1 #ifndef MASTER_SERVICE_SSL_SETTINGS_H 2 #define MASTER_SERVICE_SSL_SETTINGS_H 3 4 struct master_service; 5 struct setting_parser_context; 6 struct ssl_iostream_settings; 7 8 struct master_service_ssl_settings { 9 const char *ssl; 10 const char *ssl_ca; 11 const char *ssl_client_ca_file; 12 const char *ssl_client_ca_dir; 13 const char *ssl_client_cert; 14 const char *ssl_client_key; 15 const char *ssl_cipher_list; 16 const char *ssl_cipher_suites; 17 const char *ssl_curve_list; 18 const char *ssl_min_protocol; 19 const char *ssl_cert_username_field; 20 const char *ssl_crypto_device; 21 const char *ssl_options; 22 23 bool ssl_verify_client_cert; 24 bool ssl_client_require_valid_cert; 25 bool ssl_require_crl; 26 bool verbose_ssl; 27 bool ssl_prefer_server_ciphers; 28 29 /* These are derived from ssl_options, not set directly */ 30 struct { 31 bool compression; 32 bool tickets; 33 } parsed_opts; 34 }; 35 36 struct master_service_ssl_server_settings { 37 const char *ssl_cert; 38 const char *ssl_alt_cert; 39 const char *ssl_key; 40 const char *ssl_alt_key; 41 const char *ssl_key_password; 42 const char *ssl_dh; 43 }; 44 45 extern const struct setting_parser_info master_service_ssl_setting_parser_info; 46 extern const struct setting_parser_info master_service_ssl_server_setting_parser_info; 47 48 const struct master_service_ssl_settings * 49 master_service_ssl_settings_get(struct master_service *service); 50 const struct master_service_ssl_settings * 51 master_service_ssl_settings_get_from_parser(struct setting_parser_context *set_parser); 52 53 const struct master_service_ssl_server_settings * 54 master_service_ssl_server_settings_get(struct master_service *service); 55 56 /* Provides master service ssl settings to iostream settings */ 57 void master_service_ssl_client_settings_to_iostream_set( 58 const struct master_service_ssl_settings *ssl_set, pool_t pool, 59 struct ssl_iostream_settings *set_r); 60 void master_service_ssl_server_settings_to_iostream_set( 61 const struct master_service_ssl_settings *ssl_set, 62 const struct master_service_ssl_server_settings *ssl_server_set, 63 pool_t pool, struct ssl_iostream_settings *set_r); 64 65 #endif 66