1 #ifndef MASTER_SERVICE_SSL_SETTINGS_H
2 #define MASTER_SERVICE_SSL_SETTINGS_H
3 
4 struct master_service;
5 struct setting_parser_context;
6 struct ssl_iostream_settings;
7 
8 struct master_service_ssl_settings {
9 	const char *ssl;
10 	const char *ssl_ca;
11 	const char *ssl_client_ca_file;
12 	const char *ssl_client_ca_dir;
13 	const char *ssl_client_cert;
14 	const char *ssl_client_key;
15 	const char *ssl_cipher_list;
16 	const char *ssl_cipher_suites;
17 	const char *ssl_curve_list;
18 	const char *ssl_min_protocol;
19 	const char *ssl_cert_username_field;
20 	const char *ssl_crypto_device;
21 	const char *ssl_options;
22 
23 	bool ssl_verify_client_cert;
24 	bool ssl_client_require_valid_cert;
25 	bool ssl_require_crl;
26 	bool verbose_ssl;
27 	bool ssl_prefer_server_ciphers;
28 
29 	/* These are derived from ssl_options, not set directly */
30 	struct {
31 		bool compression;
32 		bool tickets;
33 	} parsed_opts;
34 };
35 
36 struct master_service_ssl_server_settings {
37 	const char *ssl_cert;
38 	const char *ssl_alt_cert;
39 	const char *ssl_key;
40 	const char *ssl_alt_key;
41 	const char *ssl_key_password;
42 	const char *ssl_dh;
43 };
44 
45 extern const struct setting_parser_info master_service_ssl_setting_parser_info;
46 extern const struct setting_parser_info master_service_ssl_server_setting_parser_info;
47 
48 const struct master_service_ssl_settings *
49 master_service_ssl_settings_get(struct master_service *service);
50 const struct master_service_ssl_settings *
51 master_service_ssl_settings_get_from_parser(struct setting_parser_context *set_parser);
52 
53 const struct master_service_ssl_server_settings *
54 master_service_ssl_server_settings_get(struct master_service *service);
55 
56 /* Provides master service ssl settings to iostream settings */
57 void master_service_ssl_client_settings_to_iostream_set(
58 	const struct master_service_ssl_settings *ssl_set, pool_t pool,
59 	struct ssl_iostream_settings *set_r);
60 void master_service_ssl_server_settings_to_iostream_set(
61 	const struct master_service_ssl_settings *ssl_set,
62 	const struct master_service_ssl_server_settings *ssl_server_set,
63 	pool_t pool, struct ssl_iostream_settings *set_r);
64 
65 #endif
66