|
Apache HTTPD
|
Go to the source code of this file.
Classes | |
| struct | md_credentials_t |
| struct | md_store_t |
Macros | |
| #define | MD_FN_MD "md.json" |
| #define | MD_FN_JOB "job.json" |
| #define | MD_FN_HTTPD_JSON "httpd.json" |
| #define | MD_FN_PRIVKEY "privkey.pem" |
| #define | MD_FN_PUBCERT "pubcert.pem" |
| #define | MD_FN_CERT "cert.pem" |
Enumerations | |
| enum | md_store_vtype_t { MD_SV_TEXT , MD_SV_JSON , MD_SV_CERT , MD_SV_PKEY , MD_SV_CHAIN } |
| enum | md_store_group_t { MD_SG_NONE , MD_SG_ACCOUNTS , MD_SG_CHALLENGES , MD_SG_DOMAINS , MD_SG_STAGING , MD_SG_ARCHIVE , MD_SG_TMP , MD_SG_OCSP , MD_SG_COUNT } |
| #define MD_FN_CERT "cert.pem" |
Definition at line 88 of file md_store.h.
| #define MD_FN_HTTPD_JSON "httpd.json" |
Definition at line 76 of file md_store.h.
| #define MD_FN_JOB "job.json" |
Definition at line 75 of file md_store.h.
| #define MD_FN_MD "md.json" |
Definition at line 74 of file md_store.h.
| #define MD_FN_PRIVKEY "privkey.pem" |
Definition at line 86 of file md_store.h.
| #define MD_FN_PUBCERT "pubcert.pem" |
Definition at line 87 of file md_store.h.
Definition at line 265 of file md_store.h.
| typedef apr_status_t md_store_get_fname_cb(const char **pfname, md_store_t *store, md_store_group_t group, const char *name, const char *aspect, apr_pool_t *p) |
Definition at line 307 of file md_store.h.
| typedef apr_time_t md_store_get_modified_cb(md_store_t *store, md_store_group_t group, const char *name, const char *aspect, apr_pool_t *p) |
Definition at line 316 of file md_store.h.
| typedef int md_store_inspect(void *baton, const char *name, const char *aspect, md_store_vtype_t vtype, void *value, apr_pool_t *ptemp) |
inspect callback function. Invoked for each matched value. Values allocated from ptemp may disappear any time after the call returned. If this function returns 0, the iteration is aborted.
Definition at line 152 of file md_store.h.
| typedef int md_store_is_newer_cb(md_store_t *store, md_store_group_t group1, md_store_group_t group2, const char *name, const char *aspect, apr_pool_t *p) |
Definition at line 312 of file md_store.h.
| typedef apr_status_t md_store_iter_cb(md_store_inspect *inspect, void *baton, md_store_t *store, apr_pool_t *p, md_store_group_t group, const char *pattern, const char *aspect, md_store_vtype_t vtype) |
Definition at line 294 of file md_store.h.
| typedef apr_status_t md_store_load_cb(md_store_t *store, md_store_group_t group, const char *name, const char *aspect, md_store_vtype_t vtype, void **pvalue, apr_pool_t *p) |
Definition at line 280 of file md_store.h.
| typedef apr_status_t md_store_lock_global_cb(md_store_t *store, apr_pool_t *p, apr_time_t max_wait) |
Definition at line 322 of file md_store.h.
| typedef int md_store_md_inspect(void *baton, md_store_t *store, md_t *md, apr_pool_t *ptemp) |
Definition at line 238 of file md_store.h.
| typedef apr_status_t md_store_move_cb(md_store_t *store, apr_pool_t *p, md_store_group_t from, md_store_group_t to, const char *name, int archive) |
Definition at line 301 of file md_store.h.
| typedef apr_status_t md_store_names_iter_cb(md_store_inspect *inspect, void *baton, md_store_t *store, apr_pool_t *p, md_store_group_t group, const char *pattern) |
Definition at line 298 of file md_store.h.
| typedef apr_status_t md_store_purge_cb(md_store_t *store, apr_pool_t *p, md_store_group_t group, const char *name) |
Definition at line 291 of file md_store.h.
| typedef apr_status_t md_store_remove_cb(md_store_t *store, md_store_group_t group, const char *name, const char *aspect, apr_pool_t *p, int force) |
Definition at line 288 of file md_store.h.
| typedef apr_status_t md_store_remove_nms_cb(md_store_t *store, apr_pool_t *p, apr_time_t modified, md_store_group_t group, const char *name, const char *aspect) |
Definition at line 319 of file md_store.h.
| typedef apr_status_t md_store_rename_cb(md_store_t *store, apr_pool_t *p, md_store_group_t group, const char *from, const char *to) |
Definition at line 304 of file md_store.h.
| typedef apr_status_t md_store_save_cb(md_store_t *store, apr_pool_t *p, md_store_group_t group, const char *name, const char *aspect, md_store_vtype_t vtype, void *value, int create) |
Definition at line 284 of file md_store.h.
Definition at line 27 of file md_store.h.
| typedef void md_store_unlock_global_cb(md_store_t *store, apr_pool_t *p) |
Definition at line 323 of file md_store.h.
Store storage groups
| Enumerator | |
|---|---|
| MD_SG_NONE | |
| MD_SG_ACCOUNTS | |
| MD_SG_CHALLENGES | |
| MD_SG_DOMAINS | |
| MD_SG_STAGING | |
| MD_SG_ARCHIVE | |
| MD_SG_TMP | |
| MD_SG_OCSP | |
| MD_SG_COUNT | |
Definition at line 62 of file md_store.h.
A store for domain related data.
The Key for a piece of data is the set of 3 items <group> + <domain> + <aspect>
Examples: "domains" + "greenbytes.de" + "pubcert.pem" "ocsp" + "greenbytes.de" + "ocsp-XXXXX.json"
Storage groups are pre-defined, domain and aspect names can be freely chosen.
Groups reflect use cases and come with security restrictions. The groups DOMAINS, ARCHIVE and NONE are only accessible during the startup phase of httpd.
Private key are stored unencrypted only in restricted groups. Meaning that certificate keys in group DOMAINS are not encrypted, but only readable at httpd start/reload. Keys in unrestricted groups are encrypted using a pass phrase generated once and stored in NONE. Value types handled by a store
| Enumerator | |
|---|---|
| MD_SV_TEXT | |
| MD_SV_JSON | |
| MD_SV_CERT | |
| MD_SV_PKEY | |
| MD_SV_CHAIN | |
Definition at line 52 of file md_store.h.
| const char * md_chain_filename | ( | struct md_pkey_spec_t * | spec, |
| apr_pool_t * | p | ||
| ) |
Definition at line 276 of file md_store.c.
| apr_status_t md_creds_load | ( | md_store_t * | store, |
| md_store_group_t | group, | ||
| const char * | name, | ||
| struct md_pkey_spec_t * | spec, | ||
| md_credentials_t ** | pcreds, | ||
| apr_pool_t * | p | ||
| ) |
Definition at line 311 of file md_store.c.
| apr_status_t md_creds_save | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | name, | ||
| md_credentials_t * | creds, | ||
| int | create | ||
| ) |
Definition at line 329 of file md_store.c.
| int md_is_newer | ( | md_store_t * | store, |
| md_store_group_t | group1, | ||
| md_store_group_t | group2, | ||
| const char * | name, | ||
| apr_pool_t * | p | ||
| ) |
Definition at line 245 of file md_store.c.
| apr_status_t md_load | ( | md_store_t * | store, |
| md_store_group_t | group, | ||
| const char * | name, | ||
| md_t ** | pmd, | ||
| apr_pool_t * | p | ||
| ) |
Definition at line 179 of file md_store.c.
| const char * md_pkey_filename | ( | struct md_pkey_spec_t * | spec, |
| apr_pool_t * | p | ||
| ) |
Definition at line 271 of file md_store.c.
| apr_status_t md_pkey_load | ( | md_store_t * | store, |
| md_store_group_t | group, | ||
| const char * | name, | ||
| struct md_pkey_spec_t * | spec, | ||
| struct md_pkey_t ** | ppkey, | ||
| apr_pool_t * | p | ||
| ) |
Definition at line 281 of file md_store.c.
| apr_status_t md_pkey_save | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | name, | ||
| struct md_pkey_spec_t * | spec, | ||
| struct md_pkey_t * | pkey, | ||
| int | create | ||
| ) |
Definition at line 288 of file md_store.c.
| apr_status_t md_pubcert_load | ( | md_store_t * | store, |
| md_store_group_t | group, | ||
| const char * | name, | ||
| struct md_pkey_spec_t * | spec, | ||
| struct apr_array_header_t ** | ppubcert, | ||
| apr_pool_t * | p | ||
| ) |
Definition at line 295 of file md_store.c.
| apr_status_t md_pubcert_save | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | name, | ||
| struct md_pkey_spec_t * | spec, | ||
| struct apr_array_header_t * | pubcert, | ||
| int | create | ||
| ) |
Definition at line 303 of file md_store.c.
| apr_status_t md_remove | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | name, | ||
| int | force | ||
| ) |
Definition at line 235 of file md_store.c.
| apr_status_t md_save | ( | struct md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| md_t * | md, | ||
| int | create | ||
| ) |
Definition at line 211 of file md_store.c.
| apr_status_t md_store_get_fname | ( | const char ** | pfname, |
| md_store_t * | store, | ||
| md_store_group_t | group, | ||
| const char * | name, | ||
| const char * | aspect, | ||
| apr_pool_t * | p | ||
| ) |
Get the filename of an item stored in "group/name/aspect". The item does not have to exist.
Definition at line 127 of file md_store.c.
| apr_time_t md_store_get_modified | ( | md_store_t * | store, |
| md_store_group_t | group, | ||
| const char * | name, | ||
| const char * | aspect, | ||
| apr_pool_t * | p | ||
| ) |
Get the modification time of the item store under "group/name/aspect".
Definition at line 144 of file md_store.c.
| int md_store_is_newer | ( | md_store_t * | store, |
| md_store_group_t | group1, | ||
| md_store_group_t | group2, | ||
| const char * | name, | ||
| const char * | aspect, | ||
| apr_pool_t * | p | ||
| ) |
Make a compare on the modification time of "group1/name/aspect" vs. "group2/name/aspect".
Definition at line 138 of file md_store.c.
| apr_status_t md_store_iter | ( | md_store_inspect * | inspect, |
| void * | baton, | ||
| md_store_t * | store, | ||
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | pattern, | ||
| const char * | aspect, | ||
| md_store_vtype_t | vtype | ||
| ) |
Iterator over all existing values matching the name pattern. Patterns are evaluated using apr_fnmatch() without flags.
Definition at line 99 of file md_store.c.
| apr_status_t md_store_iter_names | ( | md_store_inspect * | inspect, |
| void * | baton, | ||
| md_store_t * | store, | ||
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | pattern | ||
| ) |
Iterate over all names that exist in a group, e.g. there are items matching "group/pattern". The inspect function is called with the name and NULL aspect and value.
Definition at line 150 of file md_store.c.
| apr_status_t md_store_load | ( | md_store_t * | store, |
| md_store_group_t | group, | ||
| const char * | name, | ||
| const char * | aspect, | ||
| md_store_vtype_t | vtype, | ||
| void ** | pdata, | ||
| apr_pool_t * | p | ||
| ) |
Load the value of type at key "group/name/aspect", allocated from pool p. Usually, the type is expected to be the same as used in saving the value. Some conversions will work, others will fail the format.
Definition at line 70 of file md_store.c.
| apr_status_t md_store_load_json | ( | md_store_t * | store, |
| md_store_group_t | group, | ||
| const char * | name, | ||
| const char * | aspect, | ||
| struct md_json_t ** | pdata, | ||
| apr_pool_t * | p | ||
| ) |
Load the JSON value at key "group/name/aspect", allocated from pool p.
Definition at line 106 of file md_store.c.
| apr_status_t md_store_lock_global | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| apr_time_t | max_wait | ||
| ) |
Acquire a cooperative, global lock on store modifications.
This will only prevent other children/processes/cluster nodes from doing the same and does not protect individual store functions from being called without it.
| store | the store |
| p | memory pool to use |
| max_wait | maximum time to wait in order to acquire |
Definition at line 377 of file md_store.c.
| apr_status_t md_store_md_iter | ( | md_store_md_inspect * | inspect, |
| void * | baton, | ||
| md_store_t * | store, | ||
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | pattern | ||
| ) |
Definition at line 364 of file md_store.c.
| apr_status_t md_store_move | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | from, | ||
| md_store_group_t | to, | ||
| const char * | name, | ||
| int | archive | ||
| ) |
Move everything matching key "from/name" from one group to another. If archive != 0, move any existing "to/name" into a new "archive/new_name" location.
Definition at line 120 of file md_store.c.
| apr_status_t md_store_purge | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | name | ||
| ) |
Remove everything matching key "group/name".
Definition at line 93 of file md_store.c.
| apr_status_t md_store_remove | ( | md_store_t * | store, |
| md_store_group_t | group, | ||
| const char * | name, | ||
| const char * | aspect, | ||
| apr_pool_t * | p, | ||
| int | force | ||
| ) |
Remove the value stored at key "group/name/aspect". Unless force != 0, a missing value will cause the call to fail with APR_ENOENT.
Definition at line 86 of file md_store.c.
| apr_status_t md_store_remove_not_modified_since | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| apr_time_t | modified, | ||
| md_store_group_t | group, | ||
| const char * | name, | ||
| const char * | aspect | ||
| ) |
Remove all items matching the name/aspect patterns that have not been modified since the given timestamp.
Definition at line 156 of file md_store.c.
| apr_status_t md_store_rename | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | name, | ||
| const char * | to | ||
| ) |
Rename a group member.
Definition at line 165 of file md_store.c.
| apr_status_t md_store_save | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | name, | ||
| const char * | aspect, | ||
| md_store_vtype_t | vtype, | ||
| void * | data, | ||
| int | create | ||
| ) |
Save the JSON value at key "group/name/aspect". If create != 0, fail if there already is a value for this key. The provided data MUST be of the correct type.
Definition at line 78 of file md_store.c.
| apr_status_t md_store_save_json | ( | md_store_t * | store, |
| apr_pool_t * | p, | ||
| md_store_group_t | group, | ||
| const char * | name, | ||
| const char * | aspect, | ||
| struct md_json_t * | data, | ||
| int | create | ||
| ) |
Save the JSON value at key "group/name/aspect". If create != 0, fail if there already is a value for this key.
Definition at line 113 of file md_store.c.
| void md_store_unlock_global | ( | md_store_t * | store, |
| apr_pool_t * | p | ||
| ) |
Realease the global store lock. Will do nothing if there is no lock.
Definition at line 382 of file md_store.c.
1.9.8