From 586e3bef5d34d090d9480e146783c33313f9dc34 Mon Sep 17 00:00:00 2001 From: Nokis Mavrogiannopoulos Date: Wed, 20 Feb 2008 18:50:41 +0000 Subject: added tags --- include/mod_gnutls.h.in | 69 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 59 insertions(+), 10 deletions(-) (limited to 'include') diff --git a/include/mod_gnutls.h.in b/include/mod_gnutls.h.in index 3473bf1..db7e7dd 100644 --- a/include/mod_gnutls.h.in +++ b/include/mod_gnutls.h.in @@ -29,6 +29,8 @@ #include #include +#include +#include #include #ifndef __mod_gnutls_h_inc @@ -76,24 +78,42 @@ typedef struct apr_size_t lua_bytecode_len; } mgs_dirconf_rec; + +/* The maximum number of client CA certificates allowed. + */ +#define MAX_CA_CRTS 128 + +/* The maximum number of certificates to send in a chain + */ +#define MAX_CHAIN_SIZE 8 + typedef struct { gnutls_certificate_credentials_t certs; + gnutls_srp_server_credentials_t srp_creds; + gnutls_anon_server_credentials_t anon_creds; char* cert_cn; - gnutls_x509_crt_t cert_x509; + gnutls_x509_crt_t certs_x509[MAX_CHAIN_SIZE]; /* A certificate chain */ + unsigned int certs_x509_num; gnutls_x509_privkey_t privkey_x509; + gnutls_openpgp_crt_t cert_pgp; /* A certificate chain */ + gnutls_openpgp_privkey_t privkey_pgp; int enabled; - int ciphers[16]; - int key_exchange[16]; - int macs[16]; - int protocol[16]; - int compression[16]; - int cert_types[16]; - apr_time_t cache_timeout; + /* whether to send the PEM encoded certificates + * to CGIs + */ + int export_certificates_enabled; + gnutls_priority_t priorities; + gnutls_rsa_params_t rsa_params; + gnutls_dh_params_t dh_params; + int cache_timeout; mgs_cache_e cache_type; const char* cache_config; - const char* rsa_params_file; - const char* dh_params_file; + const char* srp_tpasswd_file; + const char* srp_tpasswd_conf_file; + gnutls_x509_crt_t ca_list[MAX_CA_CRTS]; + gnutls_openpgp_keyring_t pgp_list; + unsigned int ca_list_size; int client_verify_mode; } mgs_srvconf_rec; @@ -214,15 +234,37 @@ int mgs_cache_session_init(mgs_handle_t *ctxt); char *mgs_session_id2sz(unsigned char *id, int idlen, char *str, int strsize); +/** + * Convert a time_t into a Null Terminated String + * @param t time_t time + * @param str Location to store the Hex Encoded String + * @param strsize The Maximum Length that can be stored in str + */ +char *mgs_time2sz(time_t t, char *str, int strsize); + /* Configuration Functions */ +const char *mgs_set_srp_tpasswd_conf_file(cmd_parms * parms, void *dummy, + const char *arg); +const char *mgs_set_srp_tpasswd_file(cmd_parms * parms, void *dummy, + const char *arg); +const char *mgs_set_dh_file(cmd_parms * parms, void *dummy, + const char *arg); +const char *mgs_set_rsa_export_file(cmd_parms * parms, void *dummy, + const char *arg); const char *mgs_set_cert_file(cmd_parms * parms, void *dummy, const char *arg); const char *mgs_set_key_file(cmd_parms * parms, void *dummy, const char *arg); +const char *mgs_set_pgpcert_file(cmd_parms * parms, void *dummy, + const char *arg); + +const char *mgs_set_pgpkey_file(cmd_parms * parms, void *dummy, + const char *arg); + const char *mgs_set_cache(cmd_parms * parms, void *dummy, const char *type, const char* arg); @@ -235,8 +277,15 @@ const char *mgs_set_client_verify(cmd_parms * parms, void *dummy, const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy, const char *arg); +const char *mgs_set_keyring_file(cmd_parms * parms, void *dummy, + const char *arg); + const char *mgs_set_enabled(cmd_parms * parms, void *dummy, const char *arg); +const char *mgs_set_export_certificates_enabled(cmd_parms * parms, void *dummy, + const char *arg); +const char *mgs_set_priorities(cmd_parms * parms, void *dummy, + const char *arg); const char *mgs_set_require_section(cmd_parms *cmd, void *mconfig, const char *arg); -- cgit