GitList
Browse code

- added tls config parameters support

Andrei Pelinescu-Onciul authored on 03/07/2003 19:40:02
Showing 3 changed files
cfg.lex
History View file @ 46506980e0
... ... 
@@ -35,6 +35,8 @@
35 35 
  *  2003-04-05  s/reply_route/failure_route, onreply_route introduced (jiri)
36 36 
  *  2003-04-12  added force_rport, chdir and wdir (andrei)
37 37 
  *  2003-04-22  strip_tail added (jiri)
38 
+ *  2003-07-03  tls* (disable, certificate, private_key, ca_list, verify,
39 
+ *               require_certificate added (andrei)
38 40 
  */
39 41
40 42
... ... 
@@ -160,6 +162,12 @@ WDIR		"workdir"|"wdir"
160 162 
 MHOMED		mhomed
161 163 
 DISABLE_TCP		"disable_tcp"
162 164 
 TCP_CHILDREN	"tcp_children"
165 
+DISABLE_TLS		"disable_tls"
166 
+TLS_VERIFY		"tls_verify"
167 
+TLS_REQUIRE_CERTIFICATE "tls_require_certificate"
168 
+TLS_CERTIFICATE	"tls_certificate"
169 
+TLS_PRIVATE_KEY "tls_private_key"
170 
+TLS_CA_LIST		"tls_ca_list"
163 171
164 172 
 LOADMODULE	loadmodule
165 173 
 MODPARAM        modparam
... ... 
@@ -281,6 +289,16 @@ EAT_ABLE	[\ \t\b\r]
281 289 
 <INITIAL>{MHOMED}	{ count(); yylval.strval=yytext; return MHOMED; }
282 290 
 <INITIAL>{DISABLE_TCP}	{ count(); yylval.strval=yytext; return DISABLE_TCP; }
283 291 
 <INITIAL>{TCP_CHILDREN}	{ count(); yylval.strval=yytext; return TCP_CHILDREN; }
292 
+<INITIAL>{DISABLE_TLS}	{ count(); yylval.strval=yytext; return DISABLE_TLS; }
293 
+<INITIAL>{TLS_VERIFY}	{ count(); yylval.strval=yytext; return TLS_VERIFY; }
294 
+<INITIAL>{TLS_REQUIRE_CERTIFICATE}	{ count(); yylval.strval=yytext;
295 
+										return TLS_REQUIRE_CERTIFICATE; }
296 
+<INITIAL>{TLS_CERTIFICATE}	{ count(); yylval.strval=yytext;
297 
+										return TLS_CERTIFICATE; }
298 
+<INITIAL>{TLS_PRIVATE_KEY}	{ count(); yylval.strval=yytext;
299 
+										return TLS_PRIVATE_KEY; }
300 
+<INITIAL>{TLS_CA_LIST}	{ count(); yylval.strval=yytext;
301 
+										return TLS_CA_LIST; }
284 302 
 <INITIAL>{FIFO}	{ count(); yylval.strval=yytext; return FIFO; }
285 303 
 <INITIAL>{FIFO_MODE}	{ count(); yylval.strval=yytext; return FIFO_MODE; }
286 304 
 <INITIAL>{SERVER_SIGNATURE}	{ count(); yylval.strval=yytext; return SERVER_SIGNATURE; }
cfg.y
History View file @ 46506980e0
... ... 
@@ -39,6 +39,8 @@
39 39 
  * 2003-04-12  added force_rport, chroot and wdir (andrei)
40 40 
  * 2003-04-15  added tcp_children, disable_tcp (andrei)
41 41 
  * 2003-04-22  strip_tail added (jiri)
42 
+ * 2003-07-03  tls* (disable, certificate, private_key, ca_list, verify,
43 
+ *              require_certificate added (andrei)
42 44 
  */
43 45
44 46
... ... 
@@ -174,6 +176,12 @@ int rt;  /* Type of route block for find_export */
174 176 
 %token MHOMED
175 177 
 %token DISABLE_TCP
176 178 
 %token TCP_CHILDREN
179 
+%token DISABLE_TLS
180 
+%token TLS_VERIFY
181 
+%token TLS_REQUIRE_CERTIFICATE
182 
+%token TLS_CERTIFICATE
183 
+%token TLS_PRIVATE_KEY
184 
+%token TLS_CA_LIST
177 185
178 186
179 187
... ... 
@@ -369,6 +377,61 @@ assign_stm:	DEBUG EQUAL NUMBER { debug=$3; }
369 377 
 									#endif
370 378 
 									}
371 379 
 		| TCP_CHILDREN EQUAL error { yyerror("number expected"); }
380 
+		| DISABLE_TLS EQUAL NUMBER {
381 
+									#ifdef USE_TLS
382 
+										tls_disable=$3;
383 
+									#else
384 
+										fprintf(stderr, "WARNING: tls support"
385 
+												"not compiled in\n");
386 
+									#endif
387 
+									}
388 
+		| DISABLE_TLS EQUAL error { yyerror("boolean value expected"); }
389 
+		| TLS_VERIFY EQUAL NUMBER {
390 
+									#ifdef USE_TLS
391 
+										tls_verify_cert=$3;
392 
+									#else
393 
+										fprintf(stderr, "WARNING: tcp support"
394 
+												"not compiled in\n");
395 
+									#endif
396 
+									}
397 
+		| TLS_VERIFY EQUAL error { yyerror("boolean value expected"); }
398 
+		| TLS_REQUIRE_CERTIFICATE EQUAL NUMBER {
399 
+									#ifdef USE_TLS
400 
+										tls_require_cert=$3;
401 
+									#else
402 
+										fprintf(stderr, "WARNING: tcp support"
403 
+												"not compiled in\n");
404 
+									#endif
405 
+									}
406 
+		| TLS_REQUIRE_CERTIFICATE EQUAL error { yyerror("boolean value"
407 
+																" expected"); }
408 
+		| TLS_CERTIFICATE EQUAL STRING {
409 
+									#ifdef USE_TLS
410 
+											tls_cert_file=$3;
411 
+									#else
412 
+										fprintf(stderr, "WARNING: tls support"
413 
+												"not compiled in\n");
414 
+									#endif
415 
+									}
416 
+		| TLS_CERTIFICATE EQUAL error { yyerror("string value expected"); }
417 
+		| TLS_PRIVATE_KEY EQUAL STRING {
418 
+									#ifdef USE_TLS
419 
+											tls_pkey_file=$3;
420 
+									#else
421 
+										fprintf(stderr, "WARNING: tls support"
422 
+												"not compiled in\n");
423 
+									#endif
424 
+									}
425 
+		| TLS_PRIVATE_KEY EQUAL error { yyerror("string value expected"); }
426 
+		| TLS_CA_LIST EQUAL STRING {
427 
+									#ifdef USE_TLS
428 
+											tls_ca_file=$3;
429 
+									#else
430 
+										fprintf(stderr, "WARNING: tls support"
431 
+												"not compiled in\n");
432 
+									#endif
433 
+									}
434 
+		| TLS_CA_LIST EQUAL error { yyerror("string value expected"); }
372 435 
 		| SERVER_SIGNATURE EQUAL NUMBER { server_signature=$3; }
373 436 
 		| SERVER_SIGNATURE EQUAL error { yyerror("boolean value expected"); }
374 437 
 		| REPLY_TO_VIA EQUAL NUMBER { reply_to_via=$3; }
globals.h
History View file @ 46506980e0
... ... 
@@ -81,6 +81,11 @@ extern int tcp_disable;
81 81 
 #endif
82 82 
 #ifdef USE_TLS
83 83 
 extern int tls_disable;
84 
+extern int tls_verify_cert;
85 
+extern int tls_require_cert;
86 
+extern char* tls_cert_file;
87 
+extern char* tls_pkey_file;
88 
+extern char* tls_ca_file;
84 89 
 #endif
85 90 
 extern int dont_fork;
86 91 
 extern int check_via;