This file is indexed.

/usr/lib/swi-prolog/library/ssl.pl is in swi-prolog-nox 7.6.4+dfsg-1build1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
/*  Part of SWI-Prolog

    Author:        Jan van der Steen, Matt Lilley and Jan Wielemaker,
    E-mail:        J.Wielemaker@vu.nl
    WWW:           http://www.swi-prolog.org
    Copyright (c)  2004-2017, SWI-Prolog Foundation
                              VU University Amsterdam
    All rights reserved.

    Redistribution and use in source and binary forms, with or without
    modification, are permitted provided that the following conditions
    are met:

    1. Redistributions of source code must retain the above copyright
       notice, this list of conditions and the following disclaimer.

    2. Redistributions in binary form must reproduce the above copyright
       notice, this list of conditions and the following disclaimer in
       the documentation and/or other materials provided with the
       distribution.

    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
    INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
    BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
    LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
    CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
    LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
    ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
    POSSIBILITY OF SUCH DAMAGE.
*/

:- module(ssl,
          [ load_certificate/2,           % +Stream, -Certificate
            load_private_key/3,           % +Stream, +Password, -Key
            load_public_key/2,            % +Stream, -Key
            load_crl/2,                   % +Stream, -Crl
            system_root_certificates/1,   % -List
            cert_accept_any/5,            % +SSL, +ProblemCertificate,
                                          % +AllCertificates, +FirstCertificate,
                                          % +Error
            ssl_context/3,                % +Role, -Config, :Options
            ssl_add_certificate_key/4,    % +Config, +Cert, +Key, -Config
            ssl_set_options/3,            % +Config0, -Config, +Options
            ssl_negotiate/5,              % +Config, +PlainRead, +PlainWrite,
                                          %          -SSLRead,   -SSLWrite
            ssl_peer_certificate/2,       % +Stream, -Certificate
            ssl_peer_certificate_chain/2, % +Stream, -Certificates
            ssl_session/2,                % +Stream, -Session
            ssl_secure_ciphers/1          % -Ciphers
          ]).
:- use_module(library(option)).
:- use_module(library(settings)).
:- use_module(library(crypto), []).     % force initialization of libcrypto

:- use_foreign_library(foreign(ssl4pl)).

:- meta_predicate
    ssl_context(+, -, :),
    ssl_set_options(+, -, :).

:- predicate_options(ssl_context/3, 3,
                     [ host(atom),
                       port(integer),
                       certificate_file(atom),
                       key_file(atom),
                       certificate_key_pairs(any),
                       password(any),
                       cipher_list(any),
                       ecdh_curve(any),
                       pem_password_hook(callable),
                       cacert_file(any),
                       crl(any),
                       require_crl(boolean),
                       cert_verify_hook(callable),
                       peer_cert(boolean),
                       close_parent(boolean),
                       close_notify(boolean),
                       sni_hook(callable)
                     ]).

/** <module> Secure Socket Layer (SSL) library

An SSL server and client can be built with the (abstracted)
predicate calls from the table below.  The `tcp_` predicates
are provided by library(socket).  The predicate ssl_context/3
defines properties of the SSL connection, while ssl_negotiate/5
establishes the SSL connection based on the wire streams created
by the TCP predicates and the context.

        | *The SSL Server*      | *The SSL Client*      |
        | ssl_context/3         | ssl_context/3         |
        | tcp_socket/1          |                       |
        | tcp_accept/3          | tcp_connect/3         |
        | tcp_open_socket/3     | stream_pair/3         |
        | ssl_negotiate/5       | ssl_negotiate/5       |

The library is abstracted to communication over streams, and is not
reliant on those streams being directly attached to sockets. The `tcp_`
calls here are simply the most common way to use the library. Other
two-way communication channels such as (named), pipes can just as
easily be used.

@see library(socket), library(http/http_open), library(crypto)
*/

:- setting(secure_ciphers, atom,
           'EECDH+AESGCM:EDH+AESGCM:EECDH+AES256:EDH+AES256:EECDH+CHACHA20:EDH+CHACHA20',
           "Default set of ciphers considered secure").

%!  ssl_context(+Role, -SSL, :Options) is det.
%
%   Create an  SSL context.  The context  defines several properties
%   of  the   SSL  connection  such  as   involved  keys,  preferred
%   encryption, and passwords. After  establishing a context, an SSL
%   connection can be negotiated  using ssl_negotiate/5, turning two
%   arbitrary  plain Prolog  streams into  encrypted streams.   This
%   predicate processes the options below.
%
%     * host(+HostName)
%     For the client, the host to which it connects. This option
%     _should_ be specified when Role is `client`. Otherwise,
%     certificate verification may fail when negotiating a
%     secure connection.
%     * certificate_file(+FileName)
%     Specify where the certificate file can be found. This can be the
%     same as the key_file(+FileName) option.  A server _must_ have at
%     least one certificate before clients can connect. A client
%     _must_ have a certificate only if the server demands the client
%     to identify itself with a client certificate using the
%     peer_cert(true) option. If a certificate is provided, it is
%     necessary to also provide a matching _private key_ via the
%     key_file/1 option. To configure multiple certificates, use the
%     option certificate_key_pairs/1 instead. Alternatively, use
%     ssl_add_certificate_key/4 to add certificates and keys to an
%     existing context.
%     * key_file(+FileName)
%     Specify where the private key that matches the certificate can
%     be found.  If the key is encrypted with a password, this must
%     be supplied using the password(+Text) or
%     =|pem_password_hook(:Goal)|= option.
%     * certificate_key_pairs(+Pairs)
%     Alternative method for specifying certificates and keys. The
%     argument is a list of _pairs_ of the form Certificate-Key,
%     where each component is a string or an atom that holds,
%     respectively, the PEM-encoded certificate and key. To each
%     certificate, further certificates of the chain can be
%     appended. Multiple types of certificates can be present at
%     the same time to enable different ciphers. Using multiple
%     certificate types with completely independent certificate
%     chains requires OpenSSL 1.0.2 or greater.
%     * password(+Text)
%     Specify the password the private key is protected with (if
%     any). If you do not want to store the password you can also
%     specify an application defined handler to return the password
%     (see next option).  Text is either an atom or string.  Using
%     a string is preferred as strings are volatile and local
%     resources.
%     * pem_password_hook(:Goal)
%     In case a password is required to access the private key the
%     supplied predicate will be called to fetch it. The hook is
%     called as call(Goal, +SSL, -Password) and typically unifies
%     `Password` with a _string_ containing the password.
%     * require_crl(+Boolean)
%     If true (default is false), then all certificates will be
%     considered invalid unless they can be verified as not being
%     revoked. You can do this explicity by passing a list of CRL
%     filenames via the crl/1 option, or by doing it yourself in
%     the cert_verify_hook. If you specify require_crl(true) and
%     provide neither of these options, verification will necessarily
%     fail
%     * crl(+ListOfFileNames)
%     Provide a list of filenames of PEM-encoded CRLs that will be
%     given to the context to attempt to establish that a chain of
%     certificates is not revoked. You must also set require_crl(true)
%     if you want CRLs to actually be checked by OpenSSL.
%     * cacert_file(+FileName)
%     Specify a file containing certificate keys of _trusted_
%     certificates. The peer is trusted if its certificate is
%     signed (ultimately) by one of the provided certificates. Using
%     the FileName `system(root_certificates)` uses a list of
%     trusted root certificates as provided by the OS. See
%     system_root_certificates/1 for details.
%
%     Additional verification of the peer certificate as well as
%     accepting certificates that are not trusted by the given set
%     can be realised using the hook
%     cert_verify_hook(:Goal).
%     * cert_verify_hook(:Goal)
%     The predicate ssl_negotiate/5 calls Goal as follows:
%
%       ==
%       call(Goal, +SSL,
%            +ProblemCertificate, +AllCertificates, +FirstCertificate,
%            +Error)
%       ==
%
%     In case the certificate was verified by one of the provided
%     certifications from the `cacert_file` option, Error is unified
%     with the atom `verified`. Otherwise it contains the error
%     string passed from OpenSSL. Access will be granted iff the
%     predicate succeeds. See load_certificate/2 for a description
%     of the certificate terms. See cert_accept_any/5 for a dummy
%     implementation that accepts any certificate.
%     * cipher_list(+Atom)
%     Specify a cipher preference list (one or more cipher strings
%     separated by colons, commas or spaces).
%     * ecdh_curve(+Atom)
%     Specify a curve for ECDHE ciphers. If this option is not
%     specified, the OpenSSL default parameters are used.  With
%     OpenSSL prior to 1.1.0, `prime256v1` is used by default.
%     * peer_cert(+Boolean)
%     Trigger the request of our peer's certificate while
%     establishing the SSL layer. This option is automatically
%     turned on in a client SSL socket.  It can be used in a server
%     to ask the client to identify itself using an SSL certificate.
%     * close_parent(+Boolean)
%     If `true`, close the raw streams if the SSL streams are closed.
%     Default is `false`.
%     * close_notify(+Boolean)
%     If `true` (default is `false`), the server sends TLS
%     `close_notify` when closing the connection. In addition,
%     this mitigates _truncation attacks_ for both client and
%     server role: If EOF is encountered without having received a
%     TLS shutdown, an exception is raised. Well-designed
%     protocols are self-terminating, and this attack is therefore
%     very rarely a concern.
%     * min_protocol_version(+Atom)
%     Set the _minimum_ protocol version that can be negotiated.
%     Atom is one of `sslv3`, `tlsv1`, `tlsv1_1` and `tlsv1_2`.
%     This option is available with OpenSSL 1.1.0 and later, and
%     should be used instead of `disable_ssl_methods/1`.
%     * max_protocol_version(+Atom)
%     Set the _maximum_ protocol version that can be negotiated.
%     Atom is one of `sslv3`, `tlsv1`, `tlsv1_1` and `tlsv1_2`.
%     This option is available with OpenSSL 1.1.0 and later, and
%     should be used instead of `disable_ssl_methods/1`.
%     * disable_ssl_methods(+List)
%     A list of methods to disable. Unsupported methods will be
%     ignored. Methods include `sslv2`, `sslv3`, `sslv23`,
%     `tlsv1`, `tlsv1_1` and `tlsv1_2`. This option is deprecated
%     starting with OpenSSL 1.1.0. Use min_protocol_version/1 and
%     max_protocol_version/1 instead.
%     * ssl_method(+Method)
%     Specify the explicit Method to use when negotiating. For
%     allowed values, see the list for `disable_ssl_methods` above.
%     Using this option is discouraged. When using OpenSSL 1.1.0
%     or later, this option is ignored, and a version-flexible method
%     is used to negotiate the connection. Using version-specific
%     methods is deprecated in recent OpenSSL versions, and this
%     option will become obsolete and ignored in the future.
%     * sni_hook(:Goal)
%     This option provides Server Name Indication (SNI) for SSL
%     servers. This means that depending on the host to which a
%     client connects, different options (certificates etc.) can
%     be used for the server. This TLS extension allows you to host
%     different domains using the same IP address and physical
%     machine. When a TLS connection is negotiated with a client
%     that has provided a host name via SNI, the hook is called as
%     follows:
%
%     ==
%     call(Goal, +SSL0, +HostName, -SSL)
%     ==
%
%     Given the current context SSL0, and the host name of the
%     client request, the predicate computes SSL which is used as
%     the context for negotiating the connection. The first solution
%     is used.  If the predicate fails, the default options are
%     used, which are those of the encompassing ssl_context/3
%     call. In that case, if no default certificate and key are
%     specified, the client connection is rejected.
%
%   @arg Role is one of `server` or `client` and denotes whether the
%   SSL  instance  will  have  a  server   or  client  role  in  the
%   established connection.
%   @arg SSL is a SWI-Prolog _blob_ of type `ssl_context`, i.e., the
%   type-test for an SSL context is `blob(SSL, ssl_context)`.

ssl_context(Role, SSL, Module:Options) :-
    select_option(ssl_method(Method), Options, O1, sslv23),
    '_ssl_context'(Role, SSL, Module:O1, Method).

%!  ssl_add_certificate_key(+SSL0, +Certificate, +Key, -SSL)
%
%   Add an additional certificate/key pair to SSL0, yielding SSL.
%   Certificate and Key are either strings or atoms that hold the
%   PEM-encoded certificate plus certificate chain and private key,
%   respectively. Using strings is preferred for security reasons.
%
%   This predicate allows dual-stack RSA and ECDSA servers (for
%   example), and is an alternative for using the
%   `certificate_key_pairs/1` option. As of OpenSSL 1.0.2, multiple
%   certificate types with completely independent certificate chains
%   are supported. If a certificate of the same type is added
%   repeatedly to a context, the result is undefined. Currently, up to
%   12 additional certificates of different types are admissible.

ssl_add_certificate_key(SSL0, Cert, Key, SSL) :-
    ssl_copy_context(SSL0, SSL),
    '_ssl_add_certificate_key'(SSL, Cert, Key).

ssl_copy_context(SSL0, SSL) :-
    ssl_context(server, SSL, []),
    '_ssl_init_from_context'(SSL0, SSL).

%!  ssl_set_options(+SSL0, -SSL, +Options)
%
%   SSL is the same as SSL0, except for the options specified in
%   Options.  The following options are supported: close_notify/1,
%   close_parent/1, host/1, peer_cert/1, ecdh_curve/1,
%   min_protocol_version/1, max_protocol_version/1,
%   disable_ssl_methods/1, sni_hook/1, cert_verify_hook/1. See
%   ssl_context/3 for more information about these options. This
%   predicate allows you to tweak existing SSL contexts, which can be
%   useful in hooks when creating servers with the HTTP
%   infrastructure.

ssl_set_options(SSL0, SSL, Options) :-
    ssl_copy_context(SSL0, SSL),
    '_ssl_set_options'(SSL, Options).

%!  ssl_negotiate(+SSL,
%!                +PlainRead, +PlainWrite,
%!                -SSLRead, -SSLWrite) is det.
%
%   Once a connection is established and a read/write stream pair is
%   available, (PlainRead and PlainWrite),  this   predicate  can be
%   called to negotiate an SSL  session   over  the  streams. If the
%   negotiation is successful, SSLRead and SSLWrite are returned.
%
%   After a successful handshake and finishing the communication the
%   user  must  close  SSLRead  and   SSLWrite,  for  example  using
%   call_cleanup(close(SSLWrite),  close(SSLRead)).  If    the   SSL
%   _context_   (created   with   ssl_context/3   has   the   option
%   close_parent(true)  (default  `false`),  closing    SSLRead  and
%   SSLWrite also closes  the  original   PlainRead  and  PlainWrite
%   streams. Otherwise these must be closed explicitly by the user.
%
%   @error ssl_error(Code, LibName, FuncName, Reason) is raised
%   if the negotiation fails. The streams PlainRead and PlainWrite
%   are *not* closed, but an unknown amount of data may have been
%   read and written.

%!  ssl_peer_certificate(+Stream, -Certificate) is semidet.
%
%   True if the peer certificate  is   provided  (this is always the
%   case for a client connection) and   Certificate unifies with the
%   peer certificate. The example below  uses   this  to  obtain the
%   _Common Name_ of the peer  after   establishing  an https client
%   connection:
%
%     ==
%       http_open(HTTPS_url, In, []),
%       ssl_peer_certificate(In, Cert),
%       memberchk(subject(Subject), Cert),
%       memberchk('CN' = CommonName), Subject)
%     ==

%!  ssl_peer_certificate_chain(+Stream, -Certificates) is det.
%
%   Certificates  is the  certificate  chain provided  by the  peer,
%   represented as a list of certificates.

%!  ssl_session(+Stream, -Session) is det.
%
%   Retrieves (debugging) properties from the SSL context associated
%   with Stream. If Stream  is  not   an  SSL  stream, the predicate
%   raises  a  domain  error.  Session  is  a  list  of  properties,
%   containing the members described below.   Except  for `Version`,
%   all information are byte arrays that   are represented as Prolog
%   strings holding characters in the range 0..255.
%
%     * ssl_version(Version)
%     The negotiated version of the session as an integer.
%     * cipher(Cipher)
%     The negotiated cipher for this connection.
%     * session_key(Key)
%     The key material used in SSLv2 connections (if present).
%     * master_key(Key)
%     The key material comprising the master secret. This is
%     generated from the server_random, client_random and pre-master
%     key.
%     * client_random(Random)
%     The random data selected by the client during handshaking.
%     * server_random(Random)
%     The random data selected by the server during handshaking.
%     * session_id(SessionId)
%     The SSLv3 session ID. Note that if ECDHE is being used (which
%     is the default for newer versions of OpenSSL), this data will
%     not actually be sent to the server.

%!  load_certificate(+Stream, -Certificate) is det.
%
%   Loads a certificate from a PEM- or DER-encoded stream, returning
%   a term which  will unify with the same  certificate if presented
%   in  cert_verify_hook. A  certificate  is a  list containing  the
%   following    terms:    issuer_name/1,    hash/1,    signature/1,
%   signature_algorithm/1,   version/1,   notbefore/1,   notafter/1,
%   serial/1, subject/1 and key/1.   subject/1 and issuer_name/1 are
%   both lists  of =/2  terms representing  the name.   With OpenSSL
%   1.0.2 and  greater, to_be_signed/1  is also  available, yielding
%   the hexadecimal representation of the TBS (to-be-signed) portion
%   of the certificate.
%
%   Note that the OpenSSL `CA.pl`  utility creates certificates that
%   have a human readable textual representation in front of the PEM
%   representation. You can  use  the  following   to  skip  to  the
%   certificate if you know it is a PEM certificate:
%
%     ==
%     skip_to_pem_cert(In) :-
%           repeat,
%           (   peek_char(In, '-')
%           ->  !
%           ;   skip(In, 0'\n),
%               at_end_of_stream(In), !
%           ).
%     ==

%!  load_crl(+Stream, -CRL) is det.
%
%   Loads a CRL from a PEM- or  DER-encoded stream, returning a term
%   containing  terms  hash/1,   signature/1,    issuer_name/1   and
%   revocations/1,  which  is  a  list   of  revoked/2  terms.  Each
%   revoked/2 term is of the form revoked(+Serial, DateOfRevocation)

%!  system_root_certificates(-List) is det.
%
%   List is a list of trusted root   certificates as provided by the
%   OS. This is the list used by ssl_context/3 when using the option
%   `system(root_certificates)`.  The list is obtained using an OS
%   specific process.  The current implementation is as follows:
%
%       - On Windows, CertOpenSystemStore() is used to import
%         the `"ROOT"` certificates from the OS.
%       - On MacOSX, the trusted keys are loaded from the
%         _SystemRootCertificates_ key chain.  The Apple API
%         for this requires the SSL interface to be compiled
%         with an XCode compiler, i.e., *not* with native gcc.
%       - Otherwise, certificates are loaded from a file defined
%         by the Prolog flag `system_cacert_filename`.  The initial
%         value of this flag is operating system dependent.  For
%         security reasons, the flag can only be set prior to using
%         the SSL library.  For example:
%
%           ==
%           :- use_module(library(ssl)).
%           :- set_prolog_flag(system_cacert_filename,
%                              '/home/jan/ssl/ca-bundle.crt').
%           ==

%!  load_private_key(+Stream, +Password, -PrivateKey) is det.
%
%   Load  a private  key PrivateKey  from the  given stream  Stream,
%   using Password to decrypt the key  if it is encrypted. Note that
%   the  password  is  currently   only  supported  for  PEM  files.
%   DER-encoded keys which are password protected will not load. The
%   key must be an RSA or EC key. DH and DSA keys are not supported,
%   and PrivateKey will  be bound to an atom (dh_key  or dsa_key) if
%   you  try and  load such  a  key.  Otherwise  PrivateKey will  be
%   unified with private_key(KeyTerm) where KeyTerm is an rsa/8 term
%   representing an RSA key, or ec/3 for EC keys.

%!  load_public_key(+Stream, -PublicKey) is det.
%
%   Load  a  public key  PublicKey  from  the given  stream  Stream.
%   Supports loading both DER- and PEM-encoded keys. The key must be
%   an  RSA or  EC  key. DH  and  DSA keys  are  not supported,  and
%   PublicKey will  be bound to an  atom (dh_key or dsa_key)  if you
%   try and  load such  a key. Otherwise  PublicKey will  be unified
%   with  public_key(KeyTerm)   where  KeyTerm  is  an   rsa/8  term
%   representing an RSA key, or ec/3 for EC keys.


%!  cert_accept_any(+SSL,
%!                  +ProblemCertificate, +AllCertificates, +FirstCertificate,
%!                  +Error) is det.
%
%   Implementation  for  the  hook   `cert_verify_hook(:Hook)`  that
%   accepts _any_ certificate. This is   intended for http_open/3 if
%   no certificate verification is desired as illustrated below.
%
%     ==
%       http_open('https:/...', In,
%                 [ cert_verify_hook(cert_accept_any)
%                 ])
%     ==

cert_accept_any(_SSL,
                _ProblemCertificate, _AllCertificates, _FirstCertificate,
                _Error).

%!  ssl_secure_ciphers(-Ciphers:atom) is det.
%
%   Secure ciphers must guarantee forward secrecy, and must mitigate all
%   known critical attacks. As of  2017,   using  the  following ciphers
%   allows you to obtain grade A on https://www.ssllabs.com. For A+, you
%   must also enable HTTP Strict Transport  Security (HSTS) by sending a
%   suitable header field in replies.
%
%   Note that obsolete ciphers *must* be   disabled  to reliably prevent
%   protocol downgrade attacks.
%
%   The Ciphers list is read from   the setting `ssl:secure_ciphers` and
%   can be controlled using  set_setting/2   and  other  predicates from
%   library(settings).
%
%   *BEWARE*: This list must be changed when attacks on these ciphers
%             become known! Keep an eye on this setting and adapt it
%             as necessary in the future.

ssl_secure_ciphers(Cs) :-
    setting(secure_ciphers, Cs).


                 /*******************************
                 *           MESSAGES           *
                 *******************************/

:- multifile
    prolog:error_message//1.

prolog:error_message(ssl_error(ID, _Library, Function, Reason)) -->
    [ 'SSL(~w) ~w: ~w'-[ID, Function, Reason] ].