mirror of
https://github.com/matrix-construct/construct
synced 2024-09-27 11:18:51 +02:00
ircd::openssl: Include TLS1 header; start an SNI suite; minor reorg.
This commit is contained in:
parent
d8ee9e9a10
commit
71560eafd1
3 changed files with 19 additions and 2 deletions
|
@ -976,6 +976,7 @@ RB_CHK_SYSHEADER(openssl/x509.h, [OPENSSL_X509_H])
|
||||||
RB_CHK_SYSHEADER(openssl/evp.h, [OPENSSL_EVP_H])
|
RB_CHK_SYSHEADER(openssl/evp.h, [OPENSSL_EVP_H])
|
||||||
RB_CHK_SYSHEADER(openssl/ripemd.h, [OPENSSL_RIPEMD_H])
|
RB_CHK_SYSHEADER(openssl/ripemd.h, [OPENSSL_RIPEMD_H])
|
||||||
RB_CHK_SYSHEADER(openssl/dh.h, [OPENSSL_DH_H])
|
RB_CHK_SYSHEADER(openssl/dh.h, [OPENSSL_DH_H])
|
||||||
|
RB_CHK_SYSHEADER(openssl/tls1.h, [OPENSSL_TLS1_H])
|
||||||
AC_CHECK_LIB(ssl, SSL_version,
|
AC_CHECK_LIB(ssl, SSL_version,
|
||||||
[
|
[
|
||||||
have_ssl="yes"
|
have_ssl="yes"
|
||||||
|
|
|
@ -123,9 +123,10 @@ namespace ircd::openssl
|
||||||
const X509 ¤t_cert(const X509_STORE_CTX &);
|
const X509 ¤t_cert(const X509_STORE_CTX &);
|
||||||
X509 ¤t_cert(X509_STORE_CTX &);
|
X509 ¤t_cert(X509_STORE_CTX &);
|
||||||
|
|
||||||
// SSL suite
|
// Cipher suite
|
||||||
string_view name(const SSL_CIPHER &);
|
string_view name(const SSL_CIPHER &);
|
||||||
const SSL_CIPHER *current_cipher(const SSL &);
|
const SSL_CIPHER *current_cipher(const SSL &);
|
||||||
|
|
||||||
string_view shared_ciphers(const mutable_buffer &buf, const SSL &);
|
string_view shared_ciphers(const mutable_buffer &buf, const SSL &);
|
||||||
string_view cipher_list(const SSL &, const int &priority);
|
string_view cipher_list(const SSL &, const int &priority);
|
||||||
std::string cipher_list(const SSL_CTX &, const int &priority = 0);
|
std::string cipher_list(const SSL_CTX &, const int &priority = 0);
|
||||||
|
@ -136,6 +137,9 @@ namespace ircd::openssl
|
||||||
void set_tmp_ecdh(SSL_CTX &, EC_KEY &);
|
void set_tmp_ecdh(SSL_CTX &, EC_KEY &);
|
||||||
void set_curves(SSL_CTX &, std::string list);
|
void set_curves(SSL_CTX &, std::string list);
|
||||||
void set_curves(SSL &, std::string list);
|
void set_curves(SSL &, std::string list);
|
||||||
|
|
||||||
|
// SNI suite
|
||||||
|
string_view server_name(const SSL &); // provided by client
|
||||||
}
|
}
|
||||||
|
|
||||||
/// OpenSSL BIO convenience utils and wraps; also secure file IO closures
|
/// OpenSSL BIO convenience utils and wraps; also secure file IO closures
|
||||||
|
|
|
@ -19,6 +19,7 @@
|
||||||
#include <RB_INC_OPENSSL_EVP_H
|
#include <RB_INC_OPENSSL_EVP_H
|
||||||
#include <RB_INC_OPENSSL_RIPEMD_H
|
#include <RB_INC_OPENSSL_RIPEMD_H
|
||||||
#include <RB_INC_OPENSSL_DH_H
|
#include <RB_INC_OPENSSL_DH_H
|
||||||
|
#include <RB_INC_OPENSSL_TLS1_H
|
||||||
|
|
||||||
#if defined(LIBRESSL_VERSION_NUMBER)
|
#if defined(LIBRESSL_VERSION_NUMBER)
|
||||||
static time_t ASN1_TIME_seconds(const ASN1_TIME *);
|
static time_t ASN1_TIME_seconds(const ASN1_TIME *);
|
||||||
|
@ -48,7 +49,18 @@ namespace ircd::openssl
|
||||||
//
|
//
|
||||||
|
|
||||||
//
|
//
|
||||||
// SSL
|
// SNI
|
||||||
|
//
|
||||||
|
|
||||||
|
ircd::string_view
|
||||||
|
ircd::openssl::server_name(const SSL &ssl)
|
||||||
|
{
|
||||||
|
const int type(::SSL_get_servername_type(&ssl));
|
||||||
|
return ::SSL_get_servername(&ssl, type);
|
||||||
|
}
|
||||||
|
|
||||||
|
//
|
||||||
|
// Cipher suite
|
||||||
//
|
//
|
||||||
|
|
||||||
void
|
void
|
||||||
|
|
Loading…
Reference in a new issue