Apache2
md_acme_acct.h
Go to the documentation of this file.
1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2  * contributor license agreements. See the NOTICE file distributed with
3  * this work for additional information regarding copyright ownership.
4  * The ASF licenses this file to You under the Apache License, Version 2.0
5  * (the "License"); you may not use this file except in compliance with
6  * the License. You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef mod_md_md_acme_acct_h
18 #define mod_md_md_acme_acct_h
19 
20 struct md_acme_req;
21 struct md_json_t;
22 struct md_pkey_t;
23 
24 #include "md_store.h"
25 
29 typedef struct md_acme_acct_t md_acme_acct_t;
30 
31 typedef enum {
37 
39  const char *id; /* short, unique id for the account */
40  const char *url; /* url of the account, once registered */
41  const char *ca_url; /* url of the ACME protocol endpoint */
42  md_acme_acct_st status; /* status of this account */
43  apr_array_header_t *contacts; /* list of contact uris, e.g. mailto:xxx */
44  const char *tos_required; /* terms of service asked for by CA */
45  const char *agreement; /* terms of service agreed to by user */
46  const char *orders; /* URL where certificate orders are found (ACMEv2) */
47  const char *eab_kid; /* external account binding keyid used or NULL */
48  const char *eab_hmac; /* external account binding hmac used or NULL */
49  struct md_json_t *registration; /* data from server registration */
50 };
51 
52 #define MD_FN_ACCOUNT "account.json"
53 #define MD_FN_ACCT_KEY "account.pem"
54 
55 /* ACME account private keys are always RSA and have that many bits. Since accounts
56  * are expected to live long, better err on the safe side. */
57 #define MD_ACME_ACCT_PKEY_BITS 3072
58 
59 #define MD_ACME_ACCT_STAGED "staged"
60 
66 
73 
78 
82 apr_status_t md_acme_agree(md_acme_t *acme, apr_pool_t *p, const char *tos);
83 
97  const char *agreement, const char **prequired);
98 
102 const char *md_acme_get_agreement(md_acme_t *acme);
103 
104 
110 
115  md_store_group_t group, const md_t *md, apr_pool_t *p);
116 
122  const md_t *md, apr_pool_t *p);
123 
125  const char **pid, struct md_acme_acct_t *acct,
126  struct md_pkey_t *acct_key);
127 
132 
135  const char *name, apr_pool_t *p);
136 
137 /*
138  * Return != 0 iff the account can be used for the ACME url.
139  */
141 
142 /*
143  * Return != 0 iff the account can be used for the MD, including
144  * its CA url and EAB settings.
145  */
147 
148 #endif /* md_acme_acct_h */
const char const dav_liveprop_group * group
Definition: mod_dav.h:1049
const char * name
Definition: mod_dav.h:805
proxy_worker proxy_server_conf char * url
Definition: mod_proxy.h:657
int apr_status_t
Definition: apr_errno.h:44
struct apr_pool_t apr_pool_t
Definition: apr_pools.h:60
apr_status_t md_acme_agree(md_acme_t *acme, apr_pool_t *p, const char *tos)
int md_acme_acct_matches_md(md_acme_acct_t *acct, const md_t *md)
apr_status_t md_acme_acct_from_json(md_acme_acct_t **pacct, struct md_json_t *json, apr_pool_t *p)
int md_acme_acct_matches_url(md_acme_acct_t *acct, const char *url)
apr_status_t md_acme_acct_validate(md_acme_t *acme, md_store_t *store, apr_pool_t *p)
struct md_json_t * md_acme_acct_to_json(md_acme_acct_t *acct, apr_pool_t *p)
apr_status_t md_acme_acct_deactivate(md_acme_t *acme, apr_pool_t *p)
apr_status_t md_acme_acct_id_for_md(const char **pid, md_store_t *store, md_store_group_t group, const md_t *md, apr_pool_t *p)
md_acme_acct_st
Definition: md_acme_acct.h:31
@ MD_ACME_ACCT_ST_DEACTIVATED
Definition: md_acme_acct.h:34
@ MD_ACME_ACCT_ST_REVOKED
Definition: md_acme_acct.h:35
@ MD_ACME_ACCT_ST_UNKNOWN
Definition: md_acme_acct.h:32
@ MD_ACME_ACCT_ST_VALID
Definition: md_acme_acct.h:33
apr_status_t md_acme_acct_save(md_store_t *store, apr_pool_t *p, md_acme_t *acme, const char **pid, struct md_acme_acct_t *acct, struct md_pkey_t *acct_key)
const char * md_acme_get_agreement(md_acme_t *acme)
apr_status_t md_acme_check_agreement(md_acme_t *acme, apr_pool_t *p, const char *agreement, const char **prequired)
apr_status_t md_acme_find_acct_for_md(md_acme_t *acme, md_store_t *store, const md_t *md)
apr_status_t md_acme_acct_register(md_acme_t *acme, md_store_t *store, const md_t *md, apr_pool_t *p)
apr_status_t md_acme_acct_update(md_acme_t *acme)
apr_status_t md_acme_acct_load(struct md_acme_acct_t **pacct, struct md_pkey_t **ppkey, md_store_t *store, md_store_group_t group, const char *name, apr_pool_t *p)
struct md_pkey_t md_pkey_t
Definition: md_crypt.h:47
struct md_json_t md_json_t
Definition: md_json.h:29
md_store_group_t
Definition: md_store.h:62
Definition: apr_tables.h:62
Definition: md_acme_acct.h:38
const char * agreement
Definition: md_acme_acct.h:45
apr_array_header_t * contacts
Definition: md_acme_acct.h:43
const char * ca_url
Definition: md_acme_acct.h:41
const char * eab_hmac
Definition: md_acme_acct.h:48
const char * orders
Definition: md_acme_acct.h:46
const char * eab_kid
Definition: md_acme_acct.h:47
md_acme_acct_st status
Definition: md_acme_acct.h:42
const char * tos_required
Definition: md_acme_acct.h:44
const char * id
Definition: md_acme_acct.h:39
const char * url
Definition: md_acme_acct.h:40
struct md_json_t * registration
Definition: md_acme_acct.h:49
Definition: md_acme.h:94
Definition: md_store.h:325
Definition: md.h:76
apr_pool_t * p