1 #ifndef __XRD_TLSCONTEXT_HH__
2 #define __XRD_TLSCONTEXT_HH__
29 struct XrdTlsContextImpl;
130 static const int scOff = 0x00010000;
224 static const uint64_t
hsto = 0x00000000000000ff;
225 static const uint64_t
vdept = 0x000000000000ff00;
227 static const uint64_t
logVF = 0x0000000800000000;
228 static const uint64_t
servr = 0x0000000400000000;
229 static const uint64_t
dnsok = 0x0000000200000000;
230 static const uint64_t
nopxy = 0x0000000100000000;
231 static const uint64_t
crlON = 0x0000008000000000;
232 static const uint64_t
crlFC = 0x000000C000000000;
233 static const uint64_t
crlRF = 0x000000003fff0000;
235 static const uint64_t
artON = 0x0000002000000000;
238 const char *cadir=0,
const char *cafile=0,
239 uint64_t opts=0, std::string *eMsg=0);
272 #define TLS_SET_HSTO(cOpts,hstv) \
273 ((cOpts & ~XrdTlsContext::hsto) | (hstv & XrdTlsContext::hsto))
284 #define TLS_SET_REFINT(cOpts,refi) ((cOpts & ~XrdTlsContext::crlRF) |\
285 (XrdTlsContext::crlRF & (refi <<XrdTlsContext::crlRS)))
296 #define TLS_SET_VDEPTH(cOpts,vdv) ((cOpts & ~XrdTlsContext::vdept) |\
297 (XrdTlsContext::vdept & (vdv <<XrdTlsContext::vdepS)))
299 #endif // __XRD_TLSCONTEXT_HH__
bool SetContextCiphers(const char *ciphers)
static const int vdepS
Bits to shift vdept.
Definition: XrdTlsContext.hh:226
int SessionCache(int opts=scNone, const char *id=0, int idlen=0)
CTX_Params()
Definition: XrdTlsContext.hh:80
bool SetCrlRefresh(int refsec=-1)
std::string cadir
-> ca cert directory.
Definition: XrdTlsContext.hh:74
std::string pkey
-> private key path.
Definition: XrdTlsContext.hh:73
static const uint64_t crlON
Enables crl checking.
Definition: XrdTlsContext.hh:231
Socket wrapper for TLS I/O.
Definition: XrdTlsSocket.hh:39
XrdTlsContext * Clone(bool full=true)
XrdTlsContextImpl * pImpl
Definition: XrdTlsContext.hh:258
const CTX_Params * GetParams()
static const uint64_t nopxy
Do not allow proxy certs.
Definition: XrdTlsContext.hh:230
static const int crlRS
Bits to shift vdept.
Definition: XrdTlsContext.hh:234
static const int scClnt
Turn on cache client mode.
Definition: XrdTlsContext.hh:132
static const int scNone
Do not change any option settings.
Definition: XrdTlsContext.hh:129
XrdTlsContext(const char *cert=0, const char *key=0, const char *cadir=0, const char *cafile=0, uint64_t opts=0, std::string *eMsg=0)
int crlRT
crl refresh interval time in seconds
Definition: XrdTlsContext.hh:77
static const uint64_t servr
This is a server context.
Definition: XrdTlsContext.hh:228
XrdTlsContext & operator=(const XrdTlsContext &ctx)=delete
~CTX_Params()
Definition: XrdTlsContext.hh:81
uint64_t opts
Options as passed to the constructor.
Definition: XrdTlsContext.hh:76
static const char * Init()
static const uint64_t crlFC
Full crl chain checking.
Definition: XrdTlsContext.hh:232
Definition: XrdSysLogger.hh:52
static const int scFMax
Definition: XrdTlsContext.hh:135
static const int scSrvr
Turn on cache server mode (default)
Definition: XrdTlsContext.hh:131
Definition: XrdTlsContext.hh:36
static const int scKeep
Info: TLS-controlled flush disabled.
Definition: XrdTlsContext.hh:133
std::string cafile
-> ca cert file.
Definition: XrdTlsContext.hh:75
static const uint64_t vdept
Mask to isolate vdept.
Definition: XrdTlsContext.hh:225
std::string cert
-> certificate path.
Definition: XrdTlsContext.hh:72
static const uint64_t artON
Auto retry Handshake.
Definition: XrdTlsContext.hh:235
static const uint64_t hsto
Mask to isolate the hsto.
Definition: XrdTlsContext.hh:224
int rsvd
Definition: XrdTlsContext.hh:78
static const uint64_t dnsok
Trust DNS for host name.
Definition: XrdTlsContext.hh:229
~XrdTlsContext()
Destructor.
static const int scOff
Turn off cache.
Definition: XrdTlsContext.hh:130
static const uint64_t logVF
Log verify failures.
Definition: XrdTlsContext.hh:227
Definition: XrdTlsContext.hh:71
static void SetDefaultCiphers(const char *ciphers)
static const int scIdErr
Info: Id not set, is too long.
Definition: XrdTlsContext.hh:134
static const uint64_t crlRF
Init crl refresh in Min.
Definition: XrdTlsContext.hh:233