Apache2
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
Collaboration diagram for mod_ssl:

Modules

 Private
 
 Utilities
 

Macros

#define SSL_DECLARE(type)   type
 
#define SSL_DECLARE_NONSTD(type)   type
 
#define SSL_DECLARE_DATA
 

Functions

char * ssl_var_lookup (apr_pool_t *, server_rec *, conn_rec *, request_rec *, char *)
 
apr_array_header_tssl_ext_list (apr_pool_t *p, conn_rec *c, int peer, const char *extension)
 
int ssl_is_https (conn_rec *)
 
apr_status_t ssl_get_tls_cb (apr_pool_t *p, conn_rec *c, const char *type, unsigned char **buf, apr_size_t *size)
 
int ssl_proxy_enable (conn_rec *)
 
int ssl_engine_disable (conn_rec *)
 
int ssl_engine_set (conn_rec *, ap_conf_vector_t *, int proxy, int enable)
 
int ssl_hook_init_server (server_rec *s, apr_pool_t *p, int is_proxy, SSL_CTX *ctx)
 
int ssl_hook_pre_handshake (conn_rec *c, SSL *ssl, int is_proxy)
 
int ssl_hook_proxy_post_handshake (conn_rec *c, SSL *ssl)
 

Detailed Description

Macro Definition Documentation

#define SSL_DECLARE (   type)    type
#define SSL_DECLARE_DATA
#define SSL_DECLARE_NONSTD (   type)    type

Function Documentation

int ssl_engine_disable ( conn_rec )
int ssl_engine_set ( conn_rec ,
ap_conf_vector_t ,
int  proxy,
int  enable 
)
apr_array_header_t* ssl_ext_list ( apr_pool_t p,
conn_rec c,
int  peer,
const char *  extension 
)

The ssl_ext_list() optional function attempts to build an array of all the values contained in the named X.509 extension. The returned array will be created in the supplied pool. The client certificate is used if peer is non-zero; the server certificate is used otherwise. Extension specifies the extensions to use as a string. This can be one of the "known" long or short names, or a numeric OID, e.g. "1.2.3.4", 'nsComment' and 'DN' are all valid. A pointer to an apr_array_header_t structure is returned if at least one matching extension is found, NULL otherwise.

apr_status_t ssl_get_tls_cb ( apr_pool_t p,
conn_rec c,
const char *  type,
unsigned char **  buf,
apr_size_t size 
)

A function that returns the TLS channel binding data as per RFC5929. A buffer containing the Channel Binding Token for the given type will be allocated from the pool and returned to the caller, along with the size. Returns APR_SUCCESS on success; buf and size are not adjusted on error.

int ssl_hook_init_server ( server_rec s,
apr_pool_t p,
int  is_proxy,
SSL_CTX *  ctx 
)

init_server hook – allow SSL_CTX-specific initialization to be performed by a module for each SSL-enabled server (one at a time)

Parameters
sSSL-enabled [virtual] server
ppconf pool
is_proxy1 if this server supports backend connections over SSL/TLS, 0 if it supports client connections over SSL/TLS
ctxOpenSSL SSL Context for the server
int ssl_hook_pre_handshake ( conn_rec c,
SSL *  ssl,
int  is_proxy 
)

pre_handshake hook

Parameters
cconn_rec for new connection from client or to backend server
sslOpenSSL SSL Connection for the client or backend server
is_proxy1 if this handshake is for a backend connection, 0 otherwise
int ssl_hook_proxy_post_handshake ( conn_rec c,
SSL *  ssl 
)

proxy_post_handshake hook – allow module to abort after successful handshake with backend server and subsequent peer checks

Parameters
cconn_rec for connection to backend server
sslOpenSSL SSL Connection for the client or backend server
int ssl_is_https ( conn_rec )

An optional function which returns non-zero if the given connection is using SSL/TLS.

int ssl_proxy_enable ( conn_rec )

The ssl_proxy_enable() and ssl_engine_{set,disable}() optional functions are used by mod_proxy to enable use of SSL for outgoing connections.

char* ssl_var_lookup ( apr_pool_t ,
server_rec ,
conn_rec ,
request_rec ,
char *   
)

The ssl_var_lookup() optional function retrieves SSL environment variables.