| 1 | #ifndef HEADER_CURL_SSLUSE_H
|
|---|
| 2 | #define HEADER_CURL_SSLUSE_H
|
|---|
| 3 | /***************************************************************************
|
|---|
| 4 | * _ _ ____ _
|
|---|
| 5 | * Project ___| | | | _ \| |
|
|---|
| 6 | * / __| | | | |_) | |
|
|---|
| 7 | * | (__| |_| | _ <| |___
|
|---|
| 8 | * \___|\___/|_| \_\_____|
|
|---|
| 9 | *
|
|---|
| 10 | * Copyright (C) Daniel Stenberg, <[email protected]>, et al.
|
|---|
| 11 | *
|
|---|
| 12 | * This software is licensed as described in the file COPYING, which
|
|---|
| 13 | * you should have received as part of this distribution. The terms
|
|---|
| 14 | * are also available at https://curl.se/docs/copyright.html.
|
|---|
| 15 | *
|
|---|
| 16 | * You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|---|
| 17 | * copies of the Software, and permit persons to whom the Software is
|
|---|
| 18 | * furnished to do so, under the terms of the COPYING file.
|
|---|
| 19 | *
|
|---|
| 20 | * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|---|
| 21 | * KIND, either express or implied.
|
|---|
| 22 | *
|
|---|
| 23 | * SPDX-License-Identifier: curl
|
|---|
| 24 | *
|
|---|
| 25 | ***************************************************************************/
|
|---|
| 26 |
|
|---|
| 27 | #include "curl_setup.h"
|
|---|
| 28 |
|
|---|
| 29 | #ifdef USE_OPENSSL
|
|---|
| 30 | /*
|
|---|
| 31 | * This header should only be needed to get included by vtls.c, openssl.c
|
|---|
| 32 | * and ngtcp2.c
|
|---|
| 33 | */
|
|---|
| 34 | #include <openssl/ossl_typ.h>
|
|---|
| 35 | #include <openssl/ssl.h>
|
|---|
| 36 |
|
|---|
| 37 | #include "urldata.h"
|
|---|
| 38 |
|
|---|
| 39 | #if (OPENSSL_VERSION_NUMBER < 0x30000000L)
|
|---|
| 40 | #define SSL_get1_peer_certificate SSL_get_peer_certificate
|
|---|
| 41 | #endif
|
|---|
| 42 |
|
|---|
| 43 | CURLcode Curl_ossl_verifyhost(struct Curl_easy *data, struct connectdata *conn,
|
|---|
| 44 | struct ssl_peer *peer, X509 *server_cert);
|
|---|
| 45 | extern const struct Curl_ssl Curl_ssl_openssl;
|
|---|
| 46 |
|
|---|
| 47 | CURLcode Curl_ossl_set_client_cert(struct Curl_easy *data,
|
|---|
| 48 | SSL_CTX *ctx, char *cert_file,
|
|---|
| 49 | const struct curl_blob *cert_blob,
|
|---|
| 50 | const char *cert_type, char *key_file,
|
|---|
| 51 | const struct curl_blob *key_blob,
|
|---|
| 52 | const char *key_type, char *key_passwd);
|
|---|
| 53 |
|
|---|
| 54 | CURLcode Curl_ossl_certchain(struct Curl_easy *data, SSL *ssl);
|
|---|
| 55 |
|
|---|
| 56 | /**
|
|---|
| 57 | * Setup the OpenSSL X509_STORE in `ssl_ctx` for the cfilter `cf` and
|
|---|
| 58 | * easy handle `data`. Will allow reuse of a shared cache if suitable
|
|---|
| 59 | * and configured.
|
|---|
| 60 | */
|
|---|
| 61 | CURLcode Curl_ssl_setup_x509_store(struct Curl_cfilter *cf,
|
|---|
| 62 | struct Curl_easy *data,
|
|---|
| 63 | SSL_CTX *ssl_ctx);
|
|---|
| 64 |
|
|---|
| 65 | CURLcode Curl_ossl_ctx_configure(struct Curl_cfilter *cf,
|
|---|
| 66 | struct Curl_easy *data,
|
|---|
| 67 | SSL_CTX *ssl_ctx);
|
|---|
| 68 |
|
|---|
| 69 | #endif /* USE_OPENSSL */
|
|---|
| 70 | #endif /* HEADER_CURL_SSLUSE_H */
|
|---|
