commit 4c1fb4900a27dc0760d824bf96399869f735cfdc
author Michal Vasko <mvasko@cesnet.cz> Mon Jan 30 14:31:07 2017 +0100
committer Michal Vasko <mvasko@cesnet.cz> Mon Jan 30 14:31:07 2017 +0100
tree 76f6e78030a763128377f86df13c64bd438c8cec
parent 10c1456247beb1a06bb43227f715c12956db9d49

session CHANGE use callbacks for hostkey and certificate retrieval

src/session_p.h

diff --git a/src/session_p.h b/src/session_p.h
index a999771..b2adba7 100644
--- a/src/session_p.h
+++ b/src/session_p.h
@@ -4,7 +4,7 @@
  * \author Michal Vasko <mvasko@cesnet.cz>
  * \brief libnetconf2 session manipulation
  *
- * Copyright (c) 2015 CESNET, z.s.p.o.
+ * Copyright (c) 2017 CESNET, z.s.p.o.
  *
  * This source code is licensed under BSD 3-Clause License (the "License").
  * You may not use this file except in compliance with the License.
@@ -98,13 +98,9 @@
 
 /* ACCESS locked, separate locks */
 struct nc_server_tls_opts {
-    EVP_PKEY *server_key;
-    X509 *server_cert;
-    struct nc_cert {
-        const char *name;
-        X509 *cert;
-    } *trusted_certs;
-    uint16_t trusted_cert_count;
+    const char *server_cert;
+    const char **trusted_cert_lists;
+    uint16_t trusted_cert_list_count;
     const char *trusted_ca_file;
     const char *trusted_ca_dir;
     X509_STORE *crl_store;
@@ -149,6 +145,16 @@
     uint16_t idle_timeout;
 #ifdef NC_ENABLED_TLS
     int (*user_verify_clb)(const struct nc_session *session);
+
+    int (*server_cert_clb)(const char *name, void *user_data, char **cert_path, char **cert_data,char **privkey_path,
+                           char **privkey_data, int *privkey_data_rsa);
+    void *server_cert_data;
+    void (*server_cert_data_free)(void *data);
+
+    int (*trusted_cert_list_clb)(const char *name, void *user_data, char ***cert_paths, int *cert_path_count,
+                                 char ***cert_data, int *cert_data_count);
+    void *trusted_cert_list_data;
+    void (*trusted_cert_list_data_free)(void *data);
 #endif
 
 #ifdef NC_ENABLED_SSH
@@ -161,6 +167,10 @@
     } *authkeys;
     uint16_t authkey_count;
     pthread_mutex_t authkey_lock;
+
+    int (*hostkey_clb)(const char *name, void *user_data, char **privkey_path, char **privkey_data, int *privkey_data_rsa);
+    void *hostkey_data;
+    void (*hostkey_data_free)(void *data);
 #endif
 
     /* ACCESS locked, add/remove binds/endpts - WRITE lock endpt_array_lock