diff options
Diffstat (limited to 'include/haproxy/ssl_ckch.h')
| -rw-r--r-- | include/haproxy/ssl_ckch.h | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/include/haproxy/ssl_ckch.h b/include/haproxy/ssl_ckch.h index 64ac3df..e635663 100644 --- a/include/haproxy/ssl_ckch.h +++ b/include/haproxy/ssl_ckch.h @@ -37,18 +37,27 @@ int ssl_sock_load_sctl_from_file(const char *sctl_path, char *buf, struct ckch_d int ssl_sock_load_issuer_file_into_ckch(const char *path, char *buf, struct ckch_data *data, char **err); /* ckch_store functions */ -struct ckch_store *ckchs_load_cert_file(char *path, char **err); +struct ckch_store *ckch_store_new_load_files_path(char *path, char **err); +struct ckch_store *ckch_store_new_load_files_conf(char *name, struct ckch_conf *conf, char **err); struct ckch_store *ckchs_lookup(char *path); struct ckch_store *ckchs_dup(const struct ckch_store *src); struct ckch_store *ckch_store_new(const char *filename); void ckch_store_free(struct ckch_store *store); void ckch_store_replace(struct ckch_store *old_ckchs, struct ckch_store *new_ckchs); +int ckch_store_load_files(struct ckch_conf *f, struct ckch_store *c, int cli, char **err); + +/* ckch_conf functions */ + +int ckch_conf_parse(char **args, int cur_arg, struct ckch_conf *f, int *found, const char *file, int linenum, char **err); +void ckch_conf_clean(struct ckch_conf *conf); +int ckch_conf_cmp(struct ckch_conf *conf1, struct ckch_conf *conf2, char **err); +int ckch_conf_cmp_empty(struct ckch_conf *prev, char **err); /* ckch_inst functions */ void ckch_inst_free(struct ckch_inst *inst); struct ckch_inst *ckch_inst_new(); int ckch_inst_new_load_store(const char *path, struct ckch_store *ckchs, struct bind_conf *bind_conf, - struct ssl_bind_conf *ssl_conf, char **sni_filter, int fcount, struct ckch_inst **ckchi, char **err); + struct ssl_bind_conf *ssl_conf, char **sni_filter, int fcount, int is_default, struct ckch_inst **ckchi, char **err); int ckch_inst_new_load_srv_store(const char *path, struct ckch_store *ckchs, struct ckch_inst **ckchi, char **err); int ckch_inst_rebuild(struct ckch_store *ckch_store, struct ckch_inst *ckchi, @@ -70,6 +79,14 @@ int ssl_store_load_locations_file(char *path, int create_if_none, enum cafile_ty int __ssl_store_load_locations_file(char *path, int create_if_none, enum cafile_type type, int shuterror); extern struct cert_exts cert_exts[]; +extern int (*ssl_commit_crlfile_cb)(const char *path, X509_STORE *ctx, char **err); + +/* ckch_conf keyword loading */ +static inline int ckch_conf_load_pem(void *value, char *buf, struct ckch_data *d, int cli, char **err) { if (cli) return 0; return ssl_sock_load_pem_into_ckch(value, buf, d, err); } +static inline int ckch_conf_load_key(void *value, char *buf, struct ckch_data *d, int cli, char **err) { if (cli) return 0; return ssl_sock_load_key_into_ckch(value, buf, d, err); } +static inline int ckch_conf_load_ocsp_response(void *value, char *buf, struct ckch_data *d, int cli, char **err) { if (cli) return 0; return ssl_sock_load_ocsp_response_from_file(value, buf, d, err); } +static inline int ckch_conf_load_ocsp_issuer(void *value, char *buf, struct ckch_data *d, int cli, char **err) { if (cli) return 0; return ssl_sock_load_issuer_file_into_ckch(value, buf, d, err); } +static inline int ckch_conf_load_sctl(void *value, char *buf, struct ckch_data *d, int cli, char **err) { if (cli) return 0; return ssl_sock_load_sctl_from_file(value, buf, d, err); } #endif /* USE_OPENSSL */ #endif /* _HAPROXY_SSL_CRTLIST_H */ |