Changeset 3e94bd3 in mod_gnutls for include/mod_gnutls.h.in

Timestamp:

Jan 11, 2013, 12:54:56 AM (8 years ago)

Author:

Daniel Kahn Gillmor <dkg@…>

Branches:

debian/master, debian/stretch-backports, jessie-backports, upstream

Children:

1c87791, 70c2d86

Parents:

8eb6ccd

Message:

Imported Upstream version 0.2.0

File:

• include/mod_gnutls.h.in (modified) (11 diffs)

include/mod_gnutls.h.in

@@ -28 +28 @@
 #include "ap_release.h"
 
+#include <gcrypt.h>
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
 #ifndef __mod_gnutls_h_inc
 #define __mod_gnutls_h_inc
 
 #define HAVE_APR_MEMCACHE    @have_apr_memcache@
-
-#include <gcrypt.h>
-#include <gnutls/gnutls.h>
 
 module AP_MODULE_DECLARE_DATA gnutls_module;
@@ -62 +63 @@
 typedef enum 
 {
-    mod_gnutls_cache_none,
-    mod_gnutls_cache_dbm,
+    mgs_cache_none,
+    mgs_cache_dbm,
 #if HAVE_APR_MEMCACHE
-    mod_gnutls_cache_memcache
+    mgs_cache_memcache
 #endif
-} mod_gnutls_cache_e;
+} mgs_cache_e;
 
 typedef struct
 {
+    int client_verify_mode;
+} mgs_dirconf_rec;
+
+typedef struct
+{
     gnutls_certificate_credentials_t certs;
-    char *key_file;
-    char *cert_file;
+    char* cert_cn;
+    gnutls_x509_crt_t cert_x509;
+    gnutls_x509_privkey_t privkey_x509;
     int enabled;
     int ciphers[16];
@@ -82 +89 @@
     int cert_types[16];
     apr_time_t cache_timeout;
-    mod_gnutls_cache_e cache_type;
+    mgs_cache_e cache_type;
     const char* cache_config;
     const char* rsa_params_file;
     const char* dh_params_file;
-} mod_gnutls_srvconf_rec;
+    int client_verify_mode;
+} mgs_srvconf_rec;
 
 typedef struct {
     int length;
     char *value;
-} mod_gnutls_char_buffer_t;
+} mgs_char_buffer_t;
 
 typedef struct
 {
-    mod_gnutls_srvconf_rec *sc;
+    mgs_srvconf_rec *sc;
     conn_rec* c;
     gnutls_session_t session;
@@ -104 +112 @@
     apr_read_type_e input_block;
     ap_input_mode_t input_mode;
-    mod_gnutls_char_buffer_t input_cbuf;
+    mgs_char_buffer_t input_cbuf;
     char input_buffer[AP_IOBUFSIZE];
 
@@ -116 +124 @@
     int status;
     int non_https;
-} mod_gnutls_handle_t;
+} mgs_handle_t;
 
 /** Functions in gnutls_io.c **/
 
 /**
- * mod_gnutls_filter_input will filter the input data
+ * mgs_filter_input will filter the input data
  * by decrypting it using GnuTLS and passes it cleartext.
  *
@@ -130 +138 @@
  * @return result status
  */
-apr_status_t mod_gnutls_filter_input(ap_filter_t * f,
+apr_status_t mgs_filter_input(ap_filter_t * f,
                                      apr_bucket_brigade * bb,
                                      ap_input_mode_t mode,
@@ -137 +145 @@
 
 /**
- * mod_gnutls_filter_output will filter the encrypt
+ * mgs_filter_output will filter the encrypt
  * the incoming bucket using GnuTLS and passes it onto the next filter.
  *
@@ -144 +152 @@
  * @return result status
  */
-apr_status_t mod_gnutls_filter_output(ap_filter_t * f,
+apr_status_t mgs_filter_output(ap_filter_t * f,
                                       apr_bucket_brigade * bb);
 
 
 /**
- * mod_gnutls_transport_read is called from GnuTLS to provide encrypted 
+ * mgs_transport_read is called from GnuTLS to provide encrypted 
  * data from the client.
  *
@@ -157 +165 @@
  * @return size   length of the data stored in buffer
  */
-ssize_t mod_gnutls_transport_read(gnutls_transport_ptr_t ptr,
+ssize_t mgs_transport_read(gnutls_transport_ptr_t ptr,
                                   void *buffer, size_t len);
 
 /**
- * mod_gnutls_transport_write is called from GnuTLS to 
+ * mgs_transport_write is called from GnuTLS to 
  * write data to the client.
  *
@@ -169 +177 @@
  * @return size   length of the data written
  */
-ssize_t mod_gnutls_transport_write(gnutls_transport_ptr_t ptr,
+ssize_t mgs_transport_write(gnutls_transport_ptr_t ptr,
                                    const void *buffer, size_t len);
 
 
+int mgs_rehandshake(mgs_handle_t * ctxt);
+
+
+
 /**
  * Init the Cache after Configuration is done
  */
-int mod_gnutls_cache_post_config(apr_pool_t *p, server_rec *s, 
-                                 mod_gnutls_srvconf_rec *sc);
+int mgs_cache_post_config(apr_pool_t *p, server_rec *s, 
+                                 mgs_srvconf_rec *sc);
 /**
  * Init the Cache inside each Process
  */
-int mod_gnutls_cache_child_init(apr_pool_t *p, server_rec *s, 
-                                mod_gnutls_srvconf_rec *sc);
+int mgs_cache_child_init(apr_pool_t *p, server_rec *s, 
+                                mgs_srvconf_rec *sc);
 /**
  * Setup the Session Caching
  */
-int mod_gnutls_cache_session_init(mod_gnutls_handle_t *ctxt);
+int mgs_cache_session_init(mgs_handle_t *ctxt);
 
 #define GNUTLS_SESSION_ID_STRING_LEN \
@@ -198 +210 @@
  * @param strsize The Maximum Length that can be stored in str
  */
-char *mod_gnutls_session_id2sz(unsigned char *id, int idlen,
+char *mgs_session_id2sz(unsigned char *id, int idlen,
                                 char *str, int strsize);
 
+
+/* Configuration Functions */
+
+const char *mgs_set_cert_file(cmd_parms * parms, void *dummy,
+                                        const char *arg);
+
+const char *mgs_set_key_file(cmd_parms * parms, void *dummy,
+                             const char *arg);
+
+const char *mgs_set_cache(cmd_parms * parms, void *dummy,
+                          const char *type, const char* arg);
+
+const char *mgs_set_cache_timeout(cmd_parms * parms, void *dummy,
+                                  const char *arg);
+
+const char *mgs_set_client_verify(cmd_parms * parms, void *dummy,
+                                  const char *arg);
+
+const char *mgs_set_client_ca_file(cmd_parms * parms, void *dummy,
+                                   const char *arg);
+
+const char *mgs_set_enabled(cmd_parms * parms, void *dummy,
+                            const char *arg);
+
+void *mgs_config_server_create(apr_pool_t * p, server_rec * s);
+
+void *mgs_config_dir_create(apr_pool_t *p, char *dir);
+
+mgs_srvconf_rec* mgs_find_sni_server(gnutls_session_t session);
+
+/* mod_gnutls Hooks. */
+
+int mgs_hook_pre_config(apr_pool_t * pconf,
+                        apr_pool_t * plog, apr_pool_t * ptemp);
+
+int mgs_hook_post_config(apr_pool_t * p, apr_pool_t * plog,
+                         apr_pool_t * ptemp,
+                         server_rec * base_server);
+
+void mgs_hook_child_init(apr_pool_t *p, server_rec *s);
+
+const char *mgs_hook_http_scheme(const request_rec * r);
+
+apr_port_t mgs_hook_default_port(const request_rec * r);
+
+int mgs_hook_pre_connection(conn_rec * c, void *csd);
+
+int mgs_hook_fixups(request_rec *r);
+
+int mgs_hook_authz(request_rec *r);
+
 #endif /*  __mod_gnutls_h_inc */