- Timestamp:
- Dec 20, 2012, 11:29:16 PM (6 years ago)
- Branches:
- debian/master, debian/stretch-backports, jessie-backports, master, msva, upstream
- Children:
- 8780e34
- Parents:
- 8c03808
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
include/mod_gnutls.h.in
r8c03808 r3b4c0d0 16 16 */ 17 17 18 /* Apache Runtime Headers */ 18 19 #include "httpd.h" 19 20 #include "http_config.h" … … 28 29 #include "ap_release.h" 29 30 #include "apr_fnmatch.h" 30 31 /* GnuTLS Library Headers */ 31 32 #include <gnutls/gnutls.h> 32 33 #include <gnutls/extra.h> … … 41 42 extern module AP_MODULE_DECLARE_DATA gnutls_module; 42 43 44 /* IO Filter names */ 43 45 #define GNUTLS_OUTPUT_FILTER_NAME "gnutls_output_filter" 44 46 #define GNUTLS_INPUT_FILTER_NAME "gnutls_input_filter" 45 47 /* GnuTLS Constants */ 46 48 #define GNUTLS_ENABLED_FALSE 0 47 49 #define GNUTLS_ENABLED_TRUE 1 48 49 #define MOD_GNUTLS_VERSION "@MOD_GNUTLS_VERSION@" 50 51 #define MOD_GNUTLS_DEBUG @OOO_MAINTAIN@ 52 53 /* Recent Versions of 2.1 renamed several hooks. This allows us to 54 compile on 2.0.xx */ 50 /* Current module version */ 51 #define MOD_GNUTLS_VERSION "0.5.10" 52 /* Module Debug Mode */ 53 #define MOD_GNUTLS_DEBUG 1 54 55 /* 56 * Recent Versions of 2.1 renamed several hooks. 57 * This allows us to compile on 2.0.xx 58 */ 55 59 #if AP_SERVER_MINORVERSION_NUMBER >= 2 || (AP_SERVER_MINORVERSION_NUMBER == 1 && AP_SERVER_PATCHLEVEL_NUMBER >= 3) 56 #define USING_2_1_RECENT 160 #define USING_2_1_RECENT 1 57 61 #else 58 #define USING_2_1_RECENT 062 #define USING_2_1_RECENT 0 59 63 #endif 60 64 61 typedef enum 62 { 65 /* mod_gnutls Cache Types */ 66 typedef enum { 67 /* No Cache */ 63 68 mgs_cache_none, 69 /* Use Old Berkley DB */ 64 70 mgs_cache_dbm, 71 /* Use Gnu's version of Berkley DB */ 65 72 mgs_cache_gdbm, 66 73 #if HAVE_APR_MEMCACHE 74 /* Use Memcache */ 67 75 mgs_cache_memcache 68 76 #endif 69 77 } mgs_cache_e; 70 78 71 typedef struct 72 {79 /* Directory Configuration Record */ 80 typedef struct { 73 81 int client_verify_mode; 74 82 const char* lua_bytecode; … … 77 85 78 86 79 /* The maximum number of certificates to send in a chain 80 */ 87 /* The maximum number of certificates to send in a chain */ 81 88 #define MAX_CHAIN_SIZE 8 82 83 typedef struct 84 { 85 gnutls_certificate_credentials_t certs; 89 /* The maximum number of SANs to read from a x509 certificate */ 90 #define MAX_CERT_SAN 5 91 92 /* Server Configuration Record */ 93 typedef struct { 94 /* x509 Certificate Structure */ 95 gnutls_certificate_credentials_t certs; 96 /* SRP Certificate Structure*/ 86 97 gnutls_srp_server_credentials_t srp_creds; 98 /* Annonymous Certificate Structure */ 87 99 gnutls_anon_server_credentials_t anon_creds; 100 /* Current x509 Certificate CN [Common Name] */ 88 101 char* cert_cn; 89 gnutls_x509_crt_t certs_x509[MAX_CHAIN_SIZE]; /* A certificate chain */ 90 unsigned int certs_x509_num; 102 /* Current x509 Certificate SAN [Subject Alternate Name]s*/ 103 char* cert_san[MAX_CERT_SAN]; 104 /* A x509 Certificate Chain */ 105 gnutls_x509_crt_t *certs_x509_chain; 106 /* Current x509 Certificate Private Key */ 91 107 gnutls_x509_privkey_t privkey_x509; 92 gnutls_openpgp_crt_t cert_pgp; /* A certificate chain */ 108 /* OpenPGP Certificate */ 109 gnutls_openpgp_crt_t cert_pgp; 110 /* OpenPGP Certificate Private Key */ 93 111 gnutls_openpgp_privkey_t privkey_pgp; 112 /* Number of Certificates in Chain */ 113 unsigned int certs_x509_chain_num; 114 /* Is the module enabled? */ 94 115 int enabled; 95 /* whether to send the PEM encoded certificates 96 * to CGIs 97 */ 98 int export_certificates_enabled; 116 /* GnuTLS Priorities */ 99 117 gnutls_priority_t priorities; 118 /* GnuTLS RSA Parameters [Obselete] */ 100 119 gnutls_rsa_params_t rsa_params; 120 /* GnuTLS DH Parameters */ 101 121 gnutls_dh_params_t dh_params; 122 /* Cache timeout value */ 102 123 int cache_timeout; 124 /* Chose Cache Type */ 103 125 mgs_cache_e cache_type; 104 126 const char* cache_config; 105 127 const char* srp_tpasswd_file; 106 128 const char* srp_tpasswd_conf_file; 129 /* A list of CA Certificates */ 107 130 gnutls_x509_crt_t *ca_list; 131 /* OpenPGP Key Ring */ 108 132 gnutls_openpgp_keyring_t pgp_list; 133 /* CA Certificate list size */ 109 134 unsigned int ca_list_size; 135 /* Client Certificate Verification Mode */ 110 136 int client_verify_mode; 137 /* Last Cache timestamp */ 111 138 apr_time_t last_cache_check; 112 int tickets; /* whether session tickets are allowed */ 139 /* GnuTLS uses Session Tickets */ 140 int tickets; 141 /* Is mod_proxy enabled? */ 113 142 int proxy_enabled; 143 /* A Plain HTTP request */ 114 144 int non_ssl_request; 115 145 } mgs_srvconf_rec; 116 146 147 /* Character Buffer */ 117 148 typedef struct { 118 149 int length; … … 120 151 } mgs_char_buffer_t; 121 152 122 typedef struct 123 { 153 /* GnuTLS Handle */ 154 typedef struct { 155 /* Server configuration record */ 124 156 mgs_srvconf_rec *sc; 157 /* Connection record */ 125 158 conn_rec* c; 159 /* GnuTLS Session handle */ 126 160 gnutls_session_t session; 161 /* module input status */ 127 162 apr_status_t input_rc; 163 /* Input filter */ 128 164 ap_filter_t *input_filter; 165 /* Input Bucket Brigade */ 129 166 apr_bucket_brigade *input_bb; 167 /* Input Read Type */ 130 168 apr_read_type_e input_block; 169 /* Input Mode */ 131 170 ap_input_mode_t input_mode; 171 /* Input Character Buffer */ 132 172 mgs_char_buffer_t input_cbuf; 173 /* Input Character Array */ 133 174 char input_buffer[AP_IOBUFSIZE]; 175 /* module Output status */ 134 176 apr_status_t output_rc; 177 /* Output filter */ 135 178 ap_filter_t *output_filter; 179 /* Output Bucket Brigade */ 136 180 apr_bucket_brigade *output_bb; 181 /* Output character array */ 137 182 char output_buffer[AP_IOBUFSIZE]; 183 /* Output buffer length */ 138 184 apr_size_t output_blen; 185 /* Output length */ 139 186 apr_size_t output_length; 187 /* General Status */ 140 188 int status; 141 189 } mgs_handle_t; 190 191 142 192 143 193 /** Functions in gnutls_io.c **/
Note: See TracChangeset
for help on using the changeset viewer.