summaryrefslogtreecommitdiffstats
path: root/libssl.hh
diff options
context:
space:
mode:
Diffstat (limited to 'libssl.hh')
-rw-r--r--libssl.hh10
1 files changed, 7 insertions, 3 deletions
diff --git a/libssl.hh b/libssl.hh
index fd5d90c..8dd7ff3 100644
--- a/libssl.hh
+++ b/libssl.hh
@@ -12,6 +12,7 @@
#include "config.h"
#include "circular_buffer.hh"
#include "lock.hh"
+#include "misc.hh"
enum class LibsslTLSVersion : uint8_t { Unknown, TLS10, TLS11, TLS12, TLS13 };
@@ -21,7 +22,7 @@ struct TLSCertKeyPair
std::optional<std::string> d_key;
std::optional<std::string> d_password;
explicit TLSCertKeyPair(const std::string& cert, std::optional<std::string> key = std::nullopt, std::optional<std::string> password = std::nullopt):
- d_cert(cert), d_key(key), d_password(password) {
+ d_cert(cert), d_key(std::move(key)), d_password(std::move(password)) {
}
};
@@ -53,6 +54,8 @@ public:
bool d_asyncMode{false};
/* enable kTLS mode, if supported */
bool d_ktls{false};
+ /* set read ahead mode, if supported */
+ bool d_readAhead{true};
};
struct TLSErrorCounters
@@ -113,7 +116,6 @@ class OpenSSLTLSTicketKeysRing
public:
OpenSSLTLSTicketKeysRing(size_t capacity);
~OpenSSLTLSTicketKeysRing();
- void addKey(std::shared_ptr<OpenSSLTLSTicketKey> newKey);
std::shared_ptr<OpenSSLTLSTicketKey> getEncryptionKey();
std::shared_ptr<OpenSSLTLSTicketKey> getDecryptionKey(unsigned char name[TLS_TICKETS_KEY_NAME_SIZE], bool& activeKey);
size_t getKeysCount();
@@ -121,6 +123,8 @@ public:
void rotateTicketsKey(time_t now);
private:
+ void addKey(std::shared_ptr<OpenSSLTLSTicketKey>&& newKey);
+
SharedLockGuarded<boost::circular_buffer<std::shared_ptr<OpenSSLTLSTicketKey> > > d_ticketKeys;
};
@@ -151,7 +155,7 @@ bool libssl_set_min_tls_version(std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)
std::pair<std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)>, std::vector<std::string>> libssl_init_server_context(const TLSConfig& config,
std::map<int, std::string>& ocspResponses);
-std::unique_ptr<FILE, int(*)(FILE*)> libssl_set_key_log_file(std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)>& ctx, const std::string& logFile);
+pdns::UniqueFilePtr libssl_set_key_log_file(std::unique_ptr<SSL_CTX, decltype(&SSL_CTX_free)>& ctx, const std::string& logFile);
/* called in a client context, if the client advertised more than one ALPN values and the server returned more than one as well, to select the one to use. */
#ifndef DISABLE_NPN