1 /*
2  * Copyright (c) 2015, 2021, Oracle and/or its affiliates.
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License, version 2.0,
6  * as published by the Free Software Foundation.
7  *
8  * This program is also distributed with certain software (including
9  * but not limited to OpenSSL) that is licensed under separate terms,
10  * as designated in a particular file or component or in included license
11  * documentation.  The authors of MySQL hereby grant you an additional
12  * permission to link the program and your derivative works with the
13  * separately licensed software that they have included with MySQL.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU General Public License, version 2.0, for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software
22  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
23  * 02110-1301  USA
24  */
25 
26 #ifndef _NGS_ASIO_OPTIONS_SSL_H_
27 #define _NGS_ASIO_OPTIONS_SSL_H_
28 
29 #include "ngs_common/options.h"
30 #include <violite.h>
31 
32 namespace ngs
33 {
34 
35   class Options_session_ssl : public IOptions_session
36   {
37   public:
Options_session_ssl(Vio * vio)38     Options_session_ssl(Vio *vio)
39     : m_vio(vio)
40     {
41     }
42 
supports_tls()43     bool supports_tls() { return true; };
active_tls()44     bool active_tls() { return true; };
45 
46     std::string ssl_cipher();
47     std::string ssl_version();
48     std::vector<std::string> ssl_cipher_list();
49 
50     long ssl_verify_depth();
51     long ssl_verify_mode();
52 
53     long ssl_sessions_reused();
54     long ssl_get_verify_result_and_cert();
55 
56     std::string ssl_get_peer_certificate_issuer();
57 
58     std::string ssl_get_peer_certificate_subject();
59 
60   private:
61     Vio *m_vio;
62   };
63 
64   class Options_context_ssl : public IOptions_context
65   {
66   public:
Options_context_ssl(st_VioSSLFd * vio_ssl)67     Options_context_ssl(st_VioSSLFd *vio_ssl)
68     : m_vio_ssl(vio_ssl)
69     {
70     }
71 
72     long ssl_ctx_verify_depth();
73     long ssl_ctx_verify_mode();
74 
75     std::string ssl_server_not_after();
76     std::string ssl_server_not_before();
77 
78     long ssl_sess_accept_good();
79     long ssl_sess_accept();
80     long ssl_accept_renegotiates();
81 
82     std::string ssl_session_cache_mode();
83 
84     long ssl_session_cache_hits();
85     long ssl_session_cache_misses();
86     long ssl_session_cache_overflows();
87     long ssl_session_cache_size();
88     long ssl_session_cache_timeouts();
89     long ssl_used_session_cache_entries();
90   private:
91     st_VioSSLFd *m_vio_ssl;
92   };
93 
94 } // namespace ngs
95 
96 #endif // _NGS_ASIO_OPTIONS_SSL_H_
97