diff options
Diffstat (limited to 'include/mod_gnutls.h.in')
-rw-r--r-- | include/mod_gnutls.h.in | 69 |
1 files changed, 59 insertions, 10 deletions
diff --git a/include/mod_gnutls.h.in b/include/mod_gnutls.h.in index 3473bf1..db7e7dd 100644 --- a/include/mod_gnutls.h.in +++ b/include/mod_gnutls.h.in | |||
@@ -29,6 +29,8 @@ | |||
29 | 29 | ||
30 | #include <gcrypt.h> | 30 | #include <gcrypt.h> |
31 | #include <gnutls/gnutls.h> | 31 | #include <gnutls/gnutls.h> |
32 | #include <gnutls/extra.h> | ||
33 | #include <gnutls/openpgp.h> | ||
32 | #include <gnutls/x509.h> | 34 | #include <gnutls/x509.h> |
33 | 35 | ||
34 | #ifndef __mod_gnutls_h_inc | 36 | #ifndef __mod_gnutls_h_inc |
@@ -76,24 +78,42 @@ typedef struct | |||
76 | apr_size_t lua_bytecode_len; | 78 | apr_size_t lua_bytecode_len; |
77 | } mgs_dirconf_rec; | 79 | } mgs_dirconf_rec; |
78 | 80 | ||
81 | |||
82 | /* The maximum number of client CA certificates allowed. | ||
83 | */ | ||
84 | #define MAX_CA_CRTS 128 | ||
85 | |||
86 | /* The maximum number of certificates to send in a chain | ||
87 | */ | ||
88 | #define MAX_CHAIN_SIZE 8 | ||
89 | |||
79 | typedef struct | 90 | typedef struct |
80 | { | 91 | { |
81 | gnutls_certificate_credentials_t certs; | 92 | gnutls_certificate_credentials_t certs; |
93 | gnutls_srp_server_credentials_t srp_creds; | ||
94 | gnutls_anon_server_credentials_t anon_creds; | ||
82 | char* cert_cn; | 95 | char* cert_cn; |
83 | gnutls_x509_crt_t cert_x509; | 96 | gnutls_x509_crt_t certs_x509[MAX_CHAIN_SIZE]; /* A certificate chain */ |
97 | unsigned int certs_x509_num; | ||
84 | gnutls_x509_privkey_t privkey_x509; | 98 | gnutls_x509_privkey_t privkey_x509; |
99 | gnutls_openpgp_crt_t cert_pgp; /* A certificate chain */ | ||
100 | gnutls_openpgp_privkey_t privkey_pgp; | ||
85 | int enabled; | 101 | int enabled; |
86 | int ciphers[16]; | 102 | /* whether to send the PEM encoded certificates |
87 | int key_exchange[16]; | 103 | * to CGIs |
88 | int macs[16]; | 104 | */ |
89 | int protocol[16]; | 105 | int export_certificates_enabled; |
90 | int compression[16]; | 106 | gnutls_priority_t priorities; |
91 | int cert_types[16]; | 107 | gnutls_rsa_params_t rsa_params; |
92 | apr_time_t cache_timeout; | 108 | gnutls_dh_params_t dh_params; |
109 | int cache_timeout; | ||
93 | mgs_cache_e cache_type; | 110 | mgs_cache_e cache_type; |
94 | const char* cache_config; | 111 | const char* cache_config; |
95 | const char* rsa_params_file; | 112 | const char* srp_tpasswd_file; |
96 | const char* dh_params_file; | 113 | const char* srp_tpasswd_conf_file; |
114 | gnutls_x509_crt_t ca_list[MAX_CA_CRTS]; | ||
115 | gnutls_openpgp_keyring_t pgp_list; | ||
116 | unsigned int ca_list_size; | ||
97 | int client_verify_mode; | 117 | int client_verify_mode; |
98 | } mgs_srvconf_rec; | 118 | } mgs_srvconf_rec; |
99 | 119 | ||
@@ -214,15 +234,37 @@ int mgs_cache_session_init(mgs_handle_t *ctxt); | |||
214 | char *mgs_session_id2sz(unsigned char *id, int idlen, | 234 | char *mgs_session_id2sz(unsigned char *id, int idlen, |
215 | char *str, int strsize); | 235 | char *str, int strsize); |
216 | 236 | ||
237 | /** | ||
238 | * Convert a time_t into a Null Terminated String | ||
239 | * @param t time_t time | ||
240 | * @param str Location to store the Hex Encoded String | ||
241 | * @param strsize The Maximum Length that can be stored in str | ||
242 | */ | ||
243 | char *mgs_time2sz(time_t t, char *str, int strsize); | ||
244 | |||
217 | 245 | ||
218 | /* Configuration Functions */ | 246 | /* Configuration Functions */ |
219 | 247 | ||
248 | const char *mgs_set_srp_tpasswd_conf_file(cmd_parms * parms, void *dummy, | ||
249 | const char *arg); | ||
250 | const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy, | ||
251 | const char *arg); | ||
252 | const char *mgs_set_dh_file(cmd_parms * parms, void *dummy, | ||
253 | const char *arg); | ||
254 | const char *mgs_set_rsa_export_file(cmd_parms * parms, void *dummy, | ||
255 | const char *arg); | ||
220 | const char *mgs_set_cert_file(cmd_parms * parms, void *dummy, | 256 | const char *mgs_set_cert_file(cmd_parms * parms, void *dummy, |
221 | const char *arg); | 257 | const char *arg); |
222 | 258 | ||
223 | const char *mgs_set_key_file(cmd_parms * parms, void *dummy, | 259 | const char *mgs_set_key_file(cmd_parms * parms, void *dummy, |
224 | const char *arg); | 260 | const char *arg); |
225 | 261 | ||
262 | const char *mgs_set_pgpcert_file(cmd_parms * parms, void *dummy, | ||
263 | const char *arg); | ||
264 | |||
265 | const char *mgs_set_pgpkey_file(cmd_parms * parms, void *dummy, | ||
266 | const char *arg); | ||
267 | |||
226 | const char *mgs_set_cache(cmd_parms * parms, void *dummy, | 268 | const char *mgs_set_cache(cmd_parms * parms, void *dummy, |
227 | const char *type, const char* arg); | 269 | const char *type, const char* arg); |
228 | 270 | ||
@@ -235,8 +277,15 @@ const char *mgs_set_client_verify(cmd_parms * parms, void *dummy, | |||
235 | const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy, | 277 | const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy, |
236 | const char *arg); | 278 | const char *arg); |
237 | 279 | ||
280 | const char *mgs_set_keyring_file(cmd_parms * parms, void *dummy, | ||
281 | const char *arg); | ||
282 | |||
238 | const char *mgs_set_enabled(cmd_parms * parms, void *dummy, | 283 | const char *mgs_set_enabled(cmd_parms * parms, void *dummy, |
239 | const char *arg); | 284 | const char *arg); |
285 | const char *mgs_set_export_certificates_enabled(cmd_parms * parms, void *dummy, | ||
286 | const char *arg); | ||
287 | const char *mgs_set_priorities(cmd_parms * parms, void *dummy, | ||
288 | const char *arg); | ||
240 | 289 | ||
241 | const char *mgs_set_require_section(cmd_parms *cmd, | 290 | const char *mgs_set_require_section(cmd_parms *cmd, |
242 | void *mconfig, const char *arg); | 291 | void *mconfig, const char *arg); |