1 | /* |
2 | * IXSocketTLSOptions.h |
3 | * Author: Matt DeBoer |
4 | * Copyright (c) 2019 Machine Zone, Inc. All rights reserved. |
5 | */ |
6 | |
7 | #pragma once |
8 | |
9 | #include <string> |
10 | |
11 | namespace ix |
12 | { |
13 | struct SocketTLSOptions |
14 | { |
15 | public: |
16 | // check validity of the object |
17 | bool isValid() const; |
18 | |
19 | // the certificate presented to peers |
20 | std::string certFile; |
21 | |
22 | // the key used for signing/encryption |
23 | std::string keyFile; |
24 | |
25 | // the ca certificate (or certificate bundle) file containing |
26 | // certificates to be trusted by peers; use 'SYSTEM' to |
27 | // leverage the system defaults, use 'NONE' to disable peer verification |
28 | std::string caFile = "SYSTEM" ; |
29 | |
30 | // list of ciphers (rsa, etc...) |
31 | std::string ciphers = "DEFAULT" ; |
32 | |
33 | // whether tls is enabled, used for server code |
34 | bool tls = false; |
35 | |
36 | bool hasCertAndKey() const; |
37 | |
38 | bool isUsingSystemDefaults() const; |
39 | |
40 | bool isUsingInMemoryCAs() const; |
41 | |
42 | bool isPeerVerifyDisabled() const; |
43 | |
44 | bool isUsingDefaultCiphers() const; |
45 | |
46 | const std::string& getErrorMsg() const; |
47 | |
48 | std::string getDescription() const; |
49 | |
50 | private: |
51 | mutable std::string _errMsg; |
52 | mutable bool _validated = false; |
53 | }; |
54 | } // namespace ix |
55 | |