From abb1385ef5eadaba415c74acd3d8a2b46c14eec6 Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Wed, 27 Aug 2014 16:12:08 +0000 Subject: [PATCH] Omitted from r1620926 in error. Add API to support TLS channel bindings with mod_ssl. * modules/ssl/mod_ssl.h: Define ssl_get_tls_cb. * modules/ssl/ssl_engine_vars.c (ssl_get_tls_cb): New function. Submitted by: Simo Sorce git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1620927 13f79535-47bb-0310-9956-ffa450edef68 --- modules/ssl/mod_ssl.h | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/modules/ssl/mod_ssl.h b/modules/ssl/mod_ssl.h index 829fd1504a..2a45652853 100644 --- a/modules/ssl/mod_ssl.h +++ b/modules/ssl/mod_ssl.h @@ -76,6 +76,15 @@ APR_DECLARE_OPTIONAL_FN(apr_array_header_t *, ssl_ext_list, * is using SSL/TLS. */ APR_DECLARE_OPTIONAL_FN(int, ssl_is_https, (conn_rec *)); +/** A function that returns the TLS channel binding data as per + * RFC5929. A buffer containing the Channel Binding Token for the + * given type will be allocated from the pool and returned to the + * caller, along with the size. Returns APR_SUCCESS on success; buf + * and size are not adjusted on error. */ +APR_DECLARE_OPTIONAL_FN(apr_status_t, ssl_get_tls_cb, + (apr_pool_t *p, conn_rec *c, const char *type, + unsigned char **buf, apr_size_t *size)); + /** The ssl_proxy_enable() and ssl_engine_disable() optional functions * are used by mod_proxy to enable use of SSL for outgoing * connections. */ -- 2.50.1