
321#define SSL_read (*(int (*)(SSL *, void *, int))ssl_sw[3].ptr)
322#define SSL_write (*(int (*)(SSL *, const void *, int))ssl_sw[4].ptr)
323#define SSL_get_error (*(int (*)(SSL *, int))ssl_sw[5].ptr)
324#define SSL_set_fd (*(int (*)(SSL *, SOCKET))ssl_sw[6].ptr)
325#define SSL_new (*(SSL * (*)(SSL_CTX *)) ssl_sw[7].ptr)
326#define SSL_CTX_new (*(SSL_CTX * (*)(SSL_METHOD *)) ssl_sw[8].ptr)
327#define SSLv23_server_method (*(SSL_METHOD * (*)(void)) ssl_sw[9].ptr)
328#define SSL_library_init (*(int (*)(void))ssl_sw[10].ptr)
329#define SSL_CTX_use_PrivateKey_file \
330 (*(int (*)(SSL_CTX *, const char *, int))ssl_sw[11].ptr)
331#define SSL_CTX_use_certificate_file \
332 (*(int (*)(SSL_CTX *, const char *, int))ssl_sw[12].ptr)
333#define SSL_CTX_set_default_passwd_cb \
334 (*(void (*)(SSL_CTX *, mg_callback_t))ssl_sw[13].ptr)
335#define SSL_CTX_free (*(void (*)(SSL_CTX *))ssl_sw[14].ptr)
336#define SSL_load_error_strings (*(void (*)(void))ssl_sw[15].ptr)
337#define SSL_CTX_use_certificate_chain_file \
338 (*(int (*)(SSL_CTX *, const char *))ssl_sw[16].ptr)
339#define SSLv23_client_method (*(SSL_METHOD * (*)(void)) ssl_sw[17].ptr)
340#define SSL_pending (*(int (*)(SSL *))ssl_sw[18].ptr)
341#define SSL_CTX_set_verify \
342 (*(void (*)(SSL_CTX *, \
343 int, \
344 int (*verify_callback)(int, X509_STORE_CTX *)))ssl_sw[19] \
345 .ptr)
346#define SSL_shutdown (*(int (*)(SSL *))ssl_sw[20].ptr)
347#define SSL_CTX_load_verify_locations \
348 (*(int (*)(SSL_CTX *, const char *, const char *))ssl_sw[21].ptr)
349#define SSL_CTX_set_default_verify_paths (*(int (*)(SSL_CTX *))ssl_sw[22].ptr)
350#define SSL_CTX_set_verify_depth (*(void (*)(SSL_CTX *, int))ssl_sw[23].ptr)
351#define SSL_get_peer_certificate (*(X509 * (*)(SSL *)) ssl_sw[24].ptr)
352#define SSL_get_version (*(const char *(*)(SSL *))ssl_sw[25].ptr)
353#define SSL_get_current_cipher (*(SSL_CIPHER * (*)(SSL *)) ssl_sw[26].ptr)
354#define SSL_CIPHER_get_name \
355 (*(const char *(*)(const SSL_CIPHER *))ssl_sw[27].ptr)
356#define SSL_CTX_check_private_key (*(int (*)(SSL_CTX *))ssl_sw[28].ptr)
357#define SSL_CTX_set_session_id_context \
358 (*(int (*)(SSL_CTX *, const unsigned char *, unsigned int))ssl_sw[29].ptr)
359#define SSL_CTX_ctrl (*(long (*)(SSL_CTX *, int, long, void *))ssl_sw[30].ptr)
360#define SSL_CTX_set_cipher_list \
361 (*(int (*)(SSL_CTX *, const char *))ssl_sw[31].ptr)
362#define SSL_CTX_set_info_callback \
363 (*(void (*)(SSL_CTX *, void (*callback)(const SSL *, int, int)))ssl_sw[32] \
364 .ptr)
365#define SSL_get_ex_data (*(char *(*)(const SSL *, int))ssl_sw[33].ptr)
366#define SSL_set_ex_data (*(void (*)(SSL *, int, char *))ssl_sw[34].ptr)
367#define SSL_CTX_callback_ctrl \
368 (*(long (*)(SSL_CTX *, int, void (*)(void)))ssl_sw[35].ptr)
369#define SSL_get_servername \
370 (*(const char *(*)(const SSL *, int type))ssl_sw[36].ptr)
371#define SSL_set_SSL_CTX (*(SSL_CTX * (*)(SSL *, SSL_CTX *)) ssl_sw[37].ptr)
372#define SSL_ctrl (*(long (*)(SSL *, int, long, void *))ssl_sw[38].ptr)
373#define SSL_CTX_set_alpn_protos \
374 (*(int (*)(SSL_CTX *, const unsigned char *, unsigned))ssl_sw[39].ptr)
375typedef int (*tSSL_alpn_select_cb)(SSL *ssl,
376 const unsigned char **out,
377 unsigned char *outlen,
378 const unsigned char *in,
379 unsigned int inlen,
380 void *arg);
381#define SSL_CTX_set_alpn_select_cb \
382 (*(void (*)(SSL_CTX *, tSSL_alpn_select_cb, void *))ssl_sw[40].ptr)
383typedef int (*tSSL_next_protos_advertised_cb)(SSL *ssl,
384 const unsigned char **out,
385 unsigned int *outlen,
386 void *arg);
387#define SSL_CTX_set_next_protos_advertised_cb \
388 (*(void (*)(SSL_CTX *, tSSL_next_protos_advertised_cb, void *))ssl_sw[41] \
389 .ptr)
390
391#define SSL_CTX_set_timeout (*(long (*)(SSL_CTX *, long))ssl_sw[42].ptr)
392
393
394#define SSL_CTX_set_options(ctx, op) \
395 SSL_CTX_ctrl((ctx), SSL_CTRL_OPTIONS, (op), NULL)
396#define SSL_CTX_clear_options(ctx, op) \
397 SSL_CTX_ctrl((ctx), SSL_CTRL_CLEAR_OPTIONS, (op), NULL)
398#define SSL_CTX_set_ecdh_auto(ctx, onoff) \
399 SSL_CTX_ctrl(ctx, SSL_CTRL_SET_ECDH_AUTO, onoff, NULL)
400
401#define SSL_CTRL_SET_TLSEXT_SERVERNAME_CB 53
402#define SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG 54
403#define SSL_CTRL_SET_TLSEXT_HOSTNAME 55
404#define SSL_CTX_set_tlsext_servername_callback(ctx, cb) \
405 SSL_CTX_callback_ctrl(ctx, \
406 SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, \
407 (void (*)(void))cb)
408#define SSL_set_tlsext_host_name(ctx, arg) \
409 SSL_ctrl(ctx, SSL_CTRL_SET_TLSEXT_HOSTNAME, 0, (void *)arg)
410
411#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
412#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
413
414#define SSL_set_app_data(s, arg) (SSL_set_ex_data(s, 0, (char *)arg))
415#define SSL_get_app_data(s) (SSL_get_ex_data(s, 0))
416
417#define SSL_CTX_sess_set_cache_size(ctx, size) SSL_CTX_ctrl(ctx, 42, size, NULL)
418#define SSL_CTX_set_session_cache_mode(ctx, mode) \
419 SSL_CTX_ctrl(ctx, 44, mode, NULL)
420
421
422#define CRYPTO_num_locks (*(int (*)(void))crypto_sw[0].ptr)
423#define CRYPTO_set_locking_callback \
424 (*(void (*)(void (*)(int, int, const char *, int)))crypto_sw[1].ptr)
425#define CRYPTO_set_id_callback \
426 (*(void (*)(unsigned long (*)(void)))crypto_sw[2].ptr)
427#define ERR_get_error (*(unsigned long (*)(void))crypto_sw[3].ptr)
428#define ERR_error_string (*(char *(*)(unsigned long, char *))crypto_sw[4].ptr)
429#define ERR_remove_state (*(void (*)(unsigned long))crypto_sw[5].ptr)
430#define ERR_free_strings (*(void (*)(void))crypto_sw[6].ptr)
431#define ENGINE_cleanup (*(void (*)(void))crypto_sw[7].ptr)
432#define CONF_modules_unload (*(void (*)(int))crypto_sw[8].ptr)
433#define CRYPTO_cleanup_all_ex_data (*(void (*)(void))crypto_sw[9].ptr)
434#define EVP_cleanup (*(void (*)(void))crypto_sw[10].ptr)
435#define X509_free (*(void (*)(X509 *))crypto_sw[11].ptr)
436#define X509_get_subject_name (*(X509_NAME * (*)(X509 *)) crypto_sw[12].ptr)
437#define X509_get_issuer_name (*(X509_NAME * (*)(X509 *)) crypto_sw[13].ptr)
438#define X509_NAME_oneline \
439 (*(char *(*)(X509_NAME *, char *, int))crypto_sw[14].ptr)
440#define X509_get_serialNumber (*(ASN1_INTEGER * (*)(X509 *)) crypto_sw[15].ptr)
441#define i2c_ASN1_INTEGER \
442 (*(int (*)(ASN1_INTEGER *, unsigned char **))crypto_sw[16].ptr)
443#define EVP_get_digestbyname \
444 (*(const EVP_MD *(*)(const char *))crypto_sw[17].ptr)
445#define EVP_Digest \
446 (*(int (*)( \
447 const void *, size_t, void *, unsigned int *, const EVP_MD *, void *)) \
448 crypto_sw[18] \
449 .ptr)
450#define i2d_X509 (*(int (*)(X509 *, unsigned char **))crypto_sw[19].ptr)
451#define BN_bn2hex (*(char *(*)(const BIGNUM *a))crypto_sw[20].ptr)
452#define ASN1_INTEGER_to_BN \
453 (*(BIGNUM * (*)(const ASN1_INTEGER *ai, BIGNUM *bn)) crypto_sw[21].ptr)
454#define BN_free (*(void (*)(const BIGNUM *a))crypto_sw[22].ptr)
455#define CRYPTO_free (*(void (*)(void *addr))crypto_sw[23].ptr)
456#define ERR_clear_error (*(void (*)(void))crypto_sw[24].ptr)
457
458#define OPENSSL_free(a) CRYPTO_free(a)
459
460/* use here ERR_remove_state,
461 * while on some platforms function is not included into library due to
462 * deprication */
463#define OPENSSL_REMOVE_THREAD_STATE() ERR_remove_state(0)
464
465/* init_ssl_ctx() function updates this array.
466 * It loads SSL library dynamically and changes NULLs to the actual addresses
467 * of respective functions. The macros above (like SSL_connect()) are really
468 * just calling these functions indirectly via the pointer. */
469static struct ssl_func ssl_sw[] = {
470 {"SSL_free", TLS_Mandatory, NULL},
471 {"SSL_accept", TLS_Mandatory, NULL},
472 {"SSL_connect", TLS_Mandatory, NULL},
473 {"SSL_read", TLS_Mandatory, NULL},
474 {"SSL_write", TLS_Mandatory, NULL},
475 {"SSL_get_error", TLS_Mandatory, NULL},
476 {"SSL_set_fd", TLS_Mandatory, NULL},
477 {"SSL_new", TLS_Mandatory, NULL},
478 {"SSL_CTX_new", TLS_Mandatory, NULL},
479 {"SSLv23_server_method", TLS_Mandatory, NULL},
480 {"SSL_library_init", TLS_Mandatory, NULL},
481 {"SSL_CTX_use_PrivateKey_file", TLS_Mandatory, NULL},
482 {"SSL_CTX_use_certificate_file", TLS_Mandatory, NULL},
483 {"SSL_CTX_set_default_passwd_cb", TLS_Mandatory, NULL},
484 {"SSL_CTX_free", TLS_Mandatory, NULL},
485 {"SSL_load_error_strings", TLS_Mandatory, NULL},
486 {"SSL_CTX_use_certificate_chain_file", TLS_Mandatory, NULL},
487 {"SSLv23_client_method", TLS_Mandatory, NULL},
488 {"SSL_pending", TLS_Mandatory, NULL},
489 {"SSL_CTX_set_verify", TLS_Mandatory, NULL},
490 {"SSL_shutdown", TLS_Mandatory, NULL},
491 {"SSL_CTX_load_verify_locations", TLS_Mandatory, NULL},
492 {"SSL_CTX_set_default_verify_paths", TLS_Mandatory, NULL},
493 {"SSL_CTX_set_verify_depth", TLS_Mandatory, NULL},
494 {"SSL_get_peer_certificate", TLS_Mandatory, NULL},
495 {"SSL_get_version", TLS_Mandatory, NULL},
496 {"SSL_get_current_cipher", TLS_Mandatory, NULL},
497 {"SSL_CIPHER_get_name", TLS_Mandatory, NULL},
498 {"SSL_CTX_check_private_key", TLS_Mandatory, NULL},
499 {"SSL_CTX_set_session_id_context", TLS_Mandatory, NULL},
500 {"SSL_CTX_ctrl", TLS_Mandatory, NULL},
501 {"SSL_CTX_set_cipher_list", TLS_Mandatory, NULL},
502 {"SSL_CTX_set_info_callback", TLS_Mandatory, NULL},
503 {"SSL_get_ex_data", TLS_Mandatory, NULL},
504 {"SSL_set_ex_data", TLS_Mandatory, NULL},
505 {"SSL_CTX_callback_ctrl", TLS_Mandatory, NULL},
506 {"SSL_get_servername", TLS_Mandatory, NULL},
507 {"SSL_set_SSL_CTX", TLS_Mandatory, NULL},
508 {"SSL_ctrl", TLS_Mandatory, NULL},
509 {"SSL_CTX_set_alpn_protos", TLS_ALPN, NULL},
510 {"SSL_CTX_set_alpn_select_cb", TLS_ALPN, NULL},
511 {"SSL_CTX_set_next_protos_advertised_cb", TLS_ALPN, NULL},
512 {"SSL_CTX_set_timeout", TLS_Mandatory, NULL},
513 {NULL, TLS_END_OF_LIST, NULL}};
514
515
516/* Similar array as ssl_sw. These functions could be located in different
517 * lib. */
518static struct ssl_func crypto_sw[] = {
519 {"CRYPTO_num_locks", TLS_Mandatory, NULL},
520 {"CRYPTO_set_locking_callback", TLS_Mandatory, NULL},
521 {"CRYPTO_set_id_callback", TLS_Mandatory, NULL},
522 {"ERR_get_error", TLS_Mandatory, NULL},
523 {"ERR_error_string", TLS_Mandatory, NULL},
524 {"ERR_remove_state", TLS_Mandatory, NULL},
525 {"ERR_free_strings", TLS_Mandatory, NULL},
526 {"ENGINE_cleanup", TLS_Mandatory, NULL},
527 {"CONF_modules_unload", TLS_Mandatory, NULL},
528 {"CRYPTO_cleanup_all_ex_data", TLS_Mandatory, NULL},
529 {"EVP_cleanup", TLS_Mandatory, NULL},
530 {"X509_free", TLS_Mandatory, NULL},
531 {"X509_get_subject_name", TLS_Mandatory, NULL},
532 {"X509_get_issuer_name", TLS_Mandatory, NULL},
533 {"X509_NAME_oneline", TLS_Mandatory, NULL},
534 {"X509_get_serialNumber", TLS_Mandatory, NULL},
535 {"i2c_ASN1_INTEGER", TLS_Mandatory, NULL},
536 {"EVP_get_digestbyname", TLS_Mandatory, NULL},
537 {"EVP_Digest", TLS_Mandatory, NULL},
538 {"i2d_X509", TLS_Mandatory, NULL},
539 {"BN_bn2hex", TLS_Mandatory, NULL},
540 {"ASN1_INTEGER_to_BN", TLS_Mandatory, NULL},
541 {"BN_free", TLS_Mandatory, NULL},
542 {"CRYPTO_free", TLS_Mandatory, NULL},
543 {"ERR_clear_error", TLS_Mandatory, NULL},
544 {NULL, TLS_END_OF_LIST, NULL}};
545#endif /* OPENSSL_API_1_0 */
TRangeDynCast
ROOT::Detail::TRangeCast< T, true > TRangeDynCast
TRangeDynCast is an adapter class that allows the typed iteration through a TCollection.
Definition TCollection.h:358
TMVA_SOFIE_GNN.out
out
Definition TMVA_SOFIE_GNN.py:209
ssl_func_category
ssl_func_category
Definition openssl_dl.inl:85
TLS_ALPN
@ TLS_ALPN
Definition openssl_dl.inl:87
TLS_END_OF_LIST
@ TLS_END_OF_LIST
Definition openssl_dl.inl:88
TLS_Mandatory
@ TLS_Mandatory
Definition openssl_dl.inl:86
SSL
struct ssl_st SSL
Definition openssl_dl.inl:24
tls_feature_missing
static int tls_feature_missing[TLS_END_OF_LIST]
Definition openssl_dl.inl:92
ssl_func
Definition openssl_dl.inl:94
ssl_func::ptr
void(* ptr)(void)
Definition openssl_dl.inl:97
ssl_func::name
const char * name
Definition openssl_dl.inl:95
ssl_func::required
enum ssl_func_category required
Definition openssl_dl.inl:96