2 * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 #ifndef SQUID_SRC_SECURITY_PEEROPTIONS_H
10 #define SQUID_SRC_SECURITY_PEEROPTIONS_H
12 #include "ConfigParser.h"
14 #include "security/forward.h"
19 /// TLS squid.conf settings for a remote server peer
23 PeerOptions() : parsedOptions(0), sslVersion(0), encryptTransport(false) {}
25 /// parse a TLS squid.conf option
26 void parse(const char *);
28 /// reset the configuration details to default
29 void clear() {*this = PeerOptions();}
31 /// generate a security context from these configured options
32 Security::ContextPointer
createContext(bool setOptions
);
34 SBuf certFile
; ///< path of file containing PEM format X509 certificate
35 SBuf privateKeyFile
; ///< path of file containing private key in PEM format
36 SBuf sslOptions
; ///< library-specific options string
37 SBuf caFile
; ///< path of file containing trusted Certificate Authority
38 SBuf caDir
; ///< path of directory containing a set of trusted Certificate Authorities
39 SBuf crlFile
; ///< path of file containing Certificate Revoke List
45 long parsedOptions
; ///< parsed value of sslOptions
49 /// whether transport encryption (TLS/SSL) is to be used on connections to the peer
50 bool encryptTransport
;
53 /// configuration options for DIRECT server access
54 extern PeerOptions ProxyOutgoingConfig
;
56 } // namespace Security
58 // parse the tls_outgoing_options directive
59 void parse_securePeerOptions(Security::PeerOptions
*);
60 #define free_securePeerOptions(x) Security::ProxyOutgoingConfig.clear()
61 #define dump_securePeerOptions(e,n,x) // not supported yet
63 #endif /* SQUID_SRC_SECURITY_PEEROPTIONS_H */