Class for SSL configuration. More...
#include <SSLconfig.h>
Public Member Functions | |
| EVENTSVC_DLL std::string | path (const std::string &file) |
| Build a complete filesystem path from directory and filename. | |
| EVENTSVC_DLL | Config (const char *context) |
Data Fields | |
| const char * | IDcontext |
| Session ID context. | |
| unsigned long | supportFlags |
| option flags | |
| long | sessionCacheTimeout |
| session timeout (seconds) | |
| tls_verify_client_choice | verify_choice |
| whether to do client authentication | |
| ICrypto::Environment::ptr_t | envptr |
| Smart ptr to environment. | |
| std::string | confset |
| TLS configuration set. | |
| cipher_suites_t | suites |
| Configured cipher suites. | |
| std::string | suitesstr |
| Suites as OpenSSL string. | |
| std::string | defaultFileDirectory |
| default filesystem directory location | |
| std::string | randomSeedFile |
| name of random seed file | |
| std::string | DHparametersFile |
| DH parameters file. | |
| bool | disable_rsa_blinding |
| whether to disable RSA blinding | |
| std::string | identity_p12Bytes |
| some passed in identity (self-issued for bootstrap, probably) | |
| std::string | identity_passphrase |
| passphrase for identity_p12Bytes | |
| std::string | identity |
| identity directory name, presuming identity_p12Bytes isn't set | |
| int | verify_depth |
| permitted max length of chain | |
| std::string | trustedCA_File |
| PEM file of CA files. | |
| std::list< std::string > | trustedCA_Files |
| DER CA files. | |
| std::list< std::string > | untrusted_Files |
| DER certificates. | |
| std::string | LDAPhost |
| LDAP hostname. | |
| int | LDAPport |
| LDAP port. | |
| int | checkRevocation |
| whether to check CRLs | |
| bool | dontTrustIdentities |
| whether to trust root CAs in identities | |
| bool | OCSPnonce |
| whether to use (and require) nonces | |
| std::string | OCSPuri |
| URI for an OCSP trusted responder. | |
| std::string | OCSPresponder |
| name of file for certificate of trusted responder signer | |
| int | lookup_flags |
| Things not to use for lookup. | |
| std::string | pkcs11_module_path |
| path to pkcs11 module | |
| std::string | pkcs11_module_init |
| pkcs11 module specific arguments | |
| std::string | pkcs11_user_pphr |
| pkcs11 user pphr file (servepass encoded) | |
| std::string | pkcs11_uri |
| pkcs11 uri accessible by user_pin containing private key | |
| std::string | pkcs11_cert |
| path to PEM containing certificate issued for pkcs11 key and all CA | |
Detailed Description
Class for SSL configuration.
Definition at line 65 of file SSLconfig.h.
Constructor & Destructor Documentation
◆ Config()
| SSLTLS::Config::Config | ( | const char * | context | ) |
Definition at line 877 of file ssl_context.C.
Member Function Documentation
◆ path()
| std::string SSLTLS::Config::path | ( | const std::string & | file | ) |
Build a complete filesystem path from directory and filename.
Definition at line 860 of file ssl_context.C.
References defaultFileDirectory.
Field Documentation
◆ IDcontext
| const char* SSLTLS::Config::IDcontext |
Session ID context.
Definition at line 68 of file SSLconfig.h.
◆ supportFlags
| unsigned long SSLTLS::Config::supportFlags |
option flags
Definition at line 69 of file SSLconfig.h.
◆ sessionCacheTimeout
| long SSLTLS::Config::sessionCacheTimeout |
session timeout (seconds)
Definition at line 70 of file SSLconfig.h.
◆ verify_choice
| tls_verify_client_choice SSLTLS::Config::verify_choice |
whether to do client authentication
Definition at line 71 of file SSLconfig.h.
◆ envptr
| ICrypto::Environment::ptr_t SSLTLS::Config::envptr |
Smart ptr to environment.
Definition at line 73 of file SSLconfig.h.
◆ confset
| std::string SSLTLS::Config::confset |
TLS configuration set.
Definition at line 74 of file SSLconfig.h.
◆ suites
| cipher_suites_t SSLTLS::Config::suites |
Configured cipher suites.
Definition at line 77 of file SSLconfig.h.
◆ suitesstr
| std::string SSLTLS::Config::suitesstr |
Suites as OpenSSL string.
Definition at line 78 of file SSLconfig.h.
◆ defaultFileDirectory
| std::string SSLTLS::Config::defaultFileDirectory |
default filesystem directory location
Definition at line 80 of file SSLconfig.h.
Referenced by path().
◆ randomSeedFile
| std::string SSLTLS::Config::randomSeedFile |
name of random seed file
Definition at line 82 of file SSLconfig.h.
◆ DHparametersFile
| std::string SSLTLS::Config::DHparametersFile |
DH parameters file.
Definition at line 83 of file SSLconfig.h.
◆ disable_rsa_blinding
| bool SSLTLS::Config::disable_rsa_blinding |
whether to disable RSA blinding
Definition at line 84 of file SSLconfig.h.
◆ identity_p12Bytes
| std::string SSLTLS::Config::identity_p12Bytes |
some passed in identity (self-issued for bootstrap, probably)
Definition at line 85 of file SSLconfig.h.
◆ identity_passphrase
| std::string SSLTLS::Config::identity_passphrase |
passphrase for identity_p12Bytes
Definition at line 86 of file SSLconfig.h.
◆ identity
| std::string SSLTLS::Config::identity |
identity directory name, presuming identity_p12Bytes isn't set
Definition at line 87 of file SSLconfig.h.
◆ verify_depth
| int SSLTLS::Config::verify_depth |
permitted max length of chain
Definition at line 88 of file SSLconfig.h.
◆ trustedCA_File
| std::string SSLTLS::Config::trustedCA_File |
PEM file of CA files.
Definition at line 89 of file SSLconfig.h.
◆ trustedCA_Files
| std::list<std::string> SSLTLS::Config::trustedCA_Files |
DER CA files.
Definition at line 90 of file SSLconfig.h.
◆ untrusted_Files
| std::list<std::string> SSLTLS::Config::untrusted_Files |
DER certificates.
Definition at line 91 of file SSLconfig.h.
◆ LDAPhost
| std::string SSLTLS::Config::LDAPhost |
LDAP hostname.
Definition at line 92 of file SSLconfig.h.
◆ LDAPport
| int SSLTLS::Config::LDAPport |
LDAP port.
Definition at line 93 of file SSLconfig.h.
◆ checkRevocation
| int SSLTLS::Config::checkRevocation |
whether to check CRLs
Definition at line 94 of file SSLconfig.h.
◆ dontTrustIdentities
| bool SSLTLS::Config::dontTrustIdentities |
whether to trust root CAs in identities
Definition at line 95 of file SSLconfig.h.
◆ OCSPnonce
| bool SSLTLS::Config::OCSPnonce |
whether to use (and require) nonces
Definition at line 96 of file SSLconfig.h.
◆ OCSPuri
| std::string SSLTLS::Config::OCSPuri |
URI for an OCSP trusted responder.
Definition at line 97 of file SSLconfig.h.
◆ OCSPresponder
| std::string SSLTLS::Config::OCSPresponder |
name of file for certificate of trusted responder signer
Definition at line 98 of file SSLconfig.h.
◆ lookup_flags
| int SSLTLS::Config::lookup_flags |
Things not to use for lookup.
Definition at line 99 of file SSLconfig.h.
◆ pkcs11_module_path
| std::string SSLTLS::Config::pkcs11_module_path |
path to pkcs11 module
Definition at line 101 of file SSLconfig.h.
◆ pkcs11_module_init
| std::string SSLTLS::Config::pkcs11_module_init |
pkcs11 module specific arguments
Definition at line 102 of file SSLconfig.h.
◆ pkcs11_user_pphr
| std::string SSLTLS::Config::pkcs11_user_pphr |
pkcs11 user pphr file (servepass encoded)
Definition at line 103 of file SSLconfig.h.
◆ pkcs11_uri
| std::string SSLTLS::Config::pkcs11_uri |
pkcs11 uri accessible by user_pin containing private key
Definition at line 104 of file SSLconfig.h.
◆ pkcs11_cert
| std::string SSLTLS::Config::pkcs11_cert |
path to PEM containing certificate issued for pkcs11 key and all CA
Definition at line 105 of file SSLconfig.h.
The documentation for this class was generated from the following files: