2020-05-12 15:42:42 +00:00
|
|
|
/*
|
|
|
|
|
* include/proto/ssl_ckch.h
|
|
|
|
|
* ckch function prototypes
|
|
|
|
|
*
|
|
|
|
|
* Copyright (C) 2020 HAProxy Technologies, William Lallemand <wlallemand@haproxy.com>
|
|
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation, version 2.1
|
|
|
|
|
* exclusively.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef _PROTO_SSL_CKCH_H
|
|
|
|
|
#define _PROTO_SSL_CKCH_H
|
|
|
|
|
#ifdef USE_OPENSSL
|
|
|
|
|
|
REORG: ssl: move the ckch_store related functions to src/ssl_ckch.c
Move the cert_key_and_chain functions:
int ssl_sock_load_files_into_ckch(const char *path, struct cert_key_and_chain *ckch, char **err);
int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err);
void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch);
int ssl_sock_load_key_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err);
int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, char *buf, struct cert_key_and_chain *ckch, char **err);
int ssl_sock_load_sctl_from_file(const char *sctl_path, char *buf, struct cert_key_and_chain *ckch, char **err);
int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch, char **err);
And the utility ckch_store functions:
void ckch_store_free(struct ckch_store *store)
struct ckch_store *ckch_store_new(const char *filename, int nmemb)
struct ckch_store *ckchs_dup(const struct ckch_store *src)
ckch_store *ckchs_lookup(char *path)
ckch_store *ckchs_load_cert_file(char *path, int multi, char **err)
2020-05-13 08:10:01 +00:00
|
|
|
/* cert_key_and_chain functions */
|
|
|
|
|
|
|
|
|
|
int ssl_sock_load_files_into_ckch(const char *path, struct cert_key_and_chain *ckch, char **err);
|
|
|
|
|
int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err);
|
|
|
|
|
void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch);
|
|
|
|
|
|
|
|
|
|
int ssl_sock_load_key_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err);
|
|
|
|
|
int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, char *buf, struct cert_key_and_chain *ckch, char **err);
|
|
|
|
|
int ssl_sock_load_sctl_from_file(const char *sctl_path, char *buf, struct cert_key_and_chain *ckch, char **err);
|
|
|
|
|
int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch, char **err);
|
|
|
|
|
|
|
|
|
|
/* checks if a key and cert exists in the ckch */
|
|
|
|
|
#if HA_OPENSSL_VERSION_NUMBER >= 0x1000200fL
|
|
|
|
|
static inline int ssl_sock_is_ckch_valid(struct cert_key_and_chain *ckch)
|
|
|
|
|
{
|
|
|
|
|
return (ckch->cert != NULL && ckch->key != NULL);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2020-05-12 15:42:42 +00:00
|
|
|
|
|
|
|
|
/* ckch_store functions */
|
|
|
|
|
struct ckch_store *ckchs_load_cert_file(char *path, int multi, char **err);
|
|
|
|
|
struct ckch_store *ckchs_lookup(char *path);
|
REORG: ssl: move the ckch_store related functions to src/ssl_ckch.c
Move the cert_key_and_chain functions:
int ssl_sock_load_files_into_ckch(const char *path, struct cert_key_and_chain *ckch, char **err);
int ssl_sock_load_pem_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err);
void ssl_sock_free_cert_key_and_chain_contents(struct cert_key_and_chain *ckch);
int ssl_sock_load_key_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch , char **err);
int ssl_sock_load_ocsp_response_from_file(const char *ocsp_path, char *buf, struct cert_key_and_chain *ckch, char **err);
int ssl_sock_load_sctl_from_file(const char *sctl_path, char *buf, struct cert_key_and_chain *ckch, char **err);
int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct cert_key_and_chain *ckch, char **err);
And the utility ckch_store functions:
void ckch_store_free(struct ckch_store *store)
struct ckch_store *ckch_store_new(const char *filename, int nmemb)
struct ckch_store *ckchs_dup(const struct ckch_store *src)
ckch_store *ckchs_lookup(char *path)
ckch_store *ckchs_load_cert_file(char *path, int multi, char **err)
2020-05-13 08:10:01 +00:00
|
|
|
struct ckch_store *ckchs_dup(const struct ckch_store *src);
|
|
|
|
|
struct ckch_store *ckch_store_new(const char *filename, int nmemb);
|
|
|
|
|
void ckch_store_free(struct ckch_store *store);
|
|
|
|
|
|
2020-05-12 15:42:42 +00:00
|
|
|
|
|
|
|
|
/* ckch_inst functions */
|
|
|
|
|
void ckch_inst_free(struct ckch_inst *inst);
|
|
|
|
|
struct ckch_inst *ckch_inst_new();
|
|
|
|
|
|
2020-05-13 15:23:59 +00:00
|
|
|
int ckch_inst_new_load_store(const char *path, struct ckch_store *ckchs, struct bind_conf *bind_conf,
|
|
|
|
|
struct ssl_bind_conf *ssl_conf, char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err);
|
2020-05-12 15:42:42 +00:00
|
|
|
|
|
|
|
|
#endif /* USE_OPENSSL */
|
|
|
|
|
#endif /* _PROTO_SSL_CRTLIST_H */
|