Changeset beb14d9 in mod_gnutls for include


Ignore:
Timestamp:
Jan 27, 2015, 7:20:27 AM (4 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
4fefa39
Parents:
c1ef069
Message:

Proof of concept: Support for proxy back end connections using TLS

This commit enables TLS on proxy back end connections if requested from
mod_proxy. Since mod_gnutls acts as client instead of server on proxy
back end connections, TLS session setup is quite different.

Note that this implementation is not finished, in particular the proxy
back end connection is hard coded to use the same X.509 credentials as
the server side, which severely restricts usable certificate
combinations.

Some typos in comments and an error message related to TLS handshake are
fixed as well.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • include/mod_gnutls.h.in

    rc1ef069 rbeb14d9  
    108108        /* SRP Certificate Structure*/
    109109    gnutls_srp_server_credentials_t srp_creds;
    110         /* Annonymous Certificate Structure */
     110    /* Anonymous Certificate Structure */
    111111    gnutls_anon_server_credentials_t anon_creds;
     112    /* Anonymous Client Certificate Structure, used for proxy
     113     * connections */
     114    gnutls_anon_client_credentials_t anon_client_creds;
    112115        /* Current x509 Certificate CN [Common Name] */
    113116    char* cert_cn;
Note: See TracChangeset for help on using the changeset viewer.