SSL_CMD_SRV(CertificateKeyFile, TAKE1,

    SSL_CMD_SRV(CertificateKeyFile, TAKE1,

                "SSL Server Private Key file "

                "SSL Server Private Key file "

                "('/path/to/file' - PEM or DER encoded)")

                "('/path/to/file' - PEM or DER encoded)")

    SSL_CMD_SRV(CertificateChainFile, TAKE1,

    SSL_CMD_SRV(CertificateChainFile, TAKE1,

                "SSL Server CA Certificate Chain file "

                "SSL Server CA Certificate Chain file "

                "('/path/to/file' - PEM encoded)")

                "('/path/to/file' - PEM encoded)")

    mc->tVHostKeys             = apr_hash_make(pool);

    mc->tVHostKeys             = apr_hash_make(pool);

    mc->tPrivateKey            = apr_hash_make(pool);

    mc->tPrivateKey            = apr_hash_make(pool);

    mc->tPublicCert            = apr_hash_make(pool);

    mc->tPublicCert            = apr_hash_make(pool);

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)

    mc->szCryptoDevice         = NULL;

    mc->szCryptoDevice         = NULL;

#endif

#endif

    /* mctx->pks->... certs/keys are set during module init */

    /* mctx->pks->... certs/keys are set during module init */

#ifdef HAVE_TLS_SESSION_TICKETS

#ifdef HAVE_TLS_SESSION_TICKETS

    mctx->ticket_key = apr_pcalloc(p, sizeof(*mctx->ticket_key));

    mctx->ticket_key = apr_pcalloc(p, sizeof(*mctx->ticket_key));

#endif

#endif

    cfgMergeString(pks->ca_name_path);

    cfgMergeString(pks->ca_name_path);

    cfgMergeString(pks->ca_name_file);

    cfgMergeString(pks->ca_name_file);

#ifdef HAVE_TLS_SESSION_TICKETS

#ifdef HAVE_TLS_SESSION_TICKETS

    cfgMergeString(ticket_key->file_path);

    cfgMergeString(ticket_key->file_path);

    return NULL;

    return NULL;

}

}

const char *ssl_cmd_SSLCertificateKeyFile(cmd_parms *cmd,

const char *ssl_cmd_SSLCertificateKeyFile(cmd_parms *cmd,

                                          void *dcfg,

                                          void *dcfg,

    }

    }

}

}

static int ssl_server_import_cert(server_rec *s,

static int ssl_server_import_cert(server_rec *s,

                                  modssl_ctx_t *mctx,

                                  modssl_ctx_t *mctx,

                                  const char *id,

                                  const char *id,

                                  apr_pool_t *ptemp,

                                  apr_pool_t *ptemp,

                                  modssl_ctx_t *mctx)

                                  modssl_ctx_t *mctx)

{

{

#ifndef OPENSSL_NO_EC

#ifndef OPENSSL_NO_EC

    const char *ecc_id;

    const char *ecc_id;

#endif

#endif

    rsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_RSA);

    rsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_RSA);

    dsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_DSA);

    dsa_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_DSA);

#ifndef OPENSSL_NO_EC

#ifndef OPENSSL_NO_EC

    ecc_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_ECC);

    ecc_id = ssl_asn1_table_keyfmt(ptemp, vhost_id, SSL_AIDX_ECC);

#endif

#endif

    have_rsa = ssl_server_import_cert(s, mctx, rsa_id, SSL_AIDX_RSA);

    have_rsa = ssl_server_import_cert(s, mctx, rsa_id, SSL_AIDX_RSA);

    have_dsa = ssl_server_import_cert(s, mctx, dsa_id, SSL_AIDX_DSA);

    have_dsa = ssl_server_import_cert(s, mctx, dsa_id, SSL_AIDX_DSA);

#ifndef OPENSSL_NO_EC

#ifndef OPENSSL_NO_EC

    have_ecc = ssl_server_import_cert(s, mctx, ecc_id, SSL_AIDX_ECC);

    have_ecc = ssl_server_import_cert(s, mctx, ecc_id, SSL_AIDX_ECC);

#endif

#endif

        MODSSL_CFG_ITEM_FREE(EVP_PKEY_free,

        MODSSL_CFG_ITEM_FREE(EVP_PKEY_free,

                             mctx->pks->keys[i]);

                             mctx->pks->keys[i]);

    }

    }

}

}

apr_status_t ssl_init_ModuleKill(void *data)

apr_status_t ssl_init_ModuleKill(void *data)

    unsigned char *ucp;

    unsigned char *ucp;

    long int length;

    long int length;

    X509 *pX509Cert;

    X509 *pX509Cert;

    BOOL bReadable;

    BOOL bReadable;

    apr_array_header_t *aPassPhrase;

    apr_array_header_t *aPassPhrase;

    int nPassPhrase;

    int nPassPhrase;

    char *an;

    char *an;

    apr_time_t pkey_mtime = 0;

    apr_time_t pkey_mtime = 0;

    apr_status_t rv;

    apr_status_t rv;

    /*

    /*

     * Start with a fresh pass phrase array

     * Start with a fresh pass phrase array

     */

     */

             */

             */

            EVP_PKEY_free(pPrivateKey);

            EVP_PKEY_free(pPrivateKey);

        }

        }

    }

    }

    /*

    /*

#define MODSSL_D2I_ASN1_type_bytes_CONST const

#define MODSSL_D2I_ASN1_type_bytes_CONST const

#define MODSSL_D2I_PrivateKey_CONST const

#define MODSSL_D2I_PrivateKey_CONST const

#define MODSSL_D2I_X509_CONST const

#define MODSSL_D2I_X509_CONST const

#else

#else

#define MODSSL_D2I_ASN1_type_bytes_CONST

#define MODSSL_D2I_ASN1_type_bytes_CONST

#define MODSSL_D2I_PrivateKey_CONST

#define MODSSL_D2I_PrivateKey_CONST

#define MODSSL_D2I_X509_CONST

#define MODSSL_D2I_X509_CONST

#endif

#endif

#if OPENSSL_VERSION_NUMBER >= 0x00908080 && !defined(OPENSSL_NO_OCSP) \

#if OPENSSL_VERSION_NUMBER >= 0x00908080 && !defined(OPENSSL_NO_OCSP) \

     * example the string "vhost.example.com:443:RSA". */

     * example the string "vhost.example.com:443:RSA". */

    apr_hash_t     *tPublicCert;

    apr_hash_t     *tPublicCert;

    apr_hash_t     *tPrivateKey;

    apr_hash_t     *tPrivateKey;

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)

#if defined(HAVE_OPENSSL_ENGINE_H) && defined(HAVE_ENGINE_INIT)

    const char     *szCryptoDevice;

    const char     *szCryptoDevice;

     * unordered lists. */

     * unordered lists. */

    const char  *cert_files[SSL_AIDX_MAX];

    const char  *cert_files[SSL_AIDX_MAX];

    const char  *key_files[SSL_AIDX_MAX];

    const char  *key_files[SSL_AIDX_MAX];

    /* Loaded certs and keys; these arrays ARE indexed by the

    /* Loaded certs and keys; these arrays ARE indexed by the

     * algorithm type, i.e.  keys[SSL_AIDX_RSA] maps to the RSA

     * algorithm type, i.e.  keys[SSL_AIDX_RSA] maps to the RSA

     * private key. */

     * private key. */

    X509        *certs[SSL_AIDX_MAX];

    X509        *certs[SSL_AIDX_MAX];

    EVP_PKEY    *keys[SSL_AIDX_MAX];

    EVP_PKEY    *keys[SSL_AIDX_MAX];

    /** Certificates which specify the set of CA names which should be

    /** Certificates which specify the set of CA names which should be

     * sent in the CertificateRequest message: */

     * sent in the CertificateRequest message: */

const char  *ssl_cmd_SSLRandomSeed(cmd_parms *, void *, const char *, const char *, const char *);

const char  *ssl_cmd_SSLRandomSeed(cmd_parms *, void *, const char *, const char *, const char *);

const char  *ssl_cmd_SSLEngine(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLEngine(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCipherSuite(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCipherSuite(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCertificateFile(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCertificateFile(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCertificateKeyFile(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCertificateKeyFile(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCertificateChainFile(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLCertificateChainFile(cmd_parms *, void *, const char *);

    return rc;

    return rc;

}

}

/*  _________________________________________________________________

/*  _________________________________________________________________

**

**

**  Smart shutdown

**  Smart shutdown

void        SSL_set_app_data2(SSL *, void *);

void        SSL_set_app_data2(SSL *, void *);

X509       *SSL_read_X509(char *, X509 **, pem_password_cb *);

X509       *SSL_read_X509(char *, X509 **, pem_password_cb *);

EVP_PKEY   *SSL_read_PrivateKey(char *, EVP_PKEY **, pem_password_cb *, void *);

EVP_PKEY   *SSL_read_PrivateKey(char *, EVP_PKEY **, pem_password_cb *, void *);

int         SSL_smart_shutdown(SSL *ssl);

int         SSL_smart_shutdown(SSL *ssl);

BOOL        SSL_X509_isSGC(X509 *);

BOOL        SSL_X509_isSGC(X509 *);

BOOL        SSL_X509_getBC(X509 *, int *, int *);

BOOL        SSL_X509_getBC(X509 *, int *, int *);