2 * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 #ifndef SQUID_TOOLS_SQUIDCLIENT_TRANSPORT_H
10 #define SQUID_TOOLS_SQUIDCLIENT_TRANSPORT_H
12 #include "tools/squidclient/Parameters.h"
14 #if HAVE_GNUTLS_GNUTLS_H
15 #include <gnutls/gnutls.h>
23 /// parameters controlling outgoing connection
30 port(CACHE_HTTP_PORT
),
34 hostname
= "localhost";
37 // TODO: implicit transport options depending on the protocol-specific options
38 // ie --https enables TLS connection settings
40 /// display Transport Options command line help to stderr
44 * parse transport related command line options
45 * \return true if there are other options still to parse
47 bool parseCommandOpts(int argc
, char *argv
[], int c
, int &optIndex
);
49 /// I/O operation timeout
52 /// the local hostname to bind as for outgoing IP
53 const char *localHost
;
55 /// the destination server host name to contact
58 /// port on the server to contact
61 /// whether to enable TLS on the server connnection
64 /// whether to do anonymous TLS (non-authenticated)
67 /// The TLS parameters (list of ciphers, versions, flags)
68 /// Default is "NORMAL" unless tlsAnonymous is used,
69 /// in which case it becomes "PERFORMANCE:+ANON-ECDH:+ANON-DH".
70 /// see http://gnutls.org/manual/html_node/Priority-Strings.html
73 // client certificate PEM file(s)
74 std::list
<std::string
> certFiles
;
76 // client trusted x509 certificate authorities file
77 std::list
<std::string
> caFiles
;
80 /// anonymous client credentials
81 gnutls_anon_client_credentials_t anonCredentials
;
83 // client x509 certificate credentials
84 gnutls_certificate_credentials_t certCredentials
;
87 gnutls_session_t session
;
91 extern TheConfig Config
;
93 /// locate and connect to the configured server
96 /// close the current connection
97 void CloseConnection();
99 /// Initialize TLS library environment when necessary.
102 /// perform TLS handshake on the currently open connection if
103 /// TLS library has been initialized.
104 /// return false on errors, true otherwise even if TLS not performed.
105 bool MaybeStartTls(const char *hostname
);
107 /// De-initialize TLS library environment when necessary.
110 /// write len bytes to the currently open connection.
111 /// \return the number of bytes written, or -1 on errors
112 ssize_t
Write(void *buf
, size_t len
);
114 /// read up to len bytes from the currently open connection.
115 /// \return the number of bytes read, or -1 on errors
116 ssize_t
Read(void *buf
, size_t len
);
118 } // namespace Transport
120 #endif /* SQUID_TOOLS_SQUIDCLIENT_TRANSPORT_H */