diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 12:08:03 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 12:08:18 +0000 |
| commit | 5da14042f70711ea5cf66e034699730335462f66 (patch) | |
| tree | 0f6354ccac934ed87a2d555f45be4c831cf92f4a /libnetdata/socket/security.h | |
| parent | Releasing debian version 1.44.3-2. (diff) | |
| download | netdata-5da14042f70711ea5cf66e034699730335462f66.tar.xz netdata-5da14042f70711ea5cf66e034699730335462f66.zip | |
Merging upstream version 1.45.3+dfsg.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'libnetdata/socket/security.h')
| -rw-r--r-- | libnetdata/socket/security.h | 74 |
1 files changed, 0 insertions, 74 deletions
diff --git a/libnetdata/socket/security.h b/libnetdata/socket/security.h deleted file mode 100644 index fd17b6f3f..000000000 --- a/libnetdata/socket/security.h +++ /dev/null @@ -1,74 +0,0 @@ -#ifndef NETDATA_SECURITY_H -# define NETDATA_SECURITY_H - -typedef enum __attribute__((packed)) { - NETDATA_SSL_STATE_NOT_SSL = 1, // This connection is not SSL - NETDATA_SSL_STATE_INIT, // SSL handshake is initialized - NETDATA_SSL_STATE_FAILED, // SSL handshake failed - NETDATA_SSL_STATE_COMPLETE, // SSL handshake successful -} NETDATA_SSL_STATE; - -#define NETDATA_SSL_WEB_SERVER_CTX 0 -#define NETDATA_SSL_STREAMING_SENDER_CTX 1 -#define NETDATA_SSL_EXPORTING_CTX 2 - -# ifdef ENABLE_HTTPS - -#define OPENSSL_VERSION_095 0x00905100L -#define OPENSSL_VERSION_097 0x0907000L -#define OPENSSL_VERSION_110 0x10100000L -#define OPENSSL_VERSION_111 0x10101000L -#define OPENSSL_VERSION_300 0x30000000L - -# include <openssl/ssl.h> -# include <openssl/err.h> -# include <openssl/evp.h> -# include <openssl/pem.h> -# if (SSLEAY_VERSION_NUMBER >= OPENSSL_VERSION_097) && (OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_110) -# include <openssl/conf.h> -# endif - -#if OPENSSL_VERSION_NUMBER >= OPENSSL_VERSION_300 -#include <openssl/core_names.h> -#include <openssl/decoder.h> -#endif - -typedef struct netdata_ssl { - SSL *conn; // SSL connection - NETDATA_SSL_STATE state; // The state for SSL connection - unsigned long ssl_errno; // The SSL errno of the last SSL call -} NETDATA_SSL; - -#define NETDATA_SSL_UNSET_CONNECTION (NETDATA_SSL){ .conn = NULL, .state = NETDATA_SSL_STATE_NOT_SSL } - -#define SSL_connection(ssl) ((ssl)->conn && (ssl)->state != NETDATA_SSL_STATE_NOT_SSL) - -extern SSL_CTX *netdata_ssl_exporting_ctx; -extern SSL_CTX *netdata_ssl_streaming_sender_ctx; -extern SSL_CTX *netdata_ssl_web_server_ctx; -extern const char *netdata_ssl_security_key; -extern const char *netdata_ssl_security_cert; -extern const char *tls_version; -extern const char *tls_ciphers; -extern bool netdata_ssl_validate_certificate; -extern bool netdata_ssl_validate_certificate_sender; -int ssl_security_location_for_context(SSL_CTX *ctx,char *file,char *path); - -void netdata_ssl_initialize_openssl(); -void netdata_ssl_cleanup(); -void netdata_ssl_initialize_ctx(int selector); -int security_test_certificate(SSL *ssl); -SSL_CTX * netdata_ssl_create_client_ctx(unsigned long mode); - -bool netdata_ssl_connect(NETDATA_SSL *ssl); -bool netdata_ssl_accept(NETDATA_SSL *ssl); - -bool netdata_ssl_open(NETDATA_SSL *ssl, SSL_CTX *ctx, int fd); -bool netdata_ssl_open_ext(NETDATA_SSL *ssl, SSL_CTX *ctx, int fd, const unsigned char *alpn_protos, unsigned int alpn_protos_len); -void netdata_ssl_close(NETDATA_SSL *ssl); - -ssize_t netdata_ssl_read(NETDATA_SSL *ssl, void *buf, size_t num); -ssize_t netdata_ssl_write(NETDATA_SSL *ssl, const void *buf, size_t num); - -# endif //ENABLE_HTTPS -#endif //NETDATA_SECURITY_H |