Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Newer
Older
100644 83 lines (57 sloc) 2.869 kB
fccc685 Initial open-source release
MLstate authored
1 (*
2 Copyright © 2011 MLstate
3
4 This file is part of OPA.
5
6 OPA is free software: you can redistribute it and/or modify it under the
7 terms of the GNU Affero General Public License, version 3, as published by
8 the Free Software Foundation.
9
10 OPA is distributed in the hope that it will be useful, but WITHOUT ANY
11 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
12 FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for
13 more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with OPA. If not, see <http://www.gnu.org/licenses/>.
17 *)
18
19 (**
20 Additionnal bindings to SSL
21
22 @see <http://www.openssl.org/docs/ssl/ssl.html> for OpenSSL functions
23 @see <http://savonet.rastageeks.org/browser/trunk/ocaml-ssl> for base Ocaml-ssl source code
24 @see "ssl_ext.c" for the c-implementation of external values
25 @author Frederic Ye
26 *)
27
28 (** {6 SSL} *)
29
30 (** Another SSL initialisation function, that adds support for all digests, ciphers and algorithms *)
31 val init : unit -> unit
32
33 val set_session_id_context : Ssl.context -> unit
34
35 (** Set CTX options for bugs workarounds and renegotiation (SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION)
36 -> fails with Opera if the second is not set...
37 Should be able to select whatever options we want :
38 @see <http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html> Damnit \@see needs a description
39 *)
40 val set_ctx_options : Ssl.context -> int
41
42 val set_verify : Ssl.socket -> Ssl.verify_mode list -> Ssl.verify_callback option -> unit
43
44 (** Compute the digest of a certificate *)
45 val compute_digest : Ssl.certificate -> string -> int -> string
46
47 val certificate_to_string : Ssl.certificate -> string -> int -> string
48
49 (** Exception raised when there is an error during a renegotiation *)
50 exception Renegotiation_error
51
52 (** Exception raised when there is an error during a hanshake *)
53 exception Handshake_error of Ssl.ssl_error
54
55 (** Renegotiate ssl function has to be used with do_handshake function to
56 complete a full renegotiation. *)
57 val renegotiate : Ssl.socket -> unit
58
59 (** Return the verify_callback that does no verifications.
60 Usefull if we don't want OpenSSL to check the client certificate validity *)
61 val no_client_verify_callback : Ssl.verify_callback
62
63 val check_chain : Ssl.certificate -> string -> bool
64
65 val do_handshake : Ssl.socket -> unit
66 (** {6 RSA} *)
67
68 exception RSA_error
69
70 type rsa_key
71
72 (** Read an SSL RSA private key from a given file *)
73 val rsa_read_privkey : string -> rsa_key
74
75 (** Read an SSL RSA public key from a given file *)
76 val rsa_read_pubkey : string -> rsa_key
77
78 (** Convert an SSL RSA key to a Cryptokit RSA key format *)
79 val rsa_key_to_cryptokit_hex_rsa : rsa_key -> Cryptokit.RSA.key
80
81 (** Convert a [Ssl.ssl_error] to a string *)
82 val error_to_string : Ssl.ssl_error -> string
Something went wrong with that request. Please try again.