Commit 17773cb9 authored by Scott Deboy's avatar Scott Deboy

Updating mod_dtcpip_auth to validate the nonce and optional x509 cert provided by the client.

mod_dtcpip_auth now has a dependency on OpenSSL for serialization/validation of X509.

Updated README to document -lcrypto must be passed during module compilation.
parent 873dc179
Build instructions:
Build and install Apache2 with mod_ssl enabled.
First build and install Apache2 with mod_ssl enabled.
Compile the module:
/path/to/apache2/bin/apxs -c mod_dtcpip_auth.c s_dtcp_interface.c
To compile the module:
/path/to/apache2/bin/apxs -lcrypto -c mod_dtcpip_auth.c s_dtcp_interface.c
Install and activate the module:
To install and activate the module:
sudo /path/to/apache2/bin/apxs -i -a mod_dtcpip_auth.la
......@@ -29,13 +29,14 @@
// COPYRIGHT_END
#include "apr_optional.h"
#include <openssl/ssl.h>
#ifndef __H_DTCPIP_AUTH
#define __H_DTCPIP_AUTH
APR_DECLARE_OPTIONAL_FN(int, validate_dtcp_suppdata, (unsigned char *suppdata, unsigned short suppdata_len,
int isServer));
int isServer, conn_rec *c));
APR_DECLARE_OPTIONAL_FN(int, format_dtcp_suppdata, (unsigned char *suppdata, unsigned short *suppdata_len,
unsigned char *pServerSuppdata, int isServer, int sendCert));
unsigned char *pServerSuppdata, int isServer, int sendCert, X509 *cert, conn_rec *c));
#endif // __H_DTCPIP_AUTH
This diff is collapsed.
......@@ -32,8 +32,8 @@
#define __H_MOD_DTCPIP_AUTH
#include "dtcpip_auth.h"
static int validate_dtcp_suppdata(unsigned char *suppdata, unsigned short suppdata_len, int isServer);
static int validate_dtcp_suppdata(unsigned char *suppdata, unsigned short suppdata_len, int isServer, conn_rec *c);
static int format_dtcp_suppdata(unsigned char *suppdata, unsigned short *suppdata_len,
unsigned char *pServerSuppdata, int isServer, int sendCert);
unsigned char *pServerSuppdata, int isServer, int sendCert, X509 *cert, conn_rec *c);
#endif // __H_MOD_DTCPIP_AUTH
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment