Apache2
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
Utilities
Collaboration diagram for Utilities:

Macros

#define SSL_MOD_POLICIES_KEY   "ssl_module_policies"
 
#define SSL_PROTOCOL_CONSTANTS_SSLV3   SSL_PROTOCOL_SSLV3
 
#define SSL_POLICY_HONOR_ORDER   1
 
#define SSL_POLICY_COMPRESSION   0
 
#define SSL_POLICY_SESSION_TICKETS   0
 
#define SSL_POLICY_MOZILLA_VERSION   4.0
 
#define SSL_POLICY_MODERN   0
 
#define SSL_POLICY_INTERMEDIATE   1
 
#define SSL_POLICY_INTERMEDIATE_SSL_CIPHERS   "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"
 
#define SSL_POLICY_INTERMEDIATE_TLS13_CIPHERS   NULL
 
#define SSL_POLICY_INTERMEDIATE_PROTOCOLS   (SSL_PROTOCOL_ALL & ~(SSL_PROTOCOL_TLSV1_3|SSL_PROTOCOL_CONSTANTS_SSLV3))
 
#define SSL_POLICY_OLD   1
 
#define SSL_POLICY_OLD_SSL_CIPHERS   "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP"
 
#define SSL_POLICY_OLD_TLS13_CIPHERS   NULL
 
#define SSL_POLICY_OLD_PROTOCOLS   (SSL_PROTOCOL_ALL & ~(SSL_PROTOCOL_TLSV1_3))
 
#define MODSSL_LIBRARY_VERSION   OPENSSL_VERSION_NUMBER
 
#define MODSSL_LIBRARY_NAME   "OpenSSL"
 
#define MODSSL_LIBRARY_TEXT   OPENSSL_VERSION_TEXT
 
#define MODSSL_LIBRARY_DYNTEXT   OpenSSL_version(OPENSSL_VERSION)
 
#define MODSSL_SESSION_MAX_DER   1024*10
 
#define MODSSL_SESSION_ID_STRING_LEN   ((SSL_MAX_SSL_SESSION_ID_LENGTH + 1) * 2)
 

Functions

void modssl_init_app_data2_idx (void)
 
voidmodssl_get_app_data2 (SSL *)
 
void modssl_set_app_data2 (SSL *, void *)
 
EVP_PKEY * modssl_read_privatekey (const char *filename, pem_password_cb *cb, void *ud)
 
int modssl_smart_shutdown (SSL *ssl)
 
BOOL modssl_X509_getBC (X509 *, int *, int *)
 
char * modssl_X509_NAME_ENTRY_to_string (apr_pool_t *p, X509_NAME_ENTRY *xsne, int raw)
 
char * modssl_X509_NAME_to_string (apr_pool_t *, X509_NAME *, int)
 
BOOL modssl_X509_getSAN (apr_pool_t *, X509 *, int, const char *, int, apr_array_header_t **)
 
BOOL modssl_X509_match_name (apr_pool_t *, X509 *, const char *, BOOL, server_rec *)
 
char * modssl_SSL_SESSION_id2sz (IDCONST unsigned char *, int, char *, int)
 

Detailed Description

Macro Definition Documentation

#define MODSSL_LIBRARY_DYNTEXT   OpenSSL_version(OPENSSL_VERSION)
#define MODSSL_LIBRARY_NAME   "OpenSSL"
#define MODSSL_LIBRARY_TEXT   OPENSSL_VERSION_TEXT
#define MODSSL_LIBRARY_VERSION   OPENSSL_VERSION_NUMBER

SSL library version number

#define MODSSL_SESSION_ID_STRING_LEN   ((SSL_MAX_SSL_SESSION_ID_LENGTH + 1) * 2)

max length for modssl_SSL_SESSION_id2sz

#define MODSSL_SESSION_MAX_DER   1024*10

Maximum length of a DER encoded session. FIXME: There is no define in OpenSSL, but OpenSSL uses 1024*10, so this value should be ok. Although we have no warm feeling.

#define SSL_MOD_POLICIES_KEY   "ssl_module_policies"
#define SSL_POLICY_COMPRESSION   0
#define SSL_POLICY_HONOR_ORDER   1
#define SSL_POLICY_INTERMEDIATE   1
#define SSL_POLICY_INTERMEDIATE_PROTOCOLS   (SSL_PROTOCOL_ALL & ~(SSL_PROTOCOL_TLSV1_3|SSL_PROTOCOL_CONSTANTS_SSLV3))
#define SSL_POLICY_INTERMEDIATE_SSL_CIPHERS   "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS"
#define SSL_POLICY_INTERMEDIATE_TLS13_CIPHERS   NULL
#define SSL_POLICY_MODERN   0
#define SSL_POLICY_MOZILLA_VERSION   4.0

Define a core set of policies that are always there:

#define SSL_POLICY_OLD   1
#define SSL_POLICY_OLD_PROTOCOLS   (SSL_PROTOCOL_ALL & ~(SSL_PROTOCOL_TLSV1_3))
#define SSL_POLICY_OLD_SSL_CIPHERS   "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP"
#define SSL_POLICY_OLD_TLS13_CIPHERS   NULL
#define SSL_POLICY_SESSION_TICKETS   0
#define SSL_PROTOCOL_CONSTANTS_SSLV3   SSL_PROTOCOL_SSLV3

Function Documentation

void* modssl_get_app_data2 ( SSL *  )
void modssl_init_app_data2_idx ( void  )

Additional Functions

EVP_PKEY* modssl_read_privatekey ( const char *  filename,
pem_password_cb *  cb,
void ud 
)
void modssl_set_app_data2 ( SSL *  ,
void  
)
int modssl_smart_shutdown ( SSL *  ssl)
char* modssl_SSL_SESSION_id2sz ( IDCONST unsigned char *  ,
int  ,
char *  ,
int   
)
BOOL modssl_X509_getBC ( X509 *  ,
int ,
int  
)
BOOL modssl_X509_getSAN ( apr_pool_t ,
X509 *  ,
int  ,
const char *  ,
int  ,
apr_array_header_t **   
)
BOOL modssl_X509_match_name ( apr_pool_t ,
X509 *  ,
const char *  ,
BOOL  ,
server_rec  
)
char* modssl_X509_NAME_ENTRY_to_string ( apr_pool_t p,
X509_NAME_ENTRY *  xsne,
int  raw 
)
char* modssl_X509_NAME_to_string ( apr_pool_t ,
X509_NAME *  ,
int   
)