Apache2
|
Macros | |
#define | SSL_MOD_POLICIES_KEY "ssl_module_policies" |
#define | SSL_PROTOCOL_CONSTANTS_SSLV3 SSL_PROTOCOL_SSLV3 |
#define | SSL_POLICY_HONOR_ORDER 1 |
#define | SSL_POLICY_COMPRESSION 0 |
#define | SSL_POLICY_SESSION_TICKETS 0 |
#define | SSL_POLICY_MOZILLA_VERSION 4.0 |
#define | SSL_POLICY_MODERN 0 |
#define | SSL_POLICY_INTERMEDIATE 1 |
#define | SSL_POLICY_INTERMEDIATE_SSL_CIPHERS "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS" |
#define | SSL_POLICY_INTERMEDIATE_TLS13_CIPHERS NULL |
#define | SSL_POLICY_INTERMEDIATE_PROTOCOLS (SSL_PROTOCOL_ALL & ~(SSL_PROTOCOL_TLSV1_3|SSL_PROTOCOL_CONSTANTS_SSLV3)) |
#define | SSL_POLICY_OLD 1 |
#define | SSL_POLICY_OLD_SSL_CIPHERS "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP" |
#define | SSL_POLICY_OLD_TLS13_CIPHERS NULL |
#define | SSL_POLICY_OLD_PROTOCOLS (SSL_PROTOCOL_ALL & ~(SSL_PROTOCOL_TLSV1_3)) |
#define | MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER |
#define | MODSSL_LIBRARY_NAME "OpenSSL" |
#define | MODSSL_LIBRARY_TEXT OPENSSL_VERSION_TEXT |
#define | MODSSL_LIBRARY_DYNTEXT OpenSSL_version(OPENSSL_VERSION) |
#define | MODSSL_SESSION_MAX_DER 1024*10 |
#define | MODSSL_SESSION_ID_STRING_LEN ((SSL_MAX_SSL_SESSION_ID_LENGTH + 1) * 2) |
Functions | |
void | modssl_init_app_data2_idx (void) |
void * | modssl_get_app_data2 (SSL *) |
void | modssl_set_app_data2 (SSL *, void *) |
EVP_PKEY * | modssl_read_privatekey (const char *filename, pem_password_cb *cb, void *ud) |
int | modssl_smart_shutdown (SSL *ssl) |
BOOL | modssl_X509_getBC (X509 *, int *, int *) |
char * | modssl_X509_NAME_ENTRY_to_string (apr_pool_t *p, X509_NAME_ENTRY *xsne, int raw) |
char * | modssl_X509_NAME_to_string (apr_pool_t *, X509_NAME *, int) |
BOOL | modssl_X509_getSAN (apr_pool_t *, X509 *, int, const char *, int, apr_array_header_t **) |
BOOL | modssl_X509_match_name (apr_pool_t *, X509 *, const char *, BOOL, server_rec *) |
char * | modssl_SSL_SESSION_id2sz (IDCONST unsigned char *, int, char *, int) |
char * | modssl_bio_free_read (apr_pool_t *p, BIO *bio) |
apr_status_t | modssl_read_cert (apr_pool_t *p, const char *cert_pem, const char *key_pem, pem_password_cb *cb, void *ud, X509 **pcert, EVP_PKEY **pkey) |
apr_status_t | modssl_cert_get_pem (apr_pool_t *p, X509 *cert1, X509 *cert2, const char **ppem) |
#define MODSSL_LIBRARY_DYNTEXT OpenSSL_version(OPENSSL_VERSION) |
#define MODSSL_LIBRARY_NAME "OpenSSL" |
#define MODSSL_LIBRARY_TEXT OPENSSL_VERSION_TEXT |
#define MODSSL_LIBRARY_VERSION OPENSSL_VERSION_NUMBER |
SSL library version number
#define MODSSL_SESSION_ID_STRING_LEN ((SSL_MAX_SSL_SESSION_ID_LENGTH + 1) * 2) |
max length for modssl_SSL_SESSION_id2sz
#define MODSSL_SESSION_MAX_DER 1024*10 |
Maximum length of a DER encoded session. FIXME: There is no define in OpenSSL, but OpenSSL uses 1024*10, so this value should be ok. Although we have no warm feeling.
#define SSL_MOD_POLICIES_KEY "ssl_module_policies" |
#define SSL_POLICY_COMPRESSION 0 |
#define SSL_POLICY_HONOR_ORDER 1 |
#define SSL_POLICY_INTERMEDIATE 1 |
#define SSL_POLICY_INTERMEDIATE_PROTOCOLS (SSL_PROTOCOL_ALL & ~(SSL_PROTOCOL_TLSV1_3|SSL_PROTOCOL_CONSTANTS_SSLV3)) |
#define SSL_POLICY_INTERMEDIATE_SSL_CIPHERS "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS" |
#define SSL_POLICY_INTERMEDIATE_TLS13_CIPHERS NULL |
#define SSL_POLICY_MODERN 0 |
#define SSL_POLICY_MOZILLA_VERSION 4.0 |
Define a core set of policies that are always there:
#define SSL_POLICY_OLD 1 |
#define SSL_POLICY_OLD_PROTOCOLS (SSL_PROTOCOL_ALL & ~(SSL_PROTOCOL_TLSV1_3)) |
#define SSL_POLICY_OLD_SSL_CIPHERS "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP" |
#define SSL_POLICY_OLD_TLS13_CIPHERS NULL |
#define SSL_POLICY_SESSION_TICKETS 0 |
#define SSL_PROTOCOL_CONSTANTS_SSLV3 SSL_PROTOCOL_SSLV3 |
char* modssl_bio_free_read | ( | apr_pool_t * | p, |
BIO * | bio | ||
) |
apr_status_t modssl_cert_get_pem | ( | apr_pool_t * | p, |
X509 * | cert1, | ||
X509 * | cert2, | ||
const char ** | ppem | ||
) |
void* modssl_get_app_data2 | ( | SSL * | ) |
void modssl_init_app_data2_idx | ( | void | ) |
Additional Functions
apr_status_t modssl_read_cert | ( | apr_pool_t * | p, |
const char * | cert_pem, | ||
const char * | key_pem, | ||
pem_password_cb * | cb, | ||
void * | ud, | ||
X509 ** | pcert, | ||
EVP_PKEY ** | pkey | ||
) |
EVP_PKEY* modssl_read_privatekey | ( | const char * | filename, |
pem_password_cb * | cb, | ||
void * | ud | ||
) |
void modssl_set_app_data2 | ( | SSL * | , |
void * | |||
) |
int modssl_smart_shutdown | ( | SSL * | ssl | ) |
BOOL modssl_X509_getSAN | ( | apr_pool_t * | , |
X509 * | , | ||
int | , | ||
const char * | , | ||
int | , | ||
apr_array_header_t ** | |||
) |
BOOL modssl_X509_match_name | ( | apr_pool_t * | , |
X509 * | , | ||
const char * | , | ||
BOOL | , | ||
server_rec * | |||
) |
char* modssl_X509_NAME_ENTRY_to_string | ( | apr_pool_t * | p, |
X509_NAME_ENTRY * | xsne, | ||
int | raw | ||
) |
char* modssl_X509_NAME_to_string | ( | apr_pool_t * | , |
X509_NAME * | , | ||
int | |||
) |