aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/mod_gnutls.h.in69
1 files changed, 59 insertions, 10 deletions
diff --git a/include/mod_gnutls.h.in b/include/mod_gnutls.h.in
index 3473bf1..db7e7dd 100644
--- a/include/mod_gnutls.h.in
+++ b/include/mod_gnutls.h.in
@@ -29,6 +29,8 @@
29 29
30#include <gcrypt.h> 30#include <gcrypt.h>
31#include <gnutls/gnutls.h> 31#include <gnutls/gnutls.h>
32#include <gnutls/extra.h>
33#include <gnutls/openpgp.h>
32#include <gnutls/x509.h> 34#include <gnutls/x509.h>
33 35
34#ifndef __mod_gnutls_h_inc 36#ifndef __mod_gnutls_h_inc
@@ -76,24 +78,42 @@ typedef struct
76 apr_size_t lua_bytecode_len; 78 apr_size_t lua_bytecode_len;
77} mgs_dirconf_rec; 79} mgs_dirconf_rec;
78 80
81
82/* The maximum number of client CA certificates allowed.
83 */
84#define MAX_CA_CRTS 128
85
86/* The maximum number of certificates to send in a chain
87 */
88#define MAX_CHAIN_SIZE 8
89
79typedef struct 90typedef struct
80{ 91{
81 gnutls_certificate_credentials_t certs; 92 gnutls_certificate_credentials_t certs;
93 gnutls_srp_server_credentials_t srp_creds;
94 gnutls_anon_server_credentials_t anon_creds;
82 char* cert_cn; 95 char* cert_cn;
83 gnutls_x509_crt_t cert_x509; 96 gnutls_x509_crt_t certs_x509[MAX_CHAIN_SIZE]; /* A certificate chain */
97 unsigned int certs_x509_num;
84 gnutls_x509_privkey_t privkey_x509; 98 gnutls_x509_privkey_t privkey_x509;
99 gnutls_openpgp_crt_t cert_pgp; /* A certificate chain */
100 gnutls_openpgp_privkey_t privkey_pgp;
85 int enabled; 101 int enabled;
86 int ciphers[16]; 102 /* whether to send the PEM encoded certificates
87 int key_exchange[16]; 103 * to CGIs
88 int macs[16]; 104 */
89 int protocol[16]; 105 int export_certificates_enabled;
90 int compression[16]; 106 gnutls_priority_t priorities;
91 int cert_types[16]; 107 gnutls_rsa_params_t rsa_params;
92 apr_time_t cache_timeout; 108 gnutls_dh_params_t dh_params;
109 int cache_timeout;
93 mgs_cache_e cache_type; 110 mgs_cache_e cache_type;
94 const char* cache_config; 111 const char* cache_config;
95 const char* rsa_params_file; 112 const char* srp_tpasswd_file;
96 const char* dh_params_file; 113 const char* srp_tpasswd_conf_file;
114 gnutls_x509_crt_t ca_list[MAX_CA_CRTS];
115 gnutls_openpgp_keyring_t pgp_list;
116 unsigned int ca_list_size;
97 int client_verify_mode; 117 int client_verify_mode;
98} mgs_srvconf_rec; 118} mgs_srvconf_rec;
99 119
@@ -214,15 +234,37 @@ int mgs_cache_session_init(mgs_handle_t *ctxt);
214char *mgs_session_id2sz(unsigned char *id, int idlen, 234char *mgs_session_id2sz(unsigned char *id, int idlen,
215 char *str, int strsize); 235 char *str, int strsize);
216 236
237/**
238 * Convert a time_t into a Null Terminated String
239 * @param t time_t time
240 * @param str Location to store the Hex Encoded String
241 * @param strsize The Maximum Length that can be stored in str
242 */
243char *mgs_time2sz(time_t t, char *str, int strsize);
244
217 245
218/* Configuration Functions */ 246/* Configuration Functions */
219 247
248const char *mgs_set_srp_tpasswd_conf_file(cmd_parms * parms, void *dummy,
249 const char *arg);
250const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy,
251 const char *arg);
252const char *mgs_set_dh_file(cmd_parms * parms, void *dummy,
253 const char *arg);
254const char *mgs_set_rsa_export_file(cmd_parms * parms, void *dummy,
255 const char *arg);
220const char *mgs_set_cert_file(cmd_parms * parms, void *dummy, 256const char *mgs_set_cert_file(cmd_parms * parms, void *dummy,
221 const char *arg); 257 const char *arg);
222 258
223const char *mgs_set_key_file(cmd_parms * parms, void *dummy, 259const char *mgs_set_key_file(cmd_parms * parms, void *dummy,
224 const char *arg); 260 const char *arg);
225 261
262const char *mgs_set_pgpcert_file(cmd_parms * parms, void *dummy,
263 const char *arg);
264
265const char *mgs_set_pgpkey_file(cmd_parms * parms, void *dummy,
266 const char *arg);
267
226const char *mgs_set_cache(cmd_parms * parms, void *dummy, 268const char *mgs_set_cache(cmd_parms * parms, void *dummy,
227 const char *type, const char* arg); 269 const char *type, const char* arg);
228 270
@@ -235,8 +277,15 @@ const char *mgs_set_client_verify(cmd_parms * parms, void *dummy,
235const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy, 277const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy,
236 const char *arg); 278 const char *arg);
237 279
280const char *mgs_set_keyring_file(cmd_parms * parms, void *dummy,
281 const char *arg);
282
238const char *mgs_set_enabled(cmd_parms * parms, void *dummy, 283const char *mgs_set_enabled(cmd_parms * parms, void *dummy,
239 const char *arg); 284 const char *arg);
285const char *mgs_set_export_certificates_enabled(cmd_parms * parms, void *dummy,
286 const char *arg);
287const char *mgs_set_priorities(cmd_parms * parms, void *dummy,
288 const char *arg);
240 289
241const char *mgs_set_require_section(cmd_parms *cmd, 290const char *mgs_set_require_section(cmd_parms *cmd,
242 void *mconfig, const char *arg); 291 void *mconfig, const char *arg);