1 files changed, 130 insertions, 0 deletions
diff --git a/doc/chapters/tlsauthentication.inc b/doc/chapters/tlsauthentication.inc
new file mode 100644
index 00000000..37b45b8e
--- /dev/null
+++ b/doc/chapters/tlsauthentication.inc
@@ -0,0 +1,130 @@
+We left the basic authentication chapter with the unsatisfactory conclusion that
+any traffic, including the credentials, could be intercepted by anyone between
+the browser client and the server. Protecting the data while it is sent over 
+unsecured lines will be the goal of this chapter.
+Since version 0.4, the @emph{MHD} library includes support for encrypting the
+traffic by employing SSL/TSL. If @emph{GNU libmicrohttpd} has been configured to
+support these, encryption and decryption can be applied transparently on the
+data being sent, with only minimal changes to the actual source code of the example.
+@heading Preparation
+First, a private key for the server will be generated. With this key, the server
+will later be able to authenticate itself to the client---preventing anyone else
+from stealing the password by faking its identity. The @emph{OpenSSL} suite, which
+is available on many operating systems, can generate such a key. For the scope of
+this tutorial, we will be content with a 1024 bit key:
+@verbatim
+> openssl genrsa -out server.key 1024
+@end verbatim
+@noindent
+In addition to the key, a certificate describing the server in human readable tokens
+is also needed. This certificate will be attested with our aforementioned key. In this way,
+we obtain a self-signed certificate, valid for one year. 
+@verbatim
+> openssl req -days 365 -out server.pem -new -x509 -key server.key
+@end verbatim
+@noindent
+To avoid unnecessary error messages in the browser, the certificate needs to
+have a name that matches the @emph{URI}, for example, "localhost" or the domain.
+If you plan to have a publicly reachable server, you will need to ask a trusted third party,
+called @emph{Certificate Authority}, or @emph{CA}, to attest the certificate for you. This way,
+any visitor can make sure the server's identity is real.
+Whether the server's certificate is signed by us or a third party, once it has been accepted
+by the client, both sides will be communicating over encrypted channels. From this point on,
+it is the client's turn to authenticate itself. But this has already been implemented in the basic 
+authentication scheme.
+@heading Changing the source code
+We merely have to extend the server program so that it loads the two files into memory,
+@verbatim
+int
+main ()
+{
+  struct MHD_Daemon *daemon;
+  char *key_pem;
+  char *cert_pem;
+  key_pem = load_file (SERVERKEYFILE);
+  cert_pem = load_file (SERVERCERTFILE);
+  if ((key_pem == NULL) || (cert_pem == NULL))
+  {
+    printf ("The key/certificate files could not be read.\n");
+    return 1;
+  }
+@end verbatim
+@noindent
+and then we point the @emph{MHD} daemon to it upon initalization. 
+@verbatim
+  daemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY |  MHD_USE_SSL, PORT, NULL, NULL,
+                             &answer_to_connection, NULL, 
+                             MHD_OPTION_HTTPS_MEM_KEY, key_pem,
+                             MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
+                             MHD_OPTION_END);
+  if (NULL == daemon)
+    {
+      printf ("%s\n", cert_pem);
+  
+      free (key_pem);
+      free (cert_pem);
+  
+      return 1;
+    }
+@end verbatim
+@noindent
+The rest consists of little new besides some additional memory cleanups.
+@verbatim
+  getchar ();
+  MHD_stop_daemon (daemon);
+  free (key_pem);
+  free (cert_pem);
+  
+  return 0;
+}
+@end verbatim
+@noindent
+The rather unexciting file loader can be found in the complete example @code{tlsauthentication.c}.
+@heading Remarks
+@itemize @bullet
+@item
+While the standard @emph{HTTP} port is 80, it is 443 for @emph{HTTPS}. The common internet browsers assume
+standard @emph{HTTP} if they are asked to access other ports than these. Therefore, you will have to type 
+@code{https://localhost:8888} explicitly when you test the example, or the browser will not know how to
+handle the answer properly.
+@item
+The remaining weak point is the question how the server will be trusted initially. Either a @emph{CA} signs the
+certificate or the client obtains the key over secure means. Anyway, the clients have to be aware (or configured) 
+that they should not accept certificates of unknown origin.
+@item
+The introduced method of certificates makes it mandatory to set an expiration date---making it less feasible to
+hardcode certificates in embedded devices. 
+@item
+The cryptographic facilities consume memory space and computing time. For this reason, websites usually consists
+both of uncritically @emph{HTTP} parts and secured @emph{HTTPS}.
+@end itemize

diff --git a/doc/chapters/tlsauthentication.inc b/doc/chapters/tlsauthentication.inc new file mode 100644 index 00000000..37b45b8e --- /dev/null +++ b/doc/chapters/tlsauthentication.inc
@@ -0,0 +1,130 @@
	1	We left the basic authentication chapter with the unsatisfactory conclusion that
	2	any traffic, including the credentials, could be intercepted by anyone between
	3	the browser client and the server. Protecting the data while it is sent over
	4	unsecured lines will be the goal of this chapter.
	5
	6	Since version 0.4, the @emph{MHD} library includes support for encrypting the
	7	traffic by employing SSL/TSL. If @emph{GNU libmicrohttpd} has been configured to
	8	support these, encryption and decryption can be applied transparently on the
	9	data being sent, with only minimal changes to the actual source code of the example.
	10
	11
	12	@heading Preparation
	13
	14	First, a private key for the server will be generated. With this key, the server
	15	will later be able to authenticate itself to the client---preventing anyone else
	16	from stealing the password by faking its identity. The @emph{OpenSSL} suite, which
	17	is available on many operating systems, can generate such a key. For the scope of
	18	this tutorial, we will be content with a 1024 bit key:
	19	@verbatim
	20	> openssl genrsa -out server.key 1024
	21	@end verbatim
	22	@noindent
	23
	24	In addition to the key, a certificate describing the server in human readable tokens
	25	is also needed. This certificate will be attested with our aforementioned key. In this way,
	26	we obtain a self-signed certificate, valid for one year.
	27
	28	@verbatim
	29	> openssl req -days 365 -out server.pem -new -x509 -key server.key
	30	@end verbatim
	31	@noindent
	32
	33	To avoid unnecessary error messages in the browser, the certificate needs to
	34	have a name that matches the @emph{URI}, for example, "localhost" or the domain.
	35	If you plan to have a publicly reachable server, you will need to ask a trusted third party,
	36	called @emph{Certificate Authority}, or @emph{CA}, to attest the certificate for you. This way,
	37	any visitor can make sure the server's identity is real.
	38
	39	Whether the server's certificate is signed by us or a third party, once it has been accepted
	40	by the client, both sides will be communicating over encrypted channels. From this point on,
	41	it is the client's turn to authenticate itself. But this has already been implemented in the basic
	42	authentication scheme.
	43
	44
	45	@heading Changing the source code
	46
	47	We merely have to extend the server program so that it loads the two files into memory,
	48
	49	@verbatim
	50	int
	51	main ()
	52	{
	53	struct MHD_Daemon *daemon;
	54	char *key_pem;
	55	char *cert_pem;
	56
	57	key_pem = load_file (SERVERKEYFILE);
	58	cert_pem = load_file (SERVERCERTFILE);
	59
	60	if ((key_pem == NULL) \|\| (cert_pem == NULL))
	61	{
	62	printf ("The key/certificate files could not be read.\n");
	63	return 1;
	64	}
	65	@end verbatim
	66	@noindent
	67
	68	and then we point the @emph{MHD} daemon to it upon initalization.
	69	@verbatim
	70
	71	daemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY \| MHD_USE_SSL, PORT, NULL, NULL,
	72	&answer_to_connection, NULL,
	73	MHD_OPTION_HTTPS_MEM_KEY, key_pem,
	74	MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
	75	MHD_OPTION_END);
	76
	77	if (NULL == daemon)
	78	{
	79	printf ("%s\n", cert_pem);
	80
	81	free (key_pem);
	82	free (cert_pem);
	83
	84	return 1;
	85	}
	86	@end verbatim
	87	@noindent
	88
	89
	90	The rest consists of little new besides some additional memory cleanups.
	91	@verbatim
	92
	93	getchar ();
	94
	95	MHD_stop_daemon (daemon);
	96	free (key_pem);
	97	free (cert_pem);
	98
	99	return 0;
	100	}
	101	@end verbatim
	102	@noindent
	103
	104
	105	The rather unexciting file loader can be found in the complete example @code{tlsauthentication.c}.
	106
	107	@heading Remarks
	108	@itemize @bullet
	109	@item
	110	While the standard @emph{HTTP} port is 80, it is 443 for @emph{HTTPS}. The common internet browsers assume
	111	standard @emph{HTTP} if they are asked to access other ports than these. Therefore, you will have to type
	112	@code{https://localhost:8888} explicitly when you test the example, or the browser will not know how to
	113	handle the answer properly.
	114
	115	@item
	116	The remaining weak point is the question how the server will be trusted initially. Either a @emph{CA} signs the
	117	certificate or the client obtains the key over secure means. Anyway, the clients have to be aware (or configured)
	118	that they should not accept certificates of unknown origin.
	119
	120	@item
	121	The introduced method of certificates makes it mandatory to set an expiration date---making it less feasible to
	122	hardcode certificates in embedded devices.
	123
	124	@item
	125	The cryptographic facilities consume memory space and computing time. For this reason, websites usually consists
	126	both of uncritically @emph{HTTP} parts and secured @emph{HTTPS}.
	127
	128	@end itemize
	129
	130