summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar m0gg2007-01-03 13:41:52 +0000
committerGravatar m0gg2007-01-03 13:41:52 +0000
commit59496b8f47ef1ceb7564ea5a052a57018374029f (patch)
tree79fb027a7daaf99b2d679c367650f17f8970c168
parentec3069c4d22c203ccec20eb48618c9cbef2a8b59 (diff)
downloadcsoap-59496b8f47ef1ceb7564ea5a052a57018374029f.tar.gz
csoap-59496b8f47ef1ceb7564ea5a052a57018374029f.tar.bz2
README.ssl moved to nanohttp-ssl.h
-rw-r--r--Makefile.am19
-rw-r--r--README.ssl90
-rw-r--r--TODO27
-rw-r--r--nanohttp/nanohttp-server.h3
-rw-r--r--nanohttp/nanohttp-ssl.h110
5 files changed, 145 insertions, 104 deletions
diff --git a/Makefile.am b/Makefile.am
index 551aeff..2f51a0c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,4 +1,12 @@
-SUBDIRS=nanohttp libcsoap xsd2c wsdl2c examples
+#
+# $Revision: 1.14 $
+#
+
+SUBDIRS=nanohttp \
+ libcsoap \
+ xsd2c \
+ wsdl2c \
+ examples
bin_SCRIPTS=csoap-config
@@ -28,6 +36,11 @@ win32_env=win32/MinGW/Makefile \
win32/MinGW/readme.txt \
win32/include/wsockcompat.h
-EXTRA_DIST=$(documentation) $(win32_env) libcsoap.pc.in libcsoap.m4 \
- indent.pro README.ssl README.xmlsec $(broken_examples)
+EXTRA_DIST=$(documentation) \
+ $(win32_env) \
+ libcsoap.pc.in \
+ libcsoap.m4 \
+ indent.pro \
+ README.xmlsec \
+ $(broken_examples)
diff --git a/README.ssl b/README.ssl
deleted file mode 100644
index 3d462c7..0000000
--- a/README.ssl
+++ /dev/null
@@ -1,90 +0,0 @@
-$Id: README.ssl,v 1.3 2006/12/10 12:23:40 m0gg Exp $
-===============================================================================
-
-How to use SSL with nanoHTTP/cSOAP
-
- 1. Simple key generation
- 2. Generate a key with a certificate
- 3. Generate a certification authority
- 3.1 Create the directory structure
- 3.2 Generate the CA key
- 3.3 Sign a certification request
- 4. Commandline arguments at startup
- 5. Howto hide the password
- 6. What else?
-
-1. Simple key generation
-
- $ openssl req -nodes -days 1825 -subj "/CN=`hostname`" -newkey rsa:1024 -keyout sslkey.pem -out sslreq.pem
-
-2. Generate a key with a certificate
-
-2.1. Create a key and a certification request as in 1.
-2.2. Post the sslreq.pem to your favorite CA
-2.3. Join your key with the certificate from yout CA
- $ cat ssl.cert >> sslkey.pem
-
-3. Generate a certification authority
-
-3.1 Create the directory structure
-
- $ mkdir ca
- $ echo '01' > $1 ca/serial
- $ touch ca/index.txt
- $ mkdir ca/crl
- $ mkdir ca/newcerts
- $ mkdir ca/private
- $ chmod 700 ca/private
-
-3.2 Generate the CA key
-
- $ openssl req -x509 -nodes -days 1826 -subj "/CN=myCa" -newkey rsa:1024 -keyout ca/private/cakey.pem -out ca/cacert.pem
-
-3.3 Sign a certification request
-
- $ openssl ca -in sslreq.pem -out ssl.cert
-
-4. Commandline arguments at startup
-
--NHTTPS Enable https protocol in the nanoHTTP server
-
--NHTTPcert CERTfile A file containing a certificate chain from file. The
- certificates must be in PEM format and must be sorted
- starting with the subject's certificate (actual client
- or server certificate), followed by intermediate CA
- certificates if applicable, and ending at the highest
- level (root) CA.
-
--NHTTPcertpass password The password to be used during decryption of the
- certificate.
-
--NHTTPCA CAfile File pointing to a file of CA certificates in PEM
- format. The file can contain several CA certificates
- identified by
-
- -----BEGIN CERTIFICATE-----
- ... (CA certificate in base64 encoding) ...
- -----END CERTIFICATE-----
-
- sequences. Before, between, and after the certificates
- text is allowed which can be used e.g. for descriptions
- of the certificates.
-
-5. Howto hide the password
-
-You can use the following functions before calling httpd_init, httpc_init and
-accordingly soap_server_init, soap_client_init. The are roughly the same then the
-commandline versions.
-
- - hssl_enable(void)
- - hssl_set_certificate(const char *CERTfile)
- - hssl_set_certpass(const char *pass)
- - hssl_set_ca(const char *CAfile)
-
-NOTE: If you use this functions an specify the commandline arguments, then the
-commandline arguments take precedence.
-
-6. What else?
-
- - int hssl_enabled(void)
-
diff --git a/TODO b/TODO
index 8381e81..abe2b30 100644
--- a/TODO
+++ b/TODO
@@ -1,4 +1,4 @@
-$Id: TODO,v 1.17 2007/01/03 12:16:02 m0gg Exp $
+$Id: TODO,v 1.18 2007/01/03 13:41:52 m0gg Exp $
===============================================================================
Things to do _before_ 1.2 release:
@@ -11,8 +11,8 @@ nanohttp:
- "GET http://fdqn/service HTTP/1.1" segfaults
- Check portability to Win32/MaxOS (only tested on FreeBSD/Solaris/Linux)
- remove CFLAGS="-D_XOPEN_SOURCE=600" ./configure on Linux
-- Elaborate README.ssl (more text and references to csoap API docs, OpenSSL)
- - move this documentation to nanohttp-ssl.h
+- Elaborate nanohttp_ssl_page
+ - (more text and references OpenSSL (project and man pages))
- delete or fix broken examples (see Makefile.am)
- Improve API documentation
@@ -23,7 +23,15 @@ csoap:
- Check portability to Win32/Linux/MaxOS (only tested on FreeBSD 6.2)
- Improve API documentation
- Add reference to http://www.w3.org/TR/SOAP-attachments
-- Write README.xmlsec like README.ssl
+- document xmlsec (like nanohttp_ssl_page)
+
+xsd2c:
+======
+- Check portability
+
+wsdl2c:
+=======
+- Check portability
Things to do _after_ 1.2 release:
=================================
@@ -54,12 +62,13 @@ csoap:
wsdl2c:
=======
+- generate csoap client/server skeletons
xsd2c:
======
-
-+ Add extension base functionality OK
-+ Add deserialize functionality OK
-+ Add simpleTypes (list, restriction?, ...)
-+ List free must use ( <Obj>_Free(..->value) ) instead of ( free() )
+- Check if this is already done:
+ - Add extension base functionality OK
+ - Add deserialize functionality OK
+ - Add simpleTypes (list, restriction?, ...)
+ - List free must use ( <Obj>_Free(..->value) ) instead of ( free() )
diff --git a/nanohttp/nanohttp-server.h b/nanohttp/nanohttp-server.h
index 71c0370..68d61c3 100644
--- a/nanohttp/nanohttp-server.h
+++ b/nanohttp/nanohttp-server.h
@@ -1,5 +1,5 @@
/******************************************************************
- * $Id: nanohttp-server.h,v 1.36 2007/01/01 22:54:46 m0gg Exp $
+ * $Id: nanohttp-server.h,v 1.37 2007/01/03 13:41:52 m0gg Exp $
*
* CSOAP Project: A http client/server library in C
* Copyright (C) 2003 Ferhat Ayaz
@@ -51,6 +51,7 @@
* - @subpage nanohttp_client_page
* - @subpage nanohttp_server_page
* - @subpage nanohttp_mime_page
+ * - @subpage nanohttp_ssl_page
*
* @author Ferhat Ayaz
* @author Michael Rans
diff --git a/nanohttp/nanohttp-ssl.h b/nanohttp/nanohttp-ssl.h
index aa5c781..5794c63 100644
--- a/nanohttp/nanohttp-ssl.h
+++ b/nanohttp/nanohttp-ssl.h
@@ -1,5 +1,5 @@
/******************************************************************
-* $Id: nanohttp-ssl.h,v 1.26 2006/12/11 08:13:19 m0gg Exp $
+* $Id: nanohttp-ssl.h,v 1.27 2007/01/03 13:41:52 m0gg Exp $
*
* CSOAP Project: A http client/server library in C
* Copyright (C) 2001-2005 Rochester Institute of Technology
@@ -24,6 +24,114 @@
#ifndef __nanohttp_ssl_h
#define __nanohttp_ssl_h
+/** @page nanohttp_ssl_page How to use SSL with nanoHTTP/cSOAP
+ *
+ * @section nanohttp_ssl_toc_sec Table of contents
+ *
+ * - @ref nanohttp_ssl_key_generation_sec
+ * - @ref nanohttp_ssl_cert_generation_sec
+ * - @ref nanohttp_ssl_ca_generation_sec
+ * - @ref nanohttp_ssl_ca_dir_sec
+ * - @ref nanohttp_ssl_ca_key_sec
+ * - @ref nanohttp_ssl_sign_sec
+ * - @ref nanohttp_cmdline_sec
+ * - @ref nanohttp_faq_sec
+ *
+ * @section nanohttp_ssl_key_generation_sec Simple key generation
+ *
+ * @code
+ * $ openssl req -nodes -days 1825 -subj "/CN=`hostname`" -newkey rsa:1024 -keyout sslkey.pem -out sslreq.pem
+ * @endcode
+ *
+ * @section nanohttp_ssl_cert_generation_sec Generate a key with a certificate
+ *
+ * @subsection nanohttp_ssl_a_sec Create a key and a certification request
+ * @subsection nanohttp_ssl_b_sec Post the sslreq.pem to your favorite CA
+ * @subsection nanohttp_ssl_c_sec Join your key with the certificate from yout CA
+ *
+ * @code
+ * $ cat ssl.cert >> sslkey.pem
+ * @endcode
+ *
+ * @section nanohttp_ssl_ca_generation_sec Generate a certification authority
+ *
+ * @subsection nanohttp_ssl_ca_dir_sec Create the directory structure
+ *
+ * @code
+ * $ mkdir ca
+ * $ echo '01' > $1 ca/serial
+ * $ touch ca/index.txt
+ * $ mkdir ca/crl
+ * $ mkdir ca/newcerts
+ * $ mkdir ca/private
+ * $ chmod 700 ca/private
+ * @endcode
+ *
+ * @subsection nanohttp_ssl_ca_key_sec Generate the CA key
+ *
+ * @code
+ * $ openssl req -x509 -nodes -days 1826 -subj "/CN=myCa" -newkey rsa:1024 -keyout ca/private/cakey.pem -out ca/cacert.pem
+ * @endcode
+ *
+ * @subsection nanohttp_ssl_sign_sec Sign a certification request
+ *
+ * @code
+ * $ openssl ca -in sslreq.pem -out ssl.cert
+ * @endcode
+ *
+ * @section nanohttp_cmdline_sec Commandline arguments at startup
+ *
+ * @code
+ * -NHTTPS Enable https protocol in the nanoHTTP server
+ *
+ * -NHTTPcert CERTfile A file containing a certificate chain from file. The
+ * certificates must be in PEM format and must be sorted
+ * starting with the subject's certificate (actual client
+ * or server certificate), followed by intermediate CA
+ * certificates if applicable, and ending at the highest
+ * level (root) CA.
+ *
+ * -NHTTPcertpass password The password to be used during decryption of the
+ * certificate.
+ *
+ * -NHTTPCA CAfile File pointing to a file of CA certificates in PEM
+ * format. The file can contain several CA certificates
+ * identified by
+ *
+ * -----BEGIN CERTIFICATE-----
+ * ... (CA certificate in base64 encoding) ...
+ * -----END CERTIFICATE-----
+ *
+ * sequences. Before, between, and after the certificates
+ * text is allowed which can be used e.g. for descriptions
+ * of the certificates.
+ * @endcode
+ *
+ * @section nanohttp_ssl_faq_sec Frequently asked questions
+ *
+ * - Howto hide the password
+ * You can use the following functions before calling httpd_init, httpc_init
+ * and accordingly soap_server_init, soap_client_init. The are roughly the same
+ * then the commandline versions.
+ *
+ * @code
+ * hssl_enable(void)
+ * hssl_set_certificate(const char *CERTfile)
+ * hssl_set_certpass(const char *pass)
+ * hssl_set_ca(const char *CAfile)
+ * @endcode
+ *
+ * NOTE: If you use this functions an specify the commandline arguments, then
+ * the commandline arguments take precedence.
+ *
+ * - What else?
+ *
+ * @code
+ * int hssl_enabled(void)
+ * @endcode
+ *
+ */
+
/**
*
* Commandline argument to enabled SSL in the nanoHTTP server.