hitch  1.5.2
About: Hitch is a libev-based high performance SSL/TLS proxy that terminates TLS/SSL connections and forwards the unencrypted traffic to some backend.
  Fossies Dox: hitch-1.5.2.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

configuration.h
Go to the documentation of this file.
1 
8 #ifndef CONFIGURATION_H_INCLUDED
9 #define CONFIGURATION_H_INCLUDED
10 
11 #include <sys/types.h>
12 #include <openssl/ssl.h>
13 
14 #include "foreign/uthash.h"
15 
16 /* This macro disables NPN even in openssl/ssl.h */
17 #ifdef OPENSSL_NO_NEXTPROTONEG
18 # undef OPENSSL_WITH_NPN
19 #endif
20 
21 #ifdef OPENSSL_WITH_ALPN
22 # define ALPN_NPN_PREFIX_STR "{alpn}"
23 #else
24 # ifdef OPENSSL_WITH_NPN
25 # define ALPN_NPN_PREFIX_STR "{npn}"
26 # endif
27 #endif
28 
29 #ifdef USE_SHARED_CACHE
30 # include "shctx.h"
31 # ifndef MAX_SHCUPD_PEERS
32 # define MAX_SHCUPD_PEERS 15
33 # endif
34 typedef struct shcupd_peer_opt {
35  char *ip;
36  char *port;
37 } shcupd_peer_opt;
38 #endif
39 
40 typedef enum {
41  SSLv3_PROTO = 0x01,
42  TLSv1_0_PROTO = 0x02,
43  TLSv1_1_PROTO = 0x04,
44  TLSv1_2_PROTO = 0x08,
46 } TLS_PROTOCOL;
47 
48 #define DEFAULT_TLS_PROTOS (TLSv1_2_PROTO | TLSv1_3_PROTO)
49 #define TLS_OPTION_PROTOS \
50  (TLSv1_0_PROTO | TLSv1_1_PROTO | DEFAULT_TLS_PROTOS)
51 #define SSL_OPTION_PROTOS (SSLv3_PROTO | TLS_OPTION_PROTOS)
52 
53 typedef enum {
56 } PROXY_MODE;
57 
58 struct cfg_cert_file {
59  unsigned magic;
60 #define CFG_CERT_FILE_MAGIC 0x58c280d2
61  char *filename;
63  char *ocspfn;
64  double ocsp_mtim;
65  int mark;
66  int ocsp_vfy;
67  double mtim;
69 };
70 
71 struct front_arg {
72  unsigned magic;
73 #define FRONT_ARG_MAGIC 0x07a16cb5
74  char *ip;
75  char *port;
77  char *pspec;
81  char *ciphers;
83  int mark;
85 };
86 
87 /* configuration structure */
95  unsigned PROXY_TLV;
96  unsigned PROXY_AUTHORITY;
97  char *ALPN_PROTOS;
98  unsigned char *ALPN_PROTOS_LV;
100  char *CHROOT;
101  int UID;
102  int GID;
105  char *BACK_IP;
106  char *BACK_PORT;
107  char *BACK_PATH;
108  long NCORES;
112  char *ENGINE;
113  int BACKLOG;
114 #ifdef USE_SHARED_CACHE
115  int SHARED_CACHE;
116  char *SHCUPD_IP;
117  char *SHCUPD_PORT;
118  shcupd_peer_opt SHCUPD_PEERS[MAX_SHCUPD_PEERS+1];
119  char *SHCUPD_MCASTIF;
120  char *SHCUPD_MCASTTTL;
121 #endif
123  int SYSLOG;
136  char *PIDFILE;
138  int TEST;
139  char *PEM_DIR;
141  int OCSP_VFY;
142  char *OCSP_DIR;
146 #ifdef TCP_FASTOPEN_WORKS
147  int TFO;
148 #endif
149 };
150 
152 
153 const char * config_error_get (void);
154 hitch_config * config_new (void);
155 void config_destroy (hitch_config *cfg);
156 int config_parse_cli(int argc, char **argv, hitch_config *cfg);
157 
158 #endif /* CONFIGURATION_H_INCLUDED */
front_arg::match_global_certs
int match_global_certs
Definition: configuration.h:78
__hitch_config::ALPN_PROTOS
char * ALPN_PROTOS
Definition: configuration.h:97
shctx.h
TLSv1_0_PROTO
@ TLSv1_0_PROTO
Definition: configuration.h:42
__hitch_config::GID
int GID
Definition: configuration.h:102
__hitch_config::LOG_FILENAME
char * LOG_FILENAME
Definition: configuration.h:133
__hitch_config::BACK_PATH
char * BACK_PATH
Definition: configuration.h:107
__hitch_config::PMODE
PROXY_MODE PMODE
Definition: configuration.h:89
cfg_cert_file::filename
char * filename
Definition: configuration.h:61
__hitch_config
Definition: configuration.h:88
SSLv3_PROTO
@ SSLv3_PROTO
Definition: configuration.h:41
front_arg::ciphers
char * ciphers
Definition: configuration.h:81
__hitch_config::PROXY_AUTHORITY
unsigned PROXY_AUTHORITY
Definition: configuration.h:96
front_arg::prefer_server_ciphers
int prefer_server_ciphers
Definition: configuration.h:80
__hitch_config::PEM_DIR
char * PEM_DIR
Definition: configuration.h:139
cfg_cert_file::mtim
double mtim
Definition: configuration.h:67
cfg_cert_file::ocsp_vfy
int ocsp_vfy
Definition: configuration.h:66
__hitch_config::CIPHER_SUITE
char * CIPHER_SUITE
Definition: configuration.h:111
config_destroy
void config_destroy(hitch_config *cfg)
Definition: configuration.c:267
__hitch_config::OCSP_CONN_TMO
double OCSP_CONN_TMO
Definition: configuration.h:144
__hitch_config::WRITE_IP_OCTET
int WRITE_IP_OCTET
Definition: configuration.h:91
TLSv1_2_PROTO
@ TLSv1_2_PROTO
Definition: configuration.h:44
__hitch_config::TEST
int TEST
Definition: configuration.h:138
__hitch_config::CERT_DEFAULT
struct cfg_cert_file * CERT_DEFAULT
Definition: configuration.h:110
front_arg
Definition: configuration.h:71
__hitch_config::RING_DATA_LEN
int RING_DATA_LEN
Definition: configuration.h:135
__hitch_config::OCSP_REFRESH_INTERVAL
int OCSP_REFRESH_INTERVAL
Definition: configuration.h:145
__hitch_config::SYSLOG_FACILITY
int SYSLOG_FACILITY
Definition: configuration.h:124
TLSv1_1_PROTO
@ TLSv1_1_PROTO
Definition: configuration.h:43
__hitch_config::PIDFILE
char * PIDFILE
Definition: configuration.h:136
__hitch_config::ENGINE
char * ENGINE
Definition: configuration.h:112
front_arg::certs
struct cfg_cert_file * certs
Definition: configuration.h:76
__hitch_config::LISTEN_ARGS
struct front_arg * LISTEN_ARGS
Definition: configuration.h:103
__hitch_config::BACKLOG
int BACKLOG
Definition: configuration.h:113
PROXY_MODE
PROXY_MODE
Definition: configuration.h:53
config_new
hitch_config * config_new(void)
Definition: configuration.c:175
cfg_cert_file::ocspfn
char * ocspfn
Definition: configuration.h:63
__hitch_config::OCSP_RESP_TMO
double OCSP_RESP_TMO
Definition: configuration.h:143
__hitch_config::SNI_NOMATCH_ABORT
int SNI_NOMATCH_ABORT
Definition: configuration.h:137
__hitch_config::OCSP_DIR
char * OCSP_DIR
Definition: configuration.h:142
TLS_PROTOCOL
TLS_PROTOCOL
Definition: configuration.h:40
front_arg::mark
int mark
Definition: configuration.h:83
__hitch_config::UID
int UID
Definition: configuration.h:101
cfg_cert_file::magic
unsigned magic
Definition: configuration.h:59
__hitch_config::PROXY_TLV
unsigned PROXY_TLV
Definition: configuration.h:95
cfg_cert_file::hh
UT_hash_handle hh
Definition: configuration.h:68
__hitch_config::DAEMONIZE
int DAEMONIZE
Definition: configuration.h:127
SSL_SERVER
@ SSL_SERVER
Definition: configuration.h:54
__hitch_config::SYSLOG
int SYSLOG
Definition: configuration.h:123
__hitch_config::PEM_DIR_GLOB
char * PEM_DIR_GLOB
Definition: configuration.h:140
__hitch_config::WRITE_PROXY_LINE_V2
int WRITE_PROXY_LINE_V2
Definition: configuration.h:93
__hitch_config::BACK_PORT
char * BACK_PORT
Definition: configuration.h:106
__hitch_config::SSL_HANDSHAKE_TIMEOUT
int SSL_HANDSHAKE_TIMEOUT
Definition: configuration.h:130
__hitch_config::LOG_LEVEL
int LOG_LEVEL
Definition: configuration.h:122
front_arg::pspec
char * pspec
Definition: configuration.h:77
__hitch_config::SELECTED_TLS_PROTOS
int SELECTED_TLS_PROTOS
Definition: configuration.h:90
SSL_CLIENT
@ SSL_CLIENT
Definition: configuration.h:55
config_parse_cli
int config_parse_cli(int argc, char **argv, hitch_config *cfg)
Definition: configuration.c:1383
front_arg::port
char * port
Definition: configuration.h:75
__hitch_config::PROXY_PROXY_LINE
int PROXY_PROXY_LINE
Definition: configuration.h:94
UT_hash_handle
Definition: uthash.h:952
__hitch_config::NCORES
long NCORES
Definition: configuration.h:108
__hitch_config::BACKEND_CONNECT_TIMEOUT
int BACKEND_CONNECT_TIMEOUT
Definition: configuration.h:129
__hitch_config::WRITE_PROXY_LINE_V1
int WRITE_PROXY_LINE_V1
Definition: configuration.h:92
__hitch_config::LISTEN_DEFAULT
struct front_arg * LISTEN_DEFAULT
Definition: configuration.h:104
__hitch_config::SEND_BUFSIZE
int SEND_BUFSIZE
Definition: configuration.h:132
cfg_cert_file::priv_key_filename
char * priv_key_filename
Definition: configuration.h:62
front_arg::ip
char * ip
Definition: configuration.h:74
front_arg::magic
unsigned magic
Definition: configuration.h:72
cfg_cert_file::mark
int mark
Definition: configuration.h:65
__hitch_config::OCSP_VFY
int OCSP_VFY
Definition: configuration.h:141
cfg_cert_file::ocsp_mtim
double ocsp_mtim
Definition: configuration.h:64
__hitch_config::ALPN_PROTOS_LV_LEN
unsigned ALPN_PROTOS_LV_LEN
Definition: configuration.h:99
front_arg::sni_nomatch_abort
int sni_nomatch_abort
Definition: configuration.h:79
__hitch_config::ALPN_PROTOS_LV
unsigned char * ALPN_PROTOS_LV
Definition: configuration.h:98
__hitch_config::TCP_KEEPALIVE_TIME
int TCP_KEEPALIVE_TIME
Definition: configuration.h:125
uthash.h
__hitch_config::RECV_BUFSIZE
int RECV_BUFSIZE
Definition: configuration.h:131
config_error_get
const char * config_error_get(void)
Definition: configuration.c:136
__hitch_config::BACKEND_REFRESH_TIME
int BACKEND_REFRESH_TIME
Definition: configuration.h:126
__hitch_config::CHROOT
char * CHROOT
Definition: configuration.h:100
__hitch_config::PREFER_SERVER_CIPHERS
int PREFER_SERVER_CIPHERS
Definition: configuration.h:128
__hitch_config::RING_SLOTS
int RING_SLOTS
Definition: configuration.h:134
cfg_cert_file
Definition: configuration.h:58
__hitch_config::CERT_FILES
struct cfg_cert_file * CERT_FILES
Definition: configuration.h:109
__hitch_config::BACK_IP
char * BACK_IP
Definition: configuration.h:105
TLSv1_3_PROTO
@ TLSv1_3_PROTO
Definition: configuration.h:45
front_arg::hh
UT_hash_handle hh
Definition: configuration.h:84
front_arg::selected_protos
int selected_protos
Definition: configuration.h:82