Gecko [ primetaxinc.net ]

Name	Size	Permission
swoole.h	22.85 KB	-rw-r--r--
swoole_api.h	3.39 KB	-rw-r--r--
swoole_asm_context.h	1.76 KB	-rw-r--r--
swoole_async.h	3.7 KB	-rw-r--r--
swoole_atomic.h	2.15 KB	-rw-r--r--
swoole_base64.h	1.29 KB	-rw-r--r--
swoole_buffer.h	2.28 KB	-rw-r--r--
swoole_c_api.h	2.19 KB	-rw-r--r--
swoole_channel.h	2.34 KB	-rw-r--r--
swoole_client.h	8.41 KB	-rw-r--r--
swoole_config.h	8.84 KB	-rw-r--r--
swoole_coroutine.h	8.96 KB	-rw-r--r--
swoole_coroutine_c_api.h	4.9 KB	-rw-r--r--
swoole_coroutine_channel.h	4.18 KB	-rw-r--r--
swoole_coroutine_context.h	2.59 KB	-rw-r--r--
swoole_coroutine_socket.h	18.85 KB	-rw-r--r--
swoole_coroutine_system.h	3.48 KB	-rw-r--r--
swoole_dtls.h	2.41 KB	-rw-r--r--
swoole_error.h	5.85 KB	-rw-r--r--
swoole_file.h	4.09 KB	-rw-r--r--
swoole_file_hook.h	2.86 KB	-rw-r--r--
swoole_hash.h	9.69 KB	-rw-r--r--
swoole_heap.h	1.79 KB	-rw-r--r--
swoole_http.h	6.99 KB	-rw-r--r--
swoole_http2.h	8.38 KB	-rw-r--r--
swoole_lock.h	2.64 KB	-rw-r--r--
swoole_log.h	15.72 KB	-rw-r--r--
swoole_lru_cache.h	3.17 KB	-rw-r--r--
swoole_memory.h	2.75 KB	-rw-r--r--
swoole_message_bus.h	5.53 KB	-rw-r--r--
swoole_mime_type.h	1.44 KB	-rw-r--r--
swoole_mqtt.h	2.18 KB	-rw-r--r--
swoole_msg_queue.h	1.92 KB	-rw-r--r--
swoole_pipe.h	2.64 KB	-rw-r--r--
swoole_process_pool.h	8.88 KB	-rw-r--r--
swoole_protocol.h	5.32 KB	-rw-r--r--
swoole_proxy.h	2.14 KB	-rw-r--r--
swoole_reactor.h	11.25 KB	-rw-r--r--
swoole_redis.h	2.09 KB	-rw-r--r--
swoole_server.h	39.62 KB	-rw-r--r--
swoole_signal.h	1.68 KB	-rw-r--r--
swoole_socket.h	17.61 KB	-rw-r--r--
swoole_socket_hook.h	2.23 KB	-rw-r--r--
swoole_ssl.h	4.94 KB	-rw-r--r--
swoole_static_handler.h	4.7 KB	-rw-r--r--
swoole_string.h	8.06 KB	-rw-r--r--
swoole_table.h	7.35 KB	-rw-r--r--
swoole_timer.h	4.05 KB	-rw-r--r--
swoole_util.h	5.58 KB	-rw-r--r--
swoole_version.h	2.21 KB	-rw-r--r--
swoole_websocket.h	4.53 KB	-rw-r--r--
swoole_wheel_timer.h	2.48 KB	-rw-r--r--

Code Editor : swoole_ssl.h

/*
  +----------------------------------------------------------------------+
  | Swoole                                                               |
  +----------------------------------------------------------------------+
  | This source file is subject to version 2.0 of the Apache license,    |
  | that is bundled with this package in the file LICENSE, and is        |
  | available through the world-wide-web at the following url:           |
  | http://www.apache.org/licenses/LICENSE-2.0.html                      |
  | If you did not receive a copy of the Apache2.0 license and are unable|
  | to obtain it through the world-wide-web, please send a note to       |
  | license@php.net so we can mail you a copy immediately.               |
  +----------------------------------------------------------------------+
  | Author: Tianfeng Han  <rango@swoole.com>                             |
  +----------------------------------------------------------------------+
*/

#pragma once

#include "swoole.h"

#ifdef SW_USE_OPENSSL

#include <unordered_map>
#include <string>
#include <array>

#include <openssl/ssl.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/conf.h>
#include <openssl/ossl_typ.h>
#include <openssl/crypto.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include <openssl/rand.h>
#include <openssl/opensslv.h>

#if OPENSSL_VERSION_NUMBER >= 0x10100000L
#define SW_SUPPORT_DTLS
#endif

#if defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x3000000fL
#undef SW_SUPPORT_DTLS
#endif

#ifdef OPENSSL_IS_BORINGSSL
#define BIO_CTRL_DGRAM_SET_CONNECTED 32
#define BIO_CTRL_DGRAM_SET_PEER 44
#define BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT 45
#define BIO_dgram_get_peer(b,peer) \
         (int)BIO_ctrl(b, BIO_CTRL_DGRAM_GET_PEER, 0, (char *)(peer))
#define OPENSSL_assert(x)       assert(x)
#endif

enum swSSLCreateFlag {
    SW_SSL_SERVER = 1,
    SW_SSL_CLIENT = 2,
};

enum swSSLState {
    SW_SSL_STATE_HANDSHAKE = 0,
    SW_SSL_STATE_READY = 1,
    SW_SSL_STATE_WAIT_STREAM = 2,
};

enum swSSLVersion {
    SW_SSL_SSLv2 = 1u << 1,
    SW_SSL_SSLv3 = 1u << 2,
    SW_SSL_TLSv1 = 1u << 3,
    SW_SSL_TLSv1_1 = 1u << 4,
    SW_SSL_TLSv1_2 = 1u << 5,
    SW_SSL_TLSv1_3 = 1u << 6,
    SW_SSL_DTLS = 1u << 7,
};

enum swSSLMethod {
    SW_SSLv23_METHOD = 0,
    SW_SSLv3_METHOD,
    SW_SSLv3_SERVER_METHOD,
    SW_SSLv3_CLIENT_METHOD,
    SW_SSLv23_SERVER_METHOD,
    SW_SSLv23_CLIENT_METHOD,
    SW_TLSv1_METHOD,
    SW_TLSv1_SERVER_METHOD,
    SW_TLSv1_CLIENT_METHOD,
#ifdef TLS1_1_VERSION
    SW_TLSv1_1_METHOD,
    SW_TLSv1_1_SERVER_METHOD,
    SW_TLSv1_1_CLIENT_METHOD,
#endif
#ifdef TLS1_2_VERSION
    SW_TLSv1_2_METHOD,
    SW_TLSv1_2_SERVER_METHOD,
    SW_TLSv1_2_CLIENT_METHOD,
#endif
#ifdef SW_SUPPORT_DTLS
    SW_DTLS_CLIENT_METHOD,
    SW_DTLS_SERVER_METHOD,
#endif
};

namespace swoole {

struct SSLContext {
    uchar http : 1;
    uchar http_v2 : 1;
    uchar prefer_server_ciphers : 1;
    uchar session_tickets : 1;
    uchar stapling : 1;
    uchar stapling_verify : 1;
    std::string ciphers;
    std::string ecdh_curve;
    std::string session_cache;
    std::string dhparam;
    std::string cert_file;
    std::string key_file;
    std::string passphrase;
    std::string client_cert_file;
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
    uchar disable_tls_host_name : 1;
    std::string tls_host_name;
#endif

#ifdef OPENSSL_IS_BORINGSSL
    uint8_t grease;
#endif

std::string cafile;
    std::string capath;
    uint8_t verify_depth;
    uchar disable_compress : 1;
    uchar verify_peer : 1;
    uchar allow_self_signed : 1;
    uint32_t protocols;
    uint8_t create_flag;
    SSL_CTX *context;

SSL_CTX *get_context() {
        return context;
    }

bool ready() {
        return context != nullptr;
    }

void set_protocols(uint32_t _protocols) {
        protocols = _protocols;
    }

bool set_cert_file(const std::string &_cert_file) {
        if (access(_cert_file.c_str(), R_OK) < 0) {
            swoole_warning("ssl cert file[%s] not found", _cert_file.c_str());
            return false;
        }
        cert_file = _cert_file;
        return true;
    }

bool set_key_file(const std::string &_key_file) {
        if (access(_key_file.c_str(), R_OK) < 0) {
            swoole_warning("ssl key file[%s] not found", _key_file.c_str());
            return false;
        }
        key_file = _key_file;
        return true;
    }

bool create();
    bool set_capath();
    bool set_ciphers();
    bool set_client_certificate();
    bool set_ecdh_curve();
    bool set_dhparam();
    ~SSLContext();
};
}

void swoole_ssl_init(void);
void swoole_ssl_init_thread_safety();
bool swoole_ssl_is_thread_safety();
void swoole_ssl_server_http_advise(swoole::SSLContext &);
const char *swoole_ssl_get_error();
int swoole_ssl_get_ex_connection_index();
int swoole_ssl_get_ex_port_index();
std::string swoole_ssl_get_version_message();

#endif

${this.title}

Code Editor : swoole_ssl.h