|
Apache HTTPD
|
#include "tls_util.h"Go to the source code of this file.
Classes | |
| struct | tls_cert_pem_t |
| struct | tls_cert_spec_t |
| struct | tls_cert_reg_t |
| struct | tls_cert_root_stores_t |
| struct | tls_cert_verifiers_t |
Typedefs | |
| typedef struct tls_cert_reg_t | tls_cert_reg_t |
| typedef int | tls_cert_reg_visitor(void *userdata, server_rec *s, const char *id, const char *cert_pem, const rustls_certified_key *certified_key) |
| typedef struct tls_cert_root_stores_t | tls_cert_root_stores_t |
| typedef struct tls_cert_verifiers_t | tls_cert_verifiers_t |
A registry of rustls_certified_key* by identifier.
Definition at line 62 of file tls_cert.h.
| typedef int tls_cert_reg_visitor(void *userdata, server_rec *s, const char *id, const char *cert_pem, const rustls_certified_key *certified_key) |
Visit all certified keys in the registry. The callback may return 0 to abort the iteration.
| userdata | supplied by the visit invocation |
| s | the server_rec the certified was load into first |
| id | internal identifier of the certified key |
| cert_pem | the PEM data of the certificate and its chain |
| certified_key | the key instance itself |
Definition at line 102 of file tls_cert.h.
Definition at line 133 of file tls_cert.h.
Definition at line 162 of file tls_cert.h.
| apr_status_t tls_cert_client_verifiers_get | ( | tls_cert_verifiers_t * | verifiers, |
| const char * | store_file, | ||
| const rustls_client_cert_verifier ** | pverifier | ||
| ) |
Get the mandatory client certificate verifier for the root certificate store in store_file. Will create the verifier if not already known.
| verifiers | the registry of certificate verifiers |
| store_file | the (server relative) path of the PEM file with certificates |
| pverifiers | the verifier on success |
Definition at line 569 of file tls_cert.c.
| apr_status_t tls_cert_client_verifiers_get_optional | ( | tls_cert_verifiers_t * | verifiers, |
| const char * | store_file, | ||
| const rustls_client_cert_verifier ** | pverifier | ||
| ) |
Get the optional client certificate verifier for the root certificate store in store_file. Will create the verifier if not already known.
| verifiers | the registry of certificate verifiers |
| store_file | the (server relative) path of the PEM file with certificates |
| pverifiers | the verifier on success |
Definition at line 577 of file tls_cert.c.
| apr_status_t tls_cert_load_cert_key | ( | apr_pool_t * | p, |
| const tls_cert_spec_t * | spec, | ||
| const char ** | pcert_pem, | ||
| const rustls_certified_key ** | pckey | ||
| ) |
Load a rustls certified key from a certificate specification. The returned rustls_certified_key is owned by the caller.
| p | the memory pool to use |
| spec | the specification for the certificate (file or PEM data) |
| cert_pem | return the PEM data used for loading the certificates, optional |
| pckey | the loaded certified key on return |
Definition at line 177 of file tls_cert.c.
| apr_status_t tls_cert_load_pem | ( | apr_pool_t * | p, |
| const tls_cert_spec_t * | cert, | ||
| tls_cert_pem_t ** | ppem | ||
| ) |
Load the PEM data for a certificate file and key file as given in cert.
Definition at line 35 of file tls_cert.c.
| apr_status_t tls_cert_load_root_store | ( | apr_pool_t * | p, |
| const char * | store_file, | ||
| const rustls_root_cert_store ** | pstore | ||
| ) |
Load all root certificates from a PEM file into a rustls_root_cert_store.
| p | the memory pool to use |
| store_file | the (server relative) path of the PEM file |
| pstore | the loaded root store on success |
Definition at line 333 of file tls_cert.c.
| apr_size_t tls_cert_reg_count | ( | tls_cert_reg_t * | reg | ) |
Return the number of certified keys in the registry.
Definition at line 254 of file tls_cert.c.
| void tls_cert_reg_do | ( | tls_cert_reg_visitor * | visitor, |
| void * | userdata, | ||
| tls_cert_reg_t * | reg | ||
| ) |
Visit all certified_key entries in the registry.
| visitor | callback invoked on each entry until it returns 0. |
| userdata | passed to callback |
| reg | the registry to iterate over |
Definition at line 316 of file tls_cert.c.
| apr_status_t tls_cert_reg_get_certified_key | ( | tls_cert_reg_t * | reg, |
| server_rec * | s, | ||
| const tls_cert_spec_t * | spec, | ||
| const rustls_certified_key ** | pckey | ||
| ) |
Get a the rustls_certified_key identified by spec from the registry. This will load the key the first time it is requested. The returned rustls_certified_key is owned by the registry.
| reg | the certified key registry |
| s | the server_rec this is loaded into, useful for error logging |
| spec | the specification of the certified key |
| pckey | the certified key instance on return |
Definition at line 266 of file tls_cert.c.
| const char * tls_cert_reg_get_id | ( | tls_cert_reg_t * | reg, |
| const rustls_certified_key * | certified_key | ||
| ) |
Get the identity assigned to a loaded, certified key. Returns NULL, if the key is not part of the registry. The returned bytes are owned by the registry entry.
| reg | the registry to look in. |
| certified_key | the key to get the identifier for |
Definition at line 325 of file tls_cert.c.
| tls_cert_reg_t * tls_cert_reg_make | ( | apr_pool_t * | p | ) |
Create a new registry with lifetime based on the memory pool. The registry will take care of its memory and allocated keys when the pool is destroyed.
Definition at line 242 of file tls_cert.c.
| void tls_cert_root_stores_clear | ( | tls_cert_root_stores_t * | stores | ) |
Clear the root stores registry, freeing all stores.
Definition at line 420 of file tls_cert.c.
| apr_status_t tls_cert_root_stores_get | ( | tls_cert_root_stores_t * | stores, |
| const char * | store_file, | ||
| const rustls_root_cert_store ** | pstore | ||
| ) |
Load all root certificates from a PEM file into a rustls_root_cert_store.
| p | the memory pool to use |
| store_file | the (server relative) path of the PEM file |
| pstore | the loaded root store on success |
Definition at line 428 of file tls_cert.c.
| tls_cert_root_stores_t * tls_cert_root_stores_make | ( | apr_pool_t * | p | ) |
Create a new root stores registry with lifetime based on the memory pool. The registry will take care of its memory and allocated stores when the pool is destroyed.
Definition at line 409 of file tls_cert.c.
| apr_status_t tls_cert_to_pem | ( | const char ** | ppem, |
| apr_pool_t * | p, | ||
| const rustls_certificate * | cert | ||
| ) |
Definition at line 121 of file tls_cert.c.
| void tls_cert_verifiers_clear | ( | tls_cert_verifiers_t * | verifiers | ) |
Clear the verifiers registry, freeing all verifiers.
Definition at line 498 of file tls_cert.c.
| tls_cert_verifiers_t * tls_cert_verifiers_make | ( | apr_pool_t * | p, |
| tls_cert_root_stores_t * | stores | ||
| ) |
Create a new registry for certificate verifiers with lifetime based on the memory pool. The registry will take care of its memory and allocated verifiers when the pool is destroyed.
| p | the memory pool to use |
| stores | the store registry for lookups |
Definition at line 485 of file tls_cert.c.
1.9.8