/* Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef SSL_TOOLKIT_COMPAT_H #define SSL_TOOLKIT_COMPAT_H /** * @file ssl_toolkit_compat.h * @brief this header file provides a compatiblity layer * between OpenSSL and RSA sslc * * @defgroup MOD_SSL_TOOLKIT Toolkit * @ingroup MOD_SSL * @{ */ #ifdef HAVE_OPENSSL /** OpenSSL headers */ #include <openssl/ssl.h> #include <openssl/err.h> #include <openssl/x509.h> #include <openssl/pem.h> #include <openssl/crypto.h> #include <openssl/evp.h> #include <openssl/rand.h> #include <openssl/x509v3.h> /** Avoid tripping over an engine build installed globally and detected * when the user points at an explicit non-engine flavor of OpenSSL */ #if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT) #include <openssl/engine.h> #endif /** * rsa sslc uses incomplete types for most structures * so we macroize for OpenSSL those which cannot be dereferenced * using the same sames as the sslc functions */ #define EVP_PKEY_key_type(k) (EVP_PKEY_type(k->type)) #define X509_NAME_get_entries(xs) (xs->entries) #define X509_REVOKED_get_serialNumber(xs) (xs->serialNumber) #define X509_get_signature_algorithm(xs) (xs->cert_info->signature->algorithm) #define X509_get_key_algorithm(xs) (xs->cert_info->key->algor->algorithm) #define X509_NAME_ENTRY_get_data_ptr(xs) (xs->value->data) #define X509_NAME_ENTRY_get_data_len(xs) (xs->value->length) #define SSL_CTX_get_extra_certs(ctx) (ctx->extra_certs) #define SSL_CTX_set_extra_certs(ctx,value) {ctx->extra_certs = value;} #define SSL_CIPHER_get_name(s) (s->name) #define SSL_CIPHER_get_valid(s) (s->valid) #define SSL_SESSION_get_session_id(s) (s->session_id) #define SSL_SESSION_get_session_id_length(s) (s->session_id_length) /** * Support for retrieving/overriding states */ #ifndef SSL_get_state #define SSL_get_state(ssl) SSL_state(ssl) #endif #define SSL_set_state(ssl,val) (ssl)->state = val #define MODSSL_BIO_CB_ARG_TYPE const char #define MODSSL_CRYPTO_CB_ARG_TYPE const char #if (OPENSSL_VERSION_NUMBER < 0x00907000) # define MODSSL_INFO_CB_ARG_TYPE SSL* #else # define MODSSL_INFO_CB_ARG_TYPE const SSL* #endif #define MODSSL_CLIENT_CERT_CB_ARG_TYPE X509 #define MODSSL_PCHAR_CAST /** ...shifting sands of openssl... */ #if (OPENSSL_VERSION_NUMBER >= 0x0090707f) # define MODSSL_D2I_SSL_SESSION_CONST const #else # define MODSSL_D2I_SSL_SESSION_CONST #endif #if (OPENSSL_VERSION_NUMBER >= 0x00908000) # define MODSSL_D2I_PrivateKey_CONST const # define MODSSL_D2I_X509_CONST const #else # define MODSSL_D2I_PrivateKey_CONST # define MODSSL_D2I_X509_CONST #endif #if (OPENSSL_VERSION_NUMBER >= 0x00909000) # define MODSSL_SSL_METHOD_CONST const #else # define MODSSL_SSL_METHOD_CONST #endif #define modssl_X509_verify_cert X509_verify_cert typedef int (modssl_read_bio_cb_fn)(char*,int,int,void*); #if (OPENSSL_VERSION_NUMBER < 0x00904000) #define modssl_PEM_read_bio_X509(b, x, cb, arg) PEM_read_bio_X509(b, x, cb) #else #define modssl_PEM_read_bio_X509(b, x, cb, arg) PEM_read_bio_X509(b, x, cb, arg) #endif #define modssl_PEM_X509_INFO_read_bio PEM_X509_INFO_read_bio #define modssl_PEM_read_bio_PrivateKey PEM_read_bio_PrivateKey #define modssl_set_cipher_list SSL_set_cipher_list #define modssl_free OPENSSL_free #define EVP_PKEY_reference_inc(pkey) \ CRYPTO_add(&((pkey)->references), +1, CRYPTO_LOCK_X509_PKEY) #define X509_reference_inc(cert) \ CRYPTO_add(&((cert)->references), +1, CRYPTO_LOCK_X509) #define HAVE_SSL_RAND_EGD /* since 9.5.1 */ #define HAVE_SSL_X509V3_EXT_d2i #ifndef PEM_F_DEF_CALLBACK #ifdef PEM_F_PEM_DEF_CALLBACK /** In OpenSSL 0.9.8 PEM_F_DEF_CALLBACK was renamed */ #define PEM_F_DEF_CALLBACK PEM_F_PEM_DEF_CALLBACK #endif #endif #elif defined(HAVE_SSLC) #include <bio.h> #include <ssl.h> #include <err.h> #include <x509.h> #include <pem.h> #include <evp.h> #include <objects.h> #include <sslc.h> /** sslc does not support this function, OpenSSL has since 9.5.1 */ #define RAND_status() 1 /** sslc names this function a bit differently */ #define CRYPTO_num_locks() CRYPTO_get_num_locks() #ifndef STACK_OF #define STACK_OF(type) STACK #endif #define MODSSL_BIO_CB_ARG_TYPE char #define MODSSL_CRYPTO_CB_ARG_TYPE char #define MODSSL_INFO_CB_ARG_TYPE SSL* #define MODSSL_CLIENT_CERT_CB_ARG_TYPE void #define MODSSL_PCHAR_CAST (char *) #define MODSSL_D2I_SSL_SESSION_CONST #define MODSSL_D2I_PrivateKey_CONST #define MODSSL_D2I_X509_CONST typedef int (modssl_read_bio_cb_fn)(char*,int,int); #define modssl_X509_verify_cert(c) X509_verify_cert(c, NULL) #define modssl_PEM_read_bio_X509(b, x, cb, arg) \ PEM_read_bio_X509(b, x, cb) #define modssl_PEM_X509_INFO_read_bio(b, x, cb, arg)\ PEM_X509_INFO_read_bio(b, x, cb) #define modssl_PEM_read_bio_PrivateKey(b, k, cb, arg) \ PEM_read_bio_PrivateKey(b, k, cb) #ifndef HAVE_SSL_SET_STATE #define SSL_set_state(ssl, state) /** XXX: should throw an error */ #endif #define modssl_set_cipher_list(ssl, l) \ SSL_set_cipher_list(ssl, (char *)l) #define modssl_free free #ifndef PEM_F_DEF_CALLBACK #define PEM_F_DEF_CALLBACK PEM_F_DEF_CB #endif #if SSLC_VERSION_NUMBER < 0x2000 #define X509_STORE_CTX_set_depth(st, d) #define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) #define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) #define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) #define X509_REVOKED_get_serialNumber(xs) (xs->serialNumber) #define modssl_set_verify(ssl, verify, cb) \ SSL_set_verify(ssl, verify) #else /** SSLC_VERSION_NUMBER >= 0x2000 */ #define CRYPTO_malloc_init R_malloc_init #define EVP_cleanup() #endif /** SSLC_VERSION_NUMBER >= 0x2000 */ typedef void (*modssl_popfree_fn)(char *data); #define sk_SSL_CIPHER_dup sk_dup #define sk_SSL_CIPHER_find(st, data) sk_find(st, (void *)data) #define sk_SSL_CIPHER_free sk_free #define sk_SSL_CIPHER_num sk_num #define sk_SSL_CIPHER_value (SSL_CIPHER *)sk_value #define sk_X509_num sk_num #define sk_X509_push sk_push #define sk_X509_pop_free(st, free) sk_pop_free((STACK*)(st), (modssl_popfree_fn)(free)) #define sk_X509_value (X509 *)sk_value #define sk_X509_INFO_free sk_free #define sk_X509_INFO_pop_free(st, free) sk_pop_free((STACK*)(st), (modssl_popfree_fn)(free)) #define sk_X509_INFO_num sk_num #define sk_X509_INFO_new_null sk_new_null #define sk_X509_INFO_value (X509_INFO *)sk_value #define sk_X509_NAME_find(st, data) sk_find(st, (void *)data) #define sk_X509_NAME_free sk_free #define sk_X509_NAME_new sk_new #define sk_X509_NAME_num sk_num #define sk_X509_NAME_push(st, data) sk_push(st, (void *)data) #define sk_X509_NAME_value (X509_NAME *)sk_value #define sk_X509_NAME_ENTRY_num sk_num #define sk_X509_NAME_ENTRY_value (X509_NAME_ENTRY *)sk_value #define sk_X509_NAME_set_cmp_func sk_set_cmp_func #define sk_X509_REVOKED_num sk_num #define sk_X509_REVOKED_value (X509_REVOKED *)sk_value #else /** ! HAVE_OPENSSL && ! HAVE_SSLC */ #error "Unrecognized SSL Toolkit!" #endif /* ! HAVE_OPENSSL && ! HAVE_SSLC */ #ifndef modssl_set_verify #define modssl_set_verify(ssl, verify, cb) \ SSL_set_verify(ssl, verify, cb) #endif #ifndef SSL_SESS_CACHE_NO_INTERNAL #define SSL_SESS_CACHE_NO_INTERNAL SSL_SESS_CACHE_NO_INTERNAL_LOOKUP #endif #endif /* SSL_TOOLKIT_COMPAT_H */ /** @} */
.htaccess Tutorial
Find information you are looking for on the AskApache Home Page.