Committed for 1.0.1-0 release

[ultramonkey-l7/sslproxy.git] / include / sslproxy.h

/*\r
 * @file  sslproxy.h\r
 * @brief SSLproxy Header\r
 *\r
 * Copyright (C) 2008  NTT COMWARE Corporation.\r
 *\r
 * This program is free software; you can redistribute it and/or\r
 * modify it under the terms of the GNU Lesser General Public\r
 * License as published by the Free Software Foundation; either\r
 * version 2.1 of the License, or (at your option) any later version.\r
 *\r
 * This program is distributed in the hope that it will be useful,\r
 * but WITHOUT ANY WARRANTY; without even the implied warranty of\r
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU\r
 * Lesser General Public License for more details.\r
 *\r
 * You should have received a copy of the GNU Lesser General Public\r
 * License along with this library; if not, write to the Free Software\r
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA\r
 * 02110-1301 USA\r
 *\r
 **********************************************************************\r
 *\r
 * Distributed under the Boost Software Licence, Version 1.0\r
 * http://www.boost.org/LICENSE_1_0.txt\r
 *\r
 **********************************************************************/\r
\r
#ifndef __SSLPROXY_H__\r
#define __SSLPROXY_H__\r
\r
#include <boost/asio.hpp>\r
#include <boost/asio/ssl.hpp>\r
\r
#include "logger_wrapper.h"\r
#include "parameter_wrapper.h"\r
\r
//! SSLproxy parameter default value.\r
#define DEFAULT_NUM_THREAD              10\r
#define DEFAULT_TIMEOUT_SEC             30\r
#define DEFAULT_CA_DIR                  "/etc/l7vs/sslproxy/"\r
#define DEFAULT_CERT_CHAIN_DIR          "/etc/l7vs/sslproxy/"\r
#define DEFAULT_PRIVATE_KEY_DIR         "/etc/l7vs/sslproxy/"\r
#define DEFAULT_PRIVATE_KEY_FILETYPE    boost::asio::ssl::context::pem  //! SSL_FILETYPE_PEM\r
#define DEFAULT_PRIVATE_KEY_PASSWD_FROM "console"\r
#define DEFAULT_PRIVATE_KEY_PASSWD_DIR  "/etc/l7vs/sslproxy/"\r
#define DEFAULT_VERIFY_OPTIONS          (SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT)\r
#define DEFAULT_VERIFY_CERT_DEPTH       9\r
#define DEFAULT_SSL_OPTIONS             (SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE)\r
#define DEFAULT_TMP_DH_DIR              "/etc/l7vs/sslproxy/"\r
#define DEFAULT_CIPHER_LIST             "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"\r
#define DEFAULT_CONN_LOG_FLAG           "on"\r
\r
#define DEFAULT_SSL_METHOD              boost::asio::ssl::context::sslv23       //! SSLv23_method\r
#define MAX_PASSWD_SIZE                 256\r
#define MAX_BUFFER_SIZE                 4096\r
#define MAX_TARGET_ID_SIZE              256\r
#define TARGET_ID_CHECK_STRING          "/bin/ps -C sslproxy -o args --no-headers | /bin/cut -d\" \" -f2"\r
\r
//! SSLproxy session cache parameter default value.\r
#define DEFAULT_SESSION_CACHE_MODE      SSL_SESS_CACHE_SERVER                   //! "on"\r
#define DEFAULT_SESSION_CACHE_SIZE      SSL_SESSION_CACHE_MAX_SIZE_DEFAULT      //! 20480\r
#define DEFAULT_SESSION_CACHE_TIMEOUT   300\r
\r
//! Target_id.\r
extern std::string target_id;\r
\r
//! SSLproxy parameters.\r
extern std::string recv_endpoint;\r
extern std::string target_endpoint;\r
extern int num_thread;\r
extern int timeout_sec;\r
extern std::string ca_dir;\r
extern std::string ca_file;\r
extern std::string cert_chain_dir;\r
extern std::string cert_chain_file;\r
extern std::string private_key_dir;\r
extern std::string private_key_file;\r
extern boost::asio::ssl::context::file_format private_key_filetype;\r
extern std::string private_key_passwd_from;\r
extern std::string private_key_passwd_dir;\r
extern std::string private_key_passwd_file;\r
extern int verify_options;\r
extern int verify_cert_depth;\r
extern long int ssl_options;\r
extern bool tmp_dh_use;\r
extern std::string tmp_dh_dir;\r
extern std::string tmp_dh_file;\r
extern std::string cipher_list;\r
extern long session_cache_mode;\r
extern long session_cache_size;\r
extern long session_cache_timeout;\r
extern std::string conn_log_flag;\r
\r
#endif //__SSLPROXY_H__\r