diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-02-07 11:49:00 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2021-02-07 12:42:05 +0000 |
commit | 2e85f9325a797977eea9dfea0a925775ddd211d9 (patch) | |
tree | 452c7f30d62fca5755f659b99e4e53c7b03afc21 /libnetdata/socket/security.h | |
parent | Releasing debian version 1.19.0-4. (diff) | |
download | netdata-2e85f9325a797977eea9dfea0a925775ddd211d9.tar.xz netdata-2e85f9325a797977eea9dfea0a925775ddd211d9.zip |
Merging upstream version 1.29.0.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'libnetdata/socket/security.h')
-rw-r--r-- | libnetdata/socket/security.h | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/libnetdata/socket/security.h b/libnetdata/socket/security.h index 697e0fda1..17ecc6d05 100644 --- a/libnetdata/socket/security.h +++ b/libnetdata/socket/security.h @@ -10,29 +10,37 @@ # define NETDATA_SSL_FORCE 32 //We only accepts HTTPS request # define NETDATA_SSL_INVALID_CERTIFICATE 64 //Accepts invalid certificate # define NETDATA_SSL_VALID_CERTIFICATE 128 //Accepts invalid certificate +# define NETDATA_SSL_PROXY_HTTPS 256 //Proxy is using HTTPS #define NETDATA_SSL_CONTEXT_SERVER 0 #define NETDATA_SSL_CONTEXT_STREAMING 1 -#define NETDATA_SSL_CONTEXT_OPENTSDB 2 +#define NETDATA_SSL_CONTEXT_EXPORTING 2 # ifdef ENABLE_HTTPS +#define OPENSSL_VERSION_095 0x00905100L +#define OPENSSL_VERSION_097 0x0907000L +#define OPENSSL_VERSION_110 0x10100000L +#define OPENSSL_VERSION_111 0x10101000L + # include <openssl/ssl.h> # include <openssl/err.h> -# if (SSLEAY_VERSION_NUMBER >= 0x0907000L) && (OPENSSL_VERSION_NUMBER < 0x10100000L) +# if (SSLEAY_VERSION_NUMBER >= OPENSSL_VERSION_097) && (OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_110) # include <openssl/conf.h> # endif struct netdata_ssl{ SSL *conn; //SSL connection - int flags; //The flags for SSL connection + uint32_t flags; //The flags for SSL connection }; -extern SSL_CTX *netdata_opentsdb_ctx; +extern SSL_CTX *netdata_exporting_ctx; extern SSL_CTX *netdata_client_ctx; extern SSL_CTX *netdata_srv_ctx; extern const char *security_key; extern const char *security_cert; +extern const char *tls_version; +extern const char *tls_ciphers; extern int netdata_validate_server; extern int security_location_for_context(SSL_CTX *ctx,char *file,char *path); @@ -41,6 +49,7 @@ void security_clean_openssl(); void security_start_ssl(int selector); int security_process_accept(SSL *ssl,int msg); int security_test_certificate(SSL *ssl); +SSL_CTX * security_initialize_openssl_client(); # endif //ENABLE_HTTPS #endif //NETDATA_SECURITY_H |