2 C K _ S S L . H -- OpenSSL Interface Header for C-Kermit
4 Copyright (C) 1985, 2005,
5 Trustees of Columbia University in the City of New York.
6 All rights reserved. See the C-Kermit COPYING.TXT file or the
7 copyright text in the ckcmai.c module for disclaimer and permissions.
9 Author: Jeffrey E Altman (jaltman@secure-endpoints.com)
10 Secure Endpoints Inc., New York City
18 #ifdef COMMENT /* Not for C-Kermit 7.1 */
35 #include <openssl/comp.h>
37 /* We place the following to avoid loading openssl/mdc2.h since it
38 * relies on the OpenSSL des.h. Since we do not need the MDC2
39 * definitions there is no reason to have it included by openssl/evp.h
41 #define OPENSSL_NO_MDC2
44 #endif /* OPENSSL_100 */
47 #endif /* OPENSSL_098 */
49 #include <openssl/des.h>
51 #include <openssl/ssl.h>
52 #include <openssl/x509v3.h>
53 #include <openssl/rand.h>
54 #include <openssl/x509_vfy.h>
55 #include <openssl/err.h>
56 #include <openssl/pem.h>
57 #include <openssl/bn.h>
58 #include <openssl/blowfish.h>
59 #include <openssl/dh.h>
60 #include <openssl/rc4.h>
61 #include <openssl/cast.h>
62 #include <openssl/dsa.h>
63 #include <openssl/rsa.h>
64 #include <openssl/md5.h>
65 #include <openssl/sha.h>
66 #include <openssl/evp.h>
67 #include <openssl/hmac.h>
69 #include <openssl/kssl.h>
74 extern SSL_CTX *ssl_ctx;
75 extern int ssl_debug_flag;
76 extern int ssl_only_flag;
77 extern int ssl_active_flag;
78 extern int ssl_verify_flag;
79 extern int ssl_verbose_flag;
80 extern int ssl_certsok_flag;
81 extern int ssl_dummy_flag;
82 extern int ssl_verify_depth;
84 extern char *ssl_rsa_cert_file;
85 extern char *ssl_rsa_cert_chain_file;
86 extern char *ssl_rsa_key_file;
87 extern char *ssl_dsa_cert_file;
88 extern char *ssl_dsa_cert_chain_file;
89 extern char *ssl_dh_key_file;
90 extern char *ssl_cipher_list;
91 extern char *ssl_crl_file;
92 extern char *ssl_crl_dir;
93 extern char *ssl_verify_file;
94 extern char *ssl_verify_dir;
95 extern char *ssl_dh_param_file;
96 extern char *ssl_rnd_file;
98 extern SSL_CTX *tls_ctx;
100 extern int tls_only_flag;
101 extern int tls_active_flag;
102 extern int x509_cert_valid;
103 extern X509_STORE *crl_store;
105 extern int ssl_raw_flag;
106 extern int tls_raw_flag;
109 extern SSL_CTX *tls_http_ctx;
110 extern SSL *tls_http_con;
111 extern int tls_http_active_flag;
114 extern int ssl_initialized;
116 _PROTOTYP(VOID ssl_once_init,(void));
117 _PROTOTYP(int ssl_tn_init,(int));
118 _PROTOTYP(int ssl_http_init,(char *));
119 _PROTOTYP(int ck_ssl_http_client,(int,char *));
120 _PROTOTYP(int ssl_display_connect_details,(SSL *,int,int));
121 _PROTOTYP(int ssl_server_verify_callback,(int, X509_STORE_CTX *));
122 _PROTOTYP(int ssl_client_verify_callback,(int, X509_STORE_CTX *));
123 _PROTOTYP(int ssl_reply,(int, unsigned char *, int));
124 _PROTOTYP(int ssl_is,(unsigned char *, int));
125 _PROTOTYP(int ck_ssl_incoming,(int));
126 _PROTOTYP(int ck_ssl_outgoing,(int));
127 _PROTOTYP(int tls_is_user_valid,(SSL *, const char *));
128 _PROTOTYP(char * ssl_get_dnsName,(SSL *));
129 _PROTOTYP(char * ssl_get_commonName,(SSL *));
130 _PROTOTYP(char * ssl_get_issuer_name,(SSL *));
131 _PROTOTYP(char * ssl_get_subject_name,(SSL *));
132 _PROTOTYP(int ssl_get_client_finished,(char *, int));
133 _PROTOTYP(int ssl_get_server_finished,(char *, int));
134 _PROTOTYP(int ssl_passwd_callback,(char *, int, int, VOID *));
135 _PROTOTYP(VOID ssl_client_info_callback,(const SSL *,int, int));
136 _PROTOTYP(int ssl_anonymous_cipher,(SSL * ssl));
137 _PROTOTYP(int tls_load_certs,(SSL_CTX * ctx, SSL * con, int server));
138 _PROTOTYP(int ssl_verify_crl,(int, X509_STORE_CTX *));
139 _PROTOTYP(int tls_is_krb5,(int));
140 _PROTOTYP(int X509_userok,(X509 *,const char *));
141 _PROTOTYP(int ck_X509_save_cert_to_user_store,(X509 *));
143 _PROTOTYP(int ssl_check_server_name,(SSL * ssl, char * hostname));
153 #define SSL_ERR_BFSZ 4096
156 #define DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:+KRB5:+ADH:+EXP"
158 #define DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:+ADH:+EXP"
159 #endif /* SSL_KRB5 */