1 files changed, 20 insertions, 2 deletions
diff --git a/include/mod_gnutls.h.in b/include/mod_gnutls.h.in
index 6a311a3..db7e7dd 100644
--- a/include/mod_gnutls.h.in
+++ b/include/mod_gnutls.h.in
@@ -29,6 +29,8 @@
 #include <gcrypt.h>
 #include <gnutls/gnutls.h>
+#include <gnutls/extra.h>
+#include <gnutls/openpgp.h>
 #include <gnutls/x509.h>
 #ifndef __mod_gnutls_h_inc
@@ -80,7 +82,10 @@ typedef struct
 /* The maximum number of client CA certificates allowed.
 */
 #define MAX_CA_CRTS 128
-#define MAX_CIPHERS 16
+/* The maximum number of certificates to send in a chain
+ */
+#define MAX_CHAIN_SIZE 8
 typedef struct
 {
@@ -88,8 +93,11 @@ typedef struct
    gnutls_srp_server_credentials_t srp_creds;
    gnutls_anon_server_credentials_t anon_creds;
    char* cert_cn;
-    gnutls_x509_crt_t cert_x509;
+    gnutls_x509_crt_t certs_x509[MAX_CHAIN_SIZE]; /* A certificate chain */
+    unsigned int certs_x509_num;
    gnutls_x509_privkey_t privkey_x509;
+    gnutls_openpgp_crt_t cert_pgp; /* A certificate chain */
+    gnutls_openpgp_privkey_t privkey_pgp;
    int enabled;
    /* whether to send the PEM encoded certificates
     * to CGIs
@@ -104,6 +112,7 @@ typedef struct
    const char* srp_tpasswd_file;
    const char* srp_tpasswd_conf_file;
    gnutls_x509_crt_t ca_list[MAX_CA_CRTS];
+    gnutls_openpgp_keyring_t pgp_list;
    unsigned int ca_list_size;
    int client_verify_mode;
 } mgs_srvconf_rec;
@@ -250,6 +259,12 @@ const char *mgs_set_cert_file(cmd_parms * parms, void *dummy,
 const char *mgs_set_key_file(cmd_parms * parms, void *dummy,
                             const char *arg);
+const char *mgs_set_pgpcert_file(cmd_parms * parms, void *dummy,
+                                        const char *arg);
+const char *mgs_set_pgpkey_file(cmd_parms * parms, void *dummy,
+                             const char *arg);
 const char *mgs_set_cache(cmd_parms * parms, void *dummy,
                          const char *type, const char* arg);
@@ -262,6 +277,9 @@ const char *mgs_set_client_verify(cmd_parms * parms, void *dummy,
 const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy,
                                   const char *arg);
+const char *mgs_set_keyring_file(cmd_parms * parms, void *dummy,
+                                   const char *arg);
 const char *mgs_set_enabled(cmd_parms * parms, void *dummy,
                            const char *arg);
 const char *mgs_set_export_certificates_enabled(cmd_parms * parms, void *dummy,

diff --git a/include/mod_gnutls.h.in b/include/mod_gnutls.h.in index 6a311a3..db7e7dd 100644 --- a/include/mod_gnutls.h.in +++ b/include/mod_gnutls.h.in
@@ -29,6 +29,8 @@
29		29
30	#include <gcrypt.h>	30	#include <gcrypt.h>
31	#include <gnutls/gnutls.h>	31	#include <gnutls/gnutls.h>
		32	#include <gnutls/extra.h>
		33	#include <gnutls/openpgp.h>
32	#include <gnutls/x509.h>	34	#include <gnutls/x509.h>
33		35
34	#ifndef __mod_gnutls_h_inc	36	#ifndef __mod_gnutls_h_inc
@@ -80,7 +82,10 @@ typedef struct
80	/* The maximum number of client CA certificates allowed.	82	/* The maximum number of client CA certificates allowed.
81	*/	83	*/
82	#define MAX_CA_CRTS 128	84	#define MAX_CA_CRTS 128
83	#define MAX_CIPHERS 16	85
		86	/* The maximum number of certificates to send in a chain
		87	*/
		88	#define MAX_CHAIN_SIZE 8
84		89
85	typedef struct	90	typedef struct
86	{	91	{
@@ -88,8 +93,11 @@ typedef struct
88	gnutls_srp_server_credentials_t srp_creds;	93	gnutls_srp_server_credentials_t srp_creds;
89	gnutls_anon_server_credentials_t anon_creds;	94	gnutls_anon_server_credentials_t anon_creds;
90	char* cert_cn;	95	char* cert_cn;
91	gnutls_x509_crt_t cert_x509;	96	gnutls_x509_crt_t certs_x509[MAX_CHAIN_SIZE]; /* A certificate chain */
		97	unsigned int certs_x509_num;
92	gnutls_x509_privkey_t privkey_x509;	98	gnutls_x509_privkey_t privkey_x509;
		99	gnutls_openpgp_crt_t cert_pgp; /* A certificate chain */
		100	gnutls_openpgp_privkey_t privkey_pgp;
93	int enabled;	101	int enabled;
94	/* whether to send the PEM encoded certificates	102	/* whether to send the PEM encoded certificates
95	* to CGIs	103	* to CGIs
@@ -104,6 +112,7 @@ typedef struct
104	const char* srp_tpasswd_file;	112	const char* srp_tpasswd_file;
105	const char* srp_tpasswd_conf_file;	113	const char* srp_tpasswd_conf_file;
106	gnutls_x509_crt_t ca_list[MAX_CA_CRTS];	114	gnutls_x509_crt_t ca_list[MAX_CA_CRTS];
		115	gnutls_openpgp_keyring_t pgp_list;
107	unsigned int ca_list_size;	116	unsigned int ca_list_size;
108	int client_verify_mode;	117	int client_verify_mode;
109	} mgs_srvconf_rec;	118	} mgs_srvconf_rec;
@@ -250,6 +259,12 @@ const char mgs_set_cert_file(cmd_parms parms, void *dummy,
250	const char mgs_set_key_file(cmd_parms parms, void *dummy,	259	const char mgs_set_key_file(cmd_parms parms, void *dummy,
251	const char *arg);	260	const char *arg);
252		261
		262	const char mgs_set_pgpcert_file(cmd_parms parms, void *dummy,
		263	const char *arg);
		264
		265	const char mgs_set_pgpkey_file(cmd_parms parms, void *dummy,
		266	const char *arg);
		267
253	const char mgs_set_cache(cmd_parms parms, void *dummy,	268	const char mgs_set_cache(cmd_parms parms, void *dummy,
254	const char type, const char arg);	269	const char type, const char arg);
255		270
@@ -262,6 +277,9 @@ const char mgs_set_client_verify(cmd_parms parms, void *dummy,
262	const char mgs_set_client_ca_file(cmd_parms parms, void *dummy,	277	const char mgs_set_client_ca_file(cmd_parms parms, void *dummy,
263	const char *arg);	278	const char *arg);
264		279
		280	const char mgs_set_keyring_file(cmd_parms parms, void *dummy,
		281	const char *arg);
		282
265	const char mgs_set_enabled(cmd_parms parms, void *dummy,	283	const char mgs_set_enabled(cmd_parms parms, void *dummy,
266	const char *arg);	284	const char *arg);
267	const char mgs_set_export_certificates_enabled(cmd_parms parms, void *dummy,	285	const char mgs_set_export_certificates_enabled(cmd_parms parms, void *dummy,