aboutsummaryrefslogtreecommitdiffstats
path: root/server/resty/openssl/include/ssl.lua
diff options
context:
space:
mode:
Diffstat (limited to 'server/resty/openssl/include/ssl.lua')
-rw-r--r--server/resty/openssl/include/ssl.lua113
1 files changed, 0 insertions, 113 deletions
diff --git a/server/resty/openssl/include/ssl.lua b/server/resty/openssl/include/ssl.lua
deleted file mode 100644
index 1219ac3..0000000
--- a/server/resty/openssl/include/ssl.lua
+++ /dev/null
@@ -1,113 +0,0 @@
-local ffi = require "ffi"
-local C = ffi.C
-
-require "resty.openssl.include.ossl_typ"
-require "resty.openssl.include.stack"
-local OPENSSL_3X = require("resty.openssl.version").OPENSSL_3X
-local BORINGSSL = require("resty.openssl.version").BORINGSSL
-
-ffi.cdef [[
- // SSL_METHOD
- typedef struct ssl_method_st SSL_METHOD;
- const SSL_METHOD *TLS_method(void);
- const SSL_METHOD *TLS_server_method(void);
-
- // SSL_CIPHER
- typedef struct ssl_cipher_st SSL_CIPHER;
- const char *SSL_CIPHER_get_name(const SSL_CIPHER *cipher);
- SSL_CIPHER *SSL_get_current_cipher(const SSL *ssl);
-
- SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
- void SSL_CTX_free(SSL_CTX *a);
-
- // SSL_SESSION
- typedef struct ssl_session_st SSL_SESSION;
- SSL_SESSION *SSL_get_session(const SSL *ssl);
- long SSL_SESSION_set_timeout(SSL_SESSION *s, long t);
- long SSL_SESSION_get_timeout(const SSL_SESSION *s);
-
- typedef int (*SSL_CTX_alpn_select_cb_func)(SSL *ssl,
- const unsigned char **out,
- unsigned char *outlen,
- const unsigned char *in,
- unsigned int inlen,
- void *arg);
- void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
- SSL_CTX_alpn_select_cb_func cb,
- void *arg);
-
- int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
- const unsigned char *server,
- unsigned int server_len,
- const unsigned char *client,
- unsigned int client_len);
-
- SSL *SSL_new(SSL_CTX *ctx);
- void SSL_free(SSL *ssl);
-
- int SSL_set_cipher_list(SSL *ssl, const char *str);
- int SSL_set_ciphersuites(SSL *s, const char *str);
-
- long SSL_set_options(SSL *ssl, long options);
- long SSL_clear_options(SSL *ssl, long options);
- long SSL_get_options(SSL *ssl);
-
- /*STACK_OF(SSL_CIPHER)*/ OPENSSL_STACK *SSL_get_ciphers(const SSL *ssl);
- /*STACK_OF(SSL_CIPHER)*/ OPENSSL_STACK *SSL_CTX_get_ciphers(const SSL_CTX *ctx);
- OPENSSL_STACK *SSL_get_peer_cert_chain(const SSL *ssl);
-
- typedef int (*verify_callback)(int preverify_ok, X509_STORE_CTX *x509_ctx);
- void SSL_set_verify(SSL *s, int mode,
- int (*verify_callback)(int, X509_STORE_CTX *));
-
- int SSL_add_client_CA(SSL *ssl, X509 *cacert);
-
- long SSL_ctrl(SSL *ssl, int cmd, long larg, void *parg);
-]]
-
-if OPENSSL_3X then
- ffi.cdef [[
- X509 *SSL_get1_peer_certificate(const SSL *ssl);
- ]]
-else
- ffi.cdef [[
- X509 *SSL_get_peer_certificate(const SSL *ssl);
- ]]
-end
-
-if BORINGSSL then
- ffi.cdef [[
- int SSL_set_min_proto_version(SSL *ssl, int version);
- int SSL_set_max_proto_version(SSL *ssl, int version);
- ]]
-end
-
-local SSL_CTRL_SET_MIN_PROTO_VERSION = 123
-local SSL_CTRL_SET_MAX_PROTO_VERSION = 124
-
-local SSL_set_min_proto_version
-if BORINGSSL then
- SSL_set_min_proto_version = function(ctx, version)
- return C.SSL_set_min_proto_version(ctx, version)
- end
-else
- SSL_set_min_proto_version = function(ctx, version)
- return C.SSL_ctrl(ctx, SSL_CTRL_SET_MIN_PROTO_VERSION, version, nil)
- end
-end
-
-local SSL_set_max_proto_version
-if BORINGSSL then
- SSL_set_max_proto_version = function(ctx, version)
- return C.SSL_set_max_proto_version(ctx, version)
- end
-else
- SSL_set_max_proto_version = function(ctx, version)
- return C.SSL_ctrl(ctx, SSL_CTRL_SET_MAX_PROTO_VERSION, version, nil)
- end
-end
-
-return {
- SSL_set_min_proto_version = SSL_set_min_proto_version,
- SSL_set_max_proto_version = SSL_set_max_proto_version,
-}