MongoDB  2.7.0
ssl_options.h
1 /* Copyright 2013 10gen Inc.
2  *
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #pragma once
17 
18 #include "mongo/base/status.h"
19 #include "mongo/client/export_macros.h"
20 #include "mongo/util/net/ssl_manager.h"
21 
22 namespace mongo {
23 
24  namespace optionenvironment {
25  class OptionSection;
26  class Environment;
27  } // namespace optionenvironment
28 
29  namespace moe = mongo::optionenvironment;
30 
31  struct MONGO_CLIENT_API SSLGlobalParams {
32  AtomicInt32 sslMode; // --sslMode - the SSL operation mode, see enum SSLModes
33  bool sslOnNormalPorts; // --sslOnNormalPorts (deprecated)
34  std::string sslPEMKeyFile; // --sslPEMKeyFile
35  std::string sslPEMKeyPassword; // --sslPEMKeyPassword
36  std::string sslClusterFile; // --sslInternalKeyFile
37  std::string sslClusterPassword; // --sslInternalKeyPassword
38  std::string sslCAFile; // --sslCAFile
39  std::string sslCRLFile; // --sslCRLFile
40  bool sslWeakCertificateValidation; // --sslWeakCertificateValidation
41  bool sslFIPSMode; // --sslFIPSMode
42  bool sslAllowInvalidCertificates; // --sslIgnoreCertificateValidation
43 
44  SSLGlobalParams() {
45  sslMode.store(SSLMode_disabled);
46  }
47 
48  enum SSLModes {
53 
58 
63 
67  SSLMode_requireSSL
68  };
69  };
70 
71  extern MONGO_CLIENT_API SSLGlobalParams sslGlobalParams;
72 
73  Status addSSLServerOptions(moe::OptionSection* options);
74 
75  Status addSSLClientOptions(moe::OptionSection* options);
76 
77  Status storeSSLServerOptions(const moe::Environment& params);
78 
84 
85  Status storeSSLClientOptions(const moe::Environment& params);
86 }
Make unencrypted outgoing connections and accept both unencrypted and SSL-connections.
Definition: ssl_options.h:57
Definition: ssl_options.h:31
Status canonicalizeSSLServerOptions(moe::Environment *params)
Canonicalize SSL options for the given environment that have different representations with the same ...
Definition: ssl_options.cpp:99
A container for OptionDescription instances as well as other OptionSection instances.
Definition: option_section.h:67
Make outgoing SSL-connections and accept both unecrypted and SSL-connections.
Definition: ssl_options.h:62
SSLModes
Definition: ssl_options.h:48
Make unencrypted outgoing connections and do not accept incoming SSL-connections. ...
Definition: ssl_options.h:52
An Environment is a map of values that can be validated according to a set of registered constraints...
Definition: environment.h:98