mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-13 10:37:02 +02:00
Code Issues Projects Releases Wiki Activity
7875d0967f
haproxy/include/proto/ssl_sock.h
Emeric Brun fc0421fde9 MEDIUM: ssl: add support for SNI and wildcard certificates 
A side effect of this change is that the "ssl" keyword on "bind" lines is now
just a boolean and that "crt" is needed to designate certificate files or
directories.

Note that much refcounting was needed to have the free() work correctly due to
the number of cert aliases which can make a context be shared by multiple names.
2012-09-10 09:27:02 +02:00

45 lines
1.5 KiB
C
Raw Blame History

/*
* include/proto/ssl_sock.h
* This file contains definition for ssl stream socket operations
*
* Copyright (C) 2012 EXCELIANCE, Emeric Brun <ebrun@exceliance.fr>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation, version 2.1
* exclusively.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
#ifndef _PROTO_SSL_SOCK_H
#define _PROTO_SSL_SOCK_H
#include <openssl/ssl.h>
#include <types/protocols.h>
#include <types/stream_interface.h>
extern struct data_ops ssl_sock;
int ssl_sock_handshake(struct connection *conn, unsigned int flag);
int ssl_sock_load_cert(char *path, struct ssl_conf *ssl_conf, struct proxy *proxy);
int ssl_sock_prepare_ctx(struct ssl_conf *ssl_conf, SSL_CTX *ctx, struct proxy *proxy);
void ssl_sock_free_certs(struct ssl_conf *ssl_conf);
int ssl_sock_prepare_all_ctx(struct ssl_conf *ssl_conf, struct proxy *px);
void ssl_sock_free_all_ctx(struct ssl_conf *ssl_conf);
#endif /* _PROTO_SSL_SOCK_H */
/*
* Local variables:
* c-indent-level: 8
* c-basic-offset: 8
* End:
*/
Reference in New Issue View Git Blame Copy Permalink