1 files changed, 122 insertions, 9 deletions
diff --git a/src/gnutls_config.c b/src/gnutls_config.c
index 7b5a42b..f08512e 100644
--- a/src/gnutls_config.c
+++ b/src/gnutls_config.c
@@ -1,5 +1,6 @@
 /**
 *  Copyright 2004-2005 Paul Querna
+ *  Copyright 2007 Nikos Mavrogiannopoulos
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
@@ -151,15 +152,10 @@ const char *mgs_set_cert_file(cmd_parms * parms, void *dummy,
                            "Certificate '%s'", file);
    }
-    ret = gnutls_x509_crt_init(&sc->cert_x509);
+    sc->certs_x509_num = MAX_CHAIN_SIZE;
-    if (ret < 0) {
-        return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize"
-                            ": (%d) %s", ret, gnutls_strerror(ret));
-    }
    ret =
-        gnutls_x509_crt_import(sc->cert_x509, &data, GNUTLS_X509_FMT_PEM);
+        gnutls_x509_crt_list_import(sc->certs_x509, &sc->certs_x509_num, &data, GNUTLS_X509_FMT_PEM, 0);
-    if (ret != 0) {
+    if (ret < 0) {
        return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
                            "Certificate '%s': (%d) %s", file, ret,
                            gnutls_strerror(ret));
@@ -207,6 +203,84 @@ const char *mgs_set_key_file(cmd_parms * parms, void *dummy,
    return NULL;
 }
+const char *mgs_set_pgpcert_file(cmd_parms * parms, void *dummy,
+                              const char *arg)
+{
+    int ret;
+    gnutls_datum_t data;
+    const char *file;
+    apr_pool_t *spool;
+    mgs_srvconf_rec *sc =
+        (mgs_srvconf_rec *) ap_get_module_config(parms->server->
+                                                 module_config,
+                                                 &gnutls_module);
+    apr_pool_create(&spool, parms->pool);
+    file = ap_server_root_relative(spool, arg);
+    if (load_datum_from_file(spool, file, &data) != 0) {
+        return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
+                            "Certificate '%s'", file);
+    }
+    ret = gnutls_openpgp_crt_init( &sc->cert_pgp);
+    if (ret < 0) {
+        return apr_psprintf(parms->pool, "GnuTLS: Failed to Init "
+                            "PGP Certificate: (%d) %s", ret,
+                            gnutls_strerror(ret));
+    }
+      
+    ret =
+        gnutls_openpgp_crt_import(sc->cert_pgp, &data, GNUTLS_OPENPGP_FMT_BASE64);
+    if (ret < 0) {
+        return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
+                            "PGP Certificate '%s': (%d) %s", file, ret,
+                            gnutls_strerror(ret));
+    }
+    apr_pool_destroy(spool);
+    return NULL;
+}
+const char *mgs_set_pgpkey_file(cmd_parms * parms, void *dummy,
+                             const char *arg)
+{
+    int ret;
+    gnutls_datum_t data;
+    const char *file;
+    apr_pool_t *spool;
+    mgs_srvconf_rec *sc =
+        (mgs_srvconf_rec *) ap_get_module_config(parms->server->
+                                                 module_config,
+                                                 &gnutls_module);
+    apr_pool_create(&spool, parms->pool);
+    file = ap_server_root_relative(spool, arg);
+    if (load_datum_from_file(spool, file, &data) != 0) {
+        return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
+                            "Private Key '%s'", file);
+    }
+    ret = gnutls_openpgp_privkey_init(&sc->privkey_pgp);
+    if (ret < 0) {
+        return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize"
+                            ": (%d) %s", ret, gnutls_strerror(ret));
+    }
+    ret =
+        gnutls_openpgp_privkey_import(sc->privkey_pgp, &data,
+                                   GNUTLS_OPENPGP_FMT_BASE64, NULL, 0);
+    if (ret != 0) {
+        return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
+                            "PGP Private Key '%s': (%d) %s", file, ret,
+                            gnutls_strerror(ret));
+    }
+    apr_pool_destroy(spool);
+    return NULL;
+}
 const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy,
                                     const char *arg)
 {
@@ -355,6 +429,44 @@ const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy,
    return NULL;
 }
+const char *mgs_set_keyring_file(cmd_parms * parms, void *dummy,
+                                   const char *arg)
+{
+    int rv;
+    const char *file;
+    apr_pool_t *spool;
+    gnutls_datum_t data;
+    mgs_srvconf_rec *sc =
+        (mgs_srvconf_rec *) ap_get_module_config(parms->server->
+                                                 module_config,
+                                                 &gnutls_module);
+    apr_pool_create(&spool, parms->pool);
+    file = ap_server_root_relative(spool, arg);
+    if (load_datum_from_file(spool, file, &data) != 0) {
+        return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
+                            "Keyring File '%s'", file);
+    }
+    rv = gnutls_openpgp_keyring_init(&sc->pgp_list);
+    if (rv < 0) {
+        return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize"
+                            "keyring: (%d) %s", rv, gnutls_strerror(rv));
+    }
+    rv = gnutls_openpgp_keyring_import(sc->pgp_list, &data, GNUTLS_OPENPGP_FMT_BASE64);
+    if (rv < 0) {
+        return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
+                            "Keyring File '%s': (%d) %s", file, rv,
+                            gnutls_strerror(rv));
+    }
+    apr_pool_destroy(spool);
+    return NULL;
+}
 const char *mgs_set_enabled(cmd_parms * parms, void *dummy,
                            const char *arg)
 {
@@ -440,7 +552,8 @@ void *mgs_config_server_create(apr_pool_t * p, server_rec * s)
    sc->srp_tpasswd_conf_file = NULL;
    sc->srp_tpasswd_file = NULL;
    sc->privkey_x509 = NULL;
-    sc->cert_x509 = NULL;
+    memset( sc->certs_x509, 0, sizeof(sc->certs_x509));
+    sc->certs_x509_num = 0;
    sc->cache_timeout = apr_time_from_sec(300);
    sc->cache_type = mgs_cache_dbm;
    sc->cache_config = ap_server_root_relative(p, "conf/gnutls_cache");

diff --git a/src/gnutls_config.c b/src/gnutls_config.c index 7b5a42b..f08512e 100644 --- a/src/gnutls_config.c +++ b/src/gnutls_config.c
@@ -1,5 +1,6 @@
1	/**	1	/**
2	* Copyright 2004-2005 Paul Querna	2	* Copyright 2004-2005 Paul Querna
		3	* Copyright 2007 Nikos Mavrogiannopoulos
3	*	4	*
4	* Licensed under the Apache License, Version 2.0 (the "License");	5	* Licensed under the Apache License, Version 2.0 (the "License");
5	* you may not use this file except in compliance with the License.	6	* you may not use this file except in compliance with the License.
@@ -151,15 +152,10 @@ const char mgs_set_cert_file(cmd_parms parms, void *dummy,
151	"Certificate '%s'", file);	152	"Certificate '%s'", file);
152	}	153	}
153		154
154	ret = gnutls_x509_crt_init(&sc->cert_x509);	155	sc->certs_x509_num = MAX_CHAIN_SIZE;
155	if (ret < 0) {
156	return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize"
157	": (%d) %s", ret, gnutls_strerror(ret));
158	}
159
160	ret =	156	ret =
161	gnutls_x509_crt_import(sc->cert_x509, &data, GNUTLS_X509_FMT_PEM);	157	gnutls_x509_crt_list_import(sc->certs_x509, &sc->certs_x509_num, &data, GNUTLS_X509_FMT_PEM, 0);
162	if (ret != 0) {	158	if (ret < 0) {
163	return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "	159	return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
164	"Certificate '%s': (%d) %s", file, ret,	160	"Certificate '%s': (%d) %s", file, ret,
165	gnutls_strerror(ret));	161	gnutls_strerror(ret));
@@ -207,6 +203,84 @@ const char mgs_set_key_file(cmd_parms parms, void *dummy,
207	return NULL;	203	return NULL;
208	}	204	}
209		205
		206	const char mgs_set_pgpcert_file(cmd_parms parms, void *dummy,
		207	const char *arg)
		208	{
		209	int ret;
		210	gnutls_datum_t data;
		211	const char *file;
		212	apr_pool_t *spool;
		213	mgs_srvconf_rec *sc =
		214	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
		215	module_config,
		216	&gnutls_module);
		217	apr_pool_create(&spool, parms->pool);
		218
		219	file = ap_server_root_relative(spool, arg);
		220
		221	if (load_datum_from_file(spool, file, &data) != 0) {
		222	return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
		223	"Certificate '%s'", file);
		224	}
		225
		226	ret = gnutls_openpgp_crt_init( &sc->cert_pgp);
		227	if (ret < 0) {
		228	return apr_psprintf(parms->pool, "GnuTLS: Failed to Init "
		229	"PGP Certificate: (%d) %s", ret,
		230	gnutls_strerror(ret));
		231	}
		232
		233	ret =
		234	gnutls_openpgp_crt_import(sc->cert_pgp, &data, GNUTLS_OPENPGP_FMT_BASE64);
		235	if (ret < 0) {
		236	return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
		237	"PGP Certificate '%s': (%d) %s", file, ret,
		238	gnutls_strerror(ret));
		239	}
		240
		241	apr_pool_destroy(spool);
		242	return NULL;
		243	}
		244
		245	const char mgs_set_pgpkey_file(cmd_parms parms, void *dummy,
		246	const char *arg)
		247	{
		248	int ret;
		249	gnutls_datum_t data;
		250	const char *file;
		251	apr_pool_t *spool;
		252	mgs_srvconf_rec *sc =
		253	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
		254	module_config,
		255	&gnutls_module);
		256	apr_pool_create(&spool, parms->pool);
		257
		258	file = ap_server_root_relative(spool, arg);
		259
		260	if (load_datum_from_file(spool, file, &data) != 0) {
		261	return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
		262	"Private Key '%s'", file);
		263	}
		264
		265	ret = gnutls_openpgp_privkey_init(&sc->privkey_pgp);
		266	if (ret < 0) {
		267	return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize"
		268	": (%d) %s", ret, gnutls_strerror(ret));
		269	}
		270
		271	ret =
		272	gnutls_openpgp_privkey_import(sc->privkey_pgp, &data,
		273	GNUTLS_OPENPGP_FMT_BASE64, NULL, 0);
		274	if (ret != 0) {
		275	return apr_psprintf(parms->pool, "GnuTLS: Failed to Import "
		276	"PGP Private Key '%s': (%d) %s", file, ret,
		277	gnutls_strerror(ret));
		278	}
		279	apr_pool_destroy(spool);
		280	return NULL;
		281	}
		282
		283
210	const char mgs_set_srp_tpasswd_file(cmd_parms parms, void *dummy,	284	const char mgs_set_srp_tpasswd_file(cmd_parms parms, void *dummy,
211	const char *arg)	285	const char *arg)
212	{	286	{
@@ -355,6 +429,44 @@ const char mgs_set_client_ca_file(cmd_parms parms, void *dummy,
355	return NULL;	429	return NULL;
356	}	430	}
357		431
		432	const char mgs_set_keyring_file(cmd_parms parms, void *dummy,
		433	const char *arg)
		434	{
		435	int rv;
		436	const char *file;
		437	apr_pool_t *spool;
		438	gnutls_datum_t data;
		439
		440	mgs_srvconf_rec *sc =
		441	(mgs_srvconf_rec *) ap_get_module_config(parms->server->
		442	module_config,
		443	&gnutls_module);
		444	apr_pool_create(&spool, parms->pool);
		445
		446	file = ap_server_root_relative(spool, arg);
		447
		448	if (load_datum_from_file(spool, file, &data) != 0) {
		449	return apr_psprintf(parms->pool, "GnuTLS: Error Reading "
		450	"Keyring File '%s'", file);
		451	}
		452
		453	rv = gnutls_openpgp_keyring_init(&sc->pgp_list);
		454	if (rv < 0) {
		455	return apr_psprintf(parms->pool, "GnuTLS: Failed to initialize"
		456	"keyring: (%d) %s", rv, gnutls_strerror(rv));
		457	}
		458
		459	rv = gnutls_openpgp_keyring_import(sc->pgp_list, &data, GNUTLS_OPENPGP_FMT_BASE64);
		460	if (rv < 0) {
		461	return apr_psprintf(parms->pool, "GnuTLS: Failed to load "
		462	"Keyring File '%s': (%d) %s", file, rv,
		463	gnutls_strerror(rv));
		464	}
		465
		466	apr_pool_destroy(spool);
		467	return NULL;
		468	}
		469
358	const char mgs_set_enabled(cmd_parms parms, void *dummy,	470	const char mgs_set_enabled(cmd_parms parms, void *dummy,
359	const char *arg)	471	const char *arg)
360	{	472	{
@@ -440,7 +552,8 @@ void mgs_config_server_create(apr_pool_t p, server_rec * s)
440	sc->srp_tpasswd_conf_file = NULL;	552	sc->srp_tpasswd_conf_file = NULL;
441	sc->srp_tpasswd_file = NULL;	553	sc->srp_tpasswd_file = NULL;
442	sc->privkey_x509 = NULL;	554	sc->privkey_x509 = NULL;
443	sc->cert_x509 = NULL;	555	memset( sc->certs_x509, 0, sizeof(sc->certs_x509));
		556	sc->certs_x509_num = 0;
444	sc->cache_timeout = apr_time_from_sec(300);	557	sc->cache_timeout = apr_time_from_sec(300);
445	sc->cache_type = mgs_cache_dbm;	558	sc->cache_type = mgs_cache_dbm;
446	sc->cache_config = ap_server_root_relative(p, "conf/gnutls_cache");	559	sc->cache_config = ap_server_root_relative(p, "conf/gnutls_cache");