This file is indexed.

/usr/include/zorp/ssl.h is in libzorpll-6.0-10-dev 6.0.10.0-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
/***************************************************************************
 *
 * This file is covered by a dual licence. You can choose whether you
 * want to use it according to the terms of the GNU GPL version 2, or
 * under the terms of Zorp Professional Firewall System EULA located
 * on the Zorp installation CD.
 *
 ***************************************************************************/

#ifndef ZORP_SSL_H_INCLUDED
#define ZORP_SSL_H_INCLUDED

#include <glib.h>
#include <openssl/ssl.h>
#include <zorp/zorplib.h>
#include <zorp/stream.h>

#ifdef __cplusplus
extern "C" {
#endif

/**
 * Class to encapsulate the data for an SSL session.
 **/
typedef struct _ZSSLSession 
{
  guint ref_cnt;
  SSL *ssl;
  const gchar *session_id;
  gint verify_type;
  gint verify_depth;
  X509_STORE *crl_store;
} ZSSLSession;

#define Z_SSL_MODE_CLIENT  0
#define Z_SSL_MODE_SERVER  1

#define Z_SSL_VERIFY_NONE                0
#define Z_SSL_VERIFY_OPTIONAL            1
#define Z_SSL_VERIFY_REQUIRED_UNTRUSTED  2
#define Z_SSL_VERIFY_REQUIRED_TRUSTED    3


void z_ssl_init(void);
void z_ssl_destroy(void);

#ifndef G_OS_WIN32

#if ZORPLIB_ENABLE_SSL_ENGINE
extern gchar *crypto_engine;
#endif

ZSSLSession *
z_ssl_session_new(const char *session_id, 
                  int mode,
                  gchar *key_file, 
                  gchar *cert_file, 
                  gchar *ca_dir, 
                  gchar *crl_dir, 
                  int verify_depth,
                  int verify_type);

ZSSLSession *
z_ssl_session_new_inline(const char *session_id, 
                         int mode,
                         GString *key_pem, 
                         GString *cert_pem, 
                         gchar *ca_dir, 
                         gchar *crl_dir, 
                         int verify_depth,
                         int verify_type);
#else // G_OS_WIN32

ZSSLSession *
z_ssl_session_new(const char *session_id, 
                  int mode,
                  X509_STORE *store, 
                  int verify_depth,
                  int verify_type);


#endif // G_OS_WIN32

ZSSLSession *z_ssl_session_new_ssl(SSL *ssl);

ZSSLSession *z_ssl_session_ref(ZSSLSession *self);
void z_ssl_session_unref(ZSSLSession *self);

gchar *z_ssl_get_error_str(gchar *buf, int buflen);

BIO *z_ssl_bio_new(ZStream *stream);

#ifdef __cplusplus
}

bool z_ssl_ctx_setup_ecdh(SSL_CTX *ctx, const char *ecdh_curve_name = SN_X9_62_prime256v1);

#endif

#endif