diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 21:14:49 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-13 21:14:49 +0000 |
| commit | 2f230033794fafdf10822568e763d4db68cf6c6b (patch) | |
| tree | 39ca5c2325b7b43c9a28ca6d4ad4026a61e7eb97 /libssl.hh | |
| parent | Adding debian version 1.8.3-3. (diff) | |
| download | dnsdist-2f230033794fafdf10822568e763d4db68cf6c6b.tar.xz dnsdist-2f230033794fafdf10822568e763d4db68cf6c6b.zip | |
Merging upstream version 1.9.3.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'libssl.hh')
| -rw-r--r-- | libssl.hh | 10 |
1 files changed, 7 insertions, 3 deletions
@@ -12,6 +12,7 @@ #include "config.h" #include "circular_buffer.hh" #include "lock.hh" +#include "misc.hh" enum class LibsslTLSVersion : uint8_t { Unknown, TLS10, TLS11, TLS12, TLS13 }; @@ -21,7 +22,7 @@ struct TLSCertKeyPair std::optional<std::string> d_key; std::optional<std::string> d_password; explicit TLSCertKeyPair(const std::string& cert, std::optional<std::string> key = std::nullopt, std::optional<std::string> password = std::nullopt): - d_cert(cert), d_key(key), d_password(password) { + d_cert(cert), d_key(std::move(key)), d_password(std::move(password)) { } }; @@ -53,6 +54,8 @@ public: bool d_asyncMode{false}; /* enable kTLS mode, if supported */ bool d_ktls{false}; + /* set read ahead mode, if supported */ + bool d_readAhead{true}; }; struct TLSErrorCounters @@ -113,7 +116,6 @@ class OpenSSLTLSTicketKeysRing public: OpenSSLTLSTicketKeysRing(size_t capacity); ~OpenSSLTLSTicketKeysRing(); - void addKey(std::shared_ptr<OpenSSLTLSTicketKey> newKey); std::shared_ptr<OpenSSLTLSTicketKey> getEncryptionKey(); std::shared_ptr<OpenSSLTLSTicketKey> getDecryptionKey(unsigned char name[TLS_TICKETS_KEY_NAME_SIZE], bool& activeKey); size_t getKeysCount(); @@ -121,6 +123,8 @@ public: void rotateTicketsKey(time_t now); private: + void addKey(std::shared_ptr<OpenSSLTLSTicketKey>&& newKey); + SharedLockGuarded<boost::circular_buffer<std::shared_ptr<OpenSSLTLSTicketKey> > > d_ticketKeys; }; @@ -151,7 +155,7 @@ bool libssl_set_min_tls_version(std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free) std::pair<std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)>, std::vector<std::string>> libssl_init_server_context(const TLSConfig& config, std::map<int, std::string>& ocspResponses); -std::unique_ptr<FILE, int(*)(FILE*)> libssl_set_key_log_file(std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)>& ctx, const std::string& logFile); +pdns::UniqueFilePtr libssl_set_key_log_file(std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)>& ctx, const std::string& logFile); /* called in a client context, if the client advertised more than one ALPN values and the server returned more than one as well, to select the one to use. */ #ifndef DISABLE_NPN |