Private

Classes
struct	ssl_require_t
struct	ssl_randseed_t
struct	ssl_asn1_t
struct	SSLConnRec
struct	SSLModConfigRec
struct	modssl_pk_server_t
struct	modssl_pk_proxy_t
struct	modssl_auth_ctx_t
struct	modssl_ctx_t
struct	SSLSrvConfigRec
struct	SSLDirConfigRec

Macros
#define	APR_WANT_STRFUNC
#define	APR_WANT_MEMFUNC
#define	BOOL   unsigned int
#define	OPENSSL_API_COMPAT   0x10101000 /* for ENGINE_ API */
#define	MODSSL_HAVE_ENGINE_API   0
#define	MODSSL_HAVE_OPENSSL_STORE   0
#define	MODSSL_SSL_CIPHER_CONST
#define	MODSSL_SSL_METHOD_CONST
#define	MODSSL_USE_OPENSSL_PRE_1_1_API   1
#define	IDCONST
#define	BN_get_rfc2409_prime_768   get_rfc2409_prime_768
#define	BN_get_rfc2409_prime_1024   get_rfc2409_prime_1024
#define	BN_get_rfc3526_prime_1536   get_rfc3526_prime_1536
#define	BN_get_rfc3526_prime_2048   get_rfc3526_prime_2048
#define	BN_get_rfc3526_prime_3072   get_rfc3526_prime_3072
#define	BN_get_rfc3526_prime_4096   get_rfc3526_prime_4096
#define	BN_get_rfc3526_prime_6144   get_rfc3526_prime_6144
#define	BN_get_rfc3526_prime_8192   get_rfc3526_prime_8192
#define	BIO_set_init(x, v)   (x->init=v)
#define	BIO_get_data(x)   (x->ptr)
#define	BIO_set_data(x, v)   (x->ptr=v)
#define	BIO_get_shutdown(x)   (x->shutdown)
#define	BIO_set_shutdown(x, v)   (x->shutdown=v)
#define	DH_bits(x)   (BN_num_bits(x->p))
#define	X509_STORE_CTX_get0_store(x)   (x->ctx)
#define	X509_STORE_CTX_get0_current_issuer(x)   (x->current_issuer)
#define	X509_get_notBefore   X509_getm_notBefore
#define	X509_get_notAfter   X509_getm_notAfter
#define	PFALSE   ((void *)FALSE)
#define	PTRUE   ((void *)TRUE)
#define	UNSET   (-1)
#define	NUL   '\0'
#define	RAND_MAX   INT_MAX
#define	UCHAR   unsigned char
#define	strEQ(s1, s2)   (strcmp(s1,s2) == 0)
#define	strNE(s1, s2)   (strcmp(s1,s2) != 0)
#define	strEQn(s1, s2, n)   (strncmp(s1,s2,n) == 0)
#define	strNEn(s1, s2, n)   (strncmp(s1,s2,n) != 0)
#define	strcEQ(s1, s2)   (strcasecmp(s1,s2) == 0)
#define	strcNE(s1, s2)   (strcasecmp(s1,s2) != 0)
#define	strcEQn(s1, s2, n)   (strncasecmp(s1,s2,n) == 0)
#define	strcNEn(s1, s2, n)   (strncasecmp(s1,s2,n) != 0)
#define	strIsEmpty(s)   (s == NULL || s[0] == NUL)
#define	myConnConfig(c)    ((SSLConnRec *)ap_get_module_config(c->conn_config, &ssl_module))
#define	myConnConfigSet(c, val)    ap_set_module_config(c->conn_config, &ssl_module, val)
#define	mySrvConfig(srv)    ((SSLSrvConfigRec *)ap_get_module_config(srv->module_config, &ssl_module))
#define	myDirConfig(req)    ((SSLDirConfigRec *)ap_get_module_config(req->per_dir_config, &ssl_module))
#define	myConnCtxConfig(c, sc)    (c->outgoing ? myConnConfig(c)->dc->proxy : sc->server)
#define	myModConfig(srv)   mySrvConfig((srv))->mc
#define	mySrvFromConn(c)   myConnConfig(c)->server
#define	myDirConfigFromConn(c)   myConnConfig(c)->dc
#define	mySrvConfigFromConn(c)   mySrvConfig(mySrvFromConn(c))
#define	myModConfigFromConn(c)   myModConfig(mySrvFromConn(c))
#define	SSL_SESSION_CACHE_TIMEOUT   300
#define	DEFAULT_RENEG_BUFFER_SIZE   (128 * 1024)
#define	DEFAULT_OCSP_MAX_SKEW   (60 * 5)
#define	DEFAULT_OCSP_TIMEOUT   10
#define	CERTKEYS_IDX_MAX   1
#define	SSL_OPT_NONE   (0)
#define	SSL_OPT_RELSET   (1<<0)
#define	SSL_OPT_STDENVVARS   (1<<1)
#define	SSL_OPT_EXPORTCERTDATA   (1<<3)
#define	SSL_OPT_FAKEBASICAUTH   (1<<4)
#define	SSL_OPT_STRICTREQUIRE   (1<<5)
#define	SSL_OPT_OPTRENEGOTIATE   (1<<6)
#define	SSL_OPT_LEGACYDNFORMAT   (1<<7)
#define	SSL_PROTOCOL_NONE   (0)
#define	SSL_PROTOCOL_SSLV3   (1<<1)
#define	SSL_PROTOCOL_TLSV1   (1<<2)
#define	SSL_PROTOCOL_BASIC   (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)
#define	SSL_PROTOCOL_ALL   (SSL_PROTOCOL_BASIC)
#define	SSL_PROTOCOL_DEFAULT   (SSL_PROTOCOL_ALL & ~SSL_PROTOCOL_SSLV3)
#define	SSL_VERIFY_PEER_STRICT    (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
#define	ssl_verify_error_is_optional(errnum)
#define	SSL_PCM_EXISTS   1
#define	SSL_PCM_ISREG   2
#define	SSL_PCM_ISDIR   4
#define	SSL_PCM_ISNONZERO   8
#define	SSL_CACHE_MUTEX_TYPE   "ssl-cache"
#define	SSL_STAPLING_CACHE_MUTEX_TYPE   "ssl-stapling"
#define	SSL_STAPLING_REFRESH_MUTEX_TYPE   "ssl-stapling-refresh"
#define	SSLLOG_MARK   __FILE__,__LINE__

Typedefs
typedef int	ssl_opt_t
typedef int	ssl_proto_t
typedef unsigned int	ssl_pathcheck_t
typedef struct SSLSrvConfigRec	SSLSrvConfigRec
typedef struct SSLDirConfigRec	SSLDirConfigRec

Enumerations
enum	ssl_verify_t {   SSL_CVERIFY_UNSET = (-1) , SSL_CVERIFY_NONE = 0 , SSL_CVERIFY_OPTIONAL = 1 , SSL_CVERIFY_REQUIRE = 2 ,   SSL_CVERIFY_OPTIONAL_NO_CA = 3 }
enum	ssl_crlcheck_t { SSL_CRLCHECK_NONE = (0) , SSL_CRLCHECK_LEAF = (1 << 0) , SSL_CRLCHECK_CHAIN = (1 << 1) , SSL_CRLCHECK_NO_CRL_FOR_CERT_OK = (1 << 2) }
enum	ssl_ocspcheck_t { SSL_OCSPCHECK_NONE = (0) , SSL_OCSPCHECK_LEAF = (1 << 0) , SSL_OCSPCHECK_CHAIN = (1 << 1) , SSL_OCSPCHECK_NO_OCSP_FOR_CERT_OK = (1 << 2) }
enum	ssl_pphrase_t { SSL_PPTYPE_UNSET = (-1) , SSL_PPTYPE_BUILTIN = 0 , SSL_PPTYPE_FILTER = 1 , SSL_PPTYPE_PIPE = 2 }
enum	ssl_enabled_t { SSL_ENABLED_UNSET = (-1) , SSL_ENABLED_FALSE = 0 , SSL_ENABLED_TRUE = 1 , SSL_ENABLED_OPTIONAL = 3 }
enum	ssl_rsctx_t { SSL_RSCTX_STARTUP = 1 , SSL_RSCTX_CONNECT = 2 }
enum	ssl_rssrc_t { SSL_RSSRC_BUILTIN = 1 , SSL_RSSRC_FILE = 2 , SSL_RSSRC_EXEC = 3 , SSL_RSSRC_EGD = 4 }
enum	modssl_reneg_state { RENEG_INIT = 0 , RENEG_REJECT , RENEG_ALLOW , RENEG_ABORT }
enum	ssl_shutdown_type_e { SSL_SHUTDOWN_TYPE_UNSET , SSL_SHUTDOWN_TYPE_STANDARD , SSL_SHUTDOWN_TYPE_UNCLEAN , SSL_SHUTDOWN_TYPE_ACCURATE }

Functions
SSLModConfigRec *	ssl_config_global_create (server_rec *)
void	ssl_config_global_fix (SSLModConfigRec *)
unsigned int	ssl_config_global_isfixed (SSLModConfigRec *)
void *	ssl_config_server_create (apr_pool_t *, server_rec *)
void *	ssl_config_server_merge (apr_pool_t *, void *, void *)
void *	ssl_config_perdir_create (apr_pool_t *, char *)
void *	ssl_config_perdir_merge (apr_pool_t *, void *, void *)
void	ssl_config_proxy_merge (apr_pool_t *, SSLDirConfigRec *, SSLDirConfigRec *)
const char *	ssl_cmd_SSLPassPhraseDialog (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCryptoDevice (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLRandomSeed (cmd_parms *, void *, const char *, const char *, const char *)
const char *	ssl_cmd_SSLEngine (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCipherSuite (cmd_parms *, void *, const char *, const char *)
const char *	ssl_cmd_SSLCertificateFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCertificateKeyFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCertificateChainFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCACertificatePath (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCACertificateFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCADNRequestPath (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCADNRequestFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCARevocationPath (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCARevocationFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLCARevocationCheck (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLHonorCipherOrder (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLCompression (cmd_parms *, void *, int flag)
const char *	ssl_cmd_SSLSessionTickets (cmd_parms *, void *, int flag)
const char *	ssl_cmd_SSLVerifyClient (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLVerifyDepth (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLSessionCache (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLSessionCacheTimeout (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProtocol (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLOptions (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLRequireSSL (cmd_parms *, void *)
const char *	ssl_cmd_SSLRequire (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLUserName (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLRenegBufferSize (cmd_parms *cmd, void *dcfg, const char *arg)
const char *	ssl_cmd_SSLStrictSNIVHostCheck (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLInsecureRenegotiation (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLProxyEngine (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLProxyProtocol (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyCipherSuite (cmd_parms *, void *, const char *, const char *)
const char *	ssl_cmd_SSLProxyVerify (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyVerifyDepth (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyCACertificatePath (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyCACertificateFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyCARevocationPath (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyCARevocationFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyCARevocationCheck (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyMachineCertificatePath (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyMachineCertificateFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyMachineCertificateChainFile (cmd_parms *, void *, const char *)
const char *	ssl_cmd_SSLProxyCheckPeerExpire (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLProxyCheckPeerCN (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLProxyCheckPeerName (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLOCSPOverrideResponder (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLOCSPDefaultResponder (cmd_parms *cmd, void *dcfg, const char *arg)
const char *	ssl_cmd_SSLOCSPResponseTimeSkew (cmd_parms *cmd, void *dcfg, const char *arg)
const char *	ssl_cmd_SSLOCSPResponseMaxAge (cmd_parms *cmd, void *dcfg, const char *arg)
const char *	ssl_cmd_SSLOCSPResponderTimeout (cmd_parms *cmd, void *dcfg, const char *arg)
const char *	ssl_cmd_SSLOCSPUseRequestNonce (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLOCSPEnable (cmd_parms *cmd, void *dcfg, const char *arg)
const char *	ssl_cmd_SSLOCSPProxyURL (cmd_parms *cmd, void *dcfg, const char *arg)
const char *	ssl_cmd_SSLOCSPNoVerify (cmd_parms *cmd, void *dcfg, int flag)
const char *	ssl_cmd_SSLOCSPResponderCertificateFile (cmd_parms *cmd, void *dcfg, const char *arg)
const char *	ssl_cmd_SSLFIPS (cmd_parms *cmd, void *dcfg, int flag)
apr_status_t	ssl_init_Module (apr_pool_t *, apr_pool_t *, apr_pool_t *, server_rec *)
apr_status_t	ssl_init_Engine (server_rec *, apr_pool_t *)
apr_status_t	ssl_init_ConfigureServer (server_rec *, apr_pool_t *, apr_pool_t *, SSLSrvConfigRec *, apr_array_header_t *)
apr_status_t	ssl_init_CheckServers (server_rec *, apr_pool_t *)
int	ssl_proxy_section_post_config (apr_pool_t *p, apr_pool_t *plog, apr_pool_t *ptemp, server_rec *s, ap_conf_vector_t *section_config)
*	ssl_init_FindCAList (server_rec *, apr_pool_t *, const char *, const char *)
void	ssl_init_Child (apr_pool_t *, server_rec *)
apr_status_t	ssl_init_ModuleKill (void *data)
int	ssl_hook_Auth (request_rec *)
int	ssl_hook_UserCheck (request_rec *)
int	ssl_hook_Access (request_rec *)
int	ssl_hook_Fixup (request_rec *)
int	ssl_hook_ReadReq (request_rec *)
int	ssl_hook_Upgrade (request_rec *)
void	ssl_hook_ConfigTest (apr_pool_t *pconf, server_rec *s)
DH *	ssl_callback_TmpDH (SSL *, int, int)
int	ssl_callback_SSLVerify (int, X509_STORE_CTX *)
int	ssl_callback_SSLVerify_CRL (int, X509_STORE_CTX *, conn_rec *)
int	ssl_callback_proxy_cert (SSL *ssl, X509 **x509, EVP_PKEY **pkey)
int	ssl_callback_NewSessionCacheEntry (SSL *, SSL_SESSION *)
SSL_SESSION *	ssl_callback_GetSessionCacheEntry (SSL *, unsigned char *, int, int *)
void	ssl_callback_DelSessionCacheEntry (SSL_CTX *, SSL_SESSION *)
void	ssl_callback_Info (const SSL *, int, int)
apr_status_t	ssl_scache_init (server_rec *, apr_pool_t *)
void	ssl_scache_status_register (apr_pool_t *p)
void	ssl_scache_kill (server_rec *)
unsigned int	ssl_scache_store (server_rec *, unsigned char *, int, apr_time_t, SSL_SESSION *, apr_pool_t *)
SSL_SESSION *	ssl_scache_retrieve (server_rec *, unsigned char *, int, apr_pool_t *)
void	ssl_scache_remove (server_rec *, unsigned char *, int, apr_pool_t *)
void	ssl_io_filter_init (conn_rec *, request_rec *r, SSL *)
void	ssl_io_filter_register (apr_pool_t *)
void	modssl_set_io_callbacks (SSL *ssl, conn_rec *c, server_rec *s)
int	ssl_io_buffer_fill (request_rec *r, apr_size_t maxlen)
int	ssl_rand_seed (server_rec *, apr_pool_t *, ssl_rsctx_t, char *)
char *	ssl_util_vhostid (apr_pool_t *, server_rec *)
apr_file_t *	ssl_util_ppopen (server_rec *, apr_pool_t *, const char *, const char *const *)
void	ssl_util_ppclose (server_rec *, apr_pool_t *, apr_file_t *)
char *	ssl_util_readfilter (server_rec *, apr_pool_t *, const char *, const char *const *)
unsigned int	ssl_util_path_check (ssl_pathcheck_t, const char *, apr_pool_t *)
int	ssl_init_ssl_connection (conn_rec *c, request_rec *r)
unsigned int	ssl_util_vhost_matches (const char *servername, server_rec *s)
apr_status_t	ssl_load_encrypted_pkey (server_rec *, apr_pool_t *, int, const char *, apr_array_header_t **)
apr_status_t	modssl_load_engine_keypair (server_rec *s, apr_pool_t *pconf, apr_pool_t *ptemp, const char *vhostid, const char *certid, const char *keyid, X509 **pubkey, EVP_PKEY **privkey)
DH *	modssl_dh_from_file (const char *)
ssl_asn1_t *	ssl_asn1_table_set (apr_hash_t *table, const char *key, EVP_PKEY *pkey)
ssl_asn1_t *	ssl_asn1_table_get (apr_hash_t *table, const char *key)
void	ssl_asn1_table_unset (apr_hash_t *table, const char *key)
int	ssl_mutex_init (server_rec *, apr_pool_t *)
int	ssl_mutex_reinit (server_rec *, apr_pool_t *)
int	ssl_mutex_on (server_rec *)
int	ssl_mutex_off (server_rec *)
int	ssl_stapling_mutex_reinit (server_rec *, apr_pool_t *)
apr_status_t	ssl_die (server_rec *)
void	ssl_log_ssl_error (const char *, int, int, server_rec *)
void	ssl_log_xerror (const char *file, int line, int level, apr_status_t rv, apr_pool_t *p, server_rec *s, X509 *cert, const char *format,...) __attribute__((format(printf
void void	ssl_log_cxerror (const char *file, int line, int level, apr_status_t rv, conn_rec *c, X509 *cert, const char *format,...) __attribute__((format(printf
void void void	ssl_log_rxerror (const char *file, int line, int level, apr_status_t rv, request_rec *r, X509 *cert, const char *format,...) __attribute__((format(printf
void	ssl_var_register (apr_pool_t *p)
char *	ssl_var_lookup (apr_pool_t *, server_rec *, conn_rec *, request_rec *, char *)
apr_array_header_t *	ssl_ext_list (apr_pool_t *p, conn_rec *c, int peer, const char *extension)
void	ssl_var_log_config_register (apr_pool_t *p)
void	modssl_var_extract_dns (apr_table_t *t, SSL *ssl, apr_pool_t *p)
void	modssl_var_extract_san_entries (apr_table_t *t, SSL *ssl, apr_pool_t *p)
int	modssl_verify_ocsp (X509_STORE_CTX *ctx, SSLSrvConfigRec *sc, server_rec *s, conn_rec *c, apr_pool_t *pool)
OCSP_RESPONSE *	modssl_dispatch_ocsp_request (const apr_uri_t *uri, apr_interval_time_t timeout, OCSP_REQUEST *request, conn_rec *c, apr_pool_t *p)
void	ssl_init_ocsp_certificates (server_rec *s, modssl_ctx_t *mctx)
DH *	modssl_get_dh_params (unsigned keylen)
int	modssl_request_is_tls (const request_rec *r, SSLConnRec **sslconn)
int	ssl_is_challenge (conn_rec *c, const char *servername, X509 **pcert, EVP_PKEY **pkey, const char **pcert_file, const char **pkey_file)
int	modssl_is_engine_id (const char *name)
void	modssl_set_reneg_state (SSLConnRec *sslconn, modssl_reneg_state state)

Variables
static int *const	aplog_module_index = &( ssl_module.module_index)
const authz_provider	ssl_authz_provider_require_ssl
const authz_provider	ssl_authz_provider_verify_client

Detailed Description

Macro Definition Documentation

APR_WANT_MEMFUNC

#define APR_WANT_MEMFUNC

Definition at line 48 of file ssl_private.h.

APR_WANT_STRFUNC

#define APR_WANT_STRFUNC

Apache headers

Definition at line 47 of file ssl_private.h.

BIO_get_data

#define BIO_get_data

(

x

)

(x->ptr)

Definition at line 264 of file ssl_private.h.

BIO_get_shutdown

#define BIO_get_shutdown

(

x

)

(x->shutdown)

Definition at line 266 of file ssl_private.h.

BIO_set_data

#define BIO_set_data	(		x,
			v
	)		(x->ptr=v)

Definition at line 265 of file ssl_private.h.

BIO_set_init

#define BIO_set_init	(		x,
			v
	)		(x->init=v)

Definition at line 263 of file ssl_private.h.

BIO_set_shutdown

#define BIO_set_shutdown	(		x,
			v
	)		(x->shutdown=v)

Definition at line 267 of file ssl_private.h.

BN_get_rfc2409_prime_1024

#define BN_get_rfc2409_prime_1024   get_rfc2409_prime_1024

Definition at line 256 of file ssl_private.h.

BN_get_rfc2409_prime_768

#define BN_get_rfc2409_prime_768   get_rfc2409_prime_768

The following features all depend on TLS extension support. Within this block, check again for features (not version numbers).

Definition at line 255 of file ssl_private.h.

BN_get_rfc3526_prime_1536

#define BN_get_rfc3526_prime_1536   get_rfc3526_prime_1536

Definition at line 257 of file ssl_private.h.

BN_get_rfc3526_prime_2048

#define BN_get_rfc3526_prime_2048   get_rfc3526_prime_2048

Definition at line 258 of file ssl_private.h.

BN_get_rfc3526_prime_3072

#define BN_get_rfc3526_prime_3072   get_rfc3526_prime_3072

Definition at line 259 of file ssl_private.h.

BN_get_rfc3526_prime_4096

#define BN_get_rfc3526_prime_4096   get_rfc3526_prime_4096

Definition at line 260 of file ssl_private.h.

BN_get_rfc3526_prime_6144

#define BN_get_rfc3526_prime_6144   get_rfc3526_prime_6144

Definition at line 261 of file ssl_private.h.

BN_get_rfc3526_prime_8192

#define BN_get_rfc3526_prime_8192   get_rfc3526_prime_8192

Definition at line 262 of file ssl_private.h.

BOOL

#define BOOL   unsigned int

Definition at line 81 of file ssl_private.h.

CERTKEYS_IDX_MAX

#define CERTKEYS_IDX_MAX   1

Definition at line 399 of file ssl_private.h.

DEFAULT_OCSP_MAX_SKEW

#define DEFAULT_OCSP_MAX_SKEW   (60 * 5)

Definition at line 384 of file ssl_private.h.

DEFAULT_OCSP_TIMEOUT

#define DEFAULT_OCSP_TIMEOUT   10

Definition at line 389 of file ssl_private.h.

DEFAULT_RENEG_BUFFER_SIZE

#define DEFAULT_RENEG_BUFFER_SIZE   (128 * 1024)

Definition at line 379 of file ssl_private.h.

DH_bits

#define DH_bits

(

x

)

(BN_num_bits(x->p))

Definition at line 268 of file ssl_private.h.

IDCONST

#define IDCONST

Definition at line 189 of file ssl_private.h.

MODSSL_HAVE_ENGINE_API

#define MODSSL_HAVE_ENGINE_API   0

Definition at line 118 of file ssl_private.h.

MODSSL_HAVE_OPENSSL_STORE

#define MODSSL_HAVE_OPENSSL_STORE   0

Definition at line 127 of file ssl_private.h.

MODSSL_SSL_CIPHER_CONST

#define MODSSL_SSL_CIPHER_CONST

...shifting sands of OpenSSL... Note: when adding support for new OpenSSL features, avoid explicit version number checks whenever possible, and use "feature-based" detection instead (check for definitions of constants or functions)

Definition at line 144 of file ssl_private.h.

MODSSL_SSL_METHOD_CONST

#define MODSSL_SSL_METHOD_CONST

Definition at line 145 of file ssl_private.h.

MODSSL_USE_OPENSSL_PRE_1_1_API

#define MODSSL_USE_OPENSSL_PRE_1_1_API   1

Definition at line 169 of file ssl_private.h.

myConnConfig

#define myConnConfig

(

c

)

((SSLConnRec *)ap_get_module_config(c->conn_config, &ssl_module))

Definition at line 354 of file ssl_private.h.

myConnConfigSet

#define myConnConfigSet	(		c,
			val
	)		ap_set_module_config(c->conn_config, &ssl_module, val)

Definition at line 356 of file ssl_private.h.

myConnCtxConfig

#define myConnCtxConfig	(		c,
			sc
	)		(c->outgoing ? myConnConfig(c)->dc->proxy : sc->server)

Definition at line 362 of file ssl_private.h.

myDirConfig

#define myDirConfig

(

req

)

((SSLDirConfigRec *)ap_get_module_config(req->per_dir_config, &ssl_module))

Definition at line 360 of file ssl_private.h.

myDirConfigFromConn

#define myDirConfigFromConn

(

c

)

myConnConfig(c)->dc

Definition at line 366 of file ssl_private.h.

myModConfig

#define myModConfig

(

srv

)

mySrvConfig((srv))->mc

Definition at line 364 of file ssl_private.h.

myModConfigFromConn

#define myModConfigFromConn

(

c

)

myModConfig(mySrvFromConn(c))

Definition at line 368 of file ssl_private.h.

mySrvConfig

#define mySrvConfig

(

srv

)

((SSLSrvConfigRec *)ap_get_module_config(srv->module_config, &ssl_module))

Definition at line 358 of file ssl_private.h.

mySrvConfigFromConn

#define mySrvConfigFromConn

(

c

)

mySrvConfig(mySrvFromConn(c))

Definition at line 367 of file ssl_private.h.

mySrvFromConn

#define mySrvFromConn

(

c

)

myConnConfig(c)->server

Definition at line 365 of file ssl_private.h.

NUL

#define NUL   '\0'

Definition at line 325 of file ssl_private.h.

OPENSSL_API_COMPAT

#define OPENSSL_API_COMPAT   0x10101000 /* for ENGINE_ API */

Definition at line 88 of file ssl_private.h.

PFALSE

#define PFALSE   ((void *)FALSE)

Definition at line 316 of file ssl_private.h.

PTRUE

#define PTRUE   ((void *)TRUE)

Definition at line 319 of file ssl_private.h.

RAND_MAX

#define RAND_MAX   INT_MAX

Definition at line 329 of file ssl_private.h.

SSL_CACHE_MUTEX_TYPE

#define SSL_CACHE_MUTEX_TYPE   "ssl-cache"

Definition at line 1127 of file ssl_private.h.

SSL_OPT_EXPORTCERTDATA

#define SSL_OPT_EXPORTCERTDATA   (1<<3)

Definition at line 408 of file ssl_private.h.

SSL_OPT_FAKEBASICAUTH

#define SSL_OPT_FAKEBASICAUTH   (1<<4)

Definition at line 409 of file ssl_private.h.

SSL_OPT_LEGACYDNFORMAT

#define SSL_OPT_LEGACYDNFORMAT   (1<<7)

Definition at line 412 of file ssl_private.h.

SSL_OPT_NONE

#define SSL_OPT_NONE   (0)

Define the SSL options

Definition at line 405 of file ssl_private.h.

SSL_OPT_OPTRENEGOTIATE

#define SSL_OPT_OPTRENEGOTIATE   (1<<6)

Definition at line 411 of file ssl_private.h.

SSL_OPT_RELSET

#define SSL_OPT_RELSET   (1<<0)

Definition at line 406 of file ssl_private.h.

SSL_OPT_STDENVVARS

#define SSL_OPT_STDENVVARS   (1<<1)

Definition at line 407 of file ssl_private.h.

SSL_OPT_STRICTREQUIRE

#define SSL_OPT_STRICTREQUIRE   (1<<5)

Definition at line 410 of file ssl_private.h.

SSL_PCM_EXISTS

#define SSL_PCM_EXISTS   1

Define the Path Checking modes

Definition at line 508 of file ssl_private.h.

SSL_PCM_ISDIR

#define SSL_PCM_ISDIR   4

Definition at line 510 of file ssl_private.h.

SSL_PCM_ISNONZERO

#define SSL_PCM_ISNONZERO   8

Definition at line 511 of file ssl_private.h.

SSL_PCM_ISREG

#define SSL_PCM_ISREG   2

Definition at line 509 of file ssl_private.h.

SSL_PROTOCOL_ALL

#define SSL_PROTOCOL_ALL   (SSL_PROTOCOL_BASIC)

Definition at line 443 of file ssl_private.h.

SSL_PROTOCOL_BASIC

#define SSL_PROTOCOL_BASIC   (SSL_PROTOCOL_SSLV3|SSL_PROTOCOL_TLSV1)

Definition at line 424 of file ssl_private.h.

SSL_PROTOCOL_DEFAULT

#define SSL_PROTOCOL_DEFAULT   (SSL_PROTOCOL_ALL & ~SSL_PROTOCOL_SSLV3)

Definition at line 446 of file ssl_private.h.

SSL_PROTOCOL_NONE

#define SSL_PROTOCOL_NONE   (0)

Define the SSL Protocol options

Definition at line 418 of file ssl_private.h.

SSL_PROTOCOL_SSLV3

#define SSL_PROTOCOL_SSLV3   (1<<1)

Definition at line 420 of file ssl_private.h.

SSL_PROTOCOL_TLSV1

#define SSL_PROTOCOL_TLSV1   (1<<2)

Definition at line 422 of file ssl_private.h.

SSL_SESSION_CACHE_TIMEOUT

#define SSL_SESSION_CACHE_TIMEOUT   300

Defaults for the configuration

Definition at line 374 of file ssl_private.h.

SSL_STAPLING_CACHE_MUTEX_TYPE

#define SSL_STAPLING_CACHE_MUTEX_TYPE   "ssl-stapling"

Definition at line 1128 of file ssl_private.h.

SSL_STAPLING_REFRESH_MUTEX_TYPE

#define SSL_STAPLING_REFRESH_MUTEX_TYPE   "ssl-stapling-refresh"

Definition at line 1129 of file ssl_private.h.

ssl_verify_error_is_optional

#define ssl_verify_error_is_optional

(

errnum

)

Value:

   ((errnum == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) \
    || (errnum == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) \
    || (errnum == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY) \
    || (errnum == X509_V_ERR_CERT_UNTRUSTED) \
    || (errnum == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE))

Definition at line 466 of file ssl_private.h.

SSL_VERIFY_PEER_STRICT

#define SSL_VERIFY_PEER_STRICT    (SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT)

Definition at line 463 of file ssl_private.h.

SSLLOG_MARK

#define SSLLOG_MARK   __FILE__,__LINE__

Definition at line 1156 of file ssl_private.h.

strcEQ

#define strcEQ	(		s1,
			s2
	)		(strcasecmp(s1,s2) == 0)

Definition at line 347 of file ssl_private.h.

strcEQn

#define strcEQn	(		s1,
			s2,
			n
	)		(strncasecmp(s1,s2,n) == 0)

Definition at line 349 of file ssl_private.h.

strcNE

#define strcNE	(		s1,
			s2
	)		(strcasecmp(s1,s2) != 0)

Definition at line 348 of file ssl_private.h.

strcNEn

#define strcNEn	(		s1,
			s2,
			n
	)		(strncasecmp(s1,s2,n) != 0)

Definition at line 350 of file ssl_private.h.

strEQ

#define strEQ	(		s1,
			s2
	)		(strcmp(s1,s2) == 0)

Provide useful shorthands

Definition at line 342 of file ssl_private.h.

strEQn

#define strEQn	(		s1,
			s2,
			n
	)		(strncmp(s1,s2,n) == 0)

Definition at line 344 of file ssl_private.h.

strIsEmpty

#define strIsEmpty

(

s

)

(s == NULL || s[0] == NUL)

Definition at line 352 of file ssl_private.h.

strNE

#define strNE	(		s1,
			s2
	)		(strcmp(s1,s2) != 0)

Definition at line 343 of file ssl_private.h.

strNEn

#define strNEn	(		s1,
			s2,
			n
	)		(strncmp(s1,s2,n) != 0)

Definition at line 345 of file ssl_private.h.

UCHAR

#define UCHAR   unsigned char

Provide reasonable defines for some types

Definition at line 336 of file ssl_private.h.

UNSET

#define UNSET   (-1)

Definition at line 322 of file ssl_private.h.

X509_get_notAfter

#define X509_get_notAfter   X509_getm_notAfter

Definition at line 290 of file ssl_private.h.

X509_get_notBefore

#define X509_get_notBefore   X509_getm_notBefore

Definition at line 287 of file ssl_private.h.

X509_STORE_CTX_get0_current_issuer

#define X509_STORE_CTX_get0_current_issuer

(

x

)

(x->current_issuer)

Definition at line 281 of file ssl_private.h.

X509_STORE_CTX_get0_store

#define X509_STORE_CTX_get0_store

(

x

)

(x->ctx)

Definition at line 276 of file ssl_private.h.

Typedef Documentation

ssl_opt_t

typedef int ssl_opt_t

Definition at line 413 of file ssl_private.h.

ssl_pathcheck_t

typedef unsigned int ssl_pathcheck_t

Definition at line 512 of file ssl_private.h.

ssl_proto_t

typedef int ssl_proto_t

Definition at line 450 of file ssl_private.h.

SSLDirConfigRec

typedef struct SSLDirConfigRec SSLDirConfigRec

Definition at line 577 of file ssl_private.h.

SSLSrvConfigRec

typedef struct SSLSrvConfigRec SSLSrvConfigRec

Define the mod_ssl per-module configuration structure (i.e. the global configuration for each httpd process)

Definition at line 576 of file ssl_private.h.

Enumeration Type Documentation

modssl_reneg_state

enum modssl_reneg_state

Enumerator
RENEG_INIT
RENEG_REJECT
RENEG_ALLOW
RENEG_ABORT

Definition at line 561 of file ssl_private.h.

ssl_crlcheck_t

enum ssl_crlcheck_t

CRL checking mask (mode | flags)

Enumerator
SSL_CRLCHECK_NONE
SSL_CRLCHECK_LEAF
SSL_CRLCHECK_CHAIN
SSL_CRLCHECK_NO_CRL_FOR_CERT_OK

Definition at line 476 of file ssl_private.h.

ssl_enabled_t

enum ssl_enabled_t

Define the SSL enabled state

Enumerator
SSL_ENABLED_UNSET
SSL_ENABLED_FALSE
SSL_ENABLED_TRUE
SSL_ENABLED_OPTIONAL

Definition at line 517 of file ssl_private.h.

ssl_ocspcheck_t

enum ssl_ocspcheck_t

OCSP checking mask (mode | flags)

Enumerator
SSL_OCSPCHECK_NONE
SSL_OCSPCHECK_LEAF
SSL_OCSPCHECK_CHAIN
SSL_OCSPCHECK_NO_OCSP_FOR_CERT_OK

Definition at line 488 of file ssl_private.h.

ssl_pphrase_t

enum ssl_pphrase_t

Define the SSL pass phrase dialog types

Enumerator
SSL_PPTYPE_UNSET
SSL_PPTYPE_BUILTIN
SSL_PPTYPE_FILTER
SSL_PPTYPE_PIPE

Definition at line 498 of file ssl_private.h.

ssl_rsctx_t

enum ssl_rsctx_t

Define the SSL random number generator seeding source

Enumerator
SSL_RSCTX_STARTUP
SSL_RSCTX_CONNECT

Definition at line 535 of file ssl_private.h.

ssl_rssrc_t

enum ssl_rssrc_t

Enumerator
SSL_RSSRC_BUILTIN
SSL_RSSRC_FILE
SSL_RSSRC_EXEC
SSL_RSSRC_EGD

Definition at line 539 of file ssl_private.h.

ssl_shutdown_type_e

enum ssl_shutdown_type_e

Enumerator
SSL_SHUTDOWN_TYPE_UNSET
SSL_SHUTDOWN_TYPE_STANDARD
SSL_SHUTDOWN_TYPE_UNCLEAN
SSL_SHUTDOWN_TYPE_ACCURATE

Definition at line 579 of file ssl_private.h.

ssl_verify_t

enum ssl_verify_t

Define the SSL verify levels

Enumerator
SSL_CVERIFY_UNSET
SSL_CVERIFY_NONE
SSL_CVERIFY_OPTIONAL
SSL_CVERIFY_REQUIRE
SSL_CVERIFY_OPTIONAL_NO_CA

Definition at line 455 of file ssl_private.h.

Function Documentation

modssl_dh_from_file()

DH * modssl_dh_from_file

(

const char *

file

)

Diffie-Hellman Parameter Support

Definition at line 468 of file ssl_util_ssl.c.

modssl_dispatch_ocsp_request()

OCSP_RESPONSE * modssl_dispatch_ocsp_request	(	const apr_uri_t *	uri,
		apr_interval_time_t	timeout,
		OCSP_REQUEST *	request,
		conn_rec *	c,
		apr_pool_t *	p
	)

Definition at line 306 of file ssl_util_ocsp.c.

modssl_get_dh_params()

DH * modssl_get_dh_params

(

unsigned

keylen

)

Definition at line 162 of file ssl_engine_init.c.

modssl_is_engine_id()

int modssl_is_engine_id

(

const char *

name

)

Definition at line 477 of file ssl_util.c.

modssl_load_engine_keypair()

apr_status_t modssl_load_engine_keypair	(	server_rec *	s,
		apr_pool_t *	pconf,
		apr_pool_t *	ptemp,
		const char *	vhostid,
		const char *	certid,
		const char *	keyid,
		X509 **	pubkey,
		EVP_PKEY **	privkey
	)

Definition at line 1025 of file ssl_engine_pphrase.c.

modssl_request_is_tls()

int modssl_request_is_tls	(	const request_rec *	r,
		SSLConnRec **	sslconn
	)

Definition at line 103 of file ssl_util.c.

modssl_set_io_callbacks()

void modssl_set_io_callbacks	(	SSL *	ssl,
		conn_rec *	c,
		server_rec *	s
	)

Definition at line 2469 of file ssl_engine_io.c.

modssl_set_reneg_state()

void modssl_set_reneg_state	(	SSLConnRec *	sslconn,
		modssl_reneg_state	state
	)

Definition at line 616 of file ssl_util_ssl.c.

modssl_var_extract_dns()

void modssl_var_extract_dns	(	apr_table_t *	t,
		SSL *	ssl,
		apr_pool_t *	p
	)

Definition at line 942 of file ssl_engine_vars.c.

modssl_var_extract_san_entries()

void modssl_var_extract_san_entries	(	apr_table_t *	t,
		SSL *	ssl,
		apr_pool_t *	p
	)

Definition at line 988 of file ssl_engine_vars.c.

modssl_verify_ocsp()

int modssl_verify_ocsp	(	X509_STORE_CTX *	ctx,
		SSLSrvConfigRec *	sc,
		server_rec *	s,
		conn_rec *	c,
		apr_pool_t *	pool
	)

Definition at line 262 of file ssl_engine_ocsp.c.

ssl_asn1_table_get()

ssl_asn1_t * ssl_asn1_table_get	(	apr_hash_t *	table,
		const char *	key
	)

Definition at line 228 of file ssl_util.c.

ssl_asn1_table_set()

ssl_asn1_t * ssl_asn1_table_set	(	apr_hash_t *	table,
		const char *	key,
		EVP_PKEY *	pkey
	)

Definition at line 199 of file ssl_util.c.

ssl_asn1_table_unset()

void ssl_asn1_table_unset	(	apr_hash_t *	table,
		const char *	key
	)

Definition at line 234 of file ssl_util.c.

ssl_callback_DelSessionCacheEntry()

void ssl_callback_DelSessionCacheEntry	(	SSL_CTX *	ctx,
		SSL_SESSION *	session
	)

Definition at line 2158 of file ssl_engine_kernel.c.

ssl_callback_GetSessionCacheEntry()

SSL_SESSION * ssl_callback_GetSessionCacheEntry	(	SSL *	ssl,
		unsigned char *	id,
		int	idlen,
		int *	do_copy
	)

Definition at line 2123 of file ssl_engine_kernel.c.

ssl_callback_Info()

void ssl_callback_Info	(	const SSL *	ssl,
		int	where,
		int	rc
	)

Definition at line 2266 of file ssl_engine_kernel.c.

ssl_callback_NewSessionCacheEntry()

int ssl_callback_NewSessionCacheEntry	(	SSL *	ssl,
		SSL_SESSION *	session
	)

Definition at line 2072 of file ssl_engine_kernel.c.

ssl_callback_proxy_cert()

int ssl_callback_proxy_cert	(	SSL *	ssl,
		X509 **	x509,
		EVP_PKEY **	pkey
	)

Definition at line 1946 of file ssl_engine_kernel.c.

ssl_callback_SSLVerify()

int ssl_callback_SSLVerify	(	int	ok,
		X509_STORE_CTX *	ctx
	)

Definition at line 1737 of file ssl_engine_kernel.c.

ssl_callback_SSLVerify_CRL()

int ssl_callback_SSLVerify_CRL	(	int	,
		X509_STORE_CTX *	,
		conn_rec *
	)

ssl_callback_TmpDH()

DH * ssl_callback_TmpDH	(	SSL *	ssl,
		int	export,
		int	keylen
	)

OpenSSL callbacks

Definition at line 1689 of file ssl_engine_kernel.c.

ssl_cmd_SSLCACertificateFile()

const char * ssl_cmd_SSLCACertificateFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1023 of file ssl_engine_config.c.

ssl_cmd_SSLCACertificatePath()

const char * ssl_cmd_SSLCACertificatePath	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1001 of file ssl_engine_config.c.

ssl_cmd_SSLCADNRequestFile()

const char * ssl_cmd_SSLCADNRequestFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1060 of file ssl_engine_config.c.

ssl_cmd_SSLCADNRequestPath()

const char * ssl_cmd_SSLCADNRequestPath	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1045 of file ssl_engine_config.c.

ssl_cmd_SSLCARevocationCheck()

const char * ssl_cmd_SSLCARevocationCheck	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1144 of file ssl_engine_config.c.

ssl_cmd_SSLCARevocationFile()

const char * ssl_cmd_SSLCARevocationFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1091 of file ssl_engine_config.c.

ssl_cmd_SSLCARevocationPath()

const char * ssl_cmd_SSLCARevocationPath	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1075 of file ssl_engine_config.c.

ssl_cmd_SSLCertificateChainFile()

const char * ssl_cmd_SSLCertificateChainFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 964 of file ssl_engine_config.c.

ssl_cmd_SSLCertificateFile()

const char * ssl_cmd_SSLCertificateFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 928 of file ssl_engine_config.c.

ssl_cmd_SSLCertificateKeyFile()

const char * ssl_cmd_SSLCertificateKeyFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 946 of file ssl_engine_config.c.

ssl_cmd_SSLCipherSuite()

const char * ssl_cmd_SSLCipherSuite	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg1,
		const char *	arg2
	)

Definition at line 774 of file ssl_engine_config.c.

ssl_cmd_SSLCompression()

const char * ssl_cmd_SSLCompression	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 842 of file ssl_engine_config.c.

ssl_cmd_SSLCryptoDevice()

const char * ssl_cmd_SSLCryptoDevice	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 596 of file ssl_engine_config.c.

ssl_cmd_SSLEngine()

const char * ssl_cmd_SSLEngine	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 731 of file ssl_engine_config.c.

ssl_cmd_SSLFIPS()

const char * ssl_cmd_SSLFIPS	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 751 of file ssl_engine_config.c.

ssl_cmd_SSLHonorCipherOrder()

const char * ssl_cmd_SSLHonorCipherOrder	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 872 of file ssl_engine_config.c.

ssl_cmd_SSLInsecureRenegotiation()

const char * ssl_cmd_SSLInsecureRenegotiation	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 894 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPDefaultResponder()

const char * ssl_cmd_SSLOCSPDefaultResponder	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1798 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPEnable()

const char * ssl_cmd_SSLOCSPEnable	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1775 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPNoVerify()

const char * ssl_cmd_SSLOCSPNoVerify	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 1859 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPOverrideResponder()

const char * ssl_cmd_SSLOCSPOverrideResponder	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 1789 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPProxyURL()

const char * ssl_cmd_SSLOCSPProxyURL	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1846 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPResponderCertificateFile()

const char * ssl_cmd_SSLOCSPResponderCertificateFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 2120 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPResponderTimeout()

const char * ssl_cmd_SSLOCSPResponderTimeout	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1827 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPResponseMaxAge()

const char * ssl_cmd_SSLOCSPResponseMaxAge	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1817 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPResponseTimeSkew()

const char * ssl_cmd_SSLOCSPResponseTimeSkew	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1807 of file ssl_engine_config.c.

ssl_cmd_SSLOCSPUseRequestNonce()

const char * ssl_cmd_SSLOCSPUseRequestNonce	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 1837 of file ssl_engine_config.c.

ssl_cmd_SSLOptions()

const char * ssl_cmd_SSLOptions	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1328 of file ssl_engine_config.c.

ssl_cmd_SSLPassPhraseDialog()

const char * ssl_cmd_SSLPassPhraseDialog	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 549 of file ssl_engine_config.c.

ssl_cmd_SSLProtocol()

const char * ssl_cmd_SSLProtocol	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1520 of file ssl_engine_config.c.

ssl_cmd_SSLProxyCACertificateFile()

const char * ssl_cmd_SSLProxyCACertificateFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1609 of file ssl_engine_config.c.

ssl_cmd_SSLProxyCACertificatePath()

const char * ssl_cmd_SSLProxyCACertificatePath	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1625 of file ssl_engine_config.c.

ssl_cmd_SSLProxyCARevocationCheck()

const char * ssl_cmd_SSLProxyCARevocationCheck	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1673 of file ssl_engine_config.c.

ssl_cmd_SSLProxyCARevocationFile()

const char * ssl_cmd_SSLProxyCARevocationFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1657 of file ssl_engine_config.c.

ssl_cmd_SSLProxyCARevocationPath()

const char * ssl_cmd_SSLProxyCARevocationPath	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1641 of file ssl_engine_config.c.

ssl_cmd_SSLProxyCheckPeerCN()

const char * ssl_cmd_SSLProxyCheckPeerCN	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 1877 of file ssl_engine_config.c.

ssl_cmd_SSLProxyCheckPeerExpire()

const char * ssl_cmd_SSLProxyCheckPeerExpire	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 1868 of file ssl_engine_config.c.

ssl_cmd_SSLProxyCheckPeerName()

const char * ssl_cmd_SSLProxyCheckPeerName	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 1886 of file ssl_engine_config.c.

ssl_cmd_SSLProxyCipherSuite()

const char * ssl_cmd_SSLProxyCipherSuite	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg1,
		const char *	arg2
	)

Definition at line 1549 of file ssl_engine_config.c.

ssl_cmd_SSLProxyEngine()

const char * ssl_cmd_SSLProxyEngine	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 1530 of file ssl_engine_config.c.

ssl_cmd_SSLProxyMachineCertificateChainFile()

const char * ssl_cmd_SSLProxyMachineCertificateChainFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1714 of file ssl_engine_config.c.

ssl_cmd_SSLProxyMachineCertificateFile()

const char * ssl_cmd_SSLProxyMachineCertificateFile	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1682 of file ssl_engine_config.c.

ssl_cmd_SSLProxyMachineCertificatePath()

const char * ssl_cmd_SSLProxyMachineCertificatePath	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1698 of file ssl_engine_config.c.

ssl_cmd_SSLProxyProtocol()

const char * ssl_cmd_SSLProxyProtocol	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1539 of file ssl_engine_config.c.

ssl_cmd_SSLProxyVerify()

const char * ssl_cmd_SSLProxyVerify	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1575 of file ssl_engine_config.c.

ssl_cmd_SSLProxyVerifyDepth()

const char * ssl_cmd_SSLProxyVerifyDepth	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1592 of file ssl_engine_config.c.

ssl_cmd_SSLRandomSeed()

const char * ssl_cmd_SSLRandomSeed	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg1,
		const char *	arg2,
		const char *	arg3
	)

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 638 of file ssl_engine_config.c.

ssl_cmd_SSLRenegBufferSize()

const char * ssl_cmd_SSLRenegBufferSize	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1427 of file ssl_engine_config.c.

ssl_cmd_SSLRequire()

const char * ssl_cmd_SSLRequire	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1402 of file ssl_engine_config.c.

ssl_cmd_SSLRequireSSL()

const char * ssl_cmd_SSLRequireSSL	(	cmd_parms *	cmd,
		void *	dcfg
	)

Definition at line 1393 of file ssl_engine_config.c.

ssl_cmd_SSLSessionCache()

const char * ssl_cmd_SSLSessionCache	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

< Forbidden in <VirtualHost>

< Forbidden in <Limit>

< Forbidden in <Directory>

< Forbidden in <Location>

< Forbidden in <Files> or <If>

< Forbidden in <Proxy>

Definition at line 1237 of file ssl_engine_config.c.

ssl_cmd_SSLSessionCacheTimeout()

const char * ssl_cmd_SSLSessionCacheTimeout	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1313 of file ssl_engine_config.c.

ssl_cmd_SSLSessionTickets()

const char * ssl_cmd_SSLSessionTickets	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 883 of file ssl_engine_config.c.

ssl_cmd_SSLStrictSNIVHostCheck()

const char * ssl_cmd_SSLStrictSNIVHostCheck	(	cmd_parms *	cmd,
		void *	dcfg,
		int	flag
	)

Definition at line 1895 of file ssl_engine_config.c.

ssl_cmd_SSLUserName()

const char * ssl_cmd_SSLUserName	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1730 of file ssl_engine_config.c.

ssl_cmd_SSLVerifyClient()

const char * ssl_cmd_SSLVerifyClient	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1178 of file ssl_engine_config.c.

ssl_cmd_SSLVerifyDepth()

const char * ssl_cmd_SSLVerifyDepth	(	cmd_parms *	cmd,
		void *	dcfg,
		const char *	arg
	)

Definition at line 1214 of file ssl_engine_config.c.

ssl_config_global_create()

SSLModConfigRec * ssl_config_global_create

(

server_rec *

s

)

configuration handling

Definition at line 42 of file ssl_engine_config.c.

ssl_config_global_fix()

void ssl_config_global_fix

(

SSLModConfigRec *

mc

)

Definition at line 93 of file ssl_engine_config.c.

ssl_config_global_isfixed()

unsigned int ssl_config_global_isfixed

(

SSLModConfigRec *

mc

)

Definition at line 98 of file ssl_engine_config.c.

ssl_config_perdir_create()

void * ssl_config_perdir_create	(	apr_pool_t *	p,
		char *	dir
	)

Definition at line 435 of file ssl_engine_config.c.

ssl_config_perdir_merge()

void * ssl_config_perdir_merge	(	apr_pool_t *	p,
		void *	basev,
		void *	addv
	)

Definition at line 478 of file ssl_engine_config.c.

ssl_config_proxy_merge()

void ssl_config_proxy_merge	(	apr_pool_t *	p,
		SSLDirConfigRec *	base,
		SSLDirConfigRec *	conf
	)

Definition at line 535 of file ssl_engine_config.c.

ssl_config_server_create()

void * ssl_config_server_create	(	apr_pool_t *	p,
		server_rec *	s
	)

Definition at line 244 of file ssl_engine_config.c.

ssl_config_server_merge()

void * ssl_config_server_merge	(	apr_pool_t *	p,
		void *	basev,
		void *	addv
	)

Definition at line 389 of file ssl_engine_config.c.

ssl_die()

apr_status_t ssl_die

(

server_rec *

s

)

Definition at line 66 of file ssl_engine_log.c.

ssl_ext_list()

apr_array_header_t * ssl_ext_list	(	apr_pool_t *	p,
		conn_rec *	c,
		int	peer,
		const char *	extension
	)

Definition at line 1046 of file ssl_engine_vars.c.

ssl_hook_Access()

int ssl_hook_Access

(

request_rec *

r

)

< Module declines to handle

< Module declines to handle

< Module declines to handle

Definition at line 1208 of file ssl_engine_kernel.c.

ssl_hook_Auth()

int ssl_hook_Auth

(

request_rec *

r

)

Apache API hooks

< Module declines to handle

Definition at line 1462 of file ssl_engine_kernel.c.

ssl_hook_ConfigTest()

void ssl_hook_ConfigTest	(	apr_pool_t *	pconf,
		server_rec *	s
	)

Definition at line 2134 of file ssl_engine_config.c.

ssl_hook_Fixup()

int ssl_hook_Fixup

(

request_rec *

r

)

< Module declines to handle

< Module declines to handle

Definition at line 1521 of file ssl_engine_kernel.c.

ssl_hook_ReadReq()

int ssl_hook_ReadReq

(

request_rec *

r

)

< Module declines to handle

< Module declines to handle

< Module declines to handle

Definition at line 269 of file ssl_engine_kernel.c.

ssl_hook_Upgrade()

int ssl_hook_Upgrade

(

request_rec *

)

ssl_hook_UserCheck()

int ssl_hook_UserCheck

(

request_rec *

r

)

< Module declines to handle

< Module declines to handle

< Module declines to handle

Definition at line 1364 of file ssl_engine_kernel.c.

ssl_init_CheckServers()

apr_status_t ssl_init_CheckServers	(	server_rec *	base_server,
		apr_pool_t *	p
	)

Definition at line 2151 of file ssl_engine_init.c.

ssl_init_Child()

void ssl_init_Child	(	apr_pool_t *	p,
		server_rec *	s
	)

Definition at line 2342 of file ssl_engine_init.c.

ssl_init_ConfigureServer()

apr_status_t ssl_init_ConfigureServer	(	server_rec *	s,
		apr_pool_t *	p,
		apr_pool_t *	ptemp,
		SSLSrvConfigRec *	sc,
		apr_array_header_t *	pphrases
	)

Definition at line 2109 of file ssl_engine_init.c.

ssl_init_Engine()

apr_status_t ssl_init_Engine	(	server_rec *	s,
		apr_pool_t *	p
	)

Definition at line 487 of file ssl_engine_init.c.

ssl_init_FindCAList()

* ssl_init_FindCAList	(	server_rec *	,
		apr_pool_t *	,
		const char *	,
		const char *
	)

ssl_init_Module()

apr_status_t ssl_init_Module	(	apr_pool_t *	p,
		apr_pool_t *	plog,
		apr_pool_t *	ptemp,
		server_rec *	base_server
	)

module initialization

< Module has handled this stage.

Definition at line 233 of file ssl_engine_init.c.

ssl_init_ModuleKill()

apr_status_t ssl_init_ModuleKill

(

void *

data

)

Definition at line 2357 of file ssl_engine_init.c.

ssl_init_ocsp_certificates()

void ssl_init_ocsp_certificates	(	server_rec *	s,
		modssl_ctx_t *	mctx
	)

Definition at line 401 of file ssl_util_ocsp.c.

ssl_init_ssl_connection()

int ssl_init_ssl_connection	(	conn_rec *	c,
		request_rec *	r
	)

< Module declines to handle

< Module has handled this stage.

< Module declines to handle

< Module declines to handle

Definition at line 575 of file mod_ssl.c.

ssl_io_buffer_fill()

int ssl_io_buffer_fill	(	request_rec *	r,
		apr_size_t	maxlen
	)

Definition at line 2023 of file ssl_engine_io.c.

ssl_io_filter_init()

void ssl_io_filter_init	(	conn_rec *	c,
		request_rec *	r,
		SSL *	ssl
	)

OCSP Stapling Support I/O

Definition at line 2253 of file ssl_engine_io.c.

ssl_io_filter_register()

void ssl_io_filter_register

(

apr_pool_t *

p

)

Definition at line 2293 of file ssl_engine_io.c.

ssl_is_challenge()

int ssl_is_challenge	(	conn_rec *	c,
		const char *	servername,
		X509 **	pcert,
		EVP_PKEY **	pkey,
		const char **	pcert_file,
		const char **	pkey_file
	)

< Module has handled this stage.

Definition at line 196 of file ssl_engine_init.c.

ssl_load_encrypted_pkey()

apr_status_t ssl_load_encrypted_pkey	(	server_rec *	s,
		apr_pool_t *	p,
		int	idx,
		const char *	pkey_file,
		apr_array_header_t **	pphrases
	)

Pass Phrase Support

Definition at line 142 of file ssl_engine_pphrase.c.

ssl_log_cxerror()

void void ssl_log_cxerror	(	const char *	file,
		int	line,
		int	level,
		apr_status_t	rv,
		conn_rec *	c,
		X509 *	cert,
		const char *	format,
			...
	)

ssl_log_rxerror()

void void void ssl_log_rxerror	(	const char *	file,
		int	line,
		int	level,
		apr_status_t	rv,
		request_rec *	r,
		X509 *	cert,
		const char *	format,
			...
	)

ssl_log_ssl_error()

void ssl_log_ssl_error	(	const char *	file,
		int	line,
		int	level,
		server_rec *	s
	)

Logfile Support

Definition at line 94 of file ssl_engine_log.c.

ssl_log_xerror()

void ssl_log_xerror	(	const char *	file,
		int	line,
		int	level,
		apr_status_t	rv,
		apr_pool_t *	p,
		server_rec *	s,
		X509 *	cert,
		const char *	format,
			...
	)

ssl_mutex_init()

int ssl_mutex_init	(	server_rec *	s,
		apr_pool_t *	p
	)

Mutex Support

Definition at line 33 of file ssl_engine_mutex.c.

ssl_mutex_off()

int ssl_mutex_off

(

server_rec *

s

)

Definition at line 99 of file ssl_engine_mutex.c.

ssl_mutex_on()

int ssl_mutex_on

(

server_rec *

s

)

Definition at line 86 of file ssl_engine_mutex.c.

ssl_mutex_reinit()

int ssl_mutex_reinit	(	server_rec *	s,
		apr_pool_t *	p
	)

Definition at line 59 of file ssl_engine_mutex.c.

ssl_proxy_section_post_config()

int ssl_proxy_section_post_config	(	apr_pool_t *	p,
		apr_pool_t *	plog,
		apr_pool_t *	ptemp,
		server_rec *	s,
		ap_conf_vector_t *	section_config
	)

< Module has handled this stage.

< Module has handled this stage.

< Module has handled this stage.

Definition at line 2241 of file ssl_engine_init.c.

ssl_rand_seed()

int ssl_rand_seed	(	server_rec *	s,
		apr_pool_t *	p,
		ssl_rsctx_t	nCtx,
		char *	prefix
	)

PRNG

< Open the file for reading

<

Deprecated:

See also

APR_FOPEN_READ

< use OS's default permissions

<

Deprecated:

See also

APR_FPROT_OS_DEFAULT

Definition at line 41 of file ssl_engine_rand.c.

ssl_scache_init()

apr_status_t ssl_scache_init	(	server_rec *	s,
		apr_pool_t *	p
	)

Session Cache Support

Definition at line 40 of file ssl_scache.c.

ssl_scache_kill()

void ssl_scache_kill

(

server_rec *

s

)

Definition at line 97 of file ssl_scache.c.

ssl_scache_remove()

void ssl_scache_remove	(	server_rec *	s,
		unsigned char *	id,
		int	idlen,
		apr_pool_t *	p
	)

Definition at line 176 of file ssl_scache.c.

ssl_scache_retrieve()

SSL_SESSION * ssl_scache_retrieve	(	server_rec *	s,
		unsigned char *	id,
		int	idlen,
		apr_pool_t *	p
	)

Definition at line 147 of file ssl_scache.c.

ssl_scache_status_register()

void ssl_scache_status_register

(

apr_pool_t *

p

)

Definition at line 234 of file ssl_scache.c.

ssl_scache_store()

unsigned int ssl_scache_store	(	server_rec *	s,
		unsigned char *	id,
		int	idlen,
		apr_time_t	expiry,
		SSL_SESSION *	sess,
		apr_pool_t *	p
	)

Definition at line 113 of file ssl_scache.c.

ssl_stapling_mutex_reinit()

int ssl_stapling_mutex_reinit	(	server_rec *	,
		apr_pool_t *
	)

ssl_util_path_check()

unsigned int ssl_util_path_check	(	ssl_pathcheck_t	pcm,
		const char *	path,
		apr_pool_t *	p
	)

< Type

< Size of the file

Definition at line 175 of file ssl_util.c.

ssl_util_ppclose()

void ssl_util_ppclose	(	server_rec *	s,
		apr_pool_t *	p,
		apr_file_t *	fp
	)

Definition at line 142 of file ssl_util.c.

ssl_util_ppopen()

apr_file_t * ssl_util_ppopen	(	server_rec *	s,
		apr_pool_t *	p,
		const char *	cmd,
		const char *const *	argv
	)

Definition at line 120 of file ssl_util.c.

ssl_util_readfilter()

char * ssl_util_readfilter	(	server_rec *	s,
		apr_pool_t *	p,
		const char *	cmd,
		const char *const *	argv
	)

Definition at line 151 of file ssl_util.c.

ssl_util_vhost_matches()

unsigned int ssl_util_vhost_matches	(	const char *	servername,
		server_rec *	s
	)

Definition at line 61 of file ssl_util.c.

ssl_util_vhostid()

char * ssl_util_vhostid	(	apr_pool_t *	p,
		server_rec *	s
	)

Utility Functions

Definition at line 42 of file ssl_util.c.

ssl_var_log_config_register()

void ssl_var_log_config_register

(

apr_pool_t *

p

)

Definition at line 1174 of file ssl_engine_vars.c.

ssl_var_lookup()

char * ssl_var_lookup	(	apr_pool_t *	p,
		server_rec *	s,
		conn_rec *	c,
		request_rec *	r,
		char *	var
	)

Definition at line 956 of file mod_nw_ssl.c.

ssl_var_register()

void ssl_var_register

(

apr_pool_t *

p

)

Variables

Definition at line 136 of file ssl_engine_vars.c.

Variable Documentation

aplog_module_index

int* const aplog_module_index = &( ssl_module.module_index)

static

Definition at line 310 of file ssl_private.h.

ssl_authz_provider_require_ssl

const authz_provider ssl_authz_provider_require_ssl

extern

Apache authz provisders

Definition at line 1627 of file ssl_engine_kernel.c.

ssl_authz_provider_verify_client

const authz_provider ssl_authz_provider_verify_client

extern

Definition at line 1671 of file ssl_engine_kernel.c.