File: ssl.h

package info (click to toggle)
prayer 1.3.5-dfsg1-8
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 6,596 kB
  • sloc: ansic: 43,163; makefile: 817; sh: 445; perl: 166
file content (65 lines) | stat: -rw-r--r-- 2,300 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
/* $Cambridge: hermes/src/prayer/lib/ssl.h,v 1.4 2012/06/30 14:30:08 dpc22 Exp $ */
/************************************************
 *    Prayer - a Webmail Interface              *
 ************************************************/

/* Copyright (c) University of Cambridge 2000 - 2008 */
/* See the file NOTICE for conditions of use and distribution. */

/* Error codes that we wont to export to clients */
#define SSL_PRAYER_RETRY (-2)
#define SSL_PRAYER_ERROR (-1)

/* RSA key length */
#define SSL_RSA_KEYLENGTH   (1024)

/* Default Cipher list */
#define SSLCIPHERLIST_DEFAULT \
    "ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!EXP"

/* Subset of struct config which is relevant to SSL */

struct ssl_config {
    char *ssl_cipher_list;       /* List of ciphers */
    BOOL  ssl_server_preference; /* Server selects preferred cipher */
    char *ssl_session_dir;      /* SSL session directory */
    char *ssl_cert_file;        /* SSL Certificate file              */
    char *ssl_privatekey_file;  /* SSL Privatekey file               */
    char *ssl_dh_file;          /* SSL DH file                       */
    unsigned long ssl_session_timeout;  /* Timeout for SSL sessions          */
    unsigned long ssl_rsakey_lifespan;  /* Master server regenerates RSA key */
    unsigned long ssl_rsakey_freshen;   /* Keys last this long after 1st use */
    unsigned long ssl_default_port;     /* Default HTTPS port, if any        */
    char *egd_socket;           /* Path for EGD socket               */
    BOOL log_debug;             /* T => Enable debug logging    */
};

/* Prototypes for ssl.c */

BOOL ssl_is_available();

void ssl_check_rsakey(struct ssl_config *ssl_config);

void ssl_freshen_rsakey(struct ssl_config *ssl_config);

void ssl_context_init(struct ssl_config *ssl_config);

void ssl_context_free(void);

void ssl_shutdown(void *ssl);

int ssl_get_error(void *ssl, int count);

void ssl_free(void *ssl);

void *ssl_start_server(int fd, unsigned long timeout);

void *ssl_start_client(int fd, unsigned long timeout);

int ssl_read(void *ssl, unsigned char *buffer, unsigned long blocksize);

int ssl_write(void *ssl, unsigned char *buffer, unsigned long bytes);

int ssl_pending(void *ssl);

int ssl_prune_sessions(struct ssl_config *ssl_config);