Apache2
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
md_acme.h
Go to the documentation of this file.
1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2  * contributor license agreements. See the NOTICE file distributed with
3  * this work for additional information regarding copyright ownership.
4  * The ASF licenses this file to You under the Apache License, Version 2.0
5  * (the "License"); you may not use this file except in compliance with
6  * the License. You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef mod_md_md_acme_h
18 #define mod_md_md_acme_h
19 
20 struct apr_array_header_t;
21 struct apr_bucket_brigade;
22 struct md_http_response_t;
23 struct apr_hash_t;
24 struct md_http_t;
25 struct md_json_t;
26 struct md_pkey_t;
27 struct md_t;
28 struct md_acme_acct_t;
29 struct md_acmev2_acct_t;
30 struct md_store_t;
31 struct md_result_t;
32 
33 #define MD_PROTO_ACME "ACME"
34 
35 #define MD_AUTHZ_CHA_HTTP_01 "http-01"
36 #define MD_AUTHZ_CHA_SNI_01 "tls-sni-01"
37 
38 #define MD_ACME_VERSION_UNKNOWN 0x0
39 #define MD_ACME_VERSION_1 0x010000
40 #define MD_ACME_VERSION_2 0x020000
41 
42 #define MD_ACME_VERSION_MAJOR(i) (((i)&0xFF0000) >> 16)
43 
44 typedef enum {
45  MD_ACME_S_UNKNOWN, /* MD has not been analysed yet */
46  MD_ACME_S_REGISTERED, /* MD is registered at CA, but not more */
47  MD_ACME_S_TOS_ACCEPTED, /* Terms of Service were accepted by account holder */
48  MD_ACME_S_CHALLENGED, /* MD challenge information for all domains is known */
49  MD_ACME_S_VALIDATED, /* MD domains have been validated */
50  MD_ACME_S_CERTIFIED, /* MD has valid certificate */
51  MD_ACME_S_DENIED, /* MD domains (at least one) have been denied by CA */
53 
54 typedef struct md_acme_t md_acme_t;
55 
61  const struct md_http_response_t *res, void *baton);
62 
68 
74  const apr_table_t *headers,
75  struct md_json_t *jbody, void *baton);
76 
81  const struct md_result_t *result, void *baton);
82 
83 
85 typedef apr_status_t md_acme_req_init_fn(md_acme_req_t *req, struct md_json_t *jpayload);
86 
92  void *baton);
93 
94 struct md_acme_t {
95  const char *url; /* directory url of the ACME service */
96  const char *sname; /* short name for the service, not necessarily unique */
98  const char *user_agent;
99  const char *proxy_url;
100 
101  const char *acct_id; /* local storage id account was loaded from or NULL */
102  struct md_acme_acct_t *acct; /* account at ACME server to use for requests */
103  struct md_pkey_t *acct_key; /* private RSA key belonging to account */
104 
105  int version; /* as detected from the server */
106  union {
107  struct {
108  const char *new_authz;
109  const char *new_cert;
110  const char *new_reg;
111  const char *revoke_cert;
112 
113  } v1;
114  struct {
115  const char *new_account;
116  const char *new_order;
117  const char *key_change;
118  const char *revoke_cert;
119  const char *new_nonce;
120  } v2;
121  } api;
122  const char *ca_agreement;
123  const char *acct_name;
124 
128 
129  struct md_http_t *http;
130 
131  const char *nonce;
133  struct md_result_t *last; /* result of last request */
134 };
135 
139 apr_status_t md_acme_init(apr_pool_t *pool, const char *base_version, int init_ssl);
140 
151 apr_status_t md_acme_create(md_acme_t **pacme, apr_pool_t *p, const char *url,
152  const char *proxy_url);
153 
159 apr_status_t md_acme_setup(md_acme_t *acme, struct md_result_t *result);
160 
161 void md_acme_report_result(md_acme_t *acme, apr_status_t rv, struct md_result_t *result);
162 
163 /**************************************************************************************************/
164 /* account handling */
165 
169 void md_acme_clear_acct(md_acme_t *acme);
170 
172  md_acme_req_init_cb *on_init,
173  md_acme_req_json_cb *on_json,
174  md_acme_req_res_cb *on_res,
175  md_acme_req_err_cb *on_err,
176  void *baton);
177 
182 const char *md_acme_acct_id_get(md_acme_t *acme);
183 const char *md_acme_acct_url_get(md_acme_t *acme);
184 
189 apr_status_t md_acme_use_acct(md_acme_t *acme, struct md_store_t *store,
190  apr_pool_t *p, const char *acct_id);
191 
196 const char *md_acme_acct_id_get(md_acme_t *acme);
197 
201 apr_status_t md_acme_agree(md_acme_t *acme, apr_pool_t *p, const char *tos);
202 
216  const char *agreement, const char **prequired);
217 
219 
224 
225 /**************************************************************************************************/
226 /* request handling */
227 
229  md_acme_t *acme; /* the ACME server to talk to */
230  apr_pool_t *p; /* pool for the request duration */
231 
232  const char *url; /* url to POST the request to */
233  const char *method; /* HTTP method to use */
234  apr_table_t *prot_hdrs; /* JWS headers needing protection (nonce) */
235  struct md_json_t *req_json; /* JSON to be POSTed in request body */
236 
237  apr_table_t *resp_hdrs; /* HTTP response headers */
238  struct md_json_t *resp_json; /* JSON response body received */
239 
240  apr_status_t rv; /* status of request */
241 
242  md_acme_req_init_cb *on_init; /* callback to initialize the request before submit */
243  md_acme_req_json_cb *on_json; /* callback on successful JSON response */
244  md_acme_req_res_cb *on_res; /* callback on generic HTTP response */
245  md_acme_req_err_cb *on_err; /* callback on encountered error */
246  int max_retries; /* how often this might be retried */
247  void *baton; /* userdata for callbacks */
248  struct md_result_t *result; /* result of this request */
249 };
250 
252 
253 apr_status_t md_acme_GET(md_acme_t *acme, const char *url,
254  md_acme_req_init_cb *on_init,
255  md_acme_req_json_cb *on_json,
256  md_acme_req_res_cb *on_res,
257  md_acme_req_err_cb *on_err,
258  void *baton);
273 apr_status_t md_acme_POST(md_acme_t *acme, const char *url,
274  md_acme_req_init_cb *on_init,
275  md_acme_req_json_cb *on_json,
276  md_acme_req_res_cb *on_res,
277  md_acme_req_err_cb *on_err,
278  void *baton);
279 
283 apr_status_t md_acme_get_json(struct md_json_t **pjson, md_acme_t *acme,
284  const char *url, apr_pool_t *p);
285 
286 
288 
290 
291 #endif /* md_acme_h */
Definition: md_acme.h:51
md_acme_post_fn * post_new_account_fn
Definition: md_acme.h:127
Definition: md_acme_acct.h:38
apr_status_t md_acme_protos_add(struct apr_hash_t *protos, apr_pool_t *p)
apr_status_t md_acme_agree(md_acme_t *acme, apr_pool_t *p, const char *tos)
Definition: md.h:74
Definition: md_store.h:278
struct md_json_t md_json_t
Definition: md_json.h:29
md_acme_req_res_cb * on_res
Definition: md_acme.h:244
apr_status_t md_acme_req_init_cb(md_acme_req_t *req, void *baton)
Definition: md_acme.h:67
Definition: apr_tables.h:62
Definition: md_acme.h:46
const char * nonce
Definition: md_acme.h:131
md_acme_req_json_cb * on_json
Definition: md_acme.h:243
Definition: md_acme.h:50
const char * key_change
Definition: md_acme.h:117
const char * new_order
Definition: md_acme.h:116
apr_table_t * resp_hdrs
Definition: md_acme.h:237
md_acme_req_err_cb * on_err
Definition: md_acme.h:245
apr_status_t md_acme_get_json(struct md_json_t **pjson, md_acme_t *acme, const char *url, apr_pool_t *p)
struct md_acme_t::@6::@7 v1
apr_bucket_brigade request_rec apr_pool_t * pool
Definition: mod_dav.h:555
struct md_pkey_t * acct_key
Definition: md_acme.h:103
apr_status_t md_acme_req_json_cb(md_acme_t *acme, apr_pool_t *p, const apr_table_t *headers, struct md_json_t *jbody, void *baton)
Definition: md_acme.h:73
apr_status_t md_acme_acct_deactivate(md_acme_t *acme, apr_pool_t *p)
apr_status_t md_acme_new_nonce_fn(md_acme_t *acme)
Definition: md_acme.h:84
apr_pool_t * p
Definition: md_acme.h:230
struct md_http_t * http
Definition: md_acme.h:129
apr_status_t md_acme_save_acct(md_acme_t *acme, apr_pool_t *p, struct md_store_t *store)
void md_acme_clear_acct(md_acme_t *acme)
Definition: md_acme.h:48
apr_status_t rv
Definition: md_acme.h:240
apr_status_t md_acme_init(apr_pool_t *pool, const char *base_version, int init_ssl)
const char * acct_id
Definition: md_acme.h:101
const char * revoke_cert
Definition: md_acme.h:111
Definition: apr_buckets.h:258
apr_status_t md_acme_req_body_init(md_acme_req_t *req, struct md_json_t *payload)
apr_status_t md_acme_POST(md_acme_t *acme, const char *url, md_acme_req_init_cb *on_init, md_acme_req_json_cb *on_json, md_acme_req_res_cb *on_res, md_acme_req_err_cb *on_err, void *baton)
const char * sname
Definition: md_acme.h:96
md_acme_new_nonce_fn * new_nonce_fn
Definition: md_acme.h:125
apr_status_t md_acme_req_res_cb(md_acme_t *acme, const struct md_http_response_t *res, void *baton)
Definition: md_acme.h:60
int version
Definition: md_acme.h:105
const char * new_cert
Definition: md_acme.h:109
const char * url
Definition: md_acme.h:95
Definition: md_acme.h:228
struct md_acme_acct_t * acct
Definition: md_acme.h:102
int max_retries
Definition: md_acme.h:246
Definition: md_acme.h:45
struct md_result_t * last
Definition: md_acme.h:133
apr_pool_t * p
Definition: md_acme.h:97
union md_acme_t::@6 api
apr_status_t md_acme_POST_new_account(md_acme_t *acme, md_acme_req_init_cb *on_init, md_acme_req_json_cb *on_json, md_acme_req_res_cb *on_res, md_acme_req_err_cb *on_err, void *baton)
apr_status_t md_acme_create(md_acme_t **pacme, apr_pool_t *p, const char *url, const char *proxy_url)
const char * ca_agreement
Definition: md_acme.h:122
const char * user_agent
Definition: md_acme.h:98
apr_table_t * prot_hdrs
Definition: md_acme.h:234
void * baton
Definition: md_acme.h:247
struct md_http_t md_http_t
Definition: md_http.h:25
Definition: md_acme.h:94
proxy_worker proxy_server_conf char * url
Definition: mod_proxy.h:636
struct md_result_t * result
Definition: md_acme.h:248
apr_status_t md_acme_req_err_cb(md_acme_req_t *req, const struct md_result_t *result, void *baton)
Definition: md_acme.h:80
const char * proxy_url
Definition: md_acme.h:99
const char * md_acme_acct_id_get(md_acme_t *acme)
struct apr_hash_t apr_hash_t
Definition: apr_hash.h:52
apr_status_t md_acme_req_init_fn(md_acme_req_t *req, struct md_json_t *jpayload)
Definition: md_acme.h:85
void md_acme_report_result(md_acme_t *acme, apr_status_t rv, struct md_result_t *result)
Definition: md_result.h:27
apr_pool_t * p
md_acme_req_init_cb * on_init
Definition: md_acme.h:242
const char * url
Definition: md_acme.h:232
md_acme_t * acme
Definition: md_acme.h:229
const char * acct_name
Definition: md_acme.h:123
const char * method
Definition: md_acme.h:233
Definition: md_acme.h:47
int max_retries
Definition: md_acme.h:132
const char * md_acme_acct_url_get(md_acme_t *acme)
apr_status_t md_acme_check_agreement(md_acme_t *acme, apr_pool_t *p, const char *agreement, const char **prequired)
apr_status_t md_acme_GET(md_acme_t *acme, const char *url, md_acme_req_init_cb *on_init, md_acme_req_json_cb *on_json, md_acme_req_res_cb *on_res, md_acme_req_err_cb *on_err, void *baton)
const char * new_reg
Definition: md_acme.h:110
struct apr_table_t apr_table_t
Definition: apr_tables.h:56
apr_status_t md_acme_post_fn(md_acme_t *acme, md_acme_req_init_cb *on_init, md_acme_req_json_cb *on_json, md_acme_req_res_cb *on_res, md_acme_req_err_cb *on_err, void *baton)
Definition: md_acme.h:87
struct apr_pool_t apr_pool_t
Definition: apr_pools.h:60
md_acme_state_t
Definition: md_acme.h:44
int apr_status_t
Definition: apr_errno.h:44
Definition: md_acme.h:49
apr_status_t md_acme_setup(md_acme_t *acme, struct md_result_t *result)
const char * new_authz
Definition: md_acme.h:108
const char * new_nonce
Definition: md_acme.h:119
struct md_json_t * resp_json
Definition: md_acme.h:238
struct md_pkey_t md_pkey_t
Definition: md_crypt.h:49
const char * new_account
Definition: md_acme.h:115
md_acme_req_init_fn * req_init_fn
Definition: md_acme.h:126
struct md_json_t * req_json
Definition: md_acme.h:235
struct md_acme_t::@6::@8 v2
Definition: md_http.h:76
apr_status_t md_acme_use_acct(md_acme_t *acme, struct md_store_t *store, apr_pool_t *p, const char *acct_id)