1 /* 2 BAREOS® - Backup Archiving REcovery Open Sourced 3 4 Copyright (C) 2018-2018 Bareos GmbH & Co. KG 5 6 This program is Free Software; you can redistribute it and/or 7 modify it under the terms of version three of the GNU Affero General Public 8 License as published by the Free Software Foundation and included 9 in the file LICENSE. 10 11 This program is distributed in the hope that it will be useful, but 12 WITHOUT ANY WARRANTY; without even the implied warranty of 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14 Affero General Public License for more details. 15 16 You should have received a copy of the GNU Affero General Public License 17 along with this program; if not, write to the Free Software 18 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19 02110-1301, USA. 20 */ 21 22 #ifndef BAREOS_LIB_TLS_CONF_H_ 23 #define BAREOS_LIB_TLS_CONF_H_ 24 25 #include "lib/tls_psk_credentials.h" 26 #include "lib/tls_conf_cert.h" 27 #include "lib/bareos_resource.h" 28 #include "lib/s_password.h" 29 30 enum TlsPolicy : uint32_t 31 { 32 kBnetTlsNone = 0, /*!< No TLS configured */ 33 kBnetTlsEnabled = 1, /*!< TLS with certificates is allowed but not required */ 34 kBnetTlsRequired = 2, /*!< TLS with certificates is required */ 35 kBnetTlsAuto = 4, /*!< TLS mode will be negotiated by ssl handshake */ 36 kBnetTlsDeny = 0xFF, /*!< TLS connection not allowed */ 37 kBnetTlsUnknown = 0xFE /*!< initializer constant */ 38 }; 39 40 class TlsResource { 41 public: 42 s_password password_; /* UA server password */ 43 TlsConfigCert tls_cert_; /* TLS structure */ 44 std::string cipherlist_; /* TLS Cipher List */ 45 bool authenticate_; /* Authenticate only with TLS */ 46 bool tls_enable_; 47 bool tls_require_; 48 49 TlsResource(); 50 bool IsTlsConfigured() const; 51 TlsPolicy GetPolicy() const; 52 int SelectTlsPolicy(TlsPolicy remote_policy) const; 53 }; 54 55 #endif // BAREOS_LIB_TLS_CONF_H_ 56