diff options
Diffstat (limited to 'programs/pluto/certs.h')
| -rw-r--r-- | programs/pluto/certs.h | 80 |
1 files changed, 0 insertions, 80 deletions
diff --git a/programs/pluto/certs.h b/programs/pluto/certs.h deleted file mode 100644 index cca128965..000000000 --- a/programs/pluto/certs.h +++ /dev/null @@ -1,80 +0,0 @@ -/* Certificate support for IKE authentication - * Copyright (C) 2002-2004 Andreas Steffen, Zuercher Hochschule Winterthur - * - * This program is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License as published by the - * Free Software Foundation; either version 2 of the License, or (at your - * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY - * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License - * for more details. - * - * RCSID $Id: certs.h,v 1.7 2005/11/06 22:55:41 as Exp $ - */ - -#ifndef _CERTS_H -#define _CERTS_H - -#include "pkcs1.h" -#include "x509.h" -#include "pgp.h" - -/* path definitions for private keys, end certs, - * cacerts, attribute certs and crls - */ -#define PRIVATE_KEY_PATH "/etc/ipsec.d/private" -#define HOST_CERT_PATH "/etc/ipsec.d/certs" -#define CA_CERT_PATH "/etc/ipsec.d/cacerts" -#define A_CERT_PATH "/etc/ipsec.d/acerts" -#define AA_CERT_PATH "/etc/ipsec.d/aacerts" -#define OCSP_CERT_PATH "/etc/ipsec.d/ocspcerts" -#define CRL_PATH "/etc/ipsec.d/crls" -#define REQ_PATH "/etc/ipsec.d/reqs" - -/* advance warning of imminent expiry of - * cacerts, public keys, and crls - */ -#define CA_CERT_WARNING_INTERVAL 30 /* days */ -#define OCSP_CERT_WARNING_INTERVAL 30 /* days */ -#define PUBKEY_WARNING_INTERVAL 7 /* days */ -#define CRL_WARNING_INTERVAL 7 /* days */ -#define ACERT_WARNING_INTERVAL 1 /* day */ - -/* certificate access structure - * currently X.509 and OpenPGP certificates are supported - */ -typedef struct { - u_char type; - union { - x509cert_t *x509; - pgpcert_t *pgp; - } u; -} cert_t; - -/* used for initialization */ -extern const cert_t empty_cert; - -/* do not send certificate requests - * flag set in plutomain.c and used in ipsec_doi.c - */ -extern bool no_cr_send; - -extern err_t load_rsa_private_key(const char* filename, prompt_pass_t *pass - , RSA_private_key_t *key); -extern chunk_t get_mycert(cert_t cert); -extern bool load_coded_file(const char *filename, prompt_pass_t *pass - , const char *type, chunk_t *blob, bool *pgp); -extern bool load_cert(const char *filename, const char *label - , cert_t *cert); -extern bool load_host_cert(const char *filename, cert_t *cert); -extern bool load_ca_cert(const char *filename, cert_t *cert); -extern bool same_cert(const cert_t *a, const cert_t *b); -extern void share_cert(cert_t cert); -extern void release_cert(cert_t cert); -extern void list_certs(bool utc); - -#endif /* _CERTS_H */ - - |