diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2019-07-08 20:14:49 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2019-07-08 20:14:49 +0000 |
| commit | 4bf37db76e7dda93e57a9730958c6d467a85c622 (patch) | |
| tree | e9cdf1b63c1e77c6689994f297dd015b343e4920 /libnetdata/socket/security.h | |
| parent | Releasing debian version 1.15.0-1. (diff) | |
| download | netdata-4bf37db76e7dda93e57a9730958c6d467a85c622.tar.xz netdata-4bf37db76e7dda93e57a9730958c6d467a85c622.zip | |
Merging upstream version 1.16.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'libnetdata/socket/security.h')
| -rw-r--r-- | libnetdata/socket/security.h | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/libnetdata/socket/security.h b/libnetdata/socket/security.h new file mode 100644 index 000000000..8beb9672f --- /dev/null +++ b/libnetdata/socket/security.h @@ -0,0 +1,47 @@ +#ifndef NETDATA_SECURITY_H +# define NETDATA_SECURITY_H + +# define NETDATA_SSL_HANDSHAKE_COMPLETE 0 //All the steps were successful +# define NETDATA_SSL_START 1 //Starting handshake, conn variable is NULL +# define NETDATA_SSL_WANT_READ 2 //The connection wanna read from socket +# define NETDATA_SSL_WANT_WRITE 4 //The connection wanna write on socket +# define NETDATA_SSL_NO_HANDSHAKE 8 //Continue without encrypt connection. +# define NETDATA_SSL_OPTIONAL 16 //Flag to define the HTTP request +# define NETDATA_SSL_FORCE 32 //We only accepts HTTPS request +# define NETDATA_SSL_INVALID_CERTIFICATE 64 //Accepts invalid certificate +# define NETDATA_SSL_VALID_CERTIFICATE 128 //Accepts invalid certificate + +#define NETDATA_SSL_CONTEXT_SERVER 0 +#define NETDATA_SSL_CONTEXT_STREAMING 1 +#define NETDATA_SSL_CONTEXT_OPENTSDB 2 + +# ifdef ENABLE_HTTPS + +# include <openssl/ssl.h> +# include <openssl/err.h> +# if (SSLEAY_VERSION_NUMBER >= 0x0907000L) && (OPENSSL_VERSION_NUMBER < 0x10100000L) +# include <openssl/conf.h> +# endif + +struct netdata_ssl{ + SSL *conn; //SSL connection + int flags; +}; + +extern SSL_CTX *netdata_opentsdb_ctx; +extern SSL_CTX *netdata_client_ctx; +extern SSL_CTX *netdata_srv_ctx; +extern const char *security_key; +extern const char *security_cert; +extern int netdata_use_ssl_on_stream; +extern int netdata_use_ssl_on_http; +extern int netdata_validate_server; + +void security_openssl_library(); +void security_clean_openssl(); +void security_start_ssl(int selector); +int security_process_accept(SSL *ssl,int msg); +int security_test_certificate(SSL *ssl); + +# endif //ENABLE_HTTPS +#endif //NETDATA_SECURITY_H |