diff options
Diffstat (limited to 'include/haproxy/ssl_sock-t.h')
-rw-r--r-- | include/haproxy/ssl_sock-t.h | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/include/haproxy/ssl_sock-t.h b/include/haproxy/ssl_sock-t.h index fdf41a7..d111883 100644 --- a/include/haproxy/ssl_sock-t.h +++ b/include/haproxy/ssl_sock-t.h @@ -105,11 +105,9 @@ enum { }; /* bind ocsp update mode */ -enum { - SSL_SOCK_OCSP_UPDATE_DFLT = 0, - SSL_SOCK_OCSP_UPDATE_OFF = 1, - SSL_SOCK_OCSP_UPDATE_ON = 2, -}; +#define SSL_SOCK_OCSP_UPDATE_OFF -1 +#define SSL_SOCK_OCSP_UPDATE_DFLT 0 +#define SSL_SOCK_OCSP_UPDATE_ON 1 /* states of the CLI IO handler for 'set ssl cert' */ enum { @@ -264,6 +262,7 @@ struct ssl_sock_ctx { struct global_ssl { char *crt_base; /* base directory path for certificates */ + char *key_base; /* base directory path for private keys */ char *ca_base; /* base directory path for CAs and CRLs */ char *issuers_chain_path; /* from "issuers-chain-path" */ int skip_self_issued_ca; @@ -303,11 +302,14 @@ struct global_ssl { int keylog; /* activate keylog */ int extra_files; /* which files not defined in the configuration file are we looking for */ int extra_files_noext; /* whether we remove the extension when looking up a extra file */ + int security_level; /* configure the openssl security level */ #ifndef OPENSSL_NO_OCSP struct { unsigned int delay_max; unsigned int delay_min; + int mode; /* default mode used for ocsp auto-update (off, on) */ + int disable; } ocsp_update; #endif }; |