summaryrefslogtreecommitdiffstats
path: root/nanohttp
diff options
context:
space:
mode:
authorGravatar m0gg2007-01-03 13:41:52 +0000
committerGravatar m0gg2007-01-03 13:41:52 +0000
commit59496b8f47ef1ceb7564ea5a052a57018374029f (patch)
tree79fb027a7daaf99b2d679c367650f17f8970c168 /nanohttp
parentec3069c4d22c203ccec20eb48618c9cbef2a8b59 (diff)
downloadcsoap-59496b8f47ef1ceb7564ea5a052a57018374029f.tar.gz
csoap-59496b8f47ef1ceb7564ea5a052a57018374029f.tar.bz2
README.ssl moved to nanohttp-ssl.h
Diffstat (limited to 'nanohttp')
-rw-r--r--nanohttp/nanohttp-server.h3
-rw-r--r--nanohttp/nanohttp-ssl.h110
2 files changed, 111 insertions, 2 deletions
diff --git a/nanohttp/nanohttp-server.h b/nanohttp/nanohttp-server.h
index 71c0370..68d61c3 100644
--- a/nanohttp/nanohttp-server.h
+++ b/nanohttp/nanohttp-server.h
@@ -1,5 +1,5 @@
/******************************************************************
- * $Id: nanohttp-server.h,v 1.36 2007/01/01 22:54:46 m0gg Exp $
+ * $Id: nanohttp-server.h,v 1.37 2007/01/03 13:41:52 m0gg Exp $
*
* CSOAP Project: A http client/server library in C
* Copyright (C) 2003 Ferhat Ayaz
@@ -51,6 +51,7 @@
* - @subpage nanohttp_client_page
* - @subpage nanohttp_server_page
* - @subpage nanohttp_mime_page
+ * - @subpage nanohttp_ssl_page
*
* @author Ferhat Ayaz
* @author Michael Rans
diff --git a/nanohttp/nanohttp-ssl.h b/nanohttp/nanohttp-ssl.h
index aa5c781..5794c63 100644
--- a/nanohttp/nanohttp-ssl.h
+++ b/nanohttp/nanohttp-ssl.h
@@ -1,5 +1,5 @@
/******************************************************************
-* $Id: nanohttp-ssl.h,v 1.26 2006/12/11 08:13:19 m0gg Exp $
+* $Id: nanohttp-ssl.h,v 1.27 2007/01/03 13:41:52 m0gg Exp $
*
* CSOAP Project: A http client/server library in C
* Copyright (C) 2001-2005 Rochester Institute of Technology
@@ -24,6 +24,114 @@
#ifndef __nanohttp_ssl_h
#define __nanohttp_ssl_h
+/** @page nanohttp_ssl_page How to use SSL with nanoHTTP/cSOAP
+ *
+ * @section nanohttp_ssl_toc_sec Table of contents
+ *
+ * - @ref nanohttp_ssl_key_generation_sec
+ * - @ref nanohttp_ssl_cert_generation_sec
+ * - @ref nanohttp_ssl_ca_generation_sec
+ * - @ref nanohttp_ssl_ca_dir_sec
+ * - @ref nanohttp_ssl_ca_key_sec
+ * - @ref nanohttp_ssl_sign_sec
+ * - @ref nanohttp_cmdline_sec
+ * - @ref nanohttp_faq_sec
+ *
+ * @section nanohttp_ssl_key_generation_sec Simple key generation
+ *
+ * @code
+ * $ openssl req -nodes -days 1825 -subj "/CN=`hostname`" -newkey rsa:1024 -keyout sslkey.pem -out sslreq.pem
+ * @endcode
+ *
+ * @section nanohttp_ssl_cert_generation_sec Generate a key with a certificate
+ *
+ * @subsection nanohttp_ssl_a_sec Create a key and a certification request
+ * @subsection nanohttp_ssl_b_sec Post the sslreq.pem to your favorite CA
+ * @subsection nanohttp_ssl_c_sec Join your key with the certificate from yout CA
+ *
+ * @code
+ * $ cat ssl.cert >> sslkey.pem
+ * @endcode
+ *
+ * @section nanohttp_ssl_ca_generation_sec Generate a certification authority
+ *
+ * @subsection nanohttp_ssl_ca_dir_sec Create the directory structure
+ *
+ * @code
+ * $ mkdir ca
+ * $ echo '01' > $1 ca/serial
+ * $ touch ca/index.txt
+ * $ mkdir ca/crl
+ * $ mkdir ca/newcerts
+ * $ mkdir ca/private
+ * $ chmod 700 ca/private
+ * @endcode
+ *
+ * @subsection nanohttp_ssl_ca_key_sec Generate the CA key
+ *
+ * @code
+ * $ openssl req -x509 -nodes -days 1826 -subj "/CN=myCa" -newkey rsa:1024 -keyout ca/private/cakey.pem -out ca/cacert.pem
+ * @endcode
+ *
+ * @subsection nanohttp_ssl_sign_sec Sign a certification request
+ *
+ * @code
+ * $ openssl ca -in sslreq.pem -out ssl.cert
+ * @endcode
+ *
+ * @section nanohttp_cmdline_sec Commandline arguments at startup
+ *
+ * @code
+ * -NHTTPS Enable https protocol in the nanoHTTP server
+ *
+ * -NHTTPcert CERTfile A file containing a certificate chain from file. The
+ * certificates must be in PEM format and must be sorted
+ * starting with the subject's certificate (actual client
+ * or server certificate), followed by intermediate CA
+ * certificates if applicable, and ending at the highest
+ * level (root) CA.
+ *
+ * -NHTTPcertpass password The password to be used during decryption of the
+ * certificate.
+ *
+ * -NHTTPCA CAfile File pointing to a file of CA certificates in PEM
+ * format. The file can contain several CA certificates
+ * identified by
+ *
+ * -----BEGIN CERTIFICATE-----
+ * ... (CA certificate in base64 encoding) ...
+ * -----END CERTIFICATE-----
+ *
+ * sequences. Before, between, and after the certificates
+ * text is allowed which can be used e.g. for descriptions
+ * of the certificates.
+ * @endcode
+ *
+ * @section nanohttp_ssl_faq_sec Frequently asked questions
+ *
+ * - Howto hide the password
+ * You can use the following functions before calling httpd_init, httpc_init
+ * and accordingly soap_server_init, soap_client_init. The are roughly the same
+ * then the commandline versions.
+ *
+ * @code
+ * hssl_enable(void)
+ * hssl_set_certificate(const char *CERTfile)
+ * hssl_set_certpass(const char *pass)
+ * hssl_set_ca(const char *CAfile)
+ * @endcode
+ *
+ * NOTE: If you use this functions an specify the commandline arguments, then
+ * the commandline arguments take precedence.
+ *
+ * - What else?
+ *
+ * @code
+ * int hssl_enabled(void)
+ * @endcode
+ *
+ */
+
/**
*
* Commandline argument to enabled SSL in the nanoHTTP server.