TLS squid.conf settings for a remote server peer.

#include <PeerOptions.h>

Inheritance diagram for Security::PeerOptions:
Collaboration diagram for Security::PeerOptions:


struct  flags_
 flags governing Squid internal TLS operations More...

Public Member Functions

 PeerOptions ()
 PeerOptions (const PeerOptions &)=default
PeerOptionsoperator= (const PeerOptions &)=default
 PeerOptions (PeerOptions &&)=default
PeerOptionsoperator= (PeerOptions &&)=default
virtual ~PeerOptions ()
virtual void parse (const char *)
 parse a TLS squid.conf option More...
virtual void clear ()
 reset the configuration details to default More...
virtual Security::ContextPointer createBlankContext () const
 generate an unset security context object More...
Security::ContextPointer createClientContext (bool setOptions)
 generate a security client-context from these configured options More...
void updateTlsVersionLimits ()
 sync the context options with tls-min-version=N configuration More...
void updateContextOptions (Security::ContextPointer &) const
 Setup the library specific 'options=' parameters for the given context. More...
void updateContextNpn (Security::ContextPointer &)
 setup the NPN extension details for the given context More...
void updateContextCa (Security::ContextPointer &)
 setup the CA details for the given context More...
void updateContextCrl (Security::ContextPointer &)
 setup the CRL details for the given context More...
void updateSessionOptions (Security::SessionPointer &)
 setup any library-specific options that can be set for the given session More...
virtual void dumpCfg (Packable *, const char *pfx) const
 output squid.conf syntax with 'pfx' prefix on parameters for the stored settings More...

Public Attributes

SBuf sslOptions
 library-specific options string More...
SBuf caDir
 path of directory containing a set of trusted Certificate Authorities More...
SBuf crlFile
 path of file containing Certificate Revoke List More...
SBuf sslCipher
SBuf sslFlags
 flags defining what TLS operations Squid performs More...
SBuf sslDomain
SBuf tlsMinVersion
 version label for minimum TLS version to permit More...
Security::ParsedOptions parsedOptions
 parsed value of sslOptions More...
long parsedFlags = 0
 parsed value of sslFlags More...
std::list< Security::KeyDatacerts
 details from the cert= and file= config parameters More...
std::list< SBufcaFiles
 paths of files containing trusted Certificate Authority More...
Security::CertRevokeList parsedCrl
 CRL to use when verifying the remote end certificate. More...
bool encryptTransport = false
 whether transport encryption (TLS/SSL) is to be used on connections to the peer More...

Protected Member Functions

template<typename T >
Security::ContextPointer convertContextFromRawPtr (T ctx) const

Protected Attributes

int sslVersion = 0

Private Member Functions

void parseOptions ()
 parsed value of sslOptions More...
long parseFlags ()
void loadCrlFile ()
void loadKeysFile ()

Detailed Description

Definition at line 22 of file PeerOptions.h.

Constructor & Destructor Documentation

Security::PeerOptions::PeerOptions ( )

Definition at line 24 of file

References parseOptions().

Referenced by clear().

Security::PeerOptions::PeerOptions ( const PeerOptions )
Security::PeerOptions::PeerOptions ( PeerOptions &&  )
virtual Security::PeerOptions::~PeerOptions ( )

Definition at line 30 of file PeerOptions.h.

Member Function Documentation

virtual void Security::PeerOptions::clear ( )

Reimplemented in Security::ServerOptions.

Definition at line 36 of file PeerOptions.h.

References PeerOptions().

template<typename T >
Security::ContextPointer Security::PeerOptions::convertContextFromRawPtr ( ctx) const

Definition at line 91 of file PeerOptions.h.

References assert, debugs, and p.

Security::ContextPointer Security::PeerOptions::createBlankContext ( ) const

Reimplemented in Security::ServerOptions.

Definition at line 245 of file

References debugs, Security::ErrorString(), fatalf(), Ssl::Initialize(), and TLS_client_method.

Security::ContextPointer Security::PeerOptions::createClientContext ( bool  setOptions)

Definition at line 275 of file

References Ssl::InitClientContext().

Referenced by configDoConfigure().

void Security::PeerOptions::dumpCfg ( Packable p,
const char *  pfx 
) const

Reimplemented in Security::ServerOptions.

Definition at line 102 of file

References Packable::appendf(), i, SQUIDSBUFPH, and SQUIDSBUFPRINT.

Referenced by dump_peer_options(), and Security::ServerOptions::dumpCfg().

void Security::PeerOptions::loadCrlFile ( )

Load a CRLs list stored in the file whose /path/name is in crlFile replaces any CRL loaded previously

Definition at line 572 of file

References debugs, and NULL.

void Security::PeerOptions::loadKeysFile ( )
PeerOptions& Security::PeerOptions::operator= ( const PeerOptions )
PeerOptions& Security::PeerOptions::operator= ( PeerOptions &&  )
void Security::PeerOptions::parse ( const char *  token)
void Security::PeerOptions::parseOptions ( )

Pre-parse TLS options= parameter to be applied when the TLS objects created. Options must not used in the case of peek or stare bump mode.

Definition at line 432 of file

References CharacterSet::ALPHA, Parser::Tokenizer::atEnd(), SBuf::cmp(), DBG_PARSE_NOTE, debugs, CharacterSet::DIGIT, fatalf(), Parser::Tokenizer::int64(), ssl_option::name, p, Parser::Tokenizer::prefix(), Parser::Tokenizer::remaining(), Parser::Tokenizer::skip(), Parser::Tokenizer::skipAll(), SQUIDSBUFPH, SQUIDSBUFPRINT, and ssl_options.

Referenced by PeerOptions().

void Security::PeerOptions::updateContextCa ( Security::ContextPointer ctx)

Definition at line 645 of file

References DBG_IMPORTANT, debugs, Security::ErrorString(), i, and loadSystemTrustedCa().

void Security::PeerOptions::updateContextCrl ( Security::ContextPointer ctx)

Definition at line 681 of file


void Security::PeerOptions::updateContextNpn ( Security::ContextPointer ctx)

Definition at line 614 of file

void Security::PeerOptions::updateContextOptions ( Security::ContextPointer ctx) const

Definition at line 593 of file

void Security::PeerOptions::updateSessionOptions ( Security::SessionPointer s)

Definition at line 706 of file

References DBG_IMPORTANT, debugs, and Security::ErrorString().

Referenced by CreateSession().

void Security::PeerOptions::updateTlsVersionLimits ( )

Member Data Documentation

SBuf Security::PeerOptions::caDir

Definition at line 73 of file PeerOptions.h.

std::list<SBuf> Security::PeerOptions::caFiles

Definition at line 86 of file PeerOptions.h.

std::list<Security::KeyData> Security::PeerOptions::certs

Definition at line 85 of file PeerOptions.h.

Referenced by Ssl::InitClientContext().

SBuf Security::PeerOptions::crlFile

Definition at line 74 of file PeerOptions.h.

bool Security::PeerOptions::encryptTransport = false
struct Security::PeerOptions::flags_ Security::PeerOptions::flags
Security::CertRevokeList Security::PeerOptions::parsedCrl

Definition at line 87 of file PeerOptions.h.

long Security::PeerOptions::parsedFlags = 0

Definition at line 83 of file PeerOptions.h.

Security::ParsedOptions Security::PeerOptions::parsedOptions

Definition at line 82 of file PeerOptions.h.

Referenced by Ssl::PeekingPeerConnector::initialize().

SBuf Security::PeerOptions::sslCipher

Definition at line 76 of file PeerOptions.h.

Referenced by Ssl::InitClientContext().

SBuf Security::PeerOptions::sslDomain

Definition at line 78 of file PeerOptions.h.

SBuf Security::PeerOptions::sslFlags

Definition at line 77 of file PeerOptions.h.

SBuf Security::PeerOptions::sslOptions

Definition at line 72 of file PeerOptions.h.

int Security::PeerOptions::sslVersion = 0

Definition at line 108 of file PeerOptions.h.

SBuf Security::PeerOptions::tlsMinVersion

Definition at line 80 of file PeerOptions.h.

The documentation for this class was generated from the following files:






Web Site Translations