1 | /** |
---|
2 | * Copyright 2016 Thomas Klute |
---|
3 | * |
---|
4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
---|
5 | * you may not use this file except in compliance with the License. |
---|
6 | * You may obtain a copy of the License at |
---|
7 | * |
---|
8 | * http://www.apache.org/licenses/LICENSE-2.0 |
---|
9 | * |
---|
10 | * Unless required by applicable law or agreed to in writing, software |
---|
11 | * distributed under the License is distributed on an "AS IS" BASIS, |
---|
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
---|
13 | * See the License for the specific language governing permissions and |
---|
14 | * limitations under the License. |
---|
15 | */ |
---|
16 | |
---|
17 | #include "gnutls_ocsp.h" |
---|
18 | |
---|
19 | #include "mod_gnutls.h" |
---|
20 | #include "apr_lib.h" |
---|
21 | |
---|
22 | #ifdef APLOG_USE_MODULE |
---|
23 | APLOG_USE_MODULE(gnutls); |
---|
24 | #endif |
---|
25 | |
---|
26 | const char *mgs_store_ocsp_response_path(cmd_parms *parms, |
---|
27 | void *dummy __attribute__((unused)), |
---|
28 | const char *arg) |
---|
29 | { |
---|
30 | mgs_srvconf_rec *sc = (mgs_srvconf_rec *) |
---|
31 | ap_get_module_config(parms->server->module_config, &gnutls_module); |
---|
32 | |
---|
33 | sc->ocsp_response_file = ap_server_root_relative(parms->pool, arg); |
---|
34 | return NULL; |
---|
35 | } |
---|
36 | |
---|
37 | int mgs_get_ocsp_response(gnutls_session_t session __attribute__((unused)), |
---|
38 | void *ptr, |
---|
39 | gnutls_datum_t *ocsp_response) |
---|
40 | { |
---|
41 | mgs_handle_t *ctxt = (mgs_handle_t *) ptr; |
---|
42 | ap_log_cerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, ctxt->c, |
---|
43 | "Loading OCSP response from %s", |
---|
44 | ctxt->sc->ocsp_response_file); |
---|
45 | |
---|
46 | int ret = gnutls_load_file(ctxt->sc->ocsp_response_file, ocsp_response); |
---|
47 | if (ret != GNUTLS_E_SUCCESS) |
---|
48 | { |
---|
49 | ap_log_cerror(APLOG_MARK, APLOG_ERR, APR_EGENERAL, ctxt->c, |
---|
50 | "Loading OCSP response failed: %s (%d)", |
---|
51 | gnutls_strerror(ret), ret); |
---|
52 | gnutls_free(ocsp_response->data); |
---|
53 | ocsp_response->size = 0; |
---|
54 | ocsp_response->data = NULL; |
---|
55 | return GNUTLS_E_NO_CERTIFICATE_STATUS; |
---|
56 | } |
---|
57 | |
---|
58 | return GNUTLS_E_SUCCESS; |
---|
59 | } |
---|