TLS Configuration. More...
#include <TCPTransportDescriptor.hpp>
Public Types | |
enum | TLSOptions : uint32_t { NONE = 0 , DEFAULT_WORKAROUNDS = 1 << 0 , NO_COMPRESSION = 1 << 1 , NO_SSLV2 = 1 << 2 , NO_SSLV3 = 1 << 3 , NO_TLSV1 = 1 << 4 , NO_TLSV1_1 = 1 << 5 , NO_TLSV1_2 = 1 << 6 , NO_TLSV1_3 = 1 << 7 , SINGLE_DH_USE = 1 << 8 } |
Supported TLS features. More... | |
enum | TLSVerifyMode : uint8_t { UNUSED = 0 , VERIFY_NONE = 1 << 0 , VERIFY_PEER = 1 << 1 , VERIFY_FAIL_IF_NO_PEER_CERT = 1 << 2 , VERIFY_CLIENT_ONCE = 1 << 3 } |
Peer node verification options. More... | |
enum | TLSHandShakeRole : uint8_t { DEFAULT = 0 , CLIENT = 1 << 0 , SERVER = 1 << 1 } |
Role that the transport will take on handshaking. More... | |
Public Member Functions | |
void | add_verify_mode (const TLSVerifyMode verify) |
Add verification modes to the verification mode mask. | |
bool | get_verify_mode (const TLSVerifyMode verify) const |
Get the verification mode mask. | |
void | add_option (const TLSOptions option) |
Add TLS features to the SSL Context options mask. | |
bool | get_option (const TLSOptions option) const |
Get the SSL Context options mask. | |
bool | operator== (const TLSConfig &t) const |
Comparison operator. | |
Public Attributes | |
std::string | password |
Password of the private_key_file or rsa_private_key_file . | |
uint32_t | options = TLSOptions::NONE |
SSL context options mask. | |
std::string | cert_chain_file |
Path to the public certificate chain file. | |
std::string | private_key_file |
Path to the private key certificate file. | |
std::string | tmp_dh_file |
Path to the Diffie-Hellman parameters file. | |
std::string | verify_file |
Path to the CA (Certification-Authority) file. | |
uint8_t | verify_mode = TLSVerifyMode::UNUSED |
Verification mode mask. | |
std::vector< std::string > | verify_paths |
Paths where the system will look for verification files. | |
bool | default_verify_path = false |
Look for verification files on the default paths. | |
int32_t | verify_depth = -1 |
Maximum allowed depth for verifying intermediate certificates. Do not override. | |
std::string | rsa_private_key_file |
Path to the private key RSA certificate file. | |
TLSHandShakeRole | handshake_role = TLSHandShakeRole::DEFAULT |
Role that the transport will take on handshaking. | |
std::string | server_name |
Server name or host name required in case Server Name Indication (SNI) is used. | |
TLS Configuration.
password:
password of the private_key_file
or rsa_private_key_file
.private_key_file:
path to the private key certificate file.rsa_private_key_file:
path to the private key RSA certificate file.cert_chain_file:
path to the public certificate chain file.tmp_dh_file:
path to the Diffie-Hellman parameters file.verify_file:
path to the CA (Certification-Authority) file.verify_mode:
establishes the verification mode mask.options:
establishes the SSL Context options mask.verify_paths:
paths where the system will look for verification files.default_verify_path:
look for verification files on the default paths.handshake_role:
role that the transport will take on handshaking.server_name:
server name or host name required in case Server Name Indication (SNI) is used. enum TLSHandShakeRole : uint8_t |
enum TLSOptions : uint32_t |
Supported TLS features.
Several options can be combined in the same TransportDescriptor using the add_option() member function.
Enumerator | |
---|---|
NONE | |
DEFAULT_WORKAROUNDS | |
NO_COMPRESSION | |
NO_SSLV2 | |
NO_SSLV3 | |
NO_TLSV1 | |
NO_TLSV1_1 | |
NO_TLSV1_2 | |
NO_TLSV1_3 | |
SINGLE_DH_USE |
enum TLSVerifyMode : uint8_t |
Peer node verification options.
Several verification options can be combined in the same TransportDescriptor using the add_verify_mode() member function.
Enumerator | |
---|---|
UNUSED | |
VERIFY_NONE | |
VERIFY_PEER | |
VERIFY_FAIL_IF_NO_PEER_CERT | |
VERIFY_CLIENT_ONCE |
|
inline |
Add TLS features to the SSL Context options mask.
|
inline |
Add verification modes to the verification mode mask.
|
inline |
Get the SSL Context options mask.
|
inline |
Get the verification mode mask.
|
inline |
Comparison operator.
std::string cert_chain_file |
Path to the public certificate chain file.
bool default_verify_path = false |
Look for verification files on the default paths.
TLSHandShakeRole handshake_role = TLSHandShakeRole::DEFAULT |
Role that the transport will take on handshaking.
uint32_t options = TLSOptions::NONE |
SSL context options mask.
std::string password |
Password of the private_key_file
or rsa_private_key_file
.
std::string private_key_file |
Path to the private key certificate file.
std::string rsa_private_key_file |
Path to the private key RSA certificate file.
std::string server_name |
Server name or host name required in case Server Name Indication (SNI) is used.
std::string tmp_dh_file |
Path to the Diffie-Hellman parameters file.
int32_t verify_depth = -1 |
Maximum allowed depth for verifying intermediate certificates. Do not override.
std::string verify_file |
Path to the CA (Certification-Authority) file.
uint8_t verify_mode = TLSVerifyMode::UNUSED |
Verification mode mask.
std::vector<std::string> verify_paths |
Paths where the system will look for verification files.