Apache HTTPD
md_acme_acct.h
Go to the documentation of this file.
1/* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#ifndef mod_md_md_acme_acct_h
18#define mod_md_md_acme_acct_h
19
20struct md_acme_req;
21struct md_json_t;
22struct md_pkey_t;
23
24#include "md_store.h"
25
29typedef struct md_acme_acct_t md_acme_acct_t;
30
37
38struct md_acme_acct_t {
39 const char *id; /* short, unique id for the account */
40 const char *url; /* url of the account, once registered */
41 const char *ca_url; /* url of the ACME protocol endpoint */
42 md_acme_acct_st status; /* status of this account */
43 apr_array_header_t *contacts; /* list of contact uris, e.g. mailto:xxx */
44 const char *tos_required; /* terms of service asked for by CA */
45 const char *agreement; /* terms of service agreed to by user */
46 const char *orders; /* URL where certificate orders are found (ACMEv2) */
47 const char *eab_kid; /* external account binding keyid used or NULL */
48 const char *eab_hmac; /* external account binding hmac used or NULL */
49 struct md_json_t *registration; /* data from server registration */
50};
51
52#define MD_FN_ACCOUNT "account.json"
53#define MD_FN_ACCT_KEY "account.pem"
54
55/* ACME account private keys are always RSA and have that many bits. Since accounts
56 * are expected to live long, better err on the safe side. */
57#define MD_ACME_ACCT_PKEY_BITS 3072
58
59#define MD_ACME_ACCT_STAGED "staged"
60
64struct md_json_t *md_acme_acct_to_json(md_acme_acct_t *acct, apr_pool_t *p);
65apr_status_t md_acme_acct_from_json(md_acme_acct_t **pacct, struct md_json_t *json, apr_pool_t *p);
66
72apr_status_t md_acme_acct_update(md_acme_t *acme);
73
77apr_status_t md_acme_acct_validate(md_acme_t *acme, md_store_t *store, apr_pool_t *p);
78
82apr_status_t md_acme_agree(md_acme_t *acme, apr_pool_t *p, const char *tos);
83
96apr_status_t md_acme_check_agreement(md_acme_t *acme, apr_pool_t *p,
97 const char *agreement, const char **prequired);
98
102const char *md_acme_get_agreement(md_acme_t *acme);
103
104
109apr_status_t md_acme_find_acct_for_md(md_acme_t *acme, md_store_t *store, const md_t *md);
110
114apr_status_t md_acme_acct_id_for_md(const char **pid, md_store_t *store,
115 md_store_group_t group, const md_t *md, apr_pool_t *p);
116
121apr_status_t md_acme_acct_register(md_acme_t *acme, md_store_t *store,
122 const md_t *md, apr_pool_t *p);
123
124apr_status_t md_acme_acct_save(md_store_t *store, apr_pool_t *p, md_acme_t *acme,
125 const char **pid, struct md_acme_acct_t *acct,
126 struct md_pkey_t *acct_key);
127
131apr_status_t md_acme_acct_deactivate(md_acme_t *acme, apr_pool_t *p);
132
133apr_status_t md_acme_acct_load(struct md_acme_acct_t **pacct, struct md_pkey_t **ppkey,
134 md_store_t *store, md_store_group_t group,
135 const char *name, apr_pool_t *p);
136
137/*
138 * Return != 0 iff the account can be used for the ACME url.
139 */
140int md_acme_acct_matches_url(md_acme_acct_t *acct, const char *url);
141
142/*
143 * Return != 0 iff the account can be used for the MD, including
144 * its CA url and EAB settings.
145 */
146int md_acme_acct_matches_md(md_acme_acct_t *acct, const md_t *md);
147
148#endif /* md_acme_acct_h */
url
const char * url
Definition apr_escape.h:120
size
apr_size_t size
Definition apr_allocator.h:115
apr_status_t
int apr_status_t
Definition apr_errno.h:44
md_acme_agree
apr_status_t md_acme_agree(md_acme_t *acme, apr_pool_t *p, const char *tos)
Definition md_acme_acct.c:714
md_acme_acct_matches_md
int md_acme_acct_matches_md(md_acme_acct_t *acct, const md_t *md)
Definition md_acme_acct.c:244
md_acme_acct_from_json
apr_status_t md_acme_acct_from_json(md_acme_acct_t **pacct, struct md_json_t *json, apr_pool_t *p)
Definition md_acme_acct.c:123
md_acme_acct_matches_url
int md_acme_acct_matches_url(md_acme_acct_t *acct, const char *url)
Definition md_acme_acct.c:237
md_acme_acct_validate
apr_status_t md_acme_acct_validate(md_acme_t *acme, md_store_t *store, apr_pool_t *p)
Definition md_acme_acct.c:476
md_acme_get_agreement
const char * md_acme_get_agreement(md_acme_t *acme)
md_acme_acct_deactivate
apr_status_t md_acme_acct_deactivate(md_acme_t *acme, apr_pool_t *p)
Definition md_acme_acct.c:682
md_acme_acct_id_for_md
apr_status_t md_acme_acct_id_for_md(const char **pid, md_store_t *store, md_store_group_t group, const md_t *md, apr_pool_t *p)
Definition md_acme_acct.c:381
md_acme_acct_st
md_acme_acct_st
Definition md_acme_acct.h:31
MD_ACME_ACCT_ST_DEACTIVATED
@ MD_ACME_ACCT_ST_DEACTIVATED
Definition md_acme_acct.h:34
MD_ACME_ACCT_ST_REVOKED
@ MD_ACME_ACCT_ST_REVOKED
Definition md_acme_acct.h:35
MD_ACME_ACCT_ST_UNKNOWN
@ MD_ACME_ACCT_ST_UNKNOWN
Definition md_acme_acct.h:32
MD_ACME_ACCT_ST_VALID
@ MD_ACME_ACCT_ST_VALID
Definition md_acme_acct.h:33
md_acme_acct_to_json
struct md_json_t * md_acme_acct_to_json(md_acme_acct_t *acct, apr_pool_t *p)
Definition md_acme_acct.c:89
md_acme_acct_save
apr_status_t md_acme_acct_save(md_store_t *store, apr_pool_t *p, md_acme_t *acme, const char **pid, struct md_acme_acct_t *acct, struct md_pkey_t *acct_key)
Definition md_acme_acct.c:176
md_acme_check_agreement
apr_status_t md_acme_check_agreement(md_acme_t *acme, apr_pool_t *p, const char *agreement, const char **prequired)
Definition md_acme_acct.c:729
md_acme_find_acct_for_md
apr_status_t md_acme_find_acct_for_md(md_acme_t *acme, md_store_t *store, const md_t *md)
Definition md_acme_acct.c:358
md_acme_acct_register
apr_status_t md_acme_acct_register(md_acme_t *acme, md_store_t *store, const md_t *md, apr_pool_t *p)
Definition md_acme_acct.c:573
md_acme_acct_update
apr_status_t md_acme_acct_update(md_acme_t *acme)
Definition md_acme_acct.c:462
md_acme_acct_load
apr_status_t md_acme_acct_load(struct md_acme_acct_t **pacct, struct md_pkey_t **ppkey, md_store_t *store, md_store_group_t group, const char *name, apr_pool_t *p)
Definition md_acme_acct.c:202
p
apr_pool_t * p
Definition md_event.c:32
md_store.h
md_store_group_t
md_store_group_t
Definition md_store.h:62
name
char * name
Definition ssl_engine_vars.c:563
apr_array_header_t
Definition apr_tables.h:62
apr_pool_t
Definition apr_pools.c:562
md_acme_acct_t
Definition md_acme_acct.h:38
md_acme_acct_t::agreement
const char * agreement
Definition md_acme_acct.h:45
md_acme_acct_t::contacts
apr_array_header_t * contacts
Definition md_acme_acct.h:43
md_acme_acct_t::ca_url
const char * ca_url
Definition md_acme_acct.h:41
md_acme_acct_t::eab_hmac
const char * eab_hmac
Definition md_acme_acct.h:48
md_acme_acct_t::orders
const char * orders
Definition md_acme_acct.h:46
md_acme_acct_t::eab_kid
const char * eab_kid
Definition md_acme_acct.h:47
md_acme_acct_t::status
md_acme_acct_st status
Definition md_acme_acct.h:42
md_acme_acct_t::tos_required
const char * tos_required
Definition md_acme_acct.h:44
md_acme_acct_t::id
const char * id
Definition md_acme_acct.h:39
md_acme_acct_t::url
const char * url
Definition md_acme_acct.h:40
md_acme_acct_t::registration
struct md_json_t * registration
Definition md_acme_acct.h:49
md_acme_t
Definition md_acme.h:94
md_json_t
Definition md_json.c:56
md_pkey_t
Definition md_crypt.c:70
md_store_t
Definition md_store.h:325
md_t
Definition md.h:76
Generated by doxygen 1.9.8