/* * Copyright (c) Meta Platforms, Inc. and affiliates. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #pragma once #include <folly/container/Array.h> #include <folly/io/async/SSLContext.h> namespace folly { namespace ssl { namespace ssl_options_detail { void logDfatal(std::exception const&); } // namespace ssl_options_detail struct SSLOptionsCompatibility { … }; /** * SSLServerOptionsCompatibility contains algorithms that are not recommended * for modern servers, but are included to maintain comaptibility with * very old clients. */ struct SSLServerOptionsCompatibility { … }; /** * SSLOptions2021 contains options that any new client or server from 2021 * onwards should be using. * * It contains: * * AEAD only ciphers with ephemeral key exchanges. (No support for RSA key * encapsulation) * * Signature algorithms that do not include insecure digests (such as SHA1) * **/ struct SSLOptions2021 { … }; SSLCommonOptions; SSLServerOptions; /** * Set the cipher suite of ctx to that in TSSLOptions, and print any runtime * error it catches. * @param ctx The SSLContext to apply the desired SSL options to. */ template <typename TSSLOptions> void setCipherSuites(SSLContext& ctx) { … } /** * Set the groups of ctx to that in TSSLOptions, and print any runtime * error it catches. * @param ctx The SSLContext to apply the desired groups to. */ template <typename TSSLOptions> void setGroups(SSLContext& ctx) { … } /** * Set the cipher suite of ctx to the passed in cipherList, * and print any runtime error it catches. * @param ctx The SSLContext to apply the desired SSL options to. * @param cipherList the list of ciphersuites to set */ template <typename Container> void setCipherSuites(SSLContext& ctx, const Container& cipherList) { … } /** * Set the signature algorithm list of ctx to that in TSSLOptions, and print * any runtime errors it catche. * @param ctx The SSLContext to apply the desired SSL options to. */ template <typename TSSLOptions> void setSignatureAlgorithms(SSLContext& ctx) { … } } // namespace ssl } // namespace folly
Codebase Browser
folly