--------------------- PatchSet 5210 Date: 2007/08/09 10:05:00 Author: amosjeffries Branch: docs Tag: (none) Log: Group SSL items into API and Internal for documentation. Members: doc/Programming-Guide/Groups.dox:1.1.2.8->1.1.2.9 src/ssl_support.cc:1.17->1.17.2.1 src/ssl_support.h:1.6.10.1->1.6.10.2 Index: squid3/doc/Programming-Guide/Groups.dox =================================================================== RCS file: /cvsroot/squid-sf//squid3/doc/Programming-Guide/Attic/Groups.dox,v retrieving revision 1.1.2.8 retrieving revision 1.1.2.9 diff -u -r1.1.2.8 -r1.1.2.9 --- squid3/doc/Programming-Guide/Groups.dox 9 Aug 2007 09:12:43 -0000 1.1.2.8 +++ squid3/doc/Programming-Guide/Groups.dox 9 Aug 2007 10:05:00 -0000 1.1.2.9 @@ -93,12 +93,6 @@ */ /** - * \defgroup ServerProtocolSSL SSL - * \ingroup ServerProtocol - * \todo Write Documentation about SSL - */ - -/** * \defgroup ServerProtocolPassthru Passthru * \ingroup ServerProtocol * \todo Write Documentation about Passthru Index: squid3/src/ssl_support.cc =================================================================== RCS file: /cvsroot/squid-sf//squid3/src/ssl_support.cc,v retrieving revision 1.17 retrieving revision 1.17.2.1 diff -u -r1.17 -r1.17.2.1 --- squid3/src/ssl_support.cc 28 Apr 2007 22:51:56 -0000 1.17 +++ squid3/src/ssl_support.cc 9 Aug 2007 10:05:00 -0000 1.17.2.1 @@ -1,6 +1,6 @@ /* - * $Id: ssl_support.cc,v 1.17 2007/04/28 22:51:56 squidadm Exp $ + * $Id: ssl_support.cc,v 1.17.2.1 2007/08/09 10:05:00 amosjeffries Exp $ * * AUTHOR: Benno Rice * DEBUG: section 83 SSL accelerator support @@ -36,6 +36,12 @@ #include "squid.h" #include "fde.h" +/** + \defgroup ServerProtocolSSLInternal Server-Side SSL Internals + \ingroup ServerProtocolSSL + */ + +/// \ingroup ServerProtocolSSLInternal static int ssl_ask_password_cb(char *buf, int size, int rwflag, void *userdata) { @@ -61,6 +67,7 @@ return len; } +/// \ingroup ServerProtocolSSLInternal static void ssl_ask_password(SSL_CTX * context, const char * prompt) { @@ -70,6 +77,7 @@ } } +/// \ingroup ServerProtocolSSLInternal static RSA * ssl_temp_rsa_cb(SSL * ssl, int anInt, int keylen) { @@ -120,6 +128,7 @@ return rsa; } +/// \ingroup ServerProtocolSSLInternal static int ssl_verify_cb(int ok, X509_STORE_CTX * ctx) { @@ -202,6 +211,7 @@ return ok; } +/// \ingroup ServerProtocolSSLInternal static struct ssl_option { const char *name; @@ -328,6 +338,7 @@ } }; +/// \ingroup ServerProtocolSSLInternal static long ssl_parse_options(const char *options) { @@ -406,14 +417,22 @@ return op; } +/// \ingroup ServerProtocolSSLInternal #define SSL_FLAG_NO_DEFAULT_CA (1<<0) +/// \ingroup ServerProtocolSSLInternal #define SSL_FLAG_DELAYED_AUTH (1<<1) +/// \ingroup ServerProtocolSSLInternal #define SSL_FLAG_DONT_VERIFY_PEER (1<<2) +/// \ingroup ServerProtocolSSLInternal #define SSL_FLAG_DONT_VERIFY_DOMAIN (1<<3) +/// \ingroup ServerProtocolSSLInternal #define SSL_FLAG_NO_SESSION_REUSE (1<<4) +/// \ingroup ServerProtocolSSLInternal #define SSL_FLAG_VERIFY_CRL (1<<5) +/// \ingroup ServerProtocolSSLInternal #define SSL_FLAG_VERIFY_CRL_ALL (1<<6) +/// \ingroup ServerProtocolSSLInternal static long ssl_parse_flags(const char *flags) { @@ -460,6 +479,7 @@ } +/// \ingroup ServerProtocolSSLInternal static void ssl_initialize(void) { @@ -499,6 +519,7 @@ } +/// \ingroup ServerProtocolSSLInternal static int ssl_load_crl(SSL_CTX *sslContext, const char *CRLfile) { @@ -852,6 +873,7 @@ return sslContext; } +/// \ingroup ServerProtocolSSLInternal int ssl_read_method(int fd, char *buf, int len) { @@ -878,6 +900,7 @@ return i; } +/// \ingroup ServerProtocolSSLInternal int ssl_write_method(int fd, const char *buf, int len) { @@ -902,6 +925,7 @@ SSL_shutdown(ssl); } +/// \ingroup ServerProtocolSSLInternal static const char * ssl_get_attribute(X509_NAME * name, const char *attribute_name) { @@ -928,6 +952,7 @@ return *buffer ? buffer : NULL; } +/// \ingroup ServerProtocolSSLInternal const char * sslGetUserAttribute(SSL * ssl, const char *attribute_name) { @@ -952,6 +977,7 @@ return ret; } +/// \ingroup ServerProtocolSSLInternal const char * sslGetCAAttribute(SSL * ssl, const char *attribute_name) { Index: squid3/src/ssl_support.h =================================================================== RCS file: /cvsroot/squid-sf//squid3/src/ssl_support.h,v retrieving revision 1.6.10.1 retrieving revision 1.6.10.2 diff -u -r1.6.10.1 -r1.6.10.2 --- squid3/src/ssl_support.h 11 Jul 2007 03:14:59 -0000 1.6.10.1 +++ squid3/src/ssl_support.h 9 Aug 2007 10:05:00 -0000 1.6.10.2 @@ -1,6 +1,6 @@ /* - * $Id: ssl_support.h,v 1.6.10.1 2007/07/11 03:14:59 amosjeffries Exp $ + * $Id: ssl_support.h,v 1.6.10.2 2007/08/09 10:05:00 amosjeffries Exp $ * * AUTHOR: Benno Rice * @@ -46,17 +46,48 @@ #include #endif +/** + \defgroup ServerProtocolSSL SSL + \ingroup ServerProtocol + */ + +/** + \defgroup ServerProtocolSSLAPI Server-Side SSL API + \ingroup ServerProtocolSSL + */ + +/// \ingroup ServerProtocolSSLAPI SSL_CTX *sslCreateServerContext(const char *certfile, const char *keyfile, int version, const char *cipher, const char *options, const char *flags, const char *clientCA, const char *CAfile, const char *CApath, const char *CRLfile, const char *dhpath, const char *context); + +/// \ingroup ServerProtocolSSLAPI SSL_CTX *sslCreateClientContext(const char *certfile, const char *keyfile, int version, const char *cipher, const char *options, const char *flags, const char *CAfile, const char *CApath, const char *CRLfile); + +/// \ingroup ServerProtocolSSLAPI int ssl_read_method(int, char *, int); + +/// \ingroup ServerProtocolSSLAPI int ssl_write_method(int, const char *, int); + +/// \ingroup ServerProtocolSSLAPI void ssl_shutdown_method(int); + +/// \ingroup ServerProtocolSSLAPI const char *sslGetUserEmail(SSL *ssl); + +/// \ingroup ServerProtocolSSLAPI typedef char const *SSLGETATTRIBUTE(SSL *, const char *); + +/// \ingroup ServerProtocolSSLAPI SSLGETATTRIBUTE sslGetUserAttribute; + +/// \ingroup ServerProtocolSSLAPI SSLGETATTRIBUTE sslGetCAAttribute; + +/// \ingroup ServerProtocolSSLAPI const char *sslGetUserCertificatePEM(SSL *ssl); + +/// \ingroup ServerProtocolSSLAPI const char *sslGetUserCertificateChainPEM(SSL *ssl); #ifdef _SQUID_MSWIN_ @@ -67,18 +98,21 @@ namespace Squid { /** \endcond */ +/// \ingroup ServerProtocolSSLAPI inline int SSL_set_fd(SSL *ssl, int fd) { return ::SSL_set_fd(ssl, _get_osfhandle(fd)); } +/// \ingroup ServerProtocolSSLAPI #define SSL_set_fd(ssl,fd) Squid::SSL_set_fd(ssl,fd) } /* namespace Squid */ #else +/// \ingroup ServerProtocolSSLAPI #define SSL_set_fd(s,f) (SSL_set_fd(s, _get_osfhandle(f))) #endif /* __cplusplus */