📄 ssl_private.h

📁 apache服务器源代码（版本号：2.2.2）
💻 H
📖 第 1 页 / 共 2 页
字号:
12 下一页
/* Copyright 2001-2005 The Apache Software Foundation or its licensors, as * applicable. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * *     http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */#ifndef SSL_PRIVATE_H#define SSL_PRIVATE_H/** * @file  ssl_private.h  * @brief Internal interfaces private to mod_ssl. * * @defgroup MOD_SSL_PRIVATE Private * @ingroup MOD_SSL * @{ *//** Apache headers */#include "httpd.h"#include "http_config.h"#include "http_core.h"#include "http_log.h"#include "http_main.h"#include "http_connection.h"#include "http_request.h"#include "http_protocol.h"#include "util_script.h"#include "util_filter.h"#include "util_ebcdic.h"#include "mpm.h"#include "apr.h"#include "apr_strings.h"#define APR_WANT_STRFUNC#include "apr_want.h"#include "apr_tables.h"#include "apr_lib.h"#include "apr_fnmatch.h"#include "apr_strings.h"#include "apr_dbm.h"#include "apr_rmm.h"#include "apr_shm.h"#include "apr_global_mutex.h"#include "apr_optional.h"#define MOD_SSL_VERSION AP_SERVER_BASEREVISION/** mod_ssl headers */#include "ssl_toolkit_compat.h"#include "ssl_expr.h"#include "ssl_util_ssl.h"/** The #ifdef macros are only defined AFTER including the above * therefore we cannot include these system files at the top  :-( */#if APR_HAVE_SYS_TIME_H#include <sys/time.h>#endif#if APR_HAVE_UNISTD_H#include <unistd.h> /** needed for STDIN_FILENO et.al., at least on FreeBSD */#endif/** * Provide reasonable default for some defines */#ifndef FALSE#define FALSE (0)#endif#ifndef TRUE#define TRUE (!FALSE)#endif#ifndef PFALSE#define PFALSE ((void *)FALSE)#endif#ifndef PTRUE#define PTRUE ((void *)TRUE)#endif#ifndef UNSET#define UNSET (-1)#endif#ifndef NUL#define NUL '\0'#endif#ifndef RAND_MAX#include <limits.h>#define RAND_MAX INT_MAX#endif/** * Provide reasonable defines for some types */#ifndef BOOL#define BOOL unsigned int#endif#ifndef UCHAR#define UCHAR unsigned char#endif/** * Provide useful shorthands */#define strEQ(s1,s2)     (strcmp(s1,s2)        == 0)#define strNE(s1,s2)     (strcmp(s1,s2)        != 0)#define strEQn(s1,s2,n)  (strncmp(s1,s2,n)     == 0)#define strNEn(s1,s2,n)  (strncmp(s1,s2,n)     != 0)#define strcEQ(s1,s2)    (strcasecmp(s1,s2)    == 0)#define strcNE(s1,s2)    (strcasecmp(s1,s2)    != 0)#define strcEQn(s1,s2,n) (strncasecmp(s1,s2,n) == 0)#define strcNEn(s1,s2,n) (strncasecmp(s1,s2,n) != 0)#define strIsEmpty(s)    (s == NULL || s[0] == NUL)#define myConnConfig(c) \(SSLConnRec *)ap_get_module_config(c->conn_config, &ssl_module)#define myCtxConfig(sslconn, sc) (sslconn->is_proxy ? sc->proxy : sc->server)#define myConnConfigSet(c, val) \ap_set_module_config(c->conn_config, &ssl_module, val)#define mySrvConfig(srv) (SSLSrvConfigRec *)ap_get_module_config(srv->module_config,  &ssl_module)#define myDirConfig(req) (SSLDirConfigRec *)ap_get_module_config(req->per_dir_config, &ssl_module)#define myModConfig(srv) (mySrvConfig((srv)))->mc#define myCtxVarSet(mc,num,val)  mc->rCtx.pV##num = val#define myCtxVarGet(mc,num,type) (type)(mc->rCtx.pV##num)/** * Defaults for the configuration */#ifndef SSL_SESSION_CACHE_TIMEOUT#define SSL_SESSION_CACHE_TIMEOUT  300#endif/** * Support for MM library */#define SSL_MM_FILE_MODE ( APR_UREAD | APR_UWRITE | APR_GREAD | APR_WREAD )/** * Support for DBM library */#define SSL_DBM_FILE_MODE ( APR_UREAD | APR_UWRITE | APR_GREAD | APR_WREAD )#if !defined(SSL_DBM_FILE_SUFFIX_DIR) && !defined(SSL_DBM_FILE_SUFFIX_PAG)#if defined(DBM_SUFFIX)#define SSL_DBM_FILE_SUFFIX_DIR DBM_SUFFIX#define SSL_DBM_FILE_SUFFIX_PAG DBM_SUFFIX#elif defined(__FreeBSD__) || (defined(DB_LOCK) && defined(DB_SHMEM))#define SSL_DBM_FILE_SUFFIX_DIR ".db"#define SSL_DBM_FILE_SUFFIX_PAG ".db"#else#define SSL_DBM_FILE_SUFFIX_DIR ".dir"#define SSL_DBM_FILE_SUFFIX_PAG ".pag"#endif#endif/** * Define the certificate algorithm types */typedef int ssl_algo_t;#define SSL_ALGO_UNKNOWN (0)#define SSL_ALGO_RSA     (1<<0)#define SSL_ALGO_DSA     (1<<1)#define SSL_ALGO_ALL     (SSL_ALGO_RSA|SSL_ALGO_DSA)#define SSL_AIDX_RSA     (0)#define SSL_AIDX_DSA     (1)#define SSL_AIDX_MAX     (2)/** * Define IDs for the temporary RSA keys and DH params */#define SSL_TMP_KEY_RSA_512  (0)#define SSL_TMP_KEY_RSA_1024 (1)#define SSL_TMP_KEY_DH_512   (2)#define SSL_TMP_KEY_DH_1024  (3)#define SSL_TMP_KEY_MAX      (4)/** * Define the SSL options */#define SSL_OPT_NONE           (0)#define SSL_OPT_RELSET         (1<<0)#define SSL_OPT_STDENVVARS     (1<<1)#define SSL_OPT_EXPORTCERTDATA (1<<3)#define SSL_OPT_FAKEBASICAUTH  (1<<4)#define SSL_OPT_STRICTREQUIRE  (1<<5)#define SSL_OPT_OPTRENEGOTIATE (1<<6)#define SSL_OPT_ALL            (SSL_OPT_STDENVVARS|SSL_OPT_EXPORTCERTDATA|SSL_OPT_FAKEBASICAUTH|SSL_OPT_STRICTREQUIRE|SSL_OPT_OPTRENEGOTIATE)typedef int ssl_opt_t;/** * Define the SSL Protocol options */#define SSL_PROTOCOL_NONE  (0)#define SSL_PROTOCOL_SSLV2 (1<<0)#define SSL_PROTOCOL_SSLV3 (1<<1)#define SSL_PROTOCOL_TLSV1 (1<<2)#define SSL_PROTOCOL_ALL   (SSL_PROTOCOL_SSLV2|SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)typedef int ssl_proto_t;/** * Define the SSL verify levels */typedef enum {    SSL_CVERIFY_UNSET           = UNSET,    SSL_CVERIFY_NONE            = 0,    SSL_CVERIFY_OPTIONAL        = 1,    SSL_CVERIFY_REQUIRE         = 2,    SSL_CVERIFY_OPTIONAL_NO_CA  = 3} ssl_verify_t;#define SSL_VERIFY_PEER_STRICT \     (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT)#ifndef X509_V_ERR_CERT_UNTRUSTED#define X509_V_ERR_CERT_UNTRUSTED 27#endif#define ssl_verify_error_is_optional(errnum) \   ((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \    || (errnum == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) \    || (errnum == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) \    || (errnum == X509_V_ERR_CERT_UNTRUSTED) \    || (errnum == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE))/** * Define the SSL pass phrase dialog types */typedef enum {    SSL_PPTYPE_UNSET   = UNSET,    SSL_PPTYPE_BUILTIN = 0,    SSL_PPTYPE_FILTER  = 1,	SSL_PPTYPE_PIPE    = 2} ssl_pphrase_t;/** * Define the Path Checking modes */#define SSL_PCM_EXISTS     1#define SSL_PCM_ISREG      2#define SSL_PCM_ISDIR      4#define SSL_PCM_ISNONZERO  8typedef unsigned int ssl_pathcheck_t;/** * Define the SSL session cache modes and structures */typedef enum {    SSL_SCMODE_UNSET = UNSET,    SSL_SCMODE_NONE  = 0,    SSL_SCMODE_DBM   = 1,    SSL_SCMODE_SHMCB = 3,    SSL_SCMODE_DC    = 4,    SSL_SCMODE_NONE_NOT_NULL = 5} ssl_scmode_t;/** * Define the SSL mutex modes */typedef enum {    SSL_MUTEXMODE_UNSET  = UNSET,    SSL_MUTEXMODE_NONE   = 0,    SSL_MUTEXMODE_USED   = 1} ssl_mutexmode_t;/** * Define the SSL enabled state */typedef enum {    SSL_ENABLED_UNSET    = UNSET,    SSL_ENABLED_FALSE    = 0,    SSL_ENABLED_TRUE     = 1,	SSL_ENABLED_OPTIONAL = 3} ssl_enabled_t;/** * Define the SSL requirement structure */typedef struct {    char     *cpExpr;    ssl_expr *mpExpr;} ssl_require_t;/** * Define the SSL random number generator seeding source */typedef enum {    SSL_RSCTX_STARTUP = 1,    SSL_RSCTX_CONNECT = 2} ssl_rsctx_t;typedef enum {    SSL_RSSRC_BUILTIN = 1,    SSL_RSSRC_FILE    = 2,    SSL_RSSRC_EXEC    = 3,    SSL_RSSRC_EGD     = 4} ssl_rssrc_t;typedef struct {    ssl_rsctx_t  nCtx;    ssl_rssrc_t  nSrc;    char        *cpPath;    int          nBytes;} ssl_randseed_t;/** * Define the structure of an ASN.1 anything */typedef struct {    long int       nData;    unsigned char *cpData;    apr_time_t     source_mtime;} ssl_asn1_t;/** * Define the mod_ssl per-module configuration structure * (i.e. the global configuration for each httpd process) */typedef enum {
12 下一页
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -