Apache HTTPD
Classes | Typedefs | Functions | Variables
md_acme.c File Reference
#include <assert.h>
#include <stdlib.h>
#include <apr_lib.h>
#include <apr_strings.h>
#include <apr_buckets.h>
#include <apr_hash.h>
#include <apr_uri.h>
#include "md.h"
#include "md_crypt.h"
#include "md_json.h"
#include "md_jws.h"
#include "md_http.h"
#include "md_log.h"
#include "md_store.h"
#include "md_result.h"
#include "md_util.h"
#include "md_version.h"
#include "md_acme.h"
#include "md_acme_acct.h"

Go to the source code of this file.

Classes

struct  acme_problem_status_t
 
struct  json_ctx
 
struct  update_dir_ctx
 

Typedefs

typedef struct acme_problem_status_t acme_problem_status_t
 

Functions

static apr_status_t problem_status_get (const char *type)
 
int md_acme_problem_is_input_related (const char *problem)
 
static void req_update_nonce (md_acme_t *acme, apr_table_t *hdrs)
 
static apr_status_t http_update_nonce (const md_http_response_t *res, void *data)
 
static md_acme_req_tmd_acme_req_create (md_acme_t *acme, const char *method, const char *url)
 
static apr_status_t acmev2_new_nonce (md_acme_t *acme)
 
apr_status_t md_acme_init (apr_pool_t *p, const char *base, int init_ssl)
 
static apr_status_t inspect_problem (md_acme_req_t *req, const md_http_response_t *res)
 
static apr_status_t acmev2_req_init (md_acme_req_t *req, md_json_t *jpayload)
 
apr_status_t md_acme_req_body_init (md_acme_req_t *req, md_json_t *payload)
 
static apr_status_t md_acme_req_done (md_acme_req_t *req, apr_status_t rv)
 
static apr_status_t on_response (const md_http_response_t *res, void *data)
 
static apr_status_t acmev2_GET_as_POST_init (md_acme_req_t *req, void *baton)
 
static apr_status_t md_acme_req_send (md_acme_req_t *req)
 
apr_status_t md_acme_POST (md_acme_t *acme, const char *url, md_acme_req_init_cb *on_init, md_acme_req_json_cb *on_json, md_acme_req_res_cb *on_res, md_acme_req_err_cb *on_err, void *baton)
 
apr_status_t md_acme_GET (md_acme_t *acme, const char *url, md_acme_req_init_cb *on_init, md_acme_req_json_cb *on_json, md_acme_req_res_cb *on_res, md_acme_req_err_cb *on_err, void *baton)
 
void md_acme_report_result (md_acme_t *acme, apr_status_t rv, struct md_result_t *result)
 
static apr_status_t on_got_json (md_acme_t *acme, apr_pool_t *p, const apr_table_t *headers, md_json_t *jbody, void *baton)
 
apr_status_t md_acme_get_json (struct md_json_t **pjson, md_acme_t *acme, const char *url, apr_pool_t *p)
 
void md_acme_clear_acct (md_acme_t *acme)
 
const charmd_acme_acct_id_get (md_acme_t *acme)
 
const charmd_acme_acct_url_get (md_acme_t *acme)
 
apr_status_t md_acme_use_acct (md_acme_t *acme, md_store_t *store, apr_pool_t *p, const char *acct_id)
 
apr_status_t md_acme_use_acct_for_md (md_acme_t *acme, struct md_store_t *store, apr_pool_t *p, const char *acct_id, const md_t *md)
 
apr_status_t md_acme_save_acct (md_acme_t *acme, apr_pool_t *p, md_store_t *store)
 
static apr_status_t acmev2_POST_new_account (md_acme_t *acme, md_acme_req_init_cb *on_init, md_acme_req_json_cb *on_json, md_acme_req_res_cb *on_res, md_acme_req_err_cb *on_err, void *baton)
 
apr_status_t md_acme_POST_new_account (md_acme_t *acme, md_acme_req_init_cb *on_init, md_acme_req_json_cb *on_json, md_acme_req_res_cb *on_res, md_acme_req_err_cb *on_err, void *baton)
 
apr_status_t md_acme_create (md_acme_t **pacme, apr_pool_t *p, const char *url, const char *proxy_url, const char *ca_file)
 
static apr_status_t update_directory (const md_http_response_t *res, void *data)
 
apr_status_t md_acme_setup (md_acme_t *acme, md_result_t *result)
 

Variables

static const charbase_product = "-"
 
static acme_problem_status_t Problems []
 

Typedef Documentation

◆ acme_problem_status_t

typedef struct acme_problem_status_t acme_problem_status_t

Definition at line 43 of file md_acme.c.

Function Documentation

◆ acmev2_GET_as_POST_init()

static apr_status_t acmev2_GET_as_POST_init ( md_acme_req_t req,
void *  baton 
)
static

Definition at line 329 of file md_acme.c.

◆ acmev2_new_nonce()

static apr_status_t acmev2_new_nonce ( md_acme_t acme)
static

Definition at line 157 of file md_acme.c.

◆ acmev2_POST_new_account()

static apr_status_t acmev2_POST_new_account ( md_acme_t acme,
md_acme_req_init_cb on_init,
md_acme_req_json_cb on_json,
md_acme_req_res_cb on_res,
md_acme_req_err_cb on_err,
void *  baton 
)
static

Definition at line 597 of file md_acme.c.

◆ acmev2_req_init()

static apr_status_t acmev2_req_init ( md_acme_req_t req,
md_json_t jpayload 
)
static

Definition at line 225 of file md_acme.c.

◆ http_update_nonce()

static apr_status_t http_update_nonce ( const md_http_response_t res,
void *  data 
)
static

Definition at line 123 of file md_acme.c.

◆ inspect_problem()

static apr_status_t inspect_problem ( md_acme_req_t req,
const md_http_response_t res 
)
static

Definition at line 169 of file md_acme.c.

◆ md_acme_acct_id_get()

const char * md_acme_acct_id_get ( md_acme_t acme)

Get the local name of the account currently used by the acme instance. Will be NULL if no account has been setup successfully.

Definition at line 533 of file md_acme.c.

◆ md_acme_acct_url_get()

const char * md_acme_acct_url_get ( md_acme_t acme)

Definition at line 538 of file md_acme.c.

◆ md_acme_clear_acct()

void md_acme_clear_acct ( md_acme_t acme)

Clear any existing account data from acme instance.

Definition at line 526 of file md_acme.c.

◆ md_acme_create()

apr_status_t md_acme_create ( md_acme_t **  pacme,
apr_pool_t p,
const char url,
const char proxy_url,
const char ca_file 
)

Create a new ACME server instance. If path is not NULL, will use that directory for persisting information. Will load any information persisted in earlier session. url needs only be specified for instances where this has never been persisted before.

Parameters
pacmewill hold the ACME server instance on success
ppool to used
urlurl of the server, optional if known at path
proxy_urloptional url of a HTTP(S) proxy to use

Definition at line 620 of file md_acme.c.

◆ md_acme_GET()

apr_status_t md_acme_GET ( md_acme_t acme,
const char url,
md_acme_req_init_cb on_init,
md_acme_req_json_cb on_json,
md_acme_req_res_cb on_res,
md_acme_req_err_cb on_err,
void *  baton 
)

Definition at line 455 of file md_acme.c.

◆ md_acme_get_json()

apr_status_t md_acme_get_json ( struct md_json_t **  pjson,
md_acme_t acme,
const char url,
apr_pool_t p 
)

Retrieve a JSON resource from the ACME server

Definition at line 509 of file md_acme.c.

◆ md_acme_init()

apr_status_t md_acme_init ( apr_pool_t pool,
const char base_version,
int  init_ssl 
)

Global init, call once at start up.

Definition at line 163 of file md_acme.c.

◆ md_acme_POST()

apr_status_t md_acme_POST ( md_acme_t acme,
const char url,
md_acme_req_init_cb on_init,
md_acme_req_json_cb on_json,
md_acme_req_res_cb on_res,
md_acme_req_err_cb on_err,
void *  baton 
)

Perform a POST against the ACME url. If a on_json callback is given and the HTTP response is JSON, only this callback is invoked. Otherwise, on HTTP status 2xx, the on_res callback is invoked. If no on_res is given, it is considered a response error, since only JSON was expected. At least one callback needs to be non-NULL.

Parameters
acmethe ACME server to talk to
urlthe url to send the request to
on_initcallback to initialize the request data
on_jsoncallback on successful JSON response
on_rescallback on successful HTTP response
batonuserdata for callbacks

Definition at line 432 of file md_acme.c.

◆ md_acme_POST_new_account()

apr_status_t md_acme_POST_new_account ( md_acme_t acme,
md_acme_req_init_cb on_init,
md_acme_req_json_cb on_json,
md_acme_req_res_cb on_res,
md_acme_req_err_cb on_err,
void *  baton 
)

Definition at line 607 of file md_acme.c.

◆ md_acme_problem_is_input_related()

int md_acme_problem_is_input_related ( const char problem)

Return != 0 iff the given problem identifier is an ACME error string indicating something is wrong with the input values, e.g. from our configuration.

Definition at line 91 of file md_acme.c.

◆ md_acme_report_result()

void md_acme_report_result ( md_acme_t acme,
apr_status_t  rv,
struct md_result_t result 
)

Definition at line 478 of file md_acme.c.

◆ md_acme_req_body_init()

apr_status_t md_acme_req_body_init ( md_acme_req_t req,
md_json_t payload 
)

Definition at line 250 of file md_acme.c.

◆ md_acme_req_create()

static md_acme_req_t * md_acme_req_create ( md_acme_t acme,
const char method,
const char url 
)
static

Definition at line 129 of file md_acme.c.

◆ md_acme_req_done()

static apr_status_t md_acme_req_done ( md_acme_req_t req,
apr_status_t  rv 
)
static

Definition at line 255 of file md_acme.c.

◆ md_acme_req_send()

static apr_status_t md_acme_req_send ( md_acme_req_t req)
static

Definition at line 335 of file md_acme.c.

◆ md_acme_save_acct()

apr_status_t md_acme_save_acct ( md_acme_t acme,
apr_pool_t p,
md_store_t store 
)

Definition at line 592 of file md_acme.c.

◆ md_acme_setup()

apr_status_t md_acme_setup ( md_acme_t acme,
struct md_result_t result 
)

Contact the ACME server and retrieve its directory information.

Parameters
acmethe ACME server to contact

Definition at line 756 of file md_acme.c.

◆ md_acme_use_acct()

apr_status_t md_acme_use_acct ( md_acme_t acme,
struct md_store_t store,
apr_pool_t p,
const char acct_id 
)

Specify the account to use by name in local store. On success, the account is the "current" one used by the acme instance.

Parameters
acmethe acme instance to set the account for
storethe store to load accounts from
ppool for allocations
acct_idname of the account to load

Definition at line 543 of file md_acme.c.

◆ md_acme_use_acct_for_md()

apr_status_t md_acme_use_acct_for_md ( md_acme_t acme,
struct md_store_t store,
apr_pool_t p,
const char acct_id,
const md_t md 
)

Specify the account to use for a specific MD by name in local store. On success, the account is the "current" one used by the acme instance.

Parameters
acmethe acme instance to set the account for
storethe store to load accounts from
ppool for allocations
acct_idname of the account to load
mdthe MD the account shall be used for

Definition at line 567 of file md_acme.c.

◆ on_got_json()

static apr_status_t on_got_json ( md_acme_t acme,
apr_pool_t p,
const apr_table_t headers,
md_json_t jbody,
void *  baton 
)
static

Definition at line 497 of file md_acme.c.

◆ on_response()

static apr_status_t on_response ( const md_http_response_t res,
void *  data 
)
static

Definition at line 273 of file md_acme.c.

◆ problem_status_get()

static apr_status_t problem_status_get ( const char type)
static

Definition at line 73 of file md_acme.c.

◆ req_update_nonce()

static void req_update_nonce ( md_acme_t acme,
apr_table_t hdrs 
)
static

Definition at line 113 of file md_acme.c.

◆ update_directory()

static apr_status_t update_directory ( const md_http_response_t res,
void *  data 
)
static

Definition at line 667 of file md_acme.c.

Variable Documentation

◆ base_product

const char* base_product = "-"
static

Definition at line 41 of file md_acme.c.

◆ Problems

acme_problem_status_t Problems[]
static
Initial value:
= {
{ "acme:error:badCSR", ( ( ( ( 20000 + 50000 ) + 50000 ) + ( 50000 * 10)) + 11) , 1 },
{ "acme:error:badNonce", ( ( ( ( 20000 + 50000 ) + 50000 ) + ( 50000 * 10)) + 13) , 0 },
{ "acme:error:badSignatureAlgorithm", ( ( ( ( 20000 + 50000 ) + 50000 ) + ( 50000 * 10)) + 11) , 1 },
{ "acme:error:externalAccountRequired", ( ( ( ( 20000 + 50000 ) + 50000 ) + ( 50000 * 10)) + 11) , 1 },
{ "acme:error:invalidContact", ( ( 20000 + 50000 ) + 13) , 1 },
{ "acme:error:unsupportedContact", ( 20000 + 14) , 1 },
{ "acme:error:malformed", ( ( ( ( 20000 + 50000 ) + 50000 ) + ( 50000 * 10)) + 11) , 1 },
{ "acme:error:rateLimited", ( ( 20000 + 50000 ) + 13) , 0 },
{ "acme:error:rejectedIdentifier", ( ( 20000 + 50000 ) + 13) , 1 },
{ "acme:error:serverInternal", ( 20000 + 14) , 0 },
{ "acme:error:unauthorized", ( ( ( ( 20000 + 50000 ) + 50000 ) + ( 50000 * 10)) + 1) , 0 },
{ "acme:error:unsupportedIdentifier", ( ( 20000 + 50000 ) + 13) , 1 },
{ "acme:error:userActionRequired", ( ( ( ( 20000 + 50000 ) + 50000 ) + ( 50000 * 10)) + 13) , 0 },
{ "acme:error:badRevocationReason", ( ( ( ( 20000 + 50000 ) + 50000 ) + ( 50000 * 10)) + 11) , 1 },
{ "acme:error:caa", ( 20000 + 14) , 0 },
{ "acme:error:dns", ( 20000 + 14) , 0 },
{ "acme:error:connection", ( 20000 + 14) , 0 },
{ "acme:error:tls", ( 20000 + 14) , 0 },
{ "acme:error:incorrectResponse", ( 20000 + 14) , 0 },
}

Definition at line 51 of file md_acme.c.

Generated by doxygen 1.9.8