* Version $Id$
*/
/*
- Copyright (C) 2000, 2001, 2002 Kern Sibbald and John Walker
+ Copyright (C) 2000-2005 Kern Sibbald
This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License as
- published by the Free Software Foundation; either version 2 of
- the License, or (at your option) any later version.
+ modify it under the terms of the GNU General Public License
+ version 2 as amended with additional clauses defined in the
+ file LICENSE in the main source directory.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public
- License along with this program; if not, write to the Free
- Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- MA 02111-1307, USA.
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ the file LICENSE for additional details.
*/
char *password; /* Director password */
char *address; /* Director address or zero */
int monitor; /* Have only access to status and .status functions */
-#ifdef HAVE_TLS
int tls_enable; /* Enable TLS */
- int tls_require; /* Require TLS */
+ int tls_require; /* Require TLS */
int tls_verify_peer; /* TLS Verify Client Certificate */
char *tls_ca_certfile; /* TLS CA Certificate File */
char *tls_ca_certdir; /* TLS CA Certificate Directory */
alist *tls_allowed_cns; /* TLS Allowed Clients */
TLS_CONTEXT *tls_ctx; /* Shared TLS Context */
-#endif /* HAVE_TLS */
};
struct CLIENT {
utime_t heartbeat_interval; /* Interval to send heartbeats to Dir */
utime_t SDConnectTimeout; /* timeout in seconds */
uint32_t max_network_buffer_size; /* max network buf size */
-#ifdef HAVE_TLS
+ int pki_sign; /* Enable Data Integrity Verification via Digital Signatures */
+ int pki_encrypt; /* Enable Data Encryption */
+ char *pki_keypair_file; /* PKI Key Pair File */
+ alist *pki_signing_key_files; /* PKI Signing Key Files */
+ alist *pki_master_key_files; /* PKI Master Key Files */
int tls_enable; /* Enable TLS */
- int tls_require; /* Require TLS */
+ int tls_require; /* Require TLS */
char *tls_ca_certfile; /* TLS CA Certificate File */
char *tls_ca_certdir; /* TLS CA Certificate Directory */
char *tls_certfile; /* TLS Client Certificate File */
char *tls_keyfile; /* TLS Client Key File */
+ X509_KEYPAIR *pki_keypair; /* Shared PKI Public/Private Keypair */
+ alist *pki_signers; /* Shared PKI Trusted Signers */
+ alist *pki_recipients; /* Shared PKI Recipients */
TLS_CONTEXT *tls_ctx; /* Shared TLS Context */
-#endif /* HAVE_TLS */
};