From 49bbefcc708fe260cbc0ee7bdaded9e84c836c38 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20Kou=C5=99il?= Date: Wed, 18 Jan 2012 13:50:47 +0000 Subject: [PATCH] - SSL-specific calls grouped in a separate header - added API to set flags - added API to use PKCS11 objects --- emi.canl.canl-c/src/canl.h | 4 ---- emi.canl.canl-c/src/canl_cred.h | 7 +++++++ emi.canl.canl-c/src/canl_ssl.c | 1 + emi.canl.canl-c/src/canl_ssl.h | 28 ++++++++++++++++++++-------- 4 files changed, 28 insertions(+), 12 deletions(-) diff --git a/emi.canl.canl-c/src/canl.h b/emi.canl.canl-c/src/canl.h index 0e0f82f..5c1cf37 100644 --- a/emi.canl.canl-c/src/canl.h +++ b/emi.canl.canl-c/src/canl.h @@ -74,10 +74,6 @@ canl_mech2str(canl_ctx, gss_OID); const gss_OID CANL_CALLCONV canl_str2mech(canl_ctx, const char mech); -canl_err_code CANL_CALLCONV -canl_ctx_set_ssl_cred(canl_ctx cc, char *cert, char *key, - canl_password_callback cb, void *userdata); - #ifdef __cplusplus } #endif diff --git a/emi.canl.canl-c/src/canl_cred.h b/emi.canl.canl-c/src/canl_cred.h index a42ad31..1bafb71 100644 --- a/emi.canl.canl-c/src/canl_cred.h +++ b/emi.canl.canl-c/src/canl_cred.h @@ -51,6 +51,10 @@ canl_cred_load_priv_key_file(canl_ctx, canl_cred, const char *, canl_password_callback, void *); canl_err_code CANL_CALLCONV +canl_cred_load_priv_key_pkcs11(canl_ctx, canl_cred, const char *, + canl_password_callback, void *); + +canl_err_code CANL_CALLCONV canl_cred_load_chain(canl_ctx, canl_cred, STACK_OF(X509) *); canl_err_code CANL_CALLCONV @@ -63,6 +67,9 @@ canl_err_code CANL_CALLCONV canl_cred_load_cert_file(canl_ctx, canl_cred, const char *); canl_err_code CANL_CALLCONV +canl_cred_load_cert_pkcs11(canl_ctx, canl_cred, const char *); + +canl_err_code CANL_CALLCONV canl_cred_set_lifetime(canl_ctx, canl_cred, long); canl_err_code CANL_CALLCONV diff --git a/emi.canl.canl-c/src/canl_ssl.c b/emi.canl.canl-c/src/canl_ssl.c index 4a1c835..fb93e4d 100644 --- a/emi.canl.canl-c/src/canl_ssl.c +++ b/emi.canl.canl-c/src/canl_ssl.c @@ -1,4 +1,5 @@ #include "canl_locl.h" +#include "canl_ssl.h" #define SSL_SERVER_METH SSLv23_server_method() #define SSL_CLIENT_METH SSLv3_client_method() diff --git a/emi.canl.canl-c/src/canl_ssl.h b/emi.canl.canl-c/src/canl_ssl.h index 694970c..e3967ed 100644 --- a/emi.canl.canl-c/src/canl_ssl.h +++ b/emi.canl.canl-c/src/canl_ssl.h @@ -7,16 +7,28 @@ extern "C" { #endif -typedef void *canl_x509; -typedef void *canl_stack_of_x509; -typedef void *canl_pkey; +typedef enum canl_ctx_ssl_flags { + CANL_ACCEPT_SSLv2 = 0x0001, +} canl_ctx_ssl_flags; -typedef char (*canl_password_callback)(canl_ctx cc, void *userdata); +canl_ctx CANL_CALLCONV +canl_ctx_set_ssl_flags(canl_ctx, unsigned int); -int canl_set_ctx_own_cert(canl_ctx cc, canl_x509 cert, - canl_stack_of_x509 chain, canl_pkey key); -int canl_set_ctx_own_cert_file(canl_ctx cc, char *cert, char *key, - canl_password_callback cb, void *userdata); +canl_err_code CANL_CALLCONV +canl_ctx_set_ssl_cred(canl_ctx, char *, char *key, + canl_password_callback, void *); + +canl_err_code CANL_CALLCONV +canl_ctx_set_ca_dir(canl_ctx, const char *); + +canl_err_code CANL_CALLCONV +canl_ctx_set_crl_dir(canl_ctx, const char *); + +canl_err_code CANL_CALLCONV +canl_ctx_set_pkcs11_lib(canl_ctx, const char *); + +canl_err_code CANL_CALLCONV +canl_ctx_set_pkcs11_init_args(canl_ctx, const char *); #ifdef __cplusplus } -- 1.8.2.3