1#ifndef __XRD_TLSCONTEXT_HH__
2#define __XRD_TLSCONTEXT_HH__
229static const uint64_t
hsto = 0x00000000000000ff;
230static const uint64_t
vdept = 0x000000000000ff00;
232static const uint64_t
logVF = 0x0000000800000000;
233static const uint64_t
servr = 0x0000000400000000;
234static const uint64_t
dnsok = 0x0000000200000000;
235static const uint64_t
nopxy = 0x0000000100000000;
236static const uint64_t
rfCRL = 0x0000004000000000;
237static const uint64_t
crlON = 0x0000008000000000;
238static const uint64_t
crlFC = 0x000000C000000000;
239static const uint64_t
crlRF = 0x00000000ffff0000;
241static const uint64_t
artON = 0x0000002000000000;
244 const char *cadir=0,
const char *cafile=0,
245 uint64_t
opts=0, std::string *
eMsg=0);
278#define TLS_SET_HSTO(cOpts,hstv) \
279 ((cOpts & ~XrdTlsContext::hsto) | (hstv & XrdTlsContext::hsto))
290#define TLS_SET_REFINT(cOpts,refi) ((cOpts & ~XrdTlsContext::crlRF) |\
291 (XrdTlsContext::crlRF & (refi <<XrdTlsContext::crlRS)))
302#define TLS_SET_VDEPTH(cOpts,vdv) ((cOpts & ~XrdTlsContext::vdept) |\
303 (XrdTlsContext::vdept & (vdv <<XrdTlsContext::vdepS)))
static const int scIdErr
Info: Id not set, is too long.
XrdTlsContext & operator=(const XrdTlsContext &ctx)=delete
XrdTlsContext * Clone(bool full=true, bool startCRLRefresh=false)
~XrdTlsContext()
Destructor.
static const uint64_t hsto
Mask to isolate the hsto.
static const uint64_t vdept
Mask to isolate vdept.
static const int crlRS
Bits to shift vdept.
int SessionCache(int opts=scNone, const char *id=0, int idlen=0)
static void SetDefaultCiphers(const char *ciphers)
static const int scClnt
Turn on cache client mode.
static const int DEFAULT_CRL_REF_INT_SEC
Default CRL refresh interval in seconds.
static const uint64_t servr
This is a server context.
static const uint64_t rfCRL
Turn on the CRL refresh thread.
static const int scKeep
Info: TLS-controlled flush disabled.
static const uint64_t nopxy
Do not allow proxy certs.
static const int scNone
Do not change any option settings.
XrdTlsContext(const XrdTlsContext &ctx)=delete
Disallow any copies of this object.
static const uint64_t logVF
Log verify failures.
static const uint64_t crlFC
Full crl chain checking.
static const uint64_t crlON
Enables crl checking.
static const uint64_t artON
Auto retry Handshake.
XrdTlsContext(XrdTlsContext &&ctx)=delete
static const int vdepS
Bits to shift vdept.
const CTX_Params * GetParams()
static const int scOff
Turn off cache.
XrdTlsContext & operator=(XrdTlsContext &&ctx)=delete
static const uint64_t dnsok
Trust DNS for host name.
static const char * Init()
bool newHostCertificateDetected()
bool SetContextCiphers(const char *ciphers)
bool SetCrlRefresh(int refsec=-1)
static const int scSrvr
Turn on cache server mode (default)
static const uint64_t crlRF
Mask to isolate crl refresh in min.
Socket wrapper for TLS I/O.
std::string cafile
-> ca cert file.
uint64_t opts
Options as passed to the constructor.
std::string cadir
-> ca cert directory.
int crlRT
crl refresh interval time in seconds
std::string pkey
-> private key path.
std::string cert
-> certificate path.