syslog-ng source
Classes | Macros | Enumerations | Functions
tls-context.h File Reference
#include "transport/tls-verifier.h"
#include "transport/tls-session.h"
#include "messages.h"
Include dependency graph for tls-context.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Classes

struct  TLSContext
 

Macros

#define TLSCONTEXT_ERROR   tls_context_error_quark()
 

Enumerations

enum  TLSMode { TM_CLIENT , TM_SERVER , TM_MAX }
 
enum  TLSVerifyMode {
  TVM_NONE , TVM_TRUSTED = 0x0001 , TVM_UNTRUSTED = 0x0002 , TVM_OPTIONAL = 0x0010 ,
  TVM_REQUIRED = 0x0020
}
 
enum  TLSSslOptions {
  TSO_NONE , TSO_NOSSLv2 = 0x0001 , TSO_NOSSLv3 = 0x0002 , TSO_NOTLSv1 = 0x0004 ,
  TSO_NOTLSv11 = 0x0008 , TSO_NOTLSv12 = 0x0010 , TSO_NOTLSv13 = 0x0020 , TSO_IGNORE_UNEXPECTED_EOF = 0x0040 ,
  TSO_IGNORE_HOSTNAME_MISMATCH = 0x0080 , TSO_IGNORE_VALIDITY_PERIOD = 0x0100
}
 
enum  TLSContextSetupResult { TLS_CONTEXT_SETUP_OK , TLS_CONTEXT_SETUP_ERROR , TLS_CONTEXT_SETUP_BAD_PASSWORD }
 
enum  TLSContextError { TLSCONTEXT_UNSUPPORTED , TLSCONTEXT_INTERNAL_ERROR }
 

Functions

GQuark tls_context_error_quark (void)
 
gboolean tls_context_set_verify_mode_by_name (TLSContext *self, const gchar *mode_str)
 
gboolean tls_context_set_ssl_options_by_name (TLSContext *self, GList *options)
 
gboolean tls_context_set_ssl_version_by_name (TLSContext *self, const gchar *value)
 
gint tls_context_get_verify_mode (const TLSContext *self)
 
void tls_context_set_verify_mode (TLSContext *self, gint verify_mode)
 
gboolean tls_context_ignore_hostname_mismatch (TLSContext *self)
 
gboolean tls_context_ignore_validity_period (TLSContext *self)
 
void tls_context_set_key_file (TLSContext *self, const gchar *key_file)
 
void tls_context_set_cert_file (TLSContext *self, const gchar *cert_file)
 
gboolean tls_context_set_keylog_file (TLSContext *self, gchar *keylog_file_path, GError **error)
 
void tls_context_set_pkcs12_file (TLSContext *self, const gchar *pkcs12_file)
 
void tls_context_set_ca_dir (TLSContext *self, const gchar *ca_dir)
 
void tls_context_set_crl_dir (TLSContext *self, const gchar *crl_dir)
 
void tls_context_set_ca_file (TLSContext *self, const gchar *ca_file)
 
void tls_context_set_cipher_suite (TLSContext *self, const gchar *cipher_suite)
 
void tls_context_set_allow_compress (TLSContext *self, gboolean allow)
 
gboolean tls_context_set_tls13_cipher_suite (TLSContext *self, const gchar *tls13_cipher_suite, GError **error)
 
gboolean tls_context_set_sigalgs (TLSContext *self, const gchar *sigalgs, GError **error)
 
gboolean tls_context_set_client_sigalgs (TLSContext *self, const gchar *sigalgs, GError **error)
 
gboolean tls_context_set_conf_cmds (TLSContext *self, GList *cmds, GError **error)
 
void tls_context_set_ecdh_curve_list (TLSContext *self, const gchar *ecdh_curve_list)
 
void tls_context_set_dhparam_file (TLSContext *self, const gchar *dhparam_file)
 
void tls_context_set_sni (TLSContext *self, const gchar *sni)
 
void tls_context_set_ocsp_stapling_verify (TLSContext *self, gboolean ocsp_stapling_verify)
 
void tls_context_set_extended_key_usage_verify (TLSContext *self, gboolean extended_key_usage_verify)
 
const gchar * tls_context_get_key_file (TLSContext *self)
 
EVTTAG * tls_context_format_tls_error_tag (TLSContext *self)
 
EVTTAG * tls_context_format_location_tag (TLSContext *self)
 
gboolean tls_context_verify_peer (TLSContext *self, X509 *peer_cert, const gchar *peer_name)
 
TLSContextSetupResult tls_context_setup_context (TLSContext *self)
 
TLSSessiontls_context_setup_session (TLSContext *self)
 
TLSContext * tls_context_new (TLSMode mode, const gchar *config_location)
 
TLSContext * tls_context_ref (TLSContext *self)
 
void tls_context_unref (TLSContext *self)
 
void tls_x509_format_dn (X509_NAME *name, GString *dn)
 

Macro Definition Documentation

◆ TLSCONTEXT_ERROR

#define TLSCONTEXT_ERROR   tls_context_error_quark()

Enumeration Type Documentation

◆ TLSContextError

enum TLSContextError
Enumerator
TLSCONTEXT_UNSUPPORTED 
TLSCONTEXT_INTERNAL_ERROR 

◆ TLSContextSetupResult

enum TLSContextSetupResult
Enumerator
TLS_CONTEXT_SETUP_OK 
TLS_CONTEXT_SETUP_ERROR 
TLS_CONTEXT_SETUP_BAD_PASSWORD 

◆ TLSMode

enum TLSMode
Enumerator
TM_CLIENT 
TM_SERVER 
TM_MAX 

◆ TLSSslOptions

enum TLSSslOptions
Enumerator
TSO_NONE 
TSO_NOSSLv2 
TSO_NOSSLv3 
TSO_NOTLSv1 
TSO_NOTLSv11 
TSO_NOTLSv12 
TSO_NOTLSv13 
TSO_IGNORE_UNEXPECTED_EOF 
TSO_IGNORE_HOSTNAME_MISMATCH 
TSO_IGNORE_VALIDITY_PERIOD 

◆ TLSVerifyMode

enum TLSVerifyMode
Enumerator
TVM_NONE 
TVM_TRUSTED 
TVM_UNTRUSTED 
TVM_OPTIONAL 
TVM_REQUIRED 

Function Documentation

◆ tls_context_error_quark()

GQuark tls_context_error_quark ( void  )

◆ tls_context_format_location_tag()

EVTTAG* tls_context_format_location_tag ( TLSContext *  self)

◆ tls_context_format_tls_error_tag()

EVTTAG* tls_context_format_tls_error_tag ( TLSContext *  self)

◆ tls_context_get_key_file()

const gchar* tls_context_get_key_file ( TLSContext *  self)

◆ tls_context_get_verify_mode()

gint tls_context_get_verify_mode ( const TLSContext *  self)

◆ tls_context_ignore_hostname_mismatch()

gboolean tls_context_ignore_hostname_mismatch ( TLSContext *  self)

◆ tls_context_ignore_validity_period()

gboolean tls_context_ignore_validity_period ( TLSContext *  self)

◆ tls_context_new()

TLSContext* tls_context_new ( TLSMode  mode,
const gchar *  config_location 
)

◆ tls_context_ref()

TLSContext* tls_context_ref ( TLSContext *  self)

◆ tls_context_set_allow_compress()

void tls_context_set_allow_compress ( TLSContext *  self,
gboolean  allow 
)

◆ tls_context_set_ca_dir()

void tls_context_set_ca_dir ( TLSContext *  self,
const gchar *  ca_dir 
)

◆ tls_context_set_ca_file()

void tls_context_set_ca_file ( TLSContext *  self,
const gchar *  ca_file 
)

◆ tls_context_set_cert_file()

void tls_context_set_cert_file ( TLSContext *  self,
const gchar *  cert_file 
)

◆ tls_context_set_cipher_suite()

void tls_context_set_cipher_suite ( TLSContext *  self,
const gchar *  cipher_suite 
)

◆ tls_context_set_client_sigalgs()

gboolean tls_context_set_client_sigalgs ( TLSContext *  self,
const gchar *  sigalgs,
GError **  error 
)

◆ tls_context_set_conf_cmds()

gboolean tls_context_set_conf_cmds ( TLSContext *  self,
GList *  cmds,
GError **  error 
)

◆ tls_context_set_crl_dir()

void tls_context_set_crl_dir ( TLSContext *  self,
const gchar *  crl_dir 
)

◆ tls_context_set_dhparam_file()

void tls_context_set_dhparam_file ( TLSContext *  self,
const gchar *  dhparam_file 
)

◆ tls_context_set_ecdh_curve_list()

void tls_context_set_ecdh_curve_list ( TLSContext *  self,
const gchar *  ecdh_curve_list 
)

◆ tls_context_set_extended_key_usage_verify()

void tls_context_set_extended_key_usage_verify ( TLSContext *  self,
gboolean  extended_key_usage_verify 
)

◆ tls_context_set_key_file()

void tls_context_set_key_file ( TLSContext *  self,
const gchar *  key_file 
)

◆ tls_context_set_keylog_file()

gboolean tls_context_set_keylog_file ( TLSContext *  self,
gchar *  keylog_file_path,
GError **  error 
)

◆ tls_context_set_ocsp_stapling_verify()

void tls_context_set_ocsp_stapling_verify ( TLSContext *  self,
gboolean  ocsp_stapling_verify 
)

◆ tls_context_set_pkcs12_file()

void tls_context_set_pkcs12_file ( TLSContext *  self,
const gchar *  pkcs12_file 
)

◆ tls_context_set_sigalgs()

gboolean tls_context_set_sigalgs ( TLSContext *  self,
const gchar *  sigalgs,
GError **  error 
)

◆ tls_context_set_sni()

void tls_context_set_sni ( TLSContext *  self,
const gchar *  sni 
)

◆ tls_context_set_ssl_options_by_name()

gboolean tls_context_set_ssl_options_by_name ( TLSContext *  self,
GList *  options 
)

◆ tls_context_set_ssl_version_by_name()

gboolean tls_context_set_ssl_version_by_name ( TLSContext *  self,
const gchar *  value 
)

◆ tls_context_set_tls13_cipher_suite()

gboolean tls_context_set_tls13_cipher_suite ( TLSContext *  self,
const gchar *  tls13_cipher_suite,
GError **  error 
)

◆ tls_context_set_verify_mode()

void tls_context_set_verify_mode ( TLSContext *  self,
gint  verify_mode 
)

◆ tls_context_set_verify_mode_by_name()

gboolean tls_context_set_verify_mode_by_name ( TLSContext *  self,
const gchar *  mode_str 
)

◆ tls_context_setup_context()

TLSContextSetupResult tls_context_setup_context ( TLSContext *  self)

◆ tls_context_setup_session()

TLSSession* tls_context_setup_session ( TLSContext *  self)

◆ tls_context_unref()

void tls_context_unref ( TLSContext *  self)

◆ tls_context_verify_peer()

gboolean tls_context_verify_peer ( TLSContext *  self,
X509 *  peer_cert,
const gchar *  peer_name 
)

◆ tls_x509_format_dn()

void tls_x509_format_dn ( X509_NAME *  name,
GString *  dn 
)