2019-05-20 15:08:42 +08:00
|
|
|
#pragma once
|
2019-06-14 18:58:03 +08:00
|
|
|
#include <stdlib.h>
|
2021-12-31 14:06:19 +08:00
|
|
|
#include <tfe_cmsg.h>
|
2019-05-20 15:08:42 +08:00
|
|
|
struct ssl_stream;
|
|
|
|
|
|
|
|
|
|
enum ssl_stream_action
|
|
|
|
|
{
|
2019-06-01 20:28:07 +08:00
|
|
|
SSL_ACTION_PASSTHROUGH=0,
|
2019-05-20 15:08:42 +08:00
|
|
|
SSL_ACTION_INTERCEPT,
|
|
|
|
|
SSL_ACTION_SHUTDOWN
|
|
|
|
|
};
|
|
|
|
|
typedef enum ssl_stream_action ssl_stream_new_hook(struct ssl_stream *upstream, void* u_para);
|
|
|
|
|
|
|
|
|
|
enum SSL_STREAM_OPT
|
|
|
|
|
{
|
|
|
|
|
SSL_STREAM_OPT_IS_EV_CERT, //0:FALSE, 1:TRUE.
|
|
|
|
|
SSL_STREAM_OPT_IS_CT_CERT, //0:FALSE, 1:TRUE.
|
|
|
|
|
SSL_STREAM_OPT_IS_MUTUAL_AUTH, //0:FALSE, 1:TRUE.
|
|
|
|
|
SSL_STREAM_OPT_PINNING_STATUS, //0:FALSE, 1:TRUE.
|
2020-12-25 21:52:14 +06:00
|
|
|
SSL_STREAM_OPT_JA3_PINNING_STATUS, //0:FALSE, 1:TRUE.
|
2019-05-27 14:17:52 +08:00
|
|
|
SSL_STREAM_OPT_HAS_PROTOCOL_ERRORS, //0:FALSE, 1:TRUE.
|
2019-05-20 15:08:42 +08:00
|
|
|
SSL_STREAM_OPT_NO_VERIFY_SELF_SIGNED, //VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:0.
|
|
|
|
|
SSL_STREAM_OPT_NO_VERIFY_COMMON_NAME, //VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:1.
|
|
|
|
|
SSL_STREAM_OPT_NO_VERIFY_ISSUER, //VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:0.
|
|
|
|
|
SSL_STREAM_OPT_NO_VERIFY_EXPIRY_DATE, //VALUE is an interger, SIZE=sizeof(int). 1:ON, 0:OFF. DEFAULT:0.
|
2019-05-27 14:17:52 +08:00
|
|
|
SSL_STREAM_OPT_BLOCK_FAKE_CERT, //VALUE is an interger, SIZE=sizeof(int). 1:PASSTHROUGH, 0:BLOCK. DEFAULT:1.
|
2019-05-20 15:08:42 +08:00
|
|
|
SSL_STREAM_OPT_PROTOCOL_MIN_VERSION,
|
2019-05-20 16:56:37 +08:00
|
|
|
SSL_STREAM_OPT_PROTOCOL_MAX_VERSION,
|
2019-05-27 14:17:52 +08:00
|
|
|
SSL_STREAM_OPT_ENABLE_ALPN,
|
2022-11-08 10:53:05 +08:00
|
|
|
SSL_STREAM_OPT_KEYRING_FOR_TRUSTED,
|
|
|
|
|
SSL_STREAM_OPT_KEYRING_FOR_UNTRUSTED,
|
2019-06-14 18:58:03 +08:00
|
|
|
SSL_STREAM_OPT_SNI, //VALUE is string
|
|
|
|
|
SSL_STREAM_OPT_ADDR //VALUE is string
|
2019-05-20 15:08:42 +08:00
|
|
|
};
|
2020-12-25 21:52:14 +06:00
|
|
|
enum ssl_ja3_pinning_status
|
|
|
|
|
{
|
|
|
|
|
JA3_PINNING_STATUS_UNKNOWN = -1,
|
|
|
|
|
JA3_PINNING_STATUS_NOT_PINNING = 0,
|
|
|
|
|
JA3_PINNING_STATUS_IS_PINNING = 1,
|
|
|
|
|
};
|
2019-05-20 15:08:42 +08:00
|
|
|
int sslver_str2num(const char * version_str);
|
|
|
|
|
|
|
|
|
|
//s_stream must be upstream.
|
2024-09-25 16:08:00 +08:00
|
|
|
int ssl_stream_set_integer_opt(struct ssl_stream *upstream, enum SSL_STREAM_OPT opt_type, int opt_val);
|
|
|
|
|
int ssl_stream_get_integer_opt(struct ssl_stream *upstream, enum SSL_STREAM_OPT opt_type, int *opt_val);
|
|
|
|
|
int ssl_stream_get_string_opt(struct ssl_stream *upstream, enum SSL_STREAM_OPT opt_type, char *in_buff, size_t sz);
|
|
|
|
|
int ssl_stream_set_uuid_opt(struct ssl_stream *upstream, enum SSL_STREAM_OPT opt_type, uuid_t *uuid);
|
2021-12-31 14:06:19 +08:00
|
|
|
void ssl_stream_set_cmsg_string(struct ssl_stream *stream, enum tfe_cmsg_tlv_type type, const char *value_str);
|
2023-04-23 16:35:42 +08:00
|
|
|
|
2024-09-25 16:08:00 +08:00
|
|
|
void ssl_stream_get_policy_id(struct ssl_stream *upstream, uuid_t *policy_id);
|
|
|
|
|
void ssl_stream_get_decrypted_profile_id(struct ssl_stream *upstream, uuid_t *profile_id);
|
|
|
|
|
void ssl_stream_get_trusted_keyring_profile_id(struct ssl_stream *upstream, uuid_t *profile_id);
|
|
|
|
|
void ssl_stream_get_untrusted_keyring_profile_id(struct ssl_stream *upstream, uuid_t *profile_id);
|
2021-12-31 14:06:19 +08:00
|
|
|
|
2021-11-02 22:27:56 +08:00
|
|
|
unsigned int is_ssl_debug();
|
|
|
|
|
|
