From b71e41f433a066ae17088c13c3ca28b089697dab Mon Sep 17 00:00:00 2001
From: olavmrk <olavmrk@a716ebb1-153a-0410-b759-cfb97c6a1b53>
Date: Mon, 27 Oct 2008 11:08:57 +0000
Subject: Add support for IdP CA certificate and SP certificate.

Thanks to Emmanuel Dreyfus for this patch.


git-svn-id: https://modmellon.googlecode.com/svn/trunk@31 a716ebb1-153a-0410-b759-cfb97c6a1b53
---
 auth_mellon_config.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'auth_mellon_config.c')

diff --git a/auth_mellon_config.c b/auth_mellon_config.c
index 250bb8f..e3f46bb 100644
--- a/auth_mellon_config.c
+++ b/auth_mellon_config.c
@@ -371,6 +371,13 @@ const command_rec auth_mellon_commands[] = {
         OR_AUTHCFG,
         "Full path to pem file with the private key for the SP."
         ),
+    AP_INIT_TAKE1(
+        "MellonSPCertFile",
+        ap_set_string_slot,
+        (void *)APR_OFFSETOF(am_dir_cfg_rec, sp_cert_file),
+        OR_AUTHCFG,
+        "Full path to pem file with certificate for the SP."
+        ),
     AP_INIT_TAKE1(
         "MellonIdPMetadataFile",
         ap_set_string_slot,
@@ -385,6 +392,13 @@ const command_rec auth_mellon_commands[] = {
         OR_AUTHCFG,
         "Full path to pem file with the public key for the IdP."
         ),
+    AP_INIT_TAKE1(
+        "MellonIdPCAFile",
+        ap_set_string_slot,
+        (void *)APR_OFFSETOF(am_dir_cfg_rec, idp_ca_file),
+        OR_AUTHCFG,
+        "Full path to pem file with CA chain for the IdP."
+        ),
     AP_INIT_TAKE1(
         "MellonEndpointPath",
         am_set_endpoint_path,
@@ -431,8 +445,10 @@ void *auth_mellon_dir_config(apr_pool_t *p, char *d)
 
     dir->sp_metadata_file = NULL;
     dir->sp_private_key_file = NULL;
+    dir->sp_cert_file = NULL;
     dir->idp_metadata_file = NULL;
     dir->idp_public_key_file = NULL;
+    dir->idp_ca_file = NULL;
 
 
     apr_thread_mutex_create(&dir->server_mutex, APR_THREAD_MUTEX_DEFAULT, p);
@@ -515,6 +531,10 @@ void *auth_mellon_dir_merge(apr_pool_t *p, void *base, void *add)
                                     add_cfg->sp_private_key_file :
                                     base_cfg->sp_private_key_file);
 
+    new_cfg->sp_cert_file = (add_cfg->sp_cert_file ?
+                             add_cfg->sp_cert_file :
+                             base_cfg->sp_cert_file);
+
     new_cfg->idp_metadata_file = (add_cfg->idp_metadata_file ?
                                   add_cfg->idp_metadata_file :
                                   base_cfg->idp_metadata_file);
@@ -523,6 +543,11 @@ void *auth_mellon_dir_merge(apr_pool_t *p, void *base, void *add)
                                     add_cfg->idp_public_key_file :
                                     base_cfg->idp_public_key_file);
 
+    new_cfg->idp_ca_file = (add_cfg->idp_ca_file ?
+                            add_cfg->idp_ca_file :
+                            base_cfg->idp_ca_file);
+
+
 
     apr_thread_mutex_create(&new_cfg->server_mutex,
                             APR_THREAD_MUTEX_DEFAULT, p);
-- 
cgit