1 /* Copyright (C) 2009 Trend Micro Inc.
4 * This program is a free software; you can redistribute it
5 * and/or modify it under the terms of the GNU General Public
6 * License (version 2) as published by the FSF - Free Software
9 * In addition, as a special exception, the copyright holders give
10 * permission to link the code of portions of this program with the
11 * OpenSSL library under certain conditions as described in each
12 * individual source file, and distribute linked combinations
15 * You must obey the GNU General Public License in all respects
16 * for all of the code used other than OpenSSL. If you modify
17 * file(s) with this exception, you may extend this exception to your
18 * version of the file(s), but you are not obligated to do so. If you
19 * do not wish to do so, delete this exception statement from your
20 * version. If you delete this exception statement from all source
21 * files in the program, then also delete it here.
29 #define ARGV0 "ossec-authd"
34 #include <sys/types.h>
36 #ifdef LIBOPENSSL_ENABLED
38 #include <openssl/ssl.h>
39 #include <openssl/err.h>
40 #include <openssl/bio.h>
42 #include "os_net/os_net.h"
43 #include "addagent/manage_agents.h"
46 #define KEYFILE "/etc/sslmanager.key"
47 #define CERTFILE "/etc/sslmanager.cert"
48 #define DEFAULT_CIPHERS "HIGH:!ADH:!EXP:!MD5:!RC4:!3DES:!CAMELLIA:@STRENGTH"
49 #define DEFAULT_PORT "1515"
51 SSL_CTX *os_ssl_keys(int is_server, const char *os_dir, const char *ciphers, const char *cert, const char *key, const char *ca_cert);
52 SSL_CTX *get_ssl_context(const char *ciphers);
53 int load_cert_and_key(SSL_CTX *ctx, const char *cert, const char *key);
54 int load_ca_cert(SSL_CTX *ctx, const char *ca_cert);
55 int verify_callback(int ok, X509_STORE_CTX *store);
57 #endif /* LIBOPENSSL_ENABLED */