diff options
author | Joshua Judson Rosen | 2014-11-18 23:16:55 -0500 |
---|---|---|
committer | Joshua Judson Rosen | 2014-11-18 23:16:55 -0500 |
commit | fe9bda8d2aad33e0f71d5699bcf90fb78b3fb5bb (patch) | |
tree | 6439c3dcc6e78255a9dd2d65e75f4b21f885c264 /src/server_realm_struct.c | |
parent | Add missing const qualifier on SSL_METHOD* vars. (diff) | |
download | apf-fe9bda8d2aad33e0f71d5699bcf90fb78b3fb5bb.tar.gz |
afserver: support per-realm CA-certificate settings
This makes it possible to have different CA certificates for different realms,
or certificate auth for only some realms and password auth for others.
Diffstat (limited to 'src/server_realm_struct.c')
-rw-r--r-- | src/server_realm_struct.c | 153 |
1 files changed, 153 insertions, 0 deletions
diff --git a/src/server_realm_struct.c b/src/server_realm_struct.c index c816ae3..4c55245 100644 --- a/src/server_realm_struct.c +++ b/src/server_realm_struct.c @@ -98,6 +98,18 @@ ServerRealm_free(ServerRealm** sr) free((*sr)->realmName); (*sr)->realmName = NULL; } + if ((*sr)->cacertificateFile) { + free((*sr)->cacertificateFile); + (*sr)->cacertificateFile = NULL; + } + if ((*sr)->cacertificatePath) { + free((*sr)->cacertificatePath); + (*sr)->cacertificatePath = NULL; + } + if ((*sr)->sCertificateDepth) { + free((*sr)->sCertificateDepth); + (*sr)->sCertificateDepth = NULL; + } if ((*sr)->clientAddress) { free((*sr)->clientAddress); (*sr)->clientAddress = NULL; @@ -313,6 +325,76 @@ ServerRealm_set_password(ServerRealm* sr, unsigned char* password) } /* + * Function name: ServerRealm_set_SslCtx + * Description: Set SSL context + * Arguments: sr - pointer to ServerRealm structure + * ctx - pointer to SSL_CTX object + */ +void +ServerRealm_set_SslCtx(ServerRealm* sr, SSL_CTX* ctx) +{ + assert(sr != NULL); + if (sr == NULL) { + return; + } + + sr->sslCtx = ctx; +} + +/* + * Function name: ServerRealm_set_cacertificateFile + * Description: Set CA certificate filename. + * Arguments: sr - pointer to ServerRealm structure + * certificateFile - CA certificate filename + */ + +void +ServerRealm_set_cacertificateFile(ServerRealm* sr, char* cacertificateFile) +{ + assert(sr != NULL); + if (sr == NULL) { + return; + } + string_cp(&(sr->cacertificateFile), cacertificateFile); +} + +/* + * Function name: ServerRealm_set_cacertificatePath + * Description: Set CA certificate filename. + * Arguments: sr - pointer to ServerRealm structure + * cacertificateFile - CA certificate path + */ + +void +ServerRealm_set_cacertificatePath(ServerRealm* sr, char* cacertificatePath) +{ + assert(sr != NULL); + if (sr == NULL) { + return; + } + string_cp(&(sr->cacertificatePath), cacertificatePath); +} + +void +ServerRealm_set_sCertificateDepth(ServerRealm* sr, char* sCertificateDepth) +{ + assert(sr != NULL); + if (sr == NULL) { + return; + } + string_cp(&(sr->sCertificateDepth), sCertificateDepth); +} +void +ServerRealm_set_certificateDepth(ServerRealm* sr, int certificateDepth) +{ + assert(sr != NULL); + if (sr == NULL) { + return; + } + sr->certificateDepth = certificateDepth; +} + +/* * Function name: ServerRealm_set_connectedUsers * Description: Set number of connected users. * Arguments: sr - pointer to ServerRealm structure @@ -935,6 +1017,77 @@ ServerRealm_get_password(ServerRealm* sr) } /* + * Function name: ServerRealm_get_SslCtx + * Description: Get SSL context + * Arguments: sr - pointer to ServerRealm structure + * Returns: pointer to SSL_CTX object + */ +SSL_CTX* +ServerRealm_get_SslCtx(ServerRealm* sr) +{ + assert(sr != NULL); + if (sr == NULL) { + return NULL; + } + + return sr->sslCtx; +} + +/* + * Function name: ServerRealm_get_cacertificateFile + * Description: Get CA certificate filename. + * Arguments: sc - pointer to ServerRealm structure + * Returns: CA Certificate filename. + */ + +char* +ServerRealm_get_cacertificateFile(ServerRealm* sr) +{ + assert(sr != NULL); + if (sr == NULL) { + return NULL; + } + return sr->cacertificateFile; +} + +/* + * Function name: ServerRealm_get_cacertificatePath + * Description: Get CA certificate path + * Arguments: sr - pointer to ServerRealm structure + * Returns: CA Certificate path. + */ + +char* +ServerRealm_get_cacertificatePath(ServerRealm* sr) +{ + assert(sr != NULL); + if (sr == NULL) { + return NULL; + } + return sr->cacertificatePath; +} + +char* +ServerRealm_get_sCertificateDepth(ServerRealm* sr) +{ + assert(sr != NULL); + if (sr == NULL) { + return NULL; + } + return sr->sCertificateDepth; +} + +int +ServerRealm_get_certificateDepth(ServerRealm* sr) +{ + assert(sr != NULL); + if (sr == NULL) { + return -1; + } + return sr->certificateDepth; +} + +/* * Function name: ServerRealm_get_connectedUsers * Description: Get number of connected users. * Arguments: sr - pointer to ServerRealm structure |