From bfb1bb119241d85bb9b400881328496e12a39aed Mon Sep 17 00:00:00 2001
From: Daniel Silverstone <dsilvers@digital-scurf.org>
Date: Mon, 5 Aug 2019 18:11:13 +0100
Subject: Migrate SSL certificate storage to the browser window

* Fetchers now provide the certificates before headers
* This is propagated all the way to the browser window
* When a query occurs, we retrieve it from there and fire
  the query with those stored certificates.
* The serial number is a bignum, store it as hex.

Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
---
 content/fetch.h | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'content/fetch.h')

diff --git a/content/fetch.h b/content/fetch.h
index 0b4b52a2f..174e07bf6 100644
--- a/content/fetch.h
+++ b/content/fetch.h
@@ -42,6 +42,7 @@ typedef enum {
 	FETCH_ERROR,
 	FETCH_REDIRECT,
 	FETCH_NOTMODIFIED,
+	FETCH_CERTS,
 	FETCH_AUTH,
 	FETCH_CERT_ERR,
 	FETCH_SSL_ERR
@@ -70,7 +71,7 @@ typedef struct fetch_msg {
 		struct {
 			const struct ssl_cert_info *certs;
 			size_t num_certs;
-		} cert_err;
+		} certs;
 	} data;
 } fetch_msg;
 
@@ -95,12 +96,15 @@ struct ssl_cert_info {
 	char not_before[32];	/**< Valid from date */
 	char not_after[32];	/**< Valid to date */
 	int sig_type;		/**< Signature type */
-	long serial;		/**< Serial number */
+	char serialnum[64];	/**< Serial number */
 	char issuer[256];	/**< Issuer details */
 	char subject[256];	/**< Subject details */
 	int cert_type;		/**< Certificate type */
 };
 
+/** maximum number of X509 certificates in chain for TLS connection */
+#define MAX_SSL_CERTS 10
+
 typedef void (*fetch_callback)(const fetch_msg *msg, void *p);
 
 /**
-- 
cgit v1.2.3