Changeset 031acac in mod_gnutls for src/mod_gnutls.c


Ignore:
Timestamp:
Jul 3, 2014, 1:00:29 PM (5 years ago)
Author:
Nikos Mavrogiannopoulos <nmav@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
7314438
Parents:
765cac2
git-author:
Nikos Mavrogiannopoulos <nmav@…> (06/24/14 10:28:03)
git-committer:
Nikos Mavrogiannopoulos <nmav@…> (07/03/14 13:00:29)
Message:

Use the new (3.1.3+) GnuTLS APIs to obtain private keys.

This allows the loading a private key from a PKCS #11 or a TPM URL
(the GnuTLSPIN and GnuTLSSRKPIN variables should be set), and loading
encrypted private keys in PKCS #8, PKCS #12 or openssl format.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/mod_gnutls.c

    r765cac2 r031acac  
    101101    RSRC_CONF | OR_AUTHCFG,
    102102    "Enable SSL Proxy Engine"),
     103    AP_INIT_RAW_ARGS("GnuTLSPIN", mgs_set_pin,
     104    NULL,
     105    RSRC_CONF,
     106    "The PIN to use in case of encrypted keys or PKCS #11 tokens."),
     107    AP_INIT_RAW_ARGS("GnuTLSSRKPIN", mgs_set_srk_pin,
     108    NULL,
     109    RSRC_CONF,
     110    "The SRK PIN to use in case of TPM keys."),
    103111    AP_INIT_TAKE1("GnuTLSClientVerify", mgs_set_client_verify,
    104112    NULL,
Note: See TracChangeset for help on using the changeset viewer.