1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 * @brief SSL extension module for Apache
21 * @defgroup MOD_SSL mod_ssl
22 * @ingroup APACHE_MODS
30 #include "http_config.h"
31 #include "apr_optional.h"
33 /* Create a set of SSL_DECLARE(type), SSL_DECLARE_NONSTD(type) and
34 * SSL_DECLARE_DATA with appropriate export and import tags for the platform
37 #define SSL_DECLARE(type) type
38 #define SSL_DECLARE_NONSTD(type) type
39 #define SSL_DECLARE_DATA
40 #elif defined(SSL_DECLARE_STATIC)
41 #define SSL_DECLARE(type) type __stdcall
42 #define SSL_DECLARE_NONSTD(type) type
43 #define SSL_DECLARE_DATA
44 #elif defined(SSL_DECLARE_EXPORT)
45 #define SSL_DECLARE(type) __declspec(dllexport) type __stdcall
46 #define SSL_DECLARE_NONSTD(type) __declspec(dllexport) type
47 #define SSL_DECLARE_DATA __declspec(dllexport)
49 #define SSL_DECLARE(type) __declspec(dllimport) type __stdcall
50 #define SSL_DECLARE_NONSTD(type) __declspec(dllimport) type
51 #define SSL_DECLARE_DATA __declspec(dllimport)
54 /** The ssl_var_lookup() optional function retrieves SSL environment
56 APR_DECLARE_OPTIONAL_FN(char *, ssl_var_lookup,
57 (apr_pool_t *, server_rec *,
58 conn_rec *, request_rec *,
61 /** The ssl_ext_list() optional function attempts to build an array
62 * of all the values contained in the named X.509 extension. The
63 * returned array will be created in the supplied pool.
64 * The client certificate is used if peer is non-zero; the server
65 * certificate is used otherwise.
66 * Extension specifies the extensions to use as a string. This can be
67 * one of the "known" long or short names, or a numeric OID,
68 * e.g. "1.2.3.4", 'nsComment' and 'DN' are all valid.
69 * A pointer to an apr_array_header_t structure is returned if at
70 * least one matching extension is found, NULL otherwise.
72 APR_DECLARE_OPTIONAL_FN(apr_array_header_t *, ssl_ext_list,
73 (apr_pool_t *p, conn_rec *c, int peer,
74 const char *extension));
76 /** An optional function which returns non-zero if the given connection
77 * is using SSL/TLS. */
78 APR_DECLARE_OPTIONAL_FN(int, ssl_is_https, (conn_rec *));
80 /** A function that returns the TLS channel binding data as per
81 * RFC5929. A buffer containing the Channel Binding Token for the
82 * given type will be allocated from the pool and returned to the
83 * caller, along with the size. Returns APR_SUCCESS on success; buf
84 * and size are not adjusted on error. */
85 APR_DECLARE_OPTIONAL_FN(apr_status_t, ssl_get_tls_cb,
86 (apr_pool_t *p, conn_rec *c, const char *type,
87 unsigned char **buf, apr_size_t *size));
89 /** The ssl_proxy_enable() and ssl_engine_{set,disable}() optional
90 * functions are used by mod_proxy to enable use of SSL for outgoing
93 APR_DECLARE_OPTIONAL_FN(int, ssl_proxy_enable, (conn_rec *));
94 APR_DECLARE_OPTIONAL_FN(int, ssl_engine_disable, (conn_rec *));
95 APR_DECLARE_OPTIONAL_FN(int, ssl_engine_set, (conn_rec *,
97 int proxy, int enable));
99 #endif /* __MOD_SSL_H__ */