]>
Commit | Line | Data |
---|---|---|
9a2f63e7 AJ |
1 | /* |
2 | * Copyright (C) 1996-2014 The Squid Software Foundation and contributors | |
3 | * | |
4 | * Squid software is distributed under GPLv2+ license and includes | |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
7 | */ | |
8 | ||
cdfb670c AJ |
9 | #ifndef SQUID_SRC_SECURITY_PEEROPTIONS_H |
10 | #define SQUID_SRC_SECURITY_PEEROPTIONS_H | |
11 | ||
195f8adb | 12 | #include "ConfigParser.h" |
cdfb670c | 13 | #include "SBuf.h" |
9a2f63e7 | 14 | #include "security/Context.h" |
cdfb670c AJ |
15 | |
16 | namespace Security | |
17 | { | |
18 | ||
19 | class PeerOptions | |
20 | { | |
21 | public: | |
9a2f63e7 AJ |
22 | PeerOptions() : ssl(false), sslVersion(0) {} |
23 | ||
0b0e0864 AJ |
24 | /// parse a TLS squid.conf option |
25 | void parse(const char *); | |
26 | ||
195f8adb AJ |
27 | /// reset the configuration details to default |
28 | void clear() {*this = PeerOptions();} | |
29 | ||
9a2f63e7 AJ |
30 | /// generate a security context from the configured options |
31 | Security::ContextPointer createContext(); | |
cdfb670c | 32 | |
cdfb670c | 33 | bool ssl; ///< whether SSL is to be used on this connection |
9a2f63e7 AJ |
34 | |
35 | SBuf certFile; ///< path of file containing PEM format X509 certificate | |
36 | SBuf privateKeyFile; ///< path of file containing private key in PEM format | |
37 | SBuf sslOptions; ///< library-specific options string | |
38 | SBuf caFile; ///< path of file containing trusted Certificate Authority | |
39 | SBuf caDir; ///< path of directory containign a set of trusted Certificate Authorities | |
40 | SBuf crlFile; ///< path of file containing Certificate Revoke List | |
41 | ||
42 | int sslVersion; | |
43 | SBuf sslCipher; | |
44 | SBuf sslFlags; | |
45 | SBuf sslDomain; | |
cdfb670c AJ |
46 | }; |
47 | ||
195f8adb | 48 | /// configuration options for DIRECT server access |
7e62a74f | 49 | extern PeerOptions ProxyOutgoingConfig; |
195f8adb | 50 | |
cdfb670c AJ |
51 | } // namespace Security |
52 | ||
195f8adb AJ |
53 | // parse the tls_outgoing_options directive |
54 | inline void | |
55 | parse_securePeerOptions(Security::PeerOptions *opt) | |
56 | { | |
57 | while(const char *token = ConfigParser::NextToken()) { | |
58 | opt->parse(token); | |
59 | } | |
60 | } | |
61 | ||
7e62a74f | 62 | #define free_securePeerOptions(x) Security::ProxyOutgoingConfig.clear() |
195f8adb AJ |
63 | #define dump_securePeerOptions(e,n,x) // not supported yet |
64 | ||
cdfb670c | 65 | #endif /* SQUID_SRC_SECURITY_PEEROPTIONS_H */ |