* Version $Id$
*/
/*
- Copyright (C) 2000, 2001, 2002 Kern Sibbald and John Walker
+ Copyright (C) 2000-2005 Kern Sibbald
This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License as
- published by the Free Software Foundation; either version 2 of
- the License, or (at your option) any later version.
+ modify it under the terms of the GNU General Public License
+ version 2 as amended with additional clauses defined in the
+ file LICENSE in the main source directory.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
-
- You should have received a copy of the GNU General Public
- License along with this program; if not, write to the Free
- Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
- MA 02111-1307, USA.
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ the file LICENSE for additional details.
*/
/*
- * Resource codes -- they must be sequential for indexing
+ * Resource codes -- they must be sequential for indexing
*/
#define R_FIRST 1001
RES hdr;
char *password; /* Director password */
char *address; /* Director address or zero */
- int enable_ssl; /* Use SSL for this Director */
+ int monitor; /* Have only access to status and .status functions */
+ int tls_enable; /* Enable TLS */
+ int tls_require; /* Require TLS */
+ int tls_verify_peer; /* TLS Verify Client Certificate */
+ char *tls_ca_certfile; /* TLS CA Certificate File */
+ char *tls_ca_certdir; /* TLS CA Certificate Directory */
+ char *tls_certfile; /* TLS Server Certificate File */
+ char *tls_keyfile; /* TLS Server Key File */
+ char *tls_dhfile; /* TLS Diffie-Hellman Parameters */
+ alist *tls_allowed_cns; /* TLS Allowed Clients */
+
+ TLS_CONTEXT *tls_ctx; /* Shared TLS Context */
};
struct CLIENT {
RES hdr;
- int FDport; /* where we listen for Directors */
- char *FDaddr; /* bind address */
+ dlist *FDaddrs;
char *working_directory;
char *pid_directory;
char *subsys_directory;
- int require_ssl; /* Require SSL on all connections */
+ char *scripts_directory;
MSGS *messages; /* daemon message handler */
int MaxConcurrentJobs;
utime_t heartbeat_interval; /* Interval to send heartbeats to Dir */
+ utime_t SDConnectTimeout; /* timeout in seconds */
+ uint32_t max_network_buffer_size; /* max network buf size */
+ int pki_sign; /* Enable Data Integrity Verification via Digital Signatures */
+ int pki_encrypt; /* Enable Data Encryption */
+ char *pki_keypair_file; /* PKI Key Pair File */
+ alist *pki_signing_key_files; /* PKI Signing Key Files */
+ alist *pki_master_key_files; /* PKI Master Key Files */
+ int tls_enable; /* Enable TLS */
+ int tls_require; /* Require TLS */
+ char *tls_ca_certfile; /* TLS CA Certificate File */
+ char *tls_ca_certdir; /* TLS CA Certificate Directory */
+ char *tls_certfile; /* TLS Client Certificate File */
+ char *tls_keyfile; /* TLS Client Key File */
+
+ X509_KEYPAIR *pki_keypair; /* Shared PKI Public/Private Keypair */
+ alist *pki_signers; /* Shared PKI Trusted Signers */
+ alist *pki_recipients; /* Shared PKI Recipients */
+ TLS_CONTEXT *tls_ctx; /* Shared TLS Context */
};
MSGS res_msgs;
RES hdr;
};
-