config UPDATE implemented CRL for TLS Certificate Revocation List now supported, this means a new dependency - libcurl.

commit: faecc58124cb2fdb02730d4484ab3a53c5e33f73 [log] [tgz]
author: roman <xjanot04@fit.vutbr.cz> Thu Jun 15 16:13:31 2023 +0200
committer: Michal Vasko <mvasko@cesnet.cz> Fri Nov 03 15:03:11 2023 +0100
tree: d3331cf358cb12375697afa01729439975c594c6
parent: 08f67f40f6c4b122ddce1d6e5dd00e72f7ba73d8 [diff] [blame]
diff --git a/src/session_p.h b/src/session_p.h
index 16100c4..13dfd31 100644
--- a/src/session_p.h
+++ b/src/session_p.h

@@ -227,6 +227,14 @@
 };
 
 /**
+ * @brief Storing downloaded data via CURL.
+ */
+struct nc_curl_data {
+    unsigned char *data;    /**< Downloaded data */
+    size_t size;            /**< Size of downloaded data */
+};
+
+/**
  * @brief Cert-to-name entries.
  */
 struct nc_ctn {
@@ -261,6 +269,10 @@
 
     struct nc_cert_grouping ca_certs;           /**< Client certificate authorities */
     struct nc_cert_grouping ee_certs;           /**< Client end-entity certificates */
+    char *crl_url;                              /**< URI to download the CRL from */
+    char *crl_path;                             /**< Path to a CRL file */
+    int crl_cert_ext;                           /**< Indicates to use CA's distribution points to obtain CRLs */
+    X509_STORE *crl_store;                      /**< Stores all the CRLs */
 
     unsigned int tls_versions;                  /**< TLS versions */
     char *ciphers;                              /**< TLS ciphers */
commit	faecc58124cb2fdb02730d4484ab3a53c5e33f73	[log] [tgz]
author	roman <xjanot04@fit.vutbr.cz>	Thu Jun 15 16:13:31 2023 +0200
committer	Michal Vasko <mvasko@cesnet.cz>	Fri Nov 03 15:03:11 2023 +0100
tree	d3331cf358cb12375697afa01729439975c594c6
parent	08f67f40f6c4b122ddce1d6e5dd00e72f7ba73d8 [diff] [blame]