From 59496b8f47ef1ceb7564ea5a052a57018374029f Mon Sep 17 00:00:00 2001
From: m0gg
Date: Wed, 3 Jan 2007 13:41:52 +0000
Subject: README.ssl moved to nanohttp-ssl.h

---
 nanohttp/nanohttp-server.h |   3 +-
 nanohttp/nanohttp-ssl.h    | 110 ++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 111 insertions(+), 2 deletions(-)

(limited to 'nanohttp')

diff --git a/nanohttp/nanohttp-server.h b/nanohttp/nanohttp-server.h
index 71c0370..68d61c3 100644
--- a/nanohttp/nanohttp-server.h
+++ b/nanohttp/nanohttp-server.h
@@ -1,5 +1,5 @@
 /******************************************************************
- *  $Id: nanohttp-server.h,v 1.36 2007/01/01 22:54:46 m0gg Exp $
+ *  $Id: nanohttp-server.h,v 1.37 2007/01/03 13:41:52 m0gg Exp $
  *
  * CSOAP Project:  A http client/server library in C
  * Copyright (C) 2003  Ferhat Ayaz
@@ -51,6 +51,7 @@
  * - @subpage nanohttp_client_page
  * - @subpage nanohttp_server_page
  * - @subpage nanohttp_mime_page
+ * - @subpage nanohttp_ssl_page
  *
  * @author	Ferhat Ayaz
  * @author	Michael Rans
diff --git a/nanohttp/nanohttp-ssl.h b/nanohttp/nanohttp-ssl.h
index aa5c781..5794c63 100644
--- a/nanohttp/nanohttp-ssl.h
+++ b/nanohttp/nanohttp-ssl.h
@@ -1,5 +1,5 @@
 /******************************************************************
-*  $Id: nanohttp-ssl.h,v 1.26 2006/12/11 08:13:19 m0gg Exp $
+*  $Id: nanohttp-ssl.h,v 1.27 2007/01/03 13:41:52 m0gg Exp $
 *
 * CSOAP Project:  A http client/server library in C
 * Copyright (C) 2001-2005  Rochester Institute of Technology
@@ -24,6 +24,114 @@
 #ifndef __nanohttp_ssl_h
 #define __nanohttp_ssl_h
 
+/** @page nanohttp_ssl_page How to use SSL with nanoHTTP/cSOAP
+ *
+ * @section nanohttp_ssl_toc_sec Table of contents
+ *
+ * - @ref nanohttp_ssl_key_generation_sec
+ * - @ref nanohttp_ssl_cert_generation_sec
+ * - @ref nanohttp_ssl_ca_generation_sec
+ *   - @ref nanohttp_ssl_ca_dir_sec
+ *   - @ref nanohttp_ssl_ca_key_sec
+ *   - @ref nanohttp_ssl_sign_sec
+ * - @ref nanohttp_cmdline_sec
+ * - @ref nanohttp_faq_sec
+ *
+ * @section nanohttp_ssl_key_generation_sec Simple key generation
+ *
+ * @code
+ * $ openssl req -nodes -days 1825 -subj "/CN=`hostname`" -newkey rsa:1024 -keyout sslkey.pem -out sslreq.pem
+ * @endcode
+ *
+ * @section nanohttp_ssl_cert_generation_sec Generate a key with a certificate
+ *
+ * @subsection nanohttp_ssl_a_sec Create a key and a certification request
+ * @subsection nanohttp_ssl_b_sec Post the sslreq.pem to your favorite CA
+ * @subsection nanohttp_ssl_c_sec Join your key with the certificate from yout CA
+ *
+ * @code
+ * $ cat ssl.cert >> sslkey.pem
+ * @endcode
+ *
+ * @section nanohttp_ssl_ca_generation_sec Generate a certification authority
+ *
+ * @subsection nanohttp_ssl_ca_dir_sec Create the directory structure
+ *
+ * @code
+ * $ mkdir ca
+ * $ echo '01' > $1 ca/serial
+ * $ touch ca/index.txt
+ * $ mkdir ca/crl
+ * $ mkdir ca/newcerts
+ * $ mkdir ca/private
+ * $ chmod 700 ca/private
+ * @endcode
+ *
+ * @subsection nanohttp_ssl_ca_key_sec Generate the CA key
+ *
+ * @code
+ * $ openssl req -x509 -nodes -days 1826 -subj "/CN=myCa" -newkey rsa:1024 -keyout ca/private/cakey.pem -out ca/cacert.pem
+ * @endcode
+ *
+ * @subsection nanohttp_ssl_sign_sec Sign a certification request
+ *
+ * @code
+ * $ openssl ca -in sslreq.pem -out ssl.cert
+ * @endcode
+ *
+ * @section nanohttp_cmdline_sec Commandline arguments at startup
+ *
+ * @code
+ * -NHTTPS                 Enable https protocol in the nanoHTTP server
+ * 
+ * -NHTTPcert CERTfile     A file containing a certificate chain from file. The
+ *                         certificates must be in PEM format and must be sorted
+ *                         starting with the subject's certificate (actual client
+ *                         or server certificate), followed by intermediate CA
+ *                         certificates if applicable, and ending at the highest
+ *                         level (root) CA.
+ * 
+ * -NHTTPcertpass password The password to be used during decryption of the
+ *                         certificate.
+ * 
+ * -NHTTPCA CAfile         File pointing to a file of CA certificates in PEM
+ *                         format. The file can contain several CA certificates
+ *                         identified by
+ * 
+ *                          -----BEGIN CERTIFICATE-----
+ *                          ... (CA certificate in base64 encoding) ...
+ *                          -----END CERTIFICATE-----
+ * 
+ *                         sequences. Before, between, and after the certificates
+ *                         text is allowed which can be used e.g. for descriptions
+ *                         of the certificates. 
+ * @endcode
+ *
+ * @section nanohttp_ssl_faq_sec Frequently asked questions
+ *
+ * - Howto hide the password
+ * You can use the following functions before calling httpd_init, httpc_init
+ * and accordingly soap_server_init, soap_client_init. The are roughly the same
+ * then the commandline versions.
+ *
+ * @code
+ * hssl_enable(void)
+ * hssl_set_certificate(const char *CERTfile)
+ * hssl_set_certpass(const char *pass)
+ * hssl_set_ca(const char *CAfile)
+ * @endcode
+ * 
+ * NOTE: If you use this functions an specify the commandline arguments, then
+ * the commandline arguments take precedence.
+ *
+ * - What else?
+ *
+ * @code
+ * int hssl_enabled(void)
+ * @endcode
+ *
+ */
+
 /**
  *
  * Commandline argument to enabled SSL in the nanoHTTP server.
-- 
cgit v1.1-32-gdbae