summaryrefslogtreecommitdiffstats
path: root/src/tls/tls_proxy.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls/tls_proxy.h')
-rw-r--r--src/tls/tls_proxy.h13
1 files changed, 9 insertions, 4 deletions
diff --git a/src/tls/tls_proxy.h b/src/tls/tls_proxy.h
index ca664c6..6528639 100644
--- a/src/tls/tls_proxy.h
+++ b/src/tls/tls_proxy.h
@@ -32,8 +32,10 @@
#ifdef USE_TLS
/*
- * TLS_CLIENT_PARAMS structure. If this changes, update all
- * TLS_CLIENT_PARAMS related functions in tls_proxy_client_*.c.
+ * TLS_CLIENT_PARAMS structure, to communicate global TLS library settings
+ * that are the same for all TLS client contexts. This information is used
+ * in tlsproxy(8) to detect inconsistencies. If this structure is changed,
+ * update all TLS_CLIENT_PARAMS related functions in tls_proxy_client_*.c.
*
* In the serialization these attributes are identified by their configuration
* parameter names.
@@ -106,11 +108,11 @@ extern VSTREAM *tls_proxy_open(const char *, int, VSTREAM *, const char *,
((props)->a12), ((props)->a13), ((props)->a14))
#define TLS_PROXY_CLIENT_START_PROPS(props, a1, a2, a3, a4, a5, a6, a7, a8, \
- a9, a10, a11, a12, a13, a14) \
+ a9, a10, a11, a12, a13, a14, a15) \
(((props)->a1), ((props)->a2), ((props)->a3), \
((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \
((props)->a8), ((props)->a9), ((props)->a10), ((props)->a11), \
- ((props)->a12), ((props)->a13), ((props)->a14))
+ ((props)->a12), ((props)->a13), ((props)->a14), ((props)->a15))
extern TLS_SESS_STATE *tls_proxy_context_receive(VSTREAM *);
extern void tls_proxy_context_free(TLS_SESS_STATE *);
@@ -168,6 +170,8 @@ extern void tls_proxy_server_start_free(TLS_SERVER_START_PROPS *);
#define TLS_ATTR_KEX_NAME "key_exchange"
#define TLS_ATTR_KEX_CURVE "key_exchange_curve"
#define TLS_ATTR_KEX_BITS "key_exchange_bits"
+#define TLS_ATTR_CTOS_RPK "ctos_rpk"
+#define TLS_ATTR_STOC_RPK "stoc_rpk"
#define TLS_ATTR_CLNT_SIG_NAME "clnt_signature"
#define TLS_ATTR_CLNT_SIG_CURVE "clnt_signature_curve"
#define TLS_ATTR_CLNT_SIG_BITS "clnt_signature_bits"
@@ -237,6 +241,7 @@ extern void tls_proxy_server_start_free(TLS_SERVER_START_PROPS *);
* TLS_CLIENT_START_PROPS attributes.
*/
#define TLS_ATTR_TIMEOUT "timeout"
+#define TLS_ATTR_ENABLE_RPK "enable_rpk"
#define TLS_ATTR_TLS_LEVEL "tls_level"
#define TLS_ATTR_NEXTHOP "nexthop"
#define TLS_ATTR_HOST "host"