fivedev/harbour-core
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
efde19ca13be8a67cfe0d641205b95321fa3fdfd
harbour-core/contrib/hbssl/sslctx.c
Przemysław Czerpak 81be99f647 2025-03-25 13:54 UTC+0100 Przemyslaw Czerpak (druzus/at/poczta.onet.pl) 
* contrib/hbcurl/core.c
    ! pacified warnings

  * contrib/hbssl/ssl.c
  * contrib/hbssl/sslctx.c
    ! use 64-bit integers in SSL_[CTX]_[s|g]et_options() for OpenSSL >= 3.0
2025-03-25 13:54:05 +01:00

879 lines
25 KiB
C
Raw Blame History

/*
* OpenSSL API (SSL_CTX) - Harbour interface.
*
* Copyright 2009 Viktor Szakats (vszakats.net/harbour)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file LICENSE.txt. If not, write to
* the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
* Boston, MA 02110-1301 USA (or visit https://www.gnu.org/licenses/).
*
* As a special exception, the Harbour Project gives permission for
* additional uses of the text contained in its release of Harbour.
*
* The exception is that, if you link the Harbour libraries with other
* files to produce an executable, this does not by itself cause the
* resulting executable to be covered by the GNU General Public License.
* Your use of that executable is in no way restricted on account of
* linking the Harbour library code into it.
*
* This exception does not however invalidate any other reasons why
* the executable file might be covered by the GNU General Public License.
*
* This exception applies only to the code released by the Harbour
* Project under the name Harbour. If you copy code from other
* Harbour Project or Free Software Foundation releases into a copy of
* Harbour, as the General Public License permits, the exception does
* not apply to the code that you add in this way. To avoid misleading
* anyone as to the status of such modified files, you must delete
* this exception notice from them.
*
* If you write modifications of your own for Harbour, it is your choice
* whether to permit this exception to apply to your modifications.
* If you do not wish that, delete this exception notice.
*
*/
/* This must come before #include "hbssl.h".
OpenSSL 1.1.x and upper don't require Windows headers anymore,
but if #included, it still must come before its own headers.
The Harbour wrapper code doesn't need the Windows headers, so
they will be dropped once 1.0.2 is EOLed in 2019-12-31. */
#include "hbdefs.h"
#if defined( HB_OS_WIN )
#include <windows.h>
#include <wincrypt.h>
#endif
#include "hbssl.h"
#include "hbapiitm.h"
#include <openssl/rsa.h>
static HB_GARBAGE_FUNC( SSL_CTX_release )
{
void ** ph = ( void ** ) Cargo;
/* Check if pointer is not NULL to avoid multiple freeing */
if( ph && *ph )
{
/* Destroy the object */
SSL_CTX_free( ( SSL_CTX * ) *ph );
/* set pointer to NULL just in case */
*ph = NULL;
}
}
static const HB_GC_FUNCS s_gcSSL_CTX_funcs =
{
SSL_CTX_release,
hb_gcDummyMark
};
HB_BOOL hb_SSL_CTX_is( int iParam )
{
return hb_parptrGC( &s_gcSSL_CTX_funcs, iParam ) != NULL;
}
SSL_CTX * hb_SSL_CTX_par( int iParam )
{
void ** ph = ( void ** ) hb_parptrGC( &s_gcSSL_CTX_funcs, iParam );
return ph ? ( SSL_CTX * ) *ph : NULL;
}
SSL_CTX * hb_SSL_CTX_itemGet( PHB_ITEM pItem )
{
void ** ph = ( void ** ) hb_itemGetPtrGC( pItem, &s_gcSSL_CTX_funcs );
return ph ? ( SSL_CTX * ) *ph : NULL;
}
const SSL_METHOD * hb_ssl_method_id_to_ptr( int n )
{
const SSL_METHOD * p;
switch( n )
{
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
case HB_SSL_CTX_NEW_METHOD_TLS: p = TLS_method(); break;
case HB_SSL_CTX_NEW_METHOD_TLS_SERVER: p = TLS_server_method(); break;
case HB_SSL_CTX_NEW_METHOD_TLS_CLIENT: p = TLS_client_method(); break;
#else
case HB_SSL_CTX_NEW_METHOD_SSLV23: p = SSLv23_method(); break;
case HB_SSL_CTX_NEW_METHOD_SSLV23_SERVER: p = SSLv23_server_method(); break;
case HB_SSL_CTX_NEW_METHOD_SSLV23_CLIENT: p = SSLv23_client_method(); break;
#if OPENSSL_VERSION_NUMBER < 0x10000000L
case HB_SSL_CTX_NEW_METHOD_SSLV2: p = SSLv2_method(); break;
case HB_SSL_CTX_NEW_METHOD_SSLV2_SERVER: p = SSLv2_server_method(); break;
case HB_SSL_CTX_NEW_METHOD_SSLV2_CLIENT: p = SSLv2_client_method(); break;
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
case HB_SSL_CTX_NEW_METHOD_SSLV3: p = SSLv3_method(); break;
case HB_SSL_CTX_NEW_METHOD_SSLV3_SERVER: p = SSLv3_server_method(); break;
case HB_SSL_CTX_NEW_METHOD_SSLV3_CLIENT: p = SSLv3_client_method(); break;
#endif
#ifndef OPENSSL_NO_TLS1_METHOD
case HB_SSL_CTX_NEW_METHOD_TLSV1: p = TLSv1_method(); break;
case HB_SSL_CTX_NEW_METHOD_TLSV1_SERVER: p = TLSv1_server_method(); break;
case HB_SSL_CTX_NEW_METHOD_TLSV1_CLIENT: p = TLSv1_client_method(); break;
#endif
#endif
default: p = SSLv23_method();
}
return p;
}
HB_FUNC( SSL_CTX_NEW )
{
void ** ph = ( void ** ) hb_gcAllocate( sizeof( SSL_CTX * ), &s_gcSSL_CTX_funcs );
#if OPENSSL_VERSION_NUMBER < 0x10000000L
SSL_CTX * ctx = SSL_CTX_new( ( SSL_METHOD * ) hb_ssl_method_id_to_ptr( hb_parnidef( 1, HB_SSL_CTX_NEW_METHOD_DEFAULT ) ) );
#else
SSL_CTX * ctx = SSL_CTX_new( hb_ssl_method_id_to_ptr( hb_parnidef( 1, HB_SSL_CTX_NEW_METHOD_DEFAULT ) ) );
#endif
*ph = ( void * ) ctx;
hb_retptrGC( ph );
}
HB_FUNC( SSL_CTX_SET_SSL_VERSION )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
#if OPENSSL_VERSION_NUMBER < 0x10000000L
hb_retni( SSL_CTX_set_ssl_version( ctx, ( SSL_METHOD * ) hb_ssl_method_id_to_ptr( hb_parni( 2 ) ) ) );
#else
hb_retni( SSL_CTX_set_ssl_version( ctx, hb_ssl_method_id_to_ptr( hb_parni( 2 ) ) ) );
#endif
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_GET_TIMEOUT )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retnl( SSL_CTX_get_timeout( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SET_TIMEOUT )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
SSL_CTX_set_timeout( ctx, hb_parnl( 2 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SET_CIPHER_LIST )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx && hb_parclen( 2 ) <= 255 )
SSL_CTX_set_cipher_list( ctx, hb_parcx( 2 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_ADD_SESSION )
{
if( hb_SSL_CTX_is( 1 ) && hb_SSL_SESSION_is( 2 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
SSL_SESSION * session = hb_SSL_SESSION_par( 2 );
if( ctx && session )
hb_retni( SSL_CTX_add_session( ctx, session ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_REMOVE_SESSION )
{
if( hb_SSL_CTX_is( 1 ) && hb_SSL_SESSION_is( 2 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
SSL_SESSION * session = hb_SSL_SESSION_par( 2 );
if( ctx && session )
hb_retni( SSL_CTX_remove_session( ctx, session ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_FLUSH_SESSIONS )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
SSL_CTX_flush_sessions( ctx, hb_parnl( 2 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_GET_SESSION_CACHE_MODE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_get_session_cache_mode( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SET_SESSION_CACHE_MODE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
SSL_CTX_set_session_cache_mode( ctx, hb_parni( 2 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_CHECK_PRIVATE_KEY )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_check_private_key( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_GET_QUIET_SHUTDOWN )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_get_quiet_shutdown( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_GET_VERIFY_MODE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_get_verify_mode( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_ACCEPT )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_accept( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_ACCEPT_GOOD )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_accept_good( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_ACCEPT_RENEGOTIATE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_accept_renegotiate( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_CACHE_FULL )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_cache_full( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_CB_HITS )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_cb_hits( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_CONNECT )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_connect( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_CONNECT_GOOD )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_connect_good( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_CONNECT_RENEGOTIATE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_connect_renegotiate( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_GET_CACHE_SIZE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_get_cache_size( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_HITS )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_hits( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_MISSES )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_misses( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_NUMBER )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_number( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_TIMEOUTS )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_sess_timeouts( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_NEED_TMP_RSA )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retnl( SSL_CTX_need_tmp_RSA( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SESS_SET_CACHE_SIZE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
SSL_CTX_sess_set_cache_size( ctx, hb_parni( 2 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SET_DEFAULT_READ_AHEAD )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
SSL_CTX_set_default_read_ahead( ctx, hb_parni( 2 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_GET_OPTIONS )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retnint( SSL_CTX_get_options( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SET_OPTIONS )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
SSL_CTX_set_options( ctx, ( uint64_t ) hb_parnint( 2 ) );
#else
SSL_CTX_set_options( ctx, ( unsigned long ) hb_parnl( 2 ) );
#endif
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SET_QUIET_SHUTDOWN )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
SSL_CTX_set_quiet_shutdown( ctx, hb_parni( 2 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_SET_MODE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
SSL_CTX_set_mode( ctx, hb_parnl( 2 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_GET_MODE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_parnl( SSL_CTX_get_mode( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_USE_CERTIFICATE )
{
if( hb_SSL_CTX_is( 1 ) && hb_X509_is( 2 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
X509 * x509 = hb_X509_par( 2 );
if( ctx && x509 )
hb_retni( SSL_CTX_use_certificate( ctx, x509 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_ADD_CLIENT_CA )
{
if( hb_SSL_CTX_is( 1 ) && hb_X509_is( 2 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
X509 * x509 = hb_X509_par( 2 );
if( ctx && x509 )
hb_retni( SSL_CTX_add_client_CA( ctx, x509 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_GET_CLIENT_CA_LIST )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
{
#if OPENSSL_VERSION_NUMBER < 0x10000000L || OPENSSL_VERSION_NUMBER >= 0x1000000FL /* NOTE: Compilation error when tried with 1.0.0beta5 */
STACK_OF( X509_NAME ) * stack = SSL_CTX_get_client_CA_list( ctx );
int len = sk_X509_NAME_num( stack );
if( len > 0 )
{
PHB_ITEM pArray = hb_itemArrayNew( sk_X509_NAME_num( stack ) );
int tmp;
for( tmp = 0; tmp < len; tmp++ )
hb_arraySetPtr( pArray, tmp + 1, sk_X509_NAME_value( stack, tmp ) );
hb_itemReturnRelease( pArray );
}
else
#endif
hb_reta( 0 );
}
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_ADD_EXTRA_CHAIN_CERT )
{
if( hb_SSL_CTX_is( 1 ) && hb_X509_is( 2 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
X509 * x509 = hb_X509_par( 2 );
if( ctx && x509 )
hb_retnl( SSL_CTX_add_extra_chain_cert( ctx, x509 ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_USE_CERTIFICATE_FILE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_use_certificate_file( ctx, hb_parc( 2 ), hb_parni( 3 ) ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_USE_CERTIFICATE_CHAIN_FILE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_use_certificate_chain_file( ctx, hb_parc( 2 ) ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_USE_PRIVATEKEY_FILE )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_use_PrivateKey_file( ctx, hb_parc( 2 ), hb_parni( 3 ) ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_USE_RSAPRIVATEKEY )
{
#ifndef OPENSSL_NO_RSA
if( hb_SSL_CTX_is( 1 ) && hb_RSA_is( 2 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
RSA * rsa = hb_RSA_par( 2 );
if( ctx && rsa )
hb_retni( SSL_CTX_use_RSAPrivateKey( ctx, rsa ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#else
hb_errRT_BASE( EG_NOFUNC, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#endif
}
HB_FUNC( SSL_CTX_USE_RSAPRIVATEKEY_FILE )
{
#ifndef OPENSSL_NO_RSA
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_use_RSAPrivateKey_file( ctx, hb_parc( 2 ), hb_parni( 3 ) ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#else
hb_errRT_BASE( EG_NOFUNC, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#endif
}
HB_FUNC( SSL_CTX_USE_RSAPRIVATEKEY_ASN1 )
{
#ifndef OPENSSL_NO_RSA
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_use_RSAPrivateKey_ASN1( ctx, ( HB_SSL_CONST unsigned char * ) hb_parc( 2 ), ( int ) hb_parclen( 2 ) ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#else
hb_errRT_BASE( EG_NOFUNC, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#endif
}
HB_FUNC( SSL_CTX_USE_PRIVATEKEY_ASN1 )
{
if( hb_SSL_CTX_is( 2 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 2 );
if( ctx )
hb_retni( SSL_CTX_use_PrivateKey_ASN1( hb_parni( 1 ), ctx, ( HB_SSL_CONST unsigned char * ) hb_parc( 3 ), ( int ) hb_parclen( 3 ) ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_USE_CERTIFICATE_ASN1 )
{
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_use_certificate_ASN1( ctx, ( int ) hb_parclen( 2 ), ( HB_SSL_CONST unsigned char * ) hb_parc( 2 ) ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_USE_PRIVATEKEY )
{
if( hb_SSL_CTX_is( 1 ) && hb_EVP_PKEY_is( 2 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
/* QUESTION: It's unclear whether we should pass a copy here,
and who should free such passed EV_PKEY object.
[vszakats] */
hb_retni( SSL_CTX_use_PrivateKey( ctx, hb_EVP_PKEY_par( 2 ) ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
}
HB_FUNC( SSL_CTX_LOAD_VERIFY_LOCATIONS )
{
#ifndef OPENSSL_NO_STDIO
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_load_verify_locations( ctx, hb_parc( 2 ) /* CAfile */, hb_parc( 3 ) /* CApath */ ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#else
hb_errRT_BASE( EG_NOFUNC, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#endif
}
HB_FUNC( SSL_CTX_SET_DEFAULT_VERIFY_PATHS )
{
#ifndef OPENSSL_NO_STDIO
if( hb_SSL_CTX_is( 1 ) )
{
SSL_CTX * ctx = hb_SSL_CTX_par( 1 );
if( ctx )
hb_retni( SSL_CTX_set_default_verify_paths( ctx ) );
}
else
hb_errRT_BASE( EG_ARG, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#else
hb_errRT_BASE( EG_NOFUNC, 2010, NULL, HB_ERR_FUNCNAME, HB_ERR_ARGS_BASEPARAMS );
#endif
}
#if 0
#define sk_X509_NAME_new_null() SKM_sk_new_null( X509_NAME )
#define sk_X509_NAME_push( st, val ) SKM_sk_push( X509_NAME, ( st ), ( val ) )
#define sk_X509_NAME_free( st ) SKM_sk_free( X509_NAME, ( st ) )
X509_STORE * SSL_CTX_get_cert_store( const SSL_CTX * );
void SSL_CTX_set_cert_store( SSL_CTX *, X509_STORE * );
void SSL_CTX_set_cert_store( SSL_CTX * ctx, X509_STORE * cs );
long SSL_CTX_ctrl( SSL_CTX * ctx, int cmd, long larg, char * parg );
void SSL_CTX_set_app_data( SSL_CTX * ctx, void * arg );
int SSL_CTX_set_ex_data( SSL_CTX * s, int idx, char * arg );
char * SSL_CTX_get_app_data( ctx );
char * SSL_CTX_get_ex_data( ctx, int );
int( *SSL_CTX_get_client_cert_cb( SSL_CTX * ctx ) )( SSL * ssl, X509 * *x509, EVP_PKEY * *pkey );
int SSL_CTX_get_ex_new_index( long argl, char * argp, int ( *new_func ); ( void ), int ( * dup_func )( void ), void ( * free_func )( void ) )
void( *SSL_CTX_get_info_callback( SSL_CTX * ctx ) )( SSL * ssl, int cb, int ret );
int( *SSL_CTX_get_verify_callback( const SSL_CTX * ctx ) )( int ok, X509_STORE_CTX * ctx );
SSL_SESSION *( *SSL_CTX_sess_get_get_cb( SSL_CTX * ctx ) )( SSL * ssl, unsigned char * data, int len, int * copy );
int ( *SSL_CTX_sess_get_new_cb( SSL_CTX * ctx )( SSL * ssl, SSL_SESSION * sess );
void ( *SSL_CTX_sess_get_remove_cb( SSL_CTX * ctx )( SSL_CTX * ctx, SSL_SESSION * sess );
void SSL_CTX_sess_set_get_cb( SSL_CTX * ctx, SSL_SESSION * ( *cb )( SSL * ssl, unsigned char * data, int len, int * copy ) );
void SSL_CTX_sess_set_new_cb( SSL_CTX * ctx, int ( * cb )( SSL * ssl, SSL_SESSION * sess ) );
void SSL_CTX_sess_set_remove_cb( SSL_CTX * ctx, void ( * cb )( SSL_CTX * ctx, SSL_SESSION * sess ) );
LHASH * SSL_CTX_sessions( SSL_CTX * ctx );
void SSL_CTX_set_cert_verify_cb( SSL_CTX * ctx, int ( * cb )(), char * arg )
void SSL_CTX_set_client_CA_list( SSL_CTX * ctx, STACK * list );
void SSL_CTX_set_client_cert_cb( SSL_CTX * ctx, int ( * cb )( SSL * ssl, X509 ** x509, EVP_PKEY ** pkey ) );
void SSL_CTX_set_default_passwd_cb( SSL_CTX * ctx, int ( *cb ); ( void ) )
void SSL_CTX_set_info_callback( SSL_CTX * ctx, void ( * cb )( SSL * ssl, int cb, int ret ) );
void SSL_CTX_set_msg_callback( SSL_CTX * ctx, void ( * cb )( int write_p, int version, int content_type, const void * buf, size_t len, SSL * ssl, void * arg ) );
void SSL_CTX_set_msg_callback_arg( SSL_CTX * ctx, void * arg );
long SSL_CTX_set_tmp_dh( SSL_CTX * ctx, DH * dh );
long SSL_CTX_set_tmp_dh_callback( SSL_CTX * ctx, DH * ( *cb )( void ) );
long SSL_CTX_set_tmp_rsa( SSL_CTX * ctx, RSA * rsa );
/* SSL_CTX_set_tmp_rsa_callback */
long SSL_CTX_set_tmp_rsa_callback( SSL_CTX * ctx, RSA * ( *cb )( SSL * ssl, int export, int keylength ) );
long SSL_set_tmp_rsa_callback( SSL * ssl, RSA * ( *cb )( SSL * ssl, int export, int keylength ) );
The same as SSL_CTX_set_tmp_rsa_callback, except it operates on an SSL session instead of a context.
void SSL_CTX_set_verify( SSL_CTX * ctx, int mode, int ( *cb ); ( void ) )
void SSL_CTX_set_psk_client_callback( SSL_CTX * ctx, unsigned int ( * callback )( SSL * ssl, const char * hint, char * identity, unsigned int max_identity_len, unsigned char * psk, unsigned int max_psk_len ) );
void SSL_CTX_set_psk_server_callback( SSL_CTX * ctx, unsigned int ( * callback )( SSL * ssl, const char * identity, unsigned char * psk, int max_psk_len ) );
#endif
Reference in New Issue View Git Blame Copy Permalink