2019-09-23 03:06:15 +02:00
|
|
|
/*
|
|
|
|
|
* IXSocketTLSOptions.h
|
2019-09-30 02:35:18 +02:00
|
|
|
* Author: Matt DeBoer
|
|
|
|
|
* Copyright (c) 2019 Machine Zone, Inc. All rights reserved.
|
2019-09-23 03:06:15 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#pragma once
|
|
|
|
|
|
|
|
|
|
#include <string>
|
|
|
|
|
|
|
|
|
|
namespace ix
|
|
|
|
|
{
|
|
|
|
|
struct SocketTLSOptions
|
|
|
|
|
{
|
2019-09-30 02:35:18 +02:00
|
|
|
public:
|
|
|
|
|
// check validity of the object
|
|
|
|
|
bool isValid() const;
|
2019-09-23 03:06:15 +02:00
|
|
|
|
|
|
|
|
// the certificate presented to peers
|
|
|
|
|
std::string certFile;
|
2019-10-01 22:54:46 +02:00
|
|
|
|
2019-09-23 03:06:15 +02:00
|
|
|
// the key used for signing/encryption
|
|
|
|
|
std::string keyFile;
|
2019-10-01 22:54:46 +02:00
|
|
|
|
2019-09-23 19:25:23 +02:00
|
|
|
// the ca certificate (or certificate bundle) file containing
|
2019-09-23 03:06:15 +02:00
|
|
|
// certificates to be trusted by peers; use 'SYSTEM' to
|
|
|
|
|
// leverage the system defaults, use 'NONE' to disable peer verification
|
|
|
|
|
std::string caFile = "SYSTEM";
|
|
|
|
|
|
2019-10-01 22:54:46 +02:00
|
|
|
// list of ciphers (rsa, etc...)
|
2019-09-30 02:35:18 +02:00
|
|
|
std::string ciphers = "DEFAULT";
|
|
|
|
|
|
2019-10-01 22:54:46 +02:00
|
|
|
// whether tls is enabled, used for server code
|
|
|
|
|
bool tls = false;
|
|
|
|
|
|
2019-09-30 02:35:18 +02:00
|
|
|
bool hasCertAndKey() const;
|
2019-09-23 03:06:15 +02:00
|
|
|
|
|
|
|
|
bool isUsingSystemDefaults() const;
|
|
|
|
|
|
|
|
|
|
bool isPeerVerifyDisabled() const;
|
2019-09-30 02:35:18 +02:00
|
|
|
|
|
|
|
|
bool isUsingDefaultCiphers() const;
|
|
|
|
|
|
|
|
|
|
const std::string& getErrorMsg() const;
|
|
|
|
|
|
|
|
|
|
private:
|
|
|
|
|
mutable std::string _errMsg;
|
2019-12-17 23:10:28 +01:00
|
|
|
mutable bool _validated = false;
|
2019-09-23 03:06:15 +02:00
|
|
|
};
|
|
|
|
|
} // namespace ix
|
