Apache2
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
mod_md_config.h
Go to the documentation of this file.
1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2  * contributor license agreements. See the NOTICE file distributed with
3  * this work for additional information regarding copyright ownership.
4  * The ASF licenses this file to You under the Apache License, Version 2.0
5  * (the "License"); you may not use this file except in compliance with
6  * the License. You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef mod_md_md_config_h
18 #define mod_md_md_config_h
19 
20 struct apr_hash_t;
21 struct md_store_t;
22 struct md_reg_t;
23 struct md_ocsp_reg_t;
24 struct md_pkey_spec_t;
25 
26 typedef enum {
44 
46 struct md_mod_conf_t {
47  apr_array_header_t *mds; /* all md_t* defined in the config, shared */
48  const char *base_dir; /* base dir for store */
49  const char *proxy_url; /* proxy url to use (or NULL) */
50  struct md_reg_t *reg; /* md registry instance */
51  struct md_ocsp_reg_t *ocsp; /* ocsp status registry */
52 
53  int local_80; /* On which port http:80 arrives */
54  int local_443; /* On which port https:443 arrives */
55  int can_http; /* Does someone listen to the local port 80 equivalent? */
56  int can_https; /* Does someone listen to the local port 443 equivalent? */
57  int manage_base_server; /* If base server outside vhost may be managed */
58  int hsts_max_age; /* max-age of HSTS (rfc6797) header */
59  const char *hsts_header; /* computed HTST header to use or NULL */
60  apr_array_header_t *unused_names; /* post config, names of all MDs not assigned to a vhost */
61  struct apr_hash_t *init_errors; /* init errors reported with MD name as key */
62 
63  const char *notify_cmd; /* notification command to execute on signup/renew */
64  const char *message_cmd; /* message command to execute on signup/renew/warnings */
65  struct apr_table_t *env; /* environment for operation */
66  int dry_run; /* != 0 iff config dry run */
67  int server_status_enabled; /* if module should add to server-status handler */
68  int certificate_status_enabled; /* if module should expose /.httpd/certificate-status */
69  md_timeslice_t *ocsp_keep_window; /* time that we keep ocsp responses around */
70  md_timeslice_t *ocsp_renew_window; /* time before exp. that we start renewing ocsp resp. */
71  const char *cert_check_name; /* name of the linked certificate check site */
72  const char *cert_check_url; /* url "template for" checking a certificate */
73 };
74 
75 typedef struct md_srv_conf_t {
76  const char *name;
77  const server_rec *s; /* server this config belongs to */
78  md_mod_conf_t *mc; /* global config settings */
79 
80  int transitive; /* != 0 iff VirtualHost names/aliases are auto-added */
81  md_require_t require_https; /* If MDs require https: access */
82  int renew_mode; /* mode of obtaining credentials */
83  int must_staple; /* certificates should set the OCSP Must Staple extension */
84  struct md_pkey_spec_t *pkey_spec; /* specification for generating private keys */
85  md_timeslice_t *renew_window; /* time before expiration that starts renewal */
86  md_timeslice_t *warn_window; /* time before expiration that warning are sent out */
87 
88  const char *ca_url; /* url of CA certificate service */
89  const char *ca_contact; /* contact email registered to account */
90  const char *ca_proto; /* protocol used vs CA (e.g. ACME) */
91  const char *ca_agreement; /* accepted agreement uri between CA and user */
92  struct apr_array_header_t *ca_challenges; /* challenge types configured */
93 
94  int stapling; /* OCSP stapling enabled */
95  int staple_others; /* Provide OCSP stapling for non-MD certificates */
96 
97  md_t *current; /* md currently defined in <MDomainSet xxx> section */
98  struct apr_array_header_t *assigned; /* post_config: MDs that apply to this server */
99  int is_ssl; /* SSLEngine is enabled here */
100 } md_srv_conf_t;
101 
103 void *md_config_merge_svr(apr_pool_t *pool, void *basev, void *addv);
104 
105 extern const command_rec md_cmds[];
106 
108 
109 /* Get the effective md configuration for the connection */
111 /* Get the effective md configuration for the server */
113 /* Get the effective md configuration for the server, but make it
114  * unique to this server_rec, so that any changes only affect this server */
116 
117 const char *md_config_gets(const md_srv_conf_t *config, md_config_var_t var);
118 int md_config_geti(const md_srv_conf_t *config, md_config_var_t var);
119 
121 
122 const md_t *md_get_for_domain(server_rec *s, const char *domain);
123 
124 #endif /* md_config_h */
const char * cert_check_url
Definition: mod_md_config.h:72
Definition: mod_md_config.h:75
int stapling
Definition: mod_md_config.h:94
Definition: md.h:74
Definition: md_store.h:278
Definition: apr_tables.h:62
void * md_config_create_svr(apr_pool_t *pool, server_rec *s)
Definition: mod_md_config.h:36
apr_array_header_t * mds
Definition: mod_md_config.h:47
Definition: mod_md_config.h:40
int server_status_enabled
Definition: mod_md_config.h:67
Definition: mod_md_config.h:35
apr_bucket_brigade request_rec apr_pool_t * pool
Definition: mod_dav.h:555
void md_config_get_timespan(md_timeslice_t **pspan, const md_srv_conf_t *sc, md_config_var_t var)
struct md_ocsp_reg_t * ocsp
Definition: mod_md_config.h:51
md_config_var_t
Definition: mod_md_config.h:26
Definition: mod_md_config.h:38
md_mod_conf_t * mc
Definition: mod_md_config.h:78
struct apr_array_header_t * ca_challenges
Definition: mod_md_config.h:92
md_require_t
Definition: md.h:59
const char * message_cmd
Definition: mod_md_config.h:64
int hsts_max_age
Definition: mod_md_config.h:58
int can_https
Definition: mod_md_config.h:56
md_srv_conf_t * md_config_get_unique(server_rec *s, apr_pool_t *p)
Definition: mod_md_config.h:29
struct apr_array_header_t * assigned
Definition: mod_md_config.h:98
int transitive
Definition: mod_md_config.h:80
md_srv_conf_t * md_config_get(server_rec *s)
int is_ssl
Definition: mod_md_config.h:99
md_timeslice_t * renew_window
Definition: mod_md_config.h:85
int dry_run
Definition: mod_md_config.h:66
Structure to store things which are per connection.
Definition: httpd.h:1183
Definition: mod_md_config.h:28
int certificate_status_enabled
Definition: mod_md_config.h:68
md_srv_conf_t * md_config_cget(conn_rec *c)
struct md_reg_t * reg
Definition: mod_md_config.h:50
apr_status_t md_config_post_config(server_rec *s, apr_pool_t *p)
md_timeslice_t * ocsp_renew_window
Definition: mod_md_config.h:70
int local_80
Definition: mod_md_config.h:53
int local_443
Definition: mod_md_config.h:54
Definition: http_config.h:204
const char * cert_check_name
Definition: mod_md_config.h:71
A structure to store information for each virtual server.
Definition: httpd.h:1370
const char * ca_contact
Definition: mod_md_config.h:89
int staple_others
Definition: mod_md_config.h:95
Definition: mod_md_config.h:46
Definition: mod_md_config.h:30
int renew_mode
Definition: mod_md_config.h:82
const char * ca_url
Definition: mod_md_config.h:88
int can_http
Definition: mod_md_config.h:55
Definition: mod_md_config.h:33
apr_array_header_t * unused_names
Definition: mod_md_config.h:60
Definition: mod_md_config.h:41
struct apr_hash_t * init_errors
Definition: mod_md_config.h:61
const char * ca_proto
Definition: mod_md_config.h:90
md_t * current
Definition: mod_md_config.h:97
Definition: mod_md_config.h:32
struct apr_hash_t apr_hash_t
Definition: apr_hash.h:52
Definition: md_time.h:55
const server_rec * s
Definition: mod_md_config.h:77
struct md_reg_t md_reg_t
Definition: md_reg.h:32
const char * hsts_header
Definition: mod_md_config.h:59
apr_pool_t * p
Definition: mod_md_config.h:27
Definition: mod_md_config.h:39
struct apr_table_t * env
Definition: mod_md_config.h:65
Definition: mod_md_config.h:31
Definition: mod_md_config.h:42
const md_t * md_get_for_domain(server_rec *s, const char *domain)
const char * proxy_url
Definition: mod_md_config.h:49
const char * name
Definition: mod_md_config.h:76
int must_staple
Definition: mod_md_config.h:83
int md_config_geti(const md_srv_conf_t *config, md_config_var_t var)
const command_rec md_cmds[]
struct md_ocsp_reg_t md_ocsp_reg_t
Definition: md_ocsp.h:35
md_timeslice_t * ocsp_keep_window
Definition: mod_md_config.h:69
struct apr_table_t apr_table_t
Definition: apr_tables.h:56
md_timeslice_t * warn_window
Definition: mod_md_config.h:86
md_require_t require_https
Definition: mod_md_config.h:81
struct apr_pool_t apr_pool_t
Definition: apr_pools.h:60
void * md_config_merge_svr(apr_pool_t *pool, void *basev, void *addv)
Definition: mod_md_config.h:34
int apr_status_t
Definition: apr_errno.h:44
struct md_srv_conf_t md_srv_conf_t
int manage_base_server
Definition: mod_md_config.h:57
const char * base_dir
Definition: mod_md_config.h:48
const char * ca_agreement
Definition: mod_md_config.h:91
Definition: mod_md_config.h:37
const char * notify_cmd
Definition: mod_md_config.h:63
const char * md_config_gets(const md_srv_conf_t *config, md_config_var_t var)
Definition: md_crypt.h:60
struct md_pkey_spec_t * pkey_spec
Definition: mod_md_config.h:84