aboutsummaryrefslogtreecommitdiff
path: root/src/daemon/https/tls/gnutls_cert.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/daemon/https/tls/gnutls_cert.c')
-rw-r--r--src/daemon/https/tls/gnutls_cert.c142
1 files changed, 0 insertions, 142 deletions
diff --git a/src/daemon/https/tls/gnutls_cert.c b/src/daemon/https/tls/gnutls_cert.c
index f0357840..a8353d70 100644
--- a/src/daemon/https/tls/gnutls_cert.c
+++ b/src/daemon/https/tls/gnutls_cert.c
@@ -279,87 +279,6 @@ MHD_gtls_selected_cert_supported_kx (MHD_gtls_session_t session,
279} 279}
280 280
281 281
282/**
283 * MHD_gtls_certificate_server_set_request - Used to set whether to request a client certificate
284 * @session: is an #MHD_gtls_session_t structure.
285 * @req: is one of GNUTLS_CERT_REQUEST, GNUTLS_CERT_REQUIRE
286 *
287 * This function specifies if we (in case of a server) are going
288 * to send a certificate request message to the client. If @req
289 * is GNUTLS_CERT_REQUIRE then the server will return an error if
290 * the peer does not provide a certificate. If you do not
291 * call this function then the client will not be asked to
292 * send a certificate.
293 **/
294void
295MHD_gtls_certificate_server_set_request (MHD_gtls_session_t session,
296 MHD_gnutls_certificate_request_t req)
297{
298 session->internals.send_cert_req = req;
299}
300
301/**
302 * MHD_gtls_certificate_client_set_retrieve_function - Used to set a callback to retrieve the certificate
303 * @cred: is a #MHD_gtls_cert_credentials_t structure.
304 * @func: is the callback function
305 *
306 * This function sets a callback to be called in order to retrieve the certificate
307 * to be used in the handshake.
308 * The callback's function prototype is:
309 * int (*callback)(MHD_gtls_session_t, const MHD_gnutls_datum_t* req_ca_dn, int nreqs,
310 * const enum MHD_GNUTLS_PublicKeyAlgorithm* pk_algos, int pk_algos_length, MHD_gnutls_retr_st* st);
311 *
312 * @req_ca_cert is only used in X.509 certificates.
313 * Contains a list with the CA names that the server considers trusted.
314 * Normally we should send a certificate that is signed
315 * by one of these CAs. These names are DER encoded. To get a more
316 * meaningful value use the function MHD_gnutls_x509_rdn_get().
317 *
318 * @pk_algos contains a list with server's acceptable signature algorithms.
319 * The certificate returned should support the server's given algorithms.
320 *
321 * @st should contain the certificates and private keys.
322 *
323 * If the callback function is provided then gnutls will call it, in the
324 * handshake, after the certificate request message has been received.
325 *
326 * The callback function should set the certificate list to be sent, and
327 * return 0 on success. If no certificate was selected then the number of certificates
328 * should be set to zero. The value (-1) indicates error and the handshake
329 * will be terminated.
330 **/
331void MHD_gtls_certificate_client_set_retrieve_function
332 (MHD_gtls_cert_credentials_t cred,
333 MHD_gnutls_certificate_client_retrieve_function * func)
334{
335 cred->client_get_cert_callback = func;
336}
337
338/**
339 * MHD_gtls_certificate_server_set_retrieve_function - Used to set a callback to retrieve the certificate
340 * @cred: is a #MHD_gtls_cert_credentials_t structure.
341 * @func: is the callback function
342 *
343 * This function sets a callback to be called in order to retrieve the certificate
344 * to be used in the handshake.
345 * The callback's function prototype is:
346 * int (*callback)(MHD_gtls_session_t, MHD_gnutls_retr_st* st);
347 *
348 * @st should contain the certificates and private keys.
349 *
350 * If the callback function is provided then gnutls will call it, in the
351 * handshake, after the certificate request message has been received.
352 *
353 * The callback function should set the certificate list to be sent, and
354 * return 0 on success. The value (-1) indicates error and the handshake
355 * will be terminated.
356 **/
357void MHD_gtls_certificate_server_set_retrieve_function
358 (MHD_gtls_cert_credentials_t cred,
359 MHD_gnutls_certificate_server_retrieve_function * func)
360{
361 cred->server_get_cert_callback = func;
362}
363 282
364int 283int
365MHD_gtls_raw_cert_to_gcert (MHD_gnutls_cert * gcert, 284MHD_gtls_raw_cert_to_gcert (MHD_gnutls_cert * gcert,
@@ -377,23 +296,6 @@ MHD_gtls_raw_cert_to_gcert (MHD_gnutls_cert * gcert,
377 } 296 }
378} 297}
379 298
380int
381MHD_gtls_raw_privkey_to_gkey (MHD_gnutls_privkey * key,
382 enum MHD_GNUTLS_CertificateType type,
383 const MHD_gnutls_datum_t * raw_key,
384 int key_enc /* DER or PEM */ )
385{
386 switch (type)
387 {
388 case MHD_GNUTLS_CRT_X509:
389 return MHD__gnutls_x509_raw_privkey_to_gkey (key, raw_key, key_enc);
390 default:
391 MHD_gnutls_assert ();
392 return GNUTLS_E_INTERNAL_ERROR;
393 }
394}
395
396
397/* This function will convert a der certificate to a format 299/* This function will convert a der certificate to a format
398 * (structure) that gnutls can understand and use. Actually the 300 * (structure) that gnutls can understand and use. Actually the
399 * important thing on this function is that it extracts the 301 * important thing on this function is that it extracts the
@@ -538,47 +440,3 @@ MHD_gtls_gcert_deinit (MHD_gnutls_cert * cert)
538 MHD__gnutls_free_datum (&cert->raw); 440 MHD__gnutls_free_datum (&cert->raw);
539} 441}
540 442
541/**
542 * MHD_gtls_sign_callback_set:
543 * @session: is a gnutls session
544 * @sign_func: function pointer to application's sign callback.
545 * @userdata: void pointer that will be passed to sign callback.
546 *
547 * Set the callback function. The function must have this prototype:
548 *
549 * typedef int (*MHD_gnutls_sign_func) (MHD_gtls_session_t session,
550 * void *userdata,
551 * enum MHD_GNUTLS_CertificateType cert_type,
552 * const MHD_gnutls_datum_t * cert,
553 * const MHD_gnutls_datum_t * hash,
554 * MHD_gnutls_datum_t * signature);
555 *
556 * The @userdata parameter is passed to the @sign_func verbatim, and
557 * can be used to store application-specific data needed in the
558 * callback function. See also MHD_gtls_sign_callback_get().
559 **/
560void
561MHD_gtls_sign_callback_set (MHD_gtls_session_t session,
562 MHD_gnutls_sign_func sign_func, void *userdata)
563{
564 session->internals.sign_func = sign_func;
565 session->internals.sign_func_userdata = userdata;
566}
567
568/**
569 * MHD_gtls_sign_callback_get:
570 * @session: is a gnutls session
571 * @userdata: if non-%NULL, will be set to abstract callback pointer.
572 *
573 * Retrieve the callback function, and its userdata pointer.
574 *
575 * Returns: The function pointer set by MHD_gtls_sign_callback_set(), or
576 * if not set, %NULL.
577 **/
578MHD_gnutls_sign_func
579MHD_gtls_sign_callback_get (MHD_gtls_session_t session, void **userdata)
580{
581 if (userdata)
582 *userdata = session->internals.sign_func_userdata;
583 return session->internals.sign_func;
584}