TLS squid.conf settings for a remote server peer. More...

#include <PeerOptions.h>

Inheritance diagram for Security::PeerOptions:
Collaboration diagram for Security::PeerOptions:

Classes

struct  flags_
 flags governing Squid internal TLS operations More...
 

Public Member Functions

 PeerOptions ()
 
 PeerOptions (const PeerOptions &)=default
 
PeerOptionsoperator= (const PeerOptions &)=default
 
 PeerOptions (PeerOptions &&)=default
 
PeerOptionsoperator= (PeerOptions &&)=default
 
virtual ~PeerOptions ()
 
virtual void parse (const char *)
 parse a TLS squid.conf option More...
 
virtual void clear ()
 reset the configuration details to default More...
 
virtual Security::ContextPointer createBlankContext () const
 generate an unset security context object More...
 
Security::ContextPointer createClientContext (bool setOptions)
 generate a security client-context from these configured options More...
 
void updateTlsVersionLimits ()
 sync the context options with tls-min-version=N configuration More...
 
void updateContextOptions (Security::ContextPointer &) const
 Setup the library specific 'options=' parameters for the given context. More...
 
void updateContextNpn (Security::ContextPointer &)
 setup the NPN extension details for the given context More...
 
void updateContextCa (Security::ContextPointer &)
 setup the CA details for the given context More...
 
void updateContextCrl (Security::ContextPointer &)
 setup the CRL details for the given context More...
 
void updateSessionOptions (Security::SessionPointer &)
 setup any library-specific options that can be set for the given session More...
 
virtual void dumpCfg (Packable *, const char *pfx) const
 output squid.conf syntax with 'pfx' prefix on parameters for the stored settings More...
 

Public Attributes

SBuf sslOptions
 library-specific options string More...
 
SBuf caDir
 path of directory containing a set of trusted Certificate Authorities More...
 
SBuf crlFile
 path of file containing Certificate Revoke List More...
 
SBuf sslCipher
 
SBuf sslFlags
 flags defining what TLS operations Squid performs More...
 
SBuf sslDomain
 
SBuf tlsMinVersion
 version label for minimum TLS version to permit More...
 
Security::ParsedOptions parsedOptions
 parsed value of sslOptions More...
 
long parsedFlags = 0
 parsed value of sslFlags More...
 
std::list< Security::KeyDatacerts
 details from the cert= and file= config parameters More...
 
std::list< SBufcaFiles
 paths of files containing trusted Certificate Authority More...
 
Security::CertRevokeList parsedCrl
 CRL to use when verifying the remote end certificate. More...
 
bool encryptTransport = false
 whether transport encryption (TLS/SSL) is to be used on connections to the peer More...
 

Protected Member Functions

template<typename T >
Security::ContextPointer convertContextFromRawPtr (T ctx) const
 

Protected Attributes

int sslVersion = 0
 
struct Security::PeerOptions::flags_ flags
 

Private Member Functions

void parseOptions ()
 parsed value of sslOptions More...
 
long parseFlags ()
 
void loadCrlFile ()
 
void loadKeysFile ()
 

Detailed Description

Definition at line 22 of file PeerOptions.h.

Constructor & Destructor Documentation

◆ PeerOptions() [1/3]

Security::PeerOptions::PeerOptions ( )

Definition at line 24 of file PeerOptions.cc.

References parseOptions().

Referenced by clear().

◆ PeerOptions() [2/3]

Security::PeerOptions::PeerOptions ( const PeerOptions )
default

◆ PeerOptions() [3/3]

Security::PeerOptions::PeerOptions ( PeerOptions &&  )
default

◆ ~PeerOptions()

virtual Security::PeerOptions::~PeerOptions ( )
inlinevirtual

Definition at line 30 of file PeerOptions.h.

References parse().

Member Function Documentation

◆ clear()

◆ convertContextFromRawPtr()

template<typename T >
Security::ContextPointer Security::PeerOptions::convertContextFromRawPtr ( ctx) const
inlineprotected

Definition at line 91 of file PeerOptions.h.

References assert, debugs, and p.

Referenced by createBlankContext(), and Security::ServerOptions::createBlankContext().

◆ createBlankContext()

Security::ContextPointer Security::PeerOptions::createBlankContext ( ) const
virtual

◆ createClientContext()

◆ dumpCfg()

◆ loadCrlFile()

void Security::PeerOptions::loadCrlFile ( )
private

Load a CRLs list stored in the file whose /path/name is in crlFile replaces any CRL loaded previously

Definition at line 572 of file PeerOptions.cc.

References SBuf::c_str(), crlFile, debugs, SBuf::isEmpty(), NULL, and parsedCrl.

Referenced by clear(), and parse().

◆ loadKeysFile()

void Security::PeerOptions::loadKeysFile ( )
private

Referenced by clear().

◆ operator=() [1/2]

PeerOptions& Security::PeerOptions::operator= ( const PeerOptions )
default

◆ operator=() [2/2]

PeerOptions& Security::PeerOptions::operator= ( PeerOptions &&  )
default

◆ parse()

◆ parseFlags()

◆ parseOptions()

void Security::PeerOptions::parseOptions ( )
private

◆ updateContextCa()

◆ updateContextCrl()

void Security::PeerOptions::updateContextCrl ( Security::ContextPointer ctx)

◆ updateContextNpn()

void Security::PeerOptions::updateContextNpn ( Security::ContextPointer ctx)

Definition at line 614 of file PeerOptions.cc.

References flags, and Security::PeerOptions::flags_::tlsNpn.

Referenced by clear(), and createClientContext().

◆ updateContextOptions()

void Security::PeerOptions::updateContextOptions ( Security::ContextPointer ctx) const

Definition at line 593 of file PeerOptions.cc.

References arg, and parsedOptions.

Referenced by clear(), createClientContext(), and Security::ServerOptions::updateContextConfig().

◆ updateSessionOptions()

void Security::PeerOptions::updateSessionOptions ( Security::SessionPointer s)

Definition at line 706 of file PeerOptions.cc.

References DBG_IMPORTANT, debugs, Security::ErrorString(), parsedOptions, and sslOptions.

Referenced by clear(), and CreateSession().

◆ updateTlsVersionLimits()

Member Data Documentation

◆ caDir

SBuf Security::PeerOptions::caDir

Definition at line 73 of file PeerOptions.h.

Referenced by dumpCfg(), parse(), and updateContextCa().

◆ caFiles

std::list<SBuf> Security::PeerOptions::caFiles

◆ certs

◆ crlFile

SBuf Security::PeerOptions::crlFile

Definition at line 74 of file PeerOptions.h.

Referenced by dumpCfg(), loadCrlFile(), and parse().

◆ encryptTransport

◆ flags

◆ parsedCrl

Security::CertRevokeList Security::PeerOptions::parsedCrl

Definition at line 87 of file PeerOptions.h.

Referenced by loadCrlFile(), and updateContextCrl().

◆ parsedFlags

◆ parsedOptions

◆ sslCipher

SBuf Security::PeerOptions::sslCipher

◆ sslDomain

SBuf Security::PeerOptions::sslDomain

Definition at line 78 of file PeerOptions.h.

Referenced by Adaptation::ServiceConfig::grokUri(), and parse().

◆ sslFlags

SBuf Security::PeerOptions::sslFlags

Definition at line 77 of file PeerOptions.h.

Referenced by dumpCfg(), parse(), and parseFlags().

◆ sslOptions

SBuf Security::PeerOptions::sslOptions

◆ sslVersion

int Security::PeerOptions::sslVersion = 0
protected

Definition at line 108 of file PeerOptions.h.

Referenced by parse(), and updateTlsVersionLimits().

◆ tlsMinVersion

SBuf Security::PeerOptions::tlsMinVersion

Definition at line 80 of file PeerOptions.h.

Referenced by parse(), and updateTlsVersionLimits().


The documentation for this class was generated from the following files:

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors